Commit Graph

293406 Commits

Author SHA1 Message Date
Ed Maste aa0bc761d2 bsd.symver.mk: pass $CFLAGS to $CPP invocation
This allows us to support symbols optionally available based on
configuration, not just on compiler built-in #defines.

Reviewed by:	brooks, jrtc27
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45346
2024-08-20 21:17:52 -04:00
Michael Tuexen 64443828bb tcp: fix list iteration in tcp_lro_flush_active()
Use LIST_FOREACH_SAFE(), since the list element is removed from
the list in the loop body, zero out and inserted in the free list.

Reviewed by:		rrs
MFC after:		1 week
Sponsored by:		Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D46383
2024-08-21 00:07:37 +02:00
Mark Johnston 417b35a97b netinet: Add a sysctl to allow disabling connections to INADDR_ANY
See the discussion in Bugzilla PR 280705 for context.

PR:		280705
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D46259
2024-08-20 21:31:57 +00:00
Gleb Smirnoff 6bc966987e dummymbuf: add to LINT 2024-08-20 13:46:09 -07:00
Gleb Smirnoff aa72c5bacb dummymbuf: fix build without INET or INET6
Note that VIMAGE would mask both compilation failures.
2024-08-20 13:45:38 -07:00
Ed Maste 0875f3cd74 Revert "x86: Enable Intel DMAR by default"
A number of people have reported panics with it enabled by default,
possibly due to broken ACPI tables, which we do not handle well. D46382
is a potential fix for this issue.

Additionally DMAR is currently not compatible with bhyve passthrough
(see comment #10 in PR280817), with a draft patch to address that in
D25672.

Revert to disabling DMAR by default pending the resolution of those two
issues.

This reverts commit 3192fc3023.

PR:		280817
Sponsored by:	The FreeBSD Foundation
2024-08-20 11:49:25 -04:00
Michael Tuexen aa6c490bf8 tcp: initialize the LRO hash table with correct size
There will at most lro_entries entries in the LRO hash table. So no
need to take lro_mbufs into account, which only results in the
LRO hash table being too large and therefore wasting memory.

Reviewed by:		rrs
MFC after:		1 week
Sponsored by:		Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D46378
2024-08-20 17:30:55 +02:00
Mark Johnston 66aed7e348 socket: Set lock flags properly
Fixes:	fb901935f2 ("socket: Split up sosend_generic()")
Reported by:	cy
Sponsored by:	Klara, Inc.
Sponsored by:	Stormshield
2024-08-20 15:17:14 +00:00
Wolfram Schneider b49aec04f0 bsd-family-tree: fix macOS 11 release date 2024-08-20 14:36:20 +00:00
Eugene Grosbein e5b8538083 libalias: add another check to previous change
If UseLink() returns NULL, it is possible that Deletelink()
has already freed "grp", so check it out carefully.

PR:		269770
Reported by:	Peter Much
X-MFC-With:	8132e95909
2024-08-20 21:04:13 +07:00
Wolfram Schneider d4a4d1e742 bsd-family-tree: shorter URLs 2024-08-20 13:29:18 +00:00
Wolfram Schneider d1e78fbd4a bsd-family-tree: add NetBSD 9.4 2024-08-20 13:26:46 +00:00
Konstantin Belousov e9ace6e8f8 net/if_lagg.c: remove stray include is sys/cdefs.h
Sponsored by:	NVidia networking
2024-08-20 15:42:13 +03:00
Konstantin Belousov 66f0e2017f ipsec_offload: add ipsec_accel_drv_sa_lifetime_fetch()
A function to fetch hardware counters for offloaded SA on specific
interface.

Sponsored by:	NVidia networking
2024-08-20 15:42:13 +03:00
Ariel Ehrenberg 205263ac25 mlx5en: support ipsec offload on vlan if
Add vlan tag match to RX FS SA and policy rules
and report SA lifetime counter on vlan interface
in case SA was installed on vlan interface

Existing code didn't have the net tag id as part of
the FS matching rules. This can cause applying
ipsec offload to the wrong interface.
This commit add tag id as part of FS matchers
and treat tag value 0 as no tag

Sponsored by:   NVidia networking
2024-08-20 15:42:13 +03:00
Konstantin Belousov 84abf7e26d ipsec_offload: support vlans
Sponsored by:	NVIDIA networking
2024-08-20 15:42:12 +03:00
Konstantin Belousov 4f4c34e9d6 if_vlan.c: remove stray include of sys/cdefs.h
Sponsored by:	NVidia networking
2024-08-20 15:42:12 +03:00
Konstantin Belousov c4a0ee9b97 ipsec_offload: add handler for interface down events
Remove all offloaded SAs and SPs on ifdown.

