When in netmap (emulated) mode, wireguard interfaces prepend or strip a
dummy ethernet header when interfacing with netmap. The netmap
application thus sees unencrypted, de-encapsulated frames with a fixed
header.
In this mode, netmap hooks the if_input and if_transmit routines of the
ifnet. Packets from the host TX ring are handled by wg_if_input(),
which simply hands them to the netisr layer; packets which would
otherwise be tunneled are intercepted in wg_output() and placed in the
host RX ring.
The "physical" TX ring is processed by wg_transmit(), which behaves
identically to wg_output() when netmap is not enabled, and packets
appear in the "physical" RX ring by hooking wg_deliver_in().
Reviewed by: vmaffione
MFC after: 1 month
Sponsored by: Klara, Inc.
Sponsored by: Zenarmor
Differential Revision: https://reviews.freebsd.org/D43460
Reload is used for service reconfiguration as well
and lacks a NAME_prepend-like mechanism so it makes
sense to extend the NAME_reload hook into this
action.
precmd may use configuration checks and blocks setup
from doing its designated work (e.g. nginx). In moving
the invoke of the setup script in front allows us to
provide custom scripts for config file generation and
fixing prior to precmd checking configuration integrity.
Also introduce _run_rc_setup to separate the launcher
from the main one. Let it run correctly in the case
of restart_precmd and block further execution as
would be the case in start due to the internal plumbing
of restart being split into calling stop and start
afterwards.
PR: https://reviews.freebsd.org/D36259
Now that the handbook has been moved to ports, I think it's very nice to
have a network quickstart guide in-band, in base, in the system manual.
If the user uses any of the following terms "man -k
{network,networking,wifi,quickstart}" this page will come up, which is I
think a very common use case for new users.
Currently, this document explains connecting to a basic Ethernet
network, a basic wifi network, scanning for wifi networks, and airplane
mode, as well as linking to other sections, including the handbook
Co-authored-by: Graham Perrin <grahamperrin@gmail.com>
Reviewed by: imp, bcr, freebsd@igalic.co
Pull Request: https://github.com/freebsd/freebsd-src/pull/833
(cherry picked from commit 75eda0096bf83b9b88996d9903b5d4e504047eba)
(cherry picked from commit 5dced41439)
Approved-by: re (cperciva)
When the stable/13 branch was created the userland knob (in
share/mk/src.opts.mk) was changed to default to yes, but the kernel
default was not changed. These two should always have the same default.
Regenerate src.conf.5, as the differing defaults previously confused
`makeman`.
Fixes: bfd1570515 ("Create the stable/13 branch")
Sponsored by: The FreeBSD Foundation
Approved by: re (cperciva)
(cherry picked from commit d8644a5d2458588dd7d8e44bd23c6cacaead19b7)
(cherry picked from commit 3a8e15354e)
I am unsure of its exact historical usage, but, we no longer ship GCC
with FreeBSD, and it should have been removed.
Reviewed by: imp, emaste
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D44440
(cherry picked from commit cc1268a926772900a08c61fd791bb66df1e6c30c)
Add option to send fragmented packets and to properly sniff them by
reassembling them by the sniffer itself.
Reviewed by: kp
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D42354
(cherry picked from commit d7c9de2d68ca81c557e069c2b431529cf597886c)
pf: Fix packet reassembly
Don't drop fragmented packets when reassembly is disabled, they can be
matched by rules with "fragment" keyword. Ensure that presence of scrub
rules forces old behaviour.
Reviewed by: kp
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D42355
(cherry picked from commit ede5d4ff5b39ccbc193c30fb6c093c7c4de9a464)
pf: Update documentation regarding matching, scrubbing and reassembly
Update pf documentation:
- default behaviour of fragment reassembly
- introduction of scrub option for filter rules
- disadvantages of using the old scrub ruleset
- options supported for match rules
- fix missing list block end
- remove duplicate description of match filter rule
- update example to modern syntax
Reviewed by: kp
Fragments obtained from: OpenBSD
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D42270
(cherry picked from commit 5ed470bdb9da6442d6030cf0a7a8493f759fbb43)
As discussed in bug 278417, some ports require the F16C instruction set
to compile, but there is no way yet to detect whether the currently
chosen CPUTYPE supports this feature.
