Bump the default from 16 to 32, to accommodate kernel flamegraphs.
Bump the maximum from 32 to 128, to accommodate deep user stacks.
Reviewed by: gnn
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D1203
This allows one to make a kernel module to tune the
number of queues before the driver loads.
This is needed so that a module at SI_SUB_CPU can set
tunables for these drivers to take. Otherwise getenv
is called too early by the TUNABLE macros.
Reviewed by: smh
Phabric: https://reviews.freebsd.org/D1149
xform_ipip was used as fallback with low priority for IPIP
encapsulated packets that were decrypted. In some cases
it can decapsulate packets, that it shouldn't. This leads to situations,
when wrong configurations are magically working. Also it can propagate
wrong ingress interface and this can break security.
Now we redesigned the IPSEC code and IPIP encapsulation is called directly
from ipsec_output, and decapsulation is done in the ipsec_input with m_striphdr.
Differential Revision: https://reviews.freebsd.org/D1220
MFC after: 1 month
Sponsored by: Yandex LLC
- Threads lifetime cycle, in particular, counting of the threads in
the process, and interlocking with process mutex and thread lock.
The main reason of this is that turnstile locks are after thread
locks, so you e.g. cannot unlock blockable mutex (think process
mutex) while owning thread lock.
- Virtual and profiling itimers, since the timers activation is done
from the clock interrupt context. Replace the p_slock by p_itimmtx
and PROC_ITIMLOCK().
- Profiling code (profil(2)), for similar reason. Replace the p_slock
by p_profmtx and PROC_PROFLOCK().
- Resource usage accounting. Need for the spinlock there is subtle,
my understanding is that spinlock blocks context switching for the
current thread, which prevents td_runtime and similar fields from
changing (updates are done at the mi_switch()). Replace the p_slock
by p_statmtx and PROC_STATLOCK().
The split is done mostly for code clarity, and should not affect
scalability.
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
method needs pre-reset state of the ps_siginfo to correctly construct
signal frame.
Move sigdflt() call after the sv_sendsig() invocation in postsig().
Simultaneously extract common code from trapsignal() and postsig()
into new helper postsig_done().
Submitted by: rea
MFC after: 1 week
Records with target_mode == 1 are allocated from the end of portdb, so it
seems logical to start search from the end not traverse whole array.
MFC after: 1 month
- bootparamd
- bootpd
- finger/fingerd
- ftp/ftpd
- hastctl/hastd
- iscsid, et al
- rbootd
- talk/talkd
- tcpd, et al
- tftp/tftpd
Add src.conf entries for the various components and do a best effort
at adding components to tools/build/mk/OptionalObsoleteFiles.inc
The framework now ensure by itself that pthread is added to the link chain
as the last component if linked to kerberos hence avoid with out any explicit
addition prevent issue like CVE-2014-8475
Use __DECONST (instead of my own attempted re-invention) for the iov
parameters to jail_get/set(2). Similarly remove the decost-ish hack
from execvp's argv, except the __DECONST is only added at very end.
While I'm at it, remove an unused variable and fix a comment typo.
In r228193 the test of CONNPRIV have been moved to before the _usleep
and send in vsyslog(). When syslogd restarts, this would prevent the
message being logged after the disconnect/connect dance for
scenario #1.
PR: 194751
Submitted by: Peter Creath <pjcreath+freebsd gmail com>
Reviewed By: glebius
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D1227