Commit Graph

240871 Commits

Author SHA1 Message Date
Conrad Meyer
ba57dad4b0 stack_protector: Add tunable to bypass random cookies
This is a stopgap measure to unbreak installer/VM/embedded boot issues
introduced (or at least exposed by) in r346250.

Add the new tunable, "security.stack_protect.permit_nonrandom_cookies," in
order to continue boot with insecure non-random stack cookies if the random
device is unavailable.

For now, enable it by default.  This is NOT safe.  It will be disabled by
default in a future revision.

There is follow-on work planned to use fast random sources (e.g., RDRAND on
x86 and DARN on Power) to seed when the early entropy file cannot be
provided, for whatever reason.  Please see D19928.

Some better hacks may be used to make the non-random __stack_chk_guard
slightly less predictable (from delphij@ and mjg@); those suggestions are
left for a future revision.  I think it may also be plausible to move stack
guard initialization far later in the boot process; potentially it could be
moved all the way to just before userspace is started.

Reported by:	many
Reviewed by:	delphij, emaste, imp (all w/ caveat: this is a stopgap fix)
Security:	yes
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D19927
2019-04-16 18:47:20 +00:00
Conrad Meyer
f3d2512db6 random(4): Add is_random_seeded(9) KPI
The imagined use is for early boot consumers of random to be able to make
decisions based on whether random is available yet or not.  One such
consumer seems to be __stack_chk_init(), which runs immediately after random
is initialized.  A follow-up patch will attempt to address that.

Reported by:	many
Reviewed by:	delphij (except man page)
Approved by:	secteam(delphij)
Differential Revision:	https://reviews.freebsd.org/D19926
2019-04-16 17:12:17 +00:00
Andrew Gallatin
2866548c8a Replace cosqos with numa_domain in mbuf pkthdr
The cosqos field was added nearly 6 years ago in r254804, and it is
still unused by any in-tree consumers.  I have a patchset that I'm
working on which aligns many network resources by NUMA domain,
including inps, inpcb lb group, tcp pacing, lagg output link
selection, backing pages for sendfile, and more.  It reduces
cross-domain traffic by roughly 50% for a real web workload.

This patchset relies on being able to store the numa domain in the
mbuf, and grabbing the unused cosqos field for this purpose is the
first step in starting to usptream it.

Reviewed by:	kib, markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D19862
2019-04-16 16:49:34 +00:00
Bruce Evans
c0643d9011 Sigh, r346279 was also a test version with the reduced size doubled (so
it was actually double the full size in current kernels where the reduction
is null, so overran the mmapped() buffer).
2019-04-16 15:52:04 +00:00
Bruce Evans
6ec0606616 Oops, r346278 committed a test version with the change annulled. 2019-04-16 15:41:45 +00:00
Bruce Evans
63df3a344e Quick fix for slow clearing and context switches of large frame buffers
with old kernels, by breaking the support for large frame buffers in the
same way as for current kernels.

Large frame buffers may be too large to map into kva, and the kernel
(syscons) only uses the first screen page anyway, so r203535, r205557
and 248799 limit the buffer size in VESA modes to the first screen
page, apparently without noticing that this breaks applications by
using the same limit for user mappings as for kernel mappings.  In
vgl, this makes the virtual screen the same as the physical screen.

However, this is almost a feature since clearing and switching large
(usually mostly unused) frame buffers takes too long.  E.g., on a 16
year old low-end AGP card it takes about 12 seconds to clear the 128MB
frame buffer in old kernels that map it all and also map it with slow
attributes (e.g., uncacheable).  Older PCI cards are even slower, but
usually have less memory.  Newer PCIe cards are faster, but may have
many GB of memory.  Also, vgl malloc()s a shadow buffer with the same
size as the frame buffer, so large frame buffers are even more wasteful
in applications than in the kernel.

Use the same limit in vgl as in newer kernels.

