When the SCTP, TCP, or UDP implementation send a packet, it does not
compute the corresponding checksum but defers that. The network layer
will determine whether the network interface selected for the packet
has the requested capability and computes the checksum in software,
if the selected network interface doesn't have the requested
capability.
Do this not only for packets being sent by the local SCTP, TCP,
and UDP stack, but also when forwarding packets. Furthermore, when
such packets are delivered to a local SCTP, TCP, or UDP stack, do not
compute or validate the checksum, since such packets never have been on
the wire.
This allows to support checksum offloading also in the case of local
virtual machines or jails.
Support for epair, vtnet, and tap interfaces will be added in
separate commits.
Reviewed by: kp, rgrimes, tuexen, manpages
Differential Revision: https://reviews.freebsd.org/D51475
(cherry picked from commit bcb298fa9e)
This describes the current status of the implementation.
While there, be a bit more precise on how long the checksum
computation is delayed.
Reviewed by: Timo Völker, bcr
Differential Revision: https://reviews.freebsd.org/D51590
(cherry picked from commit fe35f275ab)
Use transmit checksum offloading instead transmission checksum
offloading to be consistent with other man pages.
Reported by: Peter Lei
Sponsored by: Netflix, Inc.
(cherry picked from commit c7263f873e)
Hardware TCP LRO results in problems in settings with IP forwarding
being enabled. In case of nodes without IP forwarding, using
software LRO is also beneficial in general, since it can provide better
information about what was received on the wire.
Therefore, disable hardware TCP LRO by default.
By tuning the loader tunable, this can be changed.
PR: 263229
Reviewed by: Timo Völker
Differential Revision: https://reviews.freebsd.org/D52684
(cherry picked from commit 6e4b811009d63f33c59d51f28fd4a030ca90843e)
Enable the handling of the IFCAP_RXCSUM_IPV6 handling by handling
IFCAP_RXCSUM and IFCAP_RXCSUM_IPV6 as a pair. Also make clear, that
software and hardware LRO require receive checksum offload.
Reviewed by: Timo Völker
Differential Revision: https://reviews.freebsd.org/D52682
(cherry picked from commit eaf619fddcb21859311b895a0836da3171a01531)
If this tunable is enabled and vtnet receives a packet with
VIRTIO_NET_HDR_F_NEEDS_CSUM set, vtnet computes the TCP/UDP checksum
and writes it in the checksum field.
This was somewhat useful when vtnet pretended that such a packet has
a correct checksum and set the mbuf flag CSUM_DATA_VALID.
But this is not the case anymore.
Reviewed by: tuexen
Differential Revision: https://reviews.freebsd.org/D52546
(cherry picked from commit 5da388d93917f5fa74022960cc65452592f71539)
When transmitting a packet over the vtnet interface, map the
csum flags CSUM_DATA_VALID | CSUM_PSEUDO_HDR to the virtio
flag VIRTIO_NET_HDR_F_DATA_VALID.
When receiving a packet over the virtio network channel, translate
the virtio flag VIRTIO_NET_HDR_F_NEEDS_CSUM not to CSUM_DATA_VALID |
CSUM_PSEUDO_HDR, but to CSUM_TCP, CSUM_TCP_IPV6, CSUM_UDP, or
CSUM_UDP_IPV6.
The second change fixes a series of issue related to checksum
offloading for if_vtnet.
While there, improve the stats counters to allow a detailed view
on what is going on in relation to checksum offloading.
PR: 165059
Reviewed by: tuexen, manpages
Differential Revision: https://reviews.freebsd.org/D51686
(cherry picked from commit 3008f30d2c2cabdd7e17f7fb922139da8681ffbd)
Improve several descriptions for loader tunables and add descriptions
of the statistics provided by read only sysctl-variables.
Reviewed by: bcr
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D51985
(cherry picked from commit ac87d70563)
Add capabilities RXCSUM and RXCSUM6 as well as TXCSUM and TXCSUM6 for
for receive and transmit checksum offloading for TCP and UDP to the
epair interface and enable them by default.
