svn commit: r361645 - stable/12/release/tools
Author: cperciva Date: Sat May 30 02:56:13 2020 New Revision: 361645 URL: https://svnweb.freebsd.org/changeset/base/361645 Log: Direct commit to stable/12: Only install ebsnvme-id on amd64 for now. This port is in the "latest" ports tree but not in "quarterly", so we have a package for amd64 but not for aarch64. This commit should be reverted when we have a new quarterly branch. Sponsored by: https://www.patreon.com/cperciva Modified: stable/12/release/tools/ec2.conf Modified: stable/12/release/tools/ec2.conf == --- stable/12/release/tools/ec2.confSat May 30 02:52:24 2020 (r361644) +++ stable/12/release/tools/ec2.confSat May 30 02:56:13 2020 (r361645) @@ -6,7 +6,14 @@ # Packages to install into the image we're creating. This is a deliberately # minimalist set, providing only the packages necessary to bootstrap further # package installation as specified via EC2 user-data. -export VM_EXTRA_PACKAGES="ec2-scripts firstboot-freebsd-update firstboot-pkgs dual-dhclient-daemon ebsnvme-id" +export VM_EXTRA_PACKAGES="ec2-scripts firstboot-freebsd-update firstboot-pkgs dual-dhclient-daemon" + +# This package isn't currently (2020-05-29) available for aarch64 since it is +# not yet in the "quarterly" branch. Some time after 2020-07-01 this can be +# made unconditional. +if [ "${TARGET_ARCH}" = "amd64" ]; then + export VM_EXTRA_PACKAGES="${VM_EXTRA_PACKAGES} ebsnvme-id" +fi # Include the amazon-ssm-agent package in amd64 images, since some users want # to be able to use it on systems which are not connected to the Internet. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361644 - stable/12/release/tools
Author: cperciva Date: Sat May 30 02:52:24 2020 New Revision: 361644 URL: https://svnweb.freebsd.org/changeset/base/361644 Log: MFC r361350: Add ebsnvme-id to EC2 AMIs and enable /dev/aws/disk Sponsored by: https://www.patreon.com/cperciva Modified: stable/12/release/tools/ec2.conf Directory Properties: stable/12/ (props changed) Modified: stable/12/release/tools/ec2.conf == --- stable/12/release/tools/ec2.confSat May 30 02:50:26 2020 (r361643) +++ stable/12/release/tools/ec2.confSat May 30 02:52:24 2020 (r361644) @@ -6,7 +6,7 @@ # Packages to install into the image we're creating. This is a deliberately # minimalist set, providing only the packages necessary to bootstrap further # package installation as specified via EC2 user-data. -export VM_EXTRA_PACKAGES="ec2-scripts firstboot-freebsd-update firstboot-pkgs dual-dhclient-daemon" +export VM_EXTRA_PACKAGES="ec2-scripts firstboot-freebsd-update firstboot-pkgs dual-dhclient-daemon ebsnvme-id" # Include the amazon-ssm-agent package in amd64 images, since some users want # to be able to use it on systems which are not connected to the Internet. @@ -17,7 +17,7 @@ if [ "${TARGET_ARCH}" = "amd64" ]; then fi # Set to a list of third-party software to enable in rc.conf(5). -export VM_RC_LIST="ec2_configinit ec2_fetchkey ec2_loghostkey firstboot_freebsd_update firstboot_pkgs ntpd" +export VM_RC_LIST="ec2_configinit ec2_fetchkey ec2_loghostkey firstboot_freebsd_update firstboot_pkgs ntpd dev_aws_disk" # Build with a 3.9 GB UFS partition; the growfs rc.d script will expand # the partition to fill the root disk after the EC2 instance is launched. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361643 - stable/12/release/tools
Author: cperciva Date: Sat May 30 02:50:26 2020 New Revision: 361643 URL: https://svnweb.freebsd.org/changeset/base/361643 Log: MFC r361143: Add /etc/autofs/special_efs to EC2 AMIs Sponsored by: https://www.patreon.com/cperciva Modified: stable/12/release/tools/ec2.conf Directory Properties: stable/12/ (props changed) Modified: stable/12/release/tools/ec2.conf == --- stable/12/release/tools/ec2.confSat May 30 02:09:36 2020 (r361642) +++ stable/12/release/tools/ec2.confSat May 30 02:50:26 2020 (r361643) @@ -109,6 +109,23 @@ vm_extra_pre_umount() { -e '1,/^#server/s/^#server.*/server 169.254.169.123 iburst/' \ ${DESTDIR}/etc/ntp.conf + # Provide a map for accessing Elastic File System mounts + cat > ${DESTDIR}/etc/autofs/special_efs <<'EOF' +#!/bin/sh + +if [ $# -eq 0 ]; then +# No way to know which EFS filesystems exist and are +# accessible to this EC2 instance. +exit 0 +fi + +# Provide instructions on how to mount the requested filesystem. +FS=$1 +REGION=`fetch -qo- http://169.254.169.254/latest/meta-data/placement/availability-zone | sed -e 's/[a-z]$//'` +echo "-nfsv4,minorversion=1,oneopenown ${FS}.efs.${REGION}.amazonaws.com:/" +EOF + chmod 755 ${DESTDIR}/etc/autofs/special_efs + # The first time the AMI boots, the installed "first boot" scripts # should be allowed to run: # * ec2_configinit (download and process EC2 user-data) ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361642 - head/sys/arm64/broadcom/genet
Author: karels Date: Sat May 30 02:09:36 2020 New Revision: 361642 URL: https://svnweb.freebsd.org/changeset/base/361642 Log: genet: workaround for problem with ICMPv6 echo replies The ICMPv6 echo reply is constructed with the IPv6 header too close to the beginning of a packet for an Ethernet header to be prepended, so we end up with an mbuf containing just the Ethernet header. The GENET controller doesn't seem to handle this, with or without transmit checksum offload. At least until we have chip documentation, do a pullup to satisfy the chip. Hopefully this can be fixed properly in the future. Modified: head/sys/arm64/broadcom/genet/if_genet.c Modified: head/sys/arm64/broadcom/genet/if_genet.c == --- head/sys/arm64/broadcom/genet/if_genet.cSat May 30 02:02:34 2020 (r361641) +++ head/sys/arm64/broadcom/genet/if_genet.cSat May 30 02:09:36 2020 (r361642) @@ -76,6 +76,10 @@ __FBSDID("$FreeBSD$"); #include #include #include +#define ICMPV6_HACK/* workaround for chip issue */ +#ifdef ICMPV6_HACK +#include +#endif #include "syscon_if.h" #include "miibus_if.h" @@ -968,6 +972,36 @@ gen_encap(struct gen_softc *sc, struct mbuf **mp) q = &sc->tx_queue[DEF_TXQUEUE]; m = *mp; +#ifdef ICMPV6_HACK + /* +* Reflected ICMPv6 packets, e.g. echo replies, tend to get laid +* out with only the Ethernet header in the first mbuf, and this +* doesn't seem to work. +*/ +#define ICMP6_LEN (sizeof(struct ether_header) + sizeof(struct ip6_hdr) + \ + sizeof(struct icmp6_hdr)) + if (m->m_len == sizeof(struct ether_header)) { + int ether_type = mtod(m, struct ether_header *)->ether_type; + if (ntohs(ether_type) == ETHERTYPE_IPV6 && + m->m_next->m_len >= sizeof(struct ip6_hdr)) { + struct ip6_hdr *ip6; + + ip6 = mtod(m->m_next, struct ip6_hdr *); + if (ip6->ip6_nxt == IPPROTO_ICMPV6) { + m = m_pullup(m, + MIN(m->m_pkthdr.len, ICMP6_LEN)); + if (m == NULL) { + if (sc->ifp->if_flags & IFF_DEBUG) + device_printf(sc->dev, + "ICMPV6 pullup fail\n"); + *mp = NULL; + return (ENOMEM); + } + } + } + } +#undef ICMP6_LEN +#endif if ((if_getcapenable(sc->ifp) & (IFCAP_TXCSUM | IFCAP_TXCSUM_IPV6)) != 0) { csum_flags = m->m_pkthdr.csum_flags; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361641 - head/sys/arm64/broadcom/genet
Author: karels Date: Sat May 30 02:02:34 2020 New Revision: 361641 URL: https://svnweb.freebsd.org/changeset/base/361641 Log: genet: fix issues with transmit checksum offload Fix problem with ICMP echo replies: check only deferred data checksum flags, and not the received checksum status bits, when checking whether a packet has a deferred checksum; otherwise echo replies are corrupted because the received checksum status bits are still present. Fix some unhandled cases in packet shuffling for checksum offload. Modified: head/sys/arm64/broadcom/genet/if_genet.c Modified: head/sys/arm64/broadcom/genet/if_genet.c == --- head/sys/arm64/broadcom/genet/if_genet.cSat May 30 01:48:12 2020 (r361640) +++ head/sys/arm64/broadcom/genet/if_genet.cSat May 30 02:02:34 2020 (r361641) @@ -948,6 +948,9 @@ gen_start(if_t ifp) GEN_UNLOCK(sc); } +/* Test for any delayed checksum */ +#define CSUM_DELAY_ANY (CSUM_TCP | CSUM_UDP | CSUM_IP6_TCP | CSUM_IP6_UDP) + static int gen_encap(struct gen_softc *sc, struct mbuf **mp) { @@ -978,12 +981,11 @@ gen_encap(struct gen_softc *sc, struct mbuf **mp) } offset = gen_parse_tx(m, csum_flags); sb = mtod(m, struct statusblock *); - if (csum_flags != 0) { + if ((csum_flags & CSUM_DELAY_ANY) != 0) { csuminfo = (offset << TXCSUM_OFF_SHIFT) | (offset + csumdata); - if (csum_flags & (CSUM_TCP | CSUM_UDP)) - csuminfo |= TXCSUM_LEN_VALID; - if (csum_flags & CSUM_UDP) + csuminfo |= TXCSUM_LEN_VALID; + if (csum_flags & (CSUM_UDP | CSUM_IP6_UDP)) csuminfo |= TXCSUM_UDP; sb->txcsuminfo = csuminfo; } else @@ -1045,7 +1047,7 @@ gen_encap(struct gen_softc *sc, struct mbuf **mp) if (i == 0) { length_status |= GENET_TX_DESC_STATUS_SOP | GENET_TX_DESC_STATUS_CRC; - if (csum_flags != 0) + if ((csum_flags & CSUM_DELAY_ANY) != 0) length_status |= GENET_TX_DESC_STATUS_CKSUM; } if (i == nsegs - 1) @@ -1087,6 +1089,7 @@ static int gen_parse_tx(struct mbuf *m, int csum_flags) { int offset, off_in_m; + bool copy = false, shift = false; u_char *p, *copy_p = NULL; struct mbuf *m0 = m; uint16_t ether_type; @@ -1098,22 +1101,44 @@ gen_parse_tx(struct mbuf *m, int csum_flags) m = m->m_next; off_in_m = 0; p = mtod(m, u_char *); + copy = true; } else { + /* +* If statusblock is not at beginning of mbuf (likely), +* then remember to move mbuf contents down before copying +* after them. +*/ + if ((m->m_flags & M_EXT) == 0 && m->m_data != m->m_pktdat) + shift = true; p = mtodo(m, sizeof(struct statusblock)); off_in_m = sizeof(struct statusblock); } -/* If headers need to be copied contiguous to statusblock, do so. */ -#define COPY(size) { \ - if (copy_p != NULL) { \ - int hsize = size; \ - bcopy(p, copy_p, hsize);\ - m0->m_len += hsize; \ - m0->m_pkthdr.len += hsize; /* unneeded */ \ - copy_p += hsize;\ - m->m_len -= hsize; \ - m->m_data += hsize; \ - } \ +/* + * If headers need to be copied contiguous to statusblock, do so. + * If copying to the internal mbuf data area, and the status block + * is not at the beginning of that area, shift the status block (which + * is empty) and following data. + */ +#define COPY(size) { \ + int hsize = size; \ + if (copy) { \ + if (shift) {\ + u_char *p0; \ + shift = false; \ + p0 = mtodo(m0, sizeof(struct statusblock)); \ + m0->m_data = m0->m_pktdat; \ + bcopy(p0, mtodo(m0, sizeof(struct
svn commit: r361640 - head/sys/sys
