Commit Graph

7356 Commits

Author SHA1 Message Date
Andrey V. Elsukov
d8caf56e9e Add ipfw_nat64 module that implements stateless and stateful NAT64.
The module works together with ipfw(4) and implemented as its external
action module.

Stateless NAT64 registers external action with name nat64stl. This
keyword should be used to create NAT64 instance and to address this
instance in rules. Stateless NAT64 uses two lookup tables with mapped
IPv4->IPv6 and IPv6->IPv4 addresses to perform translation.

A configuration of instance should looks like this:
 1. Create lookup tables:
 # ipfw table T46 create type addr valtype ipv6
 # ipfw table T64 create type addr valtype ipv4
 2. Fill T46 and T64 tables.
 3. Add rule to allow neighbor solicitation and advertisement:
 # ipfw add allow icmp6 from any to any icmp6types 135,136
 4. Create NAT64 instance:
 # ipfw nat64stl NAT create table4 T46 table6 T64
 5. Add rules that matches the traffic:
 # ipfw add nat64stl NAT ip from any to table(T46)
 # ipfw add nat64stl NAT ip from table(T64) to 64:ff9b::/96
 6. Configure DNS64 for IPv6 clients and add route to 64:ff9b::/96
    via NAT64 host.

Stateful NAT64 registers external action with name nat64lsn. The only
one option required to create nat64lsn instance - prefix4. It defines
the pool of IPv4 addresses used for translation.

A configuration of instance should looks like this:
 1. Add rule to allow neighbor solicitation and advertisement:
 # ipfw add allow icmp6 from any to any icmp6types 135,136
 2. Create NAT64 instance:
 # ipfw nat64lsn NAT create prefix4 A.B.C.D/28
 3. Add rules that matches the traffic:
 # ipfw add nat64lsn NAT ip from any to A.B.C.D/28
 # ipfw add nat64lsn NAT ip6 from any to 64:ff9b::/96
 4. Configure DNS64 for IPv6 clients and add route to 64:ff9b::/96
    via NAT64 host.

Obtained from:	Yandex LLC
Relnotes:	yes
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D6434
2016-08-13 16:09:49 +00:00
Andrey V. Elsukov
56132dcc0d Move logging via BPF support into separate file.
* make interface cloner VNET-aware;
* simplify cloner code and use if_clone_simple();
* migrate LOGIF_LOCK() to rmlock;
* add ipfw_bpf_mtap2() function to pass mbuf to BPF;
* introduce new additional ipfwlog0 pseudo interface. It differs from
  ipfw0 by DLT type used in bpfattach. This interface is intended to
  used by ipfw modules to dump packets with additional info attached.
  Currently pflog format is used. ipfw_bpf_mtap2() function uses second
  argument to determine which interface use for dumping. If dlen is equal
  to ETHER_HDR_LEN it uses old ipfw0 interface, if dlen is equal to
  PFLOG_HDRLEN - ipfwlog0 will be used.

Obtained from:	Yandex LLC
Sponsored by:	Yandex LLC
2016-08-13 15:41:04 +00:00
Stephen Hurd
23ac9029f9 Update iflib to support more NIC designs
- Move group task queue into kern/subr_gtaskqueue.c
- Change intr_enable to return an int so it can be detected if it's not
  implemented
- Allow different TX/RX queues per set to be different sizes
- Don't split up TX mbufs before transmit
- Allow a completion queue for TX as well as RX
- Pass the RX budget to isc_rxd_available() to allow an earlier return
  and avoid multiple calls

Submitted by:	shurd
Reviewed by:	gallatin
Approved by:	scottl
Differential Revision:	https://reviews.freebsd.org/D7393
2016-08-12 21:29:44 +00:00
Bryan Drewery
786c805027 PORTS_MODULES: Don't leak in CC/CXX/CPP.
These may have ccache in them or -target/--sysroot from external
compiler or SYSTEM_COMPILER support.  Many ports do not support
a CC with spaces in it, such as emulators/virtualbox-ose-kmod.
Passing --sysroot to ports makes no sense as ports doesn't support
--sysroot currently.
If these variables need to be overridden for ports then they can
be set in make.conf or passed as make arguments.

