- Add RATELIMIT kernel configuration keyword which must be set to
enable the new functionality.
- Add support for hardware driven, Receive Side Scaling, RSS aware, rate
limited sendqueues and expose the functionality through the already
established SO_MAX_PACING_RATE setsockopt(). The API support rates in
the range from 1 to 4Gbytes/s which are suitable for regular TCP and
UDP streams. The setsockopt(2) manual page has been updated.
- Add rate limit function callback API to "struct ifnet" which supports
the following operations: if_snd_tag_alloc(), if_snd_tag_modify(),
if_snd_tag_query() and if_snd_tag_free().
- Add support to ifconfig to view, set and clear the IFCAP_TXRTLMT
flag, which tells if a network driver supports rate limiting or not.
- This patch also adds support for rate limiting through VLAN and LAGG
intermediate network devices.
- How rate limiting works:
1) The userspace application calls setsockopt() after accepting or
making a new connection to set the rate which is then stored in the
socket structure in the kernel. Later on when packets are transmitted
a check is made in the transmit path for rate changes. A rate change
implies a non-blocking ifp->if_snd_tag_alloc() call will be made to the
destination network interface, which then sets up a custom sendqueue
with the given rate limitation parameter. A "struct m_snd_tag" pointer is
returned which serves as a "snd_tag" hint in the m_pkthdr for the
subsequently transmitted mbufs.
2) When the network driver sees the "m->m_pkthdr.snd_tag" different
from NULL, it will move the packets into a designated rate limited sendqueue
given by the snd_tag pointer. It is up to the individual drivers how the rate
limited traffic will be rate limited.
3) Route changes are detected by the NIC drivers in the ifp->if_transmit()
routine when the ifnet pointer in the incoming snd_tag mismatches the
one of the network interface. The network adapter frees the mbuf and
returns EAGAIN which causes the ip_output() to release and clear the send
tag. Upon next ip_output() a new "snd_tag" will be tried allocated.
4) When the PCB is detached the custom sendqueue will be released by a
non-blocking ifp->if_snd_tag_free() call to the currently bound network
interface.
Reviewed by: wblock (manpages), adrian, gallatin, scottl (network)
Differential Revision: https://reviews.freebsd.org/D3687
Sponsored by: Mellanox Technologies
MFC after: 3 months
This patch adds driver for temperature/humidity sensor connected via GPIO.
To compile it into kernel add "device gpioths". To activate driver, use
hints (.at and .pins) for gpiobus. As result it will provide temperature &
humidity values via sysctl.
DHT11 is cheap & popular temperature/humidity sensor used via GPIO on ARM
or MIPS devices like Raspberry Pi or Onion Omega.
Reviewed by: adrian
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D9185
in some arm64 hardware, for example the AMD Opteron A1100.
Reviewed by: mav
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8852
- em(4) igb(4) and lem(4)
- deprecate the igb device from kernel configurations
- create a symbolic link in /boot/kernel from if_em.ko to if_igb.ko
Devices tested:
- 82574L
- I218-LM
- 82546GB
- 82579LM
- I350
- I217
Please report problems to freebsd-net@freebsd.org
Partial review from jhb and suggestions on how to *not* brick folks who
originally would have lost their igbX device.
Submitted by: mmacy@nextbsd.org
MFC after: 2 weeks
Relnotes: yes
Sponsored by: Limelight Networks and Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8299
card presence and write protect switch detection.
A bridge driver just needs to call the setup routine in its attach(), the
teardown in its detach(), and write a couple tiny glue functions to connect
the sdhci interface functions to the new helper functions. This is not
extensively documented, but multiple examples will exist real soon.
Add basic support for A33/R16 that is enough to boot a kernel.
This adds the platform code, padconf data and the new clocks strings.
MFC after: 2 weeks
all public firmwares for all chips since the last release (1.15.37.0)
follows (it's a straight copy-paste from the Release Notes for the
12/30/2016 Unified Wire release on Chelsio's website).
T6 Firmware
++++++++++++
Version : 1.16.26.0
Date : 12/28/2016
Fixes
-----
BASE:
- Max number of egress and control queues adjusted to accomodate
co-processor mode queues.
- Fixed intermittent DDR3/4 ECC errors.
- Fixed a traffic stall when ETS BW is configured as 0%.
- Max number of ethctrl queue in VF set to 1.
ETH:
- Added a new config file option 'speed' under port section to set the
port speed. Use only when auto negotiation is off.
- FEC option removed from firmware config file. cxgbtool can be used to
change the fec setting.
- CPL_TX_TNL_LSO cpl handling added in ETH_TX_PKT_VM handler. This fixes
large tunnel tcp packet support for VxLAN.
Version : 1.16.22.0
Date : 12/05/2016
Fixes
-----
BASE:
- fw_port_type updated in fw API to match kernel.org definitions.
