Commit Graph

1387 Commits

Author SHA1 Message Date
Dimitry Andric
31edd45d7b In sys/contrib/ngatm/netnatm/msg/uni_ie.c, fix a few warnings from newer
versions of clang 3.2, about comparing enum uni_cause values against
integer constants which fall outside the enum range.  No functional
change.

MFC after:	3 days
2012-11-05 19:00:25 +00:00
Juli Mallett
72a4047ca7 Handle the management port on the EBT5600 and disable loopback. The XAUI
port connected to the Broadcom switch does not seem operable, but it's unclear
if that's simply due to a lack of configuration information for the switch.
The switch does not seem to present any identifying information via MDIO,
and is a BCM56512.
2012-11-01 03:45:33 +00:00
Juli Mallett
684ba62e3f Speed feature tests and initialize helper configuration that some CPUs require. 2012-10-30 06:07:30 +00:00
Juli Mallett
1f51baaa92 Use Simple Executive LED display routines, which correctly use the LED base
address passed from the bootloader, rather than using a hard-coded value.

Make FreeBSD announce itself on the LED display similar to other kernels.

Remove uses of the previous LED routines, which were under-used and only used
in drivers for what seem like debugging purposes, despite those drivers being
widely-tested.

Remove several inlines for accessing memory that duplicate other functions
which are now used instead, as they are now entirely unused.
2012-10-29 00:51:53 +00:00
Juli Mallett
cb5add636f No MII on the RSYS4GBE (AMC-7211/ATCA-7220). 2012-10-26 02:09:55 +00:00
Juli Mallett
320a9376e9 Add support for Radisys as a vendor of Octeon hardware. Add some preliminary
support for what their boot loader refers to as the "RSYS4GBE", of which there
are two instances ("Data Processing Blocks") on the Radisys ATCA-7220.
2012-10-26 00:08:50 +00:00
Jung-uk Kim
8ef1a33100 Merge ACPICA 20121018. 2012-10-23 23:49:17 +00:00
Gleb Smirnoff
40dd089521 Fix defines in r241245. We actually don't define FreeBSD.
Reported & tested by:	Oleg Ginzburg
2012-10-14 15:03:06 +00:00
Kevin Lo
9823d52705 Revert previous commit...
Pointyhat to:	kevlo (myself)
2012-10-10 08:36:38 +00:00
Kevin Lo
a10cee30c9 Prefer NULL over 0 for pointers 2012-10-09 08:27:40 +00:00
Gleb Smirnoff
21d172a3f1 A step in resolving mess with byte ordering for AF_INET. After this change:
- All packets in NETISR_IP queue are in net byte order.
  - ip_input() is entered in net byte order and converts packet
    to host byte order right _after_ processing pfil(9) hooks.
  - ip_output() is entered in host byte order and converts packet
    to net byte order right _before_ processing pfil(9) hooks.
  - ip_fragment() accepts and emits packet in net byte order.
  - ip_forward(), ip_mloopback() use host byte order (untouched actually).
  - ip_fastforward() no longer modifies packet at all (except ip_ttl).
  - Swapping of byte order there and back removed from the following modules:
    pf(4), ipfw(4), enc(4), if_bridge(4).
  - Swapping of byte order added to ipfilter(4), based on __FreeBSD_version
  - __FreeBSD_version bumped.
  - pfil(9) manual page updated.

Reviewed by:	ray, luigi, eri, melifaro
Tested by:	glebius (LE), ray (BE)
2012-10-06 10:02:11 +00:00
Max Khon
617643aaa6 Fix pseudo checksum calculation.
This fixes ipfilter w/ network controllers that implement only
partial rx csum offloading.

PR:			106438
Obtained from:		upstream
MFC after:		1 week
2012-09-27 18:15:01 +00:00
Gleb Smirnoff
486e090204 Fix panic introduced by me in r240835, when zero weight
was passed to wtab_alloc().

Reported by:	Kim Culhan <w8hdkim gmail.com>
2012-09-25 12:45:41 +00:00
Gleb Smirnoff
e9e4cb7345 Use M_NOWAIT in wtab_alloc(), too. Convert panic() to
a soft failure here. wtab_alloc() is used by red_alloc(),
which can fail.

Reported by:	Kim Culhan <w8hdkim gmail.com>
2012-09-22 18:47:14 +00:00
Pawel Jakub Dawidek
a6512306ce Fix an obvious typo. 2012-09-22 17:41:56 +00:00
Gleb Smirnoff
03fb709e1f Convert more M_WAITOK malloc() to M_NOWAIT.
Reported by:	Kim Culhan <w8hdkim gmail.com>
2012-09-22 12:49:36 +00:00
Rui Paulo
b0bf1a1836 Remove #ident macro. 2012-09-21 19:18:39 +00:00
Kevin Lo
b7e1113e8f Fix typo: s/pakcet/packet 2012-09-20 03:29:43 +00:00
Jung-uk Kim
042ff955b5 Merge ACPICA 20120913. 2012-09-19 23:25:24 +00:00
Gleb Smirnoff
32726fe911 Do more than r236298 did in the projects/pf branch: use M_NOWAIT in
altq_add() and its descendants. Currently altq(4) in FreeBSD is configured
via pf(4) ioctls, which can't configure altq(4) w/o holding locks.
Fortunately, altq(4) code in spife of using M_WAITOK is ready to receive
NULL from malloc(9), so change is mostly mechanical. While here, utilize
M_ZERO instead of bzero().

A large redesign needed to achieve M_WAITOK usage when configuring altq(4).
Or an alternative (not pf(4)) configuration interface should be implemented.

Reported by:	pluknet
2012-09-18 12:34:35 +00:00
Gleb Smirnoff
3b3a8eb937 o Create directory sys/netpfil, where all packet filters should
reside, and move there ipfw(4) and pf(4).

o Move most modified parts of pf out of contrib.

Actual movements:

sys/contrib/pf/net/*.c		-> sys/netpfil/pf/
sys/contrib/pf/net/*.h		-> sys/net/
contrib/pf/pfctl/*.c		-> sbin/pfctl
contrib/pf/pfctl/*.h		-> sbin/pfctl
contrib/pf/pfctl/pfctl.8	-> sbin/pfctl
contrib/pf/pfctl/*.4		-> share/man/man4
contrib/pf/pfctl/*.5		-> share/man/man5

sys/netinet/ipfw		-> sys/netpfil/ipfw

The arguable movement is pf/net/*.h -> sys/net. There are
future plans to refactor pf includes, so I decided not to
break things twice.

Not modified bits of pf left in contrib: authpf, ftp-proxy,
tftp-proxy, pflogd.

The ipfw(4) movement is planned to be merged to stable/9,
to make head and stable match.

Discussed with:		bz, luigi
2012-09-14 11:51:49 +00:00
Gleb Smirnoff
d6d3f01e0a Merge the projects/pf/head branch, that was worked on for last six months,
into head. The most significant achievements in the new code:

 o Fine grained locking, thus much better performance.
 o Fixes to many problems in pf, that were specific to FreeBSD port.

New code doesn't have that many ifdefs and much less OpenBSDisms, thus
is more attractive to our developers.

  Those interested in details, can browse through SVN log of the
projects/pf/head branch. And for reference, here is exact list of
revisions merged:

r232043, r232044, r232062, r232148, r232149, r232150, r232298, r232330,
r232332, r232340, r232386, r232390, r232391, r232605, r232655, r232656,
r232661, r232662, r232663, r232664, r232673, r232691, r233309, r233782,
r233829, r233830, r233834, r233835, r233836, r233865, r233866, r233868,
r233873, r234056, r234096, r234100, r234108, r234175, r234187, r234223,
r234271, r234272, r234282, r234307, r234309, r234382, r234384, r234456,
r234486, r234606, r234640, r234641, r234642, r234644, r234651, r235505,
r235506, r235535, r235605, r235606, r235826, r235991, r235993, r236168,
r236173, r236179, r236180, r236181, r236186, r236223, r236227, r236230,
r236252, r236254, r236298, r236299, r236300, r236301, r236397, r236398,
r236399, r236499, r236512, r236513, r236525, r236526, r236545, r236548,
r236553, r236554, r236556, r236557, r236561, r236570, r236630, r236672,
r236673, r236679, r236706, r236710, r236718, r237154, r237155, r237169,
r237314, r237363, r237364, r237368, r237369, r237376, r237440, r237442,
r237751, r237783, r237784, r237785, r237788, r237791, r238421, r238522,
r238523, r238524, r238525, r239173, r239186, r239644, r239652, r239661,
r239773, r240125, r240130, r240131, r240136, r240186, r240196, r240212.

I'd like to thank people who participated in early testing:

Tested by:	Florian Smeets <flo freebsd.org>
Tested by:	Chekaluk Vitaly <artemrts ukr.net>
Tested by:	Ben Wilber <ben desync.com>
Tested by:	Ian FREISLICH <ianf cloudseed.co.za>
2012-09-08 06:41:54 +00:00
Jung-uk Kim
1df130f1d4 Merge ACPICA 20120816. 2012-08-16 20:54:52 +00:00
Warner Losh
52baf267be Update to latest git version of dtc to get new dtsv2 support,
including the include directive.

Fix minor build issue corrected by converting yypush_buffer_state and
yypop_buffer_state to yy_set_buffer_state and a hard-coded 100-deep
stack.  It was easier to fix it here than to import that support into
our flex.

The new tools and test hardness remain unsupported at the moment.
2012-07-24 16:29:33 +00:00
Gleb Smirnoff
6aef0416fb Use M_NOWAIT while holding the pf giant lock. 2012-07-15 19:10:00 +00:00
Jung-uk Kim
e8241eabbb Merge ACPICA 20120711. 2012-07-11 23:18:35 +00:00
Jung-uk Kim
3e2c973410 MFV: r237650
Do not malloc(9) while holding a spin lock, to avoid panic.

Reported by:	kib (and many others)
Tested by:	kib (and many others)
2012-06-27 16:15:13 +00:00
Bernhard Schmidt
2289f9b47e Add new firmware for the g2a (6205) and g2b (623x) devices.
MFC after:	3 days
2012-06-27 16:14:28 +00:00
Jung-uk Kim
f38b0f210c Merge ACPICA 20120620. 2012-06-22 00:40:44 +00:00
Navdeep Parhar
09fe63205c - Updated TOE support in the kernel.
- Stateful TCP offload drivers for Terminator 3 and 4 (T3 and T4) ASICs.
  These are available as t3_tom and t4_tom modules that augment cxgb(4)
  and cxgbe(4) respectively.  The cxgb/cxgbe drivers continue to work as
  usual with or without these extra features.

- iWARP driver for Terminator 3 ASIC (kernel verbs).  T4 iWARP in the
  works and will follow soon.

Build-tested with make universe.

30s overview
============
What interfaces support TCP offload?  Look for TOE4 and/or TOE6 in the
capabilities of an interface:
# ifconfig -m | grep TOE

Enable/disable TCP offload on an interface (just like any other ifnet
capability):
# ifconfig cxgbe0 toe
# ifconfig cxgbe0 -toe

Which connections are offloaded?  Look for toe4 and/or toe6 in the
output of netstat and sockstat:
# netstat -np tcp | grep toe
# sockstat -46c | grep toe

Reviewed by:	bz, gnn
Sponsored by:	Chelsio communications.
MFC after:	~3 months (after 9.1, and after ensuring MFC is feasible)
2012-06-19 07:34:13 +00:00
Gleb Smirnoff
40874f18de Merge revision 1.715 from OpenBSD:
date: 2010/12/24 20:12:56;  author: henning;  state: Exp;  lines: +3 -3
  in pf_src_connlimit, the indices to sk->addr were swapped.
  tracked down and diff sent by Robert B Mills <rbmills at sdf.lonestar.org>
  thanks, very good work! ok claudio

Impact is that the "flush" keyword didn't work.

Obtained from:	OpenBSD
MFC after:	1 week
2012-06-06 09:36:52 +00:00
Ermal Luçi
0ad5ef9c8f Correct table counter functionality to not panic.
This was caused by not proper initialization of necessary parameters.

PR: 168200
Reviewed by:	bz@, glebius@
MFC after:	1 week
2012-05-31 20:10:05 +00:00
Jung-uk Kim
a7a3b383f2 Merge ACPICA 20120518. 2012-05-24 23:12:30 +00:00
Alexander V. Chernikov
bdf942c3f0 Revert r234834 per luigi@ request.
Cleaner solution (e.g. adding another header) should be done here.

Original log:
  Move several enums and structures required for L2 filtering from ip_fw_private.h to ip_fw.h.
  Remove ipfw/ip_fw_private.h header from non-ipfw code.

Requested by:      luigi
Approved by:       kib(mentor)
2012-05-03 08:56:43 +00:00
Alexander V. Chernikov
7bd5e9b143 Move several enums and structures required for L2 filtering from ip_fw_private.h to ip_fw.h.
Remove ipfw/ip_fw_private.h header from non-ipfw code.

Approved by:        ae(mentor)
MFC after:          2 weeks
2012-04-30 10:22:23 +00:00
Jung-uk Kim
eef1b955be Merge ACPICA 20120420. 2012-04-23 23:05:14 +00:00
Dimitry Andric
a511762672 Fix the following compilation warnings in sys/contrib/rdma/rdma_cma.c:
sys/contrib/rdma/rdma_cma.c:1259:8: error: case value not in enumerated type 'enum iw_cm_event_status' [-Werror,-Wswitch]
	      case ECONNRESET:
		   ^
  @/sys/errno.h:118:20: note: expanded from macro 'ECONNRESET'
  #define ECONNRESET      54              /* Connection reset by peer */
		      ^
  sys/contrib/rdma/rdma_cma.c:1263:8: error: case value not in enumerated type 'enum iw_cm_event_status' [-Werror,-Wswitch]
	      case ETIMEDOUT:
		   ^
  @/sys/errno.h:124:19: note: expanded from macro 'ETIMEDOUT'
  #define ETIMEDOUT       60              /* Operation timed out */
		      ^
  sys/contrib/rdma/rdma_cma.c:1260:8: error: case value not in enumerated type 'enum iw_cm_event_status' [-Werror,-Wswitch]
	      case ECONNREFUSED:
		   ^
  @/sys/errno.h:125:22: note: expanded from macro 'ECONNREFUSED'
  #define ECONNREFUSED    61              /* Connection refused */
		      ^

This is because the switch uses iw_cm_event::status, which is an enum
iw_cm_event_status, while ECONNRESET, ETIMEDOUT and ECONNREFUSED are
just plain defines from errno.h.