MFC after:	1 week
Sponsored by:	EMC / Isilon Storage Division
2016-08-12 11:06:54 +00:00
Sepherosa Ziehau
6212aa15fc hyperv/vmbus: Add APIs for various types of transactions.
Reviewed by:	Jun Su <junsu microsoft com>
MFC after:	1 week
Sponsored by:	Microsoft
Differential Revision:	https://reviews.freebsd.org/D7456
2016-08-11 05:49:49 +00:00
Ed Schouten
13b4b4df98 Provide the CloudABI vDSO to its executables.
CloudABI executables already provide support for passing in vDSOs. This
functionality is used by the emulator for OS X to inject system call
handlers. On FreeBSD, we could use it to optimize calls to
gettimeofday(), etc.

Though I don't have any plans to optimize any system calls right now,
let's go ahead and already pass in a vDSO. This will allow us to
simplify the executables, as the traditional "syscall" shims can be
removed entirely. It also means that we gain more flexibility with
regards to adding and removing system calls.

Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D7438
2016-08-10 21:02:41 +00:00
Ruslan Bukin
5f8228b2f3 o Remove operation in machine mode.
Machine privilege level was specially designed to use in vendor's
  firmware or bootloader. We have implemented operation in machine
  mode in FreeBSD as part of understanding RISC-V ISA, but it is time
  to remove it.
  We now use BBL (Berkeley Boot Loader) -- standard RISC-V firmware,
  which provides operation in machine mode for us.
  We now use standard SBI calls to machine mode, instead of handmade
  'syscalls'.
o Remove HTIF bus.
  HTIF bus is now legacy and no longer exists in RISC-V specification.
  HTIF code still exists in Spike simulator, but BBL do not provide
  raw interface to it.
  Memory disk is only choice for now to have multiuser booted in Spike,
  until Spike has implemented more devices (e.g. Virtio, etc).

Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
2016-08-10 12:41:36 +00:00
Stephen J. Kiernan
0ce1624d0e Move IPv4-specific jail functions to new file netinet/in_jail.c
_prison_check_ip4 renamed to prison_check_ip4_locked

Move IPv6-specific jail functions to new file netinet6/in6_jail.c
_prison_check_ip6 renamed to prison_check_ip6_locked

Add appropriate prototypes to sys/sys/jail.h

Adjust kern_jail.c to call prison_check_ip4_locked and
prison_check_ip6_locked accordingly.

Add netinet/in_jail.c and netinet6/in6_jail.c to the list of files that
need to be built when INET and INET6, respectively, are configured in the
kernel configuration file.

Reviewed by:	jtl
Approved by:	sjg (mentor)
Sponsored by:	Juniper Networks, Inc.
Differential Revision:	https://reviews.freebsd.org/D6799
2016-08-09 02:16:21 +00:00
Sean Bruno
4294f337b0 ixl(4): Update to ixl-1.6.6-k.
Submitted by:	erj
Reviewed by:	jeffrey.e.pieper@intel.com
MFC after:	3 days
Sponsored by:	Intel Corporation
Differential Revision:	https://reviews.freebsd.org/D7391
2016-08-07 18:12:36 +00:00
Konstantin Belousov
fa03524a9f Merge i386 and amd64 variants of mp_watchdog.c into x86/, there is no
difference between files.
For pc98, put x86/mp_x86.c into the same place as used by i386 file list.
Fix typo in comment.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2016-08-03 13:51:53 +00:00
Justin Hibbits
6cedae09a2 Merge MPC85XX and QorIQ config options
Summary:
MPC85XX and QorIQ are very similar.  When the DPAA dTSEC driver was
added, QORIQ_DPAA was brought in as a config option to support the differences
in hardware register settings between QorIQ (e500mc-, e5500- based) SoCs and
QUICC (e500v1/e500v2-based) SoCs, particularly in the Local Access Window (LAW)
target settings.

Unify these settings using macros to hide details and ease porting, and use a
new function (mpc85xx_is_qoriq()) to distinguish between QorIQ and QUICC SoCs at
runtime.

An alternative to using the function could be to use a variable initialized at
platform attach time, which may incur less overhead at runtime.  Since it's not
in the critical path once booted, this optimization doesn't seem necessary at
first pass.

Reviewed by: nwhitehorn
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D7294
2016-08-03 01:22:11 +00:00
Ruslan Bukin
98f50c44e3 Update RISC-V port to Privileged Architecture Version 1.9.
Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
2016-08-02 14:50:14 +00:00
Andrew Turner
727c18a84f Split out the FDT parts of the GICv2 interrupt controller driver. This will
allow us to add an ACPI attachment for arm64.

