git: 922cf8ac43ad - main - Use iflib_if_init_locked() during media change instead of iflib_init_locked().
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=922cf8ac43adc9983f9a9e05cfd838306c1ef483 commit 922cf8ac43adc9983f9a9e05cfd838306c1ef483 Author: Allan Jude AuthorDate: 2021-02-14 18:39:09 + Commit: Allan Jude CommitDate: 2021-02-16 19:02:00 + Use iflib_if_init_locked() during media change instead of iflib_init_locked(). iflib_init_locked() assumes that iflib_stop() has been called, however, it is not called for media changes. iflib_if_init_locked() calls stop then init, so fixes the problem. PR: 253473 MFC after: 3 days Reviewed by:markj Sponsored by: Juniper Networks, Inc., Klara, Inc. Differential Revision: https://reviews.freebsd.org/D28667 --- sys/net/iflib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/net/iflib.c b/sys/net/iflib.c index cce56d0e7335..a33ddbe5b8ae 100644 --- a/sys/net/iflib.c +++ b/sys/net/iflib.c @@ -2503,7 +2503,7 @@ iflib_media_change(if_t ifp) CTX_LOCK(ctx); if ((err = IFDI_MEDIA_CHANGE(ctx)) == 0) - iflib_init_locked(ctx); + iflib_if_init_locked(ctx); CTX_UNLOCK(ctx); return (err); } ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 37ef8d4cd6b5 - main - ig4(4): Increase timeout to about 1 second
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=37ef8d4cd6b570c0882e97826df961a5d6003d07
commit 37ef8d4cd6b570c0882e97826df961a5d6003d07
Author: Allan Jude
AuthorDate: 2021-02-18 15:47:17 +
Commit: Allan Jude
CommitDate: 2021-02-18 15:47:17 +
ig4(4): Increase timeout to about 1 second
Per the i2c spec, a slave device can stretch SCL idefinitely, so 25ms is
a bit arbitrary in general. smbus does specify an optional timeout
recovery mechanism to be done at about 25~35ms, but the IPMI SSIF spec
says that BMCs don't have any obligation to implement that.
The BMC on Altra seems to mostly respond within 25ms, but occasionally
will stretch SCL for ~300 msec.
Also, the count_us mechanism seems to actually timeout around 25%
earlier than it would claim (timeout really happening around 19ms
instead of 25ms).
Sponsored by: Ampere Computing LLC
Submitted by: Klara Inc.
Reviewed by:manu, imp
Differential Revision: https://reviews.freebsd.org/D28747
---
sys/dev/ichiic/ig4_iic.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/dev/ichiic/ig4_iic.c b/sys/dev/ichiic/ig4_iic.c
index b684dc7d87cd..4781154f03c8 100644
--- a/sys/dev/ichiic/ig4_iic.c
+++ b/sys/dev/ichiic/ig4_iic.c
@@ -267,7 +267,7 @@ wait_intr(ig4iic_softc_t *sc, uint32_t intr)
int error;
int txlvl = -1;
u_int count_us = 0;
- u_int limit_us = 25000; /* 25ms */
+ u_int limit_us = 100; /* 1sec */
for (;;) {
/*
___
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 8c280db0b4d2 - main - ipmi_ssif: Fix inverted for the end of multi-part reads
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=8c280db0b4d22ad92152bf05f941201428c80b87 commit 8c280db0b4d22ad92152bf05f941201428c80b87 Author: Allan Jude AuthorDate: 2021-02-18 15:48:01 + Commit: Allan Jude CommitDate: 2021-02-18 15:48:01 + ipmi_ssif: Fix inverted for the end of multi-part reads As per Intelligent Platform Management Interface Specification v2.0 rev. 1.1, section 12.5: SSIF Multi-part Read Transactions Sponsored by: Ampere Computing LLC Submitted by: Klara Inc. Reviewed by:manu Differential Revision: https://reviews.freebsd.org/D28749 --- sys/dev/ipmi/ipmi_ssif.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/dev/ipmi/ipmi_ssif.c b/sys/dev/ipmi/ipmi_ssif.c index 197c317dcc09..e761cfdeb081 100644 --- a/sys/dev/ipmi/ipmi_ssif.c +++ b/sys/dev/ipmi/ipmi_ssif.c @@ -297,7 +297,7 @@ read_start: len += count - 1; /* If this was the last block we are done. */ - if (ssif_buf[0] != 0xff) + if (ssif_buf[0] == 0xff) break; block++; } ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 18f552e647f5 - stable/13 - Use iflib_if_init_locked() during media change instead of iflib_init_locked().
The branch stable/13 has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=18f552e647f556dcbbebc627f534d15172e7b6a3 commit 18f552e647f556dcbbebc627f534d15172e7b6a3 Author: Allan Jude AuthorDate: 2021-02-14 18:39:09 + Commit: Allan Jude CommitDate: 2021-02-19 20:39:16 + Use iflib_if_init_locked() during media change instead of iflib_init_locked(). iflib_init_locked() assumes that iflib_stop() has been called, however, it is not called for media changes. iflib_if_init_locked() calls stop then init, so fixes the problem. PR: 253473 Sponsored by: Juniper Networks, Inc., Klara, Inc. (cherry picked from commit 922cf8ac43adc9983f9a9e05cfd838306c1ef483) --- sys/net/iflib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/net/iflib.c b/sys/net/iflib.c index cce56d0e7335..a33ddbe5b8ae 100644 --- a/sys/net/iflib.c +++ b/sys/net/iflib.c @@ -2503,7 +2503,7 @@ iflib_media_change(if_t ifp) CTX_LOCK(ctx); if ((err = IFDI_MEDIA_CHANGE(ctx)) == 0) - iflib_init_locked(ctx); + iflib_if_init_locked(ctx); CTX_UNLOCK(ctx); return (err); } ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 57d2eb8896c2 - stable/12 - Use iflib_if_init_locked() during media change instead of iflib_init_locked().
The branch stable/12 has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=57d2eb8896c2dd9ece7d99415893e2e8a8bfce82 commit 57d2eb8896c2dd9ece7d99415893e2e8a8bfce82 Author: Allan Jude AuthorDate: 2021-02-14 18:39:09 + Commit: Allan Jude CommitDate: 2021-02-19 21:06:15 + Use iflib_if_init_locked() during media change instead of iflib_init_locked(). iflib_init_locked() assumes that iflib_stop() has been called, however, it is not called for media changes. iflib_if_init_locked() calls stop then init, so fixes the problem. PR: 253473 Sponsored by: Juniper Networks, Inc., Klara, Inc. (cherry picked from commit 922cf8ac43adc9983f9a9e05cfd838306c1ef483) --- sys/net/iflib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/net/iflib.c b/sys/net/iflib.c index ae203d871a5c..f99b076cf0d3 100644 --- a/sys/net/iflib.c +++ b/sys/net/iflib.c @@ -2577,7 +2577,7 @@ iflib_media_change(if_t ifp) CTX_LOCK(ctx); if ((err = IFDI_MEDIA_CHANGE(ctx)) == 0) - iflib_init_locked(ctx); + iflib_if_init_locked(ctx); CTX_UNLOCK(ctx); return (err); } ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 11ba8488b863 - main - iicsmb: Request the bus recursively in bread()
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=11ba8488b8636a91668c0ee13d35d9e126dfba53
commit 11ba8488b8636a91668c0ee13d35d9e126dfba53
Author: Allan Jude
AuthorDate: 2021-02-23 20:06:16 +
Commit: Allan Jude
CommitDate: 2021-02-23 20:06:16 +
iicsmb: Request the bus recursively in bread()
ipmi_ssif will `smbus_request_bus()` to do multiple smbus requests
(which requests the iicbus), and then here in `bread()` we also need to
request the bus because `bread()` takes multiple transactions.
This causes deadlock as it's waiting for the bus it already has without
`IIC_RECURSIVE`.
Sponsored by: Ampere Computing LLC
Submitted by: Klara Inc.
Reviewed by:imp
Differential Revision: https://reviews.freebsd.org/D28742
---
sys/dev/iicbus/iicsmb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/dev/iicbus/iicsmb.c b/sys/dev/iicbus/iicsmb.c
index 8e79452cf2a8..38e67c40d488 100644
--- a/sys/dev/iicbus/iicsmb.c
+++ b/sys/dev/iicbus/iicsmb.c
@@ -455,7 +455,7 @@ iicsmb_bread(device_t dev, u_char slave, char cmd, u_char
*count, char *buf)
int error;
/* Have to do this because the command is split in two transfers. */
- error = iicbus_request_bus(parent, dev, IIC_WAIT);
+ error = iicbus_request_bus(parent, dev, IIC_WAIT | IIC_RECURSIVE);
if (error == 0)
error = TRANSFER_MSGS(dev, msgs);
if (error == 0) {
___
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: d0673fe160b0 - main - smbios: Move smbios driver out from x86 machdep code
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=d0673fe160b04f8162f380926d455dfb966f08fb
commit d0673fe160b04f8162f380926d455dfb966f08fb
Author: Allan Jude
AuthorDate: 2021-02-23 21:14:18 +
Commit: Allan Jude
CommitDate: 2021-02-23 21:17:09 +
smbios: Move smbios driver out from x86 machdep code
Add it to the x86 GENERIC and MINIMAL kernels
Sponsored by: Ampere Computing LLC
Submitted by: Klara Inc.
Reviewed by:rpokala
Differential Revision: https://reviews.freebsd.org/D28738
---
sys/amd64/conf/GENERIC| 1 +
sys/amd64/conf/MINIMAL| 1 +
sys/amd64/include/pc/bios.h | 32 -
sys/conf/files| 1 +
sys/conf/files.x86| 1 -
sys/dev/ipmi/ipmi_smbios.c| 3 ++
sys/{x86/bios => dev/smbios}/smbios.c | 22
sys/dev/smbios/smbios.h | 67 +++
sys/i386/conf/GENERIC | 1 +
sys/i386/conf/MINIMAL | 1 +
sys/i386/include/pc/bios.h| 32 -
sys/modules/bios/smbios/Makefile | 2 +-
12 files changed, 92 insertions(+), 72 deletions(-)
diff --git a/sys/amd64/conf/GENERIC b/sys/amd64/conf/GENERIC
index cdee2a91554b..f5f4bdf49c5f 100644
--- a/sys/amd64/conf/GENERIC
+++ b/sys/amd64/conf/GENERIC
@@ -129,6 +129,7 @@ device cpufreq
# Bus support.
device acpi
+device smbios
optionsIOMMU
device pci
optionsPCI_HP # PCI-Express native HotPlug
diff --git a/sys/amd64/conf/MINIMAL b/sys/amd64/conf/MINIMAL
index 603fce8320bb..b4c58993748a 100644
--- a/sys/amd64/conf/MINIMAL
+++ b/sys/amd64/conf/MINIMAL
@@ -103,6 +103,7 @@ device cpufreq
# Bus support.
device acpi
+device smbios
optionsIOMMU
device pci
diff --git a/sys/amd64/include/pc/bios.h b/sys/amd64/include/pc/bios.h
index 99e346a4a344..4b2d9af02558 100644
--- a/sys/amd64/include/pc/bios.h
+++ b/sys/amd64/include/pc/bios.h
@@ -64,38 +64,6 @@ struct bios_smap_xattr {
u_int32_t xattr;
} __packed;
-/*
- * System Management BIOS
- */
-#defineSMBIOS_START0xf
-#defineSMBIOS_STEP 0x10
-#defineSMBIOS_OFF 0
-#defineSMBIOS_LEN 4
-#defineSMBIOS_SIG "_SM_"
-
-struct smbios_eps {
- uint8_t anchor_string[4]; /* '_SM_' */
- uint8_t checksum;
- uint8_t length;
- uint8_t major_version;
- uint8_t minor_version;
- uint16_tmaximum_structure_size;
- uint8_t entry_point_revision;
- uint8_t formatted_area[5];
- uint8_t intermediate_anchor_string[5]; /* '_DMI_' */
- uint8_t intermediate_checksum;
- uint16_tstructure_table_length;
- uint32_tstructure_table_address;
- uint16_tnumber_structures;
- uint8_t BCD_revision;
-};
-
-struct smbios_structure_header {
- uint8_t type;
- uint8_t length;
- uint16_thandle;
-};
-
#ifdef _KERNEL
#define BIOS_PADDRTOVADDR(x) ((x) + KERNBASE)
#define BIOS_VADDRTOPADDR(x) ((x) - KERNBASE)
diff --git a/sys/conf/files b/sys/conf/files
index 58ec6f3caf2a..21990a4a762c 100644
--- a/sys/conf/files
+++ b/sys/conf/files
@@ -3096,6 +3096,7 @@ dev/sge/if_sge.c optional sge pci
dev/siis/siis.coptional siis pci
dev/sis/if_sis.c optional sis pci
dev/sk/if_sk.c optional sk pci
+dev/smbios/smbios.coptional smbios
dev/smbus/smb.coptional smb
dev/smbus/smbconf.coptional smbus
dev/smbus/smbus.c optional smbus
diff --git a/sys/conf/files.x86 b/sys/conf/files.x86
index cb7fabf44cfb..59ff39ca053d 100644
--- a/sys/conf/files.x86
+++ b/sys/conf/files.x86
@@ -293,7 +293,6 @@ x86/acpica/OsdEnvironment.c optionalacpi
x86/acpica/acpi_apm.c optionalacpi
x86/acpica/acpi_wakeup.c optionalacpi
x86/acpica/srat.c optionalacpi
-x86/bios/smbios.c optionalsmbios
x86/bios/vpd.c optionalvpd
x86/cpufreq/est.c optionalcpufreq
x86/cpufreq/hwpstate_amd.c optionalcpufreq
diff --git a/sys/dev/ipmi/ipmi_smbios.c b/sys/dev/ipmi/ipmi_smbios.c
index df0a7f70e9cd..308a3b076ef7 100644
--- a/sys/dev/ipmi/ipmi_smbios.c
+++ b/sys/dev/ipmi/ipmi_smbios.c
@@ -39,7 +39,10 @@ __FBSDID("$FreeBSD$");
#include
#include
+#if defined(__amd64__) || defined(__i386__)
#include
+#endif
+#include
#ifdef LOCAL_MODULE
#include
diff --git a/sys/x86/bios/smbios.c b/sys/dev/smbios/smbios.c
similarity index 93%
rename from sys
git: ba6e37e47f41 - main - ipmi_smbios: Deduplicate smbios entry point discovery logic
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=ba6e37e47f41484fc61cc034619267b82ddd056c
commit ba6e37e47f41484fc61cc034619267b82ddd056c
Author: Allan Jude
AuthorDate: 2021-02-23 21:17:37 +
Commit: Allan Jude
CommitDate: 2021-02-23 21:17:37 +
ipmi_smbios: Deduplicate smbios entry point discovery logic
Sponsored by: Ampere Computing LLC
Submitted by: Klara Inc.