It looks like there is only one use of any of the enumeration values of
iw_cm_event_status, in:

  sys/contrib/rdma/rdma_iwcm.c: 	if (iw_event->status == IW_CM_EVENT_STATUS_ACCEPTED) {

So messing around with the enum definitions to fix the warning seems too
disruptive; the simplest fix is to cast the argument of the switch to
int.

Reviewed by:	kmacy
MFC after:	1 week
2012-04-20 21:52:57 +00:00
Andrey V. Elsukov
59894e4a44 Fix VIMAGE build. 2012-04-05 04:41:06 +00:00
Gleb Smirnoff
07b6b55dce Merge from OpenBSD:
revision 1.173
  date: 2011/11/09 12:36:03;  author: camield;  state: Exp;  lines: +11 -12
  State expire time is a baseline time ("last active") for expiry
  calculations, and does _not_ denote the time when to expire.  So
  it should never be added to (set into the future).

  Try to reconstruct it with an educated guess on state import and
  just set it to the current time on state updates.

  This fixes a problem on pfsync listeners where the expiry time
  could be double the expected value and cause a lot more states
  to linger.
2012-04-04 14:47:59 +00:00
Gleb Smirnoff
64484cf630 Since pf 4.5 import pf(4) has a mechanism to defer
forwarding a packet, that creates state, until
pfsync(4) peer acks state addition (or 10 msec
timeout passes).

This is needed for active-active CARP configurations,
which are poorly supported in FreeBSD and arguably
a good idea at all.

Unfortunately by the time of import this feature in
OpenBSD was turned on, and did not have a switch to
turn it off. This leaked to FreeBSD.

This change make it possible to turn this feature
off via ioctl() and turns it off by default.

Obtained from:	OpenBSD
2012-04-03 18:09:20 +00:00
Jung-uk Kim
3f8d720f87 MFV: r233615
Revert r233555 and apply a fix for the reference counting regressions.

Tested by:	andreast, lme, nwhitehorn,
		Sevan / Venture37 (venture37 at gmail dot com)
Submitted by:	Robert Moore (robert dot moore at intel dot com)
2012-03-28 17:21:59 +00:00
Jung-uk Kim
c708f80e7d MFV: r233551
Fix two possible memory leaks in error path.

Obtained from:	ACPICA
2012-03-27 15:27:20 +00:00
Jung-uk Kim
f19ebc89a3 MFV: r233550
Temporarily revert an upstream commit.  This change caused regressions for
too many laptop users.  Especially, automatic repair for broken _BIF caused
strange reference counting issues and kernal panics.  This reverts:

c995fed15a
2012-03-27 15:15:30 +00:00
Bernhard Schmidt
74ebfba7ca Update the firmware to version 0.236
Submitted by:	PseudoCylon
MFC after:	2 weeks
2012-03-21 19:09:52 +00:00
Jung-uk Kim
4c52cad2f9 Merge ACPICA 20120320. 2012-03-20 21:37:52 +00:00
Bernhard Schmidt
fd5c6edb78 Import the latest microcode.h which was used to generate the current
firmware files and adjust the Makefile.

Obtained from:	OpenBSD
2012-03-14 08:00:33 +00:00
Bernhard Schmidt
b1866dfea3 Update the rt2860's firmware and add a Makefile for the module. While
here remove the ucode header file which was used to generate the fw files
but by now is outdated.

Reviewed by:	ray
Obtained from:	OpenBSD
2012-03-13 21:25:25 +00:00
Juli Mallett
964fdce070 Remove some files not used by the FreeBSD kernel which have been adding quite
a bit of bloat to the kernel source tree's size.
2012-03-13 06:48:26 +00:00
Juli Mallett
b5acc0d618 Disable the Simple Executive's error decoding/reporting code. 2012-03-11 06:55:17 +00:00
Juli Mallett
9261550cf3 Do not try to use libfdt in FreeBSD. 2012-03-11 06:49:31 +00:00
Juli Mallett
57a8a8ff31 Remove files not needed by FreeBSD. 2012-03-11 06:18:38 +00:00
Juli Mallett
dc4ee6ca91 Merge the Cavium Octeon SDK 2.3.0 Simple Executive code and update FreeBSD to
make use of it where possible.

This primarily brings in support for newer hardware, and FreeBSD is not yet
able to support the abundance of IRQs on new hardware and many features in the
Ethernet driver.

Because of the changes to IRQs in the Simple Executive, we have to maintain our
own list of Octeon IRQs now, which probably can be pared-down and be specific
to the CIU interrupt unit soon, and when other interrupt mechanisms are added
they can maintain their own definitions.

Remove unmasking of interrupts from within the UART device now that the
function used is no longer present in the Simple Executive.  The unmasking
seems to have been gratuitous as this is more properly handled by the buses
above the UART device, and seems to work on that basis.
2012-03-11 06:17:49 +00:00
Gleb Smirnoff
0e2fe5f990 Merge from OpenBSD:
revision 1.146
  date: 2010/05/12 08:11:11;  author: claudio;  state: Exp;  lines: +2 -3
  bzero() the full compressed update struct before setting the values.
  This is needed because pf_state_peer_hton() skips some fields in certain
  situations which could result in garbage beeing sent to the other peer.
  This seems to fix the pfsync storms seen by stephan@ and so dlg owes me
  a whiskey.

I didn't see any storms, but this definitely fixes a useless memory
allocation on the receiving side, due to non zero scrub_flags field
in a pfsync_state_peer structure.
2012-03-08 09:20:00 +00:00
Bjoern A. Zeeb
9dba179d5e IFC @231845
Sponsored by:	Cisco Systems, Inc.
2012-02-17 00:27:48 +00:00
Jung-uk Kim
a159c266a9 Merge ACPICA 20120215. 2012-02-16 22:59:29 +00:00
Bjoern A. Zeeb
0e2181f578 Extend IPv6 routing lookups in pf(4) to use the new multi-FIB KPI.
Try to make the "rtable" handling work but the current version of
pf(4) does not fully support it yet as especially callers of
PF_MISMATCHAW() are not fully FIB-aware.  OpenBSD seems to have
fixed this in a later version.  Prepare as much as possible.

Sponsored by:	Cisco Systems, Inc.
2012-02-03 13:20:48 +00:00
Gleb Smirnoff
3a8c7fa008 Allocate our mbuf with m_get2(). 2012-01-17 12:14:26 +00:00
Ulrich Spörlein
1eb6fc2b27 Remove spurious 8bit chars, turning files into plain ASCII. 2012-01-15 13:23:54 +00:00
Christian S.J. Peron
5646ad6d27 Revert to the old behavior of allocating table/table entries using
M_NOWAIT.  Currently, the code allows for sleeping in the ioctl path
to guarantee allocation.  However code also handles ENOMEM gracefully, so
propagate this error back to user-space, rather than sleeping while
holding the global pf mutex.

Reviewed by:	glebius
Discussed with:	bz
2012-01-14 22:51:34 +00:00
Oleksandr Tymoshenko
234f7fd5a3 - Do not enumerate PCIe bus on CN56XX Pass 1 devices to avoid hard hang.
There is known issue with this hardware.

Submitted by:	Andrew Duane <aduane@juniper.net>
2012-01-13 02:33:55 +00:00
Jung-uk Kim
ec3fc72f94 Merge ACPICA 20120111. 2012-01-11 23:06:37 +00:00
Gleb Smirnoff
b4f66a1781 Redo r226660:
- Define schednetisr() to swi_sched.
 - In the swi handler check if there is some data prepared,
   and if true, then call pfsync_sendout(), however tell it
   not to schedule swi again.
 - Since now we don't obtain the pfsync lock in the swi handler,
   don't use ifqueue mutex to synchronize queue access.
2012-01-11 18:34:57 +00:00
Gleb Smirnoff
122d395f85 Fix some spacing in code under __FreeBSD__. 2012-01-11 14:24:03 +00:00
Gleb Smirnoff
c4f01d2d34 Add necessary locking in pfsync_in_ureq(). 2012-01-11 14:19:04 +00:00
Gleb Smirnoff
0744a28a79 Move PF_LOCK_ASSERT() under __FreeBSD__. 2012-01-11 14:13:42 +00:00
Gleb Smirnoff
3488c2786e Merge from OpenBSD:
revision 1.128
  date: 2009/08/16 13:01:57;  author: jsg;  state: Exp;  lines: +1 -5
  remove prototypes of a bunch of functions that had their implementations
  removed in pfsync v5.
2012-01-11 14:11:10 +00:00
Gleb Smirnoff
686cb93667 When running with INVARIANTS the mutex(9) code does all necessary
asserts for non-recursive mutexes.
2012-01-11 13:57:48 +00:00
Gleb Smirnoff
1d89f286c4 Can't pass MSIZE to m_cljget(), an mbuf can't be attached as external storage
to another mbuf.
2012-01-09 14:35:05 +00:00
Gleb Smirnoff
317ebc3d0d Backout of backout: we need SI_SUB_PROTO_DOMAIN for pfsync, since
it needs existing inetdomain on startup.
2012-01-09 12:06:02 +00:00
Gleb Smirnoff
101881ef42 Revert sub argument of MODULE_DECLARE back to r226532.
Noticed by:	bz
2012-01-09 09:19:00 +00:00
Gleb Smirnoff
151ceaa22c In FreeBSD we determine presence of pfsync(4) at run-time, not
at compile time, so define NPFSYNC to 1 always. While here, remove
unused defines.
2012-01-09 08:55:23 +00:00
Gleb Smirnoff
5c39f7bdeb Bunch of fixes to pfsync(4) module load/unload:
o Make the pfsync.ko actually usable. Before this change loading it
  didn't register protosw, so was a nop. However, a module /boot/kernel
  did confused users.
o Rewrite the way we are joining multicast group:
  - Move multicast initialization/destruction to separate functions.
  - Don't allocate memory if we aren't going to join a multicast group.
  - Use modern API for joining/leaving multicast group.
  - Now the utterly wrong pfsync_ifdetach() isn't needed.
o Move module initialization from SYSINIT(9) to moduledata_t method.
o Refuse to unload module, unless asked forcibly.
o Improve a bit some FreeBSD porting code:
  - Use separate malloc type.
  - Simplify swi sheduling.

This change is probably wrong from VIMAGE viewpoint, however pfsync
wasn't VIMAGE-correct before this change, too.

Glanced at by:	bz
2012-01-09 08:50:22 +00:00
Gleb Smirnoff
98a38f5b1d o Fix panic on module unload, that happened due to mutex being
destroyed prior to pfsync_uninit(). To do this, move all the
  initialization to the module_t method, instead of SYSINIT(9).
o Fix another panic after module unload, due to not clearing the
  m_addr_chg_pf_p pointer.
o Refuse to unload module, unless being unloaded forcibly.
o Revert the sub argument to MODULE_DECLARE, to the stable/8 value.

This change probably isn't correct from viewpoint of VIMAGE, but
the module wasn't VIMAGE-correct before the change, as well.

Glanced at by:	bz
2012-01-09 08:36:12 +00:00
Gleb Smirnoff
dabfce9a5a Merge from OpenBSD:
revision 1.170
  date: 2011/10/30 23:04:38;  author: mikeb;  state: Exp;  lines: +6 -7
  Allow setting big MTU values on the pfsync interface but not larger
  than the syncdev MTU.  Prompted by the discussion with and tested
  by Maxim Bourmistrov;  ok dlg, mpf

Consistently use sc_ifp->if_mtu in the MTU check throughout the
module. This backs out r228813.
2012-01-07 14:39:45 +00:00
Gleb Smirnoff
e883df1d1b Fix indentation. 2012-01-07 12:40:45 +00:00
Dimitry Andric
6d417c1c70 In sys/contrib/rdma/ib_addr.h, bump MAX_ADDR_LEN to 20 bytes (the same
value used in sys/ofed/include/linux/netdevice.h), so there will be no
buffer overruns in the rest of the inline functions in this file.

Reviewed by:	kmacy
MFC after:	1 week
2012-01-07 00:47:27 +00:00
Aleksandr Rybalko
e11f2b8243 Update contrib/xz-embedded to build with new GEOM_UNCOMPRESS module.
Approved by:	adrian (mentor)
2012-01-04 23:26:22 +00:00
Adrian Chadd
63dab8eed9 Initial copy of xz-embedded to sys/contrib/.
The upcoming geom_compress module (a read-only gzip/ulzma translation layer,
similar to what geom_uzip does) will leverage parts of this.
2012-01-01 21:32:25 +00:00
Oleksandr Tymoshenko
d77d1b1a17 - Properly clean state structure in cvmx_usb_initialize 2011-12-31 05:25:42 +00:00
Oleksandr Tymoshenko
67c1180199 - CAPK-0100 board's USB timer is 12MHz 2011-12-31 05:24:21 +00:00
Sergey Kandaurov
da914858e1 Fix LINT-VIMAGE build after r228814: use virtualized pf_pool_limits. 2011-12-24 00:23:27 +00:00
Gleb Smirnoff
6bc752e028 Merge from OpenBSD:
revision 1.122
  date: 2009/05/13 01:01:34;  author: dlg;  state: Exp;  lines: +6 -4
  only keep track of the number of updates on tcp connections. state sync on
  all the other protocols is simply pushing the timeouts along which has a
  resolution of 1 second, so it isnt going to be hurt by pfsync taking up
  to a second to send it over.

  keep track of updates on tcp still though, their windows need constant
  attention.
2011-12-22 19:09:55 +00:00
Gleb Smirnoff
2662e31fc3 Merge from OpenBSD:
revision 1.120
  date: 2009/04/04 13:09:29;  author: dlg;  state: Exp;  lines: +5 -5
  use time_uptime instead of time_second internally. time_uptime isnt
  affected by adjusting the clock.

  revision 1.175
  date: 2011/11/25 12:52:10;  author: dlg;  state: Exp;  lines: +3 -3
  use time_uptime to set state creation values as time_second can be
  skewed at runtime by things like date(1) and ntpd. time_uptime is
  monotonic and therefore more useful to compare against.
2011-12-22 19:05:58 +00:00
Gleb Smirnoff
e3b670692a Merge couple more fixes from OpenBSD to bulk processing:
revision 1.118
  date: 2009/03/23 06:19:59;  author: dlg;  state: Exp;  lines: +8 -6
  wait an appropriate amount of time before giving up on a bulk update,
  rather than giving up after a hardcoded 5 seconds (which is generally much
  too short an interval for a bulk update).
  pointed out by david@, eyeballed by mcbride@

  revision 1.171
  date: 2011/10/31 22:02:52;  author: mikeb;  state: Exp;  lines: +2 -1
  Don't forget to cancel bulk update failure timeout when destroying an
  interface.  Problem report and fix from Erik Lax, thanks!