RXCSUM and RXCSUM6 are enabled because an epair interface may receive
a packet with the csum_flag CSUM_DATA_VALID set, which is expected
only if these capabilities are enabled. Since it seems not helpful to
remove this flag, it is not possible to disable these capabilities.
TXCSUM and TXCSUM6 are synchronized between the two epair interface
ends. If enabled/disabled on one end, it will be enabled/disabled on
the other end. If the sending epair interface end has TXCSUM or TXCSUM6
enabled and the receiving end is in a bridge, it is assumed that all
interfaces in the bridge have that capability enabled. Otherwise the
bridge would have disabled that capability on the receiving epair
interface end in the bridge which would have disabled that capability
on the sending epair interface end as well due to the synchronization.
Reviewed by: bcr, Seyed Pouria Mousavizadeh Tehrani
Differential Revision: https://reviews.freebsd.org/D51639
(cherry picked from commit e4ea162509)
Reload is used for service reconfiguration as well
and lacks a NAME_prepend-like mechanism so it makes
sense to extend the NAME_reload hook into this
action.
precmd may use configuration checks and blocks setup
from doing its designated work (e.g. nginx). In moving
the invoke of the setup script in front allows us to
provide custom scripts for config file generation and
fixing prior to precmd checking configuration integrity.
Also introduce _run_rc_setup to separate the launcher
from the main one. Let it run correctly in the case
of restart_precmd and block further execution as
would be the case in start due to the internal plumbing
of restart being split into calling stop and start
afterwards.
PR: https://reviews.freebsd.org/D36259
Build and sysctl configuration modes are introduced for QAT SPR
devices to disable safe dc mode. A new QAT driver build option
‘QAT_DISABLE_SAFE_DC_MODE’ is required to build the QAT driver
with code that allows a request to be sent to FW to override the
‘History Buffer’ mitigation. Default QAT driver builds do not
include this ‘QAT_DISABLE_SAFE_DC_MODE’ build option. Even if the
QAT driver was built with code that allows a request to be sent to
FW to override the ‘History Buffer’ mitigation, the QAT driver must
still be configured using sysctl to request an override of the
‘History Buffer’ mitigation if desired. The default QAT driver
configuration option sysctl dev.qat.X.disable_safe_dc_mode does not
allow override of the mitigation. The new sysctl attribute
disable_safe_dc_mode is to be set to 1 for overriding the history
buffer mitigation. Firmware for qat_4xxx is updated for this change.
If this mode is enabled, decompression throughput increases but may
result in a data leak if num_user_processes is more than 1.
This option is to be enabled only if your system is not prone to
user data leaks.
Reviewed by: markj, ziaee
MFC after: 2 weeks
Sponsored by: Intel Corporation
Differential Revision: https://reviews.freebsd.org/D50379
(cherry picked from commit 5a8e5215ce)
add a new sysctl, net.link.bridge.member_ifaddrs, which defaults to 1.
if it is set to 1, bridge behaviour is unchanged.
if it is set to 0:
- an interface which has AF_INET6 or AF_INET addresses assigned cannot
be added to a bridge.
- an interface in a bridge cannot have an AF_INET6 or AF_INET address
assigned to it.
- the bridge will no longer consider the lladdrs on bridge members to be
local addresses, i.e. frames sent to member lladdrs will not be
processed by the host.
update bridge.4 to document this behaviour, as well as the existing
recommendation that IP addresses should not be configured on bridge
members anyway, even if it currently partially works.
in testing, setting this to 0 on a bridge with 50 member interfaces
improved throughput by 22% (4.61Gb/s -> 5.67Gb/s) across two member
epairs due to eliding the bridge member list walk in GRAB_OUR_PACKETS.
Reviewed by: kp, des
Approved by: des (mentor)
Differential Revision: https://reviews.freebsd.org/D49995
(cherry picked from commit 0a1294f6c6)
This is derived from swills@ fork of the Juniper virtfs with many
changes by me including bug fixes, style improvements, clearer layering
and more consistent logging. The filesystem is renamed to p9fs to better
reflect its function and to prevent possible future confusion with
virtio-fs.
