Author: kp
Date: Thu Dec 17 21:54:25 2020
New Revision: 368743
URL: https://svnweb.freebsd.org/changeset/base/368743
Log:
net tests: Re-enable most if_clone tests
All but one of these (tap_ipv6_up_stress) currently pass, so we should enable
them so we don't regress.
Modified:
head/test
Author: kp
Date: Tue Dec 15 16:15:25 2020
New Revision: 368666
URL: https://svnweb.freebsd.org/changeset/base/368666
Log:
MFC r368239:
pf tests: Re-enable panicing tests
We've fixed the vnet/epair cleanup race, so it is now safe to re-enable these
tests.
Sponsored by: Modirum MD
Author: kp
Date: Tue Dec 15 16:13:32 2020
New Revision: 368665
URL: https://svnweb.freebsd.org/changeset/base/368665
Log:
MFC r368238:
net: Revert vnet/epair cleanup race mitigation
Revert the mitigation code for the vnet/epair cleanup race (done in r365457).
r368237 introduced a mor
Author: kp
Date: Tue Dec 15 15:33:28 2020
New Revision: 368663
URL: https://svnweb.freebsd.org/changeset/base/368663
Log:
MFC r368237:
if: Fix panic when destroying vnet and epair simultaneously
When destroying a vnet and an epair (with one end in the vnet) we often
panicked. This wa
Author: kp
Date: Tue Dec 15 08:29:45 2020
New Revision: 368656
URL: https://svnweb.freebsd.org/changeset/base/368656
Log:
MFC r368588:
pf: Allow net.pf.request_maxcount to be set from loader.conf
Mark request_maxcount as RWTUN so we can set it both at runtime and from
loader.conf. Th
Author: kp
Date: Sat Dec 12 20:14:39 2020
New Revision: 368588
URL: https://svnweb.freebsd.org/changeset/base/368588
Log:
pf: Allow net.pf.request_maxcount to be set from loader.conf
Mark request_maxcount as RWTUN so we can set it both at runtime and from
loader.conf. This avoids usings g
Author: kp
Date: Fri Dec 11 15:39:22 2020
New Revision: 368554
URL: https://svnweb.freebsd.org/changeset/base/368554
Log:
MFC r368020, r368025:
if: Protect V_ifnet in vnet_if_return()
When we terminate a vnet (i.e. jail) we move interfaces back to their home
vnet. We need to protect
Author: kp
Date: Fri Dec 11 14:11:41 2020
New Revision: 368552
URL: https://svnweb.freebsd.org/changeset/base/368552
Log:
MFC r368015:
if: Remove ifnet_rwlock
It no longer serves any purpose, as evidenced by the fact that we never take
it
without ifnet_sxlock.
This differs slig
Author: kp
Date: Wed Dec 9 17:17:45 2020
New Revision: 368488
URL: https://svnweb.freebsd.org/changeset/base/368488
Log:
MFC r368277:
pf tests: Test case for bug #251414
Changing a table from not having counters to having counters (or vice versa)
may trigger panics.
PR:
Author: kp
Date: Wed Dec 2 16:33:23 2020
New Revision: 368277
URL: https://svnweb.freebsd.org/changeset/base/368277
Log:
pf tests: Test case for bug #251414
Changing a table from not having counters to having counters (or vice versa)
may trigger panics.
PR: 251414
MFC af
Author: kp
Date: Tue Dec 1 16:44:36 2020
New Revision: 368239
URL: https://svnweb.freebsd.org/changeset/base/368239
Log:
pf tests: Re-enable panicing tests
We've fixed the vnet/epair cleanup race, so it is now safe to re-enable these
tests.
MFC after:2 weeks
Sponsored by: Modi
Author: kp
Date: Tue Dec 1 16:34:43 2020
New Revision: 368238
URL: https://svnweb.freebsd.org/changeset/base/368238
Log:
net: Revert vnet/epair cleanup race mitigation
Revert the mitigation code for the vnet/epair cleanup race (done in r365457).
r368237 introduced a more reliable fix.