Start a brief note of revisions merged from OpenBSD.
2011-12-22 18:56:27 +00:00
Gleb Smirnoff
c5360c2998 We really mean MTU of the real interface here, not of our pseudo. 2011-12-22 18:51:35 +00:00
Gleb Smirnoff
538c3a7cd0 In FreeBSD we always have bpf(4) API, either real or stub. No need
in detecting presense of 'device bpf'.
2011-12-22 18:31:47 +00:00
Gleb Smirnoff
f08535f872 Restore a feature that was present in 5.x and 6.x, and was cleared in
7.x, 8.x and 9.x with pf(4) imports: pfsync(4) should suppress CARP
preemption, while it is running its bulk update.

However, reimplement the feature in more elegant manner, that is
partially inspired by newer OpenBSD:

- Rename term "suppression" to "demotion", to match with OpenBSD.
- Keep a global demotion factor, that can be raised by several
  conditions, for now these are:
  - interface goes down
  - carp(4) has problems with ip_output() or ip6_output()
  - pfsync performs bulk update
- Unlike in OpenBSD the demotion factor isn't a counter, but
  is actual value added to advskew. The adjustment values for
  particular error conditions are also configurable, and their
  defaults are maximum advskew value, so a single failure bumps
  demotion to maximum. This is for POLA compatibility, and should
  satisfy most users.
- Demotion factor is a writable sysctl, so user can do
  foot shooting, if he desires to.
2011-12-20 13:53:31 +00:00
Gleb Smirnoff
352e70652f - Cover pfsync callouts deletion with PF_LOCK().
- Cover setting up interface between pf and pfsync with PF_LOCK().
2011-12-20 12:34:16 +00:00
Dimitry Andric
c5e2b668eb In sys/contrib/ngatm/netnatm/msg/uni_ie.c, use a more appropriate way to
tell the compiler some parameters are purposefully unused.

MFC after:	1 week
2011-12-15 23:47:36 +00:00
Gleb Smirnoff
c53680a8ec Return value should be conditional on return value of pfsync_defer_ptr()
PR:		kern/162947
Submitted by:	Matthieu Kraus <matthieu.kraus s2008.tu-chemnitz.de>
2011-11-30 08:47:17 +00:00
Jung-uk Kim
3f0275a033 Merge ACPICA 20111123. 2011-11-28 23:36:48 +00:00
Robert Millan
bec54dbdc4 Adjust a few old checks to use __FreeBSD_version macro to
determine which version of FreeBSD kernel we're compiling.

Approved by:	kib (mentor)
2011-11-24 21:23:58 +00:00
Kevin Lo
8d5eb1c4c8 Add missing PF_UNLOCK in pf_test
Reviewed by:	bz
2011-10-30 14:55:00 +00:00
Gleb Smirnoff
3e850a12ef Utilize new IF_DEQUEUE_ALL(ifq, m) macro in pfsyncintr() to reduce
contention on ifqueue lock.
2011-10-27 09:47:00 +00:00
Gleb Smirnoff
9932deae93 Merge several fixes to bulk update processing from OpenBSD. Merged
revisions: 1.148, 1.149, 1.150. This makes number of states on
master/slave to be of a sane value.
2011-10-23 15:15:17 +00:00
Gleb Smirnoff
8ecd40b6b2 Fix indentation, no code changed. 2011-10-23 15:10:15 +00:00
Gleb Smirnoff
2f2086d57e - Fix a bad typo (FreeBSD specific) in pfsync_bulk_update(). Instead
of scheduling next run pfsync_bulk_update(), pfsync_bulk_fail()
  was scheduled.
  This lead to instant 100% state leak after first bulk update
  request.
- After above fix, it appeared that pfsync_bulk_update() lacks
  locking. To fix this, sc_bulk_tmo callout was converted to an
  mtx one. Eventually, all pf/pfsync callouts should be converted
  to mtx version, since it isn't possible to stop or drain a
  non-mtx callout without risk of race.
- Add comment that callout_stop() in pfsync_clone_destroy() lacks
  locking. Since pfsync0 can't be destroyed (yet), let it be here.
2011-10-23 15:08:18 +00:00
Gleb Smirnoff
35ad95774e Fix from r226623 is not sufficient to close all races in pfsync(4).
The root of problem is re-locking at the end of pfsync_sendout().
Several functions are calling pfsync_sendout() holding pointers
to pf data on stack, and these functions expect this data to be
consistent.

To fix this, the following approach was taken:

- The pfsync_sendout() doesn't call ip_output() directly, but
  enqueues the mbuf on sc->sc_ifp's interfaces queue, that
  is currently unused. Then pfsync netisr is scheduled. PF_LOCK
  isn't dropped in pfsync_sendout().
- The netisr runs through queue and ip_output()s packets
  on it.

Apart from fixing race, this also decouples stack, fixing
potential issues, that may happen, when sending pfsync(4)
packets on input path.

Reviewed by:	eri (a quick review)
2011-10-23 14:59:54 +00:00
Gleb Smirnoff
68270a37c8 Absense of M_WAITOK in malloc flags for UMA doesn't
equals presense of M_NOWAIT. Specify M_NOWAIT explicitly.

This fixes sleeping with PF_LOCK().
2011-10-23 10:13:20 +00:00
Gleb Smirnoff
f54a3a046e Correct flag for uma_zalloc() is M_WAITOK. M_WAIT is an old and
deprecated flag from historical mbuf(9) allocator.

This is style only change.
2011-10-23 10:05:25 +00:00
Gleb Smirnoff
8dc59178a8 Fix a race: we should update sc_len before dropping the pf lock, otherwise a
number of packets can be queued on sc, while we are in ip_output(), and then
we wipe the accumulated sc_len. On next pfsync_sendout() that would lead to
writing beyond our mbuf cluster.
2011-10-21 22:28:15 +00:00
Gleb Smirnoff
b6b8562bfc In FreeBSD ip_output() expects ip_len and ip_off in host byte order
PR:		kern/159029
2011-10-21 11:11:18 +00:00
Bjoern A. Zeeb
e999988442 Fix recursive pf locking leading to panics. Splatter PF_LOCK_ASSERT()s
to document where we are expecting to be called with a lock held to
more easily catch unnoticed code paths.
This does not neccessarily improve locking in pfsync, it just tries
to avoid the panics reported.

PR:		kern/159390, kern/158873
Submitted by:	pluknet (at least something that partly resembles
		my patch ignoring other cleanup, which I only saw
		too late on the 2nd PR)
MFC After:	3 days
2011-10-19 13:13:56 +00:00
Bjoern A. Zeeb
c902d29994 De-virtualize the pf_task_mtx lock. At the current state of pf locking
and virtualization it is not helpful but complicates things.

Current state of art is to not virtualize these kinds of locks -
inp_group/hash/info/.. are all not virtualized either.

MFC after:	3 days
2011-10-19 11:04:49 +00:00
Bjoern A. Zeeb
232ec0c97d Adjust the PF_ASSERT() macro to what we usually use in the network stack:
PF_LOCK_ASSERT() and PF_UNLOCK_ASSERT().

MFC after:	3 days
2011-10-19 10:16:42 +00:00
Bjoern A. Zeeb
72aed41bed In the non-FreeBSD case we do not expect PF_LOCK and friends to do anything.
MFC after:	3 days
2011-10-19 10:08:58 +00:00
Bjoern A. Zeeb
5b63183446 Pseudo interfaces should go at SI_SUB_PSEUDO. However at least
pfsync also depends on pf to be initialized already so pf goes at
FIRST and the interfaces go at ANY.
Then the (VNET_)SYSINIT startups for pf stays at SI_SUB_PROTO_BEGIN
and for pfsync we move to the later SI_SUB_PROTO_IF.

This is not ideal either but at least an order that should work for
the moment and can be re-fined with the VIMAGE merge, once this will
actually work with more than one network stack.

MFC after:	3 days
2011-10-19 10:04:24 +00:00
Bjoern A. Zeeb
c29a7fb305 Fix an obvious locking bug where we would lock again rather than unlock.
MFC after:	3 days
2011-10-19 09:34:40 +00:00
Bjoern A. Zeeb
18d97aa11c Fix a bug when NPFSYNC > 0 that on FreeBSD we would always return
and never remove state.

This fixes the problem some people are seeing that state is removed when pf
is loaded as a module but not in situations when compiled into the kernel.

Reported by:	many on freebsd-pf
Tested by:	flo
MFC after:	3 days
2011-10-19 08:57:17 +00:00
Bjoern A. Zeeb
8552ee4b89 Fix indentation in a loop and a tiny maze of #ifdefs for just the
__FreeBSD__ parts that had it wrong.

MFC after:	3 days
2011-10-19 08:37:48 +00:00
Bjoern A. Zeeb
c5378361a3 Use the correct byte order for the ip_divert(4) mbuf tag port meta
information in pf(4).

Submitted by:	Yaocl (chunlinyao gmail.com), forum post 145106
Approved by:	re (kib)
2011-08-25 09:38:33 +00:00
Sergey Kandaurov
a6bab2362e Fix build failure without BPF.
Reported by:	deeptech71 at gmail dot com
Approved by:	re (kib)
2011-08-17 13:02:50 +00:00
Bjoern A. Zeeb
e0bfbfce79 Update packet filter (pf) code to OpenBSD 4.5.
You need to update userland (world and ports) tools
to be in sync with the kernel.

Submitted by:	mlaier
Submitted by:	eri
2011-06-28 11:57:25 +00:00
Robert Watson
d3c1f00350 Add _mbuf() variants of various inpcb-related interfaces, including lookup,
hash install, etc.  For now, these are arguments are unused, but as we add
RSS support, we will want to use hashes extracted from mbufs, rather than
manually calculated hashes of header fields, due to the expensive of the
software version of Toeplitz (and similar hashes).

Add notes that it would be nice to be able to pass mbufs into lookup
routines in pf(4), optimising firewall lookup in the same way, but the
code structure there doesn't facilitate that currently.

(In principle there is no reason this couldn't be MFCed -- the change
extends rather than modifies the KBI.  However, it won't be useful without
other previous possibly less MFCable changes.)

Reviewed by:    bz
Sponsored by:   Juniper Networks, Inc.
2011-06-04 16:33:06 +00:00
Jung-uk Kim
42e58c0372 Merge ACPICA 20110527. 2011-05-31 19:45:58 +00:00
Bjoern A. Zeeb
06034940f5 Remove some further INET related symbols from pf to allow the module
to not only compile bu load as well for testing with IPv6-only kernels.
For the moment we ignore the csum change in pf_ioctl.c given the
pending update to pf45.

Reported by:	dru
Sponsored by:	The FreeBSD Foundation
Sponsored by:	iXsystems
MFC after:	20 days
2011-05-31 15:05:29 +00:00
Robert Watson
fa046d8774 Decompose the current single inpcbinfo lock into two locks:
- The existing ipi_lock continues to protect the global inpcb list and
  inpcb counter.  This lock is now relegated to a small number of
  allocation and free operations, and occasional operations that walk
  all connections (including, awkwardly, certain UDP multicast receive
  operations -- something to revisit).

- A new ipi_hash_lock protects the two inpcbinfo hash tables for
  looking up connections and bound sockets, manipulated using new
  INP_HASH_*() macros.  This lock, combined with inpcb locks, protects
  the 4-tuple address space.

Unlike the current ipi_lock, ipi_hash_lock follows the individual inpcb
connection locks, so may be acquired while manipulating a connection on
which a lock is already held, avoiding the need to acquire the inpcbinfo
lock preemptively when a binding change might later be required.  As a
result, however, lookup operations necessarily go through a reference
acquire while holding the lookup lock, later acquiring an inpcb lock --
if required.

A new function in_pcblookup() looks up connections, and accepts flags
indicating how to return the inpcb.  Due to lock order changes, callers
no longer need acquire locks before performing a lookup: the lookup
routine will acquire the ipi_hash_lock as needed.  In the future, it will
also be able to use alternative lookup and locking strategies
transparently to callers, such as pcbgroup lookup.  New lookup flags are,
supplementing the existing INPLOOKUP_WILDCARD flag:

  INPLOOKUP_RLOCKPCB - Acquire a read lock on the returned inpcb
  INPLOOKUP_WLOCKPCB - Acquire a write lock on the returned inpcb

Callers must pass exactly one of these flags (for the time being).

Some notes:

- All protocols are updated to work within the new regime; especially,
  TCP, UDPv4, and UDPv6.  pcbinfo ipi_lock acquisitions are largely
  eliminated, and global hash lock hold times are dramatically reduced
  compared to previous locking.
- The TCP syncache still relies on the pcbinfo lock, something that we
  may want to revisit.
- Support for reverting to the FreeBSD 7.x locking strategy in TCP input
  is no longer available -- hash lookup locks are now held only very
  briefly during inpcb lookup, rather than for potentially extended
  periods.  However, the pcbinfo ipi_lock will still be acquired if a
  connection state might change such that a connection is added or
  removed.
- Raw IP sockets continue to use the pcbinfo ipi_lock for protection,
  due to maintaining their own hash tables.
- The interface in6_pcblookup_hash_locked() is maintained, which allows
  callers to acquire hash locks and perform one or more lookups atomically
  with 4-tuple allocation: this is required only for TCPv6, as there is no
  in6_pcbconnect_setup(), which there should be.
- UDPv6 locking remains significantly more conservative than UDPv4
  locking, which relates to source address selection.  This needs
  attention, as it likely significantly reduces parallelism in this code
  for multithreaded socket use (such as in BIND).
- In the UDPv4 and UDPv6 multicast cases, we need to revisit locking
  somewhat, as they relied on ipi_lock to stablise 4-tuple matches, which
  is no longer sufficient.  A second check once the inpcb lock is held
  should do the trick, keeping the general case from requiring the inpcb
  lock for every inpcb visited.
- This work reminds us that we need to revisit locking of the v4/v6 flags,
  which may be accessed lock-free both before and after this change.
- Right now, a single lock name is used for the pcbhash lock -- this is
  undesirable, and probably another argument is required to take care of
  this (or a char array name field in the pcbinfo?).

This is not an MFC candidate for 8.x due to its impact on lookup and
locking semantics.  It's possible some of these issues could be worked
around with compatibility wrappers, if necessary.

Reviewed by:    bz
Sponsored by:   Juniper Networks, Inc.
2011-05-30 09:43:55 +00:00
Bjoern A. Zeeb
5084821ac2 Make pf compile without INET support by adding #ifdef INETs and
correcting few #includes.

