This allows us to support symbols optionally available based on
configuration, not just on compiler built-in #defines.
Reviewed by: brooks, jrtc27
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45346
Use LIST_FOREACH_SAFE(), since the list element is removed from
the list in the loop body, zero out and inserted in the free list.
Reviewed by: rrs
MFC after: 1 week
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D46383
A number of people have reported panics with it enabled by default,
possibly due to broken ACPI tables, which we do not handle well. D46382
is a potential fix for this issue.
Additionally DMAR is currently not compatible with bhyve passthrough
(see comment #10 in PR280817), with a draft patch to address that in
D25672.
Revert to disabling DMAR by default pending the resolution of those two
issues.
This reverts commit 3192fc3023.
PR: 280817
Sponsored by: The FreeBSD Foundation
There will at most lro_entries entries in the LRO hash table. So no
need to take lro_mbufs into account, which only results in the
LRO hash table being too large and therefore wasting memory.
Reviewed by: rrs
MFC after: 1 week
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D46378
If UseLink() returns NULL, it is possible that Deletelink()
has already freed "grp", so check it out carefully.
PR: 269770
Reported by: Peter Much
X-MFC-With: 8132e95909
Add vlan tag match to RX FS SA and policy rules
and report SA lifetime counter on vlan interface
in case SA was installed on vlan interface
Existing code didn't have the net tag id as part of
the FS matching rules. This can cause applying
ipsec offload to the wrong interface.
This commit add tag id as part of FS matchers
and treat tag value 0 as no tag
Sponsored by: NVidia networking
Do not prepend ipsec tags into mbuf head when preparing rx wqe, store it
separately. Only prepend (and clear the store) when received packed was
indeed offloaded by ipsec engine. Then we do not need to refill tags
for slots that received non-ipsec packets.
This should solve some minimal degradation of the rx CPU usage due to
unneeded tag allocation for each packet.
Sponsored by: NVidia networking
in openstack when no user is specified but a sshkey is provided
the information is stored in meta_data.json under "public_keys"
PR: 280461
Reported by: tdb
Now we have support for both VHE and non-VHE update the handlers to
use an ifunc to decide which version to use.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D46084
These just need to include the common code with macros to ensure it is
built correctly.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D46083
These already support BTI as they use the ENTRY macro. While the
non-VHE code doesn't need this the new VHE code will need it as it is
linked into either the kernel or the vmm module so will be included in
the BTI check.
Sponsored by: Arm Ltd
Remove the non-VHE exception code from the VHE code path. As we replace
the exception vectors when entering the guest we don't need to check
which context we are in so can skip parts of the exception vectors.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D46082
When entering into a guest with VHE we need to switch from the kernel
exception vectors to the vmm exception vectors. The latter understands
an exception will be from a guest and can switch back to a kernel
context.
Rather than encoding the location of the kernel vectors we can just
read the value from vbar_el2 and restore it later.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D46081
When invalidating the stage 2 TLB we need to ensure page tables updates
have completed and for tlbi vmalle1is the HCR_EL2 TGE flag needs to be
clear.
To fix the former add a data barrier before the tlbi instructions. On
non-VHE this will happen as part of the exception entry, so is only
needed for VHE.
The tlbi vmalle1is instruction operates on the EL2 & 0 regime when
HCR_EL2 E2H and TGE flags are both set. By clearing the TGE flag it
will stop this and operate on the EL1 & 0 regime we are expecting.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D46080
There is no need to store the host par_el1. We don't depend on it not
changing across calls into a guest.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D46079
To support booting the kernel in EL2 some of the EL0 and EL1 registers
are changed to point to an EL2 version. To get access to the EL0/EL1
version of these registers we need to use the new EL02 and EL12
registers, e.g. to access elr_el1 from the host we would use elr_el12.
Add macros that can be different on VHE vs non-VHE code so these
registers can be accessed in the correct way.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D46078
Most of the code is identical however some, e.g. managing EL2 memory
or setting EL2 registers, are unneeded under VHE as the kernel is in
EL2 so can manage these directly.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D46076
Teach the virtual timer about the cnthctl_el2 field layout under VHE.
As with non-VHE we need to trap the physical timer and not trap the
virtual timer.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D46074
There are some functions that are only needed in non-VHE mode. These
are used to handle hypervisor calls from the kernel, and to manage the
page tables in EL2. As these won't be used by the VHE code we can move
them to the non-VHE specific files.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D46073
We can share some of the vmm code between VHE and non-VHE modes. To
support this create new files that include the common code and create
macros to name what will be the common functions.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D46072
To ensure new code has BTI support make it an error to not have the
BTI ELF note when linking the kernel and kernel modules.
Reviewed by: kib, emaste
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D45469
To simplify disabling the kernel sanitizers in some files add
NOSAN_CFLAGS and NOSAN_C variables. These are CFLAGS and NORMAL_C with
the sanitizer flags removed.
While here add MSAN_CFLAGS to simplify keeping KMSAN in kern_kcov.c
Reviewed by: khng, brooks, imp, markj
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D45498
Starting in September 2021 EC2 AMI names have included the boot method:
"BIOS", "UEFI", or "UEFI-PREFERRED". The third option became available
in June 2023 and allows AMIs to boot via UEFI on EC2 instance types
which support that, but fall back to (much slower) BIOS booting on the
instance types which don't support UEFI.
Since UEFI-PREFERRED is basically a best-of-both-worlds option and is
now the default, there's no point mentioning it in the AMI names. If
for some reason an AMI is built with the boot method forced to BIOS or
UEFI, that will still be included in the AMI name.
This will not be MFCed, in case anyone has scripts which look at the AMI
names on 13.x/14.x.
Sponsored by: Amazon