Obtained from:	ABT Systems Ltd
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7307
2016-08-01 16:29:04 +00:00
Warner Losh
6c99513703 Fix typo. 2016-07-29 15:24:50 +00:00
Andrew Turner
eda295b9e5 Add a generic EHCI USB driver based on the Allwinner A10 driver. It is ACPI
only for now, but wouldn't be too difficult to add support for FDT.

Reviewed by:	hselasky
Obtained from:	ABT Systems Ltd
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7352
2016-07-29 08:50:36 +00:00
Warner Losh
08f1387933 Move protocol specific stuff into a linker set object that's
per-protocol. This reduces the number scsi symbols references by
cam_xpt significantly, and eliminates all ata / nvme symbols. There's
still some NVME / ATA specific code for dealing with XPT_NVME_IO and
XPT_ATA_IO respectively, and a bunch of scsi-specific code, but this
is progress.

Differential Revision: https://reviews.freebsd.org/D7289
2016-07-28 22:55:21 +00:00
Ruslan Bukin
9346408d90 Normalise the CWARNFLAGS inter-word spacing: remove all leading
and trailing space, and convert multiple consecutive spaces to
single space.

This helps to keep build output looking good.
2016-07-28 17:18:02 +00:00
Ed Maste
45eff3df96 remove CONSTRUCTORS from kernel linker scripts
The linker script CONSTRUCTORS keyword is only meaningful "when linking
object file formats which do not support arbitrary sections, such as
ECOFF and XCOFF"[1] and is ignored for other object file formats.

LLVM's lld does not yet accept (and ignore) CONSTRUCTORS, so just remove
CONSTRUCTORS from the linker scripts as it has no effect.

[1] https://sourceware.org/binutils/docs/ld/Output-Section-Keywords.html

Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7343
2016-07-28 13:54:46 +00:00
Ruslan Bukin
96c072fcb0 o Add warn flags required to build modules with GCC 6.1;
o Sort GCC 4.8 warn flags.

Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
2016-07-28 13:15:23 +00:00
Luiz Otavio O Souza
92ee0c01d4 Enable the build of micphy as part of generic miibus build, but only for
FDT enabled systems.

Sponsored by:	Rubicon Communications (Netgate)
2016-07-28 05:59:56 +00:00
Stephen J. Kiernan
4ac21b4f09 Prepare for network stack as a module
- Move cr_canseeinpcb to sys/netinet/in_prot.c in order to separate the
   INET and INET6-specific code from the rest of the prot code (It is only
   used by the network stack, so it makes sense for it to live with the
   other network stack code.)
 - Move cr_canseeinpcb prototype from sys/systm.h to netinet/in_systm.h
 - Rename cr_seeotheruids to cr_canseeotheruids and cr_seeothergids to
   cr_canseeothergids, make them non-static, and add prototypes (so they
   can be seen/called by in_prot.c functions.)
 - Remove sw_csum variable from ip6_forward in ip6_forward.c, as it is an
   unused variable.

Reviewed by:	gnn, jtl
Approved by:	sjg (mentor)
Sponsored by:	Juniper Networks, Inc.
Differential Revision:	https://reviews.freebsd.org/D2901
2016-07-27 20:34:09 +00:00
Sepherosa Ziehau
dc831186e3 hyperv/vmbus: Rename cleaned up bufring code
MFC after:	1 week
Sponsored by:	Microsoft
Differential Revision:	https://reviews.freebsd.org/D7318
2016-07-27 09:27:08 +00:00
Stephen J. Kiernan
cc37baea09 Add the NUM_CORE_FILES kernel config option which specifies the limit for the
number of core files allowed by a particular process when using the %I core
file name pattern.

Sanity check at compile time to ensure the value is within the valid range of
0-10.

Reviewed by:	jtl, sjg
Approved by:	sjg (mentor)
Sponsored by:	Juniper Networks, Inc.
Differential Revision:	https://reviews.freebsd.org/D6812
2016-07-27 03:21:02 +00:00
Sean Bruno
e4ff429714 Update iwmfw(4) to include support for 8260 series units and update
f/w for the other devices supported by this driver.

Patch linked in https://reviews.freebsd.org/D6967 but not actually
a part of the review.

Obtained from DragonflyBSD.