Author: kp
Date: Tue Dec 1 16:23:59 2020
New Revision: 368237
URL: https://svnweb.freebsd.org/changeset/base/368237
Log:
if: Fix panic when destroying vnet and epair simultaneously
When destroying a vnet and an epair (with one end in the vnet) we often
panicked. This was the result of th
Author: kp
Date: Tue Dec 1 16:02:52 2020
New Revision: 368235
URL: https://svnweb.freebsd.org/changeset/base/368235
Log:
MFC r367990:
pf tests: provoke tag hashing panic
Attempt to provoke the panic fixed in r367987.
Modified:
stable/12/tests/sys/netpfil/pf/ioctl/validation.c
Direc
newly added)
+++ stable/12/tests/sys/netpfil/pf/src_track.sh Fri Nov 27 11:12:59 2020
(r368101, copy of r367869, head/tests/sys/netpfil/pf/src_track.sh)
@@ -0,0 +1,66 @@
+# $FreeBSD$
+#
+# SPDX-License-Identifier: BSD-2-Clause-FreeBSD
+#
+# Copyright (c) 2020 Kristof Provost
Author: kp
Date: Fri Nov 27 11:12:10 2020
New Revision: 368100
URL: https://svnweb.freebsd.org/changeset/base/368100
Log:
MFC r367867:
pf: Fix incorrect assertion
We never set PFRULE_RULESRCTRACK when calling pf_insert_src_node(). We do set
PFRULE_SRCTRACK, so update the assertion to
Author: kp
Date: Thu Nov 26 10:17:56 2020
New Revision: 368054
URL: https://svnweb.freebsd.org/changeset/base/368054
Log:
Add missing NET_EPOCH_EXIT() to if_bridge
In r367706 one return in bridge_input() did not NET_EPOCH_EXIT(), which caused
seemingly random panics on the next use of NET
Author: kp
Date: Wed Nov 25 17:15:24 2020
New Revision: 368025
URL: https://svnweb.freebsd.org/changeset/base/368025
Log:
if: Fix non-VIMAGE build
if_link_ifnet() and if_unlink_ifnet() are needed even when VIMAGE is not
enabled.
MFC after:2 weeks
Sponsored by: Modirum MDPay
Mo
Author: kp
Date: Wed Nov 25 15:07:22 2020
New Revision: 368020
URL: https://svnweb.freebsd.org/changeset/base/368020
Log:
if: Protect V_ifnet in vnet_if_return()
When we terminate a vnet (i.e. jail) we move interfaces back to their home
vnet. We need to protect our access to the V_ifnet C
Author: kp
Date: Wed Nov 25 10:56:38 2020
New Revision: 368015
URL: https://svnweb.freebsd.org/changeset/base/368015
Log:
if: Remove ifnet_rwlock
It no longer serves any purpose, as evidenced by the fact that we never take
it
without ifnet_sxlock.
Sponsored by: Modirum MDPay
Diffe
Author: kp
Date: Tue Nov 24 17:32:49 2020
New Revision: 367990
URL: https://svnweb.freebsd.org/changeset/base/367990
Log:
pf tests: provoke tag hashing panic
Attempt to provoke the panic fixed in r367987.
MFC after:1 week
Differential Revision:https://reviews.freebsd.org/
@@
+# $FreeBSD$
+#
+# SPDX-License-Identifier: BSD-2-Clause-FreeBSD
+#
+# Copyright (c) 2020 Kristof Provost
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code
Author: kp
Date: Fri Nov 20 10:08:33 2020
New Revision: 367867
URL: https://svnweb.freebsd.org/changeset/base/367867
Log:
pf: Fix incorrect assertion
We never set PFRULE_RULESRCTRACK when calling pf_insert_src_node(). We do set
PFRULE_SRCTRACK, so update the assertion to match.
MFC a
Author: kp
Date: Sun Nov 15 11:56:16 2020
New Revision: 367706
URL: https://svnweb.freebsd.org/changeset/base/367706
Log:
MFC r366500:
bridge: call member interface ioctl() without NET_EPOCH
We're not allowed to hold NET_EPOCH while sleeping, so when we call ioctl()
handlers for memb
Author: kp
Date: Sun Nov 15 11:46:44 2020
New Revision: 367705
URL: https://svnweb.freebsd.org/changeset/base/367705
Log:
bridge: epoch-ification
Undo the revert (r363568). This commit still violates epoch rules by sleeping
within NET_EPOCH. That will be resolved in the following commit.