Virtual screens and panning still work in non-VESA modes that have
more than 1 page.  The reduced buffer size in the kernel also breaks
mmap() of the last physical page in modes where the reduced size is
not a multiple of the physical page size.  The same reduction in vgl
only reduces the virtual screen size.
2019-04-16 15:31:23 +00:00
Bruce Evans
9db56319d1 Fix a variable name in r346215. Clearing of the right of the screen was
broken, except it worked accidentally in most cases where the virtual
screen is larger than the physical screen.
2019-04-16 14:28:33 +00:00
Glen Barber
0135283d1b Remove INDEX-10 reference, as 10.x is now EoL.
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2019-04-16 14:07:14 +00:00
Tom Jones
76fe80844b Update and clarify pflog man page
The pflog0 interface is created when the module is loaded, this can
be triggered by pf and pflogd being enabled or by kldloading the module.

By default the interface would be pflog0, add the ifconfig stage of the
example to make this example clearer.

Reviewed by:	kp, bz, bcr, jtl, 0mp
Approved by:	jtl (mentor), bz (mentor)
Differential Revision:	https://reviews.freebsd.org/D19861
2019-04-16 13:31:16 +00:00
Ed Maste
e8ee7d9035 correct readlinkat(2) return type
r176215 corrected readlink(2)'s return type and the type of the last
argument.  readlink(2) was introduced in r177788 after being developed
as part of Google Summer of Code 2007; it appears to have inherited the
wrong return type.

Man pages and header files were already ssize_t; update syscalls.master
to match.

PR:		197915
Submitted by:	Henning Petersen <henning.petersen@t-online.de>
MFC after:	2 weeks
2019-04-16 13:26:31 +00:00
Emmanuel Vadot
54612fd52b aw_syscon: Add a new compatible
Since 5.0 DTS the syscon controller have a new compatible as it
exports new subnodes, we currently only use it as a syscon provider
so just add the new compatible.

Tested On:  H3
MFC after:	1 month
2019-04-16 12:40:49 +00:00
Emmanuel Vadot
5f50cbd3de aw_rtc: Register the clocks
Since latest DTS update the rtc is supposed to register two clocks :

- osc32k (the 32k oscillator on the board that the RTC uses directly and
that other peripheral can use)
- iosc (the internal oscillator of the RTC when available which frequency
depend on the SoC revision)

Since we need the RTC before the proper clock control unit (because it uses
those clocks) attach it a BUS_PASS_BUS + MIDDLE and attach the clock control
unit at BUS_PASS_BUS + LAST for the SoC that requires it.

Tested On:	     A20, H3, A64

MFC after:	1 month
2019-04-16 12:39:31 +00:00
Edward Tomasz Napierala
b9d89f5e2f Drop -g from CFLAGS for zfsd(8). No idea why it was ever there.
Reviewed by:	kib, ngie, asomers
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D19915
2019-04-16 12:25:15 +00:00
Fedor Uporov
84b89556b4 ext2fs: Initial version of DTrace support.
Commit forgotten file.

Reviewed by:    pfg, gnn
MFC after:      1 week

Differential Revision:    https://reviews.freebsd.org/D19848
2019-04-16 11:37:15 +00:00
Fedor Uporov
ebc94b66fe ext2fs: Initial version of DTrace support.
Reviewed by:    pfg, gnn
MFC after:      1 week

Differential Revision:    https://reviews.freebsd.org/D19848
2019-04-16 11:20:10 +00:00
Peter Jeremy
90dd0cc0b9 Specify correct Ethernet phy for RPI-B
Correct a typo in the RPI-B ethernet config - the RPi-B includes a
SMC LAN9512 USB bridge and Ethernet 10/100 NIC/phy.  The phy part of
this is supported by smscphy.

Tested On: RPi1 Model B

Approved by:	grog, jhb (mentors)
MFC after:	3 days
2019-04-16 09:44:46 +00:00
Peter Jeremy
e446dd5d7d Fix cpufreq(4) on RPI-B
Since r324184 the root node compatible for the original Raspberry Pi
is "brcm,bcm2835", add it to the compatible list of bcm2835_cpufreq.

Tested On: RPi1 Model B

Note that the default Das U-Boot FDT does not include a cpus clause
so actually adding a bcm2835_cpufreq device requires adding a FDT
overlay defining the cpu.

Approved by:	grog, jhb (mentors)
MFC after:	3 days
2019-04-16 09:42:42 +00:00
Cy Schubert
dcb916f4f4 Document when I received my commit bits. 2019-04-16 05:11:39 +00:00
Mariusz Zaborski
42668853c0 tcpdump: disable Capsicum if -E option is provided.
The -E is used to provide a secret for decrypting IPsec.
The secret may be provided through command line or as the file.
The problem is that tcpdump doesn't support yet opening files in capability mode
and the file may contain a list of the files to open.