Add the feature to the MACHINE_CPU variable, for each processor that
supports it. The list of processors was extracted from clang 18's -dM
output, filtered on the __F16C__ define.
PR: 278417
Reviewed by: brooks, emaste
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D44848
(cherry picked from commit 2fd73b7126d7d7e5701e001af929411ce7a0c5f1)
Change .Xr to .Fn, which quiets a mandoc warning.
Reviewed by: mhorne
MFC after: 3 days
Pull Request: https://github.com/freebsd/freebsd-src/pull/1135
(cherry picked from commit 81727a3dd38287d437d1e7e416dd89107a706e55)
Change .Xr to .Nm, which quiets a mandoc warning
Reviewed by: mhorne
MFC after: 3 days
Pull Request: https://github.com/freebsd/freebsd-src/pull/1135
(cherry picked from commit f9ea7b6e8253273ebb1023c4380a305e6d3cf02b)
Change .Xr to .Nm, which quiets a mandoc warning.
Reviewed by: mhorne
MFC after: 3 days
Pull Request: https://github.com/freebsd/freebsd-src/pull/1135
(cherry picked from commit f8ce29b63181912e01625addb47168e987d9bbed)
Execute the mandoc -Tlint option on assert(3). This results in two areas
of updates:
Remove invalid Rs block
Remove invalid Re block
Reviewed by: mhorne
MFC after: 3 days
Pull Request: https://github.com/freebsd/freebsd-src/pull/1132
(cherry picked from commit 3f72f36cf2f92e00a248f729d50803232ff4cef8)
The macro originates from BSD/OS, with a different etymology than what
is presented. Add a brief HISTORY section to capture this.
Reviewed by: emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D44439
(cherry picked from commit 5d956e11ed3713ff769d51b71f7b4ee6ce0085fe)
Improving first-glance comprehension that this manual page applies to
igb/lem interfaces provided by the em(4) driver.
While here, tag SPDX, link the framework, and shuffle a sentence to fix
linter warning.
Co-authored-by: mhorne
Reviewed by: mhorne
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/1134
(cherry picked from commit 501f7e7bf847c66e3869b533805e76897e4685b9)
A correction: 'and' -> 'an'. Plus, several tweaks for brevity or
clarity.
Reviewed by: mhorne
MFC after: 3 days
Pull Request: https://github.com/freebsd/freebsd-src/pull/813
(cherry picked from commit 712fd5ac9181b544d8ffcf88ab6313233c8ddaed)
Hot-unplugging a sound device, such as a USB sound card, whilst being
consumed by an application, results in an infinite loop until either the
application closes the device's file descriptor, or the channel
automatically times out after hw.snd.timeout seconds. In the case of a
detach however, the timeout approach is still not ideal, since we want
all resources to be released immediatelly, without waiting for N seconds
until we can use the bus again.
The timeout mechanism works by calling chn_sleep() in chn_read() and
chn_write() (see pcm/channel.c) in order to send the thread to sleep,
using cv_timedwait_sig(). Since chn_sleep() sets the CHN_F_SLEEPING flag
while waiting for cv_timedwait_sig() to return, we can test this flag in
pcm_unregister() (called during detach) and wakeup the sleeping
thread(s) to immediately kill the channel(s) being consumed.
Sponsored by: The FreeBSD Foundation
MFC after: 2 months
PR: 194727
Reviewed by: dev_submerge.ch, bapt, markj
Differential Revision: https://reviews.freebsd.org/D43545
(cherry picked from commit 44e128fe9d92c1a544b801cb56e907a66ef34691)
Currently the snd_clone framework creates device nodes on-demand for
every channel, through the dsp_clone() callback, and is responsible for
routing audio to the appropriate channel(s). This patch gets rid of the
whole snd_clone framework (including any related sysctls) and instead
uses DEVFS_CDEVPRIV(9) to handle device opening, channel allocation and
audio routing. This results in a significant reduction in code size as
well as complexity.
