Commit Graph

20291 Commits

Author SHA1 Message Date
markj
5ffbc764fb pf: Don't allocate per-table entry counters unless required.
pf by default does not do per-table address accounting unless the
"counters" keyword is specified in the corresponding pf.conf table
definition.  Yet, we always allocate 12 per-CPU counters per table.  For
large tables this carries a lot of overhead, so only allocate counters
when they will actually be used.

A further enhancement might be to use a dedicated UMA zone to allocate
counter arrays for table entries, since close to half of the structure
size comes from counter pointers.  A related issue is the cost of
zeroing counters, since counter_u64_zero() calls smp_rendezvous() on
some architectures.

Reported by:	loos, Jim Pingle <jimp@netgate.com>
Reviewed by:	kp
MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC (Netgate)
Differential Revision:	https://reviews.freebsd.org/D24803
2020-05-11 18:47:38 +00:00
emaste
fa3e936dba remove %n support from printf(9)
It can be dangerous and there is no need for it in the kernel.
Inspired by Kees Cook's change in Linux, and later OpenBSD.

Reviewed by:	cem, gordon, philip
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D24760
2020-05-09 15:56:02 +00:00
markj
76a1b0534d rtwn: Add a new USB ID.
PR:		246315
Submitted by:	Idwer Vollering <vidwer+fbsdbugs@gmail.com>
MFC after:	1 week
2020-05-09 14:49:56 +00:00
trasz
29a76ce13b Add ARM loader path to uefi(8) man page.
MFC after:	2 weeks
Sponsored by:	DARPA
2020-05-09 14:19:29 +00:00
kib
890c9827a1 Document BUS_OOMERR.
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Differential revision:	https://reviews.freebsd.org/D24761
2020-05-09 12:58:27 +00:00
bcr
cdc7401798 Mention the existence of /etc/defaults/vendor.conf
for custom vendor-specific changes to FreeBSD's
default settings.

While here, fix a typo: perfomance -> performance

PR:		245404
Submitted by:	Jose Luis Duran
2020-05-09 10:22:00 +00:00
emaste
4a57a4fbcb src.conf.5: regen after BINUTILS changes 2020-05-08 15:03:28 +00:00
emaste
799d5a96d6 src.opts.mk: update BINUTILS options and add comments
BINUTILS is needed only for ports, and will be disabled once the failing
ports are addressed (likely by growing a binutils dependency).

BINUTILS_BOOTSTRAP is needed only on amd64, for skein_block_asm.s. There
is no need to enable it on i386.

This will all be removed before FreeBSD 13.0.
2020-05-08 14:54:40 +00:00
bapt
6e0fb5bded Update the screen termcap entries
Those updates have been obtained form converting the terminfo information
provided by the screen sources to termcap.

MFC after:	3 days
2020-05-07 12:43:28 +00:00
bapt
fbfa1deba9 Fix indentation of the Kitty entry
MFC after:	2 days
2020-05-07 08:58:08 +00:00
jhb
1b8a6e1428 Deprecate ubsec(4) for FreeBSD 13.0.
With the removal of in-tree consumers of DES, Triple DES, and
MD5-HMAC, the only algorithm this driver still supports is SHA1-HMAC.
This is not very useful as a standalone algorithm (IPsec AH-only with
SHA1 would be the only user).

This driver has also not been kept up to date with the original driver
in OpenBSD which supports a few more cards and AES-CBC on newer cards.
The newest card currently supported by this driver was released in
2005.

Reviewed by:	cem
MFC after:	1 week
Relnotes:	yes
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D24691
2020-05-06 22:15:09 +00:00
emaste
40c54dd7f2 src.conf.5: regen after objdump removal 2020-05-06 18:43:27 +00:00
emaste
9b4185423f src.opts.mk: with BINUTILS limited to as it is used on i386 and amd64 only 2020-05-06 18:40:52 +00:00
bcr
5dc47f5bc1 Fix broken links in the man page by pointing to a
source that works or is the new location on the
same page.

Submitted by:	    alfix86_gmail.com
Approved by:	    bcr
Differential Revision:	https://reviews.freebsd.org/D23769
2020-05-05 19:00:26 +00:00
jhb
d3e4e51223 Initial support for bhyve save and restore.
Save and restore (also known as suspend and resume) permits a snapshot
to be taken of a guest's state that can later be resumed.  In the
current implementation, bhyve(8) creates a UNIX domain socket that is
used by bhyvectl(8) to send a request to save a snapshot (and
optionally exit after the snapshot has been taken).  A snapshot
currently consists of two files: the first holds a copy of guest RAM,
and the second file holds other guest state such as vCPU register
values and device model state.