Author: dougm Date: Sat May 30 01:48:12 2020 New Revision: 361640 URL: https://svnweb.freebsd.org/changeset/base/361640 Log: RB_REMOVE invokes RB_REMOVE_COLOR either when child is red or child is null. In the first case, RB_REMOVE_COLOR just changes the child to black and returns. With this change, RB_REMOVE handles that case, and drops the child argument to RB_REMOVE_COLOR, since that value is always null. RB_REMOVE_COLOR is changed to remove a couple of unneeded tests, and to eliminate some deep indentation. RB_ISRED is defined to combine a null check with a test for redness, to replace that combination in several places. Reviewed by: markj Tested by:pho Differential Revision:https://reviews.freebsd.org/D25032 Modified: head/sys/sys/tree.h Modified: head/sys/sys/tree.h == --- head/sys/sys/tree.h Sat May 30 01:17:26 2020(r361639) +++ head/sys/sys/tree.h Sat May 30 01:48:12 2020(r361640) @@ -321,6 +321,7 @@ struct { \ #define RB_RIGHT(elm, field) (elm)->field.rbe_right #define RB_PARENT(elm, field) (elm)->field.rbe_parent #define RB_COLOR(elm, field) (elm)->field.rbe_color +#define RB_ISRED(elm, field) ((elm) != NULL && RB_COLOR(elm, field) == RB_RED) #define RB_ROOT(head) (head)->rbh_root #define RB_EMPTY(head) (RB_ROOT(head) == NULL) @@ -396,7 +397,7 @@ struct { \ #define RB_PROTOTYPE_INSERT_COLOR(name, type, attr)\ attr void name##_RB_INSERT_COLOR(struct name *, struct type *) #define RB_PROTOTYPE_REMOVE_COLOR(name, type, attr)\ - attr void name##_RB_REMOVE_COLOR(struct name *, struct type *, struct type *) + attr void name##_RB_REMOVE_COLOR(struct name *, struct type *) #define RB_PROTOTYPE_REMOVE(name, type, attr) \ attr struct type *name##_RB_REMOVE(struct name *, struct type *) #define RB_PROTOTYPE_INSERT(name, type, attr) \ @@ -439,12 +440,11 @@ attr void \ name##_RB_INSERT_COLOR(struct name *head, struct type *elm)\ { \ struct type *parent, *gparent, *tmp;\ - while ((parent = RB_PARENT(elm, field)) != NULL && \ - RB_COLOR(parent, field) == RB_RED) {\ + while (RB_ISRED((parent = RB_PARENT(elm, field)), field)) { \ gparent = RB_PARENT(parent, field); \ if (parent == RB_LEFT(gparent, field)) {\ tmp = RB_RIGHT(gparent, field); \ - if (tmp && RB_COLOR(tmp, field) == RB_RED) {\ + if (RB_ISRED(tmp, field)) { \ RB_COLOR(tmp, field) = RB_BLACK;\ RB_SET_BLACKRED(parent, gparent, field);\ elm = gparent; \ @@ -460,7 +460,7 @@ name##_RB_INSERT_COLOR(struct name *head, struct type RB_ROTATE_RIGHT(head, gparent, tmp, field); \ } else {\ tmp = RB_LEFT(gparent, field); \ - if (tmp && RB_COLOR(tmp, field) == RB_RED) {\ + if (RB_ISRED(tmp, field)) { \ RB_COLOR(tmp, field) = RB_BLACK;\ RB_SET_BLACKRED(parent, gparent, field);\ elm = gparent; \ @@ -481,11 +481,11 @@ name##_RB_INSERT_COLOR(struct name *head, struct type #define RB_GENERATE_REMOVE_COLOR(name, type, field, attr) \ attr void \ -name##_RB_REMOVE_COLOR(struct name *head, struct type *parent, struct type *elm) \ +name##_RB_REMOVE_COLOR(struct name *head, struct type *parent) \ { \ - struct type *tmp; \ - while ((elm == NULL || RB_COLOR(elm, field) == RB_BLACK) && \ - elm != RB_ROOT(head)) { \ + struct type *elm, *tmp; \ + elm = NULL; \ + do {\ if (RB_LEFT(parent, field) == elm) {\
svn commit: r361639 - in stable/12/sys: net netpfil/pf
Author: markj Date: Sat May 30 01:17:26 2020 New Revision: 361639 URL: https://svnweb.freebsd.org/changeset/base/361639 Log: MFC r361095: pf: Add a new zone for per-table entry counters. Modified: stable/12/sys/net/pfvar.h stable/12/sys/netpfil/pf/pf_table.c Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/net/pfvar.h == --- stable/12/sys/net/pfvar.h Sat May 30 00:47:03 2020(r361638) +++ stable/12/sys/net/pfvar.h Sat May 30 01:17:26 2020(r361639) @@ -1000,6 +1000,8 @@ struct pfr_addr { enum { PFR_DIR_IN, PFR_DIR_OUT, PFR_DIR_MAX }; enum { PFR_OP_BLOCK, PFR_OP_PASS, PFR_OP_ADDR_MAX, PFR_OP_TABLE_MAX }; +enum { PFR_TYPE_PACKETS, PFR_TYPE_BYTES, PFR_TYPE_MAX }; +#definePFR_NUM_COUNTERS(PFR_DIR_MAX * PFR_OP_ADDR_MAX * PFR_TYPE_MAX) #define PFR_OP_XPASS PFR_OP_ADDR_MAX struct pfr_astats { @@ -1045,10 +1047,12 @@ union sockaddr_union { #endif /* _SOCKADDR_UNION_DEFINED */ struct pfr_kcounters { - counter_u64_tpfrkc_packets[PFR_DIR_MAX][PFR_OP_ADDR_MAX]; - counter_u64_tpfrkc_bytes[PFR_DIR_MAX][PFR_OP_ADDR_MAX]; + counter_u64_tpfrkc_counters; long pfrkc_tzero; }; +#definepfr_kentry_counter(kc, dir, op, t) \ + ((kc)->pfrkc_counters + \ + (dir) * PFR_OP_ADDR_MAX * PFR_TYPE_MAX + (op) * PFR_TYPE_MAX + (t)) SLIST_HEAD(pfr_kentryworkq, pfr_kentry); struct pfr_kentry { Modified: stable/12/sys/netpfil/pf/pf_table.c == --- stable/12/sys/netpfil/pf/pf_table.c Sat May 30 00:47:03 2020 (r361638) +++ stable/12/sys/netpfil/pf/pf_table.c Sat May 30 01:17:26 2020 (r361639) @@ -127,6 +127,8 @@ struct pfr_walktree { static MALLOC_DEFINE(M_PFTABLE, "pf_table", "pf(4) tables structures"); VNET_DEFINE_STATIC(uma_zone_t, pfr_kentry_z); #defineV_pfr_kentry_z VNET(pfr_kentry_z) +VNET_DEFINE_STATIC(uma_zone_t, pfr_kentry_counter_z); +#defineV_pfr_kentry_counter_z VNET(pfr_kentry_counter_z) static struct pf_addr pfr_ffaddr = { .addr32 = { 0x, 0x, 0x, 0x } @@ -144,12 +146,8 @@ static void pfr_mark_addrs(struct pfr_ktable *); static struct pfr_kentry *pfr_lookup_addr(struct pfr_ktable *, struct pfr_addr *, int); -static bool pfr_create_kentry_counter(struct pfr_kentry *, int, - int); static struct pfr_kentry *pfr_create_kentry(struct pfr_addr *, bool); static void pfr_destroy_kentries(struct pfr_kentryworkq *); -static void pfr_destroy_kentry_counter(struct pfr_kcounters *, - int, int); static void pfr_destroy_kentry(struct pfr_kentry *); static void pfr_insert_kentries(struct pfr_ktable *, struct pfr_kentryworkq *, long); @@ -205,6 +203,9 @@ void pfr_initialize(void) { + V_pfr_kentry_counter_z = uma_zcreate("pf table entry counters", + PFR_NUM_COUNTERS * sizeof(uint64_t), NULL, NULL, NULL, NULL, + UMA_ALIGN_PTR, UMA_ZONE_PCPU); V_pfr_kentry_z = uma_zcreate("pf table entries", sizeof(struct pfr_kentry), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0); @@ -217,6 +218,7 @@ pfr_cleanup(void) { uma_zdestroy(V_pfr_kentry_z); + uma_zdestroy(V_pfr_kentry_counter_z); } int @@ -785,27 +787,11 @@ pfr_lookup_addr(struct pfr_ktable *kt, struct pfr_addr return (ke); } -static bool -pfr_create_kentry_counter(struct pfr_kentry *ke, int pfr_dir, int pfr_op) -{ - counter_u64_t c; - - c = counter_u64_alloc(M_NOWAIT); - if (c == NULL) - return (false); - ke->pfrke_counters.pfrkc_packets[pfr_dir][pfr_op] = c; - c = counter_u64_alloc(M_NOWAIT); - if (c == NULL) - return (false); - ke->pfrke_counters.pfrkc_bytes[pfr_dir][pfr_op] = c; - return (true); -} - static struct pfr_kentry * pfr_create_kentry(struct pfr_addr *ad, bool counters) { struct pfr_kentry *ke; - int pfr_dir, pfr_op; + counter_u64_tc; ke = uma_zalloc(V_pfr_kentry_z, M_NOWAIT | M_ZERO); if (ke == NULL) @@ -819,15 +805,14 @@ pfr_create_kentry(struct pfr_addr *ad, bool counters) ke->pfrke_net = ad->pfra_net; ke->pfrke_not = ad->pfra_not; ke->pfrke_counters.pfrkc_tzero = 0; - if (counters) - for (pfr_dir = 0; pfr_dir < PFR_DIR_MAX; pfr_dir++) - for (pfr_op = 0; pfr_op < PFR_OP_ADDR_MAX; pfr_op++) { - if (!pfr_create_kentry_counter(ke, pfr_dir, - pfr_op)) { -
svn commit: r361638 - in head/sys: conf modules modules/tcp
Author: jhb Date: Sat May 30 00:47:03 2020 New Revision: 361638 URL: https://svnweb.freebsd.org/changeset/base/361638 Log: Only build ipsec modules if the kernel includes IPSEC_SUPPORT. Honoring the kernel-supplied opt_ipsec.h in r361632 causes builds of ipsec modules to fail if the kernel doesn't include IPSEC_SUPPORT. However, the module can never be loaded into such a kernel, so only build the modules if the kernel includes IPSEC_SUPPORT. Reviewed by: imp Differential Revision:https://reviews.freebsd.org/D25059 Modified: head/sys/conf/config.mk head/sys/modules/Makefile head/sys/modules/tcp/Makefile Modified: head/sys/conf/config.mk == --- head/sys/conf/config.mk Sat May 30 00:07:42 2020(r361637) +++ head/sys/conf/config.mk Sat May 30 00:47:03 2020(r361638) @@ -30,8 +30,10 @@ opt_inet.h: opt_inet6.h: @echo "#define INET6 1" > ${.TARGET} .endif +.if ${MK_IPSEC_SUPPORT} != "no" opt_ipsec.h: @echo "#define IPSEC_SUPPORT 1" > ${.TARGET} +.endif .if ${MK_RATELIMIT} != "no" opt_ratelimit.h: @echo "#define RATELIMIT 1" > ${.TARGET} @@ -59,6 +61,9 @@ KERN_OPTS+= INET TCP_OFFLOAD .endif .if ${MK_INET6_SUPPORT} != "no" KERN_OPTS+= INET6 +.endif +.if ${MK_IPSEC_SUPPORT} != "no" +KERN_OPTS+= IPSEC_SUPPORT .endif .elif !defined(KERN_OPTS) # Add all the options that are mentioned in any opt_*.h file when we Modified: head/sys/modules/Makefile == --- head/sys/modules/Makefile Sat May 30 00:07:42 2020(r361637) +++ head/sys/modules/Makefile Sat May 30 00:47:03 2020(r361638) @@ -427,7 +427,7 @@ _if_enc=if_enc _if_gif= if_gif _if_gre= if_gre _ipfw_pmod=ipfw_pmod -.if ${MK_IPSEC_SUPPORT} != "no" +.if ${KERN_OPTS:MIPSEC_SUPPORT} _ipsec=ipsec .endif .endif Modified: head/sys/modules/tcp/Makefile == --- head/sys/modules/tcp/Makefile Sat May 30 00:07:42 2020 (r361637) +++ head/sys/modules/tcp/Makefile Sat May 30 00:47:03 2020 (r361638) @@ -2,8 +2,7 @@ # $FreeBSD$ # -SYSDIR?=${SRCTOP}/sys -.include "${SYSDIR}/conf/kern.opts.mk" +.include SUBDIR=\ ${_tcp_bbr} \ @@ -17,7 +16,7 @@ _tcp_rack=rack .if (${MK_INET_SUPPORT} != "no" || ${MK_INET6_SUPPORT} != "no") || \ defined(ALL_MODULES) -.if ${MK_IPSEC_SUPPORT} != "no" +.if ${KERN_OPTS:MIPSEC_SUPPORT} _tcpmd5= tcpmd5 .endif .endif ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361637 - head/sys/dev/usb/wlan
Author: adrian Date: Sat May 30 00:07:42 2020 New Revision: 361637 URL: https://svnweb.freebsd.org/changeset/base/361637 Log: [run] Don't add 11ng channels (2GHz) for RF2020 Don't also add the 11ng channels if we're not in 11n mode or net80211 will get super weird. Modified: head/sys/dev/usb/wlan/if_run.c Modified: head/sys/dev/usb/wlan/if_run.c == --- head/sys/dev/usb/wlan/if_run.c Sat May 30 00:06:26 2020 (r361636) +++ head/sys/dev/usb/wlan/if_run.c Sat May 30 00:07:42 2020 (r361637) @@ -4933,7 +4933,8 @@ run_getradiocaps(struct ieee80211com *ic, memset(bands, 0, sizeof(bands)); setbit(bands, IEEE80211_MODE_11B); setbit(bands, IEEE80211_MODE_11G); - setbit(bands, IEEE80211_MODE_11NG); + if (sc->rf_rev != RT3070_RF_2020) + setbit(bands, IEEE80211_MODE_11NG); /* Note: for now, only support HT20 channels */ ieee80211_add_channels_default_2ghz(chans, maxchans, nchans, bands, 0); @@ -4942,7 +4943,6 @@ run_getradiocaps(struct ieee80211com *ic, sc->rf_rev == RT3070_RF_3052 || sc->rf_rev == RT3593_RF_3053 || sc->rf_rev == RT5592_RF_5592) { setbit(bands, IEEE80211_MODE_11A); - setbit(bands, IEEE80211_MODE_11NA); /* Note: for now, only support HT20 channels */ ieee80211_add_channel_list_5ghz(chans, maxchans, nchans, run_chan_5ghz, nitems(run_chan_5ghz), bands, 0); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361636 - head/sys/dev/usb/wlan
