Split it into two modules: if_gre(4) for GRE encapsulation and
if_me(4) for minimal encapsulation within IP.
gre(4) changes:
* convert to if_transmit;
* rework locking: protect access to softc with rmlock,
protect from concurrent ioctls with sx lock;
* correct interface accounting for outgoing datagramms (count only payload size);
* implement generic support for using IPv6 as delivery header;
* make implementation conform to the RFC 2784 and partially to RFC 2890;
* add support for GRE checksums - calculate for outgoing datagramms and check
for inconming datagramms;
* add support for sending sequence number in GRE header;
* remove support of cached routes. This fixes problem, when gre(4) doesn't
work at system startup. But this also removes support for having tunnels with
the same addresses for inner and outer header.
* deprecate support for various GREXXX ioctls, that doesn't used in FreeBSD.
Use our standard ioctls for tunnels.
me(4):
* implementation conform to RFC 2004;
* use if_transmit;
* use the same locking model as gre(4);
PR: 164475
Differential Revision: D1023
No objections from: net@
Relnotes: yes
Sponsored by: Yandex LLC
Otherwise there's nothing for ctfconvert to do, and it ends up emitting an
error for each object file. Also remove some redundant checks from
bsd.prog.mk and bsd.lib.mk.
Differential Revision: https://reviews.freebsd.org/D1111
Reviewed by: imp
a kludge. However, it also effectively works around the issues for
high -j builds on systems that do not have the rm fixes.
A better fix would be to rmdir here, and fix the places where we're
sloppy and not list all the files we create in CLEANFILES, should
anybody have the time to chase them all to ground.
generating files from various sources instead of calling cat ${.ALLSRC} | sed
The perl case was skipped because it's not being used in the tree at this time
contrib/netbsd-tests
This Makefile snippet handles polluting testcases with -lnetbsd, specific
headers for ATF version differences, and does necessary rewriting for the
testcases to match the format discussed on the TestSuite wiki page
(t_<foo> -> <foo>_test)
One must define SRCTOP (inspired by projects/bmake), OBJTOP, and TESTSRC
(e.g. contrib/netbsd-tests/lib/libc/gen) to use the Makefile snippet
Test programs are specific either via NETBSD_ATF_TESTS_C or NETBSD_ATF_TESTS_SH
C++ analogs aren't currently implemented.
The imported testcases will be cleaned up to use this Makefile snippet pseudo
"API".
Those tunables are used to set a specific mode in vt(4) instead of using
the default mode.
Differential Revision: https://reviews.freebsd.org/D1098
Reviewed by: ak@, emaste@, kwm@
MFC after: 1 week
pjdfstest execution is opt-in and must be done as root due to some of the
assumptions made by the test suite and lack of error checking in the non-root
case
A description of how to execute pjdfstest with kyua is provided in
share/pjdfstest/README
Phabric: D824 (an earlier prototype patch)
MFC after: 1 month
Relnotes: yes
Sponsored by: EMC / Isilon Storage Division
whether the shared request for already shared-locked lock could be
granted. Both problems result in the exclusive locker starvation.
The concurrent exclusive request is indicated by either
LK_EXCLUSIVE_WAITERS or LK_EXCLUSIVE_SPINNERS flags. The reverse
condition, i.e. no exclusive waiters, must check that both flags are
cleared.
Add a flag LK_NODDLKTREAT for shared lock request to indicate that
current thread guarantees that it does not own the lock in shared
mode. This turns back the exclusive lock starvation avoidance code;
see man page update for detailed description.
Use LK_NODDLKTREAT when doing lookup(9).
Reported and tested by: pho
No objections from: attilio
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
of fuword(9) and suword(9). This makes the functions type-compatible
with volatile objects and does not require devolatile force, e.g. in
kern_umtx.c.
Requested by: bde
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
MFC after: 3 weeks
bsd.progs.mk generates a separate depend file for every program being
built, but then it does not properly tell each submake to use those
individual files. Properly propagate the depend file to use.
Discovered while preparing the update of atf to 0.21 and noticing that
the test programs were not being relinked to the new library.
This change is "make tinderbox" clean.
This code has had an extensive rewrite and a good series of reviews, both by the author and other parties. This means a lot of code has been simplified. Pluggable structures for high-rate entropy generators are available, and it is most definitely not the case that /dev/random can be driven by only a hardware souce any more. This has been designed out of the device. Hardware sources are stirred into the CSPRNG (Yarrow, Fortuna) like any other entropy source. Pluggable modules may be written by third parties for additional sources.
The harvesting structures and consequently the locking have been simplified. Entropy harvesting is done in a more general way (the documentation for this will follow). There is some GREAT entropy to be had in the UMA allocator, but it is disabled for now as messing with that is likely to annoy many people.
The venerable (but effective) Yarrow algorithm, which is no longer supported by its authors now has an alternative, Fortuna. For now, Yarrow is retained as the default algorithm, but this may be changed using a kernel option. It is intended to make Fortuna the default algorithm for 11.0. Interested parties are encouraged to read ISBN 978-0-470-47424-2 "Cryptography Engineering" By Ferguson, Schneier and Kohno for Fortuna's gory details. Heck, read it anyway.
Many thanks to Arthur Mesh who did early grunt work, and who got caught in the crossfire rather more than he deserved to.
My thanks also to folks who helped me thresh this out on whiteboards and in the odd "Hallway track", or otherwise.