On 4 Nov 2020, at 11:45, Gordon Bergling wrote:
Shouldn't such a commit be approved by someone?
The committer’s guide seems clear that doc committers may fix
comments:
https://www.freebsd.org/doc/en_US.ISO8859-1/articles/committers-guide/committer.types.html
doc committers may commit documen
Author: kp
Date: Tue Oct 27 12:44:49 2020
New Revision: 367078
URL: https://svnweb.freebsd.org/changeset/base/367078
Log:
riscv: Minor cleanup in startup code
- remove setting of register value which is not used until the next value is
set
- Use the L2_SHIFT constant when setting u
Author: kp
Date: Mon Oct 26 13:24:20 2020
New Revision: 367058
URL: https://svnweb.freebsd.org/changeset/base/367058
Log:
MFC r366648:
pf tests: Test that 'set skip on ' works on new group members
There's a know issue where new group members don't get the 'set skip on'
applied until
Author: kp
Date: Mon Oct 26 13:23:40 2020
New Revision: 367057
URL: https://svnweb.freebsd.org/changeset/base/367057
Log:
MFC r37:
pf: do not remove kifs that are referenced by rules
Even if a kif doesn't have an ifp or if_group pointer we still can't delete it
if it's referenced
Author: kp
Date: Mon Oct 26 13:22:55 2020
New Revision: 367056
URL: https://svnweb.freebsd.org/changeset/base/367056
Log:
MFC r366647:
pf: create a kif for flags
If userspace tries to set flags (e.g. 'set skip on ') and
doesn't exist we should create a kif so that we apply the flags
Author: kp
Date: Tue Oct 13 11:04:00 2020
New Revision: 37
URL: https://svnweb.freebsd.org/changeset/base/37
Log:
pf: do not remove kifs that are referenced by rules
Even if a kif doesn't have an ifp or if_group pointer we still can't delete it
if it's referenced by a rule. In oth
Author: kp
Date: Mon Oct 12 12:41:10 2020
New Revision: 366648
URL: https://svnweb.freebsd.org/changeset/base/366648
Log:
pf tests: Test that 'set skip on ' works on new group members
There's a know issue where new group members don't get the 'set skip on'
applied until the rules are re-l
Author: kp
Date: Mon Oct 12 12:39:37 2020
New Revision: 366647
URL: https://svnweb.freebsd.org/changeset/base/366647
Log:
pf: create a kif for flags
If userspace tries to set flags (e.g. 'set skip on ') and
doesn't exist we should create a kif so that we apply the flags when the
does
Author: kp
Date: Tue Oct 6 19:19:56 2020
New Revision: 366500
URL: https://svnweb.freebsd.org/changeset/base/366500
Log:
bridge: call member interface ioctl() without NET_EPOCH
We're not allowed to hold NET_EPOCH while sleeping, so when we call ioctl()
handlers for member interfaces we c
Author: kp
Date: Mon Oct 5 19:26:54 2020
New Revision: 366461
URL: https://svnweb.freebsd.org/changeset/base/366461
Log:
devfs.rules: unhide pf in vnet jails
/dev/pf is usable in vnet jails, so don't hide the node there.