Author: adrian Date: Sat May 30 00:06:26 2020 New Revision: 361636 URL: https://svnweb.freebsd.org/changeset/base/361636 Log: [run] Set ampdu rxmax same as linux; RF2020 isn't an 11n NIC This is from the linux driver: * set the ampdu rx max to 32k for 1 stream devics like mine, and 64k for larger ones * Don't enable 11n bits for RF2020 Modified: head/sys/dev/usb/wlan/if_run.c Modified: head/sys/dev/usb/wlan/if_run.c == --- head/sys/dev/usb/wlan/if_run.c Fri May 29 19:44:18 2020 (r361635) +++ head/sys/dev/usb/wlan/if_run.c Sat May 30 00:06:26 2020 (r361636) @@ -847,20 +847,26 @@ run_attach(device_t self) IEEE80211_C_WME | /* WME */ IEEE80211_C_WPA;/* WPA1|WPA2(RSN) */ - ic->ic_htcaps = - IEEE80211_HTC_HT | - IEEE80211_HTC_AMPDU | - IEEE80211_HTC_AMSDU | - IEEE80211_HTCAP_MAXAMSDU_3839 | - IEEE80211_HTCAP_SMPS_OFF; - /* -* For now, just do 1 stream. Later on we'll figure out -* how many tx/rx streams a particular NIC supports. +* RF2020 is not an 11n device. */ - ic->ic_rxstream = 1; - ic->ic_txstream = 1; + if (sc->rf_rev != RT3070_RF_2020) { + device_printf(sc->sc_dev, "[HT] Enabling 802.11n\n"); + ic->ic_htcaps = + IEEE80211_HTC_HT | + IEEE80211_HTC_AMPDU | + IEEE80211_HTC_AMSDU | + IEEE80211_HTCAP_MAXAMSDU_3839 | + IEEE80211_HTCAP_SMPS_OFF; + /* +* For now, just do 1 stream. Later on we'll figure out +* how many tx/rx streams a particular NIC supports. +*/ + ic->ic_rxstream = 1; + ic->ic_txstream = 1; + } + ic->ic_cryptocaps = IEEE80211_CRYPTO_WEP | IEEE80211_CRYPTO_AES_CCM | @@ -1028,8 +1034,15 @@ run_vap_create(struct ieee80211com *ic, const char nam vap->iv_update_beacon = run_update_beacon; vap->iv_max_aid = RT2870_WCID_MAX; - vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_64K; - vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_2; + /* +* The linux rt2800 driver limits 1 stream devices to a 32KB +* RX AMPDU. +*/ + if (ic->ic_rxstream > 1) + vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_64K; + else + vap->iv_ampdu_rxmax = IEEE80211_HTCAP_MAXRXAMPDU_32K; + vap->iv_ampdu_density = IEEE80211_HTCAP_MPDUDENSITY_2; /* 2uS */ /* * To delete the right key from h/w, we need wcid. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r361632 - in head/sys: conf modules/ipsec modules/tcp/tcpmd5
On 5/29/20 12:21 PM, John Baldwin wrote: > Author: jhb > Date: Fri May 29 19:21:35 2020 > New Revision: 361632 > URL: https://svnweb.freebsd.org/changeset/base/361632 > > Log: > Honor opt_ipsec.h from kernel builds. > > To make this simpler, set the default contents of opt_ipsec.h > for standalone modules in sys/conf/config.mk. This breaks the build of kernel configs without IPSEC_SUPPORT (some of the configs in tinderbox). I've put a change up for review at D25059. I haven't just committed it outright because it is a bit different model (though I think a better one) of using KERN_OPTS (the list of kernel options enabled) to control which modules to build rather than MK_FOO variables. MK_FOO variables are still honored for standalone builds since sys/conf/config.mk sets the equivalent KERN_OPTS values for standalone module builds. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r361360 - head/sys/dev/hyperv/hvsock
On Fri, May 22, 2020 at 10:51 AM Kyle Evans wrote: > > On Fri, May 22, 2020 at 4:17 AM Wei Hu wrote: > > > > Author: whu > > Date: Fri May 22 09:17:07 2020 > > New Revision: 361360 > > URL: https://svnweb.freebsd.org/changeset/base/361360 > > > > Log: > > Socket AF_HYPERV should return failure when it is not running on HyperV > > > > [... snip ...] > > @@ -354,6 +354,9 @@ hvs_trans_attach(struct socket *so, int proto, struct > > { > > struct hvs_pcb *pcb = so2hvspcb(so); > > > > + if (vm_guest != VM_GUEST_HV) > > + return (ESOCKTNOSUPPORT); > > + > > HVSOCK_DBG(HVSOCK_DBG_VERBOSE, > > "%s: HyperV Socket hvs_trans_attach called\n", __func__); > > > > This one may be OK, but none of these other methods should be able to > be invoked if the attach failed. See this comment at around > ^/sys/kern/uipc_socket.c#50: > > 50 * pru_detach() disassociates protocol layer state from an attached socket, > 51 * and will be called exactly once for sockets in which pru_attach() has > 52 * been successfully called. If pru_attach() returned an error, > 53 * pru_detach() will not be called. Socket layer private. > > That said, I wonder if VNET_DOMAIN_SET provides the correct semantics > here at all. You can't fail domain_init, but I don't think there's any > value in this domain actually getting registered on non-HyperV guests, > a fact which presumably won't change at runtime. > I'm considering the patch below, which is almost certainly going to be mangled by my mail client, for solving this style of problem. It gives the domain a chance to probe the system and opt out, for cases like hvsock where leaving the domain around and fully-initialized when there's no way it can work is both wasteful and a bit of an accident waiting to happen -- IMO it's much less error prone and more comforting if we just reject it early on, since we can. The vm_guest detection and hyperv's false-positive aversion stuff in hyperv_init should run much earlier than this. diff --git a/sys/dev/hyperv/hvsock/hv_sock.c b/sys/dev/hyperv/hvsock/hv_sock.c index d212c2d8c2d..d3bc1ab0f2c 100644 --- a/sys/dev/hyperv/hvsock/hv_sock.c +++ b/sys/dev/hyperv/hvsock/hv_sock.c @@ -74,6 +74,8 @@ SYSCTL_INT(_net_hvsock, OID_AUTO, hvs_dbg_level, CTLFLAG_RWTUN, &hvs_dbg_level, MALLOC_DEFINE(M_HVSOCK, "hyperv_socket", "hyperv socket control structures"); +static int hvs_dom_probe(void); + /* The MTU is 16KB per host side's design */ #define HVSOCK_MTU_SIZE(1024 * 16) #define HVSOCK_SEND_BUF_SZ (PAGE_SIZE - sizeof(struct vmpipe_proto_header)) @@ -124,6 +126,7 @@ static struct protosw hv_socket_protosw[] = { static struct domain hv_socket_domain = { .dom_family = AF_HYPERV, .dom_name = "hyperv", + .dom_probe =hvs_dom_probe, .dom_protosw = hv_socket_protosw, .dom_protoswNPROTOSW = &hv_socket_protosw[nitems(hv_socket_protosw)] }; @@ -322,6 +325,16 @@ hvs_trans_unlock(void) sx_xunlock(&hvs_trans_socks_sx); } +static int +hvs_dom_probe(void) +{ + + /* Don't even give us a chance to attach on non-HyperV. */ + if (vm_guest != VM_GUEST_HV) + return (ENXIO); + return (0); +} + void hvs_trans_init(void) { @@ -329,9 +342,6 @@ hvs_trans_init(void) if (!IS_DEFAULT_VNET(curvnet)) return; - if (vm_guest != VM_GUEST_HV) - return; - HVSOCK_DBG(HVSOCK_DBG_VERBOSE, "%s: HyperV Socket hvs_trans_init called\n", __func__); @@ -354,9 +364,6 @@ hvs_trans_attach(struct socket *so, int proto, struct thread *td) { struct hvs_pcb *pcb = so2hvspcb(so); - if (vm_guest != VM_GUEST_HV) - return (ESOCKTNOSUPPORT); - HVSOCK_DBG(HVSOCK_DBG_VERBOSE, "%s: HyperV Socket hvs_trans_attach called\n", __func__); @@ -383,9 +390,6 @@ hvs_trans_detach(struct socket *so) { struct hvs_pcb *pcb; - if (vm_guest != VM_GUEST_HV) - return; - HVSOCK_DBG(HVSOCK_DBG_VERBOSE, "%s: HyperV Socket hvs_trans_detach called\n", __func__); @@ -595,9 +599,6 @@ hvs_trans_disconnect(struct socket *so) { struct hvs_pcb *pcb; - if (vm_guest != VM_GUEST_HV) - return (ESOCKTNOSUPPORT); - HVSOCK_DBG(HVSOCK_DBG_VERBOSE, "%s: HyperV Socket hvs_trans_disconnect called\n", __func__); @@ -925,9 +926,6 @@ hvs_trans_close(struct socket *so) { struct hvs_pcb *pcb; - if (vm_guest != VM_GUEST_HV) - return; - HVSOCK_DBG(HVSOCK_DBG_VERBOSE, "%s: HyperV Socket hvs_trans_close called\n", __func__); @@ -969,9 +967,6 @@ hvs_trans_abort(struct socket *so) { struct hvs_pcb *pcb = so2hvspcb(so); - if (vm_guest != VM_GUEST_HV) - return; - HVSOCK_DBG(HVSOCK_DBG_VERBOSE, "%s: HyperV Socket hvs_trans_abort called\n", __
svn commit: r361635 - head/sys/geom/part
Author: cem Date: Fri May 29 19:44:18 2020 New Revision: 361635 URL: https://svnweb.freebsd.org/changeset/base/361635 Log: geom_part: Dispatch to partitions to create providers and aliases This allows partitions to create additional aliases of their own. The default method implementations preserve the existing behavior. No functional change. Reviewed by: imp Differential Revision:https://reviews.freebsd.org/D24938 Modified: head/sys/geom/part/g_part.c head/sys/geom/part/g_part_if.m Modified: head/sys/geom/part/g_part.c == --- head/sys/geom/part/g_part.c Fri May 29 19:29:10 2020(r361634) +++ head/sys/geom/part/g_part.c Fri May 29 19:44:18 2020(r361635) @@ -469,7 +469,6 @@ g_part_new_provider(struct g_geom *gp, struct g_part_t { struct g_consumer *cp; struct g_provider *pp; - struct sbuf *sb; struct g_geom_alias *gap; off_t offset; @@ -481,11 +480,7 @@ g_part_new_provider(struct g_geom *gp, struct g_part_t entry->gpe_offset = offset; if (entry->gpe_pp == NULL) { - sb = sbuf_new_auto(); - G_PART_FULLNAME(table, entry, sb, gp->name); - sbuf_finish(sb); - entry->gpe_pp = g_new_providerf(gp, "%s", sbuf_data(sb)); - sbuf_delete(sb); + entry->gpe_pp = G_PART_NEW_PROVIDER(table, gp, entry, gp->name); /* * If our parent provider had any aliases, then copy them to our * provider so when geom DEV tastes things later, they will be @@ -493,13 +488,8 @@ g_part_new_provider(struct g_geom *gp, struct g_part_t * place of the geom's name we use to create the provider. The * kobj interface that generates names makes this awkward. */ - LIST_FOREACH(gap, &pp->aliases, ga_next) { - sb = sbuf_new_auto(); - G_PART_FULLNAME(table, entry, sb, gap->ga_alias); - sbuf_finish(sb); - g_provider_add_alias(entry->gpe_pp, "%s", sbuf_data(sb)); - sbuf_delete(sb); - } + LIST_FOREACH(gap, &pp->aliases, ga_next) + G_PART_ADD_ALIAS(table, entry->gpe_pp, entry, gap->ga_alias); entry->gpe_pp->flags |= G_PF_DIRECT_SEND | G_PF_DIRECT_RECEIVE; entry->gpe_pp->private = entry; /* Close the circle. */ } Modified: head/sys/geom/part/g_part_if.m == --- head/sys/geom/part/g_part_if.m Fri May 29 19:29:10 2020 (r361634) +++ head/sys/geom/part/g_part_if.m Fri May 29 19:44:18 2020 (r361635) @@ -52,6 +52,34 @@ CODE { G_PART_NAME(table, entry, buf, sizeof(buf))); } + static struct g_provider * + default_new_provider(struct g_part_table *table, struct g_geom *gp, + struct g_part_entry *entry, const char *pfx) + { + struct g_provider *ret; + struct sbuf *sb; + + sb = sbuf_new_auto(); + G_PART_FULLNAME(table, entry, sb, pfx); + sbuf_finish(sb); + ret = g_new_providerf(gp, "%s", sbuf_data(sb)); + sbuf_delete(sb); + return (ret); + } + + static void + default_add_alias(struct g_part_table *table, struct g_provider *pp, + struct g_part_entry *entry, const char *pfx) + { + struct sbuf *sb; + + sb = sbuf_new_auto(); + G_PART_FULLNAME(table, entry, sb, pfx); + sbuf_finish(sb); + g_provider_add_alias(pp, "%s", sbuf_data(sb)); + sbuf_delete(sb); + } + static int default_precheck(struct g_part_table *t __unused, enum g_part_ctl r __unused, struct g_part_parms *p __unused) @@ -88,6 +116,15 @@ METHOD int add { struct g_part_parms *gpp; }; +# add_alias() - Create aliases for the partition's provider with the given +# alias prefixes. +METHOD void add_alias { + struct g_part_table *table; + struct g_provider *pp; + struct g_part_entry *entry; + const char *pfx; +} DEFAULT default_add_alias; + # bootcode() - scheme specific processing for the bootcode verb. METHOD int bootcode { struct g_part_table *table; @@ -144,6 +181,14 @@ METHOD int modify { struct g_part_entry *entry; struct g_part_parms *gpp; }; + +# new_provider() - Create the partition's provider(s). +METHOD struct g_provider * new_provider { + struct g_part_table *table; + struct g_geom *gp; + struct g_part_entry *entry; + const char *pfx; +} DEFAULT default_new_provider; # resize() - scheme specific processing for the re