Reviewed by:imp
Differential Revision: https://reviews.freebsd.org/D28743
---
sys/dev/ipmi/ipmi_isa.c| 1 +
sys/dev/ipmi/ipmi_pci.c| 1 +
sys/dev/ipmi/ipmi_smbios.c | 46 --
sys/dev/ipmi/ipmi_smbus.c | 1 +
sys/dev/smbios/smbios.c| 21 +
sys/dev/smbios/smbios.h| 2 ++
6 files changed, 42 insertions(+), 30 deletions(-)
diff --git a/sys/dev/ipmi/ipmi_isa.c b/sys/dev/ipmi/ipmi_isa.c
index cdff305b07ec..2831b53e4586 100644
--- a/sys/dev/ipmi/ipmi_isa.c
+++ b/sys/dev/ipmi/ipmi_isa.c
@@ -286,3 +286,4 @@ static driver_t ipmi_isa_driver = {
};
DRIVER_MODULE(ipmi_isa, isa, ipmi_isa_driver, ipmi_devclass, 0, 0);
+MODULE_DEPEND(ipmi_isa, smbios, 1, 1, 1);
diff --git a/sys/dev/ipmi/ipmi_pci.c b/sys/dev/ipmi/ipmi_pci.c
index d4598f9db873..1697a4c31c2a 100644
--- a/sys/dev/ipmi/ipmi_pci.c
+++ b/sys/dev/ipmi/ipmi_pci.c
@@ -179,6 +179,7 @@ static driver_t ipmi_pci_driver = {
};
DRIVER_MODULE(ipmi_pci, pci, ipmi_pci_driver, ipmi_devclass, 0, 0);
+MODULE_DEPEND(ipmi_pci, smbios, 1, 1, 1);
/* Native IPMI on PCI driver. */
diff --git a/sys/dev/ipmi/ipmi_smbios.c b/sys/dev/ipmi/ipmi_smbios.c
index 308a3b076ef7..735f404eec5f 100644
--- a/sys/dev/ipmi/ipmi_smbios.c
+++ b/sys/dev/ipmi/ipmi_smbios.c
@@ -88,7 +88,7 @@ MTX_SYSINIT(ipmi_info, &ipmi_info_mtx, "ipmi info", MTX_DEF);
static voidipmi_smbios_probe(struct ipmi_get_info *);
static int smbios_cksum(struct smbios_eps *);
-static voidsmbios_walk_table(uint8_t *, int, smbios_callback_t,
+static voidsmbios_walk_table(uint8_t *, vm_size_t, smbios_callback_t,
void *);
static voidsmbios_ipmi_info(struct smbios_structure_header *, void *);
@@ -147,11 +147,12 @@ smbios_ipmi_info(struct smbios_structure_header *h, void
*arg)
}
static void
-smbios_walk_table(uint8_t *p, int entries, smbios_callback_t cb, void *arg)
+smbios_walk_table(uint8_t *table, vm_size_t size, smbios_callback_t cb, void
*arg)
{
struct smbios_structure_header *s;
+ uint8_t *p;
- while (entries--) {
+ for (p = table; p < table + size;) {
s = (struct smbios_structure_header *)p;
cb(s, arg);
@@ -160,8 +161,11 @@ smbios_walk_table(uint8_t *p, int entries,
smbios_callback_t cb, void *arg)
* formatted area of this structure.
*/
p += s->length;
- while (!(p[0] == 0 && p[1] == 0))
+ while (!(p[0] == 0 && p[1] == 0)) {
p++;
+ if (p >= table + size)
+ return;
+ }
/*
* Skip over the double-nul to the start of the next
@@ -179,41 +183,23 @@ smbios_walk_table(uint8_t *p, int entries,
smbios_callback_t cb, void *arg)
static void
ipmi_smbios_probe(struct ipmi_get_info *info)
{
- struct smbios_eps *header;
void *table;
- u_int32_t addr;
+ vm_paddr_t table_paddr;
+ vm_size_t table_size;
+ int err;
bzero(info, sizeof(struct ipmi_get_info));
- /* Find the SMBIOS table header. */
- addr = bios_sigsearch(SMBIOS_START, SMBIOS_SIG, SMBIOS_LEN,
- SMBIOS_STEP, SMBIOS_OFF);
- if (addr == 0)
+ err = smbios_get_structure_table(&table_paddr, &table_size);
+ if (err != 0)
return;
- /*
-* Map the header. We first map a fixed size to get the actual
-* length and then map it a second time with the actual length so
-* we can verify the checksum.
-*/
- header = pmap_mapbios(addr, sizeof(struct smbios_eps));
- table = pmap_mapbios(addr, header->length);
- pmap_unmapbios((vm_offset_t)header, sizeof(struct smbios_eps));
- header = table;
- if (smbios_cksum(header) != 0) {
- pmap_unmapbios((vm_offset_t)header, header->length);
- return;
- }
+ table = pmap_mapbios(table_paddr, table_size);
- /* Now map the actual table and walk it looking for an IPMI entry. */
- table = pmap_mapbios(header->structure_table_address,
- header->structure_table_length);
- smbios_walk_table(table, header->number_structures, smbios_ipmi_info,
- info);
+ smbios_walk_table(table, table_size, smbios_ipmi_info, info);
/* Unmap everything. */
- pma
git: d2589dc3d56c - main - ipmi_smbios: remove unused smbios_cksum function
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=d2589dc3d56ce063b28b54df11c950c3758d9578
commit d2589dc3d56ce063b28b54df11c950c3758d9578
Author: Allan Jude
AuthorDate: 2021-02-23 21:24:12 +
Commit: Allan Jude
CommitDate: 2021-02-23 21:24:47 +
ipmi_smbios: remove unused smbios_cksum function
Sponsored By: Ampere Computing LLC
Submitted By: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D28751
---
sys/dev/ipmi/ipmi_smbios.c | 17 -
1 file changed, 17 deletions(-)
diff --git a/sys/dev/ipmi/ipmi_smbios.c b/sys/dev/ipmi/ipmi_smbios.c
index 735f404eec5f..f7bc50d5173e 100644
--- a/sys/dev/ipmi/ipmi_smbios.c
+++ b/sys/dev/ipmi/ipmi_smbios.c
@@ -87,7 +87,6 @@ static struct mtx ipmi_info_mtx;
MTX_SYSINIT(ipmi_info, &ipmi_info_mtx, "ipmi info", MTX_DEF);
static voidipmi_smbios_probe(struct ipmi_get_info *);
-static int smbios_cksum(struct smbios_eps *);
static voidsmbios_walk_table(uint8_t *, vm_size_t, smbios_callback_t,
void *);
static voidsmbios_ipmi_info(struct smbios_structure_header *, void *);
@@ -237,19 +236,3 @@ ipmi_smbios_identify(struct ipmi_get_info *info)
return (info->iface_type != 0);
}
-
-static int
-smbios_cksum(struct smbios_eps *e)
-{
- u_int8_t *ptr;
- u_int8_t cksum;
- int i;
-
- ptr = (u_int8_t *)e;
- cksum = 0;
- for (i = 0; i < e->length; i++) {
- cksum += ptr[i];
- }
-
- return (cksum);
-}
___
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 4a5dfded17ef - main - Revert "ipmi_smbios: remove unused smbios_cksum function"
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=4a5dfded17efb48fd04bcc8d69b70597b8cea808
commit 4a5dfded17efb48fd04bcc8d69b70597b8cea808
Author: Allan Jude
AuthorDate: 2021-02-23 22:48:37 +
Commit: Allan Jude
CommitDate: 2021-02-23 22:48:59 +
Revert "ipmi_smbios: remove unused smbios_cksum function"
This reverts commit d2589dc3d56ce063b28b54df11c950c3758d9578.
---
sys/dev/ipmi/ipmi_smbios.c | 17 +
1 file changed, 17 insertions(+)
diff --git a/sys/dev/ipmi/ipmi_smbios.c b/sys/dev/ipmi/ipmi_smbios.c
index f7bc50d5173e..735f404eec5f 100644
--- a/sys/dev/ipmi/ipmi_smbios.c
+++ b/sys/dev/ipmi/ipmi_smbios.c
@@ -87,6 +87,7 @@ static struct mtx ipmi_info_mtx;
MTX_SYSINIT(ipmi_info, &ipmi_info_mtx, "ipmi info", MTX_DEF);
static voidipmi_smbios_probe(struct ipmi_get_info *);
+static int smbios_cksum(struct smbios_eps *);
static voidsmbios_walk_table(uint8_t *, vm_size_t, smbios_callback_t,
void *);
static voidsmbios_ipmi_info(struct smbios_structure_header *, void *);
@@ -236,3 +237,19 @@ ipmi_smbios_identify(struct ipmi_get_info *info)
return (info->iface_type != 0);
}
+
+static int
+smbios_cksum(struct smbios_eps *e)
+{
+ u_int8_t *ptr;
+ u_int8_t cksum;
+ int i;
+
+ ptr = (u_int8_t *)e;
+ cksum = 0;
+ for (i = 0; i < e->length; i++) {
+ cksum += ptr[i];
+ }
+
+ return (cksum);
+}
___
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 6d67af5f8e66 - main - Revert "ipmi_smbios: Deduplicate smbios entry point discovery logic"
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=6d67af5f8e66218ab0b3d927837fe00903c2feac
commit 6d67af5f8e66218ab0b3d927837fe00903c2feac
Author: Allan Jude
AuthorDate: 2021-02-23 22:48:42 +
Commit: Allan Jude
CommitDate: 2021-02-23 22:49:13 +
Revert "ipmi_smbios: Deduplicate smbios entry point discovery logic"
This depends on another commit that has not landed yet, and broke the build
This reverts commit ba6e37e47f41484fc61cc034619267b82ddd056c.
---
sys/dev/ipmi/ipmi_isa.c| 1 -
sys/dev/ipmi/ipmi_pci.c| 1 -
sys/dev/ipmi/ipmi_smbios.c | 46 ++
sys/dev/ipmi/ipmi_smbus.c | 1 -
sys/dev/smbios/smbios.c| 21 -
sys/dev/smbios/smbios.h| 2 --
6 files changed, 30 insertions(+), 42 deletions(-)
diff --git a/sys/dev/ipmi/ipmi_isa.c b/sys/dev/ipmi/ipmi_isa.c
index 2831b53e4586..cdff305b07ec 100644
--- a/sys/dev/ipmi/ipmi_isa.c
+++ b/sys/dev/ipmi/ipmi_isa.c
@@ -286,4 +286,3 @@ static driver_t ipmi_isa_driver = {
};
DRIVER_MODULE(ipmi_isa, isa, ipmi_isa_driver, ipmi_devclass, 0, 0);
-MODULE_DEPEND(ipmi_isa, smbios, 1, 1, 1);
diff --git a/sys/dev/ipmi/ipmi_pci.c b/sys/dev/ipmi/ipmi_pci.c
index 1697a4c31c2a..d4598f9db873 100644
--- a/sys/dev/ipmi/ipmi_pci.c
+++ b/sys/dev/ipmi/ipmi_pci.c
@@ -179,7 +179,6 @@ static driver_t ipmi_pci_driver = {
};
DRIVER_MODULE(ipmi_pci, pci, ipmi_pci_driver, ipmi_devclass, 0, 0);
-MODULE_DEPEND(ipmi_pci, smbios, 1, 1, 1);
/* Native IPMI on PCI driver. */
diff --git a/sys/dev/ipmi/ipmi_smbios.c b/sys/dev/ipmi/ipmi_smbios.c
index 735f404eec5f..308a3b076ef7 100644
--- a/sys/dev/ipmi/ipmi_smbios.c
+++ b/sys/dev/ipmi/ipmi_smbios.c
@@ -88,7 +88,7 @@ MTX_SYSINIT(ipmi_info, &ipmi_info_mtx, "ipmi info", MTX_DEF);
static voidipmi_smbios_probe(struct ipmi_get_info *);
static int smbios_cksum(struct smbios_eps *);
-static voidsmbios_walk_table(uint8_t *, vm_size_t, smbios_callback_t,
+static voidsmbios_walk_table(uint8_t *, int, smbios_callback_t,
void *);
static voidsmbios_ipmi_info(struct smbios_structure_header *, void *);
@@ -147,12 +147,11 @@ smbios_ipmi_info(struct smbios_structure_header *h, void
*arg)
}
static void
-smbios_walk_table(uint8_t *table, vm_size_t size, smbios_callback_t cb, void
*arg)
+smbios_walk_table(uint8_t *p, int entries, smbios_callback_t cb, void *arg)
{
struct smbios_structure_header *s;
- uint8_t *p;
- for (p = table; p < table + size;) {
+ while (entries--) {
s = (struct smbios_structure_header *)p;
cb(s, arg);
@@ -161,11 +160,8 @@ smbios_walk_table(uint8_t *table, vm_size_t size,
smbios_callback_t cb, void *ar
* formatted area of this structure.