Reviewed by:	gnn
Sponsored by:	The FreeBSD Foundation
Sponsored by:	iXsystems
MFC after:	4 days
2011-04-27 19:34:01 +00:00
Bernhard Schmidt
d51f8d2024 Add firmware images for the 6000 series g2a and g2b adapters. 2011-04-20 17:34:09 +00:00
Bernhard Schmidt
c2bce4a2fc Update iwn(4) firmware blobs:
- bump iwn1000fw to 39.31.5.1
- bump iwn5000fw to 8.83.5.1
- bump iwn6050fw to 41.28.5.1
2011-04-20 17:32:20 +00:00
Jung-uk Kim
33a7ed1f45 Re-merge with ACPICA vendor source. 2011-04-15 21:38:24 +00:00
Jung-uk Kim
d052a1cc33 Merge ACPICA 20110413. 2011-04-15 18:34:27 +00:00
Jung-uk Kim
3453537fa5 Use atomic load & store for TSC frequency. It may be overkill for amd64 but
safer for i386 because it can be easily over 4 GHz now.  More worse, it can
be easily changed by user with 'machdep.tsc_freq' tunable (directly) or
cpufreq(4) (indirectly).  Note it is intentionally not used in performance
critical paths to avoid performance regression (but we should, in theory).
Alternatively, we may add "virtual TSC" with lower frequency if maximum
frequency overflows 32 bits (and ignore possible incoherency as we do now).
2011-04-07 23:28:28 +00:00
Jung-uk Kim
dcbce41eb0 Merge ACPICA 20110316. 2011-03-17 00:29:53 +00:00
Juli Mallett
64974004ec o) Clean up FPA pools on module unload.
o) Allocate output buffer pool based on available output queues.

Submitted by:	Bhanu Prakash (with modifications)
2011-03-16 08:51:36 +00:00
Jung-uk Kim
38b8542ca9 Deprecate tsc_present as the last of its real consumers finally disappeared. 2011-03-15 17:19:52 +00:00
Jung-uk Kim
79422085d4 Add a tunable "machdep.disable_tsc" to turn off TSC. Specifically, it turns
off boot-time CPU frequency calibration, DELAY(9) with TSC, and using TSC as
a CPU ticker.  Note tsc_present does not change by this tunable.
2011-03-11 00:44:32 +00:00
Jung-uk Kim
bc34c87e81 Deprecate rarely used tsc_is_broken. Instead, we zero out tsc_freq because
it is almost always used with tsc_freq any way.
2011-03-10 20:02:58 +00:00
Jung-uk Kim
c90d5f1c37 Remove alpha reminiscence from altq. 2011-03-10 19:04:18 +00:00
Jung-uk Kim
f7942cae7a Consistently add TSC support for amd64. 2011-03-10 18:58:40 +00:00
Jung-uk Kim
daaad5a9be Remove support for FreeBSD 4.x and below. 2011-03-10 18:49:15 +00:00
Jung-uk Kim
0b94ba42b0 Merge ACPICA 20110211. 2011-02-12 01:03:15 +00:00
Christian S.J. Peron
6627ad29b4 Correct bogus initialization. It should be noted that this change
has been corrected in the vendor branch, but for now, silence clang
warnings.

Found by:	clang
Discussed with:	mlaier
MFC after:	1 week
2011-01-14 04:24:53 +00:00
Jung-uk Kim
d244b2279c Merge ACPICA 20110112. Switch to BSD/GPLv2 dual license[1].
Discussed with:	core [1]
2011-01-13 17:32:32 +00:00
Juli Mallett
15fe2454ae o) Expand the CIU driver to be aware of newly-allocated parts of the IRQ range.
o) Add 'octm', a trivial driver for the 10/100 management ports found on some
   Octeon systems.
o) Make the Simple Executive's management port helper routines compile on
   FreeBSD (namely by not doing math on void pointers.)
o) Add a cvmx_mgmt_port_sendm routine to the Simple Executive to send an mbuf
   so there is only one copy in the transmit path, rather than having to first
   copy the mbuf to an intermediate buffer and then copy that to the Simple
   Executive's transmit ring.
o) Properly work out MII addresses of management ports on the Lanner MR-730.
   XXX The MR-730 also needs some patches to the MII read/write routines, but
       this is sufficient for now.  Media detection will be fixed in the future
       when I can spend more time reading the vendor-supplied patches.
2011-01-10 03:48:41 +00:00
Bernhard Schmidt
0e1497aefd Update firmware for wpi(4) from version 2.14.4 to 15.32.2.9.
PR:		kern/142907
Submitted by:	Craig Butler <craig001 at lerwick.hopto.org>
MFC after:	2 weeks
2010-12-19 11:37:44 +00:00
Juli Mallett
4a7b75273b o) Add support for the Lanner MR-321X/MR-325, which is just a modified MR-320.
o) On the Lanner MR-730, disable PCIe lane swap, per vendor.
2010-12-16 07:20:38 +00:00
Jung-uk Kim
5a77b11bd3 Merge ACPICA 20101209. 2010-12-15 23:48:45 +00:00
Juli Mallett
04b6fa8330 Merge Cavium Octeon SDK 2.0 Simple Executive; this brings some fixes and new
facilities as well as support for the Octeon 2 family of SoCs.

XXX Note that with our antediluvian assembler, we can't support some Octeon 2
    instructions and fall back to using the old ones instead.
2010-11-28 08:18:16 +00:00
Juli Mallett
0867cb9511 o) Recognize the Lanner MR-730.
o) Fix enumeration of PHY addresses on the MR-955.
o) Parse link state for the MR-730 using the Broadcom PHY support in the SDK.
   It's not clear that this is entirely-correct, but it seems to work.  Since
   this board uses a BCM5482S, this may mean that we work correctly for copper
   but not SFI, which is untested.
2010-11-08 21:22:55 +00:00
Jung-uk Kim
3c1812acc6 Merge ACPICA 20101013. 2010-10-13 21:37:02 +00:00
Rui Paulo
653bfa0ba3 Ignore the return value of ADDCARRY(). 2010-10-13 17:16:08 +00:00
Rui Paulo
8e5fffdfb5 Properly tell the compiler that we want to ignore the return value of
certain macros.
2010-10-13 17:09:53 +00:00
Rui Paulo
f3e830e9b0 Fix several cases were a conditional operator was used instead of a
bitwise operator.

Found with:	clang
2010-10-13 17:09:16 +00:00
Rui Paulo
62e9a33814 Pass a format string to make_dev().
Found by:	clang
2010-10-13 14:57:13 +00:00
Juli Mallett
a22b69b772 o) Allow devices to override the MDIO read and write functions presented to
the miibus attached to octe interfaces.
o) Add an SMI/MDIO interface to the MV88E61XX and use it for the switch PHY on
   the Lanner MR-320.  An actual driver for the switch PHY will come later.
   Note that for now it intercepts and fakes MII_BMSR reads to prevent the
   miibus from talking to anything but the switch itself.
2010-10-02 05:43:17 +00:00
Juli Mallett
77c2091086 Add preliminary support for the Lanner MR-955. It boots multi-user but there
seem to be problems both with the on-board Ethernet interfaces and the em(4)
interfaces on PCI under FreeBSD.

Thanks to Lanner for providing access to hardware.
2010-09-19 09:19:38 +00:00
Jung-uk Kim
42fecd1294 Merge ACPICA 20100915. 2010-09-16 20:08:00 +00:00
Bjoern A. Zeeb
dd5f5f2b1b When using pf routing options, properly handle IP fragmentation
for interfaces with TSO enabled, otherwise one would see an extra
ICMP unreach, frag needed pre matching packet on lo0.
This syncs pf code to ip_output.c r162084.

PR:		kern/144311
Submitted by:	yongari via mlaier
Reviewed by:	eri
Tested by:	kib
MFC after:	8 days
2010-09-10 00:00:06 +00:00
Jung-uk Kim
709fac0616 Merge ACPICA 20100806. 2010-08-06 23:11:19 +00:00
Juli Mallett
cea2b8b915 Update the port of FreeBSD to Cavium Octeon to use the Cavium Simple Executive
library:
o) Increase inline unit / large function growth limits for MIPS to accommodate
   the needs of the Simple Executive, which uses a shocking amount of inlining.
o) Remove TARGET_OCTEON and use CPU_CNMIPS to do things required by cnMIPS and
   the Octeon SoC.
o) Add OCTEON_VENDOR_LANNER to use Lanner's allocation of vendor-specific
   board numbers, specifically to support the MR320.
o) Add OCTEON_BOARD_CAPK_0100ND to hard-wire configuration for the CAPK-0100nd,
   which improperly uses an evaluation board's board number and breaks board
   detection at runtime.  This board is sold by Portwell as the CAM-0100.
o) Add support for the RTC available on some Octeon boards.
o) Add support for the Octeon PCI bus.  Note that rman_[sg]et_virtual for IO
   ports can not work unless building for n64.
o) Clean up the CompactFlash driver to use Simple Executive macros and
   structures where possible (it would be advisable to use the Simple Executive
   API to set the PIO mode, too, but that is not done presently.)  Also use
   structures from FreeBSD's ATA layer rather than structures copied from
   Linux.
o) Print available Octeon SoC features on boot.
o) Add support for the Octeon timecounter.
o) Use the Simple Executive's routines rather than local copies for doing reads
   and writes to 64-bit addresses and use its macros for various device
   addresses rather than using local copies.
o) Rename octeon_board_real to octeon_is_simulation to reduce differences with
   Cavium-provided code originally written for Linux.  Also make it use the
   same simplified test that the Simple Executive and Linux both use rather
   than our complex one.
o) Add support for the Octeon CIU, which is the main interrupt unit, as a bus
   to use normal interrupt allocation and setup routines.
o) Use the Simple Executive's bootmem facility to allocate physical memory for
   the kernel, rather than assuming we know which addresses we can steal.
   NB: This may reduce the amount of RAM the kernel reports you as having if
       you are leaving large temporary allocations made by U-Boot allocated
       when starting FreeBSD.
o) Add a port of the Cavium-provided Ethernet driver for Linux.  This changes
   Ethernet interface naming from rgmxN to octeN.  The new driver has vast
   improvements over the old one, both in performance and functionality, but
   does still have some features which have not been ported entirely and there
   may be unimplemented code that can be hit in everyday use.  I will make
   every effort to correct those as they are reported.
o) Support loading the kernel on non-contiguous cores.
o) Add very conservative support for harvesting randomness from the Octeon
   random number device.
o) Turn SMP on by default.
o) Clean up the style of the Octeon kernel configurations a little and make
   them compile with -march=octeon.
o) Add support for the Lanner MR320 and the CAPK-0100nd to the Simple
   Executive.
o) Modify the Simple Executive to build on FreeBSD and to build without
   executive-config.h or cvmx-config.h.  In the future we may want to
   revert part of these changes and supply executive-config.h and
   cvmx-config.h and access to the options contained in those files via
   kernel configuration files.
o) Modify the Simple Executive USB routines to support getting and setting
   of the USB PID.
2010-07-20 19:25:11 +00:00
Juli Mallett
219d14fe5f Import the Cavium Simple Executive from the Cavium Octeon SDK. The Simple
Executive is a library that can be used by standalone applications and kernels
to abstract access to Octeon SoC and board-specific hardware and facilities.
The FreeBSD port to Octeon will be updated to use this where possible.
2010-07-20 07:19:43 +00:00
Bernhard Schmidt
774f94f14c - Update 6000 firmware to 9.221.4.1
- Add 6050 firmware

MFC after:	2 weeks
2010-07-15 11:26:07 +00:00
Jung-uk Kim
a88e22b7ad Merge ACPICA 20100702. 2010-07-06 20:57:28 +00:00
Rafal Jaworowski
21d30ec18d Provide kernel level headers for the libfdt code.
Reviewed by:	imp
Sponsored by:	The FreeBSD Foundation
2010-06-02 17:24:41 +00:00
Andrew Thompson
85e7bb81e9 Sync run(4) driver from author's site.
Submitted by:	Akinori Furukoshi
Obtained from:	git://gitorious.org/run/run.git
2010-05-13 00:19:03 +00:00
Bjoern A. Zeeb
82cea7e6f3 MFP4: @176978-176982, 176984, 176990-176994, 177441
"Whitspace" churn after the VIMAGE/VNET whirls.

Remove the need for some "init" functions within the network
stack, like pim6_init(), icmp_init() or significantly shorten
others like ip6_init() and nd6_init(), using static initialization
again where possible and formerly missed.

Move (most) variables back to the place they used to be before the
container structs and VIMAGE_GLOABLS (before r185088) and try to
reduce the diff to stable/7 and earlier as good as possible,
to help out-of-tree consumers to update from 6.x or 7.x to 8 or 9.

This also removes some header file pollution for putatively
static global variables.

Revert VIMAGE specific changes in ipfilter::ip_auth.c, that are
no longer needed.

Reviewed by:	jhb
Discussed with:	rwatson
Sponsored by:	The FreeBSD Foundation
Sponsored by:	CK Software GmbH
MFC after:	6 days
2010-04-29 11:52:42 +00:00
Jung-uk Kim
3f5e024c14 Merge ACPICA 20100428. 2010-04-28 22:25:27 +00:00
Warner Losh
dec52eb94c We don't need the definition for in_cksum repeated here since we get
it from machine/in_cksum.h.  This definition prevents us from using
hand-tuned assembler versions of in_cksum.

# this fixes the modules build on arm for ipfilter.
2010-04-14 20:50:07 +00:00
Bernhard Schmidt
70ed590b39 Update firmware for the 6000 series Intel cards to version 9.193.4.1.
Approved by:	rpaulo (mentor)
MFC after:	2 weeks
2010-04-10 07:07:08 +00:00
Jung-uk Kim
8c8be05f00 Merge ACPICA 20100331 (and four additional upstream patches). 2010-04-02 23:04:31 +00:00
Xin LI
06325fe0dc Integrate OpenBSD rev 1.5 of x86emu.c. 2010-03-09 22:42:24 +00:00
Jung-uk Kim
24081291d2 Since the interpreter slack mode is a tunable now, enable a local hack only
when it is set.  Note the default behaviour does not change by this change.
2010-03-09 19:39:52 +00:00
Jung-uk Kim
ca3cf4fa2c Merge ACPICA 20100304. 2010-03-05 21:39:16 +00:00
Rafal Jaworowski
21fdc27a05 Merge DTC-d75b33af.
This is a split merge because of non-uniform licensing of the DTC package
contents and the way these components will be used in the FreeBSD environment.