- Saved power by disaling unused MAC lanes.
- Configures correct power bin.
- Enhanced DDR4 performance.
- Enabled interrupts.
- Fixed an issue where filter rule for 'unicast hash' is not working.
ETH:
- Disabled auto negotiation by default because most of 100G switches do
not support AN as of today.
- Fixed flow control not getting disabled problem.
- Fixed an issue where port0 doesn't come up sometimes.
- Fixed 10G link not coming up issue.
- Fixed an issue with promiscuous mode when dcbx disabled.
OFLD:
- Fixed a connection stuck issue when abort is received during out of tx
pages backpressure.
ENHANCEMENTS
------------
BASE:
- Added inline TLS mode support.
Version : 1.16.12.0
Date : 11/11/2016
ENHANCEMENTS
------------
BASE:
- Added T6 support.
- Added T6 1G/10G/25G/40G/100G link speeds.
- Added T6 co-processor mode crypto support.
- Added facility to increase link AN+AEC timeout.
OFLD:
- Added support for all T5 offload protocols except FCoE.
iSCSI:
- iscsi completion moderation enabled.
=======================================================================
T5 Firmware
++++++++++++
Version : 1.16.26.0
Date : 12/28/2016
FIXES
-----
BASE:
- Max number of ethctrl queue in VF set to 1.
Version : 1.16.22.0
Date : 12/05/2016
FIXES
-----
BASE:
- Fixed an issue where filter rule for 'unicast hash' is not working.
ETH:
- Fixed an issue with promiscuous mode when dcbx disabled.
ENHANCEMENTS
------------
ETH:
- Added 40G-KR support.
Version : 1.16.12.0
Date : 11/11/2016
FIXES
-----
BASE:
- Fixed multiple issues related with VFs FLR processing.
- Fixed channel assignment based on number of ports in adapter.
- Fixed a crash when VM having PF assigned as passthrough mode is
rebooted.
- Handled 2nd HELLO command from the same PF without seeing BYE from the
same PF and if that is the only PF.
- A warning is printed in firmware log if PCI-E cookie generation is
enabled in serial initialization file.
- Fixed multiple issues related with Filtering.
- Enabled DSGL memory write for iscsi and rdma.
- Added new FW_PARAMS_CMD[DEV] options to retrieve Serial Configuration
and VPD version numbers.
- Fixed an issue where LVDS output was not getting enabled using vpd.
DCBX:
- Fixed DCBX CEE Incorrect class to pririty mapping.
- Fixed incorrect interpretation of DCBX IEEE PFC.
ETH:
- Adjusted the link related delay timings according to the QSFP spec.
- Improved 40G link bringup time with few switches.
OFLD:
- Do not reserve qp/cq if rdma capability is not enabled.
- Fixed an issue where approx 1600+ TOE connections were causing a
firmware fatal error.
FOiSCSI:
- Fixed an issue where unloading foiscsi driver causes mailbox timeout.
ENHANCEMENTS
------------
BASE:
- Added 10G KR/KX support.
- Added T540-BT adapter support.
- Added 4 new rss key modes for PFs and VFs.
OFLD:
- Added new WR FW_RI_FR_NSMR_TPTE_WR to improve fast MR write
performance in RDMA.
Version : 1.16.5.0
Date : 10/26/2016
FIXES
-----
BASE:
- Fixed multiple issues where FLR from multiple VFs can cause firmware
crash.
- Fixed channel assignment based on number of ports in adapter.
- Fixed the HELLO command master force api to handle the 2nd HELLO
correctly without getting BYE from the PF driver.
- Added facility to retrieve Serial configuration and VPD version. Two
new FW_PARAMS_CMD[DEV] options added to retrieve these values.
- Fixed multiple issues where FLR from multiple VFs are not completing.
- Added new RSS hash secret key modes.
- Fixed an issue where LVDS output was not getting enabled using vpd.
DCBX:
- Fixed an issue where iscsi tlv is sent incorrectly to host (DCBX CEE).
- Fixed an issue where app priority values are not handled correctly
in fw (DCBX IEEE).
ETH:
- Adjusts the link related delay timings according to the QSFP spec.
- Changed 2.5G mac speed bit to 25G mac speed bit in fw API.
- Improvement in 40G link bringup time with few switches.
OFLD:
- Do not reserve qp/cq if rdma capability is not enabled.
- Fixed an issue where approx 1600+ TOE connections were causing a
firmware fatal error.
- Fixed DSGL memory write in T5. Now iwarp and iscsi can use DSGL to do
memory write.
- Fixed multiple issues in hash filter mode where incorrect protocol
mask was getting used and affecting hash filter functionality.
- New fastpath WR FW_RI_FR_NSMR_TPTE_WR (with fully populated TPTE) is
added for small REG_MR operations.