*/
p += s->length;
- while (!(p[0] == 0 && p[1] == 0)) {
+ while (!(p[0] == 0 && p[1] == 0))
p++;
- if (p >= table + size)
- return;
- }
/*
* Skip over the double-nul to the start of the next
@@ -183,23 +179,41 @@ smbios_walk_table(uint8_t *table, vm_size_t size,
smbios_callback_t cb, void *ar
static void
ipmi_smbios_probe(struct ipmi_get_info *info)
{
+ struct smbios_eps *header;
void *table;
- vm_paddr_t table_paddr;
- vm_size_t table_size;
- int err;
+ u_int32_t addr;
bzero(info, sizeof(struct ipmi_get_info));
- err = smbios_get_structure_table(&table_paddr, &table_size);
- if (err != 0)
+ /* Find the SMBIOS table header. */
+ addr = bios_sigsearch(SMBIOS_START, SMBIOS_SIG, SMBIOS_LEN,
+ SMBIOS_STEP, SMBIOS_OFF);
+ if (addr == 0)
return;
- table = pmap_mapbios(table_paddr, table_size);
+ /*
+* Map the header. We first map a fixed size to get the actual
+* length and then map it a second time with the actual length so
+* we can verify the checksum.
+*/
+ header = pmap_mapbios(addr, sizeof(struct smbios_eps));
+ table = pmap_mapbios(addr, header->length);
+ pmap_unmapbios((vm_offset_t)header, sizeof(struct smbios_eps));
+ header = table;
+ if (smbios_cksum(header) != 0) {
+ pmap_unmapbios((vm_offset_t)header, header->length);
+ return;
+ }
- smbios_walk_table(table, table_size, smbios_ipmi_info, info);
+ /* Now map the actual table and walk it looking for an IPMI entry. */
+ table = pmap_mapbios(header->structure_table_address,
+ header->structure_table_length);
+ smbios_walk_table(table, header->number_structures, smbios_ipmi_info,
+ info);
/* Un
git: 1eb60112b22e - releng/13.0 - Use iflib_if_init_locked() during media change instead of iflib_init_locked().
The branch releng/13.0 has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=1eb60112b22ea0d61f0d1ba4ac0cca56a0c034c8 commit 1eb60112b22ea0d61f0d1ba4ac0cca56a0c034c8 Author: Allan Jude AuthorDate: 2021-02-14 18:39:09 + Commit: Allan Jude CommitDate: 2021-02-25 20:41:10 + Use iflib_if_init_locked() during media change instead of iflib_init_locked(). iflib_init_locked() assumes that iflib_stop() has been called, however, it is not called for media changes. iflib_if_init_locked() calls stop then init, so fixes the problem. PR: 253473 Sponsored by: Juniper Networks, Inc., Klara, Inc. Approved by:re (gjb) (cherry picked from commit 922cf8ac43adc9983f9a9e05cfd838306c1ef483) --- sys/net/iflib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/net/iflib.c b/sys/net/iflib.c index d10c11f865fe..506861b65570 100644 --- a/sys/net/iflib.c +++ b/sys/net/iflib.c @@ -2503,7 +2503,7 @@ iflib_media_change(if_t ifp) CTX_LOCK(ctx); if ((err = IFDI_MEDIA_CHANGE(ctx)) == 0) - iflib_init_locked(ctx); + iflib_if_init_locked(ctx); CTX_UNLOCK(ctx); return (err); } ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: b84d0aaa4e64 - main - ifconfig: add vlanproto "qiniq" as an alias for "802.1ad"
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=b84d0aaa4e64fb95b105d0d38f6295fec7a82110
commit b84d0aaa4e64fb95b105d0d38f6295fec7a82110
Author: Allan Jude
AuthorDate: 2021-01-19 23:22:07 +
Commit: Allan Jude
CommitDate: 2021-01-20 15:50:45 +
ifconfig: add vlanproto "qiniq" as an alias for "802.1ad"
QinQ is better known by this name, so accept it as an alias
Reported-by:Mike Geiger
Reviewed-by:melifaro, hselasky, rpokala
MFC-with: 366917
Sponsored-by: Klara Inc.
Differential-Revision: https://reviews.freebsd.org/D28245
---
sbin/ifconfig/ifconfig.8 | 5 +
sbin/ifconfig/ifvlan.c | 5 +++--
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8
index c1ffb6a82ccc..bbaaa00d419b 100644
--- a/sbin/ifconfig/ifconfig.8
+++ b/sbin/ifconfig/ifconfig.8
@@ -2706,6 +2706,11 @@ and
.Dq 802.1ad .
The default encapsulation protocol is
.Dq 802.1Q .
+The
+.Dq 802.1ad
+protocol is also commonly known as
+.Dq QinQ ;
+either name can be used.
.It Cm vlanpcp Ar priority_code_point
Priority code point
.Pq Dv PCP
diff --git a/sbin/ifconfig/ifvlan.c b/sbin/ifconfig/ifvlan.c
index f316b0404459..60f97338ee27 100644
--- a/sbin/ifconfig/ifvlan.c
+++ b/sbin/ifconfig/ifvlan.c
@@ -68,6 +68,7 @@ static const char rcsid[] =
static const char proto_8021Q[] = "802.1q";
static const char proto_8021ad[] = "802.1ad";
+static const char proto_qinq[] = "qinq";
static struct vlanreq params = {
.vlr_tag= NOTAG,
@@ -220,8 +221,8 @@ DECL_CMD_FUNC(setvlanproto, val, d)
if (strncasecmp(proto_8021Q, val,
strlen(proto_8021Q)) == 0) {
params.vlr_proto = ETHERTYPE_VLAN;
- } else if (strncasecmp(proto_8021ad, val,
- strlen(proto_8021ad)) == 0) {
+ } else if ((strncasecmp(proto_8021ad, val, strlen(proto_8021ad)) == 0)
+ || (strncasecmp(proto_qinq, val, strlen(proto_qinq)) == 0)) {
params.vlr_proto = ETHERTYPE_QINQ;
} else
errx(1, "invalid value for vlanproto");
___
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 2c8bb126de56 - main - bhyve: Add missing man page section on the nodelete block-device-option
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=2c8bb126de56ce49637ad752e78957d9ebafba02 commit 2c8bb126de56ce49637ad752e78957d9ebafba02 Author: Allan Jude AuthorDate: 2021-01-21 17:17:57 + Commit: Allan Jude CommitDate: 2021-01-21 20:30:55 + bhyve: Add missing man page section on the nodelete block-device-option Reviewed by:jhb Differential Revision: https://reviews.freebsd.org/D28272 --- usr.sbin/bhyve/bhyve.8 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/usr.sbin/bhyve/bhyve.8 b/usr.sbin/bhyve/bhyve.8 index 5d8f37813e7f..ef20763624e4 100644 --- a/usr.sbin/bhyve/bhyve.8 +++ b/usr.sbin/bhyve/bhyve.8 @@ -348,6 +348,8 @@ Force the file to be opened read-only. Specify the logical and physical sector sizes of the emulated disk. The physical sector size is optional and is equal to the logical sector size if not explicitly specified. +.It Li nodelete +Disable emulation of guest trim requests via DIOCGDELETE requests. .El .Pp SCSI devices: ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: e6d795d15469 - main - Fix manpage markup in 2c8bb126de56ce49637ad752e78957d9ebafba02
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=e6d795d154699cd3ddadc0ea18f015cccb024464 commit e6d795d154699cd3ddadc0ea18f015cccb024464 Author: Allan Jude AuthorDate: 2021-01-21 20:32:15 + Commit: Allan Jude CommitDate: 2021-01-21 20:32:15 + Fix manpage markup in 2c8bb126de56ce49637ad752e78957d9ebafba02 --- usr.sbin/bhyve/bhyve.8 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/usr.sbin/bhyve/bhyve.8 b/usr.sbin/bhyve/bhyve.8 index ef20763624e4..115727a136a7 100644 --- a/usr.sbin/bhyve/bhyve.8 +++ b/usr.sbin/bhyve/bhyve.8 @@ -349,7 +349,9 @@ Specify the logical and physical sector sizes of the emulated disk. The physical sector size is optional and is equal to the logical sector size if not explicitly specified. .It Li nodelete -Disable emulation of guest trim requests via DIOCGDELETE requests. +Disable emulation of guest trim requests via +.Dv DIOCGDELETE +requests. .El .Pp SCSI devices: ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
Re: git: ed9b7f441466 - main - armv8crypto: add AES-GCM support
On 2021-01-22 10:25, Ed Maste wrote: > On Fri, 22 Jan 2021 at 00:45, Oleksandr Tymoshenko wrote: >> >> The branch main has been updated by gonzo: >> >> URL: >> https://cgit.FreeBSD.org/src/commit/?id=ed9b7f4414663703e0e9581a730c4bdfaca5687f >> >> armv8crypto: add AES-GCM support > > Do you intend to bring this into stable/13 also? > Yes we do. Oleksandr has already spoken to re@ about it. -- Allan Jude ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: f9322ff6efa5 - main - Enable KERN_TLS by default in ARM64 GENERIC
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=f9322ff6efa508df8368e31e3c4880cff11b0e23 commit f9322ff6efa508df8368e31e3c4880cff11b0e23 Author: Allan Jude AuthorDate: 2021-01-28 20:48:37 + Commit: Allan Jude CommitDate: 2021-01-28 20:48:37 + Enable KERN_TLS by default in ARM64 GENERIC Sponsored-by: Ampere Computing Submitted-by: Klara, Inc. --- sys/arm64/conf/GENERIC | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/arm64/conf/GENERIC b/sys/arm64/conf/GENERIC index d1ad101975de..59f89555dd88 100644 --- a/sys/arm64/conf/GENERIC +++ b/sys/arm64/conf/GENERIC @@ -36,6 +36,7 @@ options TCP_OFFLOAD # TCP offload optionsTCP_HHOOK # hhook(9) framework for TCP optionsTCP_RFC7413 # TCP Fast Open optionsSCTP_SUPPORT# Allow kldload of SCTP +optionsKERN_TLS# TLS transmit & receive offload optionsFFS # Berkeley Fast Filesystem optionsSOFTUPDATES # Enable FFS soft updates support optionsUFS_ACL # Support for access control lists ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: e6b7809cdfc4 - main - Flip the default for OPENSSL_KTLS to arm64
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=e6b7809cdfc4389d2fc1df2c7fdff08a4a110c77
commit e6b7809cdfc4389d2fc1df2c7fdff08a4a110c77
Author: Allan Jude
AuthorDate: 2021-01-28 21:28:18 +
Commit: Allan Jude
CommitDate: 2021-01-28 21:35:42 +
Flip the default for OPENSSL_KTLS to arm64
This is required to make use of KERN_TLS
Reviewed by:jhb
Sponsored by: Ampere Computing
Submitted by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D28405
---
share/mk/src.opts.mk | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/share/mk/src.opts.mk b/share/mk/src.opts.mk
index dec6eca65bed..e531916b5976 100644
--- a/share/mk/src.opts.mk
+++ b/share/mk/src.opts.mk
@@ -330,8 +330,8 @@ BROKEN_OPTIONS+=LOADER_UBOOT
BROKEN_OPTIONS+=LOADER_GELI LOADER_LUA
.endif
-# Kernel TLS is enabled by default on amd64
-.if ${__T} == "amd64"
+# Kernel TLS is enabled by default on amd64 and aarch64
+.if ${__T} == "aarch64" || ${__T} == "amd64"
__DEFAULT_YES_OPTIONS+=OPENSSL_KTLS
.else
__DEFAULT_NO_OPTIONS+=OPENSSL_KTLS
___
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: b1f1917de48b - main - Regenerate src.conf.5 after enabling MK_OPENSSL_KTLS for arm64
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=b1f1917de48b3eda092937c2af159aa5bc116d37 commit b1f1917de48b3eda092937c2af159aa5bc116d37 Author: Allan Jude AuthorDate: 2021-01-28 21:31:40 + Commit: Allan Jude CommitDate: 2021-01-28 21:35:43 + Regenerate src.conf.5 after enabling MK_OPENSSL_KTLS for arm64 --- share/man/man5/src.conf.5 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/share/man/man5/src.conf.5 b/share/man/man5/src.conf.5 index ddcf01cc2903..dee1ffb84e20 100644 --- a/share/man/man5/src.conf.5 +++ b/share/man/man5/src.conf.5 @@ -1306,12 +1306,12 @@ is set explicitly) Set to not include kernel TLS support in OpenSSL. .Pp This is a default setting on -arm/armv6, arm/armv7, arm64/aarch64, i386/i386, mips/mips, mips/mips64, powerpc/powerpc, powerpc/powerpc64, riscv/riscv64 and riscv/riscv64sf. +arm/armv6, arm/armv7, i386/i386, mips/mips, mips/mips64, powerpc/powerpc, powerpc/powerpc64, riscv/riscv64 and riscv/riscv64sf. .It Va WITH_OPENSSL_KTLS Set to include kernel TLS support in OpenSSL. .Pp This is a default setting on -amd64/amd64. +amd64/amd64 and arm64/aarch64. .It Va WITHOUT_PAM Set to not build PAM library and modules. .Bf -symbolic ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
Re: git: 64881da47807 - main - ixgbe: Restore AIM support
On 5/3/2021 2:12 PM, Kevin Bowling wrote: > Should we enable this by default? My primary concern in the review is > not making things like this require expert tuning. If it is expected to > be necessary, which Gallatin@ makes a case for, let’s toggle it on by > default. > > On Mon, May 3, 2021 at 10:56 AM Mark Johnston <mailto:ma...@freebsd.org>> wrote: > > The branch main has been updated by markj: > > URL: > > https://cgit.FreeBSD.org/src/commit/?id=64881da478071431a2d9e62613997a5772c56cdf > > <https://cgit.FreeBSD.org/src/commit/?id=64881da478071431a2d9e62613997a5772c56cdf> > > commit 64881da478071431a2d9e62613997a5772c56cdf > Author: Sai Rajesh Tallamraju <mailto:stall...@netapp.com>> > AuthorDate: 2021-05-03 17:45:00 + > Commit: Mark Johnston > CommitDate: 2021-05-03 17:47:14 + > It looks like AIM was on by default in 11.x and earlier: hw.ix.enable_aim: 1 hw.igb.enable_aim: 1 So I think enabling it does make sense in light of Drew's comments about mbuf sorting only being useful in the face of something like AIM where there will be a sufficient number of mbufs to sort. -- Allan Jude ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 30659d1dcbcc - main - Add support for adding default routes for other FIBs
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=30659d1dcbcc92016833f0956461314ed501ac83
commit 30659d1dcbcc92016833f0956461314ed501ac83
Author: Andrew Fengler
AuthorDate: 2021-05-12 01:59:10 +
Commit: Allan Jude
CommitDate: 2021-05-12 01:59:10 +
Add support for adding default routes for other FIBs
Make rc.d/routing read defaultrouter_fibN and ipv6_defaultrouter_fibN, and
set it as the default gateway for FIB N, where N is from 1 to (net.fibs - 1)
This allows adding gateways for multiple FIBs in the same format as the main
gateway. (FIB 0)
Reviewed by:olivier, rgrimes, bcr (man page)
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D22706
---
libexec/rc/rc.conf | 2 ++
libexec/rc/rc.d/routing | 38 --
share/man/man5/rc.conf.5 | 11 ++-
3 files changed, 48 insertions(+), 3 deletions(-)
diff --git a/libexec/rc/rc.conf b/libexec/rc/rc.conf
index 998cd3fd14d6..d941a20b6e07 100644
--- a/libexec/rc/rc.conf
+++ b/libexec/rc/rc.conf
@@ -437,6 +437,7 @@ bsnmpd_flags="" # Flags for bsnmpd.