We shouldn't expose /dev/pf in regular jails, as that gives them
Author: kp
Date: Fri Oct 2 07:30:11 2020
New Revision: 366355
URL: https://svnweb.freebsd.org/changeset/base/366355
Log:
riscv: handle access faults in user mode
Access faults in user mode are treated like TLB misses, which leads to an
endless loop of faults. It's less serious than the s
Author: kp
Date: Thu Oct 1 15:04:55 2020
New Revision: 366315
URL: https://svnweb.freebsd.org/changeset/base/366315
Log:
riscv: Add memmmap so we can mmap /dev/mem
Reviewed by: mhorne
Sponsored by: Axiado
Differential Revision:https://reviews.freebsd.org/D26622
Modified:
he
Author: kp
Date: Wed Sep 30 08:23:43 2020
New Revision: 366284
URL: https://svnweb.freebsd.org/changeset/base/366284
Log:
riscv: Panic on PMP errors
Load/store/fetch access exceptions always indicate a violation of a PMP
rule. We can't treat those as page faults, because updating the page
Author: kp
Date: Sat Sep 12 18:58:36 2020
New Revision: 365669
URL: https://svnweb.freebsd.org/changeset/base/365669
Log:
MFC r365457:
net: mitigate vnet / epair cleanup races
There's a race where dying vnets move their interfaces back to their original
vnet, and if_epair cleanup (wh
Author: kp
Date: Sat Sep 12 12:45:31 2020
New Revision: 365659
URL: https://svnweb.freebsd.org/changeset/base/365659
Log:
MFC r365457:
net: mitigate vnet / epair cleanup races
There's a race where dying vnets move their interfaces back to their original
vnet, and if_epair cleanup (wh
Author: kp
Date: Fri Sep 11 09:15:49 2020
New Revision: 365626
URL: https://svnweb.freebsd.org/changeset/base/365626
Log:
dtrace: fix fbt return probes on RISC-V
Return values are passed in a0, so read it from there. We also pass a1 through
to userspace, as the ABI allows small structs to
Author: kp
Date: Tue Sep 8 14:54:10 2020
New Revision: 365457
URL: https://svnweb.freebsd.org/changeset/base/365457
Log:
net: mitigate vnet / epair cleanup races
There's a race where dying vnets move their interfaces back to their original
vnet, and if_epair cleanup (where deleting one i
Author: kp
Date: Wed Sep 2 11:49:22 2020
New Revision: 365246
URL: https://svnweb.freebsd.org/changeset/base/365246
Log:
ng_ether: Enter NET_EPOCH where required
We must enter NET_EPOCH before calling ether_output_frame(). Several of the
functions it calls (pfil_run_hooks, if_transmit) e
Author: kp
Date: Wed Sep 2 11:33:31 2020
New Revision: 365245
URL: https://svnweb.freebsd.org/changeset/base/365245
Log:
riscv: very large dma mappings can cause integer overflow
Fix the return type for _bus_dmamap_addseg().
Based on the same fix done for arm64 in r348571.
Sponsored
Author: kp
Date: Fri Aug 21 13:11:33 2020
New Revision: 364456
URL: https://svnweb.freebsd.org/changeset/base/364456
Log:
MFC r355744:
pf: Make request_maxcount runtime adjustable
There's no reason for this to be a tunable. It's perfectly safe to
change this at runtime.
Modified:
=
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/lib/libc/riscv/gen/fpgetmask.c Mon Aug 3 12:48:51 2020
(r363796)
@@ -0,0 +1,41 @@
+/*-
+ * Copyright (c) 2020 Axiado
+ * All rights reserved.
+ *
+ * This software was developed by Kristof Provost under
+ * s
On 26 Jul 2020, at 21:21, mike tancsa wrote:
Hi Kristof,
First off, thank you for all your efforts in pf and
if_bridge. I
have trying to track down a problem with a golang app (sysutils/zrepl)
that started acting up around the time the if_bridge stuff was
commited
(june 26th). The probl
Author: kp
Date: Sun Jul 26 17:44:03 2020
New Revision: 363568
URL: https://svnweb.freebsd.org/changeset/base/363568
Log:
Revert bridge epochification
Revert r363492, r363491, r363430, r363429 and r362650.
The introduction of epoch in the network stack is incomplete in stable/12, and
Author: kp
Date: Fri Jul 24 20:10:27 2020
New Revision: 363492
URL: https://svnweb.freebsd.org/changeset/base/363492
Log:
bridge: Enter epoch for bridge_transmit()
Just like the change done for bridge_input()/bridge_output() in r363430
we must enter epoch ourselves, because its coverage i
Author: kp
Date: Fri Jul 24 20:09:52 2020
New Revision: 363491
URL: https://svnweb.freebsd.org/changeset/base/363491
Log:
bridge: Fix mismerges from r360345
In r362650 we merged r360345. This required manual changes due to the
differences in EPOCH macros between head and stable/12, and wa
Author: kp
Date: Wed Jul 22 20:13:12 2020
New Revision: 363430
URL: https://svnweb.freebsd.org/changeset/base/363430
Log:
bridge: Enter epoch for bridge_input()/bridge_output()
In stable/12 epoch is not as wide as it is in head. The network stack isn't
yet
in epoch when bridge_input()/br
Author: kp
Date: Wed Jul 22 19:43:55 2020
New Revision: 363429
URL: https://svnweb.freebsd.org/changeset/base/363429
Log:
MFC r363308:
bridge: Don't sleep during epoch
While it doesn't trigger INVARIANTS or WITNESS on head it does in stable/12.
