The driver has a tunable hw.xn.enable_lro which is intended to control
whether LRO is enabled. This is currently non-functional - even if its
set to zero, the driver still requests LRO support from the backend.
This change fixes the feature so that if enable_lro is set to zero, LRO
no longer appears in the interface capabilities and LRO is not requested
from the backend.
PR: 273046
MFC after: 1 week
Reviewed by: royger
Differential Revision: https://reviews.freebsd.org/D41439
(cherry picked from commit da4b0d6eb06d730487d48e15d2d5e10c56266fd9)
When the cross-mount walking logic in vfs_lookup() was factored into
a separate function, the main cross-mount traversal loop was changed
from a do...while loop conditional on the current vnode having
VIRF_MOUNTPOINT set to an unconditional for(;;) loop. For the
unionfs 'crosslock' case in which the vnode may be re-locked, this
meant that continuing the loop upon finding inconsistent
v_mountedhere state would no longer branch to a check that the vnode
is in fact still a mountpoint. This would in turn lead to over-
iteration and, for INVARIANTS builds, a failed assert on the next
iteration.
Fix this by restoring the previous loop behavior.
Reported by: pho
Tested by: pho
Fixes: 80bd5ef070
(cherry picked from commit 586fed0b03561558644eccc37f824c7110500182)
Otherwise a KMSAN report (which panics the system by default) could
trigger a recursive panic.
MFC after: 1 week
Fixes: ca6cd604c8 ("kmsan: Use the correct origin bytes in kmsan_check_arg()")
(cherry picked from commit 346134f19aa9ba38a0384244609e2bcd4f7838f4)
This flag was leftover from testing and should have been removed.
PR: 274938
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 50565cf514d32ee02a24f420551c7e65631b0716)
pmap_kremove() is not called from within pmap.c, so there's no reason to
inline it. No functional change intended.
Reviewed by: alc, kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D42287
(cherry picked from commit 953345922398ae6c029713087c8494a346d90c85)
With clang it expands to "inline"; clang in practice may inline
externally visible functions even without the hint. So just remove the
hints and let the compiler decide.
No functional change intended. pmap.o is identical before and after
this patch.
Reviewed by: alc
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D42446
(cherry picked from commit 2b084923824e0d5133fe5aff580b4e562fe7dd19)
The benefit is that in the debugger you will see PF_DIVERT_MTAG_DIR_IN
instead of 1 when looking at a structure. And compilation time failure
if anybody sets it to a wrong value. Using "port" instead of "ndir" when
assigning a port improves readability of code.
Suggested by: glebius
MFC after: 3 weeks
X-MFC-With: fabf705f4b
(cherry picked from commit c1146e6ad67fb866c2472a1cbe5609fd939fd5ef)
Resolved conflict between ipfw and pf if both are used and pf wants to
do divert(4) by having separate mtags for pf and ipfw.
Also fix the incorrect 'rulenum' check, which caused the reported loop.
While here add a few test cases to ensure that divert-to works as
expected, even if ipfw is loaded.
divert(4)
PR: 272770
MFC after: 3 weeks
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D42142
(cherry picked from commit fabf705f4b5aff2fa2dc997c2d0afd62a6927e68)
Two additional stdio changes followed 86a16ada1e and need to be
reverted as part of the fflush fix.
This reverts commit 6e13794fbe.
This reverts commit bafaa70b6f.
Fixes: d09a3bf72c0b ("fflush: correct buffer handling in __sflush")
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D42491
(cherry picked from commit 4e0e01bf6511c28212d7dff94fe131a502e13026)
Approved by: so
errno.h was added in 44cf1e5eb4, which has been reverted.
Fixes: d09a3bf72c0b ("fflush: correct buffer handling in __sflush")
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 418f026bd5a5084c1c4e2e91ad38051f6caa928c)
Approved by: so
Allow SCTP state timeouts to be configured independently from TCP state
timeouts.
Reviewed by: tuexen
MFC after: 1 week
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D42393
(cherry picked from commit ca9dbde88122beb079b55fb4580b200f73044da6)
Allow the kernel to supply more array elements than expected, but cut
off when we hit what we think the maximum is. This will improve forward
compatibility (i.e. old userspace with newer kernel).