Submitted by:   Kevin Bowling <kev009@kev009.com>
MFC after:      2 weeks
Relnotes:       yes
2016-07-25 23:05:25 +00:00
Ruslan Bukin
8500b15f9f Fix style. 2016-07-24 18:04:12 +00:00
Michael Zhilin
334453c5a9 [nvram2env] split implementation into generic & MIPS-based code
Split implementation of nvram2env to generic (MI) & MIPS-based code:

 - removed includes like "*siba*", because they are unused
 - added nvram2env_mips.c file with MIPS-specific code, code moved from nvram2env.c
 - added header file to shared defines/structures/function prototypes between MI and MIPS code

Also this fix allows to implement own nvram2env drivers.

Reviewed by:    ray, adrian (mentor)
Approved by:    adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D6513
2016-07-24 08:35:45 +00:00
Navdeep Parhar
3e560c5393 Fix kernel builds with "device cxgbe". 2016-07-23 15:12:03 +00:00
John Baldwin
f91fca5ba7 Add a driver to create VF devices on Chelsio T4/T5 NICs.
Chelsio NICs are a bit unique compared to some other NICs in that they
expose different functionality on different physical functions.  In
particular, PF4 is used to manage the NIC interfaces ('t4nex' and 't5nex').
However, PF4 is not able to create VF devices.  Instead, VFs are only
supported by physical functions 0 through 3.  This commit adds 't4iov'
and 't5iov' drivers that attach to PF0-3.

One extra wrinkle is that the iov devices cannot enable SR-IOV until the
firwmare has been initialized by the main PF4 driver.  To handle this
case, a new t4_if kobj interface has been added to permit cross-calls
between the PF drivers.  The PF4 driver notifies sibling drivers when it
is fully attached.  It also requests sibling drivers to detach before it
detaches.  Sibling drivers query the PF4 driver during their attach
routine to see if it is attached.  If not, the sibling drivers defer
their attach actions until the PF4 driver informs them it is attached.

VF devices are associated with a single port on the NIC.  VF devices
created from PF0 are associated with the first port on the NIC, VFs
from PF1 are associated with the second port, etc.  VF devices can
only be created from a PF device that has an associated port.  Thus,
on a 2-port card, VFs are only supported on PF0 and PF1.

Reviewed by:	np (earlier versions)
MFC after:	1 month
Sponsored by:	Chelsio Communications
2016-07-22 22:46:41 +00:00
Bryan Drewery
f5dac37f96 Don't run find(1) for __MPATH with NO_MODULES set.
It's a waste of time when it won't be used.

Submitted by:	bde
MFC after:	3 days
2016-07-22 17:31:14 +00:00
Ruslan Bukin
c4dc5cdb7b Add GCC 6.1 warn flags for kernel as well.
Sponsored by:	DARPA, AFRL
2016-07-22 16:15:35 +00:00
Warner Losh
d12543e0c1 Fix cam builds w/o nvme. This is a stop-gap fix until the real fix of
dynamically loading XPTs is done and tested.

MFC After: 1 week
2016-07-21 23:29:13 +00:00
Andrew Turner
68abdc4081 Mark the Designware MMC and USB OTG drivers as FDT only. These are normally
found on arm64 devices that use FDT.

Obtained from:	ABT Systems Ltd
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2016-07-20 17:46:33 +00:00
Mark Johnston
e86e17af79 Merge {amd64,i386}/instr_size.c into x86_instr_size.c.
Also reduce the diff between us and upstream: the input data model will
always be DATAMODEL_NATIVE because of a bug (p_model is never set but is
always initialized to 0), so we don't need to override the caller anyway.
This change is also necessary to support the pid provider for 32-bit
processes on amd64.

MFC after:	2 weeks
2016-07-20 00:02:10 +00:00
Sepherosa Ziehau
e62409966b hyperv/vmbus: Rename laundered vmbus channel code
MFC after:	1 week
Sponsored by:	Microsoft OSTC
Differential Revision:	https://reviews.freebsd.org/D7232
2016-07-19 07:51:22 +00:00
Andrey V. Elsukov
b867e84e95 Add ipfw_nptv6 module that implements Network Prefix Translation for IPv6
as defined in RFC 6296. The module works together with ipfw(4) and
implemented as its external action module. When it is loaded, it registers
as eaction and can be used in rules. The usage pattern is similar to
ipfw_nat(4). All matched by rule traffic goes to the NPT module.

