Merge FreeBSD 2024-09-20 #2283
Merged
Merge FreeBSD 2024-09-20 #2283
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I've verified the tx queue (table 8-22) in addition. DPDK commit message net/i40e: increase max descriptor queue length According to the Intel X710/XXV710/XL710 Datasheet, the maximum receive queue descriptor length is 0x1FE0 (8160 in base 10). This is specified as QLEN in table 8-12, page 1083. I've tested this change with an XXV710 NIC and it has positive effect on performance under high load scenarios. Where previously I'd get ~2000 packets/sec miss rate, now I get only ~40 packets/sec miss rate. Signed-off-by: Igor Gutorov <[email protected]> Acked-by: Morten Brørup <[email protected]> Acked-by: Bruce Richardson <[email protected]> Obtained from: DPDK (ce9470f) MFC after: 1 week
This feature is required by OpenStack Nova that needs a serial output through tcp socket. When enable this feature, a tcp server will be started and wait for connection on specified port under capsicum's protection. We only accept one connection at the same time. Other connection try to connect will fail. Reviewed by: corvink, markj MFC after: 2 months Differential Revision: https://reviews.freebsd.org/D45120
This ensures that the ifnet's NUMA affinity is accurate. Reviewed by: kbowling MFC after: 2 weeks Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D46667
dtrace_getarg() previously walked the call stack looking for a frame matching the dtrace_invop_callsite symbol, in order to look for a trapframe corresponding to an invop (i.e., FBT or kinst) probe. Commit 3ba8e9d broke this in some cases by breaking the expected alignment of the dtrace_invop_callsite symbol. Rather than groveling around the stack to find invop probe arguments, simply use the trapframe reference saved by dtrace_invop(). This is simpler and less fragile. Reported by: avg Reviewed by: avg MFC after: 2 weeks Fixes: 3ba8e9d ("dtrace/amd64: Implement emulation of call instructions") Differential Revision: https://reviews.freebsd.org/D46672
FBT refuses to create probes in modules which depend on dtrace(all), but dtrace_test is a convenient place to add functions specifically for testing dtrace. The dependency on dtraceall is not needed, so just remove it. In fact, it can be useful to test SDT probe creation by loading dtrace_test with and without dtraceall loaded. Reviewed by: avg MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D46673
Reviewed by: avg MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D46674
It is not needed after commit 7e80fd5ef397. No functional change intended. Reviewed by: avg MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D46675
No functional change intended. Reviewed by: vmaffione MFC after: 2 weeks Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D46664
This can arise if the jail doesn't have networking configured, and if -ss is specified, syslogd won't listen on port 514 anyway. Add a regression test case for this as well. PR: 238006 MFC after: 1 month
Several functions did not validate the slot index resulting in OOB read on the heap of the slot device structure which could lead to arbitrary reads/writes and potentially code execution. Reported by: Synacktiv Reviewed by: markj (earlier), jhb Security: CVE-2024-41721 Security: HYP-02 Sponsored by: The Alpha-Omega Project Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D45996
Add to the vm_radix and vm_page interfaces methods to use pctrie iterators with vm_radix tries. Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D46663
Approved by: imp, manu (mentor) Differential revision: https://reviews.freebsd.org/D46702
DPDK commit message
net/e1000/base: fix link power down
Current code is a result of work to reduce duplication between various
device models. However, the logic that was replaced did not exactly
match the new logic, and as a result the link power down was not
working correctly for some NICs, and the link remained up even when
the interface is down.
Fix it to correctly power down the link under all circumstances that
were supported by old logic.
Fixes: 44dddd1 ("net/e1000/base: remove duplicated codes")
Cc: [email protected]
Signed-off-by: Anatoly Burakov <[email protected]>
Acked-by: Bruce Richardson <[email protected]>
Obtained from: DPDK (a8218d0)
MFC after: 1 week
In order to ensure we get the correct libsys.h, we need to add lib/libsys to the includes search path.
The change of its description from integer to boolean didn't actually change it to a boolean, but only made it impossible to set as either a boolean or an integer. Rather than make it work as a boolean parameter should, just revert to the old (working) integer parameter, and change the documentation to match. PR: 274263 Reported by: andrew.hotlab at hotmail
Add a priv_check for PRIV_PROC_MEM_WRITE which will be blocked by mac_veriexec if being enforced, unless the process has a maclabel to grant priv. Reviewed by: stevek Sponsored by: Juniper Networks, Inc. Differential Revision: https://reviews.freebsd.org/D46692
If we fail to init TCP (or SCTP) initialization we have to remember to free
state keys as well. They will not be freed for us when we free the state until
we've inserted the state (i.e. pf_insert_state()).