To resume a guest, bhyve(8) must be started with a matching pair of
command line arguments to instantiate the same set of device models as
well as a pointer to the saved snapshot.

While the current implementation is useful for several uses cases, it
has a few limitations.  The file format for saving the guest state is
tied to the ABI of internal bhyve structures and is not
self-describing (in that it does not communicate the set of device
models present in the system).  In addition, the state saved for some
device models closely matches the internal data structures which might
prove a challenge for compatibility of snapshot files across a range
of bhyve versions.  The file format also does not currently support
versioning of individual chunks of state.  As a result, the current
file format is not a fixed binary format and future revisions to save
and restore will break binary compatiblity of snapshot files.  The
goal is to move to a more flexible format that adds versioning,
etc. and at that point to commit to providing a reasonable level of
compatibility.  As a result, the current implementation is not enabled
by default.  It can be enabled via the WITH_BHYVE_SNAPSHOT=yes option
for userland builds, and the kernel option BHYVE_SHAPSHOT.

Submitted by:	Mihai Tiganus, Flavius Anton, Darius Mihai
Submitted by:	Elena Mihailescu, Mihai Carabas, Sergiu Weisz
Relnotes:	yes
Sponsored by:	University Politehnica of Bucharest
Sponsored by:	Matthew Grooms (student scholarships)
Sponsored by:	iXsystems
Differential Revision:	https://reviews.freebsd.org/D19495
2020-05-05 00:02:04 +00:00
bcr
03460ea5f7 Add references for the most important man7
pages worth reading to intro(7).

Submitted by:	Gordon Bergling gbergling_gmail.com
Approved by:	bcr
Differential Revision:	https://reviews.freebsd.org/D24649
2020-05-03 10:35:36 +00:00
bcr
04868d6a7b Fix various, mostly minor errors in man pages like:
- Abbreviated month name in .Dd
- position of HISTORY section
- alphabetical ordering within SEE ALSO section
- adding .Ed before .Sh DESCRIPTION
- remove trailing whitespaces
- Line break after a sentence stop
- Use BSD OS macros instead of hardcoded strings

No .Dd bumps as there was no actual content change made
in any of these pages.

Submitted by:	Gordon Bergling gbergling_gmail.com
Approved by:	bcr
Differential Revision:	https://reviews.freebsd.org/D24591
2020-05-03 10:15:58 +00:00
bcr
41909f7e47 Add HISTORY sections to build(7), crypto(7),
ffs(7), growfs(7), and diskless(8).

Submitted by:	Gordon Bergling gbergling_gmail.com
Approved by:	bcr
Differential Revision:	https://reviews.freebsd.org/D24271
2020-05-03 09:54:19 +00:00
glebius
4ad3c5beff Step 2.2:
o Shrink sglist(9) functions to work with multipage mbufs down from
  four functions to two.
o Don't use 'struct mbuf_ext_pgs *' as argument, use struct mbuf.
o Rename to something matching _epg.

Reviewed by:	gallatin
Differential Revision:	https://reviews.freebsd.org/D24598
2020-05-02 23:46:29 +00:00
bcr
5481ce066d Fix typo in r360492:
appeard -> appeared

Reported by:	trasz (via IRC)
2020-05-01 11:36:39 +00:00
bcr
479149a418 Fix a number of the following issues in man4:
- Inconsistencies in .Dd like abbreviated month names,
"th" after numbers, or leading zeros
- No line breaks after a sentence stop
- Whitespace at the end of the line
- Use macros for BSD OS names instead of hardcoded names
- CAVEATS instead of CAVEAT in section name

No actual content change in terms of additions were made, so
no bump of the .Dd for these man pages.
All of these issues were found and fixed by Gordon Bergling.

Submitted by:	    gbergling_gmail.com
Approved by:	    bcr
Differential Revision:	https://reviews.freebsd.org/D24648
2020-05-01 10:02:38 +00:00
jhb
4ca3575516 Remove the SYMVER build option.
This option was added as a transition aide when symbol versioning was
first added.  It was enabled by default in 2007 and is supported even
by the old GPLv2 binutils.  Trying to disable it currently fails to
build in libc and at this point it isn't worth fixing the build.