There's also no reason for it, as we ca
On 18 Jul 2020, at 20:47, Konstantin Belousov wrote:
On Sat, Jul 18, 2020 at 12:43:11PM +, Kristof Provost wrote:
Author: kp
Date: Sat Jul 18 12:43:11 2020
New Revision: 363308
URL: https://svnweb.freebsd.org/changeset/base/363308
Log:
bridge: Don't sleep during epoch
Whi
Author: kp
Date: Sat Jul 18 12:43:11 2020
New Revision: 363308
URL: https://svnweb.freebsd.org/changeset/base/363308
Log:
bridge: Don't sleep during epoch
While it doesn't trigger INVARIANTS or WITNESS on head it does in stable/12.
There's also no reason for it, as we can easily report th
Author: kp
Date: Mon Jul 6 21:29:50 2020
New Revision: 362977
URL: https://svnweb.freebsd.org/changeset/base/362977
Log:
riscv plic: Do not complete interrupts until the interrupt handler has run
We cannot complete the interrupt (i.e. write to the claims/complete register
until the inter
Author: kp
Date: Wed Jul 1 19:15:43 2020
New Revision: 362853
URL: https://svnweb.freebsd.org/changeset/base/362853
Log:
riscv pmap: zero reserved pte bits in ppn
The top 10 bits of a pte are reserved by specification[1] and are not part of
the PPN.
[1] 'Volume II: RISC-V Privileged
Author: kp
Date: Wed Jul 1 19:12:47 2020
New Revision: 362852
URL: https://svnweb.freebsd.org/changeset/base/362852
Log:
riscv locore.S: load constant prior to loop
A very minor micro-optimization; t0 is not clobbered between the loop top and
bottom and there appear to be no other branch
Author: kp
Date: Wed Jul 1 19:11:02 2020
New Revision: 362851
URL: https://svnweb.freebsd.org/changeset/base/362851
Log:
riscv: Log missing registers in dump_regs()
If we panic we dump the registers for debugging. This is very useful, but it
missed several registers (ra, sp, gp and tp).
Author: kp
Date: Fri Jun 26 12:11:22 2020
New Revision: 362650
URL: https://svnweb.freebsd.org/changeset/base/362650
Log:
MFC r360345:
bridge: epoch-ification
Run the bridge datapath under epoch, rather than under the
BRIDGE_LOCK().
We still take the BRIDGE_LOCK() whenever we in
Author: kp
Date: Fri Jun 26 10:08:57 2020
New Revision: 362649
URL: https://svnweb.freebsd.org/changeset/base/362649
Log:
MFC r359641:
bridge: Change lists to CK_LIST as a peparation for epochification
Prepare the ground for a rework of the bridge locking approach. We will
use an epo
Author: kp
Date: Fri Jun 26 09:52:43 2020
New Revision: 362648
URL: https://svnweb.freebsd.org/changeset/base/362648
Log:
MFC r358325:
bridge: Move locking defines into if_bridge.c
The locking defines for if_bridge used to live in if_bridgevar.h, but
they're only ever used by the bri
Author: kp
Date: Tue Jun 16 18:39:56 2020
New Revision: 362235
URL: https://svnweb.freebsd.org/changeset/base/362235
Log:
llvm: Default to -mno-relax on RISC-V
Compiling on a RISC-V system fails with 'relocation R_RISCV_ALIGN
requires unimplemented linker relaxation; recompile with -mno-r
On 16 Jun 2020, at 19:11, Ed Maste wrote:
On Tue, 16 Jun 2020 at 13:01, Ian Lepore wrote:
As much as I prefer doing it this way, style(9) doesn't allow for
variable declarations inside a for() statement (or even inside a
local
block, which is just too 1980s for me, but it is still our standa
Author: kp
Date: Thu Jun 11 16:51:13 2020
New Revision: 362064
URL: https://svnweb.freebsd.org/changeset/base/362064
Log:
MFC r357061:
pf: Apply kif flags to new group members
If we have a 'set skip on ' rule this flag it set on the group
kif, but must also be set on all members. pfc
Author: kp
Date: Sun Jun 7 13:53:02 2020
New Revision: 361893
URL: https://svnweb.freebsd.org/changeset/base/361893