### Network routing options: ###
defaultrouter="NO" # Set to default gateway (or NO).
+#defaultrouter_fibN="192.0.2.1"# Use this form to set a gateway for
FIB N
static_arp_pairs=""# Set to static ARP list (or leave empty).
static_ndp_pairs=""# Set to static NDP list (or leave empty).
static_routes="" # Set to static route list (or leave empty).
@@ -499,6 +500,7 @@ ipv6_activate_all_interfaces="NO" # If NO, interfaces
which have no
# reason.
ipv6_defaultrouter="NO"# Set to IPv6 default gateway (or NO).
#ipv6_defaultrouter="2002:c058:6301::" # Use this for 6to4 (RFC 3068)
+#ipv6_defaultrouter_fibN="2001:db8::" # Use this form to set a gateway for
FIB N
ipv6_static_routes="" # Set to static route list (or leave empty).
#ipv6_static_routes="xxx" # An example to set fec0:::0006::/64
# route toward loopback interface.
diff --git a/libexec/rc/rc.d/routing b/libexec/rc/rc.d/routing
index 043c5b15fbaa..37b3da0f0cef 100755
--- a/libexec/rc/rc.d/routing
+++ b/libexec/rc/rc.d/routing
@@ -140,11 +140,12 @@ get_fibmod()
static_inet()
{
- local _action _if _skip _fibmod
+ local _action _if _skip _fibmod _fibs
_action=$1
_if=$2
_fibmod=`get_fibmod`
+ _fibs=$((`${SYSCTL_N} net.fibs` - 1))
# Provide loopback route in all routing tables. This has to come
# first so that any following routes can be added.
@@ -161,6 +162,22 @@ static_inet()
;;
esac
+ # Add default routes for fibs
+ if [ ${_fibs} -gt 0 ]; then
+ for _fibnum in `jot ${_fibs}` ; do
+ eval _fib_gw=\${defaultrouter_fib${_fibnum}}
+ case ${_fib_gw} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ static_routes="${static_routes}
_default_fib${_fibnum}"
+ eval route__default_fib${fibnum}="'default
${_fib_gw} -fib ${_fibnum}'"
+ ;;
+ esac
+ done
+ fi
+
+
# Install configured routes.
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
@@ -185,11 +202,12 @@ static_inet()
static_inet6()
{
- local _action _if _skip fibmod allfibs
+ local _action _if _skip fibmod _fibs
_action=$1
_if=$2
fibmod=`get_fibmod`
+ _fibs=$((`${SYSCTL_N} net.fibs` - 1))
# Add pre-defined static routes first.
ipv6_static_routes="_v4mapped _v4compat ${ipv6_static_routes}"
@@ -221,6 +239,22 @@ static_inet6()
;;
esac
+ # Add default routes for fibs
+ if [ ${_fibs} -gt 0 ]; then
+ for _fibnum in `jot ${_fibs}` ; do
+ eval _fib_gw=\${ipv6_defaultrouter_fib${_fibnum}}
+ case ${_fib_gw} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ ipv6_static_routes="${static_routes}
_default_fib${_fibnum}"
+ eval ipv6_route__default_fib${fibnum}="'default
${_fib_gw} -fib ${_fibnum}'"
+ ;;
+ esac
+ done
+ fi
+
+
# Install configured routes.
if [ -n "${ipv6_static
git: 73e77cf90ba3 - main - Netmap: fix documentation for NR_REG_NIC_SW mode
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=73e77cf90ba35809adefcc6cd129da5ef15c8e9d commit 73e77cf90ba35809adefcc6cd129da5ef15c8e9d Author: Allan Jude AuthorDate: 2021-05-17 23:07:53 + Commit: Allan Jude CommitDate: 2021-05-22 01:44:23 + Netmap: fix documentation for NR_REG_NIC_SW mode The correct character to add to the intername name is *, not + Reviewed by:vmaffione, bcr Sponsored By: Klara Inc. Differential Revision: https://reviews.freebsd.org/D30324 --- share/man/man4/netmap.4 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/share/man/man4/netmap.4 b/share/man/man4/netmap.4 index d247c44b0df8..732e3bfaeaab 100644 --- a/share/man/man4/netmap.4 +++ b/share/man/man4/netmap.4 @@ -655,7 +655,7 @@ In the example below, "netmap:foo" is any valid netmap port name. (default) all hardware ring pairs .It NR_REG_SW"netmap:foo^" the ``host rings'', connecting to the host stack. -.It NR_REG_NIC_SW"netmap:foo+" +.It NR_REG_NIC_SW"netmap:foo*" all hardware rings and the host rings .It NR_REG_ONE_NIC "netmap:foo-i" only the i-th hardware ring pair, where the number is in ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 20d684ecc9d7 - main - pkt-gen: Allow limiting received packets
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=20d684ecc9d7d9128774f2e3c287058868f48bb0
commit 20d684ecc9d7d9128774f2e3c287058868f48bb0
Author: Allan Jude
AuthorDate: 2021-05-17 23:04:08 +
Commit: Allan Jude
CommitDate: 2021-05-22 01:55:29 +
pkt-gen: Allow limiting received packets
Makes pkg-gen quit after having received N packets, the same way it
already supports doing for sent packets.
Reviewed by:vmaffione
Sponsored by: Klara Inc.
MFC after: 4 weeks
Differential Revision: https://reviews.freebsd.org/D30266
---
tools/tools/netmap/pkt-gen.c | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/tools/tools/netmap/pkt-gen.c b/tools/tools/netmap/pkt-gen.c
index c958af3b9781..b24915e150a5 100644
--- a/tools/tools/netmap/pkt-gen.c
+++ b/tools/tools/netmap/pkt-gen.c
@@ -1816,6 +1816,7 @@ receiver_body(void *data)
struct netmap_ring *rxring;
int i;
struct my_ctrs cur;
+ uint64_t n = targ->g->npackets / targ->g->nthreads;
memset(&cur, 0, sizeof(cur));
@@ -1843,7 +1844,7 @@ receiver_body(void *data)
/* main loop, exit after 1s silence */
clock_gettime(CLOCK_REALTIME_PRECISE, &targ->tic);
if (targ->g->dev_type == DEV_TAP) {
- while (!targ->cancel) {
+ while (!targ->cancel && (n == 0 || targ->ctr.pkts < n)) {) {
char buf[MAX_BODYSIZE];
/* XXX should we poll ? */
i = read(targ->g->main_fd, buf, sizeof(buf));
@@ -1855,7 +1856,7 @@ receiver_body(void *data)
}
#ifndef NO_PCAP
} else if (targ->g->dev_type == DEV_PCAP) {
- while (!targ->cancel) {
+ while (!targ->cancel && (n == 0 || targ->ctr.pkts < n)) {
/* XXX should we poll ? */
pcap_dispatch(targ->g->p, targ->g->burst, receive_pcap,
(u_char *)&targ->ctr);
@@ -1866,7 +1867,7 @@ receiver_body(void *data)
int dump = targ->g->options & OPT_DUMP;
nifp = targ->nmd->nifp;
- while (!targ->cancel) {
+ while (!targ->cancel && (n == 0 || targ->ctr.pkts < n)) {
/* Once we started to receive packets, wait at most 1 seconds
before quitting. */
#ifdef BUSYWAIT
___
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 198566e04a1d - main - hwpmc: Move 4 bits of mode to extend class size to 8
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=198566e04a1d6cf92a7152d8f7acd441b4498f34 commit 198566e04a1d6cf92a7152d8f7acd441b4498f34 Author: Aleksandr Rybalko AuthorDate: 2021-05-26 18:39:00 + Commit: Allan Jude CommitDate: 2021-05-26 18:40:58 + hwpmc: Move 4 bits of mode to extend class size to 8 Since r289025 we have had at least 5 bits class size. Before that it was even 16 bits, but macro handling conversion between pmcid and set of CPU, MODE, CLASS, ROWINDEX still use 4 bits class size and 8 bits mode size. This breaks some libpmc API methods, like pmc_capabilities. Since we only have 4 modes and MODE field is a number (not a bitfield) this patch moves 4 bits of mode to extend the CLASS field. Reviewed by:mhorne, emaste Sponsored by: Ampere Computing LLC Submitted by: Klara Inc. Differential Revision: https://reviews.freebsd.org/D30047 --- sys/sys/pmc.h | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/sys/sys/pmc.h b/sys/sys/pmc.h index 9328a7bdfa05..7491a43023f3 100644 --- a/sys/sys/pmc.h +++ b/sys/sys/pmc.h @@ -404,7 +404,7 @@ typedef uint64_tpmc_value_t; * | CPU | PMC MODE | CLASS | ROW INDEX | * +---+---+---+ * - * where CPU is 12 bits, MODE 8, CLASS 4, and ROW INDEX 8 Field 'CPU' + * where CPU is 12 bits, MODE 4, CLASS 8, and ROW INDEX 8 Field 'CPU' * is set to the requested CPU for system-wide PMCs or PMC_CPU_ANY for * process-mode PMCs. Field 'PMC MODE' is the allocated PMC mode. * Field 'PMC CLASS' is the class of the PMC. Field 'ROW INDEX' is the @@ -415,12 +415,12 @@ typedef uint64_t pmc_value_t; */ #definePMC_ID_TO_ROWINDEX(ID) ((ID) & 0xFF) -#definePMC_ID_TO_CLASS(ID) (((ID) & 0xF00) >> 8) -#definePMC_ID_TO_MODE(ID) (((ID) & 0xFF000) >> 12) +#definePMC_ID_TO_CLASS(ID) (((ID) & 0xFF00) >> 8) +#definePMC_ID_TO_MODE(ID) (((ID) & 0xF) >> 16) #definePMC_ID_TO_CPU(ID) (((ID) & 0xFFF0) >> 20) #definePMC_ID_MAKE_ID(CPU,MODE,CLASS,ROWINDEX) \ - CPU) & 0xFFF) << 20) | (((MODE) & 0xFF) << 12) |\ - (((CLASS) & 0xF) << 8) | ((ROWINDEX) & 0xFF)) + CPU) & 0xFFF) << 20) | (((MODE) & 0xF) << 16) | \ + (((CLASS) & 0xFF) << 8) | ((ROWINDEX) & 0xFF)) /* * Data structures for system calls supported by the pmc driver. ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: c6a311678d66 - main - nextboot: Improve the shell code used to figure out the zpool name
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=c6a311678d667cb1e7b5417edb6567b7f07d148d
commit c6a311678d667cb1e7b5417edb6567b7f07d148d
Author: Allan Jude
AuthorDate: 2021-06-04 22:09:43 +
Commit: Allan Jude
CommitDate: 2021-06-05 14:32:18 +
nextboot: Improve the shell code used to figure out the zpool name
Reported by:imp
Reviewed by:imp, tsoome
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D30650
---
sbin/reboot/nextboot.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sbin/reboot/nextboot.sh b/sbin/reboot/nextboot.sh
index 849d7a377714..2350c42516bf 100644
--- a/sbin/reboot/nextboot.sh
+++ b/sbin/reboot/nextboot.sh
@@ -109,7 +109,7 @@ fi
zfs=$(df -Tn "/boot/" 2>/dev/null | while read _fs _type _other ; do
[ "zfs" = "${_type}" ] || continue
- echo "${_fs%/ROOT/*}"
+ echo "${_fs%%/*}"
done)
set -e
___
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 781c3b51193e - main - Add Thomas Munro to the committers graph
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=781c3b51193e5bd99773439192ca68fdfdd9c330 commit 781c3b51193e5bd99773439192ca68fdfdd9c330 Author: Allan Jude AuthorDate: 2021-06-30 20:09:18 + Commit: Allan Jude CommitDate: 2021-06-30 20:09:18 + Add Thomas Munro to the committers graph Reported by:gnn --- share/misc/committers-src.dot | 3 +++ 1 file changed, 3 insertions(+) diff --git a/share/misc/committers-src.dot b/share/misc/committers-src.dot index fcb6f6b800dd..677b12a41e72 100644 --- a/share/misc/committers-src.dot +++ b/share/misc/committers-src.dot @@ -353,6 +353,7 @@ thj [label="Tom Jones\n...@freebsd.org\n2018/04/07"] thompsa [label="Andrew Thompson\nthom...@freebsd.org\n2005/05/25"] ticso [label="Bernd Walter\nti...@freebsd.org\n2002/01/31"] tijl [label="Tijl Coosemans\nt...@freebsd.org\n2010/07/16"] +tmunro [label="Thomas Munro\ntmu...@freebsd.org\n2018/10/15"] tsoome [label="Toomas Soome\ntso...@freebsd.org\n2016/08/10"] trasz [label="Edward Tomasz Napierala\ntr...@freebsd.org\n2008/08/22"] trhodes [label="Tom Rhodes\ntrho...@freebsd.org\n2002/05/28"] @@ -410,6 +411,7 @@ adrian -> sgalabov ae -> melifaro allanjude -> rew +allanjude -> tmunro allanjude -> tsoome alc -> davide @@ -745,6 +747,7 @@ mdodd -> jake mike -> das mjg -> kaktus +mjg -> tmunro mlaier -> benjsc mlaier -> dhartmei ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 33ff39796ffe - main - Add zfskeys rc.d script for auto-loading encryption keys
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=33ff39796ffe469a764e485ac49c31700a51fd6f
commit 33ff39796ffe469a764e485ac49c31700a51fd6f
Author: Eirik Øverby
AuthorDate: 2021-07-28 16:11:35 +
Commit: Allan Jude
CommitDate: 2021-07-28 16:26:45 +
Add zfskeys rc.d script for auto-loading encryption keys
ZFS in 13 supports encryption, but for the use case where keys are
available in plaintext on disk there is no mechanism for automatically
loading keys on startup.