Reviewed by: zlei
MFC after: 1 week
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D42392
(cherry picked from commit 2b1eb63fc9c6d6f64baaac59b7ea7c2a3228c03f)
The initial multihome implementation was a little simplistic, and failed
to create all of the required states. Given a client with IP 1 and 2 and
a server with IP 3 and 4 we end up creating states for 1 - 3 and 2 - 3,
as well as 3 - 1 and 4 - 1, but not for 2 - 4.
Check for this.
MFC after: 1 week
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D42362
(cherry picked from commit 483d5c4075e06e52d5daa23aef2b4f4a2eb64443)
The existing code to create extra states when SCTP endpoints supplied
extra addresses missed a case. As a result we failed to generate all of
the required states.
Briefly, if host A has address 1 and 2 and host B has addres 3 and 4 we
generated 1 - 3 and 2 - 3, as well as 1 - 4, but not 2 - 4.
Store the list of endpoints supplied by each host and use those to
generate all of the connection permutations.
MFC after: 1 week
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D42361
(cherry picked from commit d6d38b02ee57920cc02a306a6d8d2aec9c4b759c)
This fixes CVE-2014-8611 correctly.
The commit that purported to fix CVE-2014-8611 (805288c2f0) only hid
it behind another bug. Two later commits, 86a16ada1e and
44cf1e5eb4, attempted to address this new bug but mostly just confused
the issue. This commit rolls back the three previous changes and fixes
CVE-2014-8611 correctly.
The key to understanding the bug (and the fix) is that `_w` has
different meanings for different stream modes. If the stream is
unbuffered, it is always zero. If the stream is fully buffered, it is
the amount of space remaining in the buffer (equal to the buffer size
when the buffer is empty and zero when the buffer is full). If the
stream is line-buffered, it is a negative number reflecting the amount
of data in the buffer (zero when the buffer is empty and negative buffer
size when the buffer is full).
At the heart of `fflush()`, we call the stream's write function in a
loop, where `t` represents the return value from the last call and `n`
the amount of data that remains to be written. When the write function
fails, we need to move the unwritten data to the top of the buffer
(unless nothing was written) and adjust `_p` (which points to the next
free location in the buffer) and `_w` accordingly. These variables have
already been set to the values they should have after a successful
flush, so instead of adjusting them down to reflect what was written,
we're adjusting them up to reflect what remains.
The bug was that while `_p` was always adjusted, we only adjusted `_w`
if the stream was fully buffered. The fix is to also adjust `_w` for
line-buffered streams. Everything else is just noise.
Fixes: 805288c2f0
Fixes: 86a16ada1e
Fixes: 44cf1e5eb4
Sponsored by: Klara, Inc.
(cherry picked from commit d09a3bf72c0b5f1779c52269671872368c99f02a)
Approved by: so
When the scheduler is stopped, mtx_unlock() turns into a no-op, so the
loop
while (mtx_owned(&Giant))
mtx_unlock(&Giant);
runs forever if the calling thread has Giant locked.
Reviewed by: mhorne
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D42460
(cherry picked from commit deacab756026f86515781944a9e0271e8db9f86b)
When IPv6 support was added to pfsync, PFSYNC_MINPKT increased such that
we always allocate enough space for either IPv4 or IPv6 headers. IPv6
headers are 20 bytes larger than IPv4 headers. When pfsync_sendout()
does its thing, it ends up allocating enough space for either; thus when
transmitting an IPv4 packet, the last 20 bytes of the buffer are left
uninitialized.
Fix the problem by stashing the length in a local variable and adjusting
it depending on the address family in use.
While here, just zero the entire buffer in one go rather than being
careful to initialize each subheader. This seems simpler and less error
prone.
Reported by: KMSAN
Reviewed by: kp
Fixes: 6fc7fc2dbb ("pfsync: transport over IPv6")
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D42461
(cherry picked from commit bd80263606d73c0391d3fa8a156fcca89a821810)
Previously, while checking name2addr capabilities, we mistakenly used
the addr2name set. This error could cause a process to inadvertently
reset its limitations.
Reported by: Shawn Webb <shawn.webb@hardenedbsd.org>
(cherry picked from commit afd74c400075d94e01dd3430844bb290834660ef)
atf_python may use vnet jails for creating an isolated test environment.
Mark these tests that require root user privileges.
Reviewed by: markj
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/863
(cherry picked from commit 4efaf43c6fa76e0daa1ed5ea535d863f15415bf4)
Very early on, the Src/Dst IP addresses were printed in hex notation
(%08x), which will always be 8-characters wide. It was later changed to
use a dot-decimal notation. Depending on the IP address length, the Src
and Dst headers may require a different padding. Use the source and
destination IP lengths as padding for the headers.