svn commit: r361634 - head/sys/modules/if_enc
Author: jhb Date: Fri May 29 19:29:10 2020 New Revision: 361634 URL: https://svnweb.freebsd.org/changeset/base/361634 Log: Add opt_ipsec.h to fix standalone builds after r361633. Modified: head/sys/modules/if_enc/Makefile Modified: head/sys/modules/if_enc/Makefile == --- head/sys/modules/if_enc/MakefileFri May 29 19:22:40 2020 (r361633) +++ head/sys/modules/if_enc/MakefileFri May 29 19:29:10 2020 (r361634) @@ -6,6 +6,6 @@ SYSDIR?=${SRCTOP}/sys .PATH: ${SYSDIR}/net KMOD= if_enc -SRCS= if_enc.c opt_inet.h opt_inet6.h +SRCS= if_enc.c opt_inet.h opt_inet6.h opt_ipsec.h .include ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361633 - in head/sys: net netipsec
Author: jhb Date: Fri May 29 19:22:40 2020 New Revision: 361633 URL: https://svnweb.freebsd.org/changeset/base/361633 Log: Consistently include opt_ipsec.h for consumers of . This fixes ipsec.ko to include all of IPSEC_DEBUG. Reviewed by: imp MFC after:2 weeks Sponsored by: Netflix Differential Revision:https://reviews.freebsd.org/D25046 Modified: head/sys/net/if_enc.c head/sys/net/if_ipsec.c head/sys/netipsec/ipsec.h head/sys/netipsec/ipsec_mbuf.c head/sys/netipsec/xform_ah.c head/sys/netipsec/xform_esp.c head/sys/netipsec/xform_ipcomp.c Modified: head/sys/net/if_enc.c == --- head/sys/net/if_enc.c Fri May 29 19:21:35 2020(r361632) +++ head/sys/net/if_enc.c Fri May 29 19:22:40 2020(r361633) @@ -32,6 +32,7 @@ #include "opt_inet.h" #include "opt_inet6.h" +#include "opt_ipsec.h" #include #include Modified: head/sys/net/if_ipsec.c == --- head/sys/net/if_ipsec.c Fri May 29 19:21:35 2020(r361632) +++ head/sys/net/if_ipsec.c Fri May 29 19:22:40 2020(r361633) @@ -30,6 +30,7 @@ __FBSDID("$FreeBSD$"); #include "opt_inet.h" #include "opt_inet6.h" +#include "opt_ipsec.h" #include #include Modified: head/sys/netipsec/ipsec.h == --- head/sys/netipsec/ipsec.h Fri May 29 19:21:35 2020(r361632) +++ head/sys/netipsec/ipsec.h Fri May 29 19:22:40 2020(r361633) @@ -39,11 +39,6 @@ #ifndef _NETIPSEC_IPSEC_H_ #define _NETIPSEC_IPSEC_H_ -#if defined(_KERNEL) && !defined(_LKM) && !defined(KLD_MODULE) -#include "opt_inet.h" -#include "opt_ipsec.h" -#endif - #include #include Modified: head/sys/netipsec/ipsec_mbuf.c == --- head/sys/netipsec/ipsec_mbuf.c Fri May 29 19:21:35 2020 (r361632) +++ head/sys/netipsec/ipsec_mbuf.c Fri May 29 19:22:40 2020 (r361633) @@ -32,6 +32,8 @@ * IPsec-specific mbuf routines. */ +#include "opt_ipsec.h" + #include #include #include Modified: head/sys/netipsec/xform_ah.c == --- head/sys/netipsec/xform_ah.cFri May 29 19:21:35 2020 (r361632) +++ head/sys/netipsec/xform_ah.cFri May 29 19:22:40 2020 (r361633) @@ -38,6 +38,7 @@ */ #include "opt_inet.h" #include "opt_inet6.h" +#include "opt_ipsec.h" #include #include Modified: head/sys/netipsec/xform_esp.c == --- head/sys/netipsec/xform_esp.c Fri May 29 19:21:35 2020 (r361632) +++ head/sys/netipsec/xform_esp.c Fri May 29 19:22:40 2020 (r361633) @@ -37,6 +37,7 @@ */ #include "opt_inet.h" #include "opt_inet6.h" +#include "opt_ipsec.h" #include #include Modified: head/sys/netipsec/xform_ipcomp.c == --- head/sys/netipsec/xform_ipcomp.cFri May 29 19:21:35 2020 (r361632) +++ head/sys/netipsec/xform_ipcomp.cFri May 29 19:22:40 2020 (r361633) @@ -33,6 +33,7 @@ /* IP payload compression protocol (IPComp), see RFC 2393 */ #include "opt_inet.h" #include "opt_inet6.h" +#include "opt_ipsec.h" #include #include ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361632 - in head/sys: conf modules/ipsec modules/tcp/tcpmd5
Author: jhb Date: Fri May 29 19:21:35 2020 New Revision: 361632 URL: https://svnweb.freebsd.org/changeset/base/361632 Log: Honor opt_ipsec.h from kernel builds. To make this simpler, set the default contents of opt_ipsec.h for standalone modules in sys/conf/config.mk. Reviewed by: imp MFC after:2 weeks Sponsored by: Netflix Differential Revision:https://reviews.freebsd.org/D25046 Modified: head/sys/conf/config.mk head/sys/modules/ipsec/Makefile head/sys/modules/tcp/tcpmd5/Makefile Modified: head/sys/conf/config.mk == --- head/sys/conf/config.mk Fri May 29 18:05:40 2020(r361631) +++ head/sys/conf/config.mk Fri May 29 19:21:35 2020(r361632) @@ -30,6 +30,8 @@ opt_inet.h: opt_inet6.h: @echo "#define INET6 1" > ${.TARGET} .endif +opt_ipsec.h: + @echo "#define IPSEC_SUPPORT 1" > ${.TARGET} .if ${MK_RATELIMIT} != "no" opt_ratelimit.h: @echo "#define RATELIMIT 1" > ${.TARGET} Modified: head/sys/modules/ipsec/Makefile == --- head/sys/modules/ipsec/Makefile Fri May 29 18:05:40 2020 (r361631) +++ head/sys/modules/ipsec/Makefile Fri May 29 19:21:35 2020 (r361632) @@ -8,7 +8,4 @@ SRCS= if_ipsec.c ipsec.c ipsec_input.c ipsec_mbuf.c ip opt_inet.h opt_inet6.h opt_ipsec.h opt_sctp.h SRCS.INET= udpencap.c -opt_ipsec.h: - @echo "#define IPSEC_SUPPORT 1" > ${.TARGET} - .include Modified: head/sys/modules/tcp/tcpmd5/Makefile == --- head/sys/modules/tcp/tcpmd5/MakefileFri May 29 18:05:40 2020 (r361631) +++ head/sys/modules/tcp/tcpmd5/MakefileFri May 29 19:21:35 2020 (r361632) @@ -5,7 +5,4 @@ KMOD= tcpmd5 SRCS= xform_tcp.c opt_inet.h opt_inet6.h opt_ipsec.h -opt_ipsec.h: - @echo "#define IPSEC_SUPPORT 1" > ${.TARGET} - .include ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r361275 - in head/sys: conf dev/hyperv/hvsock dev/hyperv/include dev/hyperv/vmbus modules/hyperv modules/hyperv/hvsock sys
On Fri, May 29, 2020 at 12:08 PM Wei Hu wrote: > > -Original Message- > > > > [... snip ...] > > > > +void > > > > +hvs_trans_init(void) > > > > +{ > > > > + /* Skip initialization of globals for non-default instances. */ > > > > + if (!IS_DEFAULT_VNET(curvnet)) > > > > + return; > > > > + > > > > + if (vm_guest != VM_GUEST_HV) > > > > + return; > > > > + > > > > + HVSOCK_DBG(HVSOCK_DBG_VERBOSE, > > > > + "%s: HyperV Socket hvs_trans_init called\n", __func__); > > > > + > > > > + /* Initialize Globals */ > > > > + previous_auto_bound_port = MAX_PORT; > > > > + sx_init(&hvs_trans_socks_sx, "hvs_trans_sock_sx"); > > > > + mtx_init(&hvs_trans_socks_mtx, > > > > + "hvs_trans_socks_mtx", NULL, MTX_DEF); > > > > + LIST_INIT(&hvs_trans_bound_socks); > > > > + LIST_INIT(&hvs_trans_connected_socks); > > > > +} > > > > + > > > > > > I have a suspicion that all of these should really be per-vnet for > > > correct semantics with VIMAGE, with the IS_DEFAULT_VNET check earlier > > > dropped completely. I haven't read around the rest all that much, but > > > this would at least seem to prevent port re-use by a different vnet, > > > which is perhaps "good enough" but I think this is something that > > > should be fixed in the mid-term. > > > > > > > I have a follow-up concern about whether this is actually going to be > > maintained... it's been a full week with not even an acknowledgement or > > rebuttal of any of the concerns I've raised, with some of them being > > completely > > trivial to address in the short-term. I don't think that we really want > > this in the > > tree in its current state given this level of engagement. > > > Sorry for my late response, Kyle. I read your comments last week. To be > honest I am > not familiar to VNET and VIMAGE, so I don't quite understand. I got distracted > into other work so my response to this was delayed. > > Do you mean to drop these two lines? >if (!IS_DEFAULT_VNET(curvnet)) >return > I copied these from other socket init code. If they are not necessary I can > remove them. > Alright, let's rewind a little bit here. =-) Consider while reading the below that I have no idea what the host-side of these sockets look like beyond what I just very quickly skimmed from [0]. It's a little more involved than that; consider each vnet as its own independent network stack that's largely isolated from other vnets. The host starts out with a vnet, vnet0 (the default vnet), and root may spawn additional vnets attached to jails to allow the jail to operate its own network stack as well. Your pr_init will get called once per vnet spawned, including the obvious default vnet, which is why the check is there in the first place -- you may have some global state that only needs to be initialized once, at which point you would exclude non-default vnets from executing those bits. The more I think about it, though, the more I wonder if hvsock makes sense at all in non-default vnet contexts and whether hvs_trans_attach should really be attaching to sockets outside of the default vnet. You can bind in your FreeBSD HyperV guest to a port, and a host service's option for connecting is specifying guest GUID + port; there's not really any wiggle room for multiple entities within a guest to be binding to a given port anyways. It may very well be the case that the status quo is the optimal outcome. Given that, does it make sense that the host connects via the guest GUID and can potentially end up connected to some jail of unknown trust operating its own network stack? As a final scattered thought for the hour, does the Linux implementation of this stuff do anything to give a guest admin visibility into existing HyperV sockets on the system? AFAICT here, there's no sockstat integration or anything else that might export hvsock information to userland, so one's only option to tracking down whether a HyperV socket even exists and to which process it belongs would appear to be probing around in the kernel. Thanks, Kyle Evans [0] https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/user-guide/make-integration-service ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361631 - releng/11.4/release/pkg_repos