The original DTC package is composed of the following two major pieces:

1. sys/contrib/libfdt (BSD [dual] license)
2. contrib/dtc (GPLv2)

The libfdt component is going to be shared in all aspects of the environment:
- /boot/loader
- kernel
- dtc (the device tree compiler proper, userspace tool)
2010-02-28 21:57:35 +00:00
Andrew Thompson
abbf433556 Uuencode the rt2870 firmware into ascii like the other firmware blobs. 2010-01-29 03:35:01 +00:00
Andrew Thompson
069f1a8056 Add run(4), a driver for Ralink RT2700U/RT2800U/RT3000U USB 802.11agn devices.
This driver was written for OpenBSD by Damien Bergamini and ported over by
Akinori Furukoshi.
2010-01-28 22:24:54 +00:00
Jung-uk Kim
d46722a75a Fix a new header inclusion. 2010-01-21 21:31:39 +00:00
Jung-uk Kim
9a179dd8be Merge ACPICA 20100121. 2010-01-21 21:14:28 +00:00
Weongyo Jeong
984485a02e Fixes a firmware bug that in some devices (e.g. Netgear WG111T or
TRENDnet TEW-504UB/EU) idProduct didn't be decreased after loading the
firmware.

Pointed by:	Steven Friedrich <freebsd at insightbb.com>
Reviewed by:	sam
2010-01-19 01:04:44 +00:00
Edward Tomasz Napierala
2b05020882 Fix array overflow.
Reviewed by:	philip
2010-01-08 19:56:37 +00:00
Rui Paulo
dc1c6863fa Delete old firmware. 2009-12-29 20:15:52 +00:00
Rui Paulo
0f454b93f8 iwn(4) update. Notable changes:
* new firmware
* untested support for 1000 and 6000 series
* bgscan support
* remove unnecessary RXON changes
* allow setting of country/regdomain by enforcing channel flags read
  from the EEPROM
* suspend/resume fixes
* RF kill switch fixes
* LED adjustments
* several bus_dma*() related fixes
* addressed some LORs
* many other bug fixes

Submitted by:	Bernhard Schmidt <bschmidt at techwires.net>
Obtained from:	Brandon Gooch <jamesbrandongooch at gmail dot com> (LED
		related changes), Benjamin Kaduk <kaduk at mit dot edu>
		(LOR fixes), OpenBSD
2009-12-29 19:47:34 +00:00
Xin LI
dcc2b1ff46 Adapt OpenBSD pf's "sloopy" TCP state machine which is useful for Direct
Server Return mode, where not all packets would be visible to the load
balancer or gateway.

This commit should be reverted when we merge future pf versions.  The
benefit it would provide is that this version does not break any existing
public interface and thus won't be a problem if we want to MFC it to
earlier FreeBSD releases.

Discussed with:	mlaier
Obtained from:	OpenBSD
Sponsored by:	iXsystems, Inc.
MFC after:	1 month
2009-12-24 00:43:44 +00:00
Jung-uk Kim
572c8255e6 Merge ACPICA 20091214. 2009-12-14 22:24:04 +00:00
Jung-uk Kim
2272d05019 Merge ACPICA 20091112. 2009-11-16 21:47:12 +00:00
Attilio Rao
718cdf7f80 Remove the explicit definition of inet_aton() as it was introduced as a
general function in r199208.

Reported by:	np
Sponsored by:	Sandvine Incorporated
MFC:		1 week
2009-11-12 14:22:12 +00:00
Christian Brueffer
f11ccc426a Fix two memory leaks in error cases.
PR:		138378
Submitted by:	Patroklos Argyroudis <argp@census-labs.com>
Approved by:	mlaier
MFC after:	1 week
2009-11-05 16:30:16 +00:00
Rui Paulo
8f30200753 Updated iwn(4) driver supporting the newer series, 5000, 5150 and 5300.
Submitted by:	Bernhard Schmidt <bschmidt at techwires.net>
2009-10-23 22:04:18 +00:00
Jung-uk Kim
3219f535d9 Rewrite x86bios and update its dependent drivers.
- Do not map entire real mode memory (1MB).  Instead, we map IVT/BDA and
ROM area separately.  Most notably, ROM area is mapped as device memory
(uncacheable) as it should be.  User memory is dynamically allocated and
free'ed with contigmalloc(9) and contigfree(9).  Remove now redundant and
potentially dangerous x86bios_alloc.c.  If this emulator ever grows to
support non-PC hardware, we may implement it with rman(9) later.
- Move all host-specific initializations from x86emu_util.c to x86bios.c and
remove now unnecessary x86emu_util.c.  Currently, non-PC hardware is not
supported.  We may use bus_space(9) later when the KPI is fixed.
- Replace all bzero() calls for emulated registers with more obviously named
x86bios_init_regs().  This function also initializes DS and SS properly.
- Add x86bios_get_intr().  This function checks if the interrupt vector is
available for the platform.  It is not necessary for PC-compatible hardware
but it may be needed later. ;-)
- Do not try turning off monitor if DPMS does not support the state.
- Allocate stable memory for VESA OEM strings instead of just holding
pointers to them.  They may or may not be accessible always.  Fix a memory
leak of video mode table while I am here.
- Add (experimental) BIOS POST call for vesa(4).  This function calls VGA
BIOS POST code from the current VGA option ROM.  Some video controllers
cannot save and restore the state properly even if it is claimed to be
supported.  Usually the symptom is blank display after resuming from suspend
state.  If the video mode does not match the previous mode after restoring,
we try BIOS POST and force the known good initial state.  Some magic was
taken from NetBSD (and it was taken from vbetool, I believe.)
- Add a loader tunable for vgapci(4) to give a hint to dpms(4) and vesa(4)
to identify who owns the VESA BIOS.  This is very useful for multi-display
adapter setup.  By default, the POST video controller is automatically
probed and the tunable "hw.pci.default_vgapci_unit" is set to corresponding
vgapci unit number.  You may override it from loader but it is very unlikely
to be necessary.  Unfortunately only AGP/PCI/PCI-E controllers can be
matched because ISA controller does not have necessary device IDs.
- Fix a long standing bug in state save/restore function.  The state buffer
pointer should be ES:BX, not ES:DI according to VBE 3.0.  If it ever worked,
that's because BX was always zero. :-)
- Clean up register initializations more clearer per VBE 3.0.
- Fix a lot of style issues with vesa(4).
2009-10-19 20:58:10 +00:00
Jung-uk Kim
f556842ef6 Merge ACPICA 20091013. 2009-10-19 16:12:58 +00:00
Xin LI
0a2e9846fd Use __FBSDID to embed RCS ID. 2009-09-21 08:37:57 +00:00
Xin LI
205d67b00d Collapase interrupt supporting functions to a new module, and switch from
x86emu to this new module.

This changeset also brings a fix for bugs introduced with the initial
x86emu commit, which prevents the user from using some display mode or
cause instant reboots during mode switch.

Submitted by:	paradox <ddkprog yahoo com>
2009-09-21 08:17:57 +00:00
Jung-uk Kim
ca8a21efc8 Canonify include paths for newly added files. 2009-09-11 22:56:08 +00:00
Jung-uk Kim
d6dd1baec0 MFV: r196804
Import ACPICA 20090903
2009-09-11 22:48:53 +00:00
Xin LI
efba048eb5 - Port x86emu to FreeBSD.
- Connect x86emu to build.

Tested with:	make universe
Submitted by:	swell.k at gmail com
2009-09-09 05:53:26 +00:00
Xin LI
884e6d6087 Import x86emu from OpenBSD as of OPENBSD_4_6. 2009-09-09 01:19:26 +00:00
Poul-Henning Kamp
6778431478 Revert previous commit and add myself to the list of people who should
know better than to commit with a cat in the area.
2009-09-08 13:19:05 +00:00
Poul-Henning Kamp
b34421bf9c Add necessary include. 2009-09-08 13:16:55 +00:00
Max Laier
c31650ade1 Fix argument ordering to memcpy as well as the size of the copy in the
(theoretical) case that pfi_buffer_cnt should be greater than ~_max.

Submitted by:	pjd
Reviewed by:	{krw,sthen,markus}@openbsd.org
MFC after:	3 days
2009-08-25 19:30:32 +00:00
Robert Watson
77dfcdc445 Rework global locks for interface list and index management, correcting
several critical bugs, including race conditions and lock order issues:

Replace the single rwlock, ifnet_lock, with two locks, an rwlock and an
sxlock.  Either can be held to stablize the lists and indexes, but both
are required to write.  This allows the list to be held stable in both
network interrupt contexts and sleepable user threads across sleeping
memory allocations or device driver interactions.  As before, writes to
the interface list must occur from sleepable contexts.

Reviewed by:	bz, julian
MFC after:	3 days
2009-08-23 20:40:19 +00:00
Max Laier
b5a6cecbcd If we cannot immediately get the pf_consistency_lock in the purge thread,
restart the scan after acquiring the lock the hard way.  Otherwise we might
end up with a dead reference.

Reported by:		pfsense
Reviewed by:		eri
Initial patch by:	eri
Tested by:		pfsense
Approved by:		re (kib)
2009-08-19 00:10:10 +00:00
Robert Watson
315e3e38fa Many network stack subsystems use a single global data structure to hold
all pertinent statatistics for the subsystem.  These structures are
sometimes "borrowed" by kernel modules that require a place to store
statistics for similar events.

Add KPI accessor functions for statistics structures referenced by kernel
modules so that they no longer encode certain specifics of how the data
structures are named and stored.  This change is intended to make it
easier to move to per-CPU network stats following 8.0-RELEASE.

The following modules are affected by this change:

      if_bridge
      if_cxgb
      if_gif
      ip_mroute
      ipdivert
      pf

In practice, most of these statistics consumers should, in fact, maintain
their own statistics data structures rather than borrowing structures
from the base network stack.  However, that change is too agressive for
this point in the release cycle.

Reviewed by:	bz
Approved by:	re (kib)
2009-08-02 19:43:32 +00:00
Robert Watson
530c006014 Merge the remainder of kern_vimage.c and vimage.h into vnet.c and
vnet.h, we now use jails (rather than vimages) as the abstraction
for virtualization management, and what remained was specific to
virtual network stacks.  Minor cleanups are done in the process,
and comments updated to reflect these changes.

Reviewed by:	bz
Approved by:	re (vimage blanket)
2009-08-01 19:26:27 +00:00
Robert Watson
eddfbb763d Build on Jeff Roberson's linker-set based dynamic per-CPU allocator
(DPCPU), as suggested by Peter Wemm, and implement a new per-virtual
network stack memory allocator.  Modify vnet to use the allocator
instead of monolithic global container structures (vinet, ...).  This
change solves many binary compatibility problems associated with
VIMAGE, and restores ELF symbols for virtualized global variables.

Each virtualized global variable exists as a "reference copy", and also
once per virtual network stack.  Virtualized global variables are
tagged at compile-time, placing the in a special linker set, which is
loaded into a contiguous region of kernel memory.  Virtualized global
variables in the base kernel are linked as normal, but those in modules
are copied and relocated to a reserved portion of the kernel's vnet
region with the help of a the kernel linker.

Virtualized global variables exist in per-vnet memory set up when the
network stack instance is created, and are initialized statically from
the reference copy.  Run-time access occurs via an accessor macro, which
converts from the current vnet and requested symbol to a per-vnet
address.  When "options VIMAGE" is not compiled into the kernel, normal
global ELF symbols will be used instead and indirection is avoided.

This change restores static initialization for network stack global
variables, restores support for non-global symbols and types, eliminates
the need for many subsystem constructors, eliminates large per-subsystem
structures that caused many binary compatibility issues both for
monitoring applications (netstat) and kernel modules, removes the
per-function INIT_VNET_*() macros throughout the stack, eliminates the
need for vnet_symmap ksym(2) munging, and eliminates duplicate
definitions of virtualized globals under VIMAGE_GLOBALS.

Bump __FreeBSD_version and update UPDATING.

Portions submitted by:  bz
Reviewed by:            bz, zec
Discussed with:         gnn, jamie, jeff, jhb, julian, sam
Suggested by:           peter
Approved by:            re (kensmith)
2009-07-14 22:48:30 +00:00
Colin Percival
7d845dde8d Remove build timestamps from the following files:
/boot/kernel/hptrr.ko
/etc/mail/*.cf
/lib/libcrypto.so.5
/usr/bin/ntpq
/usr/sbin/amd
/usr/sbin/iasl
/usr/sbin/ntpd
/usr/sbin/ntpdate
/usr/sbin/ntpdc

There does not appear to be any purpose to having these timestamps, and
they have the irritating consequence that the aforementioned files will
be different every time they are rebuilt.

After this commit, the only remaining build timestamps are in the kernel,
the boot loaders, /usr/include/osreldate.h (the year in the copyright
notice), and lib*.a (the timestamps on all of the included .o files).

Reviewed by:	scottl (hptrr), gshapiro (sendmail), simon (openssl),
		roberto (ntp), jkim (acpica)
Approved by:	re (kib)
2009-07-11 22:30:37 +00:00
Sam Leffler
7850fa71f5 Update to 3.6.2.2 firmware (latest w/o host-based power save support):
o new tx ack queue (not used right now)
o proxy-sta related changes (no proxy sta in driver)
o explicit dwds ena/dis (needed only with proxy sta)
o cleanup BA policy handling
o new ampdu aggressive mode support
o CFEnd use now controllable

Approved by:	re (kensmith)
2009-06-29 18:42:54 +00:00
Roman Divacky
8419ef9a1e Use proper form of gnu designated initalizers. This lets
clang compile this files.

Approved by: ed (mentor)
Silence from: harti (maintainer?)
2009-06-24 12:01:10 +00:00
Robert Watson
8c0fec805f Modify most routines returning 'struct ifaddr *' to return references
rather than pointers, requiring callers to properly dispose of those
references.  The following routines now return references:

  ifaddr_byindex
  ifa_ifwithaddr
  ifa_ifwithbroadaddr
  ifa_ifwithdstaddr
  ifa_ifwithnet
  ifaof_ifpforaddr
  ifa_ifwithroute
  ifa_ifwithroute_fib
  rt_getifa
  rt_getifa_fib
  IFP_TO_IA
  ip_rtaddr
  in6_ifawithifp
  in6ifa_ifpforlinklocal
  in6ifa_ifpwithaddr
  in6_ifadd
  carp_iamatch6
  ip6_getdstifaddr

Remove unused macro which didn't have required referencing:

  IFP_TO_IA6

This closes many small races in which changes to interface
or address lists while an ifaddr was in use could lead to use of freed
memory (etc).  In a few cases, add missing if_addr_list locking
required to safely acquire references.