Reported by:	Michael Dexter
Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D24637
2020-04-30 22:08:40 +00:00
emaste
9237ebefb7 src.conf.5: regen after WITHOUT_OPENSSL dep changes 2020-04-30 21:08:22 +00:00
emaste
6bb681fd6b src.opts.mk: add WITHOUT_OPENSSL dependencies
A number of components require OpenSSL and fail to build if it is not
enabled.  As a first phase force these off under WITHOUT_OPENSSL.  A
second phase should make these more fine-grained, allowing the component
to build but without OpenSSL.

PR:		245931
Sponsored by:	The FreeBSD Foundation
2020-04-30 18:11:56 +00:00
bcr
feff9a6fbe Add a new manual page for unionfs(5), written by
Gordon Bergling. Hook it up to the build by adding
it to the Makefile.

Submitted by:	    gbergling_gmail.com
Approved by:	    bcr
Differential Revision:	https://reviews.freebsd.org/D24589
2020-04-30 12:02:13 +00:00
bcr
25c7793ea8 Add HISTORY sections to disk(9), driver(9), and
epoch(9).

In one instance, remove a trailing whitespace while here.

Submitted by:	gbergling_gmail.com
Approved by:	bcr
Differential Revision:	https://reviews.freebsd.org/D24243
2020-04-30 11:17:29 +00:00
emaste
cb7cc22b5a src.conf.5: regen after 359736, ZONEINFO_OLD_TIMEZONES_SUPPORT removal 2020-04-30 00:14:14 +00:00
bcr
d6b050e1d0 Add HISTORY section to domain(9).
Submitted by:	gbergling_gmail.com
Approved by:	bcr
Differential Revision:	https://reviews.freebsd.org/D24150
2020-04-29 11:46:01 +00:00
bcr
794bbc6a21 When copying and pasting the code in the EXAMPLE
section, it would result in the following error:

"ngctl: send msg: Invalid argument"

The reason for this is the missing whitespace to
separate the arguments. When adding the whitespace,
the example works as intended.

Submitted by:	    lutz_donnerhacke.de
Approved by:	    bcr
Differential Revision:	https://reviews.freebsd.org/D23773
2020-04-29 11:25:04 +00:00
jhb
d223bc14de Initial support for kernel offload of TLS receive.
- Add a new TCP_RXTLS_ENABLE socket option to set the encryption and
  authentication algorithms and keys as well as the initial sequence
  number.

- When reading from a socket using KTLS receive, applications must use
  recvmsg().  Each successful call to recvmsg() will return a single
  TLS record.  A new TCP control message, TLS_GET_RECORD, will contain
  the TLS record header of the decrypted record.  The regular message
  buffer passed to recvmsg() will receive the decrypted payload.  This
  is similar to the interface used by Linux's KTLS RX except that
  Linux does not return the full TLS header in the control message.

- Add plumbing to the TOE KTLS interface to request either transmit
  or receive KTLS sessions.

- When a socket is using receive KTLS, redirect reads from
  soreceive_stream() into soreceive_generic().

- Note that this interface is currently only defined for TLS 1.1 and
  1.2, though I believe we will be able to reuse the same interface
  and structures for 1.3.
2020-04-27 23:17:19 +00:00
brueffer
a2801506b7 Correct efi(8) reference.
Submitted by:	Gordon Bergling
Differential Revision:	https://reviews.freebsd.org/D24441
2020-04-22 07:47:04 +00:00
lwhsu
a5dfa08c05 Also update est(4) as r360162 and r360164
MFC after:	3 days
2020-04-21 17:17:32 +00:00
lwhsu
ae016a6427 Update .Dd 2020-04-21 17:14:08 +00:00
lwhsu
d1f3032281 hwpstate_intel(4): small text tweaks
The sysctl output looks like this:

dev.hwpstate_intel.0.epp: 50
dev.hwpstate_intel.0.%parent: cpu0
dev.hwpstate_intel.0.%pnpinfo:
dev.hwpstate_intel.0.%location:
dev.hwpstate_intel.0.%driver: hwpstate_intel
dev.hwpstate_intel.0.%desc: Intel Speed Shift

but all the '%' got escaped in the manual page, un-escape them.