Sponsored by:	NVIDIA networking
2024-08-20 15:42:12 +03:00
Konstantin Belousov 828da10bb3 mlx5en: fix destroying tx sa_entry when installing rx sa_entry failed
In particular, do not cancel freed linux delayed work.

Sponsored by:	NVidia networking
2024-08-20 15:42:12 +03:00
Konstantin Belousov d00f3505ef mlx5en: do now waste ipsec_accel_in_tag on non-ipsec packets rx
Do not prepend ipsec tags into mbuf head when preparing rx wqe, store it
separately.  Only prepend (and clear the store) when received packed was
indeed offloaded by ipsec engine.  Then we do not need to refill tags
for slots that received non-ipsec packets.

This should solve some minimal degradation of the rx CPU usage due to
unneeded tag allocation for each packet.

Sponsored by:	NVidia networking
2024-08-20 15:42:12 +03:00
Konstantin Belousov 2787f8c39c mlx5en: stop including mlx5_accel/ipsec.h from en.h
This creates a circular dependency preventing inline functions from
ipsec.h from using en.h definitions.

Sponsored by:	NVidia networking
2024-08-20 15:42:12 +03:00
Igor Ostapenko 7d12558904 pf: Make pf_test predict that m_len < sizeof(struct ip) is false
Reviewed by:	kp
Differential Revision:	https://reviews.freebsd.org/D46374
2024-08-20 14:17:59 +02:00
John Baldwin 0a5996443b src.conf.5: Fix spelling typo
Sponsored by:	AFRL, DARPA
2024-08-20 07:54:12 -04:00
Baptiste Daroussin a6ecbf2b35 nuageinit: improve debugging when mkdir fails 2024-08-20 12:09:43 +02:00
Baptiste Daroussin 19fb9ad746 nuageinit: readd ssh key parsing when key is in meta_data.json
in openstack when no user is specified but a sshkey is provided
the information is stored in meta_data.json under "public_keys"

PR:	280461
Reported by:	tdb
2024-08-20 12:08:29 +02:00
Andrew Turner 53b8812c9a arm64/vmm: Allow vmm when in VHE
We now support VHE in byve so there is no reason to block it.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46085
2024-08-20 08:49:16 +00:00
Andrew Turner 7279fa6af1 arm64/vmm: Convert the handlers into ifuncs
Now we have support for both VHE and non-VHE update the handlers to
use an ifunc to decide which version to use.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46084
2024-08-20 08:49:16 +00:00
Andrew Turner bbe97db3c2 arm64/vmm: Add the VHE exception and switcher files
These just need to include the common code with macros to ensure it is
built correctly.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46083
2024-08-20 08:49:16 +00:00
Andrew Turner b87952e837 arm64/vmm: Mark asm files as supporting BTI
These already support BTI as they use the ENTRY macro. While the
non-VHE code doesn't need this the new VHE code will need it as it is
linked into either the kernel or the vmm module so will be included in
the BTI check.

Sponsored by:	Arm Ltd
2024-08-20 08:49:16 +00:00
Andrew Turner 79a19e0e8d arm64/vmm: Hide non-VHE exception code from VHE
Remove the non-VHE exception code from the VHE code path. As we replace
the exception vectors when entering the guest we don't need to check
which context we are in so can skip parts of the exception vectors.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46082
2024-08-20 08:49:16 +00:00
Andrew Turner f83a0f38d1 arm64/vmm: Update exception vectors around a guest
When entering into a guest with VHE we need to switch from the kernel
exception vectors to the vmm exception vectors. The latter understands
an exception will be from a guest and can switch back to a kernel
context.

Rather than encoding the location of the kernel vectors we can just
read the value from vbar_el2 and restore it later.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46081
2024-08-20 08:49:16 +00:00
Andrew Turner 5577bb2f67 arm64/vmm: Support tlbi from VHE
When invalidating the stage 2 TLB we need to ensure page tables updates
have completed and for tlbi vmalle1is the HCR_EL2 TGE flag needs to be
clear.

To fix the former add a data barrier before the tlbi instructions. On
non-VHE this will happen as part of the exception entry, so is only
needed for VHE.

The tlbi vmalle1is instruction operates on the EL2 & 0 regime when
HCR_EL2 E2H and TGE flags are both set. By clearing the TGE flag it
will stop this and operate on the EL1 & 0 regime we are expecting.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46080
2024-08-20 08:49:16 +00:00
Andrew Turner 20eabb33b4 arm64/vmm: Only store the guest par_el1
There is no need to store the host par_el1. We don't depend on it not
changing across calls into a guest.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46079
2024-08-20 08:49:15 +00:00
Andrew Turner 7861ecd18b arm64/vmm: Teach the switcher about new registers
To support booting the kernel in EL2 some of the EL0 and EL1 registers
are changed to point to an EL2 version. To get access to the EL0/EL1
version of these registers we need to use the new EL02 and EL12
registers, e.g. to access elr_el1 from the host we would use elr_el12.