Behavior that is preserved:
- hw.snd.basename_clone.
- Exclusive access of an audio device (i.e VCHANs disabled).
- Multiple processes can read from/write to the device.
- A device can only be opened as many times as the maximum allowed
channel number (see SND_MAXHWCHAN in pcm/sound.h).
- OSSv4 compatibility aliases are preserved.
Behavior changes:
Only one /dev/dspX device node is created (on attach) for each audio
device, as opposed to the current /dev/dspX.Y devices created by
snd_clone. According to the sound(4) man page, devices are not meant to
be opened through /dev/dspX.Y anyway, so it is best if we do not create
device nodes for them in the first place. As a result of this, modify
dsp_oss_audioinfo() to print /dev/dspX in the "ai->devnode", instead of
/dev/dspX.Y.
Sponsored by: The FreeBSD Foundation
MFC after: 2 months
Reviewed by: dev_submerge.ch, bapt, markj
Differential Revision: https://reviews.freebsd.org/D44411
(cherry picked from commit e8c0d15a64fadb4a330f2da7244becaac161bb70)
This option will omit all the graphics support, the teken terminal
library, video mode support, etc and support a simple, basic, text-only
video console for the x86 BIOS boot loader. It uses the FreeBSD 12
version of vidconsole.c. It defaults to NO.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D43912
(cherry picked from commit 63e9c976640d05ef65842eaf3d54de9a8d48cbdc)
As mentioned in zpoolprops(7), on some SSDs, it may not be desirable to
use ZFS autotrim because a large number of trim requests can degrade
disk performance; instead, the pool should be manually trimmed at
regular intervals.
Add a new daily periodic script for this purpose, 801.trim-zfs. If
enabled (daily_trim_zfs_enable=YES; the default is NO), it will run a
'zpool trim' operation on all online pools, or on the pools listed in
'daily_trim_zfs_pools'.
The trim is not started if the pool is degraded (which matches the
behaviour of the existing 800.scrub-zfs script) or if a trim is already
running on that pool. Having autotrim enabled does not inhibit the
periodic trim; it's sometimes desirable to run periodic trims even with
autotrim enabled, because autotrim can elide trims for very small
regions.
PR: 275965
MFC after: 1 week
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/956
(cherry picked from commit 493908c4b45c7b75e4a6b4aea3b5b63ea5c268d5)
MacOS has case insensitive filesystems by default. So trying to link
between foo.X and FOO.X causes an error of some sort since we unlink the
old foo file destroying the newly installed foo due to the insensitive
nature of the FS. Assume that this is true on darwin/macos, though it is
only try by default there.
Perhaps install should grow smarts to know when this is the case, though
that looked much trickier. There didn't seem to be a flag to check. This
would be better, imho, since we could still write the METALOG data
correctly (images created from these metalogs are imperfect due to this
relatively issue...).
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D44347
(cherry picked from commit d2a824c29d6925ba8675a811aa81f2ad7d92129d)
Update dependencies for the loader variations used for each
architecture.
Reviewed by: sjg
Differential Revision: https://reviews.freebsd.org/D39741
(cherry picked from commit 2008043f386721d58158e37e0d7e50df8095942d)
Some leaf directories were missing Makefile.depend files or needed
architecture-specific Makefile.depend.* files.
(cherry picked from commit e5b786625f7f82a1fa91e41823332459ea5550f9)
This option can be used to specify a format to use in DTrace output.
The following formats are supported:
- json
- xml
- html
- none (default DTrace output)
This is implemented using libxo and integrated into libdtrace. Client
code only works with the following API:
- dtrace_oformat_setup(dtrace_hdl_t *) -- to be called when output is starting.
