As a consequence lkpi_ieee80211_ifalloc() now does not fail. Remove
unneeded NULL check.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45852
The return value of function 'mfi_dcmd_command' should always be checked for
the potential ioctl(2) failure.
PR: 281158
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/1403
Current libxo output does not have a root element. Valid XML requires a single
root element. This commit adds this root element.
The libxo output version bumped accordingly.
PR: 254635
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/1330
The associated commit has been reverted and DMAR is not enabled by
default any longer.
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46474
For years we display the time in seconds how long it takes to
run `make buildworld' (see PR 224433). Now we will display the
time for "installworld" and "installkernel" as well.
e.g.:
--------------------------------------------------------------
>>> Installing everything completed on Sun Jul 7 16:11:37 UTC 2024
>>> Install world completed in 110 seconds, ncpu: 2, make -j2
--------------------------------------------------------------
This is an improved version of commit e5a0202f96
PR: 280187
Differential Revision: https://reviews.freebsd.org/D45912
Currently these sections are not used but defined only for amd64 and
i386. Added them for all other platforms to keep all platforms in sync.
There should be no functional change.
This change is extracted from a bigger patch [1] of hselasky, with
additional fix for the order of .fini_array section.
1. https://reviews.freebsd.org/D40467
Obtained from: hselasky
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45214
These input sections can have decimal numbers as the priority suffix.
Clang emits the '%u' form, while SORT is an alias for SORT_BY_NAME,
hence will result in wrong order of constructors / destructors in
output sections. Fix by using the correct sorting command
SORT_BY_INIT_PRIORITY instead [1].
The functions referenced by section .fini_array is in the normal order,
but been executed in the reverse order. The order is same with
.init_array section.
Currently these sections are not used, there should be no functional
change.
Note: As for the .ctors and .dtors sections, both Clang and GCC emit
the priority suffix in the form of '%05u', so there is no semantic
difference between SORT_BY_NAME and SORT_BY_INIT_PRIORITY for those
sections [2].
This fix is extracted from a bigger patch [3] of hselasky, with
additional fix for .fini_array section.
1. https://sourceware.org/binutils/docs/ld/Input-Section-Wildcards.html
2. https://reviews.llvm.org/D91187
3. https://reviews.freebsd.org/D40467
Reviewed by: imp (previous version)
Obtained from: hselasky
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45194
If pf_icmp_state_lookup() finds a state but rejects it for not matching the
expected direction we should unlock the state (and NULL out *state). This
simplifies life for callers, and also ensures there's no confusion about what a
non-NULL returned state means.
Previously it could have been left in there by the caller, resulting in callers
unlocking the same state twice.
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Sloppy state tracking renders ICMP direction check useless
and harmful as we might see only half of the connection in
the asymmetric setups but ignore the state match. The bug
was reported and fix was verified by Insan Praja <insan ()
ims-solusi ! com>. Thanks! OK mcbride, henning
MFC after: 1 week
Obtained from: OpenBSD, mikeb <mikeb@openbsd.org>, 538596657140
Sponsored by: Rubicon Communications, LLC ("Netgate")
Following bluhm's advice this changes the way we setup state keys and
perform state lookups for ICMPv6 Neighbor Discovery packets:
- replace the NS-dst with ND target address;
- replace the NA-src with ND target address;
- replace the NA-dst with unspecified address if it is a multicast.
This allows pf to match Address Resolution, Neighbor Unreachability
Detection and Duplicate Address Detection packets to the corresponding
states without the need to create new ones or match unrelated ones.
As a side effect we're doing now one state table lookup for ND packets
instead of two.
Fixes a bug uncovered by one of the previous commits that virtually
breaks IPv6 connectivity after few minutes of use.
ok stsp henning, with and ok bluhm
PR: 280701
MFC after: 1 week
Obtained from: OpenBSD, mikeb <mikeb@openbsd.org>, 2633ae8c4c8a
Sponsored by: Rubicon Communications, LLC ("Netgate")
If *rulesp was initially unset, we'll allocate a new buffer and pass it
to sysctl_handle_string(), which copies the existing string out and then
copies in the new string. We need to make sure the buffer containing
the existing rules is initialized, otherwise we leak kernel memory to
userspace.
Fix some nearby style nits while here.
Reported by: KMSAN
Reviewed by: igoro, kp
Fixes: 8aaffd78c0 ("Add dummymbuf module for testing purposes")
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D46493
The conditions used to test whether a pullup is needed were inverted.
While here:
- Fix a bogus assignment to "iplen": it's already initialized to *offp.
- Use in_cksum_skip() instead of manually adjusting the data pointer.
Otherwise the mbuf is temporarily in an invalid state, since m_len
isn't updated to match.
Reported by: KMSAN
Reviewed by: kp
Sponsored by: Klara, Inc.