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D46583
In some cases the netmask gets set to a full 128 bit mask even if no address family is selected; don't print the v6 mask if it's a v4 address. Obtained from: OpenBSD, mcbride <[email protected]>, f6d7b41f07 Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D46584
When printing states in debug output, print the rule number that created it if we have it. Requested by dlg, ok henning. Obtained from: OpenBSD, mcbride <[email protected]>, c06d1661a6 Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D46585
factor our the code to set up pf_pdesc, a central structure in pf carrying information about the packet we're currently dealing with, into its own function. ok ryan dlg and additional testing sthen Obtained from: OpenBSD, henning <[email protected]>, c4202972a3 Obtained from: OpenBSD, claudio <[email protected]>, 78d25123ea Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D46586
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D46587
forces logging on all subsequent matching rules new log opt "matches" awesome for debugging, a rule like match log(matches) from $testbox will show you exactly which subsequent rules match on that packet real ok theo assumed oks ryan & dlg bikeshedding many Obtained from: OpenBSD, henning <[email protected]>, 1603e01ae4 Obtained from: OpenBSD, henning <[email protected]>, f496e91672 Obtained from: OpenBSD, henning <[email protected]>, 07481a9fee Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D46588
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D46589
Break out rule counter update code into a separate function, makes the behaviour consistent between IPv4 and IPv6. From [email protected] Obtained from: OpenBSD, mcbride <[email protected]>, ce38da5678 Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D46590
pf_test() and pf_test6() drop IPv4-ICMP6 and IPv6-ICMP packets. Do not do the same check in pf_test_rule() again. ok henning Reviewed by: zlei Obtained from: OpenBSD, bluhm <[email protected]>, de5c2bfb74 Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D46591
Obtained from: OpenBSD, sthen <[email protected]>, 1a3657e9c6 Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D46592
pf_scrub_ip() does not modify the given mbuf pointer. So don't pass a pointer to a pointer to make the code in pf_test() clearer. ok henning@ Reviewed by: zlei Obtained from: OpenBSD, bluhm <[email protected]>, aac78b59b9 Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D46593
so that rules like "pass out on vr1 inet6 nat-to (vr1)" won't map to the non routable ipv6 link local address; with suggestions and ok claudio, henning Reviewed by: zlei Obtained from: OpenBSD, mikeb <[email protected]>, e41548933f Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D46594
Reviewed by: zlei
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D46595
Do not pass AF specific information to pf_test_rule() and PFLOG_PACKET() because either the info is already available in struct pd or easy to figure out. Makes pf_test() and pf_test6() even more similar (with the target to remove one of them in the near future). OK henning@ Reviewed by: zlei Obtained from: OpenBSD, claudio <[email protected]>, 5480721ed1 Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D46596
to calculate the superuser-reserved amount of the pipe space Sponsored by: The FreeBSD Foundation MFC after: 1 week
…failed Submitted by: markj Sponsored by: The FreeBSD Foundation MFC after: 1 week
These were reported by `mandoc -T lint ...` as errors.
fhlink.2, fhreadlink.2: remove unneeded block closing.
getfh.2, procctl.2: add necessary block closing.
ptrace.2: -width only takes one argument.
swapon.2: <sys/vmparam.h> and <vm/swap_pager.h> weren't being displayed,
because .It is for a list item whereas .In is for included files.
Also, we want a blank line between <sys/ > headers and the other
one.
Signed-off-by: Graham Percival <[email protected]>
PR: 281597
Reviewed by: mhorne
Sponsored by: Tarsnap Backup Inc.
In preparation for supporting 64-bit machines with 32-bit UEFI firmware, add a build option for compiling the ia32 loader. Currently unused. Reviewed by: imp Pull Request: freebsd/freebsd-src#1098
In preparation for supporting 64-bit machines with 32-bit UEFI firmware, add a 32-bit variant of libefi since we need to compile both the 64-bit version and the 32-bit version at the same time. Reviewed by: imp Pull Request: freebsd/freebsd-src#1098
Using AllocateMaxAddress here means that gfx_state->tg_shadow_fb is treated as the highest address we can receive. Since gfx_state->tg_shadow_fb is NULL, we never receive anything. Use AllocateAnyPages instead. Reviewed by: imp Pull Request: freebsd/freebsd-src#1098
main.c - Fix rsdp cast.
framebuffer.c -
- Use temp variable instead of directly passing pointer when
EFI_PHYSICAL_ADDRESS is expected.