Several updates and fixes from Juniper have been integrated into this
version by Val Packett and these contributions along with the original
Juniper authors are credited below.
To use this with bhyve, add 'virtio_p9fs_load=YES' to loader.conf. The
bhyve virtio-9p device allows access from the guest to files on the host
by mapping a 'sharename' to a host path. It is possible to use p9fs as a
root filesystem by adding this to /boot/loader.conf:
vfs.root.mountfrom="p9fs:sharename"
for non-root filesystems add something like this to /etc/fstab:
sharename /mnt p9fs rw 0 0
In both examples, substitute the share name used on the bhyve command
line.
The 9P filesystem protocol relies on stateful file opens which map
protocol-level FIDs to host file descriptors. The FreeBSD vnode
interface doesn't really support this and we use heuristics to guess the
right FID to use for file operations. This can be confused by privilege
lowering and does not guarantee that the FID created for a given file
open is always used for file operations, even if the calling process is
using the file descriptor from the original open call. Improving this
would involve changes to the vnode interface which is out-of-scope for
this import.
Differential Revision: https://reviews.freebsd.org/D41844
Reviewed by: kib, emaste, dch
MFC after: 3 months
Co-authored-by: Val Packett <val@packett.cool>
Co-authored-by: Ka Ho Ng <kahon@juniper.net>
Co-authored-by: joyu <joyul@juniper.net>
Co-authored-by: Kumara Babu Narayanaswamy <bkumara@juniper.net>
While here, rename all instances of "RealTek" to "Realtek" for
authenticity.
Approved by: re (cperciva)
Reviewed by: imp, lwshu, zaiee
Pull Request: https://github.com/freebsd/freebsd-src/pull/1649
(cherry picked from commit 76ed6f2db3)
(cherry picked from commit f336a04960b608d2caeaf964663c3a8425f31d71)
While here, change applicable uses of "ports" to "adapters" to be more
precise and improve searchability.
This is a 14.3 candate since it affects (positively) the release notes
generated from the hardware secionts.
Approved by: re (cperciva)
MFC After: 3 days
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1663
(cherry picked from commit 794ee43e75)
(cherry picked from commit 827153d21219f76cf006d50af4cdf85f22b75de0)
Add a stub manual only saying what it is, how to include it, what is
supported, and since when. This plugs the mtkswitch driver into the
manual subsystem and the release hardware notes.
MFC to: 14.3
MFC after: 3 days
Reviewed by: adrian, carlavilla
Approved by: carlavilla (mentor)
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D50412
(cherry picked from commit 37f00bc257)
(cherry picked from commit f31ac06711e69aed7cb4b38d8eb2aba2d7149ed8)
Add a stub manual only saying what it is, how to include it, what is
supported, and since when. This plugs the ip17x driver into the manual
subsystem and the release hardware notes.
MFC to: 14.3
MFC after: 3 days
Reviewed by: adrian, carlavilla
Approved by: carlavilla (mentor)
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D50411
(cherry picked from commit f750a114d2)
(cherry picked from commit ded154a1df97e3340f129394cbcaa1a50439d1bf)
+ copyright symbols do not belong in Nd's (apropos results)
+ move hardware to HARDWARE for inclusion in the hw release notes
+ improve sysctls
+ lines which say nothing removed
+ links moved to see also
+ spacing and markup corrections
MFC after: 3 days
Reviewed by: markj, mhorne
Approved by: mhorne (mentor)
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D50381
(cherry picked from commit c1d9b2c9b0)
(cherry picked from commit 802edf23079388447659136805d97b95b0f90899)
For visibility in apropos and inclusion in the hardware release notes.
MFC after: 3 days
Reviewed by: adrian, mhorne
Approved by: mhorne (mentor)
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D50321
(cherry picked from commit bef89c155e)
(cherry picked from commit 5e0e046d95a92aab8bea856fe0008870ee11bfc9)
For inclusion in apropos and the hardware release notes. While here,
add xrefs to this page and the previous e6000sw in etherswitch.4.
