In client mode (i.e. if there's only one peer) we should be able to
route to the correct peer even if the routing table is incorrect.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Test that openvpn (DCO) clients are notified and handle timeout events.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D35091
Set up an OpenVPN tunnel between two jails, send traffic through them to
confirm basic function.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D35067
OpenVPN Data Channel Offload (DCO) moves OpenVPN data plane processing
(i.e. tunneling and cryptography) into the kernel, rather than using tap
devices.
This avoids significant copying and context switching overhead between
kernel and user space and improves OpenVPN throughput.
In my test setup throughput improved from around 660Mbit/s to around
2Gbit/s.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D34340
Test sending very short packets (i.e. too short for an IP header)
packets in the Ethernet filtering code.
Sponsored by: Rubicon Communications, LLC ("Netgate")
This isn't likely to be an issue on real hardware (as Ethernet has a
minimal packet length of 64 bytes), but can cause panics with short
packets on if_epair.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Some tools (firecraker loader) only check for notes in PT_NOTE program
headers, so make sure the notes added using the ELFNOTE macro end up
in such header.
Output from readelf -Wl for and amd64 kernel after the change:
Elf file type is EXEC (Executable file)
Entry point 0xffffffff8038a000
There are 11 program headers, starting at offset 64
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
PHDR 0x000040 0xffffffff80200040 0x0000000000200040 0x000268 0x000268 R 0x8
INTERP 0x0002a8 0xffffffff802002a8 0x00000000002002a8 0x00000d 0x00000d R 0x1
[Requesting program interpreter: /red/herring]
LOAD 0x000000 0xffffffff80200000 0x0000000000200000 0x189e28 0x189e28 R 0x200000
LOAD 0x18a000 0xffffffff8038a000 0x000000000038a000 0xe447e8 0xe447e8 R E 0x200000
LOAD 0xfce7f0 0xffffffff811ce7f0 0x00000000011ce7f0 0x6b955c 0x6b955c R 0x200000
LOAD 0x1800000 0xffffffff81a00000 0x0000000001a00000 0x000140 0x000140 RW 0x200000
LOAD 0x1801000 0xffffffff81a01000 0x0000000001a01000 0x1c8480 0x5ff000 RW 0x200000
DYNAMIC 0x1800000 0xffffffff81a00000 0x0000000001a00000 0x000140 0x000140 RW 0x8
GNU_RELRO 0x1800000 0xffffffff81a00000 0x0000000001a00000 0x000140 0x000140 R 0x1
GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW 0
NOTE 0x1687ae0 0xffffffff81887ae0 0x0000000001887ae0 0x0001c0 0x0001c0 R 0x4
Section to Segment mapping:
Segment Sections...
[...]
10 .note.gnu.build-id .note.Xen
Reported by: cperciva
Fixes: 1a9cdd373a ('xen: add PV/PVH kernel entry point')
Fixes: 93ee134a24 ('Integrate support for xen in to i386 common code.')
Sponsored by: Citrix Systems R&D
Reviewed by: emaste
Differential revision: https://reviews.freebsd.org/D35611
When growing a UFS/FFS filesystem, the size of the summary information
may expand into additional blocks. These blocks must be removed from
fs_dsize which records the number of blocks in the filesystem that can
be used to hold filesystem data.
While here also update the fs_old_dsize and fs_old_size fields for
compatibility with kernels that were compiled before the addition
of UFS2.
Reported by: Edward Tomasz Napiera
MFC after: 1 week
The previous description was both incorrect and incomplete in its
description -- the 2038 limit doesn't apply on !i386 platforms, and
it didn't note that values above 100 are accepted and interpreted
differently. Further, it didn't note that absolute years are accepted.
Reviewed by: pauamma_gundo.com (manpages)
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D35360
Any field that starts with # is a commented out field (there as a place
holder only, the data in that place holder is completely ignored). The
previous code improperly detected this using strcmp. Instead, any field
whose names starts with '#' is ignored.
Differential Reivsion: https://reviews.freebsd.org/D34633
The function's goal is to compare old/new nhop/nexthop group for the route
and decompose it into the series of RTM_ADD/RTM_DELETE single-nhop
events, calling specified callback for each event.
Simplify it by properly leveraging the fact that both old/new groups
are sorted nhop-# ascending.
Tested by: Claudio Jeker<claudio.jeker@klarasystems.com>
Differential Revision: https://reviews.freebsd.org/D35598
MFC after: 2 weeks
Nexthops in the nexthop groups needs to be deterministically sorted
by some their property to simplify reporting cost when changing
large nexthop groups.
Fix reporting by actually sorting next hops by their indices (`wn_cmp_idx()`).