FOiSCSI:
- Fixed an issue in foiscsi recovery path.
- Fixed an issue where foiscsi (in VM in PCIE passthrough mode) didn't
come up after VM FLR.
ENHANCEMENTS
------------
ETH:
- Implemented 1G/10G KR/KX ability.
- Implemented T540-BT adapter support.
=======================================================================
T4 Firmware
+++++++++++
Version : 1.16.12.0
Date : 11/11/2016
FIXES
-----
BASE:
- Fixed an issue where reading temperature sesors using ldst command
causes mailbox timeout.
- Added new FW_PARAMS_CMD[DEV] options to retrieve Serial Configuration
and VPD version numbers.
ETH:
- Fixed DCBX CEE Incorrect class to pririty mapping.
FOiSCSI:
- Fixed an issue where unloading foiscsi driver causes mailbox timeout.
MFC after: 3 days
Sponsored by: Chelsio Communications
Wake-on-lan is not supported in production on any of our adapters, as
they don't have the required AUX power connector. (It's possible that
AUX power is supplied to some of our ALOM or mezz adapters, but if so
then we've never implemented or tested WoL support.)
Reviewed by: gnn
Sponsored by: Solarflare Communications, Inc.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D8972
Recognize new MACHINE_ARCH names now as we have added hardfloat support.
Switch JZ4780 to mipselhf and remove all uses of TARGET_ARCH in kernel
.mk files.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D8989
Add SPI mode (PIO-only) support for Intel Synchronous Serial Port that
can be found in several Intel's products starting from PXA family.
Most of implementations have slight differences in behavior and in
addresses for registers subset. This driver covers only BayTrail SoC
implementation for it's the only hardware I have to test it on.
Driver attaches to ACPI bus only and does not have PCI or FDT support
for now due to lack of hardware to test it on.
"intelspi" is the best name I've managed to come up with. Linux driver
name (spi-pxa2xx) does not make sense because current implementation
does not support actual PXA2xx SoCs. And as far as I know there is no
codename assigned to Intel SSP chip.
Reviewed by: br, manu
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D8896
Add ACPI part for ig4 driver to make it work on Intel BayTrail SoC where
ig4 device is available only through ACPI
Reviewed by: avg
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D8742
to recreate it from ${MAKEOBJDIRPREFIX} and ${SRC_BASE} and ${KERNCONF},
the latter being especially problematic when KERNCONF is set to the names
of multiple kernel configs.
FC-Tape provides additional link level error recovery, and is
highly recommended for tape devices. It will only be turned on for
a given target if the target supports it.
Without this setting, we default to whatever FC-Tape setting is in
NVRAM on the card.
This can be overridden by setting the following loader tunable, for
example for isp0:
hint.isp.0.nofctape=1
sys/conf/options:
Add a new kernel config option, ISP_FCTAPE_OFF, that
defaults the FC-Tape configuration to off.
sys/dev/isp/isp_pci.c:
If ISP_FCTAPE_OFF is defined, turn off FC-Tape. Otherwise,
turn it on if the card supports it.
share/man/man4/isp.4:
Add a description of FC-Tape to the isp(4) man page.
Add descriptions of the fctape and nofctape options, as well as the
ISP_FCTAPE_OFF kernel configuration option.
Add the ispfw module and kernel drivers to the suggested
configurations at the top of the man page so that users are less
likely to leave it out. The driver works well with the included
firmware, but may not work at all with whatever firmware the user
has flashed on their card.
MFC after: 3 days
Sponsored by: Spectra Logic
file and add a generic DT binding that takes advantage of the extres
framework for setting up clocks.
Reviewed by: gonzo
Differential Revision: https://reviews.freebsd.org/D8826
This adds support for:
- Serializing an bhnd_nvram_plist (as exported from bhnd_nvram_store, etc) to
an arbitrary NVRAM data format.
- Generating a serialized representation of the current NVRAM store's state
suitable for writing back to flash, or re-encoding for upload to a
FullMAC device.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D8762
Implements bhnd_nvram_store support for parsing and operating over NVRAM
device paths, and device path aliases, as well as tracking per-path NVRAM
variable writes.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D8760
This adds support for bhnd_nvram_val_convert_init() and
bhnd_nvram_val_convert_new(), which may be used to perform value
format-aware encoding of an NVRAM value to a new target format/type.
This will be used to simplify converting to/from serialized
format-specific NVRAM value representations to common external
representations.
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D8757
representing arbitrary Broadcom NVRAM key/value pairs.
This will be used to track pending changes in bhnd_nvram_store, and
provide support for exporting all or a device subpath for NVRAM (as
required by some fullmac wifi chipsets).
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D8756
The newvers -R option is intended to include build metadata (e.g. user,
host, time) if the build is from an unmodified VCS tree. For subversion
it considered a trailing 'M' as an indication of a modified tree, and
any other version string as modified.