This script will, by default, look for any dataset with encryption and
keylocation prefixed with file://. It will attempt to unlock, timing
out after 10 seconds for each dataset found.
User can optionally specify explicitly which datasets to attempt to
unlock.
Also supports (optionally by force) unmounting filesystems and unloading
associated keys.
Sponsored by: Modirum
Differential Revision: https://reviews.freebsd.org/D30015
---
libexec/rc/rc.d/zfskeys | 119
1 file changed, 119 insertions(+)
diff --git a/libexec/rc/rc.d/zfskeys b/libexec/rc/rc.d/zfskeys
new file mode 100755
index ..c558eb3af5d7
--- /dev/null
+++ b/libexec/rc/rc.d/zfskeys
@@ -0,0 +1,119 @@
+#!/bin/sh
+
+# PROVIDE: zfskeys
+# REQUIRE: zpool
+# BEFORE: zfs zvol
+
+. /etc/rc.subr
+
+name="zfskeys"
+desc="Load dataset keys"
+rcvar="zfskeys_enable"
+extra_commands="status"
+start_cmd="load_zfs_keys"
+stop_cmd="unload_zfs_keys"
+status_cmd="status_zfs_keys"
+required_modules="zfs"
+
+# Note that zfskeys_datasets must have any character found in IFS escaped.
+# Forcibly unmounting/unloading only applies to filesystems; ignored for zvols.
+: ${zfskeys_datasets:=''}
+: ${zfskeys_timeout:=10}
+: ${zfskeys_unload_force:='NO'}
+
+encode_args()
+{
+shift && [ $# -gt 0 ] && printf "%s\0" "$@" | b64encode -r -
+}
+
+list_datasets()
+{
+if [ "$zfskeys_args" ]; then
+echo "$zfskeys_args" | b64decode -r |
+xargs -0 zfs get -H -s local -o value,name keylocation
+elif [ ! "$zfskeys_datasets" ]; then
+zfs get -H -t filesystem,volume -s local -o value,name keylocation
+else
+echo "$zfskeys_datasets" | xargs -n 1 zfs get -H -s local \
+-o value,name keylocation
+fi
+}
+
+unlock_fs()
+{
+local fs="$1"
+local kl="$2"
+local k="${kl##file://}"
+
+if [ "$k" ] && [ -f "$k" ] && [ -s "$k" ] && [ -r "$k" ]; then
+if [ "$(zfs get -Ho value keystatus "$fs")" = 'available' ]; then
+echo "Key already loaded for $fs."
+elif keytest=$(zfs load-key -n -L "$kl" "$fs" 2>&1); then
+echo "Loading key for $fs from $kl.."
+if ! keyload=$(timeout $zfskeys_timeout zfs load-key -L "$kl"
"$fs" 2>&1) ; then
+if [ $? -eq 124 ]; then
+echo "Timed out loading key from $kl for $fs"
+else
+echo "Failed to load key from $kl for $fs:"
+echo "$keyload"
+fi
+fi
+else
+echo "Could not verify key from $kl for $fs:"
+echo "$keytest"
+fi
+else
+echo "Key file $k not found, empty or unreadable. Skipping $fs.."
+fi
+}
+
+lock_fs()
+{
+local fs=$1
+
+if [ "$(zfs get -Ho value mounted "$fs")" = 'yes' ]; then
+if checkyesno zfskeys_unload_force ; then
+zfs unmount -f "$fs" && echo "Forcibly unmounted $fs."
+else
+zfs unmount "$fs" && echo "Unmounted $fs."
+fi
+fi
+if [ "$?" -ne 0 ]; then
+echo "Unmount failed for $fs"
+elif [ "$(zfs get -Ho value keystatus "$fs")" = 'available' ]; then
+zfs unload-key "$fs" && echo "Unloaded key for $fs."
+else
+echo "No key loaded for $fs."
+fi
+}
+
+status_zfs_keys()
+{
+local IFS=$(printf "\t")
+
+list_datasets | while read kl fs ; do
+echo "$fs: $(zfs get -Ho value keystatus "$fs")"
+done
+}
+
+load_zfs_keys()
+{
+local IFS=$(printf "\t")
+
+list_datasets | while read kl fs ; do
+unlock_fs "$fs" "$kl"
+done
+}
+
+unload_zfs_keys()
+{
+local IFS=$(printf "\t")
+
+list_datasets | while read kl fs ; do
+lock_fs "$fs"
+done
+}
+
+zfskeys_args=$(encode_args "$@")
+load_rc_config $name
+run_rc_command "$1"
___
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: e81b2348d210 - stable/13 - Add zfskeys rc.d script for auto-loading encryption keys
The branch stable/13 has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=e81b2348d2101f33043e4a4ab3e24f4d69bac073
commit e81b2348d2101f33043e4a4ab3e24f4d69bac073
Author: Eirik Øverby
AuthorDate: 2021-07-28 16:11:35 +
Commit: Allan Jude
CommitDate: 2021-08-22 14:53:21 +
Add zfskeys rc.d script for auto-loading encryption keys
ZFS in 13 supports encryption, but for the use case where keys are
available in plaintext on disk there is no mechanism for automatically
loading keys on startup.
This script will, by default, look for any dataset with encryption and
keylocation prefixed with file://. It will attempt to unlock, timing
out after 10 seconds for each dataset found.
User can optionally specify explicitly which datasets to attempt to
unlock.
Also supports (optionally by force) unmounting filesystems and unloading
associated keys.
Sponsored by: Modirum
Differential Revision: https://reviews.freebsd.org/D30015
(cherry picked from commit 33ff39796ffe469a764e485ac49c31700a51fd6f)
---
libexec/rc/rc.d/zfskeys | 119
1 file changed, 119 insertions(+)
diff --git a/libexec/rc/rc.d/zfskeys b/libexec/rc/rc.d/zfskeys
new file mode 100755
index ..c558eb3af5d7
--- /dev/null
+++ b/libexec/rc/rc.d/zfskeys
@@ -0,0 +1,119 @@
+#!/bin/sh
+
+# PROVIDE: zfskeys
+# REQUIRE: zpool
+# BEFORE: zfs zvol
+
+. /etc/rc.subr
+
+name="zfskeys"
+desc="Load dataset keys"
+rcvar="zfskeys_enable"
+extra_commands="status"
+start_cmd="load_zfs_keys"
+stop_cmd="unload_zfs_keys"
+status_cmd="status_zfs_keys"
+required_modules="zfs"
+
+# Note that zfskeys_datasets must have any character found in IFS escaped.
+# Forcibly unmounting/unloading only applies to filesystems; ignored for zvols.
+: ${zfskeys_datasets:=''}
+: ${zfskeys_timeout:=10}
+: ${zfskeys_unload_force:='NO'}
+
+encode_args()
+{
+shift && [ $# -gt 0 ] && printf "%s\0" "$@" | b64encode -r -
+}
+
+list_datasets()
+{
+if [ "$zfskeys_args" ]; then
+echo "$zfskeys_args" | b64decode -r |
+xargs -0 zfs get -H -s local -o value,name keylocation
+elif [ ! "$zfskeys_datasets" ]; then
+zfs get -H -t filesystem,volume -s local -o value,name keylocation
+else
+echo "$zfskeys_datasets" | xargs -n 1 zfs get -H -s local \
+-o value,name keylocation
+fi
+}
+
+unlock_fs()
+{
+local fs="$1"
+local kl="$2"
+local k="${kl##file://}"
+
+if [ "$k" ] && [ -f "$k" ] && [ -s "$k" ] && [ -r "$k" ]; then
+if [ "$(zfs get -Ho value keystatus "$fs")" = 'available' ]; then
+echo "Key already loaded for $fs."
+elif keytest=$(zfs load-key -n -L "$kl" "$fs" 2>&1); then
+echo "Loading key for $fs from $kl.."
+if ! keyload=$(timeout $zfskeys_timeout zfs load-key -L "$kl"
"$fs" 2>&1) ; then
+if [ $? -eq 124 ]; then
+echo "Timed out loading key from $kl for $fs"
+else
+echo "Failed to load key from $kl for $fs:"
+echo "$keyload"
+fi
+fi
+else
+echo "Could not verify key from $kl for $fs:"
+echo "$keytest"
+fi
+else
+echo "Key file $k not found, empty or unreadable. Skipping $fs.."
+fi
+}
+
+lock_fs()
+{
+local fs=$1
+
+if [ "$(zfs get -Ho value mounted "$fs")" = 'yes' ]; then
+if checkyesno zfskeys_unload_force ; then
+zfs unmount -f "$fs" && echo "Forcibly unmounted $fs."
+else
+zfs unmount "$fs" && echo "Unmounted $fs."
+fi
+fi
+if [ "$?" -ne 0 ]; then
+echo "Unmount failed for $fs"
+elif [ "$(zfs get -Ho value keystatus "$fs")" = 'available' ]; then
+zfs unload-key "$fs" && echo "Unloaded key for $fs."
+else
+echo "No key loaded for $fs."