MFC after: 3 days (but adjusted for 14.3)
Reported by: adrian
Reviewed by: adrian, mhorne
Approved by: mhorne (mentor)
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D50324
(cherry picked from commit 91c9751c39)
(cherry picked from commit 17e9eb1e0eb721e2400232c71f20bc490c416c60)
For visibility in apropos and inclusion in the hardware release notes.
MFC after: 3 days
Reviewed by: adrian (previous), mhorne
Approved by: mhorne (mentor)
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D50322
(cherry picked from commit 9692d5e15e)
(cherry picked from commit 1343a5b616ec4e11047c5024bb844e7275f84ddd)
This should have been done 2+ years ago when the td argument was dropped
from NDINIT() and the NDFREE() macro and the SAVENAME and SAVESTART
flags were retired.
Approved by: re (cperciva)
MFC after: 3 days
Fixes: 7e1d3eefd4 ("vfs: remove the unused thread argument from NDINIT*")
Fixes: 269c564b90 ("vfs: retire NDFREE")
Sponsored by: NetApp, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D50375
(cherry picked from commit ee84b4e2fd)
(cherry picked from commit 68bc635cc9b099fb03cfcd519046c385af0c5355)
By: ziaee
Reported by: Pat Maddox <pat@patmaddox.com>
Reviewed by: bz (previous version), emaste, mhorne
Differential Revision: https://reviews.freebsd.org/D49937
iwlwifi: update man pages for generations, firmware. and 11n/11ac
Put Intel's iwlwifi better in context to iwm, iwx and iwn.
Document the important tunables so users know where to go.
Document the port/package for firmware where firmware is now
maintained.
Adjust wording and table for the firmware and a flavor column.
Update History sections for 11n/11ac support as well as firmware
module removal from base.
Sponsored by: The FreeBSD Foundation
Reviewed by: ziaee, emaste (comments)
Differential Revision: https://reviews.freebsd.org/D50319
Approved by: re (cperciva)
(cherry picked from commit c33945a112)
(cherry picked from commit a7e183c0c9)
(cherry picked from commit 4ae64bd33f24cff90ff75efe67176a6df1c3af62)
Update the xen(4) man page to reflect the current support status.
Approved by: re (cperciva)
Reported by: kevans
Reviewed by: bcr kevans imp
Differential revision: https://reviews.freebsd.org/D43373
(cherry picked from commit 82126ef92f)
(cherry picked from commit 7dc0a9fa76a8df6dfaf26ff36a11aa9fe060a201)
Completes commit "queue(3): New *_SPLIT_AFTER(), *_ASSERT_EMPTY(),
*_ASSERT_NONEMPTY()" (c028802339).
MFC after: 1 day
Sponsored by: The FreeBSD Foundation
(cherry picked from commit c071616b06)
(cherry picked from commit eca0ce8afb15ef9f01703c4d15273eaf66eb63f5)
Approved by: re (cperciva)
Replace it with another one, selected from current in-tree uses.
MFC after: 1 day
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 129a6cf886)
(cherry picked from commit 1ca993dd454445ad766f8b8b39103e09c1dccce9)
Approved by: re (implicit)
Support enabling debugging macros for userland and _STANDALONE builds,
in addition to the already existing kernel support. On runtime error,
panic() is used for kernel and _STANDALONE builds, and a simple
fprintf() + abort() combination for userland ones. These can be
overriden if needed by defining the QMD_PANIC() and/or QMD_ASSERT()
macros.
The expansion of queue debug macros can now be controlled more finely
thanks to the QUEUE_MACRO_DEBUG_ASSERTIONS and
QUEUE_MACRO_NO_DEBUG_ASSERTIONS macros. The first one serves to
forcibly enable debug code and the second to forcibly disable it. These
are meant to be used as compile options only, and should normally not be
defined in a source file. It is an error to have both of them defined.