As a workaround, for now, let's just disable capsicum if the -E
the option is provided.

PR:		236819
MFC after:	2 weeks
2019-04-16 04:12:41 +00:00
Marcin Wojtas
f39ec261ad Improve tpm20 style
No functional changes to the code are applied.

Submitted by: Kornel Duleba <mindal@semihalf.com>
Obtained from: Semihalf
Sponsored by: Stormshield
2019-04-16 02:46:21 +00:00
Marcin Wojtas
d68a65eabf tpm: Prevent session hijack
Check caller thread id before allowing to read the buffer
to make sure that it can only be accessed by the thread that
did the associated write to the TPM.

Submitted by: Kornel Duleba <mindal@semihalf.com>
Reviewed by: delphij
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D19713
2019-04-16 02:28:35 +00:00
Bryan Drewery
814f2cd84c Fix 'jot -r 0 start end' to work.
This allows an endless stream of random data within the given bounds.
It already worked if a seed was provided as the 4th argument but not
if one was left out.

In collaboration with:	jhb
MFC after:		2 weeks
Relnotes:		yes
2019-04-16 00:41:22 +00:00
Kyle Evans
aebda5bf06 config(8): replace opteq with a call to strcasecmp
This obscures the comparison slightly less; when option name appear in
files, they are case-insensitive.

MFC after:	1 week
2019-04-15 21:20:06 +00:00
Piotr Kubaj
dbd34bda9c Add myself to committer list.
Approved by:	tcberner (mentor)
2019-04-15 19:21:45 +00:00
Kyle Evans
12455a9e31 cron(8): Add MAILFROM ability for crontabs
This changes the sender mail address in a similar fashion to how MAILTO may
change the recipient. The default from address remains unchanged.

MFC after:	1 week
2019-04-15 18:53:28 +00:00
Conrad Meyer
1631235aa6 random.3: Clarify confusing summary
random.3 is only "better" in contrast to rand.3.  Both are non-cryptographic
pseudo-random number generators.  The opening blurbs of each's DESCRIPTION
section does emphasize this, and correctly directs unfamiliar developers to
arc4random(3).  However, the summary (".Nd" or Name description) of random.3
conflicted in tone and message with that warning.

Resolve the conflict by clarifying in the Nd section that random(3) is
non-cryptographic and pseudo-random.  Elide the "better" qualifier which
implied a comparison but did not provide a specific object to contrast.

Sponsored by:	Dell EMC Isilon
2019-04-15 18:49:04 +00:00
Conrad Meyer
13774e8228 random(4): Block read_random(9) on initial seeding
read_random() is/was used, mostly without error checking, in a lot of
very sensitive places in the kernel -- including seeding the widely used
arc4random(9).

Most uses, especially arc4random(9), should block until the device is seeded
rather than proceeding with a bogus or empty seed.  I did not spy any
obvious kernel consumers where blocking would be inappropriate (in the
sense that lack of entropy would be ok -- I did not investigate locking
angle thoroughly).  In many instances, arc4random_buf(9) or that family
of APIs would be more appropriate anyway; that work was done in r345865.

A minor cleanup was made to the implementation of the READ_RANDOM function:
instead of using a variable-length array on the stack to temporarily store
all full random blocks sufficient to satisfy the requested 'len', only store
a single block on the stack.  This has some benefit in terms of reducing
stack usage, reducing memcpy overhead and reducing devrandom output leakage
via the stack.  Additionally, the stack block is now safely zeroed if it was
used.

One caveat of this change is that the kern.arandom sysctl no longer returns
zero bytes immediately if the random device is not seeded.  This means that
FreeBSD-specific userspace applications which attempted to handle an
unseeded random device may be broken by this change.  If such behavior is
needed, it can be replaced by the more portable getrandom(2) GRND_NONBLOCK
option.

On any typical FreeBSD system, entropy is persisted on read/write media and
used to seed the random device very early in boot, and blocking is never a
problem.