+fi
+}
+
+status_zfs_keys()
+{
+local IFS=$(printf "\t")
+
+list_datasets | while read kl fs ; do
+echo "$fs: $(zfs get -Ho value keystatus "$fs")"
+done
+}
+
+load_zfs_keys()
+{
+local IFS=$(printf "\t")
+
+list_datasets | while read kl fs ; do
+unlock_fs "$fs" "$kl"
+done
+}
+
+unload_zfs_keys()
+{
+local IFS=$(printf "\t")
+
+list_datasets | while read kl fs ; do
+lock_fs "$fs"
+done
+}
+
+zfskeys_args=$(encode_args "$@")
+load_rc_config $name
+run_rc_command "$1"
___
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: df91d8167d97 - main - mutex(9): correct man page, mtx_trylock_spin returns int not void
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=df91d8167d97fcddc5831af923729d000c7f5b45 commit df91d8167d97fcddc5831af923729d000c7f5b45 Author: Allan Jude AuthorDate: 2022-05-22 00:13:16 + Commit: Allan Jude CommitDate: 2023-02-18 02:30:18 + mutex(9): correct man page, mtx_trylock_spin returns int not void Reviewed by:kib, pauamma, debdrup Sponsored by: Klara Inc. Differential Revision: https://reviews.freebsd.org/D35283 --- share/man/man9/mutex.9 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/share/man/man9/mutex.9 b/share/man/man9/mutex.9 index 43d523a56c98..cb207ff4596a 100644 --- a/share/man/man9/mutex.9 +++ b/share/man/man9/mutex.9 @@ -28,7 +28,7 @@ .\"from BSDI $Id: mutex.4,v 1.1.2.3 1998/04/27 22:53:13 ewv Exp $ .\" $FreeBSD$ .\" -.Dd May 24, 2017 +.Dd February 17, 2023 .Dt MUTEX 9 .Os .Sh NAME @@ -74,7 +74,7 @@ .Fn mtx_trylock "struct mtx *mutex" .Ft int .Fn mtx_trylock_flags "struct mtx *mutex" "int flags" -.Ft void +.Ft int .Fn mtx_trylock_spin "struct mtx *mutex" .Ft int .Fn mtx_trylock_spin_flags "struct mtx *mutex" "int flags"
git: 8b04c1cbfc1c - main - Fix per-jail zfs.mount_snapshot setting
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=8b04c1cbfc1cb71a1ce53b3a7855f1d45866fcfb
commit 8b04c1cbfc1cb71a1ce53b3a7855f1d45866fcfb
Author: Allan Jude
AuthorDate: 2023-02-18 01:44:34 +
Commit: Allan Jude
CommitDate: 2023-02-21 22:42:28 +
Fix per-jail zfs.mount_snapshot setting
When jail.conf set the nopersist flag during startup, it was
incorrectly destroying the per-jail ZFS settings.
PR: 260160
Reported by:imp (previous version), mm (upstream), freqlabs (upstream)
MFC after: immediately
Sponsored by: Modirum MDPay
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D38662
---
sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c | 16 ++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
index a1e0595bda34..9fb2873132bf 100644
--- a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
+++ b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
@@ -2495,7 +2495,9 @@ zfs_jailparam_set(void *obj, void *data)
mount_snapshot = -1;
else
jsys = JAIL_SYS_NEW;
- if (jsys == JAIL_SYS_NEW) {
+ switch (jsys) {
+ case JAIL_SYS_NEW:
+ {
/* "zfs=new" or "zfs.*": the prison gets its own ZFS info. */
struct zfs_jailparam *zjp;
@@ -2513,12 +2515,22 @@ zfs_jailparam_set(void *obj, void *data)
if (mount_snapshot != -1)
zjp->mount_snapshot = mount_snapshot;
mtx_unlock(&pr->pr_mtx);
- } else {
+ break;
+ }
+ case JAIL_SYS_INHERIT:
/* "zfs=inherit": inherit the parent's ZFS info. */
mtx_lock(&pr->pr_mtx);
osd_jail_del(pr, zfs_jailparam_slot);
mtx_unlock(&pr->pr_mtx);
+ break;
+ case -1:
+ /*
+* If the setting being changed is not ZFS related
+* then do nothing.
+*/
+ break;
}
+
return (0);
}
git: 426ed0052540 - stable/13 - Fix per-jail zfs.mount_snapshot setting
The branch stable/13 has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=426ed00525409d084e97dc44397722aff2cc0bb3
commit 426ed00525409d084e97dc44397722aff2cc0bb3
Author: Allan Jude
AuthorDate: 2023-02-18 01:44:34 +
Commit: Allan Jude
CommitDate: 2023-02-21 22:47:21 +
Fix per-jail zfs.mount_snapshot setting
When jail.conf set the nopersist flag during startup, it was
incorrectly destroying the per-jail ZFS settings.
PR: 260160
Reported by:imp (previous version), mm (upstream), freqlabs (upstream)
MFC after: immediately
Sponsored by: Modirum MDPay
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D38662
(cherry picked from commit 8b04c1cbfc1cb71a1ce53b3a7855f1d45866fcfb)
---
sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c | 16 ++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
index 85449ebb9d97..6ffd36885655 100644
--- a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
+++ b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
@@ -2525,7 +2525,9 @@ zfs_jailparam_set(void *obj, void *data)
mount_snapshot = -1;
else
jsys = JAIL_SYS_NEW;
- if (jsys == JAIL_SYS_NEW) {
+ switch (jsys) {
+ case JAIL_SYS_NEW:
+ {
/* "zfs=new" or "zfs.*": the prison gets its own ZFS info. */
struct zfs_jailparam *zjp;
@@ -2543,12 +2545,22 @@ zfs_jailparam_set(void *obj, void *data)
if (mount_snapshot != -1)
zjp->mount_snapshot = mount_snapshot;
mtx_unlock(&pr->pr_mtx);
- } else {
+ break;
+ }
+ case JAIL_SYS_INHERIT:
/* "zfs=inherit": inherit the parent's ZFS info. */
mtx_lock(&pr->pr_mtx);
osd_jail_del(pr, zfs_jailparam_slot);
mtx_unlock(&pr->pr_mtx);
+ break;
+ case -1:
+ /*
+* If the setting being changed is not ZFS related
+* then do nothing.
+*/
+ break;
}
+
return (0);
}
git: b772fe0d6626 - releng/13.2 - Fix per-jail zfs.mount_snapshot setting
The branch releng/13.2 has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=b772fe0d662650d8a517bc07f3c433486c24b347
commit b772fe0d662650d8a517bc07f3c433486c24b347
Author: Allan Jude
AuthorDate: 2023-02-18 01:44:34 +
Commit: Allan Jude
CommitDate: 2023-02-22 13:48:20 +
Fix per-jail zfs.mount_snapshot setting
When jail.conf set the nopersist flag during startup, it was
incorrectly destroying the per-jail ZFS settings.
PR: 260160
Reviewed by:imp (previous version), mm (upstream), freqlabs (upstream)
Approved by:re (cperciva)
Sponsored by: Modirum MDPay
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D38662
(cherry picked from commit 8b04c1cbfc1cb71a1ce53b3a7855f1d45866fcfb)
(cherry picked from commit 426ed00525409d084e97dc44397722aff2cc0bb3)
---
sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c | 16 ++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
index 85449ebb9d97..6ffd36885655 100644
--- a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
+++ b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vfsops.c
@@ -2525,7 +2525,9 @@ zfs_jailparam_set(void *obj, void *data)
mount_snapshot = -1;
else
jsys = JAIL_SYS_NEW;
- if (jsys == JAIL_SYS_NEW) {
+ switch (jsys) {
+ case JAIL_SYS_NEW:
+ {
/* "zfs=new" or "zfs.*": the prison gets its own ZFS info. */
struct zfs_jailparam *zjp;
@@ -2543,12 +2545,22 @@ zfs_jailparam_set(void *obj, void *data)
if (mount_snapshot != -1)
zjp->mount_snapshot = mount_snapshot;
mtx_unlock(&pr->pr_mtx);
- } else {
+ break;
+ }
+ case JAIL_SYS_INHERIT:
/* "zfs=inherit": inherit the parent's ZFS info. */
mtx_lock(&pr->pr_mtx);
osd_jail_del(pr, zfs_jailparam_slot);
mtx_unlock(&pr->pr_mtx);
+ break;
+ case -1:
+ /*
+* If the setting being changed is not ZFS related
+* then do nothing.
+*/
+ break;
}
+
return (0);
}
git: 71af885af9c8 - main - u3g(4): Add device ID for the Quectel EM160R
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=71af885af9c86a900beec09d98fb9d305c303744
commit 71af885af9c86a900beec09d98fb9d305c303744
Author: Allan Jude
AuthorDate: 2023-03-01 14:01:19 +
Commit: Allan Jude
CommitDate: 2023-03-01 14:05:24 +
u3g(4): Add device ID for the Quectel EM160R
Also add the EM160R to the man page, noting the work-around
required to make it function properly in PPP mode.
MFC-After: 1 week
Sponsored by: Metify Inc.
Sponsored by: Klara Inc.
---
share/man/man4/u3g.4 | 10 ++
sys/dev/usb/serial/u3g.c | 1 +
sys/dev/usb/usbdevs | 1 +
3 files changed, 12 insertions(+)
diff --git a/share/man/man4/u3g.4 b/share/man/man4/u3g.4
index b5ad77d21c39..e8990968fd7b 100644
--- a/share/man/man4/u3g.4
+++ b/share/man/man4/u3g.4
@@ -74,6 +74,8 @@ Qualcomm Inc. GOBI 1000, 2000 and 3000 devices with MDM1000
or MDM2000 chipsets
.It
QUECTEL EC25, EM05, EM12-G, EP06-E.
.It
+Quectel EM160R (see CAVEATS)
+.It
Huawei B190, E180v, E220, E3372, E3372v153, E5573Cs322, ('')
.It
Novatel U740, MC950D, X950D, etc.
@@ -149,6 +151,14 @@ driver was written by
and
.An Nick Hibma Aq Mt n_hi...@freebsd.org .
Hardware for testing was provided by AnyWi Technologies, Leiden, NL.
+.Sh CAVEATS
+The Quectel EM160R is not officially supported in PPP mode.
+In order to use it in PPP mode, the ctsrts option needs to be turned off,
+for example, by adding:
+.Dl set ctsrts off
+to
+.Pa /etc/ppp/ppp.conf
+in the correct section.
.Sh BUGS
The automatic mode switch from disk mode to modem mode does not work unless
the driver is either built into the kernel or loaded before the device is
diff --git a/sys/dev/usb/serial/u3g.c b/sys/dev/usb/serial/u3g.c
index 8bcc99d5c61d..1cdc28d93de4 100644
--- a/sys/dev/usb/serial/u3g.c
+++ b/sys/dev/usb/serial/u3g.c
@@ -517,6 +517,7 @@ static const STRUCT_USB_HOST_ID u3g_devs[] = {
U3G_DEV(QUECTEL, EM05, 0),
U3G_DEV(QUECTEL, EM12_G, 0),
U3G_DEV(QUECTEL, EP06_E, 0),
+ U3G_DEV(QUECTEL, EM160R, 0),
U3G_DEV(SIERRA, AC402, 0),
U3G_DEV(SIERRA, AC595U, 0),
U3G_DEV(SIERRA, AC313U, 0),
diff --git a/sys/dev/usb/usbdevs b/sys/dev/usb/usbdevs
index 637b49d5e399..54f0a4ace3a2 100644
--- a/sys/dev/usb/usbdevs
+++ b/sys/dev/usb/usbdevs
@@ -3988,6 +3988,7 @@ product QUECTEL EC25 0x0125 LTE modem
product QUECTEL EM05 0x0127 LTE modem
product QUECTEL EP06_E 0x0306 LTE modem
product QUECTEL EM12_G 0x0512 LTE modem
+product QUECTEL EM160R 0x0620 LTE modem
/* Quickshot products */
product QUICKSHOT STRIKEPAD0x6238 USB StrikePad
git: a849842f510a - main - loader: Add support for booting from a ZFS snapshot
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=a849842f510af48717e35ff709623e0dd1b80b20
commit a849842f510af48717e35ff709623e0dd1b80b20
Author: Allan Jude
AuthorDate: 2022-11-26 18:11:13 +
Commit: Allan Jude
CommitDate: 2023-03-14 14:18:29 +
loader: Add support for booting from a ZFS snapshot
When booting from a snapshot we need to follow a different code path
to turn the objset ID into the name, and for forward lookups we need
to walk the parent's snapnames_zap.
With this, it is possible to set the pools BOOTFS property to a
snapshot and boot with a read-only filesystem of that snapshot.
Reviewed by:tsoome, rew, imp
Sponsored By: Beckhoff Automation GmbH & Co. KG
Sponsored By: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D38600
---
stand/libsa/zfs/zfsimpl.c | 56 +--
1 file changed, 54 insertions(+), 2 deletions(-)
diff --git a/stand/libsa/zfs/zfsimpl.c b/stand/libsa/zfs/zfsimpl.c
index 36c90613e827..76063e76225f 100644
--- a/stand/libsa/zfs/zfsimpl.c
+++ b/stand/libsa/zfs/zfsimpl.c
@@ -3068,11 +3068,12 @@ zfs_rlookup(const spa_t *spa, uint64_t objnum, char
*result)
char name[256];
char component[256];
uint64_t dir_obj, parent_obj, child_dir_zapobj;
- dnode_phys_t child_dir_zap, dataset, dir, parent;
+ dnode_phys_t child_dir_zap, snapnames_zap, dataset, dir, parent;
dsl_dir_phys_t *dd;
dsl_dataset_phys_t *ds;
char *p;
int len;
+ boolean_t issnap = B_FALSE;
p = &name[sizeof(name) - 1];
*p = '\0';
@@ -3083,6 +3084,8 @@ zfs_rlookup(const spa_t *spa, uint64_t objnum, char
*result)
}
ds = (dsl_dataset_phys_t *)&dataset.dn_bonus;
dir_obj = ds->ds_dir_obj;
+ if (ds->ds_snapnames_zapobj == 0)
+ issnap = B_TRUE;
for (;;) {
if (objset_get_dnode(spa, spa->spa_mos, dir_obj, &dir) != 0)
@@ -3098,6 +3101,34 @@ zfs_rlookup(const spa_t *spa, uint64_t objnum, char
*result)
&parent) != 0)
return (EIO);
dd = (dsl_dir_phys_t *)&parent.dn_bonus;
+ if (issnap == B_TRUE) {
+ /*
+* The dataset we are looking up is a snapshot
+* the dir_obj is the parent already, we don't want
+* the grandparent just yet. Reset to the parent.
