When IPSEC is enabled on the kernel the forwarding path has an optimization to not enter the code paths
for checking security policies but first checks if there is any security policy active at all.
The patch introduces the same optimization but for traffic generated from the host itself.
This reduces the overhead by 50% on my tests for generated host traffic without and SP active.
Differential Revision: https://reviews.freebsd.org/D2980
Reviewed by: ae, gnn
Approved by: gnn(mentor)
The Allwinner SoC has an AHCI device on its internal main bus rather
than the PCI bus. This SoC is somewhat underdocumented, and its SATA
controller is no exception. The methods to support this chip were
harvested from the Linux Allwinner SDK, and then constants invented to
describe what's going on based on low-level constants contained in the
SATA standard and guess work.
This SoC requires a specific AHCI channel setup in order to start the
operations on the channel properly.
Clock setup and AHCI channel setup idea came from NetBSD.
Tested on Cubieboard 2 and Banana pi (and attachment on Cubieboard by
Pratik Singhal).
Differential Revision: https://reviews.freebsd.org/D737
Submitted by: imp
Reviewed by: imp, ganbold, mav, andrew
Try to preserve the xn configuration when migrating. This is not always
possible since the backend might not have the same set of options
available, in which case we will try to preserve as many as possible.
MFC after: 2 weeks
PR: 183139
Reported by: mcdouga9@egr.msu.edu
Sponsored by: Citrix Systems R&D
kmalloc() call. Make function global instead of static inline to fix
compiler warnings about passing variable argument lists to inline
functions.
MFC after: 1 week
Sponsored by: Mellanox Technologies
the symlink from loader.rc.sample.
Fix paths relative to the CHROOTDIR.
MFC after: 3 days
X-MFC-With: r285076, r285078
X-MFC-Before: 10.2-BETA1
Sponsored by: The FreeBSD Foundation
The SoC, the flash, the ethernet ports and ethernet switch all work.
The USB works.
The 11ac PCIe NIC internally is at least seen by the PCIE RC, but
I haven't tried using it yet. There's no driver and I haven't
yet swapped it out for a non-11ac chip.
The on-chip 2GHz wifi works, but there are some data errors that
get thrown up in STA mode when scanning. I have a feeling I have
to finish the DDR flush code out and have it run correctly on the
shared interrupts; that'll take a bit of time to get right.
But if you're after an updated piece of hardware, the Archer C7 v2
is certainly there, and you can replace the 11ac NIC with a 3x3
Atheros PCIe device (eg AR9380, AR9390, AR9580, etc) and it'll
"just work".
Tested:
* TP-Link archer c7v2.
UFS/MSDOSFS label issues on FreeBSD/arm builds, however
the real problem was addressed in r285076, which is due
to two separate issues, unrelated to md(4) stale device
existence.
MFC after: 3 days
X-MFC-With: r285076
X-MFC-Before: 10.2-BETA1
Sponsored by: The FreeBSD Foundation
The Tp-link Archer-C7v2 unit has a QCA9558 internally but hangs the
QCA988x 11ac PCIe NIC off of PCI RC #1, not #0.
So I actually finally /do/ have a board to verify whether PCIe is working.
Grr.
Tested:
* TP-Link Archer-C7v2.
FreeBSD/arm builds. The problem stems from the loader.rc file
not existing, as well as geom_label not being loaded at boot.
For now, add the geom_label_load entry to loader.conf, and
symlink loader.rc.sample to loader.rc, both of which allowed
my BeagleBone Black to boot fine with a UFS label reference in
fstab(5).
MFC after: 3 days
X-MFC-Before: 10.2-BETA1
Sponsored by: The FreeBSD Foundation
While here:
1. have the Python bindings contain constants for the space
identifiers and the sync operation.
2. change the segment iterators to return None when done,
not ENXIO.
lightly used. Find the proper .m file when we depend on *_if.[ch] in
the srcs line, with seat-belts for false positive matches. This uses
make's path mechanism. A further refinement would be to calculate this
once, and then pass the resulting _MPATH to modules submakes.
Differential Revision: https://reviews.freebsd.org/D2327
compared to the old NFS client via email to the freebsd-fs@ mailing list.
For the new client, when multiple clients attempted to create a symbolic
link concurrently, more that one client would report success instead of
EEXIST. This was caused by code in the new client that mapped EEXIST to
OK assuming it was caused by a retried RPC request.
Since the old client did not do this, the patch defaults to the old
behaviour and permits the new behaviour to be enabled via a sysctl.
Reported by: alex.burlyga.ietf@gmail.com
Tested by: alex.burlyga.ietf@gmail.com
MFC after: 2 weeks
mean what you think it should... This will be fixed in the future
with a flag rename, but document what the flag really does and make
the _IV_ flags clear what their presents (or lack there of) means...
Reviewed by: gnn, eri (both earlier version)
ip_forward() does a route lookup for testing this packet can be sent to a known destination,
it also can do another route lookup if it detects that an ICMP redirect is needed,
it forgets all of this and handovers to ip_output() to do the same lookup yet again.
This optimisation just does one route lookup during the forwarding path and handovers that to be considered by ip_output().
Differential Revision: https://reviews.freebsd.org/D2964
Approved by: ae, gnn(mentor)
MFC after: 1 week
temporary file is created and then a rename() call move it to official file.
This operation didn't have any check to make sure data was written to disk
and if a power cycle happens system could end up with a 0 length passwd
or group database.
There is a pfSense bug with more infor about it:
https://redmine.pfsense.org/issues/4523
The following changes were made to protect passwd and group operations:
* lib/libutil/gr_util.c:
- Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file
- After rename(), fsync() call on directory for faster result
* lib/libutil/pw_util.c
- Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file
* usr.sbin/pwd_mkdb/pwd_mkdb.c
- Added O_SYNC flag on dbopen() calls
- After rename(), fsync() call on directory for faster result
* lib/libutil/pw_util.3
- pw_lock() returns a file descriptor to master password file on success
Differential Revision: https://reviews.freebsd.org/D2978
Approved by: bapt
Sponsored by: Netgate
user address when ABI uses shared page.
Note that the change is no-op for correctness, since shared page does
not fault. The mapping for the shared page is installed at the
address space creation, the page is unmanaged and its pte/pv entry
cannot be reclaimed.
Submitted by: Oliver Pinter
Review: https://reviews.freebsd.org/D2954
MFC after: 1 week
macros on amd64 and i386. Move the definition to machine/param.h.
kgdb defines INKERNEL() too, the conflict is resolved by renaming kgdb
version to PINKERNEL().
On i386, correct the lowest kernel address. After the shared page was
introduced, USRSTACK no longer points to the last user address + 1 [*]
Submitted by: Oliver Pinter [*]
Sponsored by: The FreeBSD Foundation
MFC after: 1 week