This change primarily impacts the behavior of /dev/random on embedded
systems with read-only media that do not configure "nodevice random".  We
toggle the default from 'charge on blindly with no entropy' to 'block
indefinitely.'  This default is safer, but may cause frustration.  Embedded
system designers using FreeBSD have several options.  The most obvious is to
plan to have a small writable NVRAM or NAND to persist entropy, like larger
systems.  Early entropy can be fed from any loader, or by writing directly
to /dev/random during boot.  Some embedded SoCs now provide a fast hardware
entropy source; this would also work for quickly seeding Fortuna.  A 3rd
option would be creating an embedded-specific, more simplistic random
module, like that designed by DJB in [1] (this design still requires a small
rewritable media for forward secrecy).  Finally, the least preferred option
might be "nodevice random", although I plan to remove this in a subsequent
revision.

To help developers emulate the behavior of these embedded systems on
ordinary workstations, the tunable kern.random.block_seeded_status was
added.  When set to 1, it blocks the random device.

I attempted to document this change in random.4 and random.9 and ran into a
bunch of out-of-date or irrelevant or inaccurate content and ended up
rototilling those documents more than I intended to.  Sorry.  I think
they're in a better state now.

PR:		230875
Reviewed by:	delphij, markm (earlier version)
Approved by:	secteam(delphij), devrandom(markm)
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D19744
2019-04-15 18:40:36 +00:00
Hans Petter Selasky
16fba2f38a Remove superfluous USB keyword.
Discussed with:		danfe@
MFC after:		1 week
Sponsored by:		Mellanox Technologies
2019-04-15 17:32:38 +00:00
Andrew Gallatin
538ff57b75 mlx5en: Enable new pfil(9) KPI ethernet filtering hooks
This allows efficient filtering at packet ingress on mlx5en.

Note that the packets are filtered (and potentially dropped) *before*
the driver has committed to (re)allocating an mbuf for the
packet. Dropped packets are treated essentially the same as an
error. Nothing is allocated, and the existing buffer is recycled. This
allows us to drop malicious packets at close to line rate with very
little CPU use.

Reviewed by:	hselasky, slavash, kib
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D19063
2019-04-15 17:14:50 +00:00
Hans Petter Selasky
1175aabdef Fix spelling.
Submitted by:		Dmitry Luhtionov <dmitryluhtionov@gmail.com>
MFC after:		1 week
Sponsored by:		Mellanox Technologies
2019-04-15 14:32:19 +00:00
Ed Maste
f89f4898a3 Add quirk for ignoring SPCR AccessWidth values on the PL011 UART
The SPCR table on the Lenovo HR330A Ampere eMAG server indicates 8-bit
access, but 32-bit access is required for the PL011 to work.

PL011 on SBSA platforms always supports 32-bit access (and that was
hardcoded here before my EC2 fix), let's use 32-bit access for PL011
and 32BIT interface types.

Tested by emaste on Ampere eMAG and Cavium/Marvell ThunderX2.

Submitted by:	Greg V <greg@unrelenting.technology>
Reviewed by:	andrew, imp (earlier)
Differential Revision:	https://reviews.freebsd.org/D19507
2019-04-15 13:41:53 +00:00
Konstantin Belousov
760e34772c Fix order of destructors between main binary and libraries.
Since inits for the main binary are run from rtld (for some time), the
rtld_exit atexit(3) handler, which is passed from rtld to the program
entry and installed by csu, is installed after any atexit(3) handlers
installed by main binary constructors.  This means that rtld_exit() is
fired before main binary handlers.

Typical C++ static constructors are executed from init (either binary
or libs) but use atexit(3) to ensure that destructors are called in
the right order, independent of the linking order.  Also, C++
libraries finalizers call __cxa_finalize(3) to flush library'
atexit(3) entries.  Since atexit(3) entry is cleared after being run,
this would be mostly innocent, except that, atexit(rtld_exit) done
after main binary constructors, makes destructors from libraries
executed before destructors for main.

Fix by reordering atexit(rtld_exit) before inits for main binary, same
as it happened when inits were called by csu.  Do it using new private
libc symbol with pre-defined ABI.

Reported. tested, and reviewed by:	kan
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-04-15 13:03:09 +00:00
Xin LI
dad02d7d08 Don't cast result from malloc().
MFC after:	2 weeks
2019-04-15 06:33:05 +00:00
Mariusz Zaborski
908d1eef0b libnv: extend the tests
Add cases for sending file descriptors.