Because of a lack of deep copying support, we accept a race in which
an in6_ifaddr pointed to by mbuf tags and extracted with
ip6_getdstifaddr() doesn't hold a reference while in transmit.  Once
we have mbuf tag deep copy support, this can be fixed.

Reviewed by:	bz
Obtained from:	Apple, Inc. (portions)
MFC after:	6 weeks (portions)
2009-06-23 20:19:09 +00:00
Bjoern A. Zeeb
5736e6fb9d After cleaning up rt_tables from vnet.h and cleaning up opt_route.h
a lot of files no longer need route.h either. Garbage collect them.
While here remove now unneeded vnet.h #includes as well.
2009-06-23 17:03:45 +00:00
Bjoern A. Zeeb
f4945c9f02 All consumers of in_cksum.h have been properly #ifdefed already,
so do not include the file either as it would give as an extra
dependency on INET.
2009-06-10 11:19:34 +00:00
Jung-uk Kim
230bb4d90d Rewrite OsdSynch.c to reflect the latest ACPICA more closely:
- Implement ACPI semaphore (ACPI_SEMAPHORE) with condvar(9) and mutex(9).
- Implement ACPI mutex (ACPI_MUTEX) with mutex(9).
- Implement ACPI lock (ACPI_SPINLOCK) with spin mutex(9).
2009-06-08 20:07:16 +00:00
Bjoern A. Zeeb
8d8bc0182e After r193232 rt_tables in vnet.h are no longer indirectly dependent on
the ROUTETABLES kernel option thus there is no need to include opt_route.h
anymore in all consumers of vnet.h and no longer depend on it for module
builds.

Remove the hidden include in flowtable.h as well and leave the two
explicit #includes in ip_input.c and ip_output.c.
2009-06-08 19:57:35 +00:00
Jung-uk Kim
389cff5113 Clean up FreeBSD-specific header file:
- Define ACPI_USE_DO_WHILE_0 to add do while(0) around return_*() macros.
- Define __cdecl only for user land.  It will never be used in kernel.
- Remove __cli() and __sti().  They were deprecated long ago.
2009-06-08 17:11:47 +00:00
Jung-uk Kim
14b55641a5 Import ACPICA 20090521. 2009-06-05 18:43:13 +00:00
Robert Watson
bcf11e8d00 Move "options MAC" from opt_mac.h to opt_global.h, as it's now in GENERIC
and used in a large number of files, but also because an increasing number
of incorrect uses of MAC calls were sneaking in due to copy-and-paste of
MAC-aware code without the associated opt_mac.h include.

Discussed with:	pjd
2009-06-05 14:55:22 +00:00
Jung-uk Kim
92ebb4adfe Do not install SSDT when DSDT is overriden by user. 2009-06-04 20:48:31 +00:00
Jung-uk Kim
d005b3f9ff Trim unnecessary files from the import. 2009-06-03 21:47:13 +00:00
Jung-uk Kim
c2928952c9 Remove function redeclaration. It was upstreamed but lost somehow. 2009-06-02 20:44:21 +00:00
Jung-uk Kim
ab6f3bf9cb Canonify include paths again. 2009-06-02 20:02:58 +00:00
Jung-uk Kim
3c4bac86de Fix include path fixup for contrib/dev/acpica/include/platform/*.h. 2009-06-02 20:00:32 +00:00
Jung-uk Kim
a9f12690a1 MFV: ACPICA 20090521 2009-06-02 18:53:21 +00:00
Marko Zec
d825c7936c V_loif is not an array but a pure pointer, so treat it as such.
Reviewed by:	bz
Approved by:	julian (mentor)
2009-06-01 21:29:54 +00:00
Sam Leffler
cf4c5a5331 driver for Marvell 88W8363 Wireless LAN controller 2009-06-01 18:07:01 +00:00
Jamie Gritton
0304c73163 Add hierarchical jails. A jail may further virtualize its environment
by creating a child jail, which is visible to that jail and to any
parent jails.  Child jails may be restricted more than their parents,
but never less.  Jail names reflect this hierarchy, being MIB-style
dot-separated strings.

Every thread now points to a jail, the default being prison0, which
contains information about the physical system.  Prison0's root
directory is the same as rootvnode; its hostname is the same as the
global hostname, and its securelevel replaces the global securelevel.
Note that the variable "securelevel" has actually gone away, which
should not cause any problems for code that properly uses
securelevel_gt() and securelevel_ge().

Some jail-related permissions that were kept in global variables and
set via sysctls are now per-jail settings.  The sysctls still exist for
backward compatibility, used only by the now-deprecated jail(2) system
call.

Approved by:	bz (mentor)
2009-05-27 14:11:23 +00:00
Andriy Gapon
1346d91842 flatten acpica vendor area
do it for current ('dist') and previous versions;
disable keywords expansion at the same time

Reviewed by:	attilio
Approved by:	rpaulo
2009-05-19 14:46:41 +00:00
Bjoern A. Zeeb
ce9237f1b2 tbr_timeout() is a timer driven function[1]. While the previous commit
made LINT happy this does the proper looping over all vnets as we are
only called `globally' and not once per vnet instance.

Reported by:	zec [1]
Missed by:	bz  [1] in r192264
Reviewed by:	zec
2009-05-18 01:05:09 +00:00
Bjoern A. Zeeb
9750be38ca Add a missing INIT_VNET_NET() to get VIMAGE closer to full LINT again. 2009-05-17 20:59:09 +00:00
Sam Leffler
c95ae8c852 Makefile to record the technique by which the .uu files are generated
from the Intel-distributed .fw files
2009-05-09 18:54:18 +00:00
Sam Leffler
82431678fc update to v3.1 2009-05-09 18:53:07 +00:00
Marko Zec
093f25f8c8 In preparation for turning on options VIMAGE in next commits,
rearrange / replace / adjust several INIT_VNET_* initializer
macros, all of which currently resolve to whitespace.

Reviewed by:	bz (an older version of the patch)
Approved by:	julian (mentor)
2009-04-26 22:06:42 +00:00
Kip Macy
279aa3d419 Change if_output to take a struct route as its fourth argument in order
to allow passing a cached struct llentry * down to L2

Reviewed by:	rwatson
2009-04-16 20:30:28 +00:00
Robert Watson
e27b0c8775 Update stats in struct icmpstat and icmp6stat using four new
macros: ICMPSTAT_ADD(), ICMPSTAT_INC(), ICMP6STAT_ADD(), and
ICMP6STAT_INC(), rather than directly manipulating the fields
of these structures across the kernel.  This will make it
easier to change the implementation of these statistics,
such as using per-CPU versions of the data structures.

In on case, icmp6stat members are manipulated indirectly, by
icmp6_errcount(), and this will require further work to fix
for per-CPU stats.

MFC after:	3 days
2009-04-12 13:22:33 +00:00
Robert Watson
026decb8f3 Update stats in struct udpstat using two new macros, UDPSTAT_ADD()
and UDPSTAT_INC(), rather than directly manipulating the fields
across the kernel.  This will make it easier to change the
implementation of these statistics, such as using per-CPU versions
of the data structures.

MFC after:	3 days
2009-04-12 11:42:40 +00:00
Robert Watson
86425c62a0 Update stats in struct ipstat using four new macros, IPSTAT_ADD(),
IPSTAT_INC(), IPSTAT_SUB(), and IPSTAT_DEC(), rather than directly
manipulating the fields across the kernel.  This will make it easier
to change the implementation of these statistics, such as using
per-CPU versions of the data structures.

MFC after:	3 days
2009-04-11 23:35:20 +00:00
Robert Watson
78b5071407 Update stats in struct tcpstat using two new macros, TCPSTAT_ADD() and
TCPSTAT_INC(), rather than directly manipulating the fields across the
kernel.  This will make it easier to change the implementation of
these statistics, such as using per-CPU versions of the data structures.

MFC after:	3 days
2009-04-11 22:07:19 +00:00
Weongyo Jeong
dc60165b73 Add uath(4) wireless USB driver for Atheros AR5005UG and AR5005UX
chipsets.

Reviewed by:	sam
2009-04-04 11:23:00 +00:00
Bjoern A. Zeeb
33553d6e99 For all files including net/vnet.h directly include opt_route.h and
net/route.h.

Remove the hidden include of opt_route.h and net/route.h from net/vnet.h.

We need to make sure that both opt_route.h and net/route.h are included
before net/vnet.h because of the way MRT figures out the number of FIBs
from the kernel option. If we do not, we end up with the default number
of 1 when including net/vnet.h and array sizes are wrong.

This does not change the list of files which depend on opt_route.h
but we can identify them now more easily.
2009-02-27 14:12:05 +00:00
Bjoern A. Zeeb
e4c38888b7 Move the include of vinet.h further up before the ipfilter includes. 2009-02-27 13:29:18 +00:00
Bjoern A. Zeeb
61cab5d638 Shuffle the vimage.h includes or add where missing. 2009-02-27 13:22:26 +00:00
Roman Divacky
af83f5d77c Change the functions to ANSI in those cases where it breaks promotion
to int rule. See ISO C Standard: SS6.7.5.3:15.

Approved by:	kib (mentor)
Reviewed by:	warner
Tested by:	silence on -current
2009-02-24 18:09:31 +00:00
Ed Schouten
55b043392b Revert my previous two changes.
Even though the code seems to be FreeBSD kernel code, it isn't compiled
on FreeBSD. I could have known this, because I was a little amazed that
I couldn't find a prototype of pfopen()/pfclose() somewhere else,
because it isn't marked as static.

Apart from that, removing these functions wouldn't have been harmful
anyway, because there are some other strange things about them (the
implementation isn't consistent with the prototype at the top). Still,
it's better to leave it, because it makes merging code back to older
branches a little harder.

Requested by:	mlaier
2009-01-25 16:52:41 +00:00
Ed Schouten
014bf1f6e5 Remove pfopen() and pfclose() entirely.
It turns out I was patching functions that weren't used by pf(4) anyway.
They still seem to use `struct proc *' instead of `struct thread *'.
They weren't listed in pf_cdevsw.
2009-01-25 14:39:15 +00:00
Ed Schouten
1f895245a0 Remove unneeded checking for invalid minor numbers from pf(4).
Because it is not possible to access the pf(4) character device through
any other device node as the one in devfs, there is no need to check for
unknown device minor numbers.

Approved by:	mlaier
2009-01-25 14:00:00 +00:00
Jung-uk Kim
d8b677e50d Change __FreeBSD_version to prepare for merging r184102. 2009-01-21 20:44:42 +00:00
Bjoern A. Zeeb
a08812c2f9 Check for ipprotosw.h more precisely.
It hasn't been needed for more than 5 years, since r120386.

MFC after:	4 weeks
2008-12-23 16:49:07 +00:00
Sam Leffler
41fe50f5de MFH @ 186335 2008-12-20 01:29:19 +00:00
Qing Li
6e6b3f7cbc This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
   possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,

The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.

Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:

- Kip Macy revised the locking code completely, thus completing
  the last piece of the puzzle, Kip has also been conducting
  active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
  provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
  me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
Bjoern A. Zeeb
52f644a9e2 Like for tcp_subr.c in r186057 make the MD5 context a function local
variable in this copy of the code[1].

While here prefix the variables with 'pf_' to avoid file static global
variables with colliding names that are or will be virtualized.

Discussed with:	rwatson, silby [1]
2008-12-13 22:04:52 +00:00
Bjoern A. Zeeb
1b193af610 Second round of putting global variables, which were virtualized
but formerly missed under VIMAGE_GLOBAL.

Put the extern declarations of the  virtualized globals
under VIMAGE_GLOBAL as the globals themsevles are already.
This will help by the time when we are going to remove the globals
entirely.

Sponsored by:	The FreeBSD Foundation
2008-12-13 19:13:03 +00:00
Sam Leffler
d212022417 Merge WIP from p4:
o recognize ixp435 cpu
o change memory layout for for ixp4xx to not assume memory is aliases
  to 0x10000000 (Cambria/ixp435 memory starts at zero)
o handle 64 irqs for ixp435
o dual EHCI USB 2.0 controller integral to ixp435
o overhaul NPE code for ixp435 and better MAC+MII naming
o updated NPE firmware (including NPE-A image for ixp435/ixp465)
o Gateworks Cambria board support:
  - IDE compact flash
  - MCU
  - front panel LED on i2c bus
  - Octal LED latch

Sanity-tested with NFS-root on Avila and Cambria boards.  Requires
pending boot2 mods for CF-boot on Cambria.
2008-12-13 01:21:37 +00:00
Marko Zec
385195c062 Conditionally compile out V_ globals while instantiating the appropriate
container structures, depending on VIMAGE_GLOBALS compile time option.

Make VIMAGE_GLOBALS a new compile-time option, which by default will not
be defined, resulting in instatiations of global variables selected for
V_irtualization (enclosed in #ifdef VIMAGE_GLOBALS blocks) to be
effectively compiled out.  Instantiate new global container structures
to hold V_irtualized variables: vnet_net_0, vnet_inet_0, vnet_inet6_0,
vnet_ipsec_0, vnet_netgraph_0, and vnet_gif_0.

Update the VSYM() macro so that depending on VIMAGE_GLOBALS the V_
macros resolve either to the original globals, or to fields inside
container structures, i.e. effectively

#ifdef VIMAGE_GLOBALS
#define V_rt_tables rt_tables
#else
#define V_rt_tables vnet_net_0._rt_tables
#endif

Update SYSCTL_V_*() macros to operate either on globals or on fields
inside container structs.

Extend the internal kldsym() lookups with the ability to resolve
selected fields inside the virtualization container structs.  This
applies only to the fields which are explicitly registered for kldsym()
visibility via VNET_MOD_DECLARE() and vnet_mod_register(), currently
this is done only in sys/net/if.c.

Fix a few broken instances of MODULE_GLOBAL() macro use in SCTP code,
and modify the MODULE_GLOBAL() macro to resolve to V_ macros, which in
turn result in proper code being generated depending on VIMAGE_GLOBALS.

De-virtualize local static variables in sys/contrib/pf/net/pf_subr.c
which were prematurely V_irtualized by automated V_ prepending scripts
during earlier merging steps.  PF virtualization will be done
separately, most probably after next PF import.

Convert a few variable initializations at instantiation to
initialization in init functions, most notably in ipfw.  Also convert
TUNABLE_INT() initializers for V_ variables to TUNABLE_FETCH_INT() in
initializer functions.