Fixes: 3711515467 ("carp: support VRRPv3")
Differential Revision: https://reviews.freebsd.org/D46492
This avoids creating windows where a device file is accessible but the
device-specific field is not set.
Now that vmmdev_mtx is a sleepable lock, avoid dropping it while
creating devices files. This makes it easier to handle races and
simplifies some code; for example, the VSC_LINKED flag is no longer
needed.
Suggested by: jhb
Reviewed by: imp, jhb
Differential Revision: https://reviews.freebsd.org/D46488
This will make it easier to atomically create the device file and set
its si_drv1 member.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D46487
Rather than performing privilege checks after a specific VM's device
file is opened, do it once at the time the device file is opened. This
means that one can continue to access a VM via its device fd after
attaching to a jail which does not have vmm enabled, but this seems like
a reasonable semantic to have anyway.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D46486
vmm.h is required for VM_MAX_SUFFIXLEN. vmm_snapshot.h is required for
struct vm_snapshot_meta.
This is a prerequisite for including vmm_dev.h in the headers parsed by
libsysdecode.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D46485
The maximum VM name length has changed since the arm64 vmm code was
forked. For now, just sync with the amd64 definitions, since they
permit longer VM names. As arm64/vmm is implemented only in main, I
won't bother dealing with backward compat.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D46484
Add IDs for Realtek, Atheros (QCA), and Mediatek.
While I am not sure we'll ever support the ath10k and possibly mt76
SDIO devices, rtw88 ones can be found with SoCs (e.g. r2s-plus) and
are actively being worked on.
Update Broadcom/Cypress entries.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46460
Some of the defined names are not the direct 1:1 mapping with vendor
and device names used by Linux device drivers.
Introduce a p(roduct)alias so we can map the one device entry I came
across without much extra hassle and generate a name device drivers
know about:
palias BROADCOM_CYPRESS_43439 CYPRESS_43439
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46455
Add a version of no_printk(), which seems to be there to have format
string checking while never calling the printk. It seems a very weird
thing and it needs a return code and for some reason my initial
while (0) { } version hadn't worked while porting over new code but
could have been further downstream format string problems.
if (0) seems to do the job though I would have expected that to more
likely simply get optimised out without any futher format checking.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46463
Add an implementation of eth_hdr() needed by a wireless driver.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46462
Used by an updated wireless driver.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46461
Add a get_random_u8() implementation following the u36 and u64 versions.
We'll likely want to macro-ify them in the future and add all the types
which makes sense just to be done.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D46464
TPM is defined as an entropy and is called every 10 seconds. However it
was not registered and calls were discarded.
Signed-off-by: Jean-François Hren <jean-francois.hren@stormshield.eu>
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/1398
To comply with FIPS 140 guidance, you must be using a specifically
validated and approved version of the fips module. Currently, only
OpenSSL 3.0.8 and 3.0.9 have been approved by NIST for FIPS 140
validation. As such, we need to stop shipping later versions of the
module in the base system.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D46223
Use the term "network switch" instead of the ambiguous term "switch".
Signed-off-by: Tom Hukins <tom@FreeBSD.org>
Reviewed by: imp, mhorne
MFC after: 3 days
Pull Request: https://github.com/freebsd/freebsd-src/pull/1369
Use the pmap_l1_pindex() macro which accounts for the NUL2E offset.
While here, use pmap_l2_pindex() macro further down (no change).
Prompted by pull request and commit 2e33abc354, making the change for
the riscv pmap.
The tests correctly skip if no snd_dummy neither mixer is found, but the
cleanup is still called with the skip condition, which fails if there is
no mixer.
MFC after: 2 days
Reviewed by: christos
Differential Revision: https://reviews.freebsd.org/D46491
Add support for specifying how to report the missing Branch Target
Identification (BTI) linker feature on AArch64.
For:
Kernel: bti-report on when the linker supports it
Userspace: bti-report on when the linker supports it and
BTI_REPORT_ERROR is defined
Fixes: 43e8849bc2 ("conf: Enable BTI checking in the arm64 kernel")
Pull Request: https://github.com/freebsd/freebsd-src/pull/1393
Stop allocating new resources when the RNIC is stopped but continue to
allow previously allocated resources to be freed. Note that t4_tom's
uld_stop tears down all TOE connections, including those being used for
iWARP, and that triggers the cleanup of iWARP resources.
Fail post_send/post_recv early too to avoid the SQ doorbell.
MFC after: 1 week
Sponsored by: Chelsio Communications
This change can cause a deadlock in some cases, since it's possible for
VNET teardown to happen in the context of taskqueue_thread, and
ipsec_accel_sync() drains taskqueue_thread's work queue.
This reverts commit e196b12f4d.