Submitted by:	Mindaugas Rasiukevicius <rmind@noxt.eu>
MFC after:	2 weeks
2019-04-15 03:32:01 +00:00
Mariusz Zaborski
3810ba1b33 libnv: add support for nvlist_send()/nvlist_recv() on Linux
This may be useful for cross build in the feature.

Submitted by:	Mindaugas Rasiukevicius <rmind@noxt.eu>
MFC after:	2 weeks
2019-04-15 03:31:02 +00:00
Rick Macklem
eeb1f3ed51 Fix the NFSv4 client to safely find processes.
r340744 broke the NFSv4 client, because it replaced pfind_locked() with a
call to pfind(), since pfind() acquires the sx lock for the pid hash and
the NFSv4 already holds a mutex when it does the call.
The patch fixes the problem by recreating a pfind_any_locked() and adding the
functions pidhash_slockall() and pidhash_sunlockall to acquire/release
all of the pid hash locks.
These functions are then used by the NFSv4 client instead of acquiring
the allproc_lock and calling pfind().

Reviewed by:	kib, mjg
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D19887
2019-04-15 01:27:15 +00:00
Konstantin Belousov
e3e21edb19 ld-elf.so: make LD_DEBUG always functional.
This causes some increase of the dynamic linker size, but benefits of
avoiding compiling private copy or the linker when debugging is
required. definitely worth it.

The dbg() calls can be compiled out by defining LD_NO_DEBUG symbol.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-04-14 18:04:53 +00:00
Bruce Evans
5cf92d7aed For writing and reading single pixels, avoid some pessimizations for
depths > 8.  Add some smaller optimizations for these depths.  Use a
more generic method for all depths >= 8, although this gives tiny
pessimizations for these depths.

For clearing the whole frame buffer, avoid the same pessimizations
for depths > 8.  Add some larger optimizations for these depths.  Use
an even more generic method for all depths >= 8 to give the optimizations
for depths > 8 and a tiny pessimization for depth 8.

The main pessimization was that old versions of bcopy() copy 1 byte at a
time for all trailing bytes.  (i386 still does this.  amd64 now pessimizzes
large sizes instead of small ones if the CPU supports ERMS.  dev/fb gets
this wrong by mostly not using the bcopy() family or the technically correct
bus space functions but by mostly copying 2 bytes at a time using an
unoptimized loop without even volatile declarations to prevent the compiler
rewriting it.)

The sizes here are 1, 2, 3 or 4 bytes, so depths 9-16 were up to twice as
slow as necessary and depths 17-24 were up to 3 times slower than necessary.
Fix this (except depths 17-24 are still up to 2 times slower than necessary)
by using (builtin) memcpy() instead of bcopy() and reorganizing so that the
complier can see the small constant sizes.  Reduce special cases while
reorganizing although this is slightly slower than adding special cases.
The compiler inlining (and even -O2 vs -O0) makes little difference compared
with reducing the number of accesses except on modern hardware it gives a
small improvement.

Clearing was also pessimized mainly by the extra accesses.  Fix it quite
differently by creating a MEMBUF containing 1 line (in fast memory using
a slow method) and copying this.  This is only slightly slower than reducing
everything to efficient memset()s and bcopy()s, but simpler, especially
for the segmented case.  This works for planar modes too, but don't use it
then since the old method was actually optimal for planar modes (it works
by moving the slow i/o instructions out of inner loops), while for direct
modes the slow instructions were all in the invisible inner loop in bcopy().

Use htole32() and le32toh() and some type puns instead of unoptimized
functions for converting colors.  This optimization is mostly in the noise.
libvgl is only supported on x86, so it could hard-code the assumption that
the byte order is le32, but the old conversion functions didn't hard-code
this.
2019-04-14 13:37:50 +00:00
Michael Tuexen
e6481fd4c4 When sending a routing message, don't allow the user to set the
RTF_RNH_LOCKED flag in rtm_flags, since this flag is used only
internally.