+*/
+ dd = (dsl_dir_phys_t *)&dir.dn_bonus;
+ /* Lookup the dataset to get the snapname ZAP */
+ if (objset_get_dnode(spa, spa->spa_mos,
+ dd->dd_head_dataset_obj, &dataset))
+ return (EIO);
+ ds = (dsl_dataset_phys_t *)&dataset.dn_bonus;
+ if (objset_get_dnode(spa, spa->spa_mos,
+ ds->ds_snapnames_zapobj, &snapnames_zap) != 0)
+ return (EIO);
+ /* Get the name of the snapshot */
+ if (zap_rlookup(spa, &snapnames_zap, component,
+ objnum) != 0)
+ return (EIO);
+ len = strlen(component);
+ p -= len;
+ memcpy(p, component, len);
+ --p;
+ *p = '@';
+ issnap = B_FALSE;
+ continue;
+ }
+
child_dir_zapobj = dd->dd_child_dir_zapobj;
if (objset_get_dnode(spa, spa->spa_mos, child_dir_zapobj,
&child_dir_zap) != 0)
@@ -3127,9 +3158,11 @@ zfs_lookup_dataset(const spa_t *spa, const char *name,
uint64_t *objnum)
{
char element[256];
uint64_t dir_obj, child_dir_zapobj;
- dnode_phys_t child_dir_zap, dir;
+ dnode_phys_t child_dir_zap, snapnames_zap, dir, dataset;
dsl_dir_phys_t *dd;
+ dsl_dataset_phys_t *ds;
const char *p, *q;
+ boolean_t issnap = B_FALSE;
if (objset_get_dnode(spa, spa->spa_mos,
DMU_POOL_DIRECTORY_OBJECT, &dir))
@@ -3160,6 +3193,25 @@ zfs_lookup_dataset(const spa_t *spa, const char *name,
uint64_t *objnum)
p += strlen(p);
}
+ if (issnap == B_TRUE) {
+ if (objset_get_dnode(spa, spa->spa_mos,
+ dd->dd_head_dataset_obj, &dataset))
+ return (EIO);
+ ds = (dsl_dataset_phys_t *)&dataset.dn_bonus;
+ if (objset_get_dnode(spa, spa-&g
git: ae5a522cae7e - main - nvmecontrol: Display Metadata and Sanitize capabilities of the device
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=ae5a522cae7e95790e84274c4ba23bbd1e4f3033
commit ae5a522cae7e95790e84274c4ba23bbd1e4f3033
Author: Allan Jude
AuthorDate: 2021-09-21 21:14:20 +
Commit: Allan Jude
CommitDate: 2021-09-21 21:15:55 +
nvmecontrol: Display Metadata and Sanitize capabilities of the device
Determine if a device supports "Extended" or "Separate" metadata, and
what the current metadata setting is (None, Extended, Separate)
Also determine if the device supports:
- Sanitize Crypto Erase
- Sanitize Block Erase
- Sanitize Overwrite
Reviewed by:chuck
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
X-NetApp-PR:#49
Differential Revision: https://reviews.freebsd.org/D31067
---
sbin/nvmecontrol/identify.c | 12 +++-
sbin/nvmecontrol/identify_ext.c | 32
2 files changed, 43 insertions(+), 1 deletion(-)
diff --git a/sbin/nvmecontrol/identify.c b/sbin/nvmecontrol/identify.c
index 6cd7ad0fdc2d..0d4d8003e5d2 100644
--- a/sbin/nvmecontrol/identify.c
+++ b/sbin/nvmecontrol/identify.c
@@ -84,7 +84,17 @@ print_namespace(struct nvme_namespace_data *nsdata)
printf("Thin Provisioning: %s\n",
thin_prov ? "Supported" : "Not Supported");
printf("Number of LBA Formats: %d\n", nsdata->nlbaf+1);
- printf("Current LBA Format: LBA Format #%02d\n", flbas_fmt);
+ printf("Current LBA Format: LBA Format #%02d", flbas_fmt);
+ if (nsdata->lbaf[flbas_fmt] >> NVME_NS_DATA_LBAF_MS_SHIFT &
NVME_NS_DATA_LBAF_MS_MASK)
+ printf(" %s metadata\n", nsdata->flbas >>
NVME_NS_DATA_FLBAS_EXTENDED_SHIFT &
+ NVME_NS_DATA_FLBAS_EXTENDED_MASK ? "Extended" : "Separate");
+ else
+ printf("\n");
+ printf("Metadata Capabilities\n");
+ printf(" Extended: %s\n",
+ nsdata->mc >> NVME_NS_DATA_MC_EXTENDED_SHIFT &
NVME_NS_DATA_MC_EXTENDED_MASK ? "Supported" : "Not Supported");
+ printf(" Separate: %s\n",
+ nsdata->mc >> NVME_NS_DATA_MC_POINTER_SHIFT &
NVME_NS_DATA_MC_POINTER_MASK ? "Supported" : "Not Supported");
printf("Data Protection Caps:%s%s%s%s%s%s\n",
(nsdata->dpc == 0) ? "Not Supported" : "",
((nsdata->dpc >> NVME_NS_DATA_DPC_MD_END_SHIFT) &
diff --git a/sbin/nvmecontrol/identify_ext.c b/sbin/nvmecontrol/identify_ext.c
index 311c8cba09a9..50b8901b799e 100644
--- a/sbin/nvmecontrol/identify_ext.c
+++ b/sbin/nvmecontrol/identify_ext.c
@@ -124,6 +124,38 @@ nvme_print_controller(struct nvme_controller_data *cdata)
printf("Unlimited\n");
else
printf("%ld bytes\n", PAGE_SIZE * (1L << cdata->mdts));
+ printf("Sanitize Crypto Erase: %s\n",
+ ((cdata->sanicap >> NVME_CTRLR_DATA_SANICAP_CES_SHIFT) &
+ NVME_CTRLR_DATA_SANICAP_CES_MASK) ?
+ "Supported" : "Not Supported");
+ printf("Sanitize Block Erase:%s\n",
+ ((cdata->sanicap >> NVME_CTRLR_DATA_SANICAP_BES_SHIFT) &
+ NVME_CTRLR_DATA_SANICAP_BES_MASK) ?
+ "Supported" : "Not Supported");
+ printf("Sanitize Overwrite: %s\n",
+ ((cdata->sanicap >> NVME_CTRLR_DATA_SANICAP_OWS_SHIFT) &
+ NVME_CTRLR_DATA_SANICAP_OWS_MASK) ?
+ "Supported" : "Not Supported");
+ printf("Sanitize NDI:%s\n",
+ ((cdata->sanicap >> NVME_CTRLR_DATA_SANICAP_NDI_SHIFT) &
+ NVME_CTRLR_DATA_SANICAP_NDI_MASK) ?
+ "Supported" : "Not Supported");
+ printf("Sanitize NODMMAS:");
+ switch (((cdata->sanicap >> NVME_CTRLR_DATA_SANICAP_NODMMAS_SHIFT) &
+ NVME_CTRLR_DATA_SANICAP_NODMMAS_MASK)) {
+ case NVME_CTRLR_DATA_SANICAP_NODMMAS_UNDEF:
+ printf("Undefined\n");
+ break;
+ case NVME_CTRLR_DATA_SANICAP_NODMMAS_NO:
+ printf("No\n");
+ break;
+ case NVME_CTRLR_DATA_SANICAP_NODMMAS_YES:
+ printf("Yes\n");
+ break;
+ default:
+ printf("Unknown\n");
+ break;
+ }
printf("Controller ID: 0x%04x\n", cdata->ctrlr_id);
printf("Version: %d.%d.%d\n",
(cdata->ver >> 16) & 0x, (cdata->ver >> 8) & 0xff,
___
dev-commits-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 34d8fffff313 - main - SIFTR: Fix compilation with -DSIFTR_IPV6
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=34d8f313d026ed3bb5c0befc8212eaa27d2d
commit 34d8f313d026ed3bb5c0befc8212eaa27d2d
Author: Allan Jude
AuthorDate: 2021-11-04 00:31:13 +
Commit: Allan Jude
CommitDate: 2021-11-04 00:32:17 +
SIFTR: Fix compilation with -DSIFTR_IPV6
A few pieces of the SIFTR code that are behind #ifdef SIFTR_IPV6 have
not been updated as APIs have changed, etc.
Reported by:Alexander Sideropoulos
Reviewed by:rscheff, lstewart
Sponsored by: NetApp
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D32698
---
sys/netinet/siftr.c | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/sys/netinet/siftr.c b/sys/netinet/siftr.c
index 2a6bf5e71151..00a4f477ad2e 100644
--- a/sys/netinet/siftr.c
+++ b/sys/netinet/siftr.c
@@ -99,7 +99,7 @@ __FBSDID("$FreeBSD$");
#ifdef SIFTR_IPV6
#include
-#include
+#include
#include
#endif /* SIFTR_IPV6 */
@@ -1007,8 +1007,9 @@ ret:
}
#ifdef SIFTR_IPV6
-static int
-siftr_chkpkt6(struct mbuf **m, struct ifnet *ifp, int flags, struct inpcb *inp)
+static pfil_return_t
+siftr_chkpkt6(struct mbuf **m, struct ifnet *ifp, int flags,
+void *ruleset __unused, struct inpcb *inp)
{
struct pkt_node *pn;
struct ip6_hdr *ip6;
@@ -1134,7 +1135,7 @@ ret6:
VNET_DEFINE_STATIC(pfil_hook_t, siftr_inet_hook);
#defineV_siftr_inet_hook VNET(siftr_inet_hook)
-#ifdef INET6
+#ifdef SIFTR_IPV6
VNET_DEFINE_STATIC(pfil_hook_t, siftr_inet6_hook);
#defineV_siftr_inet6_hook VNET(siftr_inet6_hook)
#endif
git: c441592a0e15 - main - Allow kern.ipc.maxsockets to be set to current value without error
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=c441592a0e1591591665cd037a8a5e9b54675f99
commit c441592a0e1591591665cd037a8a5e9b54675f99
Author: Allan Jude
AuthorDate: 2021-11-04 12:55:33 +
Commit: Allan Jude
CommitDate: 2021-11-04 12:56:09 +
Allow kern.ipc.maxsockets to be set to current value without error
Normally setting kern.ipc.maxsockets returns EINVAL if the new value
is not greater than the previous value. This can cause spurious
error messages when sysctl.conf is processed multiple times, or when
automation systems try to ensure the sysctl is set to the correct
value. If the value is unchanged, then just do nothing.
PR: 243532
Reviewed by:markj
MFC after: 3 days
Sponsored by: Modirum MDPay
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D32775
---
sys/kern/uipc_socket.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c
index 267a33feac3b..e033b2d77f1d 100644
--- a/sys/kern/uipc_socket.c
+++ b/sys/kern/uipc_socket.c
@@ -364,7 +364,7 @@ sysctl_maxsockets(SYSCTL_HANDLER_ARGS)
newmaxsockets = maxsockets;
error = sysctl_handle_int(oidp, &newmaxsockets, 0, req);
- if (error == 0 && req->newptr) {
+ if (error == 0 && req->newptr && newmaxsockets != maxsockets) {
if (newmaxsockets > maxsockets &&
newmaxsockets <= maxfiles) {
maxsockets = newmaxsockets;
git: 2e946f870558 - main - Fix ZFS module build
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=2e946f8705581f2e9370e98a657bead36582fb2a
commit 2e946f8705581f2e9370e98a657bead36582fb2a
Author: Allan Jude
AuthorDate: 2021-11-17 15:07:05 +
Commit: Allan Jude
CommitDate: 2021-11-17 15:07:05 +
Fix ZFS module build
resolves: link_elf_obj: symbol abd_checksum_edonr_native undefined
The required module-build bits were originally identified in the
upstream pull request: https://github.com/openzfs/zfs/pull/12735
But were missed when the code was imported (since they are not
committed upstream).
X-MFC-With: dae1713419a6, 09cd63416051
Submitted by: freqlabs
Sponsored by: Klara Inc.
---
sys/modules/zfs/Makefile | 6 ++
1 file changed, 6 insertions(+)
diff --git a/sys/modules/zfs/Makefile b/sys/modules/zfs/Makefile
index 983f0aa0e994..54d53c87a7c5 100644
--- a/sys/modules/zfs/Makefile
+++ b/sys/modules/zfs/Makefile
@@ -8,6 +8,7 @@ KMOD= zfs
.PATH: ${SRCDIR}/avl \
${SRCDIR}/lua \
${SRCDIR}/nvpair \
+ ${SRCDIR}/icp/algs/edonr \
${SRCDIR}/os/freebsd/spl \
${SRCDIR}/os/freebsd/zfs \
${SRCDIR}/unicode \
@@ -44,6 +45,9 @@ SRCS= vnode_if.h device_if.h bus_if.h
# avl
SRCS+= avl.c
+# icp
+SRCS+= edonr.c
+
#lua
SRCS+= lapi.c \
lauxlib.c \
@@ -191,6 +195,7 @@ SRCS+= abd.c \
dsl_scan.c \
dsl_synctask.c \
dsl_userhold.c \
+ edonr_zfs.c \
fm.c \
gzip.c \
lzjb.c \
@@ -313,6 +318,7 @@ CFLAGS.dmu_traverse.c= -Wno-cast-qual
CFLAGS.dsl_dir.c= -Wno-cast-qual
CFLAGS.dsl_deadlist.c= -Wno-cast-qual
CFLAGS.dsl_prop.c= -Wno-cast-qual
+CFLAGS.edonr.c= -Wno-cast-qual
CFLAGS.fm.c= -Wno-cast-qual
CFLAGS.lz4.c= -Wno-cast-qual
CFLAGS.spa.c= -Wno-cast-qual
git: 5bbfa333cfc4 - main - ipresend(1): Make the build slightly less broken.