Author: gjb Date: Fri May 29 18:05:40 2020 New Revision: 361631 URL: https://svnweb.freebsd.org/changeset/base/361631 Log: Update the pkg.conf used to populate the dvd1.iso to use the release_4 package set from this point forward. Approved by: re (implicit) Sponsored by: Rubicon Communications, LLC (netgate.com) Modified: releng/11.4/release/pkg_repos/release-dvd.conf Modified: releng/11.4/release/pkg_repos/release-dvd.conf == --- releng/11.4/release/pkg_repos/release-dvd.conf Fri May 29 17:52:20 2020(r361630) +++ releng/11.4/release/pkg_repos/release-dvd.conf Fri May 29 18:05:40 2020(r361631) @@ -1,6 +1,6 @@ # $FreeBSD$ release: { - url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly";, + url: "pkg+http://pkg.FreeBSD.org/${ABI}/release_4";, mirror_type: "srv", signature_type: "fingerprints", fingerprints: "/usr/share/keys/pkg", ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361630 - head/sys/cam/ctl
Author: mav Date: Fri May 29 17:52:20 2020 New Revision: 361630 URL: https://svnweb.freebsd.org/changeset/base/361630 Log: Remove session locking from cfiscsi_pdu_update_cmdsn(). cs_cmdsn can be incremented with single atomic. expcmdsn/maxcmdsn set in cfiscsi_pdu_prepare() based on cs_cmdsn are not required to be updated synchronously, only monotonically, that is achieved with lock there. MFC after:2 weeks Sponsored by: iXsystems, Inc. Modified: head/sys/cam/ctl/ctl_frontend_iscsi.c Modified: head/sys/cam/ctl/ctl_frontend_iscsi.c == --- head/sys/cam/ctl/ctl_frontend_iscsi.c Fri May 29 17:39:25 2020 (r361629) +++ head/sys/cam/ctl/ctl_frontend_iscsi.c Fri May 29 17:52:20 2020 (r361630) @@ -211,7 +211,7 @@ cfiscsi_pdu_update_cmdsn(const struct icl_pdu *request { const struct iscsi_bhs_scsi_command *bhssc; struct cfiscsi_session *cs; - uint32_t cmdsn, expstatsn; + uint32_t cmdsn, curcmdsn; cs = PDU_SESSION(request); @@ -220,16 +220,20 @@ cfiscsi_pdu_update_cmdsn(const struct icl_pdu *request * The purpose of the timeout is to reset the connection when it stalls; * we don't want this to happen when NOP-In or NOP-Out ends up delayed * in some queue. -* -* XXX: Locking? */ cs->cs_timeout = 0; /* +* Immediate commands carry cmdsn, but it is neither incremented nor +* verified. +*/ + if (request->ip_bhs->bhs_opcode & ISCSI_BHS_OPCODE_IMMEDIATE) + return (false); + + /* * Data-Out PDUs don't contain CmdSN. */ - if ((request->ip_bhs->bhs_opcode & ~ISCSI_BHS_OPCODE_IMMEDIATE) == - ISCSI_BHS_OPCODE_SCSI_DATA_OUT) + if (request->ip_bhs->bhs_opcode == ISCSI_BHS_OPCODE_SCSI_DATA_OUT) return (false); /* @@ -237,50 +241,37 @@ cfiscsi_pdu_update_cmdsn(const struct icl_pdu *request * (initiator -> target) PDUs. */ bhssc = (const struct iscsi_bhs_scsi_command *)request->ip_bhs; - cmdsn = ntohl(bhssc->bhssc_cmdsn); - expstatsn = ntohl(bhssc->bhssc_expstatsn); + curcmdsn = cmdsn = ntohl(bhssc->bhssc_cmdsn); - CFISCSI_SESSION_LOCK(cs); -#if 0 - if (expstatsn != cs->cs_statsn) { - CFISCSI_SESSION_DEBUG(cs, "received PDU with ExpStatSN %d, " - "while current StatSN is %d", expstatsn, - cs->cs_statsn); - } -#endif + /* +* Increment session cmdsn and exit if we received the expected value. +*/ + do { + if (atomic_fcmpset_32(&cs->cs_cmdsn, &curcmdsn, cmdsn + 1)) + return (false); + } while (curcmdsn == cmdsn); - if ((request->ip_bhs->bhs_opcode & ISCSI_BHS_OPCODE_IMMEDIATE) == 0) { - /* -* The target MUST silently ignore any non-immediate command -* outside of this range. -*/ - if (ISCSI_SNLT(cmdsn, cs->cs_cmdsn) || - ISCSI_SNGT(cmdsn, cs->cs_cmdsn - 1 + maxtags)) { - CFISCSI_SESSION_UNLOCK(cs); - CFISCSI_SESSION_WARN(cs, "received PDU with CmdSN %u, " - "while expected %u", cmdsn, cs->cs_cmdsn); - return (true); - } - - /* -* We don't support multiple connections now, so any -* discontinuity in CmdSN means lost PDUs. Since we don't -* support PDU retransmission -- terminate the connection. -*/ - if (cmdsn != cs->cs_cmdsn) { - CFISCSI_SESSION_UNLOCK(cs); - CFISCSI_SESSION_WARN(cs, "received PDU with CmdSN %u, " - "while expected %u; dropping connection", - cmdsn, cs->cs_cmdsn); - cfiscsi_session_terminate(cs); - return (true); - } - cs->cs_cmdsn++; + /* +* The target MUST silently ignore any non-immediate command outside +* of this range. +*/ + if (ISCSI_SNLT(cmdsn, curcmdsn) || + ISCSI_SNGT(cmdsn, curcmdsn - 1 + maxtags)) { + CFISCSI_SESSION_WARN(cs, "received PDU with CmdSN %u, " + "while expected %u", cmdsn, curcmdsn); + return (true); } - CFISCSI_SESSION_UNLOCK(cs); - - return (false); + /* +* We don't support multiple connections now, so any discontinuity in +* CmdSN means lost PDUs. Since we don't support PDU retransmission -- +* terminate the connection. +*/ + CFISCSI_SESSION_WARN(cs, "received PDU with CmdSN %u, " + "while expected %u; dropping connection", +
svn commit: r361629 - head/share/man/man5
Author: emaste Date: Fri May 29 17:39:25 2020 New Revision: 361629 URL: https://svnweb.freebsd.org/changeset/base/361629 Log: regen src.conf.5 after BINUTILS changes Modified: head/share/man/man5/src.conf.5 Modified: head/share/man/man5/src.conf.5 == --- head/share/man/man5/src.conf.5 Fri May 29 17:36:54 2020 (r361628) +++ head/share/man/man5/src.conf.5 Fri May 29 17:39:25 2020 (r361629) @@ -1,6 +1,6 @@ .\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. .\" $FreeBSD$ -.Dd May 20, 2020 +.Dd May 29, 2020 .Dt SRC.CONF 5 .Os .Sh NAME @@ -189,14 +189,14 @@ as part of the normal system build. .Pp This is a default setting on -arm/armv6, arm/armv7, arm64/aarch64, mips/mips, mips/mips64, powerpc/powerpc, powerpc/powerpc64, riscv/riscv64 and riscv/riscv64sf. +arm/armv6, arm/armv7, arm64/aarch64, i386/i386, mips/mips, mips/mips64, powerpc/powerpc, powerpc/powerpc64, riscv/riscv64 and riscv/riscv64sf. .It Va WITH_BINUTILS Build and install GNU .Xr as 1 as part of the normal system build. .Pp This is a default setting on -amd64/amd64 and i386/i386. +amd64/amd64. .It Va WITHOUT_BINUTILS_BOOTSTRAP Do not build GNU binutils as part of the bootstrap process. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361628 - head/share/mk
Author: emaste Date: Fri May 29 17:36:54 2020 New Revision: 361628 URL: https://svnweb.freebsd.org/changeset/base/361628 Log: Disable BINUTILS by default on i386 The retirement of obsolete binutils 2.17.50 has been in progress for quite some time. All tools other than GNU as were removed prior to this commit, and it was built only on two archs: i386, installed as /usr/bin/as amd64, installed as /usr/bin/as and as a bootstrap tool The i386 exp-run has completed and failures have been addressed in the individual ports, so disable it there. PR: 233611, 205250 [exp-run] Sponsored by: The FreeBSD Foundation Modified: head/share/mk/src.opts.mk Modified: head/share/mk/src.opts.mk == --- head/share/mk/src.opts.mk Fri May 29 16:15:33 2020(r361627) +++ head/share/mk/src.opts.mk Fri May 29 17:36:54 2020(r361628) @@ -290,13 +290,10 @@ __DEFAULT_NO_OPTIONS+=LLVM_TARGET_BPF .if ${__T} == "aarch64" || ${__T:Mriscv*} != "" BROKEN_OPTIONS+=BINUTILS BINUTILS_BOOTSTRAP GDB .endif -# BINUTILS is enabled on x86 to provide as for ports - PR 205250 +# BINUTILS is enabled on amd64 to provide as for ports - PR 205250 # BINUTILS_BOOTSTRAP is needed on amd64 only, for skein_block_asm.s .if ${__T} == "amd64" __DEFAULT_YES_OPTIONS+=BINUTILS BINUTILS_BOOTSTRAP -.elif ${__T} == "i386" -__DEFAULT_YES_OPTIONS+=BINUTILS -__DEFAULT_NO_OPTIONS+=BINUTILS_BOOTSTRAP .else __DEFAULT_NO_OPTIONS+=BINUTILS BINUTILS_BOOTSTRAP .endif ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
RE: svn commit: r361275 - in head/sys: conf dev/hyperv/hvsock dev/hyperv/include dev/hyperv/vmbus modules/hyperv modules/hyperv/hvsock sys
> -Original Message- > > > [... snip ...] > > > +void > > > +hvs_trans_init(void) > > > +{ > > > + /* Skip initialization of globals for non-default instances. */ > > > + if (!IS_DEFAULT_VNET(curvnet)) > > > + return; > > > + > > > + if (vm_guest != VM_GUEST_HV) > > > + return; > > > + > > > + HVSOCK_DBG(HVSOCK_DBG_VERBOSE, > > > + "%s: HyperV Socket hvs_trans_init called\n", __func__); > > > + > > > + /* Initialize Globals */ > > > + previous_auto_bound_port = MAX_PORT; > > > + sx_init(&hvs_trans_socks_sx, "hvs_trans_sock_sx"); > > > + mtx_init(&hvs_trans_socks_mtx, > > > + "hvs_trans_socks_mtx", NULL, MTX_DEF); > > > + LIST_INIT(&hvs_trans_bound_socks); > > > + LIST_INIT(&hvs_trans_connected_socks); > > > +} > > > + > > > > I have a suspicion that all of these should really be per-vnet for > > correct semantics with VIMAGE, with the IS_DEFAULT_VNET check earlier > > dropped completely. I haven't read around the rest all that much, but > > this would at least seem to prevent port re-use by a different vnet, > > which is perhaps "good enough" but I think this is something that > > should be fixed in the mid-term. > > > > I have a follow-up concern about whether this is actually going to be > maintained... it's been a full week with not even an acknowledgement or > rebuttal of any of the concerns I've raised, with some of them being > completely > trivial to address in the short-term. I don't think that we really want this > in the > tree in its current state given this level of engagement. > Sorry for my late response, Kyle. I read your comments last week. To be honest I am not familiar to VNET and VIMAGE, so I don't quite understand. I got distracted into other work so my response to this was delayed. Do you mean to drop these two lines? if (!IS_DEFAULT_VNET(curvnet)) return I copied these from other socket init code. If they are not necessary I can remove them. Thanks, Wei ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361626 - head/sys/dev/usb/wlan