Also, print an Opts (options) header, if there are options present. It
has been abbreviated to Opts to match the length of the previous Data
header, removed in ef9e6dc7ee.
Print the header info such that no trailing spaces are produced. As
some git workflows may automatically trim them, and make the tests fail
(see 25b86f8559).
Before
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 f 00 007c 0001 0 0000 40 01 d868 192.0.2.1 192.0.2.2␣
After
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 f 00 007c 0001 0 0000 40 01 d868 192.0.2.1 192.0.2.2
And with options:
Before
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 f 00 007c 0001 0 0000 40 01 d868 192.0.2.1 192.0.2.2 01...
After
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst Opts
4 f 00 007c 0001 0 0000 40 01 d868 192.0.2.1 192.0.2.2 01...
Reviewed by: markj
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/863
Differential Revision: https://reviews.freebsd.org/D39561
(cherry picked from commit b86e4812cce88920cb592bd3b8571572373dbb9c)
When an echo reply packet is received, the data is compared with the
sent data. When a wrong byte is detected the command displays a report
with the differences.
The first row (the first 8-bytes of data after the ICMP header) should
include the time stamp (if data is at least 8-bytes), this value is not
taken into consideration for the comparison. The remaining rows
represent the data (padded pattern) received/sent, with each byte being
compared for differences.
Print the space before (not after), to add an extra space after cp:/dp:
for better readability when the first time stamp octet is not
zero-padded, and to remove trailing spaces in the output.
Before:
cp:99 0 0 c 1 5 c 0␣
ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd␣
...
After:
cp: 99 0 0 c 1 5 c 0
ab cd ab cd ab cd ab cd ab cd ab cd ab cd ab cd
...
Reviewed by: markj
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/863
Differential Revision: https://reviews.freebsd.org/D39492
(cherry picked from commit 8db2c5802abe14543504e17ab5ed6325088a63f3)
This is a first step towards a unification/simplification of ping/ping6
(internally). The end goal is to produce a standardized user-facing
output.
Before (ping6):
PING6(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2
16 bytes from ::1, icmp_seq=0 hlim=64 time=0.168 ms
16 bytes from ::1, icmp_seq=1 hlim=64 time=0.068 ms
--- 2001:db8::2 ping6 statistics ---
round-trip min/avg/max/std-dev = 0.068/0.118/0.168/0.050 ms
After (ping6):
PING(56=40+8+8 bytes) 2001:db8::1 --> 2001:db8::2
16 bytes from ::1, icmp_seq=0 hlim=64 time=0.168 ms
16 bytes from ::1, icmp_seq=1 hlim=64 time=0.068 ms
--- 2001:db8::2 ping statistics ---
round-trip min/avg/max/stddev = 0.068/0.118/0.168/0.050 ms
This has the nice side-effect of adding units to SIGINFO's statistics,
as printing numbers without units may not be of much help. Also
mentions the fact that these times are round-trip.
Before (ping/ping6 SIGINFO):
2/2 packets received (100.0%) 0.068 min / 0.118 avg / 0.168 max
After (ping/ping6 SIGINFO):
--- <ipv4/ipv6 address> ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.068/0.118/0.168/0.050 ms
In the case of a SIGINFO, the output will be printed to stderr, for both
ping and ping6.
Reviewed by: markj
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/863
Differential Revision: https://reviews.freebsd.org/D39126
(cherry picked from commit 03d4d1c778091a08277d070185a9c60c7a6d57e0)
Commit 46d7b45a26 introduced these code
paths. Test and document them.
- Add inner packet too short test
- Add inner IHL too short test
- Add quoted data too short test
- Add IHL too short test
- Add max inner packet IHL without payload test
Reviewed by: markj
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/863
Differential Revision: https://reviews.freebsd.org/D38528
(cherry picked from commit 20012a3a1a045bfe02bb64063cf0aba4d82471cb)
Avoid calculating the square root of negative zero, which can easily
happen on certain architectures when calculating the population standard
deviation with a sample size of one, e.g., 0.01 - (0.1 * 0.1) =
-0.000000.
Avoid returning a NaN by capping the minimum possible variance value to
zero (positive).
In the future, maybe skip reporting statistics at all for a single
sample.