If none of the two above-mentioned macros are defined, an automatic
determination is performed. When compiling kernel code,
QUEUE_MACRO_DEBUG_ASSERTIONS is defined if INVARIANTS has been defined
(as before). For userland and _STANDALONE builds, no debug code is ever
automatically inserted even if NDEBUG is not defined, as doing so would
inflate code size and users may want to have working assert() calls
without this overhead by default.
In the manual page, document check code control under DIAGNOSTICS.
While here, rework a bit the rest of the DIAGNOSTICS section.
Reviewed by: markj (older version)
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49973
(cherry picked from commit 1c5fea9e8b)
*_SPLIT_AFTER() allows to split an existing queue in two. It is the
missing block that enables arbitrary splitting and recombinations of
lists/queues together with *_CONCAT() and *_SWAP().
Add *_ASSERT_NONEMPTY(), used by *_SPLIT_AFTER().
Reviewed by: markj
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49608 (stailq)
Differential Revision: https://reviews.freebsd.org/D49969 (rest)
(cherry picked from commit c028802339)
The man page ascii(7) first appears in the first edition manual.
Reviewed by: imp, Alexander Ziaee
Obtained from: OpenBSD
Differential Revision: https://reviews.freebsd.org/D48224
(cherry picked from commit 6145586a6c)
to Linux hidraw compatibility API.
Respective Linux commit f43d3870cafa made by Dean Camera message is:
Currently the hidraw module can only read and write feature HID reports on
demand, via dedicated ioctls. Input reports are read from the device through
the read() interface, while output reports are written through the write
interface().
This is insufficient; it is desirable in many situations to be able to read and
write input and output reports through the control interface to cover
additional scenarios:
- Reading an input report by its report ID, to get initial state
- Writing an input report, to set initial input state in the device
- Reading an output report by its report ID, to obtain current state
- Writing an output report by its report ID, out of band
This patch adds these missing ioctl requests to read and write the remaining
HID report types. Note that not all HID backends will neccesarily support this
(e.g. while the USB link layer supports setting Input reports, others may not).
FreeBSD native uhid(4) compatible API already has similar ioctls.
MFC after: 3 days
(cherry picked from commit fd6690e2d5)
- Fix maximal keyboard backlight level, Although Linux source code
comment says that backlight level is encoded in 3 bits of data,
actual code limits maximum level to 3.
- Add backlight(9) support for keyboard
- Turn off/on keyboard backlight on suspend/resume
Sponsored by: Future Crew LLC
MFC after: 1 month
Reviewed by: mav
Differential Revision: https://reviews.freebsd.org/D48983
(cherry picked from commit f134662a1a)
pci_has_pm is a quick check that returns true if a PCI device supports
the power management capability.
pci_enable_pme can be used in DEVICE_SUSPEND driver methods to enable
PME# during suspend.
Reviewed by: Krzysztof Galazka <krzysztof.galazka@intel.com>x
Differential Revision: https://reviews.freebsd.org/D49250
(cherry picked from commit e5cbf0e881)
The PCI power management specification requires that the OS clear any
pending PME# interrupt and generation of PME# interrupts during
"initial operating system load". Note that clearing a pending PME#
interrupt requires writing a 1 to the Read/Write-Clear PME bit in the
power management status register. To handle the boot time case, clear
PME# state in pci_read_cap() when scanning new PCI devices. This
should also cover hotplug devices.
In addition, clear this state on every PCI device after resume from
sleep in pci_resume_child before invoking the driver's DEVICE_RESUME
method.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D49222
(cherry picked from commit 82d6927712)
This dates way, way back with the original net80211 support w/ atheros chips.
The earliest chip (AR5210) had limitations supporting software encryption.
It only had the four WEP slots, and not any keycache entries. So when
trying to do CCMP/TKIP encryption would be enabled and the key slots
would have nothing useful in them, resulting in garbage encryption/decryption.
I changed this back in 2012 to disable supporting hardware WEP for AR5210
so if_ath(4) / net80211 crypto is all done in software and yes,
I could do CCMP/TKIP on AR5210 in software.