Log:
bridge tests: Re-enable STP test
This test should no longer provoke large amounts of traffic, which can
overwhelm single-core systems, preventing them from making prog
Author: kp
Date: Wed Jun 3 18:09:31 2020
New Revision: 361761
URL: https://svnweb.freebsd.org/changeset/base/361761
Log:
MFC r361279:
bnxt: isc_nrxd_max and isc_ntxd_max must be powers of two
Modified:
stable/12/sys/dev/bnxt/bnxt.h
stable/12/sys/dev/bnxt/if_bnxt.c
Directory Properties
Author: kp
Date: Wed Jun 3 18:09:32 2020
New Revision: 361762
URL: https://svnweb.freebsd.org/changeset/base/361762
Log:
MFC r361279:
bnxt: isc_nrxd_max and isc_ntxd_max must be powers of two
Modified:
stable/11/sys/dev/bnxt/bnxt.h
stable/11/sys/dev/bnxt/if_bnxt.c
Modified: stable/11
Author: kp
Date: Mon Jun 1 19:26:16 2020
New Revision: 361701
URL: https://svnweb.freebsd.org/changeset/base/361701
Log:
bridge tests: Avoid building a switching loop
Enable STP before bringing the bridges up. This avoids a switching loop,
which has a tendency to drown out progress in us
Author: kp
Date: Wed May 20 16:07:37 2020
New Revision: 361279
URL: https://svnweb.freebsd.org/changeset/base/361279
Log:
bnxt: isc_nrxd_max and isc_ntxd_max must be powers of two
Reviewed by: gallatin, rpokala
MFC after:2 weeks
Differential Revision:https://reviews.freebsd
On 19 May 2020, at 17:02, Andrew Gallatin wrote:
On 2020-05-19 04:21, Kristof Provost wrote:
The if_bnxt driver initialises |.isc_nrxd_max = {INT32_MAX,
INT32_MAX, INT32_MAX},|, so presumably that’s the cause.
I don’t know what a sane value would be though. I’ve defaulted to
4096 (because
On 10 May 2019, at 2:41, Eric Joyner wrote:
Author: erj
Date: Fri May 10 00:41:42 2019
New Revision: 347418
URL: https://svnweb.freebsd.org/changeset/base/347418
Log:
iflib: use default ntxd and nrxd when user value is not power of 2
From Jake:
A user may set a sysctl to override the defa
Author: kp
Date: Mon May 11 21:42:19 2020
New Revision: 360935
URL: https://svnweb.freebsd.org/changeset/base/360935
Log:
opencrypto: Add missing ioctl exit SDTs
The opencrypto ioctl code has very useful probe points at the various exit
points. These allow us to figure out exactly why a r
Author: kp
Date: Sun May 10 09:50:43 2020
New Revision: 360867
URL: https://svnweb.freebsd.org/changeset/base/360867
Log:
MFC r360609:
pf: Improve DIOCADDRULE validation
We expect the addrwrap.p.dyn value to be set to NULL (and assert such),
but do not verify it on input.
Report
Author: kp
Date: Sun May 10 09:50:44 2020
New Revision: 360868
URL: https://svnweb.freebsd.org/changeset/base/360868
Log:
MFC r360609:
pf: Improve DIOCADDRULE validation
We expect the addrwrap.p.dyn value to be set to NULL (and assert such),
but do not verify it on input.
Report
Author: kp
Date: Thu May 7 21:14:12 2020
New Revision: 360800
URL: https://svnweb.freebsd.org/changeset/base/360800
Log:
MFC r360231:
libc: Shortcut if_indextoname() if index == 0
If the index we're trying to convert is 0 we can avoid a potentially
expensive call to getifaddrs(). No
Author: kp
Date: Thu May 7 21:14:11 2020
New Revision: 360799
URL: https://svnweb.freebsd.org/changeset/base/360799
Log:
MFC r360231:
libc: Shortcut if_indextoname() if index == 0
If the index we're trying to convert is 0 we can avoid a potentially
expensive call to getifaddrs(). No
Author: kp
Date: Sun May 3 16:09:35 2020
New Revision: 360609
URL: https://svnweb.freebsd.org/changeset/base/360609
Log:
pf: Improve DIOCADDRULE validation
We expect the addrwrap.p.dyn value to be set to NULL (and assert such),
but do not verify it on input.