As calc_min_mpath_slots_fast() has an assumption that next hops are sorted
using their relative weight in the nexthop groups, it needs to be
addressed as well. The latter sorting is required to quickly determine the
layout of the next hops in the actual forwarding group. For example,
what's the best way to split the traffic between nhops with weights
19,31 and 47 if the maximum nexthop group width is 64?
It is worth mentioning that such sorting is only required during nexthop
group creation and is not used elsewhere. Lastly, normally all nexthop
are of the same weight. With that in mind, (a) use spare 32 bytes inside
`struct weightened_nexthop` to avoid another memory allocation and
(b) use insertion sort to sort the nexthop weights.
Reported by: thj
Tested by: Claudio Jeker<claudio.jeker@klarasystems.com>
Differential Revision: https://reviews.freebsd.org/D35599
MFC after: 2 weeks
We're not allowed to wait in this allocation path, so allocate the
memory NOWAIT instead of WAITOK. The code already copes with the
failures that may result, so no additional code is needed.
PR: 263008
Reviewed by: markj, Scott Benesh at Microsemi, imp
Differential Revision: https://reviews.freebsd.org/D35601
The macOS linker does not support -zrelro/-znorelro. Since it is only
used to for build tools that run on the host, and WITH_RELRO or
WITHOUT_RELRO does not matter there, just skip the option.
Reviewed by: markj
Fixes: 2f3a961487 ("Add RELRO build knob, default to enabled")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D35589
We now allow new bridge members to be added with a different MTU from
the bridge. We change the interface MTU to match the bridge.
Test this.
PR: 264883
Rather than reject new bridge members because they have the wrong MTU
change it to match the bridge. If that fails, reject the new interface.
PR: 264883
Different Revision: https://reviews.freebsd.org/D35597
Trim all word separators from end of line, except for last line and
only use '\r' to terminate the pasted lines as expected by TTY.
Submitted by: Ivan Quitschal <tezeka@hotmail.com>
Differential Revision: https://reviews.freebsd.org/D35552
PR: 263084
MFC after: 1 week
Sponsored by: NVIDIA Networking
Fix builds after 1459a22787 and
59191f3573 by using __diagused
for variables only used in KASSERT().
In addition remove two debug lines that look like a copy and paste error
from dmc620 to cmn600.
Further add the newly introduced files to sys/confg/files.arm64 as well
so that LINT compiles without missing symbols.
Fix build after e3572eb654 as
struct pmc_md_dmc620_pmu_op_pmcallocate is needed when building
libpmc/pmclog.c as it is partof the public API via machine/pmc_mdep.h.
Add support of ARM CMN-600 controller, PMU access functions only.
Add support of PMU counters of ARM CMN-600 controller.
Reviewed by: mhorne
Sponsored By: ARM
Differential Revision: https://reviews.freebsd.org/D32321
As of 19bb5a7244, the IOMMU_MF_CANSPLIT case in iommu_gas_match_one()
must take into account the specified offset. Otherwise, the recently
changed end calculation in iommu_gas_match_insert() could produce an
end address that crosses the specified boundary by one page.
Reviewed by: dougm
MFC with: 19bb5a7244
iwlwifi allocates queues on first wakeup. This takes a lot longer on
FreeBSD's work implementation that it seems to on Linux based on some
discussion. That meant that we couldn't get non-data frames out quickly
enough initially and failed to associate.
d0d2911035 should have solved most of this
for us with iwlwifi. None of the other drivers ported to LinuxKPI/802.11
up to today will call a dequeue so we get notified when the queus are
allocated or even need to do so.
Remove the bandaid initilly put in for iwlwifi now and speed up the
overall process of getting us associated.
MFC after: 3 days
This changes cleans up lsta from the VIF station list as well as
deals with freeing the lsta itself so it is not leaked.
lkpi_iv_update_bss() makes this more complicated than it should be
as we ties more sta state (incl. drv/fw) to the node that net80211
does not know about. There is more work to be done detangling this
now that is better understood.
MFC after: 3 days
In lkpi_iv_update_bss() introduced in d9f59799fc we swap lsta and
along with that sta and drv state if ni gets reused and swapped under
us by net80211. What we did not do was to sync sta->addr which later
(usually in lkpi_sta_assoc_to_run) during a bss_info update cause
problems in drivers (or firmware) as the BSSID and the station address
were not aligned.
If this proves to hold up to fix iwlwifi issues seem on firmware
for older chipsets, multi-assoc runs, and rtw89 (which this fixes)
we should add asserts that lkpi_iv_update_bss() can only happen in
pre-auth stages and/or make sure we factor out synching more state
fields.
Found debugging: rtw89
MFC after: 3 days