Author: adrian Date: Fri May 29 15:56:44 2020 New Revision: 361626 URL: https://svnweb.freebsd.org/changeset/base/361626 Log: [run] Add initial 802.11n support. * Enable self-generated 11n frames * add MCS rates for 1-stream and 2-stream rates; will do 3-stream once the rest of this tests out OK with other people. * Hard-code 1 stream for now * Add A-MPDU RX mbuf tagging * RTS/CTS if doing RTSCTS in HT protmode as well as legacy; they're separate configuration flags * Update the amrr rate index stuff - walk the rates array like others to find the right one - this now works for MCS and CCK/OFDM rates * Add support for atheros fast frames/AMSDU support as we can generate those in net80211. TODO: * HT40 isn't enabled yet * No A-MPDU support just yet; that requires some more firmware research and maybe porting some ath(4) A-MPDU support/tracking into net80211 * Short preamble flags aren't set yet for MCS; need to check the linux driver and see what's going on there * Add 3x3 rates and set tx/rx stream configuration appropriately * More 5GHz testing; I have a 3x3 dual band USB NIC coming soon that'll let me test this. * Figure out why the RX path isn't performing as fast as it could - there's only a single buffer loaded at a time for the receive path in the USB bulk handler and this may not be super useful. Tested: * RT5390 usb, 1x1, RF5370 (2GHz radio), STA mode - A-MSDU TX, A-MPDU RX Submitted by: Ashish Gupta Differential Revision:https://reviews.freebsd.org/D22840 Modified: head/sys/dev/usb/wlan/if_run.c head/sys/dev/usb/wlan/if_runreg.h head/sys/dev/usb/wlan/if_runvar.h Modified: head/sys/dev/usb/wlan/if_run.c == --- head/sys/dev/usb/wlan/if_run.c Fri May 29 13:07:52 2020 (r361625) +++ head/sys/dev/usb/wlan/if_run.c Fri May 29 15:56:44 2020 (r361626) @@ -64,6 +64,9 @@ __FBSDID("$FreeBSD$"); #include #include #include +#ifdef IEEE80211_SUPPORT_SUPERG +#include +#endif #include #include @@ -495,6 +498,9 @@ static void run_adjust_freq_offset(struct run_softc *) static voidrun_init_locked(struct run_softc *); static voidrun_stop(void *); static voidrun_delay(struct run_softc *, u_int); +static voidrun_update_chw(struct ieee80211com *ic); +static int run_ampdu_enable(struct ieee80211_node *ni, + struct ieee80211_tx_ampdu *tap); static eventhandler_tag run_etag; @@ -506,10 +512,13 @@ static const struct rt2860_rate { uint16_tsp_ack_dur; uint16_tlp_ack_dur; } rt2860_rates[] = { + /* CCK rates (11b) */ { 2, 0, IEEE80211_T_DS, 0, 314, 314 }, { 4, 1, IEEE80211_T_DS, 1, 258, 162 }, { 11, 2, IEEE80211_T_DS, 2, 223, 127 }, { 22, 3, IEEE80211_T_DS, 3, 213, 117 }, + + /* OFDM rates (11a / 11g) */ { 12, 0, IEEE80211_T_OFDM, 4, 60, 60 }, { 18, 1, IEEE80211_T_OFDM, 4, 52, 52 }, { 24, 2, IEEE80211_T_OFDM, 6, 48, 48 }, @@ -517,9 +526,35 @@ static const struct rt2860_rate { { 48, 4, IEEE80211_T_OFDM, 8, 44, 44 }, { 72, 5, IEEE80211_T_OFDM, 8, 40, 40 }, { 96, 6, IEEE80211_T_OFDM, 8, 40, 40 }, - { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 } + { 108, 7, IEEE80211_T_OFDM, 8, 40, 40 }, + + /* MCS - single stream */ + { 0x80, 0, IEEE80211_T_HT, 4, 60, 60 }, + { 0x81, 1, IEEE80211_T_HT, 4, 60, 60 }, + { 0x82, 2, IEEE80211_T_HT, 4, 60, 60 }, + { 0x83, 3, IEEE80211_T_HT, 4, 60, 60 }, + { 0x84, 4, IEEE80211_T_HT, 4, 60, 60 }, + { 0x85, 5, IEEE80211_T_HT, 4, 60, 60 }, + { 0x86, 6, IEEE80211_T_HT, 4, 60, 60 }, + { 0x87, 7, IEEE80211_T_HT, 4, 60, 60 }, + /* MCS - 2 streams */ + { 0x88, 8, IEEE80211_T_HT, 4, 60, 60 }, + { 0x89, 9, IEEE80211_T_HT, 4, 60, 60 }, + { 0x8a, 10, IEEE80211_T_HT, 4, 60, 60 }, + { 0x8b, 11, IEEE80211_T_HT, 4, 60, 60 }, + { 0x8c, 12, IEEE80211_T_HT, 4, 60, 60 }, + { 0x8d, 13, IEEE80211_T_HT, 4, 60, 60 }, + { 0x8e, 14, IEEE80211_T_HT, 4, 60, 60 }, + { 0x8f, 15, IEEE80211_T_HT, 4, 60, 60 }, }; +/* These are indexes into the above rt2860_rates[] array */ +#defineRT2860_RIDX_CCK10 +#defineRT2860_RIDX_CCK11 3 +#defineRT2860_RIDX_OFDM6 4 +#defineRT2860_RIDX_MCS012 +#defineRT2860_RIDX_MAX 28 + static const struct { uint16_treg; uint32_tval; @@ -807,9 +842,25 @@ run_attach(device_t self) IEEE80211_C_MBSS | IEEE80211_C_SHPREAMBLE |/* short preamble supported */ IEEE80211_C_SHSLOT |/* short slot time supported */ + IEEE80211_C_SWAMSDUTX | /* Do software A-MSDU TX */
Re: svn commit: r361275 - in head/sys: conf dev/hyperv/hvsock dev/hyperv/include dev/hyperv/vmbus modules/hyperv modules/hyperv/hvsock sys
On Fri, May 22, 2020 at 11:12 AM Kyle Evans wrote: > > On Wed, May 20, 2020 at 6:04 AM Wei Hu wrote: > > > > Author: whu > > Date: Wed May 20 11:03:59 2020 > > New Revision: 361275 > > URL: https://svnweb.freebsd.org/changeset/base/361275 > > > > Log: > > HyperV socket implementation for FreeBSD > > > > This change adds Hyper-V socket feature in FreeBSD. New socket address > > family AF_HYPERV and its kernel support are added. > > > > [... snip ...] > > +void > > +hvs_trans_init(void) > > +{ > > + /* Skip initialization of globals for non-default instances. */ > > + if (!IS_DEFAULT_VNET(curvnet)) > > + return; > > + > > + if (vm_guest != VM_GUEST_HV) > > + return; > > + > > + HVSOCK_DBG(HVSOCK_DBG_VERBOSE, > > + "%s: HyperV Socket hvs_trans_init called\n", __func__); > > + > > + /* Initialize Globals */ > > + previous_auto_bound_port = MAX_PORT; > > + sx_init(&hvs_trans_socks_sx, "hvs_trans_sock_sx"); > > + mtx_init(&hvs_trans_socks_mtx, > > + "hvs_trans_socks_mtx", NULL, MTX_DEF); > > + LIST_INIT(&hvs_trans_bound_socks); > > + LIST_INIT(&hvs_trans_connected_socks); > > +} > > + > > I have a suspicion that all of these should really be per-vnet for > correct semantics with VIMAGE, with the IS_DEFAULT_VNET check earlier > dropped completely. I haven't read around the rest all that much, but > this would at least seem to prevent port re-use by a different vnet, > which is perhaps "good enough" but I think this is something that > should be fixed in the mid-term. > I have a follow-up concern about whether this is actually going to be maintained... it's been a full week with not even an acknowledgement or rebuttal of any of the concerns I've raised, with some of them being completely trivial to address in the short-term. I don't think that we really want this in the tree in its current state given this level of engagement. Thanks, Kyle Evans ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r361481 - in head: share/man/man9 sys/crypto/ccp sys/dev/cxgbe/crypto sys/dev/hifn sys/dev/safe sys/geom/eli sys/kern sys/kgssapi/krb5 sys/netipsec sys/opencrypto sys/sys
On 5/29/20 1:34 AM, Mateusz Guzik wrote: > This gives me tinderbox failures with mips: > > _.mips.XLP64 > > /usr/src/sys/mips/nlm/dev/sec/nlmseclib.c:113:10: error: enumeration > value 'CRYPTO_BUF_NONE' not handled in switch [-Werror,-Wswitch] > switch (crp->crp_buf.cb_type) { > > _.mips.OCTEON1 > _.mips.ERL > > /usr/src/sys/mips/cavium/cryptocteon/cryptocteon.c:298:10: error: > enumeration values 'CRYPTO_BUF_NONE' and 'CRYPTO_BUF_CONTIG' not > handled in switch [-Werror,-Wswitch] > switch (crp->crp_buf.cb_type) { Hmm, I got warnings when I built those but not errors. I'll fix. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r361583 - head/sys/crypto/aesni
On 5/29/20 12:46 AM, Kornel Dulęba wrote: > On Thu, May 28, 2020 at 8:30 PM John Baldwin wrote: > >> On 5/28/20 2:13 AM, Marcin Wojtas wrote: >>> Author: mw >>> Date: Thu May 28 09:13:20 2020 >>> New Revision: 361583 >>> URL: https://svnweb.freebsd.org/changeset/base/361583 >>> >>> Log: >>> Change return types of hash update functions in SHA-NI >>> >>> r359374 introduced crypto_apply function which takes as argument a >> function pointer >>> that is expected to return an int, however aesni hash update functions >>> return void. >>> Because of that the function pointer passed was simply cast with >>> its return value changed. >>> This resulted in undefined behavior, in particular when mbuf is used, >> (ipsec) >>> m_apply checks return value of function pointer passed to it >>> and in our case bogusly fails after calculating hash of the first mbuf >>> in chain. >>> Fix it by changing signatures of sha update routines in aesni and >>> dropping the casts. >> >> Hmm, I missed one nit in the review. r359374 didn't introduce >> crypto_apply, it just changed some of the arguments arguments (crp >> instead of crp_buf and crp_flags). This fix needs to be MFC'd to 12 >> as well since the issue with the return type is also present there. >> >> -- >> John Baldwin >> > > Whoops, I should have read the diff more carefully. > Before debugging I did some bisecting and found r359374 as the culprit. > In r359374 return types of intel_sha256_update and intel_sha1_update were > changed to void which is the root cause. > SHA-NI on stable/12 should work just fine right now. > Sorry for the noise. Hmm, I did change the return types, oof. Thanks for tracking this down. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361625 - in head: sys/cam/ctl usr.sbin/ctladm
Author: mav Date: Fri May 29 13:07:52 2020 New Revision: 361625 URL: https://svnweb.freebsd.org/changeset/base/361625 Log: Report STATUS_QUEUED/SENT in `ctladm dumpooa` output. MFC after:2 weeks Sponsored by: iXsystems, Inc. Modified: head/sys/cam/ctl/ctl.c head/sys/cam/ctl/ctl_ioctl.h head/usr.sbin/ctladm/ctladm.c Modified: head/sys/cam/ctl/ctl.c == --- head/sys/cam/ctl/ctl.c Fri May 29 10:37:42 2020(r361624) +++ head/sys/cam/ctl/ctl.c Fri May 29 13:07:52 2020(r361625) @@ -2433,6 +2433,12 @@ ctl_ioctl_fill_ooa(struct ctl_lun *lun, uint32_t *cur_ if (io->io_hdr.flags & CTL_FLAG_DMA_QUEUED) entry->cmd_flags |= CTL_OOACMD_FLAG_DMA_QUEUED; + + if (io->io_hdr.flags & CTL_FLAG_STATUS_QUEUED) + entry->cmd_flags |= CTL_OOACMD_FLAG_STATUS_QUEUED; + + if (io->io_hdr.flags & CTL_FLAG_STATUS_SENT) + entry->cmd_flags |= CTL_OOACMD_FLAG_STATUS_SENT; } mtx_unlock(&lun->lun_lock); } Modified: head/sys/cam/ctl/ctl_ioctl.h == --- head/sys/cam/ctl/ctl_ioctl.hFri May 29 10:37:42 2020 (r361624) +++ head/sys/cam/ctl/ctl_ioctl.hFri May 29 13:07:52 2020 (r361625) @@ -247,7 +247,9 @@ typedef enum { CTL_OOACMD_FLAG_BLOCKED = 0x02, CTL_OOACMD_FLAG_ABORT = 0x04, CTL_OOACMD_FLAG_RTR = 0x08, - CTL_OOACMD_FLAG_DMA_QUEUED = 0x10 + CTL_OOACMD_FLAG_DMA_QUEUED = 0x10, + CTL_OOACMD_FLAG_STATUS_QUEUED = 0x20, + CTL_OOACMD_FLAG_STATUS_SENT = 0x40 } ctl_ooa_cmd_flags; struct ctl_ooa_entry { Modified: head/usr.sbin/ctladm/ctladm.c == --- head/usr.sbin/ctladm/ctladm.c Fri May 29 10:37:42 2020 (r361624) +++ head/usr.sbin/ctladm/ctladm.c Fri May 29 13:07:52 2020 (r361625) @@ -336,17 +336,20 @@ retry: if (ts.tv_nsec > 0) cmd_latency += ts.tv_nsec / 100; - fprintf(stdout, "LUN %jd tag 0x%04x%s%s%s%s%s: %s. CDB: %s " + fprintf(stdout, "LUN %jd tag 0x%04x%s%s%s%s%s%s%s: %s. CDB: %s " "(%0.0Lf ms)\n", (intmax_t)entry->lun_num, entry->tag_num, (entry->cmd_flags & CTL_OOACMD_FLAG_BLOCKED) ? " BLOCKED" : "", - (entry->cmd_flags & CTL_OOACMD_FLAG_DMA) ? " DMA" : "", + (entry->cmd_flags & CTL_OOACMD_FLAG_RTR) ? " RTR" :"", (entry->cmd_flags & CTL_OOACMD_FLAG_DMA_QUEUED) ? " DMAQUEUED" : "", + (entry->cmd_flags & CTL_OOACMD_FLAG_DMA) ? " DMA" : "", + (entry->cmd_flags & CTL_OOACMD_FLAG_STATUS_QUEUED) ? +" STATUSQUEUED" : "", + (entry->cmd_flags & CTL_OOACMD_FLAG_STATUS_SENT) ? " STATUS" : "", (entry->cmd_flags & CTL_OOACMD_FLAG_ABORT) ? " ABORT" : "", - (entry->cmd_flags & CTL_OOACMD_FLAG_RTR) ? " RTR" :"", scsi_op_desc(entry->cdb[0], NULL), scsi_cdb_string(entry->cdb, cdb_str, sizeof(cdb_str)), cmd_latency); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361624 - head/sys/netpfil/ipfw