Also fix FreePages cast.
- Mask framebuffer address given to us by UEFI.
Reviewed by: imp
Pull Request: freebsd/freebsd-src#1098
Some machines have 64-bit capable cpus but are stuck on 32-bit uefi firmware. Add support for them by building a new "loader_ia32" with LOADER_DEFAULT_INTERP along with the 64-bit one. The loader can be disabled using MK_LOADER_IA32. Reviewed by: imp Pull Request: freebsd/freebsd-src#1098
With the new 32-bit UEFI loader, it's convenient to have a sysctl to figure out how we booted. Can be accessed at machdep.efi_arch Reviewed by: imp Pull Request: freebsd/freebsd-src#1098
This handles copying in install-boot.sh and bsdinstall's bootconfig. install-boot.sh: make_esp_file now optionally takes extra arguments so it can copy multiple files. This is used by the amd64 release scripts. make_esp_device also takes an extra optional argument for efibootname. This is currently unused, but it can be used in the future to do something like: make_esp_device loader.efi bootx64 make_esp_device loader_ia32.efi bootia32 Reviewed by: imp Pull Request: freebsd/freebsd-src#1098
The current libxo output uses the "dropped-packets" key for both incoming and outgoing packets. This commit distinguishes between the two by adding an "in" and "out" suffix. The original "dropped-packets" key is kept for backwards compatibility for now. PR: 244589 Reviewed by: imp, zlei Pull Request: freebsd/freebsd-src#1331
The key "shutdown-timer" was present twice in the libxo output. The second occurence of "shutdown-time" has been renamed to "shutdown-ack-timer". PR: 254672 Reviewed by: imp, zlei Pull Request: freebsd/freebsd-src#1331
NDFREE_PNBUF should be called after checking the return value of vn_open(), and should only be called once. Reviewed by: imp, zlei, Kornel Dulęba <[email protected]>, Elliott Mitchell Pull Request: freebsd/freebsd-src#1338
i2c -sv or i2c -rv prints an uninitialized field i2c_opt.addr. Suppress the verbose message entirely for scan and reset, where it provides no information, and zero initialize the field. See https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=279261 Reviewed by: imp Pull Request: freebsd/freebsd-src#1345
The manual page says %m is replaced with “the string representation of the error code stored in the errno variable at the beginning of the call”. However, we don't actually save `errno` until fairly late in `__vfprintf()`. Make sure it is saved before we do anything that might perturb `errno`. MFC after: 1 week Reviewed by: kevans Differential Revision: https://reviews.freebsd.org/D46718
- s/parametes/parameters/ MFC after: 3 days
- s/conficts/conflicts/ MFC after: 3 days
It does not handle scripts in /usr/local/etc/rc.d/. Instead, it takes care of /etc/rc.local and /etc/rc.shutdown.local. MFC after: 2 weeks
MFC after: 2 weeks Approved by: christos
Tested by: yasu Sponsored by: The FreeBSD Foundation MFC after: 1 week
Sponsored by: The FreeBSD Foundation MFC after: 1 week
Sponsored by: The FreeBSD Foundation MFC after: 1 week
…added Sponsored by: The FreeBSD Foundation MFC after: 1 week
This 'struct mfi_evt_pd' typed member should be named 'pd' instead of 'ld'. PR: 281155 Reviewed by: imp, delphij Pull Request: freebsd/freebsd-src#1402
…_detail' PR: 281156 Reviewed by: imp, delphij Pull Request: freebsd/freebsd-src#1402
This fixes a page fault when creating VFs and updates to the new mailbox API and naming conventions. The functionality works to the same level that it did before my recent changes. In particular on my 82599 it creates both passthru and ixv interfaces. In either case, the PF seems to lose the ability to pass traffic. The ixv driver fails to attach. These issues are present with or without my updates. If you use SR-IOV on ixgbe I would be interested in hearing what does or does not work for you. MFC after: 6 days
Bump to the current out of tree driver version since we only have some gratuitous changes. MFC after: 1 week
Reviewed by: emaste, jhb Sponsored by: Arm Ltd Pull Request: freebsd/freebsd-src#1399 (cherry picked from commit edc692b)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR for CI