Reported-by: syzbot+936
Author: kp
Date: Sun May 3 16:06:17 2020
New Revision: 360607
URL: https://svnweb.freebsd.org/changeset/base/360607
Log:
MFC r360344:
pf: Improve input validation
If we pass an anchor name which doesn't exist pfr_table_count() returns
-1, which leads to an overflow in mallocarray()
Author: kp
Date: Sun May 3 16:06:23 2020
New Revision: 360608
URL: https://svnweb.freebsd.org/changeset/base/360608
Log:
MFC r360344:
pf: Improve input validation
If we pass an anchor name which doesn't exist pfr_table_count() returns
-1, which leads to an overflow in mallocarray()
Author: kp
Date: Sun Apr 26 16:30:00 2020
New Revision: 360347
URL: https://svnweb.freebsd.org/changeset/base/360347
Log:
pf: Virtualise pf_frag_mtx
The pf_frag_mtx mutex protects the fragments queue. The fragments queue
is virtualised already (i.e. per-vnet) so it makes no sense to block
Author: kp
Date: Sun Apr 26 16:27:03 2020
New Revision: 360346
URL: https://svnweb.freebsd.org/changeset/base/360346
Log:
bridge tests: Test for #216510
We used to have an issue with recursive locking with
net.link.bridge.inherit_mac. This causes us to send an ARP request while
we hold
Author: kp
Date: Sun Apr 26 16:22:35 2020
New Revision: 360345
URL: https://svnweb.freebsd.org/changeset/base/360345
Log:
bridge: epoch-ification
Run the bridge datapath under epoch, rather than under the
BRIDGE_LOCK().
We still take the BRIDGE_LOCK() whenever we insert or delete ite
Author: kp
Date: Sun Apr 26 16:16:39 2020
New Revision: 360344
URL: https://svnweb.freebsd.org/changeset/base/360344
Log:
pf: Improve input validation
If we pass an anchor name which doesn't exist pfr_table_count() returns
-1, which leads to an overflow in mallocarray() and thus a panic.
Author: kp
Date: Sun Apr 26 16:13:51 2020
New Revision: 360343
URL: https://svnweb.freebsd.org/changeset/base/360343
Log:
MFC r360098:
pf: Improve ioctl() input validation
Both DIOCCHANGEADDR and DIOCADDADDR take a struct pf_pooladdr from
userspace. They failed to validate the dyn po
Author: kp
Date: Sun Apr 26 16:13:50 2020
New Revision: 360342
URL: https://svnweb.freebsd.org/changeset/base/360342
Log:
MFC r360098:
pf: Improve ioctl() input validation
Both DIOCCHANGEADDR and DIOCADDADDR take a struct pf_pooladdr from
userspace. They failed to validate the dyn po
Author: kp
Date: Sun Apr 26 16:06:09 2020
New Revision: 360341
URL: https://svnweb.freebsd.org/changeset/base/360341
Log:
MFC r360096:
pfctl: Remove unused variable
Submitted by: Nick Rogers
MFC after:1 week
Sponsored by: RG Nets
Modified:
stable/12/sbin/pfctl/pfctl_parser.c
Author: kp
Date: Sat Apr 25 12:49:48 2020
New Revision: 360299
URL: https://svnweb.freebsd.org/changeset/base/360299
Log:
MFC r360068:
ethersubr: Make the mac address generation more robust
If we create two (vnet) jails and create a bridge interface in each we end up
with the same ma
Author: kp
Date: Sat Apr 25 12:49:48 2020
New Revision: 360298
URL: https://svnweb.freebsd.org/changeset/base/360298
Log:
MFC r360068:
ethersubr: Make the mac address generation more robust
If we create two (vnet) jails and create a bridge interface in each we end up
with the same ma
Author: kp
Date: Fri Apr 24 15:27:56 2020
New Revision: 360268
URL: https://svnweb.freebsd.org/changeset/base/360268
Log:
MFC r360042:
pf: Do not allow negative ps_len in DIOCGETSTATES
Userspace may pass a negative ps_len value to us, which causes an
assertion failure in malloc().