Author: ae Date: Fri May 29 10:37:42 2020 New Revision: 361624 URL: https://svnweb.freebsd.org/changeset/base/361624 Log: Fix O_IP_FLOW_LOOKUP opcode handling. Do not check table value matching when table lookup has failed. Reported by: Sergey Lobanov MFC after:1 week Modified: head/sys/netpfil/ipfw/ip_fw2.c Modified: head/sys/netpfil/ipfw/ip_fw2.c == --- head/sys/netpfil/ipfw/ip_fw2.c Fri May 29 10:09:47 2020 (r361623) +++ head/sys/netpfil/ipfw/ip_fw2.c Fri May 29 10:37:42 2020 (r361624) @@ -2106,6 +2106,8 @@ do { \ uint32_t v = 0; match = ipfw_lookup_table(chain, cmd->arg1, 0, &args->f_id, &v); + if (!match) + break; if (cmdlen == F_INSN_SIZE(ipfw_insn_u32)) match = ((ipfw_insn_u32 *)cmd)->d[0] == TARG_VAL(chain, v, tag); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361623 - head/tests/sys/netipsec/tunnel
Author: lwhsu Date: Fri May 29 10:09:47 2020 New Revision: 361623 URL: https://svnweb.freebsd.org/changeset/base/361623 Log: Revert r361497, these cases are fixed by r361617. PR: 246737 Sponsored by: The FreeBSD Foundation Modified: head/tests/sys/netipsec/tunnel/aes_cbc_128_hmac_sha1.sh head/tests/sys/netipsec/tunnel/aes_cbc_256_hmac_sha2_256.sh head/tests/sys/netipsec/tunnel/aesni_aes_cbc_128_hmac_sha1.sh head/tests/sys/netipsec/tunnel/aesni_aes_cbc_256_hmac_sha2_256.sh Modified: head/tests/sys/netipsec/tunnel/aes_cbc_128_hmac_sha1.sh == --- head/tests/sys/netipsec/tunnel/aes_cbc_128_hmac_sha1.sh Fri May 29 08:30:35 2020(r361622) +++ head/tests/sys/netipsec/tunnel/aes_cbc_128_hmac_sha1.sh Fri May 29 10:09:47 2020(r361623) @@ -11,10 +11,6 @@ v4_head() v4_body() { - if [ "$(atf_config_get ci false)" = "true" ]; then - atf_skip "https://bugs.freebsd.org/246737"; - fi - # Unload AESNI module if loaded kldstat -q -n aesni && kldunload aesni Modified: head/tests/sys/netipsec/tunnel/aes_cbc_256_hmac_sha2_256.sh == --- head/tests/sys/netipsec/tunnel/aes_cbc_256_hmac_sha2_256.sh Fri May 29 08:30:35 2020(r361622) +++ head/tests/sys/netipsec/tunnel/aes_cbc_256_hmac_sha2_256.sh Fri May 29 10:09:47 2020(r361623) @@ -11,10 +11,6 @@ v4_head() v4_body() { - if [ "$(atf_config_get ci false)" = "true" ]; then - atf_skip "https://bugs.freebsd.org/246737"; - fi - # load AESNI module if not already kldstat -q -n aesni || kldload aesni Modified: head/tests/sys/netipsec/tunnel/aesni_aes_cbc_128_hmac_sha1.sh == --- head/tests/sys/netipsec/tunnel/aesni_aes_cbc_128_hmac_sha1.sh Fri May 29 08:30:35 2020(r361622) +++ head/tests/sys/netipsec/tunnel/aesni_aes_cbc_128_hmac_sha1.sh Fri May 29 10:09:47 2020(r361623) @@ -11,10 +11,6 @@ v4_head() v4_body() { - if [ "$(atf_config_get ci false)" = "true" ]; then - atf_skip "https://bugs.freebsd.org/246737"; - fi - # load AESNI module if not already kldstat -q -n aesni || kldload aesni Modified: head/tests/sys/netipsec/tunnel/aesni_aes_cbc_256_hmac_sha2_256.sh == --- head/tests/sys/netipsec/tunnel/aesni_aes_cbc_256_hmac_sha2_256.sh Fri May 29 08:30:35 2020(r361622) +++ head/tests/sys/netipsec/tunnel/aesni_aes_cbc_256_hmac_sha2_256.sh Fri May 29 10:09:47 2020(r361623) @@ -11,10 +11,6 @@ v4_head() v4_body() { - if [ "$(atf_config_get ci false)" = "true" ]; then - atf_skip "https://bugs.freebsd.org/246737"; - fi - # Unload AESNI module if loaded kldstat -q -n aesni && kldunload aesni ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r361481 - in head: share/man/man9 sys/crypto/ccp sys/dev/cxgbe/crypto sys/dev/hifn sys/dev/safe sys/geom/eli sys/kern sys/kgssapi/krb5 sys/netipsec sys/opencrypto sys/sys
This gives me tinderbox failures with mips: _.mips.XLP64 /usr/src/sys/mips/nlm/dev/sec/nlmseclib.c:113:10: error: enumeration value 'CRYPTO_BUF_NONE' not handled in switch [-Werror,-Wswitch] switch (crp->crp_buf.cb_type) { _.mips.OCTEON1 _.mips.ERL /usr/src/sys/mips/cavium/cryptocteon/cryptocteon.c:298:10: error: enumeration values 'CRYPTO_BUF_NONE' and 'CRYPTO_BUF_CONTIG' not handled in switch [-Werror,-Wswitch] switch (crp->crp_buf.cb_type) { On 5/26/20, John Baldwin wrote: > Author: jhb > Date: Mon May 25 22:12:04 2020 > New Revision: 361481 > URL: https://svnweb.freebsd.org/changeset/base/361481 > > Log: > Add support for optional separate output buffers to in-kernel crypto. > > Some crypto consumers such as GELI and KTLS for file-backed sendfile > need to store their output in a separate buffer from the input. > Currently these consumers copy the contents of the input buffer into > the output buffer and queue an in-place crypto operation on the output > buffer. Using a separate output buffer avoids this copy. > > - Create a new 'struct crypto_buffer' describing a crypto buffer > containing a type and type-specific fields. crp_ilen is gone, > instead buffers that use a flat kernel buffer have a cb_buf_len > field for their length. The length of other buffer types is > inferred from the backing store (e.g. uio_resid for a uio). > Requests now have two such structures: crp_buf for the input buffer, > and crp_obuf for the output buffer. > > - Consumers now use helper functions (crypto_use_*, > e.g. crypto_use_mbuf()) to configure the input buffer. If an output > buffer is not configured, the request still modifies the input > buffer in-place. A consumer uses a second set of helper functions > (crypto_use_output_*) to configure an output buffer. > > - Consumers must request support for separate output buffers when > creating a crypto session via the CSP_F_SEPARATE_OUTPUT flag and are > only permitted to queue a request with a separate output buffer on > sessions with this flag set. Existing drivers already reject > sessions with unknown flags, so this permits drivers to be modified > to support this extension without requiring all drivers to change. > > - Several data-related functions now have matching versions that > operate on an explicit buffer (e.g. crypto_apply_buf, > crypto_contiguous_subsegment_buf, bus_dma_load_crp_buf). > > - Most of the existing data-related functions operate on the input > buffer. However crypto_copyback always writes to the output buffer > if a request uses a separate output buffer. > > - For the regions in input/output buffers, the following conventions > are followed: > - AAD and IV are always present in input only and their > fields are offsets into the input buffer. > - payload is always present in both buffers. If a request uses a > separate output buffer, it must set a new crp_payload_start_output > field to the offset of the payload in the output buffer. > - digest is in the input buffer for verify operations, and in the > output buffer for compute operations. crp_digest_start is relative > to the appropriate buffer. > > - Add a crypto buffer cursor abstraction. This is a more general form > of some bits in the cryptosoft driver that tried to always use uio's. > However, compared to the original code, this avoids rewalking the uio > iovec array for requests with multiple vectors. It also avoids > allocate an iovec array for mbufs and populating it by instead walking > the mbuf chain directly. > > - Update the cryptosoft(4) driver to support separate output buffers > making use of the cursor abstraction. > > Sponsored by: Netflix > Differential Revision: https://reviews.freebsd.org/D24545 > > Added: > head/share/man/man9/crypto_buffer.9 (contents, props changed) > Modified: > head/share/man/man9/Makefile > head/share/man/man9/bus_dma.9 > head/share/man/man9/crypto_driver.9 > head/share/man/man9/crypto_request.9 > head/share/man/man9/crypto_session.9 > head/sys/crypto/ccp/ccp.c > head/sys/dev/cxgbe/crypto/t4_crypto.c > head/sys/dev/hifn/hifn7751.c > head/sys/dev/safe/safe.c > head/sys/geom/eli/g_eli_crypto.c > head/sys/geom/eli/g_eli_integrity.c > head/sys/geom/eli/g_eli_privacy.c > head/sys/kern/subr_bus_dma.c > head/sys/kgssapi/krb5/kcrypto_aes.c > head/sys/netipsec/xform_ah.c > head/sys/netipsec/xform_esp.c > head/sys/netipsec/xform_ipcomp.c > head/sys/opencrypto/criov.c > head/sys/opencrypto/crypto.c > head/sys/opencrypto/cryptodev.c > head/sys/opencrypto/cryptodev.h > head/sys/opencrypto/cryptosoft.c > head/sys/opencrypto/ktls_ocf.c > head/sys/sys/bus_dma.h > > Modified: head/share/man/man9/Makefile > == > --- head/share/m
svn commit: r361622 - head/sys/vm
Author: mjg Date: Fri May 29 08:30:35 2020 New Revision: 361622 URL: https://svnweb.freebsd.org/changeset/base/361622 Log: uma: hide item_domain under ifdef NUMA Fixes build warnings on mips. Modified: head/sys/vm/uma_core.c Modified: head/sys/vm/uma_core.c == --- head/sys/vm/uma_core.c Fri May 29 07:50:55 2020(r361621) +++ head/sys/vm/uma_core.c Fri May 29 08:30:35 2020(r361622) @@ -3197,6 +3197,7 @@ item_dtor(uma_zone_t zone, void *item, int size, void } } +#ifdef NUMA static int item_domain(void *item) { @@ -3207,6 +3208,7 @@ item_domain(void *item) ("%s: unknown domain for item %p", __func__, item)); return (domain); } +#endif #if defined(INVARIANTS) || defined(DEBUG_MEMGUARD) || defined(WITNESS) #defineUMA_ZALLOC_DEBUG ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361621 - head/sys/dev/pci