Also include mixed revision checkouts (e.g. 123:126), switched (123S)
and partial (123P) working copies as modified: the revision number is
insufficient to uniquely determine which source was used for the build.
Reported by: gjb
Reviewed by: gjb
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8853
The kernel builds reproducibly, except for the time, date, user, and
hostname baked into the kernel (reported at startup and via the
kern.version sysctl for uname). Add a build knob to disable the
inclusion of this metadata.
Reviewed by: jhb
MFC after: 1 month
Relnotes: Yes
Sponsored by: Reproducible Builds World Summit 2, Berlin
Differential Revision: https://reviews.freebsd.org/D8809
Build metadata (username, hostname, etc.) prevents the FreeBSD kernel
from building reproducibly. Add an option to disable inclusion of that
metadata but retain the release information and SVN/git VCS details.
See https://reproducible-builds.org/ for additional background.
Reviewed by: bapt
Obtained from: NetBSD
MFC after: 1 month
Sponsored by: Reproducible Builds World Summit 2, Berlin
Differential Revision: https://reviews.freebsd.org/D4347
for IPv6.
It gets performance benefits from reduced number of checks. It doesn't
copy mbuf to be able send ICMPv6 error message, because it keeps mbuf
unchanged until the moment, when the route decision has been made.
It doesn't do IPsec checks, and when some IPsec security policies present,
ip6_input() uses normal slow path.
Reviewed by: bz, gnn
Obtained from: Yandex LLC
MFC after: 1 month
Sponsored by: Yandex LLC
Differential Revision: https://reviews.freebsd.org/D8527
Changes include modifications in kernel crash dump routines, dumpon(8) and
savecore(8). A new tool called decryptcore(8) was added.
A new DIOCSKERNELDUMP I/O control was added to send a kernel crash dump
configuration in the diocskerneldump_arg structure to the kernel.
The old DIOCSKERNELDUMP I/O control was renamed to DIOCSKERNELDUMP_FREEBSD11 for
backward ABI compatibility.
dumpon(8) generates an one-time random symmetric key and encrypts it using
an RSA public key in capability mode. Currently only AES-256-CBC is supported
but EKCD was designed to implement support for other algorithms in the future.
The public key is chosen using the -k flag. The dumpon rc(8) script can do this
automatically during startup using the dumppubkey rc.conf(5) variable. Once the
keys are calculated dumpon sends them to the kernel via DIOCSKERNELDUMP I/O
control.
When the kernel receives the DIOCSKERNELDUMP I/O control it generates a random
IV and sets up the key schedule for the specified algorithm. Each time the
kernel tries to write a crash dump to the dump device, the IV is replaced by
a SHA-256 hash of the previous value. This is intended to make a possible
differential cryptanalysis harder since it is possible to write multiple crash
dumps without reboot by repeating the following commands:
# sysctl debug.kdb.enter=1
db> call doadump(0)
db> continue
# savecore
A kernel dump key consists of an algorithm identifier, an IV and an encrypted
symmetric key. The kernel dump key size is included in a kernel dump header.
The size is an unsigned 32-bit integer and it is aligned to a block size.
The header structure has 512 bytes to match the block size so it was required to
make a panic string 4 bytes shorter to add a new field to the header structure.
If the kernel dump key size in the header is nonzero it is assumed that the
kernel dump key is placed after the first header on the dump device and the core
dump is encrypted.
Separate functions were implemented to write the kernel dump header and the
kernel dump key as they need to be unencrypted. The dump_write function encrypts
data if the kernel was compiled with the EKCD option. Encrypted kernel textdumps
are not supported due to the way they are constructed which makes it impossible
to use the CBC mode for encryption. It should be also noted that textdumps don't
contain sensitive data by design as a user decides what information should be
dumped.
savecore(8) writes the kernel dump key to a key.# file if its size in the header
is nonzero. # is the number of the current core dump.
decryptcore(8) decrypts the core dump using a private RSA key and the kernel
dump key. This is performed by a child process in capability mode.
If the decryption was not successful the parent process removes a partially
decrypted core dump.
Description on how to encrypt crash dumps was added to the decryptcore(8),
dumpon(8), rc.conf(5) and savecore(8) manual pages.
EKCD was tested on amd64 using bhyve and i386, mipsel and sparc64 using QEMU.
The feature still has to be tested on arm and arm64 as it wasn't possible to run
FreeBSD due to the problems with QEMU emulation and lack of hardware.
Designed by: def, pjd
Reviewed by: cem, oshogbo, pjd
Partial review: delphij, emaste, jhb, kib
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4712
Table to find if the hardware supports PSCI, and if so what method the
kernel should use to interact with it.
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
If bufring is used for per-TX ring descs, don't update "available"
counter, which is only used to help debugging.
MFC after: 1 week
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D8674