Discussed at:	devsummit Strassburg
Reviewed by:	bz, julian
Approved by:	julian (mentor)
Obtained from:	//depot/projects/vimage-commit2/...
X-MFC after:	never
Sponsored by:	NLnet Foundation, The FreeBSD Foundation
2008-12-10 23:12:39 +00:00
Kip Macy
3120b9d428 - convert radix node head lock from mutex to rwlock
- make radix node head lock not recursive
 - fix LOR in rtexpunge
 - fix LOR in rtredirect

Reviewed by:	sam
2008-12-07 21:15:43 +00:00
Bjoern A. Zeeb
4b79449e2f Rather than using hidden includes (with cicular dependencies),
directly include only the header files needed. This reduces the
unneeded spamming of various headers into lots of files.

For now, this leaves us with very few modules including vnet.h
and thus needing to depend on opt_route.h.

Reviewed by:	brooks, gnn, des, zec, imp
Sponsored by:	The FreeBSD Foundation
2008-12-02 21:37:28 +00:00
Sam Leffler
3364462355 Switch to ath hal source code. Note this removes the ath_hal
module; the ath module now brings in the hal support.  Kernel
config files are almost backwards compatible; supplying

device ath_hal

gives you the same chip support that the binary hal did but you
must also include

options AH_SUPPORT_AR5416

to enable the extended format descriptors used by 11n parts.
It is now possible to control the chip support included in a
build by specifying exactly which chips are to be supported
in the config file; consult ath_hal(4) for information.
2008-12-01 16:53:01 +00:00
Marko Zec
f02493cbbd Unhide declarations of network stack virtualization structs from
underneath #ifdef VIMAGE blocks.

This change introduces some churn in #include ordering and nesting
throughout the network stack and drivers but is not expected to cause
any additional issues.

In the next step this will allow us to instantiate the virtualization
container structures and switch from using global variables to their
"containerized" counterparts.

Reviewed by:	bz, julian
Approved by:	julian (mentor)
Obtained from:	//depot/projects/vimage-commit2/...
X-MFC after:	never
Sponsored by:	NLnet Foundation, The FreeBSD Foundation
2008-11-28 23:30:51 +00:00
Dag-Erling Smørgrav
e11e3f187d Fix a number of style issues in the MALLOC / FREE commit. I've tried to
be careful not to fix anything that was already broken; the NFSv4 code is
particularly bad in this respect.
2008-10-23 20:26:15 +00:00
Dag-Erling Smørgrav
1ede983cc9 Retire the MALLOC and FREE macros. They are an abomination unto style(9).
MFC after:	3 months
2008-10-23 15:53:51 +00:00
Jung-uk Kim
29462bea1e Turn off CPU frequency change notifiers when the TSC is P-state invariant
or it is forced by setting 'kern.timecounter.invariant_tsc' tunable
to non-zero.
2008-10-21 00:38:00 +00:00
Bjoern A. Zeeb
86d02c5c63 Cache so_cred as inp_cred in the inpcb.
This means that inp_cred is always there, even after the socket
has gone away. It also means that it is constant for the lifetime
of the inp.
Both facts lead to simpler code and possibly less locking.

Suggested by:	rwatson
Reviewed by:	rwatson
MFC after:	6 weeks
X-MFC Note:	use a inp_pspare for inp_cred
2008-10-04 15:06:34 +00:00
Marko Zec
8b615593fc Step 1.5 of importing the network stack virtualization infrastructure
from the vimage project, as per plan established at devsummit 08/08:
http://wiki.freebsd.org/Image/Notes200808DevSummit

Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator
macros, and CURVNET_SET() context setting macros, all currently
resolving to NOPs.

Prepare for virtualization of selected SYSCTL objects by introducing a
family of SYSCTL_V_*() macros, currently resolving to their global
counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().

Move selected #defines from sys/sys/vimage.h to newly introduced header
files specific to virtualized subsystems (sys/net/vnet.h,
sys/netinet/vinet.h etc.).

All the changes are verified to have zero functional impact at this
point in time by doing MD5 comparision between pre- and post-change
object files(*).

(*) netipsec/keysock.c did not validate depending on compile time options.

Implemented by:	julian, bz, brooks, zec
Reviewed by:	julian, bz, brooks, kris, rwatson, ...
Approved by:	julian (mentor)
Obtained from:	//depot/projects/vimage-commit2/...
X-MFC after:	never
Sponsored by:	NLnet Foundation, The FreeBSD Foundation
2008-10-02 15:37:58 +00:00
Ed Schouten
6bfa9a2d66 Replace all calls to minor() with dev2unit().
After I removed all the unit2minor()/minor2unit() calls from the kernel
yesterday, I realised calling minor() everywhere is quite confusing.
Character devices now only have the ability to store a unit number, not
a minor number. Remove the confusion by using dev2unit() everywhere.

This commit could also be considered as a bug fix. A lot of drivers call
minor(), while they should actually be calling dev2unit(). In -CURRENT
this isn't a problem, but it turns out we never had any problem reports
related to that issue in the past. I suspect not many people connect
more than 256 pieces of the same hardware.

Reviewed by:	kib
2008-09-27 08:51:18 +00:00
Rui Paulo
5df8ba31f0 Merge ath again (addition of wisoc files). 2008-09-05 22:24:31 +00:00
Rui Paulo
fa9a79b4fd Merge fix for P4 expansion from vendor branch. 2008-09-05 13:18:06 +00:00
Rui Paulo
66fe9e3277 Merge ath_hal 0.10.5.10 to head.
Approved by:	sam
2008-08-28 00:22:59 +00:00
Rui Paulo
e82cbe00b8 Flatten the vendor-sys/ath tree for future imports. 2008-08-27 19:52:48 +00:00
Rui Paulo
c719bf13e9 Workaround the detect-merge-conflicts.sh script and 's/^======$/&='. 2008-08-27 19:47:48 +00:00
Julian Elischer
28a2d0c1e1 I think we can remove the conditionals for freebsd 2.0 now 2008-08-25 07:33:17 +00:00
Bjoern A. Zeeb
603724d3ab Commit step 1 of the vimage project, (network stack)
virtualization work done by Marko Zec (zec@).

This is the first in a series of commits over the course
of the next few weeks.

Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.

We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.

Obtained from:	//depot/projects/vimage-commit2/...
Reviewed by:	brooks, des, ed, mav, julian,
		jamie, kris, rwatson, zec, ...
		(various people I forgot, different versions)
		md5 (with a bit of help)
Sponsored by:	NLnet Foundation, The FreeBSD Foundation
X-MFC after:	never
V_Commit_Message_Reviewed_By:	more people than the patch
2008-08-17 23:27:27 +00:00
Max Laier
9f21c07f14 Merge state reuse for tcp.
PR:		kern/125261
Obtained from:	OpenBSD
MFC after:	1 week
2008-08-04 14:42:09 +00:00
Max Laier
898dc49201 Flatten out dist and all "live" tag directories. 2008-08-04 13:30:44 +00:00
Darren Reed
14fbef0c79 2020447 IPFilter's NAT can undo name server random port selection
(fix output port range, was a random number in [0,max-min]
	 (byteswapped on litle endian), instead of [min,max])

Submitted by:	darrenr
2008-07-26 19:46:00 +00:00
Julian Elischer
7e4e65ffb3 Fix spelling error in comment 2008-07-24 19:05:58 +00:00
Darren Reed
52c7653383 2020447 IPFilter's NAT can undo name server random port selection
Approved by:	darrenr
MFC after:	1 week
Security:	CERT VU#521769
2008-07-24 12:35:05 +00:00
John Baldwin
2c6298572e Remove the oltr(4) driver. No one responded to calls for testing on
current@ and stable@ for the locking patches.  The driver can always be
revived if someone tests it.

This driver also sleeps in its if_init routine, so it likely doesn't really
work at all anyway in modern releases.
2008-07-04 18:58:53 +00:00
John Baldwin
9732d2c92a Make oltr(4) MPSAFE:
- Add a mutex to the softc and use it to protect the softc and device
  hardware.
- Setup interrupt handler after interface attach.
- Retire 'unit' from softc and use if_printf() instead.
- Don't frob IFF_UP in the driver.
- Use callout_() rather than timeout() and untimeout().
2008-07-04 18:27:14 +00:00
Max Laier
b18b4dabe6 Fix range check for rtable id. 2008-06-05 19:30:20 +00:00
Julian Elischer
8b07e49a00 Add code to allow the system to handle multiple routing tables.
This particular implementation is designed to be fully backwards compatible
and to be MFC-able to 7.x (and 6.x)

Currently the only protocol that can make use of the multiple tables is IPv4
Similar functionality exists in OpenBSD and Linux.

From my notes:

-----

  One thing where FreeBSD has been falling behind, and which by chance I
  have some time to work on is "policy based routing", which allows
  different
  packet streams to be routed by more than just the destination address.

  Constraints:
  ------------

  I want to make some form of this available in the 6.x tree
  (and by extension 7.x) , but FreeBSD in general needs it so I might as
  well do it in -current and back port the portions I need.

  One of the ways that this can be done is to have the ability to
  instantiate multiple kernel routing tables (which I will now
  refer to as "Forwarding Information Bases" or "FIBs" for political
  correctness reasons). Which FIB a particular packet uses to make
  the next hop decision can be decided by a number of mechanisms.
  The policies these mechanisms implement are the "Policies" referred
  to in "Policy based routing".

  One of the constraints I have if I try to back port this work to
  6.x is that it must be implemented as a EXTENSION to the existing
  ABIs in 6.x so that third party applications do not need to be
  recompiled in timespan of the branch.

  This first version will not have some of the bells and whistles that
  will come with later versions. It will, for example, be limited to 16
  tables in the first commit.
  Implementation method, Compatible version. (part 1)
  -------------------------------
  For this reason I have implemented a "sufficient subset" of a
  multiple routing table solution in Perforce, and back-ported it
  to 6.x. (also in Perforce though not  always caught up with what I
  have done in -current/P4). The subset allows a number of FIBs
  to be defined at compile time (8 is sufficient for my purposes in 6.x)
  and implements the changes needed to allow IPV4 to use them. I have not
  done the changes for ipv6 simply because I do not need it, and I do not
  have enough knowledge of ipv6 (e.g. neighbor discovery) needed to do it.

  Other protocol families are left untouched and should there be
  users with proprietary protocol families, they should continue to work
  and be oblivious to the existence of the extra FIBs.

  To understand how this is done, one must know that the current FIB
  code starts everything off with a single dimensional array of
  pointers to FIB head structures (One per protocol family), each of
  which in turn points to the trie of routes available to that family.

  The basic change in the ABI compatible version of the change is to
  extent that array to be a 2 dimensional array, so that
  instead of protocol family X looking at rt_tables[X] for the
  table it needs, it looks at rt_tables[Y][X] when for all
  protocol families except ipv4 Y is always 0.
  Code that is unaware of the change always just sees the first row
  of the table, which of course looks just like the one dimensional
  array that existed before.

  The entry points rtrequest(), rtalloc(), rtalloc1(), rtalloc_ign()
  are all maintained, but refer only to the first row of the array,
  so that existing callers in proprietary protocols can continue to
  do the "right thing".
  Some new entry points are added, for the exclusive use of ipv4 code
  called in_rtrequest(), in_rtalloc(), in_rtalloc1() and in_rtalloc_ign(),
  which have an extra argument which refers the code to the correct row.

  In addition, there are some new entry points (currently called
  rtalloc_fib() and friends) that check the Address family being
  looked up and call either rtalloc() (and friends) if the protocol
  is not IPv4 forcing the action to row 0 or to the appropriate row
  if it IS IPv4 (and that info is available). These are for calling
  from code that is not specific to any particular protocol. The way
  these are implemented would change in the non ABI preserving code
  to be added later.

  One feature of the first version of the code is that for ipv4,
  the interface routes show up automatically on all the FIBs, so
  that no matter what FIB you select you always have the basic
  direct attached hosts available to you. (rtinit() does this
  automatically).

  You CAN delete an interface route from one FIB should you want
  to but by default it's there. ARP information is also available
  in each FIB. It's assumed that the same machine would have the
  same MAC address, regardless of which FIB you are using to get
  to it.

  This brings us as to how the correct FIB is selected for an outgoing
  IPV4 packet.

  Firstly, all packets have a FIB associated with them. if nothing
  has been done to change it, it will be FIB 0. The FIB is changed
  in the following ways.

  Packets fall into one of a number of classes.

  1/ locally generated packets, coming from a socket/PCB.
     Such packets select a FIB from a number associated with the
     socket/PCB. This in turn is inherited from the process,
     but can be changed by a socket option. The process in turn
     inherits it on fork. I have written a utility call setfib
     that acts a bit like nice..

         setfib -3 ping target.example.com # will use fib 3 for ping.

     It is an obvious extension to make it a property of a jail
     but I have not done so. It can be achieved by combining the setfib and
     jail commands.

  2/ packets received on an interface for forwarding.
     By default these packets would use table 0,
     (or possibly a number settable in a sysctl(not yet)).
     but prior to routing the firewall can inspect them (see below).
     (possibly in the future you may be able to associate a FIB
     with packets received on an interface..  An ifconfig arg, but not yet.)

  3/ packets inspected by a packet classifier, which can arbitrarily
     associate a fib with it on a packet by packet basis.
     A fib assigned to a packet by a packet classifier
     (such as ipfw) would over-ride a fib associated by
     a more default source. (such as cases 1 or 2).

  4/ a tcp listen socket associated with a fib will generate
     accept sockets that are associated with that same fib.

  5/ Packets generated in response to some other packet (e.g. reset
     or icmp packets). These should use the FIB associated with the
     packet being reponded to.

  6/ Packets generated during encapsulation.
     gif, tun and other tunnel interfaces will encapsulate using the FIB
     that was in effect withthe proces that set up the tunnel.
     thus setfib 1 ifconfig gif0 [tunnel instructions]
     will set the fib for the tunnel to use to be fib 1.

  Routing messages would be associated with their
  process, and thus select one FIB or another.
  messages from the kernel would be associated with the fib they
  refer to and would only be received by a routing socket associated
  with that fib. (not yet implemented)

  In addition Netstat has been edited to be able to cope with the
  fact that the array is now 2 dimensional. (It looks in system
  memory using libkvm (!)). Old versions of netstat see only the first FIB.

  In addition two sysctls are added to give:
  a) the number of FIBs compiled in (active)
  b) the default FIB of the calling process.