- dtrace_oformat_teardown(dtrace_hdl_t *) -- to be called when output is finished
- dtrace_oformat(dtrace_hdl_t *) -- check if oformat is enabled.
- dtrace_set_outfp(FILE *) -- sets the output file for oformat.
- Ensure that oformat is correctly checked in the drop handler and record
processing callbacks.
This commit also adds tests which check if the generated output is
valid (JSON, XML) and extends the dtrace(1) describing the structured output.
Reviewed by: markj
Discussed with: phil
MFC after: 2 months
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D41745
(cherry picked from commit 93f27766a7e1af009c5b1e4ca538632857c91aa1)
The history section (added in CSRG) claimed both first appeared in v6.
Looking at the manuals in the TUHS archive, /dev/mem was in v1
and /dev/kmem was introduced in v5.
Reviewed by: imp
Obtained from: OpenBSD
Differential Revision: https://reviews.freebsd.org/D44486
(cherry picked from commit 8a56ef8d75b42ee7228247466c8c1712de6e3b6f)
this is a very early script to support cloudinit, it does not intend to
be a full featured cloudinit client, but will support a good enough
subset to be viable in most case.
It support nocloud and openstack config-2 config drive mode (iso9660 or
msdosfs)
The following features are currently supported:
- adding users (including a default user named 'freebsd' with password
'freebsd'
- adding groups
- adding ssh keys
- static ipv4, static ipv6, dynamic ipv4
With this one is able to use the 'bring your own image feature" out of
box.
It is expected that the script grows the support of other clouds
supporting cloud-init, contributions are welcomed.
It is designed to be only run once via the firstboot mecanism.
Sponsored by: OVHCloud
Differential Revision: https://reviews.freebsd.org/D44141
(cherry picked from commit a42d6f76018e4ed8324e319ab48aac904bda437c)
(cherry picked from commit c051f22bce42d920abba61bd7cf4ef5b6a270ffa)
(cherry picked from commit b8c053c9a612651d4909f7a323088f3e92485b7b)
(cherry picked from commit 9eae9233fdcc946945f4191e1413f548adfa2943)
There has not been planned changes so far to the interface. Remove the
section as it may not be relevant anymore.
Sponsored by: Juniper Networks, Inc.
Reviewed by: glebius
Differential Revision: https://reviews.freebsd.org/D44501
(cherry picked from commit 04b90ac0f9e883a485bad4b0edf516395596d17f)
This will be used by bhyve to build a device tree when booting arm64
guests.
Reviewed by: corvink, jhb
MFC after: 1 week
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D40994
(cherry picked from commit f29af8618bf94f1e58877feb6dbef35bd8bbf56b)
usb_vendors is a local copy of usb.ids (similar to pci_vendors)
It is now used by usbconfig(1) when listing the devices.
(cherry picked from commit db1d086b7372d1d3f4e7a475d8e92642e698c25d)
Correct the surname of one of authors of RFC 8985 and add RFC 5681 and
RFC 6937 (PRR: Proportional Rate Reduction for TCP).
Reviewed by: tuexen
Differential Revision: https://reviews.freebsd.org/D44399
(cherry picked from commit e29be07861173f87b2dd46db1d0c7cbcf72d4ad0)
Capability rights passed to cap_rights_* are (now) not simple bitmaks
and cannot be ORed together in general (although it will work for
certain subsets of rights).
Remove sentence that implied rights are masks. We already have the
sentence "The complete list of capability rights is provided below" so
listing the rights without an introductory sentence seems fine.
PR: 277057
(cherry picked from commit 2c5ff9118c1ed8483a9477db3595b1d154615e2c)
Also restore a comment line in an example which previously started with
-- $FreeBSD$ but was removed in 6ef644f588. The example shows the of
a module require statement block following the license header.
(cherry picked from commit f1bd7311fbd576a387042c0d81945b701c7459a3)