My Nomex pants are on. Let the feedback commence!
Reviewed by: trasz,des(partial),imp(partial?),rwatson(partial?)
Approved by: so(des)
expression (:M) is empty, not the not matched (:N) is empty. The former case
means we have not found the TEST_SUBDIR value in SUBDIR
Reported by: rodrigc
X-MFC with: r273803
Pointyhat to: me (did not use a clean install root)
Sponsored by: EMC / Isilon Storage Division
appending the TESTS_SUBDIRS variable to SUBDIR
Duplicate directory entries can cause unexpected side effects, like
installing the same files multiple times. This can be easily
reproduced via the following testcase prior to this commit:
SUBDIR= dir
TESTS_SUBDIRS+= dir
.include <bsd.test.mk>
Sponsored by: EMC / Isilon Storage Division
and casuword(9), but do not mix value read and indication of fault.
I know (or remember) enough assembly to handle x86 and powerpc. For
arm, mips and sparc64, implement fueword() and casueword() as wrappers
around fuword() and casuword(), which means that the functions cannot
distinguish between -1 and fault.
On architectures where fueword() and casueword() are native, implement
fuword() and casuword() using fueword() and casuword(), to reduce
assembly code duplication.
Sponsored by: The FreeBSD Foundation
Tested by: pho
MFC after: 2 weeks (ia64 needs treating)
While I'm there also correct typos in OptionalObsoleteFiles and add
information of the command line options for hv_kvp_daemon(8).
Reported by: jmg [1]
Reviewed by: jmg
MFC after: 2 weeks
create a new code block and thus must be balanced at the same lexical
scope. (This is also a requirement in POSIX.)
PR: 194280
Submitted by: dr2867.business@pacbell.net
MFC after: 1 week
Support for the multiport feature is mostly implemented, but currently
disabled due to some potential races in the hot plug code paths.
Requested by: marcel
MFC after: 1 month
Relnotes: yes
Check for -static in LDFLAGS or LDFLAGS.<test>, then pass in the appropriate
dependency (LIBATF or LDATF)
This unbreaks the build with some of the NetBSD tests that need to be compiled
statically
Reviewed by: imp, jmmv
Phabric: D991
Sponsored by: EMC / Isilon Storage Division
issue. lib/atf isn't a prereq_lib, since it isn't required for other
libraries to build. Remove it. The old kludge of always building it
had effectively been retired. Since we don't want to build the
libraries with the tests when we're bootstrapping, invent
MK_TESTS_SUPPORT which normally defaults to the current MK_TESTS
value, except when explicitly defined. Make lib/atf depend on it being
yes. When building the libraries set MK_TESTS to no, and
MK_TESTS_SUPPORT to the current value of MK_TESTS so that later stages
of the build work correctly. This should fix (and does for me)
people's issues with parallel builds racing between lib/atf and
libexec/atf. Since lib/atf is built during the libraries phase, the
race disappears.
userland defaults to no. This caused issues for the automated option
documenation script. Turns out, this isn't used in userland at all, so
just remove it from here.
time and gnu.warnings.symbol are now being fatal preventing building world.
in the futur we want to investigate only making the gnu.warning.symbol non fatal
Reviewed by: imp
when building with an external gcc, we want to be able to pass the path to
the libc++ headers so dependencies are correctly computed for C++ source files.
Add a DEPFLAGS for that purpose
Reviewed by: imp
- Wrong integer type was specified.
- Wrong or missing "access" specifier. The "access" specifier
sometimes included the SYSCTL type, which it should not, except for
procedural SYSCTL nodes.
- Logical OR where binary OR was expected.
- Properly assert the "access" argument passed to all SYSCTL macros,
using the CTASSERT macro. This applies to both static- and dynamically
created SYSCTLs.
- Properly assert the the data type for both static and dynamic
SYSCTLs. In the case of static SYSCTLs we only assert that the data
pointed to by the SYSCTL data pointer has the correct size, hence
there is no easy way to assert types in the C language outside a
C-function.
- Rewrote some code which doesn't pass a constant "access" specifier
when creating dynamic SYSCTL nodes, which is now a requirement.
- Updated "EXAMPLES" section in SYSCTL manual page.
MFC after: 3 days
Sponsored by: Mellanox Technologies
* anchor search strings appropriately,
* use .ALLSRC to pass the full path to the D script to dtrace(1),
* don't insert the auto-generated header into SRCS - it doesn't
accomplish anything, and we end up having to remove it from OBJS anyway.
Reviewed by: rpaulo
Differential Revision: https://reviews.freebsd.org/D978
MFC after: 3 weeks
Sponsored by: EMC / Isilon Storage Division
vxlan creates a virtual LAN by encapsulating the inner Ethernet frame in
a UDP packet. This implementation is based on RFC7348.
Currently, the IPv6 support is not fully compliant with the specification:
we should be able to receive UPDv6 packets with a zero checksum, but we
need to support RFC6935 first. Patches for this should come soon.
Encapsulation protocols such as vxlan emphasize the need for the FreeBSD
network stack to support batching, GRO, and GSO. Each frame has to make
two trips through the network stack, and each frame will be at most MTU
sized. Performance suffers accordingly.
Some latest generation NICs have begun to support vxlan HW offloads that
we should also take advantage of. VIMAGE support should also be added soon.
Differential Revision: https://reviews.freebsd.org/D384
Reviewed by: gnn
Relnotes: yes