Reported by: Jenkins
Reviewed by: asomers
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/863
Differential Revision: https://reviews.freebsd.org/D42114
(cherry picked from commit 4d348e83b738347f6aaf2b110459a01c5402d04e)
When returning from a Linux signal use the Linux sigframe to find the
register values to restore.
Remove the FreeBSD ucontext from the stack as it's now unneeded.
PR: 270250
Reviewed by: dchagin, emaste
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D42360
(cherry picked from commit 070a4ff82a34652d533f9315ae9ad0aa8f1fdeb2)
It is clearer to avoid reusing temporary variables for different
purposes.
Sponsored by: Klara, Inc.
(cherry picked from commit 1f90b4edffe815aebb35e74b79e10593b31f6b75)
This is a partial fix for building with -DWITH_ASAN.
Reviewed by: Fangrui Song, dim, emaste
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D42388
(cherry picked from commit 5c783a0b2826d1c6bbaa7d4b01a46d1dcdb39e8c)
This enum also exists as enum ibv_raw_packet_caps in libibverbs/verbs.h.
[khng: cherry-picked from Linux
ebaaee253ad3a3c573ab7d3d77e849056bdfa9ea]
Sponsored by: Juniper Networks, Inc.
MFC after: 7 days
Reviewed by: kib, zlei
Differential Revision: https://reviews.freebsd.org/D42177
(cherry picked from commit a69b6af2024fdd501b4bbc674092fb2b6d466364)
The specification for the Toeplitz function doesn't require to set the key
explicitly to be symmetric. In case a symmetric functionality is required
a symmetric key can be simply used.
Wrongly forcing the algorithm to symmetric causes the wrong packet
distribution and a performance degradation.
Link: https://lore.kernel.org/r/20190723065733.4899-7-leon@kernel.org
Fixes: 28d6137008b2 ("IB/mlx5: Add RSS QP support")
Signed-off-by: Yishai Hadas <yishaih@mellanox.com>
Reviewed-by: Alex Vainman <alexv@mellanox.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
[khng: cherry-picked from Linux
b7165bd0d6cbb93732559be6ea8774653b204480]
Sponsored by: Juniper Networks, Inc.
MFC after: 7 days
Reviewed by: kib, zlei
Differential Revision: https://reviews.freebsd.org/D42178
(cherry picked from commit 813d981e1e78daffde4b2a05df35d054fcb4343f)
This is based on upstream b74150490be904801378b2712fe0d532e1700124
but adapted to ATF.
Reviewed by: jlduran@gmail.com, markj, vangyzen
Differential Revision: https://reviews.freebsd.org/D42129
(cherry picked from commit 8f75390c66bdcde95e1b383aecaa27b4adf88279)
Trimming of the line feed is no longer necessary after
d993c6b0db
Currently the tests:
- bcachefs2
- gpkg-1-zst
- multiple
are failing, but a fix will be committed upstream.
This also reverts c5e957ad4 "file: fix test case for gpkg by removing the extra \n."
MFC after: 3 days
(cherry picked from commit 0d3a87569f14b0e48826bbaab5e05f35669bcebf)
PR#274346 reports a crash which appears to be caused by a NULL default session
being destroyed. This patch should avoid the crash.
PR: 274346
(cherry picked from commit db7257ef972ed75e33929d39fd791d3699b53c63)
When I implemented a test patch using Open Claim_Deleg_Cur_FH
I discovered that the NFSv4.1/4.2 server was broken for this
Open option. Fortunately it is never used by the FreeBSD
client and never used by other clients unless delegations
are enabled. (The FreeBSD NFSv4 server does not have delegations
enabled by default.)
Claim_Deleg_Cur_FH was broken because the code mistakenly
assumed a stateID argument, which is not the case.
This patch fixes the bug by changing the XDR parser to not
expect a stateID and to fill most of the stateID in from the
clientID. The clientID is the first two elements of the "other"
array for the stateID and is sufficient to identify which
client the delegation is issued to. Since there is only one
delegation issued to a client per file, this is sufficient to
locate the correct delegation.
If you are running non-FreeBSD NFSv4.1/4.2 mounts against the
FreeBSD server, you need this patch if you have delegations enabled.
PR: 274574
(cherry picked from commit f300335d9aebf2e99862bf783978bd44ede23550)
We never populate this, or use it, so remove it.
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 87c5032353106764f324e82541662f448e68f38a)