Reported by:		syzbot+65c676f5248a13753ea0@syzkaller.appspotmail.com
Reviewed by:		ae@
MFC after:		1 week
Differential Revision:	https://reviews.freebsd.org/D19898
2019-04-14 10:18:14 +00:00
Enji Cooper
b3d01a2ad7 Fix warnings with lib/libpmc
* Use `MIN` instead of similar hand rolled macro.
* Sort headers.
* Use `errno.h` instead of `sys/errno.h`.
* Wrap the argument to sizeof in parentheses for clarity.
* Remove `__BSD_VISIBLE` and `_XOPEN_SOURCE` #defines to mute warnings about
  incompatible snprintf definitions.

This fixes a number of warnings I've been seeing lately in my builds.

Sort makefile variables per style.Makefile(9) (`CFLAGS`/`CWARNFLAG.gcc`) and
bump `WARNS` to 3.

MFC after:	2 weeks
Reviewed by:	jtl
Approved by:	jtl (mentor)
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D19851
2019-04-14 00:06:49 +00:00
Chuck Tuffli
f0dfbcccf4 Revert r345171 pending review
Backing out commit pending further discussion on the PCIe version
supported by pseudo (i.e. emulated) devices. See Differential for
details.

Reviewed by:	imp
Approved by:	imp (mentor)
Differential Revision:	https://reviews.freebsd.org/D19580
2019-04-13 23:37:27 +00:00
Rick Macklem
a16e0d4468 Fix printing of the line that starts with "LocalOpen...".
When "nfsstat -E -c" was done, the title line starting with "LocalOpen..."
was not being displayed. This was introduced by r328588.

MFC after:	2 weeks
2019-04-13 23:26:02 +00:00
Rick Macklem
ed2f100170 Add support for INET6 addresses to the kernel code that dumps open/lock state.
PR#223036 reported that INET6 callback addresses were not printed by
nfsdumpstate(8). This kernel patch adds INET6 addresses to the dump structure,
so that nfsdumpstate(8) can print them out, post-r346190.
The patch also includes the addition of #ifdef INET, INET6 as requested
by bz@.

PR:		223036
Reviewed by:	bz, rgrimes
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D19839
2019-04-13 22:00:09 +00:00
Rick Macklem
11f0e011c8 Fix nfsdumpstate(8) so that it can print out INET6 callback addresses.
The patch adds support for printing of INET6 callback addresses.
It also adds the #ifdef INET, INET6 as requested by bz@.

PR:		223036
Reviewed by:	bz, rgrimes
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D19839
2019-04-13 21:45:45 +00:00
Conrad Meyer
8fb93ac95d hexdump(1): Exit gracefully on format strings missing conversion
PR:		237263
Submitted by:	Bojan Petrovic <bojan_petrovic AT fastmail.fm>
2019-04-13 16:51:48 +00:00
Alan Somers
084e97b866 fusefs: add a fusefs(5) man page
PR:		233393
Reported by:	tech-lists@zyxst.net
Reviewed by:	cem
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D19651
2019-04-13 13:59:01 +00:00
Kirk McKusick
d483391306 Followup to -r344552 in which fsck_ffs checks for a size past the
last allocated block of the file and if that is found, shortens the
file to reference the last allocated block thus avoiding having it
reference a hole at its end.

This update corrects an error where fsck_ffs miscalculated the last
logical block of the file when the file contained a large hole.

Reported by:  Jamie Landeg-Jones
Tested by:    Peter Holm
MFC after:    2 weeks
Sponsored by: Netflix
2019-04-13 13:31:06 +00:00
Vincenzo Maffione
4f6858e8a9 netmap: add test cases for multiple host rings
Extend the netmap unit tests with new test cases for the multiple-host-rings
feature introduced by r345269.

MFC after:	1 week
2019-04-13 12:50:47 +00:00
Michael Tuexen
20a6a3a7a7 When sending IPv4 packets on a SOCK_RAW socket using the IP_HDRINCL option,
ensure that the ip_hl field is valid. Furthermore, ensure that the complete
IPv4 header is contained in the first mbuf. Finally, move the length checks
before relying on them when accessing fields of the IPv4 header.
Reported by:		jtl@
Reviewed by:		jtl@
MFC after:		1 week
Differential Revision:	https://reviews.freebsd.org/D19181
2019-04-13 10:47:47 +00:00
Warner Losh
f7ab01581a Move mpr/mps drivers from per-arch NOTES files into the MI notes
file. They are in more arches they they aren't. Add appropriate
nodevice directives in powerpc and arm.
2019-04-13 06:30:45 +00:00