- Note that kernel options are required
- Shift parameters around in SYNOPSIS to make it more clear that there are
different modes
- For all literal symbols such as 'process' or 'loginclass' or 'wallclock',
etc, make them into bold symbols with .Sy
- For each subject:subject-id:etc: use .Em to underline to make it more clear
they relate to the rule syntax
- Document how devd(8) support works
- Move RSS warning to BUGS and replace RSS with 'memoryuse' since 'RSS' is not
defined in the manpage
- Add more examples around listing existing rules
- Make rule syntax into a list to improve readability
- Add a list of subjects and their corresponding subject-id same as
RESOURCES/ACTIONS have lists
- Note that rctl(8) takes affect on all current and future processes
- Note that amount can take human numbers
- Add reference to login.conf(5) in few places login class is mentioned
Reviewed by: trasz
Approved by: bapt (mentor)
MFC after: 1 week
Attempt to demote the superpage if trying to pmap_enter() on
one. Panic only when the particular superpage should
no longer exist for that pmap and address.
Because pmap_enter_locked() is called from few different functions
some redundancy in superpage promotion attempts can be observed.
Hence, avoid promotion in pmap_enter_object() (if the object can
be mapped by superpage it will be handled by pmap_enter_object()
itself) and also do not waste time in pmap_enter_quick().
From now on the promotion will be performed only in pmap_enter().
It was possible to create RW superpage mapping even if
the base pages were RO due to wrong setting of the prot
flag passed to pmap_map_section().
Promotion attempt should be canceled in case of attributes
mismatch between any two base pages. Since we still use
pv_flags to maintain permission to write (PVF_WRITE) and
wired status (PVF_WIRED) for a page, it is also necessary
to take those variables into account.
Invalidate L1 PTE regardles of existance of the corresponding
l2_bucket. This is relevant when superpage is entered via
pmap_enter_object() and will fix crash on entering page
in place of not properly removed superpage.
- netmap pipes, providing bidirectional blocking I/O while moving
100+ Mpps between processes using shared memory channels
(no mistake: over one hundred million. But mind you, i said
*moving* not *processing*);
- kqueue support (BHyVe needs it);
- improved user library. Just the interface name lets you select a NIC,
host port, VALE switch port, netmap pipe, and individual queues.
The upcoming netmap-enabled libpcap will use this feature.
- optional extra buffers associated to netmap ports, for applications
that need to buffer data yet don't want to make copies.
- segmentation offloading for the VALE switch, useful between VMs.
and a number of bug fixes and performance improvements.
My colleagues Giuseppe Lettieri and Vincenzo Maffione did a substantial
amount of work on these features so we owe them a big thanks.
There are some external repositories that can be of interest:
https://code.google.com/p/netmap
our public repository for netmap/VALE code, including
linux versions and other stuff that does not belong here,
such as python bindings.
https://code.google.com/p/netmap-libpcap
a clone of the libpcap repository with netmap support.
With this any libpcap client has access to most netmap
feature with no recompilation. E.g. tcpdump can filter
packets at 10-15 Mpps.
https://code.google.com/p/netmap-ipfw
a userspace version of ipfw+dummynet which uses netmap
to send/receive packets. Speed is up in the 7-10 Mpps
range per core for simple rulesets.
Both netmap-libpcap and netmap-ipfw will be merged upstream at some
point, but while this happens it is useful to have access to them.
And yes, this code will be merged soon. It is infinitely better
than the version currently in 10 and 9.
MFC after: 3 days
This is done by representing each bus as root PCI device in ACPI. The device
implements the _BBN method to return the PCI bus number to the guest OS.
Each PCI bus keeps track of the resources that is decodes for devices
configured on the bus: i/o, mmio (32-bit) and mmio (64-bit). These windows
are advertised to the guest via the _CRS object of the root device.