While here:
- Move the example of dev.hwpstate_intel.%d.%parent after the description to
  align with others.
- Capitalize "CPU" (*)

Submitted by:	danfe (*)
Reviewed by:	cem
Differential Revision:	https://reviews.freebsd.org/D24520
2020-04-21 17:07:02 +00:00
jhb
5ddc1a3518 Retire the CRYPTO_F_IV_GENERATE flag.
The sole in-tree user of this flag has been retired, so remove this
complexity from all drivers.  While here, add a helper routine drivers
can use to read the current request's IV into a local buffer.  Use
this routine to replace duplicated code in nearly all drivers.

Reviewed by:	cem
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D24450
2020-04-20 22:24:49 +00:00
cy
f1b9289580 Due to popular demand, revert r360102.
Reported by:	many
2020-04-19 21:38:03 +00:00
cy
12a393433f Conditionally install Kerberos rc files based on MK_KERBEROS_SCRIPTS
instead of MK_KERBEROS. The reason for this change is some users
prefer to build FreeBSD WITHOUT_KERBEROS, wanting to retain the
Kerberos rc scripts to start/stop MIT Kerberos or Heimdal from ports.

PR:		197337
Reported by:	Adam McDougall <ebay at looksharp.net>
Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D24252
2020-04-19 17:01:21 +00:00
asomers
f99f5d8582 libauditd: make it a PRIVATELIB
According to the upstream man page (which we don't install), none of
libauditd's symbols are intended to be public. Also, I can't find any
evidence for a port that uses libauditd. Therefore, we should treat it like
other such libraries and use PRIVATELIB.

Reported by:	phk
Reviewed by:	cem, emaste
MFC after:	2 weeks
2020-04-19 02:20:39 +00:00
asomers
b858a78f2f bectl.8, beinstall.sh.8: fix man page section of beinstall.sh
Reported by:	phk
MFC after:	2 weeks
2020-04-18 19:53:47 +00:00
imp
55d544ab04 Add deprecation notice to amr(4) 2020-04-18 02:53:19 +00:00
imp
bd58fb68eb twa(4) deprecation notice 2020-04-18 02:53:14 +00:00
imp
1ca9ddeaa3 Deprecation notice for iir 2020-04-18 02:53:09 +00:00
imp
c019b3f714 Add deprecation notice to mly 2020-04-18 02:53:04 +00:00
imp
a7cfd0bd3b Add deprecation notice for esp(4). 2020-04-18 02:52:59 +00:00
jhb
e0e77fd988 Document TCP_TLS_MODE_TOE. 2020-04-16 17:41:32 +00:00
rscheff
543b449bcd Reduce default TCP delayed ACK timeout to 40ms.
Reviewed by:	kbowling, tuexen
Approved by:	tuexen (mentor)
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Differential Revision:	https://reviews.freebsd.org/D23281
2020-04-16 15:59:23 +00:00
cem
0a2e1bb12f bus_dma.9: Remove erroneous usage recommendation
It is not valid to pass BUS_SPACE_UNRESTRICTED to bus_dma_tag_create()'s
nsegments parameter as it is interpreted as a very large segment count.
Subsequent allocation operations on the tag will preallocate some multiple of
that count.  BUS_SPACE_UNRESTRICTED therefore indicates something like:
malloc(infinity).

Discussed with:	bcr, jhb (earlier version)
2020-04-15 01:39:17 +00:00
kevans
a0b266c31c userland build: replace -fno-common with ${CFCOMMONFLAG}
This change allows any downstream or otherwise consumer to easily override
the new -fno-common default on a temporary basis without having to hack into
src.sys.mk, and also makes it a bit easier to search for these specific
cases where -fno-common must be overridden with -fcommon or else the build
will fail.

The gdb build, the only program requiring -fcommon on head/, is switched
over as an example usage. It will need it on all branches, so this does not
harm future mergability.

MFC after:	3 days
2020-04-10 14:01:07 +00:00
tagattie
77c186ea86 Add myself (tagattie) as ports committer
Approved by:	ehaupt (mentor)
2020-04-10 07:44:02 +00:00
rscheff
ce074ebd13 add myself (rscheff) as a src committer.
Reviewed by:	rgrimes (mentor), tuexen (mentor)
Approved by:	rgrimes (mentor), tuexen (mentor)
MFC after:	3 days
Sponsored by:	NetApp, Inc.
Differential Revision:	https://reviews.freebsd.org/D24318
2020-04-10 00:31:52 +00:00