Author: avg Date: Fri May 29 07:50:55 2020 New Revision: 361621 URL: https://svnweb.freebsd.org/changeset/base/361621 Log: do not enable pci bridge decoding on resume until I/O windows are restored PCI bus driver restores most but not all of a child PCI-PCI bridge configuration. The bridge's I/O windows are restored by pcib driver and that happens later in time. This can be problematic because the Command register is restored before the windows are restored. If the firmware programs the windows incorrectly or even does not program them at all, then the bridge can start claiming I/O cycles that are not intended for it. This will continue until the correct windows are restored. I have observed this problem with a buggy BIOS where after resuming from S3 an I/O port window of a PCI-PCI bridge was configured with zero base and limit causing the bridge to claim 0x0 - 0xFFF port range. That interfered with ACPI port access including ACPI PM Timer at port 0x808, thus wreaking havoc in the time keeping. The solution is to restore the Command register of PCI-PCI bridges after the windows are restored in pcib driver. While here, I decided that for other PCI device types (normal and cardbus) it's better to restore the Command register after their BARs are restored. To do: per jhb's suggestion, move the window handling to pci driver. Reviewed by: imp, jhb, kib MFC after:2 weeks Differential Revision: https://reviews.freebsd.org/D25028 Modified: head/sys/dev/pci/pci.c head/sys/dev/pci/pci_pci.c Modified: head/sys/dev/pci/pci.c == --- head/sys/dev/pci/pci.c Fri May 29 07:44:02 2020(r361620) +++ head/sys/dev/pci/pci.c Fri May 29 07:50:55 2020(r361621) @@ -5932,7 +5932,6 @@ pci_cfg_restore(device_t dev, struct pci_devinfo *dinf */ if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) pci_set_powerstate(dev, PCI_POWERSTATE_D0); - pci_write_config(dev, PCIR_COMMAND, dinfo->cfg.cmdreg, 2); pci_write_config(dev, PCIR_INTLINE, dinfo->cfg.intline, 1); pci_write_config(dev, PCIR_INTPIN, dinfo->cfg.intpin, 1); pci_write_config(dev, PCIR_CACHELNSZ, dinfo->cfg.cachelnsz, 1); @@ -5970,6 +5969,9 @@ pci_cfg_restore(device_t dev, struct pci_devinfo *dinf break; } pci_restore_bars(dev); + + if ((dinfo->cfg.hdrtype & PCIM_HDRTYPE) != PCIM_HDRTYPE_BRIDGE) + pci_write_config(dev, PCIR_COMMAND, dinfo->cfg.cmdreg, 2); /* * Restore extended capabilities for PCI-Express and PCI-X Modified: head/sys/dev/pci/pci_pci.c == --- head/sys/dev/pci/pci_pci.c Fri May 29 07:44:02 2020(r361620) +++ head/sys/dev/pci/pci_pci.c Fri May 29 07:50:55 2020(r361621) @@ -1792,6 +1792,12 @@ pcib_resume(device_t dev) { pcib_cfg_restore(device_get_softc(dev)); + + /* +* Restore the Command register only after restoring the windows. +* The bridge should not be claiming random windows. +*/ + pci_write_config(dev, PCIR_COMMAND, pci_get_cmdreg(dev), 2); return (bus_generic_resume(dev)); } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r361583 - head/sys/crypto/aesni
On Thu, May 28, 2020 at 8:30 PM John Baldwin wrote: > On 5/28/20 2:13 AM, Marcin Wojtas wrote: > > Author: mw > > Date: Thu May 28 09:13:20 2020 > > New Revision: 361583 > > URL: https://svnweb.freebsd.org/changeset/base/361583 > > > > Log: > > Change return types of hash update functions in SHA-NI > > > > r359374 introduced crypto_apply function which takes as argument a > function pointer > > that is expected to return an int, however aesni hash update functions > > return void. > > Because of that the function pointer passed was simply cast with > > its return value changed. > > This resulted in undefined behavior, in particular when mbuf is used, > (ipsec) > > m_apply checks return value of function pointer passed to it > > and in our case bogusly fails after calculating hash of the first mbuf > > in chain. > > Fix it by changing signatures of sha update routines in aesni and > > dropping the casts. > > Hmm, I missed one nit in the review. r359374 didn't introduce > crypto_apply, it just changed some of the arguments arguments (crp > instead of crp_buf and crp_flags). This fix needs to be MFC'd to 12 > as well since the issue with the return type is also present there. > > -- > John Baldwin > Whoops, I should have read the diff more carefully. Before debugging I did some bisecting and found r359374 as the culprit. In r359374 return types of intel_sha256_update and intel_sha1_update were changed to void which is the root cause. SHA-NI on stable/12 should work just fine right now. Sorry for the noise. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361620 - head/sys/kern
Author: avg Date: Fri May 29 07:44:02 2020 New Revision: 361620 URL: https://svnweb.freebsd.org/changeset/base/361620 Log: corefile_open_last: don't keep a locked vnode while locking other ones Consider this scenario: - kern.corefile=/var/coredumps/%N.%U.%I.core - multiple processes with the same name crash at the same time It's possible that one process selects existing file N as oldvp while it keeps looking for an unused file number. Another process scans through files and stumbles upon N. That process would be blocked on the vnode lock while holding the directory vnode exclusively locked. The first process would, thus, get blocked on the directory's vnode lock. More generally, holding a file's vnode lock (oldvp) while trying to lock its directory (for the next lookup) is a violation of the vnode locking order. I have observed this deadlock in the wild. So, the change to keep oldvp "opened" but unlocked and to lock it again only if it's to be returned as the result. As kib noted, an alternative would be to keep the directory locked and to use VOP_LOOKUP directly for scanning through existing core files. Reviewed by: kib MFC after:2 weeks Differential Revision: https://reviews.freebsd.org/D25027 Modified: head/sys/kern/kern_sig.c Modified: head/sys/kern/kern_sig.c == --- head/sys/kern/kern_sig.cFri May 29 07:38:57 2020(r361619) +++ head/sys/kern/kern_sig.cFri May 29 07:44:02 2020(r361620) @@ -3454,8 +3454,9 @@ corefile_open_last(struct thread *td, char *name, int (lasttime.tv_sec == vattr.va_mtime.tv_sec && lasttime.tv_nsec >= vattr.va_mtime.tv_nsec)) { if (oldvp != NULL) - vnode_close_locked(td, oldvp); + vn_close(oldvp, FWRITE, td->td_ucred, td); oldvp = vp; + VOP_UNLOCK(oldvp); lasttime = vattr.va_mtime; } else { vnode_close_locked(td, vp); @@ -3466,12 +3467,18 @@ corefile_open_last(struct thread *td, char *name, int if (nextvp == NULL) { if ((td->td_proc->p_flag & P_SUGID) != 0) { error = EFAULT; - vnode_close_locked(td, oldvp); + vn_close(oldvp, FWRITE, td->td_ucred, td); } else { nextvp = oldvp; + error = vn_lock(nextvp, LK_EXCLUSIVE); + if (error != 0) { + vn_close(nextvp, FWRITE, td->td_ucred, + td); + nextvp = NULL; + } } } else { - vnode_close_locked(td, oldvp); + vn_close(oldvp, FWRITE, td->td_ucred, td); } } if (error != 0) { ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361619 - stable/12/sys/net80211
Author: avg Date: Fri May 29 07:38:57 2020 New Revision: 361619 URL: https://svnweb.freebsd.org/changeset/base/361619 Log: MFC r361364: net80211: post RTM_IFINFO notification after toggling IFF_DRV_RUNNING This is useful when a wireless driver is stopped or started in response to events like an RF Kill button press. Applications like wpa_supplicant depend on such events to have a correct view of interface state. Modified: stable/12/sys/net80211/ieee80211_freebsd.c stable/12/sys/net80211/ieee80211_proto.c stable/12/sys/net80211/ieee80211_proto.h Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/net80211/ieee80211_freebsd.c == --- stable/12/sys/net80211/ieee80211_freebsd.c Fri May 29 07:37:27 2020 (r361618) +++ stable/12/sys/net80211/ieee80211_freebsd.c Fri May 29 07:38:57 2020 (r361619) @@ -962,6 +962,19 @@ ieee80211_notify_radio(struct ieee80211com *ic, int st } void +ieee80211_notify_ifnet_change(struct ieee80211vap *vap) +{ + struct ifnet *ifp = vap->iv_ifp; + + IEEE80211_DPRINTF(vap, IEEE80211_MSG_DEBUG, "%s\n", + "interface state change"); + + CURVNET_SET(ifp->if_vnet); + rt_ifmsg(ifp); + CURVNET_RESTORE(); +} + +void ieee80211_load_module(const char *modname) { Modified: stable/12/sys/net80211/ieee80211_proto.c == --- stable/12/sys/net80211/ieee80211_proto.cFri May 29 07:37:27 2020 (r361618) +++ stable/12/sys/net80211/ieee80211_proto.cFri May 29 07:38:57 2020 (r361619) @@ -1511,6 +1511,8 @@ ieee80211_start_locked(struct ieee80211vap *vap) * back in here and complete the work. */ ifp->if_drv_flags |= IFF_DRV_RUNNING; + ieee80211_notify_ifnet_change(vap); + /* * We are not running; if this we are the first vap * to be brought up auto-up the parent if necessary. @@ -1624,6 +1626,7 @@ ieee80211_stop_locked(struct ieee80211vap *vap) ieee80211_new_state_locked(vap, IEEE80211_S_INIT, -1); if (ifp->if_drv_flags & IFF_DRV_RUNNING) { ifp->if_drv_flags &= ~IFF_DRV_RUNNING; /* mark us stopped */ + ieee80211_notify_ifnet_change(vap); if (--ic->ic_nrunning == 0) { IEEE80211_DPRINTF(vap, IEEE80211_MSG_STATE | IEEE80211_MSG_DEBUG, Modified: stable/12/sys/net80211/ieee80211_proto.h == --- stable/12/sys/net80211/ieee80211_proto.hFri May 29 07:37:27 2020 (r361618) +++ stable/12/sys/net80211/ieee80211_proto.hFri May 29 07:38:57 2020 (r361619) @@ -455,4 +455,5 @@ voidieee80211_notify_node_auth(struct ieee80211_node void ieee80211_notify_country(struct ieee80211vap *, const uint8_t [], const uint8_t cc[2]); void ieee80211_notify_radio(struct ieee80211com *, int); +void ieee80211_notify_ifnet_change(struct ieee80211vap *); #endif /* _NET80211_IEEE80211_PROTO_H_ */ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r361618 - stable/12/lib/libprocstat
Author: avg Date: Fri May 29 07:37:27 2020 New Revision: 361618 URL: https://svnweb.freebsd.org/changeset/base/361618 Log: MFC r361330: libprocstat: fix reading of file descriptor table via kvm This seems to have been broken since r247602 (from year 2013!). Can be easily tested with fstat -N /boot/kernel/kernel -M /var/crash/vmcore.last Sponsored by: Panzura Modified: stable/12/lib/libprocstat/libprocstat.c Directory Properties: stable/12/ (props changed) Modified: stable/12/lib/libprocstat/libprocstat.c == --- stable/12/lib/libprocstat/libprocstat.c Fri May 29 05:41:21 2020 (r361617) +++ stable/12/lib/libprocstat/libprocstat.c Fri May 29 07:37:27 2020 (r361618) @@ -457,7 +457,7 @@ procstat_getfiles_kvm(struct procstat *procstat, struc vm_map_t map; vm_object_t objp; struct vnode *vp; - struct file **ofiles; + struct filedescent *ofiles; struct filestat *entry; struct filestat_list *head; kvm_t *kd; @@ -532,25 +532,25 @@ procstat_getfiles_kvm(struct procstat *procstat, struc } nfiles = filed.fd_lastfile + 1; - ofiles = malloc(nfiles * sizeof(struct file *)); + ofiles = malloc(nfiles * sizeof(struct filedescent)); if (ofiles == NULL) { - warn("malloc(%zu)", nfiles * sizeof(struct file *)); + warn("malloc(%zu)", nfiles * sizeof(struct filedescent)); goto do_mmapped; } if (!kvm_read_all(kd, (unsigned long)filed.fd_ofiles, ofiles, - nfiles * sizeof(struct file *))) { + nfiles * sizeof(struct filedescent))) { warnx("cannot read file structures at %p", (void *)filed.fd_ofiles); free(ofiles); goto do_mmapped; } for (i = 0; i <= filed.fd_lastfile; i++) { - if (ofiles[i] == NULL) + if (ofiles[i].fde_file == NULL) continue; - if (!kvm_read_all(kd, (unsigned long)ofiles[i], &file, + if (!kvm_read_all(kd, (unsigned long)ofiles[i].fde_file, &file, sizeof(struct file))) { warnx("can't read file %d at %p", i, - (void *)ofiles[i]); + (void *)ofiles[i].fde_file); continue; } switch (file.f_type) { ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"