Bus 0 is treated specially since it consumes the I/O ports to access the
PCI config space [0xcf8-0xcff]. It also decodes the legacy I/O ports that
are consumed by devices on the LPC bus. For this reason the LPC bridge can
be configured only on bus 0.
The bus number can be specified using the following command line option
to bhyve(8): "-s <bus>:<slot>:<func>,<emul>[,<config>]"
Discussed with: grehan@
Reviewed by: jhb@
patch supplied by Allan Jude <freebsd@allanjude.com>. Add xref to
pam_passwdqc(8), where that testing is now done.
PR: docs/184482
Submitted by: Ryan Gerstenkorn <ryan_gerstenkorn@fastmail.fm>
Reviewed by: jilles, eadler
MFC after: 3 days
Also, extend with some new events.
Additionally, tag syslog messages with 'ZFS' instead of using explicit "ZFS: "
prefix in the messages themselves.
Tested by: Daniel O'Connor <doconnor@gsoft.com.au>
MFC after: 8 days
Sponsored by: HybridCluster
Experimental version released on February 7th, 2014.
This is the first release without the code for the deprecated tools. If
you require such code, please fetch a copy of the 0.19 release and extract
the 'tools' directory for your own consumption.
* Removed the deprecated tools. This includes atf-config, atf-report,
atf-run and atf-version.
Experimental version released on February 7th, 2014.
This is the last release to bundle the code for the deprecated tools.
The next release will drop their code and will stop worrying about
backwards compatibility between the ATF libraries and what the old tools
may or may not support.
If you still require the old tools for some reason, grab a copy of the
'tools' directory now. The code in this directory is standalone and
does not depend on any internal details of atf-c++ any longer.
* Various fixes and improvements to support running as part of the FreeBSD
test suite.
* Project hosting moved from Google Code (as a subproject of Kyua) to
GitHub (as a first-class project). The main reason for the change is
the suppression of binary downloads in Google Code on Jan 15th, 2014.
See https://github.com/jmmv/atf/
* Removed builtin help from atf-sh(1) and atf-check(1) for simplicity
reasons. In other words, their -h option is gone.
* Moved the code of the deprecated tools into a 'tools' directory and
completely decoupled their code from the internals of atf-c++. The
reason for this is to painlessly allow a third-party to maintain a
copy of these tools after we delete them because upcoming changes to
atf-c++ would break the stale tools.
insert flow entry. During the route lookup the critical section is
exited. It may happen, that after route lookup we will be executed
on an other CPU that already has such flowentry. Before this change
we simply freed the flowentry and returned to ip_output() with
failure.
Actually there is nothing wrong with using previously allocated
flow entry, updating it properly. Thus, make flowentry_insert()
return the new either old fle, and make use of it.
Count reuses as "collisions" and real inserts as "inserts".
Reviewed by: adrian
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
race prone. Some just gather statistics, but some are later used in
different calculations.
A real problem was the race provoked underflow of the states_cur counter
on a rule. Once it goes below zero, it wraps to UINT32_MAX. Later this
value is used in pf_state_expires() and any state created by this rule
is immediately expired.
Thus, make fields states_cur, states_tot and src_nodes of struct
pf_rule be counter(9)s.
Thanks to Dennis for providing me shell access to problematic box and
his help with reproducing, debugging and investigating the problem.
Thanks to: Dennis Yusupoff <dyr smartspb.net>
Also reported by: dumbbell, pgj, Rambler
Sponsored by: Nginx, Inc.
The on-board NIC is an 3x3 AR9380 with 5GHz only.
* enable pci code in AR9344_BASE
* enable ath_pci and the firmware loading bits in DB120
* add in the relevant hints in DB120.hints to inform the probe/attach
code where the PCIe fixup data is for the onboard chip.
This is only relevant for a default development board. I also have a
DB120 with the on-board PCIe wifi NIC disabled and it's exposed as
a real PCIe slot (to put normal PCIe NICs in); the fixup code will need
to be disabled to make this work correctly.
Tested:
* DB120