Add macros that can be different on VHE vs non-VHE code so these
registers can be accessed in the correct way.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46078
2024-08-20 08:49:15 +00:00
Andrew Turner 6b17f49da0 arm64/vmm: Restore hcr_el2 earlier
It may cause fields in other registers to change meaning.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46077
2024-08-20 08:49:15 +00:00
Andrew Turner 387f878aa7 arm64/vmm: Teach vmm_arm.c about VHE
Most of the code is identical however some, e.g. managing EL2 memory
or setting EL2 registers, are unneeded under VHE as the kernel is in
EL2 so can manage these directly.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46076
2024-08-20 08:49:15 +00:00
Andrew Turner 55aa31480c arm64/vmm: Create functions to call into EL2
These will become ifuncs to enable VHE in a later change.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46075
2024-08-20 08:49:15 +00:00
Andrew Turner a745cdc19b arm64/vmm: Teach the vtimer about VHE
Teach the virtual timer about the cnthctl_el2 field layout under VHE.
As with non-VHE we need to trap the physical timer and not trap the
virtual timer.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46074
2024-08-20 08:49:15 +00:00
Andrew Turner 4b6c9f84de arm64/vmm: Move nVHE-only code to the new file
There are some functions that are only needed in non-VHE mode. These
are used to handle hypervisor calls from the kernel, and to manage the
page tables in EL2. As these won't be used by the VHE code we can move
them to the non-VHE specific files.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46073
2024-08-20 08:49:15 +00:00
Andrew Turner 3d61bcf1eb arm64/vmm: Start to extract code not needed by VHE
We can share some of the vmm code between VHE and non-VHE modes. To
support this create new files that include the common code and create
macros to name what will be the common functions.

Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46072
2024-08-20 08:49:15 +00:00
Andrew Turner 4db15ab2c6 arm64: Add counter timer registers to armreg.h
Reviewed by:	imp
Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D46071
2024-08-20 08:49:15 +00:00
Andrew Turner 43e8849bc2 conf: Enable BTI checking in the arm64 kernel
To ensure new code has BTI support make it an error to not have the
BTI ELF note when linking the kernel and kernel modules.

Reviewed by:	kib, emaste
Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D45469
2024-08-20 08:49:15 +00:00
Andrew Turner 12a6257a96 sys/conf: Introduce NOSAN_CFLAGS and NOSAN_C
To simplify disabling the kernel sanitizers in some files add
NOSAN_CFLAGS and NOSAN_C variables. These are CFLAGS and NORMAL_C with
the sanitizer flags removed.

While here add MSAN_CFLAGS to simplify keeping KMSAN in kern_kcov.c

Reviewed by:	khng, brooks, imp, markj
Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D45498
2024-08-20 08:49:15 +00:00
Wolfram Schneider 4132c4be4c bsd-family-tree: add FreeBSD Documentation Archive 2024-08-19 19:40:34 +00:00
Wolfram Schneider 2a91649947 bsd-family-tree: shorter URL for FreeBSD manual pages 2024-08-19 19:32:51 +00:00
Colin Percival c482d65cd1 EC2: Drop UEFI-PREFERRED from AMI names
Starting in September 2021 EC2 AMI names have included the boot method:
"BIOS", "UEFI", or "UEFI-PREFERRED".  The third option became available
in June 2023 and allows AMIs to boot via UEFI on EC2 instance types
which support that, but fall back to (much slower) BIOS booting on the
instance types which don't support UEFI.

Since UEFI-PREFERRED is basically a best-of-both-worlds option and is
now the default, there's no point mentioning it in the AMI names.  If
for some reason an AMI is built with the boot method forced to BIOS or
UEFI, that will still be included in the AMI name.

This will not be MFCed, in case anyone has scripts which look at the AMI
names on 13.x/14.x.

Sponsored by:	Amazon
2024-08-19 11:11:17 -07:00
Colin Percival 2dac89aee3 EC2: Bump AMI size to 8 GB
8 GB root disk images make FreeBSD/EC2 boot much faster than 6 GB
root disk images.

MFC after:	2 days
Sponsored by:	Amazon
2024-08-19 11:11:04 -07:00
Colin Percival e06022e1bf Makefile.ec2: Add missing CLEANFILES entry
Without this, "make clean ec2ami" won't build a new AMI.

MFC after:	3 days
Sponsored by:	Amazon
2024-08-19 11:10:52 -07:00
Baptiste Daroussin 3cd90cb66d usb_vendors: update to 2024.07.04 2024-08-19 18:11:41 +02:00
Baptiste Daroussin b9d1249b5b pci_vendors: update to 2024.06.23 2024-08-19 18:10:55 +02:00