Author: kp
Date: Fri Apr 24 15:27:55 2020
New Revision: 360267
URL: https://svnweb.freebsd.org/changeset/base/360267
Log:
MFC r360042:
pf: Do not allow negative ps_len in DIOCGETSTATES
Userspace may pass a negative ps_len value to us, which causes an
assertion failure in malloc().
Author: kp
Date: Thu Apr 23 21:16:51 2020
New Revision: 360231
URL: https://svnweb.freebsd.org/changeset/base/360231
Log:
libc: Shortcut if_indextoname() if index == 0
If the index we're trying to convert is 0 we can avoid a potentially
expensive call to getifaddrs(). No interface has an
On 21 Apr 2020, at 4:34, Kyle Evans wrote:
On Mon, Apr 20, 2020 at 9:14 PM Kyle Evans wrote:
On Mon, Apr 20, 2020 at 8:15 PM Eric van Gyzen
wrote:
+ sz = asprintf(&buf, M_TEMP, "%s-%s-%s", uuid, if_name(ifp),
+ jailname);
+ if (sz < 0) {
+ /* Fall back to a random mac addr
Author: kp
Date: Sun Apr 19 16:30:49 2020
New Revision: 360099
URL: https://svnweb.freebsd.org/changeset/base/360099
Log:
bridge tests: Ensure that bridges in different jails get different MAC
addresses
We used to have a problem where bridges created in different vnet jails
would end up
Author: kp
Date: Sun Apr 19 16:10:20 2020
New Revision: 360098
URL: https://svnweb.freebsd.org/changeset/base/360098
Log:
pf: Improve ioctl() input validation
Both DIOCCHANGEADDR and DIOCADDADDR take a struct pf_pooladdr from
userspace. They failed to validate the dyn pointer contained in
Author: kp
Date: Sun Apr 19 15:37:13 2020
New Revision: 360097
URL: https://svnweb.freebsd.org/changeset/base/360097
Log:
pfctl: Call ifa_load() before ifa_grouplookup()
ifa_grouplookup() uses the data loaded in ifa_load() (through is_a_group()),
so
we must call ifa_load() before we can
Author: kp
Date: Sun Apr 19 15:32:14 2020
New Revision: 360096
URL: https://svnweb.freebsd.org/changeset/base/360096
Log:
pfctl: Remove unused variable
Submitted by: Nick Rogers
MFC after:1 week
Sponsored by: RG Nets
Modified:
head/sbin/pfctl/pfctl_parser.c
Modified: head/sbin/p
On 19 Apr 2020, at 15:33, Ronald Klop wrote:
On Sat, 18 Apr 2020 09:50:30 +0200, Kristof Provost
wrote:
Author: kp
Date: Sat Apr 18 07:50:30 2020
New Revision: 360068
URL: https://svnweb.freebsd.org/changeset/base/360068
Log:
ethersubr: Make the mac address generation more robust
If we
Author: kp
Date: Sat Apr 18 08:00:58 2020
New Revision: 360069
URL: https://svnweb.freebsd.org/changeset/base/360069
Log:
bridge: Simplify mac address generation
Unconditionally use ether_gen_addr() to generate bridge mac addresses. This
function is now less likely to generate duplicate
Author: kp
Date: Sat Apr 18 07:50:30 2020
New Revision: 360068
URL: https://svnweb.freebsd.org/changeset/base/360068
Log:
ethersubr: Make the mac address generation more robust
If we create two (vnet) jails and create a bridge interface in each we end up
with the same mac address on both
Author: kp
Date: Fri Apr 17 14:57:15 2020
New Revision: 360043
URL: https://svnweb.freebsd.org/changeset/base/360043
Log:
bridge tests: Test deleting a bridge with members
Reviewed by: philip, emaste
Sponsored by: The FreeBSD Foundation
Differential Revision:https://reviews.fre
1 - 100 of 704 matches
Mail list logo