Reviewed by:	hrs
Obtained from:	Yandex LLC
MFC after:	1 month
Relnotes:	yes
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D6420
2016-07-18 19:46:31 +00:00
Sepherosa Ziehau
7d590c7345 hyperv/vmbus: Merge hv_channel_mgmt.c into hv_channel.c
MFC after:	1 week
Sponsored by:	Microsoft OSTC
Differential Revision:	https://reviews.freebsd.org/D7126
2016-07-15 04:42:08 +00:00
Sepherosa Ziehau
e71d17193d hyperv/vmbus: Merge hv_connection.c into hv_channel.c
MFC after:	1 week
Sponsored by:	Microsoft OSTC
Differential Revision:	https://reviews.freebsd.org/D7004
2016-07-13 03:14:29 +00:00
Sepherosa Ziehau
38d19df6ff hyperv/vmbus: Rework vmbus version accessing.
Instead of global variable, vmbus version is accessed through
a vmbus DEVMETHOD now.

MFC after:	1 week
Sponsored by:	Microsoft OSTC
Differential Revision:	https://reviews.freebsd.org/D6953
2016-07-12 07:33:39 +00:00
Dmitry Chagin
2b51f15459 Fix pc98 LINT build.
MFC after:	4 days
2016-07-12 06:12:58 +00:00
Jared McNeill
eefa8817b0 Add SOC_ALLWINNER_A64 option for Allwinner A64 (sun50i) SoCs. 2016-07-11 20:05:03 +00:00
Dmitry Chagin
d09bf88425 Add linux_mmap.c to the appropriate conf/files.
Reported by:	kib@
MFC after:	1 week
2016-07-10 08:38:10 +00:00
Alexander Motin
9a5325c205 NewBus'ify NTB subsystem.
This follows NTB subsystem modularization in Linux, tuning it to FreeBSD
native NewBus interfaces.  This change allows to support different types
of hardware with different drivers, support multiple NTB instances in a
system, ntb_transport module use for needs other then if_ntb, etc.

Sponsored by:	iXsystems, Inc.
2016-07-09 11:20:42 +00:00
Emmanuel Vadot
356c50adff Add support for Allwinner A13.
Reviewed by:	jmcneill
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D6809
2016-07-08 23:38:25 +00:00
Enji Cooper
88f0575156 Revert r302403
lang/gcc{48,49,5} lacks -fformat-extensions support (causing build errors, which
is what prompted r302403 to be committed). devel/amd64-gcc on the other hand
(which is used by Jenkins), has the support.

This fixes the Jenkins failure emails due to excessive warnings being produced
with "make buildkernel".

Discussed with: lwhsu
Reported by: Jenkins (FreeBSD_HEAD_amd64_gcc job)
Sponsored by: EMC / Isilon Storage Division
2016-07-08 16:29:45 +00:00
Glen Barber
ae940db11f Reflect head is now 12.0-CURRENT.
Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2016-07-08 00:12:29 +00:00
Enji Cooper
d6b483b209 Do not use -fformat-extensions with non-base versions of gcc
Ports versions of gcc do not have -fformat-extensions support.

This unbreaks compiling the kernel/modules with non-base gcc (4.8,
5.0, etc) if MK_FORMAT_EXTENSIONS=yes (the default).

Approved by: re (gjb)
Differential Revision: https://reviews.freebsd.org/D7150
Reviewed by: bdrewery
Sponsored by: EMC / Isilon Storage Division
2016-07-07 22:44:23 +00:00
Andrew Turner
b760df65c8 Remove the old pre-INTRNG arm64 interrupt framework. GENERIC was switched
to INTRNG in r301565 with the old code no longer being built by default with
no reports of issues on any supported hardware.

Approved by:	re (gjb)
Obtained from:	ABT Systems Ltd
Sponsored by:	The FreeBSD Foundation
2016-07-06 16:20:10 +00:00
Glen Barber
193d700fe2 Update 11.0 to ALPHA6.
Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2016-07-01 00:00:35 +00:00
Bjoern A. Zeeb
a25d93e59f Unbreak building of LINT kernels after r302163.
Approved by:	re (gjb)
2016-06-25 22:24:16 +00:00
Glen Barber
591dda3ad0 Update head to ALPHA5 in preparation of new snapshot builds.
Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2016-06-24 00:05:45 +00:00