  Early testing experience:
  -------------------------

  Basically our (IronPort's) appliance does this functionality already
  using ipfw fwd but that method has some drawbacks.

  For example,
  It can't fully simulate a routing table because it can't influence the
  socket's choice of local address when a connect() is done.

  Testing during the generating of these changes has been
  remarkably smooth so far. Multiple tables have co-existed
  with no notable side effects, and packets have been routes
  accordingly.

  ipfw has grown 2 new keywords:

  setfib N ip from anay to any
  count ip from any to any fib N

  In pf there seems to be a requirement to be able to give symbolic names to the
  fibs but I do not have that capacity. I am not sure if it is required.

  SCTP has interestingly enough built in support for this, called VRFs
  in Cisco parlance. it will be interesting to see how that handles it
  when it suddenly actually does something.

  Where to next:
  --------------------

  After committing the ABI compatible version and MFCing it, I'd
  like to proceed in a forward direction in -current. this will
  result in some roto-tilling in the routing code.

  Firstly: the current code's idea of having a separate tree per
  protocol family, all of the same format, and pointed to by the
  1 dimensional array is a bit silly. Especially when one considers that
  there is code that makes assumptions about every protocol having the
  same internal structures there. Some protocols don't WANT that
  sort of structure. (for example the whole idea of a netmask is foreign
  to appletalk). This needs to be made opaque to the external code.

  My suggested first change is to add routing method pointers to the
  'domain' structure, along with information pointing the data.
  instead of having an array of pointers to uniform structures,
  there would be an array pointing to the 'domain' structures
  for each protocol address domain (protocol family),
  and the methods this reached would be called. The methods would have
  an argument that gives FIB number, but the protocol would be free
  to ignore it.

  When the ABI can be changed it raises the possibilty of the
  addition of a fib entry into the "struct route". Currently,
  the structure contains the sockaddr of the desination, and the resulting
  fib entry. To make this work fully, one could add a fib number
  so that given an address and a fib, one can find the third element, the
  fib entry.

  Interaction with the ARP layer/ LL layer would need to be
  revisited as well. Qing Li has been working on this already.

  This work was sponsored by Ironport Systems/Cisco

Reviewed by:    several including rwatson, bz and mlair (parts each)
Obtained from:  Ironport systems/Cisco
2008-05-09 23:03:00 +00:00
Kip Macy
77c4b91b9b fix build 2008-05-06 17:45:54 +00:00
Kip Macy
805dc5adca conditionally define PANIC_IF 2008-05-05 19:39:20 +00:00
Kip Macy
e68ff39887 Import basic common and iwarp kernel RDMA infrastructure.
Supported by: Chelsio Inc.
2008-05-05 18:35:55 +00:00
Sam Leffler
3971d07be7 Intel 4965 wireless driver (derived from openbsd driver of the same name) 2008-04-29 21:36:17 +00:00
Sam Leffler
b032f27c36 Multi-bss (aka vap) support for 802.11 devices.
Note this includes changes to all drivers and moves some device firmware
loading to use firmware(9) and a separate module (e.g. ral).  Also there
no longer are separate wlan_scan* modules; this functionality is now
bundled into the wlan module.

Supported by:	Hobnob and Marvell
Reviewed by:	many
Obtained from:	Atheros (some bits)
2008-04-20 20:35:46 +00:00
Robert Watson
fdd9b0723e Teach pf and ipfw to use read locks in inpcbs write than write locks
when reading credential data from sockets.

Teach pf to unlock the pcbinfo more quickly once it has acquired an
inpcb lock, as the inpcb lock is sufficient to protect the reference.

Assert locks, rather than read locks or write locks, on inpcbs in
subroutines--this is necessary as the inpcb may be passed down with a
write lock from the protocol, or may be passed down with a read lock
from the firewall lookup routine, and either is sufficient.

MFC after:	3 months
2008-04-20 00:21:54 +00:00
Robert Watson
8501a69cc9 Convert pcbinfo and inpcb mutexes to rwlocks, and modify macros to
explicitly select write locking for all use of the inpcb mutex.
Update some pcbinfo lock assertions to assert locked rather than
write-locked, although in practice almost all uses of the pcbinfo
rwlock main exclusive, and all instances of inpcb lock acquisition
are exclusive.

This change should introduce (ideally) little functional change.
However, it lays the groundwork for significantly increased
parallelism in the TCP/IP code.

MFC after:	3 months
Tested by:	kris (superset of committered patch)
2008-04-17 21:38:18 +00:00
Max Laier
4239d24b98 Make ALTQ cope with disappearing interfaces (particularly common with mpd
and netgraph in gernal).  This also allows to add queues for an interface
that is not yet existing (you have to provide the bandwidth for the
interface, however).

PR:		kern/106400, kern/117827
MFC after:	2 weeks
2008-03-29 00:24:36 +00:00
John Birrell
ff13848395 Remove the last 3 files I missed. These have been repo copied to the new
location under a cddl part of the tree following the core@ license review.
2008-03-28 00:28:45 +00:00
John Birrell
8f0cc58815 Remove files that have been repo copied to their new location
in cddl-specific parts of the source tree.
2008-03-28 00:08:47 +00:00
Doug Rabson
dfdcada31e Add the new kernel-mode NFS Lock Manager. To use it instead of the
user-mode lock manager, build a kernel with the NFSLOCKD option and
add '-k' to 'rpc_lockd_flags' in rc.conf.

Highlights include:

* Thread-safe kernel RPC client - many threads can use the same RPC
  client handle safely with replies being de-multiplexed at the socket
  upcall (typically driven directly by the NIC interrupt) and handed
  off to whichever thread matches the reply. For UDP sockets, many RPC
  clients can share the same socket. This allows the use of a single
  privileged UDP port number to talk to an arbitrary number of remote
  hosts.

* Single-threaded kernel RPC server. Adding support for multi-threaded
  server would be relatively straightforward and would follow
  approximately the Solaris KPI. A single thread should be sufficient
  for the NLM since it should rarely block in normal operation.

* Kernel mode NLM server supporting cancel requests and granted
  callbacks. I've tested the NLM server reasonably extensively - it
  passes both my own tests and the NFS Connectathon locking tests
  running on Solaris, Mac OS X and Ubuntu Linux.

* Userland NLM client supported. While the NLM server doesn't have
  support for the local NFS client's locking needs, it does have to
  field async replies and granted callbacks from remote NLMs that the
  local client has contacted. We relay these replies to the userland
  rpc.lockd over a local domain RPC socket.

* Robust deadlock detection for the local lock manager. In particular
  it will detect deadlocks caused by a lock request that covers more
  than one blocking request. As required by the NLM protocol, all
  deadlock detection happens synchronously - a user is guaranteed that
  if a lock request isn't rejected immediately, the lock will
  eventually be granted. The old system allowed for a 'deferred
  deadlock' condition where a blocked lock request could wake up and
  find that some other deadlock-causing lock owner had beaten them to
  the lock.

* Since both local and remote locks are managed by the same kernel
  locking code, local and remote processes can safely use file locks
  for mutual exclusion. Local processes have no fairness advantage
  compared to remote processes when contending to lock a region that
  has just been unlocked - the local lock manager enforces a strict
  first-come first-served model for both local and remote lockers.

Sponsored by:	Isilon Systems
PR:		95247 107555 115524 116679
MFC after:	2 weeks
2008-03-26 15:23:12 +00:00
Robert Watson
237fdd787b In keeping with style(9)'s recommendations on macros, use a ';'
after each SYSINIT() macro invocation.  This makes a number of
lightweight C parsers much happier with the FreeBSD kernel
source, including cflow's prcc and lxr.

MFC after:	1 month
Discussed with:	imp, rink
2008-03-16 10:58:09 +00:00
Pawel Jakub Dawidek
2b1c6615bc Fix mmap(2) on ZFS after some changes in VM subsystem.
Submitted by:	alc
Reported by:	kris (originally) and many others
Tested with:	fsx
MFC after:	1 week
2008-03-15 23:23:04 +00:00
Attilio Rao
81c794f998 Axe the 'thread' argument from VOP_ISLOCKED() and lockstatus() as it is
always curthread.

As KPI gets broken by this patch, manpages and __FreeBSD_version will be
updated by further commits.

Tested by:	Andrea Barberio <insomniac at slackware dot it>
2008-02-25 18:45:57 +00:00
Attilio Rao
628f51d275 Introduce some functions in the vnode locks namespace and in the ffs
namespace in order to handle lockmgr fields in a controlled way instead
than spreading all around bogus stubs:
- VN_LOCK_AREC() allows lock recursion for a specified vnode
- VN_LOCK_ASHARE() allows lock sharing for a specified vnode

In FFS land:
- BUF_AREC() allows lock recursion for a specified buffer lock
- BUF_NOREC() disallows recursion for a specified buffer lock

Side note: union_subr.c::unionfs_node_update() is the only other function
directly handling lockmgr fields. As this is not simple to fix, it has
been left behind as "sole" exception.
2008-02-24 16:38:58 +00:00
Pawel Jakub Dawidek
79bc018dd7 - Reduce how much ZFS caches by default. This is another change to mitigate
'kmem_map too small panics'.
- Print two warnings if there is not enough memory and not enough address
  space.
- Improve comment.
2008-01-24 11:24:16 +00:00
Attilio Rao
22db15c06f VOP_LOCK1() (and so VOP_LOCK()) and VOP_UNLOCK() are only used in
conjuction with 'thread' argument passing which is always curthread.
Remove the unuseful extra-argument and pass explicitly curthread to lower
layer functions, when necessary.

KPI results broken by this change, which should affect several ports, so
version bumping and manpage update will be further committed.

Tested by: kris, pho, Diego Sardina <siarodx at gmail dot com>
2008-01-13 14:44:15 +00:00
Nate Lawson
265ed03ff5 Fix GPE livelock that occurs on HP/Compaq laptops, mostly in the thermal
zone code.  The GPE handler method (i.e. _L00) generates various Notify
events that need to be run to completion before the GPE is re-enabled.
In ACPI-CA, we queue an asynch callback at the same priority as a Notify
so that it will only run after all Notify handlers have completed.  The
callback re-enables the GPE afterwards.  We also changed the priority of
Notifies to be the same as GPEs, given the possibility that another GPE
could arrive before the Notifies have completed and we don't want it to
get queued ahead of the rest.

The ACPI-CA change was submitted by Alexey Starikovskiy (SUSE) and will
appear in a later release.  Special thanks to him for helping track this
bug down.

MFC after:	1 week
Tested by:	jhb, Yousif Hassan <yousif / alumni.jmu.edu>
2008-01-12 22:13:12 +00:00
Nate Lawson
814cc347e1 This commit was generated by cvs2svn to compensate for changes in r175256,
which included commits to RCS files with non-trunk default branches.
2008-01-12 22:13:12 +00:00
Attilio Rao
cb05b60a89 vn_lock() is currently only used with the 'curthread' passed as argument.
Remove this argument and pass curthread directly to underlying
VOP_LOCK1() VFS method. This modify makes the code cleaner and in
particular remove an annoying dependence helping next lockmgr() cleanup.
KPI results, obviously, changed.

Manpage and FreeBSD_version will be updated through further commits.

As a side note, would be valuable to say that next commits will address
a similar cleanup about VFS methods, in particular vop_lock1 and
vop_unlock.

Tested by:	Diego Sardina <siarodx at gmail dot com>,
		Andrea Di Pasquale <whyx dot it at gmail dot com>
2008-01-10 01:10:58 +00:00
John Birrell
b468fe2bce * Check endianness the FreeBSD way.
* Use LBOLT rather than lbolt to avoid a clash with a FreeBSD global
  variable.
2007-11-28 22:16:00 +00:00
John Birrell
9587fed572 Fix a prototype definition. 2007-11-28 22:13:28 +00:00
John Birrell
da9085a1c0 Check endianness the FreeBSD way. 2007-11-28 22:12:21 +00:00
John Birrell
47b288c152 Include an extra header to get this to compile cleanly. 2007-11-28 22:11:39 +00:00
Darren Reed
b351a3c4b3 Fix 3 issues relating to the use of "auth" rules in IPFilter, from sourceforge:
1837014 Kernel panics after authentication of an outgoing packet
1836992 Potential bugs in packet auth code (w/patches)
1836967 Kernel panic when using auth rule with keep state
and another reported only to FreeBSD by Andiry (see PR)

PR:		kern/118251
Submitted by:	Andriy Syrovenko <andriys@gmail.com>
Reviewed by:	darrenr
MFC after:	5 days
2007-11-26 08:18:19 +00:00
Max Laier
228f6ee12e Bring back pf_if.c revs 1.8 and 1.6 also lost during last import:
- Use correct time for tzero when compiled in
 - Don't use bogus interface addresses on ptp-interfaces with :0

MFC after:	3 days
2007-11-21 16:08:06 +00:00
Max Laier
b7484bf1b9 Cleanup pf interface mangement - esp. remove EVENTHANDLER before unloading
the coresponding code.  This was lost during 4.1 import.

Reported by:	ru
MFC after:	3 days
2007-11-21 14:18:14 +00:00
Max Laier
fb63048c8a Reloop OpenBSD rev. 1.563:
In pf_test_fragment(), ignore protocol-specific criteria for packets of
  different protocols.

Reported by:	des
Obtained from:	OpenBSD
MFC after:	3 days
2007-11-21 10:12:52 +00:00
Pawel Jakub Dawidek
4d4daf5901 Warn if kmem_map size is set to less than 512MB. Previous warning was a bit
pointless, because default is set to something around 300MB and also
insufficient.

MFC after:	3 days
2007-11-07 14:44:31 +00:00
Pawel Jakub Dawidek
232a80f675 Remove unused header.
MFC after:	3 days
2007-11-05 22:18:34 +00:00
Pawel Jakub Dawidek
a33b7a8f5f If setting a state to anything but open state, close access to vdev.
This fixes replacing drive in place, eg. zpool replace tank da1 da1.
Before it complained that device is already open.

MFC after:	1 week
2007-11-05 21:30:48 +00:00
Benjamin Close
6607310b74 Initial Import of wpi driver based on p4 changeset 128641.
This import includes:
   o wpi Wireless driver for the Intel 3945 Wireless Lan Controller (802.11abg) (sys/dev/wpi)
   o Intel firmware revision 2.14.4 & associated LICENSE (sys/dev/contrib/wpi, sys/contrib/dev/wpi/LICENSE)
   o wpifw Firmware driver (sys/modules/wpifw)

Approved by: mlaier, sam (co-mentors)
2007-11-05 11:47:19 +00:00