Fast-forward to newer-ish hardware - the Qualcomm 11ac hardware.
Those also don't support pass-through keycache slots! Well, the hardware
does at that layer, but then there's a whole offload data path encap/decap
layer that's turning the frames from raw wifi into ethernet frames (for
"dumb" AP behaviours) or "wifi direct" frames (ie, "windows".)
This hides a bunch of header frame contents required for doing the software
encryption / decryption path.
But then if you enable the raw transmit/receive frame format it ALSO
bypasses the hardware encryption/decryption engine!
So for those NICs:
* If you want to do encryption, you can only use the firmware supported
ciphers w/ wifi direct or ethernet;
* If you want to use software encrypt/decrypt, you MUST disable all encryption
and instead use 100% software encryption.
The wpa_supplicant bsd driver code has a specific comment about this and
flips on supporting WEP/TKIP/CCMP, which is understandable but it doesn't
fix the ACTUAL intention of all of this stuff.
So:
* create a new field, ic_sw_cryptocaps
* populate it with the default supported set of ciphers for net80211
(right now wep, tkip, ccmp)
* Communicate the combination of both ic_sw_cryptocaps and ic_cryptocaps
to wpa_supplicant via the relevant devcap ioctl.
* Update manpage.
I'll follow this up with a driver_bsd.c change in wpa_supplicant to
trust this again, and then start adding the other cipher support there.
Differential Revision: https://reviews.freebsd.org/D44820
Adjusted for MFC by moving the new field to a spare.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 1116e8b95c)
Rewrite the HARDWARE section conforming to mdoc(7) and style.mdoc(7)
providing better rendering and increased clarity in the HW Relnotes.
MFC after: 3 days
Reviewed by: carlavilla, imp, ziaee
Approved by: carlavilla (mentor)
Pull Request: https://github.com/freebsd/freebsd-src/pull/1665
(cherry picked from commit 85a3ec9de8)
Convert the supported hardware into a descending column list to improve
aesthetic, density, and utility on console and in the hardware release
notes. Move the section into alignment for predictability, and tag spdx.
MFC after: 3 days
Reviewed by: carlavilla, imp, mav
Approved by: carlavilla (mentor)
Differential Revision: https://reviews.freebsd.org/D49721
(cherry picked from commit d9bdf419b1)
Use one line without child macros for document description, for optimal
compatability with manual tooling.
MFC after: 3 days
Reviewed by: carlavilla, imp
Approved by: carlavilla (mentor)
Pull Request: https://github.com/freebsd/freebsd-src/pull/1629
(cherry picked from commit bfe9be2253)
+ add `(FAT)` to all descriptions to enable `apropos fat`
+ xref all msdosfs(4) utilities in base to msdosfs(4)
+ xref msdosfs(4) to all msdosfs(4) utilities
+ remove unrelated fsck_ffs(8) from fsck_msdos(8)
MFC after: 3 days
Reviewed by: mhorne
Approved by: mhorne (mentor)
Pull Request: https://github.com/freebsd/freebsd-src/pull/1557
(cherry picked from commit 93f4377cab)
This change introduces new sysctl handlers that allow the user to change
RX/TX ring sizes. As before, the default ring sizes will come from the
device (usually 1024). We also get the max/min limits from the device.
In the case min values are not provided we have statically defined
constants for the min values. Additionally, if the modify ring option is
not enabled on the device, changing ring sizes via sysctl will not be
possible. When changing ring sizes, the interface turns down
momentarily while allocating/freeing resources as necessary.
Signed-off-by: Vee Agarwal <veethebee@google.com>
Reviewed by: markj
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D49428
(cherry picked from commit 22fe926a62)
This change introduces new sysctl handlers that allow the user to change
RX/TX queue counts. As before, the default queue counts will be the max
value the device can support. When chaning queue counts, the interface turns
down momentarily while allocating/freeing resources as necessary.
Signed-off-by: Vee Agarwal <veethebee@google.com>
Reviewed by: markj
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D49427
(cherry picked from commit e0464f74d5)