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=5bbfa333cfc435c16cdfee20d84b17954972f610 commit 5bbfa333cfc435c16cdfee20d84b17954972f610 Author: Allan Jude AuthorDate: 2021-11-22 17:58:08 + Commit: Allan Jude CommitDate: 2021-11-22 18:03:24 + ipresend(1): Make the build slightly less broken. X-NetApp-PR:35 Sponsored by: NetApp, Inc. Sponsored by: Klara Inc. Differential Revision: https://reviews.freebsd.org/D27335 --- contrib/ipfilter/ipsend/sock.c | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/ipfilter/ipsend/sock.c b/contrib/ipfilter/ipsend/sock.c index 7754ef9d8e1c..51418d64d1fe 100644 --- a/contrib/ipfilter/ipsend/sock.c +++ b/contrib/ipfilter/ipsend/sock.c @@ -42,6 +42,7 @@ typedef int boolean_t; #include #include #include +#define_WANT_SOCKET #include #include # include
git: d9bb798725cf - main - openssl: Fix detection of ARMv7 and ARM64 CPU features
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=d9bb798725cfce9c72b80440659b48e8668eb10d
commit d9bb798725cfce9c72b80440659b48e8668eb10d
Author: Allan Jude
AuthorDate: 2021-11-19 15:14:30 +
Commit: Allan Jude
CommitDate: 2021-11-22 18:10:43 +
openssl: Fix detection of ARMv7 and ARM64 CPU features
OpenSSL assumes the same value for AT_HWCAP=16 (Linux)
So it ends up calling elf_auxv_info() with AT_CANARY which
returns ENOENT, and all acceleration features are disabled.
With this, my ARM64 test machine runs the benchmark
`openssl speed -evp aes-256-gcm` nearly 20x faster
going from 100 MB/sec to 2000 MB/sec
It also improves sha256 from 300 MB/sec to 1800 MB/sec
This fix has been accepted but not yet merged upstream:
https://github.com/openssl/openssl/pull/17082
PR: 259937
Reviewed by:manu, imp
MFC after: immediate
Relnotes: yes
Fixes: 88e852c0b5c872b1a ("OpenSSL: Merge OpenSSL 1.1.1j")
Sponsored by: Ampere Computing LLC
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D33060
---
crypto/openssl/crypto/armcap.c | 15 +--
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/crypto/openssl/crypto/armcap.c b/crypto/openssl/crypto/armcap.c
index c5685bde5891..48c5d4d64e32 100644
--- a/crypto/openssl/crypto/armcap.c
+++ b/crypto/openssl/crypto/armcap.c
@@ -106,20 +106,23 @@ static unsigned long getauxval(unsigned long key)
* ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas
* AArch64 used AT_HWCAP.
*/
+# ifndef AT_HWCAP
+# define AT_HWCAP 16
+# endif
+# ifndef AT_HWCAP2
+# define AT_HWCAP2 26
+# endif
# if defined(__arm__) || defined (__arm)
-# define HWCAP 16
- /* AT_HWCAP */
+# define HWCAP AT_HWCAP
# define HWCAP_NEON (1 << 12)
-# define HWCAP_CE 26
- /* AT_HWCAP2 */
+# define HWCAP_CE AT_HWCAP2
# define HWCAP_CE_AES (1 << 0)
# define HWCAP_CE_PMULL (1 << 1)
# define HWCAP_CE_SHA1 (1 << 2)
# define HWCAP_CE_SHA256(1 << 3)
# elif defined(__aarch64__)
-# define HWCAP 16
- /* AT_HWCAP */
+# define HWCAP AT_HWCAP
# define HWCAP_NEON (1 << 1)
# define HWCAP_CE HWCAP
git: 32a2fed6e71f - stable/13 - openssl: Fix detection of ARMv7 and ARM64 CPU features
The branch stable/13 has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=32a2fed6e71f896266d4c695754104d82a72c60d
commit 32a2fed6e71f896266d4c695754104d82a72c60d
Author: Allan Jude
AuthorDate: 2021-11-19 15:14:30 +
Commit: Allan Jude
CommitDate: 2021-11-22 18:12:20 +
openssl: Fix detection of ARMv7 and ARM64 CPU features
OpenSSL assumes the same value for AT_HWCAP=16 (Linux)
So it ends up calling elf_auxv_info() with AT_CANARY which
returns ENOENT, and all acceleration features are disabled.
With this, my ARM64 test machine runs the benchmark
`openssl speed -evp aes-256-gcm` nearly 20x faster
going from 100 MB/sec to 2000 MB/sec
It also improves sha256 from 300 MB/sec to 1800 MB/sec
This fix has been accepted but not yet merged upstream:
https://github.com/openssl/openssl/pull/17082
PR: 259937
Reviewed by:manu, imp
MFC after: immediate
Relnotes: yes
Fixes: 88e852c0b5c872b1a ("OpenSSL: Merge OpenSSL 1.1.1j")
Sponsored by: Ampere Computing LLC
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D33060
(cherry picked from commit d9bb798725cfce9c72b80440659b48e8668eb10d)
---
crypto/openssl/crypto/armcap.c | 15 +--
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/crypto/openssl/crypto/armcap.c b/crypto/openssl/crypto/armcap.c
index c5685bde5891..48c5d4d64e32 100644
--- a/crypto/openssl/crypto/armcap.c
+++ b/crypto/openssl/crypto/armcap.c
@@ -106,20 +106,23 @@ static unsigned long getauxval(unsigned long key)
* ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas
* AArch64 used AT_HWCAP.
*/
+# ifndef AT_HWCAP
+# define AT_HWCAP 16
+# endif
+# ifndef AT_HWCAP2
+# define AT_HWCAP2 26
+# endif
# if defined(__arm__) || defined (__arm)
-# define HWCAP 16
- /* AT_HWCAP */
+# define HWCAP AT_HWCAP
# define HWCAP_NEON (1 << 12)
-# define HWCAP_CE 26
- /* AT_HWCAP2 */
+# define HWCAP_CE AT_HWCAP2
# define HWCAP_CE_AES (1 << 0)
# define HWCAP_CE_PMULL (1 << 1)
# define HWCAP_CE_SHA1 (1 << 2)
# define HWCAP_CE_SHA256(1 << 3)
# elif defined(__aarch64__)
-# define HWCAP 16
- /* AT_HWCAP */
+# define HWCAP AT_HWCAP
# define HWCAP_NEON (1 << 1)
# define HWCAP_CE HWCAP
git: 0ed191d116f5 - stable/12 - openssl: Fix detection of ARMv7 and ARM64 CPU features
The branch stable/12 has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=0ed191d116f511c1e67338f05386d87aad53076f
commit 0ed191d116f511c1e67338f05386d87aad53076f
Author: Allan Jude
AuthorDate: 2021-11-19 15:14:30 +
Commit: Allan Jude
CommitDate: 2021-11-22 18:22:36 +
openssl: Fix detection of ARMv7 and ARM64 CPU features
OpenSSL assumes the same value for AT_HWCAP=16 (Linux)
So it ends up calling elf_auxv_info() with AT_CANARY which
returns ENOENT, and all acceleration features are disabled.
With this, my ARM64 test machine runs the benchmark
`openssl speed -evp aes-256-gcm` nearly 20x faster
going from 100 MB/sec to 2000 MB/sec
It also improves sha256 from 300 MB/sec to 1800 MB/sec
This fix has been accepted but not yet merged upstream:
https://github.com/openssl/openssl/pull/17082
PR: 259937
Reviewed by:manu, imp
MFC after: immediate
Relnotes: yes
Fixes: 88e852c0b5c872b1a ("OpenSSL: Merge OpenSSL 1.1.1j")
Sponsored by: Ampere Computing LLC
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D33060
(cherry picked from commit d9bb798725cfce9c72b80440659b48e8668eb10d)
---
crypto/openssl/crypto/armcap.c | 15 +--
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/crypto/openssl/crypto/armcap.c b/crypto/openssl/crypto/armcap.c
index c5685bde5891..48c5d4d64e32 100644
--- a/crypto/openssl/crypto/armcap.c
+++ b/crypto/openssl/crypto/armcap.c
@@ -106,20 +106,23 @@ static unsigned long getauxval(unsigned long key)
* ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas
* AArch64 used AT_HWCAP.
*/
+# ifndef AT_HWCAP
+# define AT_HWCAP 16
+# endif
+# ifndef AT_HWCAP2
+# define AT_HWCAP2 26
+# endif
# if defined(__arm__) || defined (__arm)
-# define HWCAP 16
- /* AT_HWCAP */
+# define HWCAP AT_HWCAP
# define HWCAP_NEON (1 << 12)
-# define HWCAP_CE 26
- /* AT_HWCAP2 */
+# define HWCAP_CE AT_HWCAP2
# define HWCAP_CE_AES (1 << 0)
# define HWCAP_CE_PMULL (1 << 1)
# define HWCAP_CE_SHA1 (1 << 2)
# define HWCAP_CE_SHA256(1 << 3)
# elif defined(__aarch64__)
-# define HWCAP 16
- /* AT_HWCAP */
+# define HWCAP AT_HWCAP
# define HWCAP_NEON (1 << 1)
# define HWCAP_CE HWCAP
git: 8ffcfb399b20 - releng/12.3 - openssl: Fix detection of ARMv7 and ARM64 CPU features
The branch releng/12.3 has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=8ffcfb399b20f027cb50afe41c7f83c52c008191
commit 8ffcfb399b20f027cb50afe41c7f83c52c008191
Author: Allan Jude
AuthorDate: 2021-11-19 15:14:30 +
Commit: Allan Jude
CommitDate: 2021-11-22 18:59:32 +
openssl: Fix detection of ARMv7 and ARM64 CPU features
OpenSSL assumes the same value for AT_HWCAP=16 (Linux)
So it ends up calling elf_auxv_info() with AT_CANARY which
returns ENOENT, and all acceleration features are disabled.
With this, my ARM64 test machine runs the benchmark
`openssl speed -evp aes-256-gcm` nearly 20x faster
going from 100 MB/sec to 2000 MB/sec
It also improves sha256 from 300 MB/sec to 1800 MB/sec
This fix has been accepted but not yet merged upstream:
https://github.com/openssl/openssl/pull/17082
PR: 259937
Reviewed by:manu, imp
Approved by:re (gjb)
Relnotes: yes
Fixes: 88e852c0b5c872b1a ("OpenSSL: Merge OpenSSL 1.1.1j")
Sponsored by: Ampere Computing LLC
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D33060
(cherry picked from commit d9bb798725cfce9c72b80440659b48e8668eb10d)
(cherry picked from commit 0ed191d116f511c1e67338f05386d87aad53076f)
---
crypto/openssl/crypto/armcap.c | 15 +--
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/crypto/openssl/crypto/armcap.c b/crypto/openssl/crypto/armcap.c
index c5685bde5891..48c5d4d64e32 100644
--- a/crypto/openssl/crypto/armcap.c
+++ b/crypto/openssl/crypto/armcap.c
@@ -106,20 +106,23 @@ static unsigned long getauxval(unsigned long key)
* ARM puts the feature bits for Crypto Extensions in AT_HWCAP2, whereas
* AArch64 used AT_HWCAP.
*/
+# ifndef AT_HWCAP
+# define AT_HWCAP 16
+# endif
+# ifndef AT_HWCAP2
+# define AT_HWCAP2 26
+# endif
# if defined(__arm__) || defined (__arm)
-# define HWCAP 16
- /* AT_HWCAP */
+# define HWCAP AT_HWCAP
# define HWCAP_NEON (1 << 12)
-# define HWCAP_CE 26
- /* AT_HWCAP2 */
+# define HWCAP_CE AT_HWCAP2
# define HWCAP_CE_AES (1 << 0)
# define HWCAP_CE_PMULL (1 << 1)
# define HWCAP_CE_SHA1 (1 << 2)
# define HWCAP_CE_SHA256(1 << 3)
# elif defined(__aarch64__)
-# define HWCAP 16
- /* AT_HWCAP */
+# define HWCAP AT_HWCAP
# define HWCAP_NEON (1 << 1)
# define HWCAP_CE HWCAP
git: 3810b3790322 - main - mac_ddb: Make db_show_vnet_valid() handle !VIMAGE
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=3810b37903220af1a369d3c4032ae25fb2d7949d
commit 3810b37903220af1a369d3c4032ae25fb2d7949d
Author: Allan Jude
AuthorDate: 2022-07-21 13:58:05 +
Commit: Allan Jude
CommitDate: 2022-07-21 14:01:01 +
mac_ddb: Make db_show_vnet_valid() handle !VIMAGE
Reported by:kib
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
---
sys/security/mac_ddb/mac_ddb.c | 4
1 file changed, 4 insertions(+)
diff --git a/sys/security/mac_ddb/mac_ddb.c b/sys/security/mac_ddb/mac_ddb.c
index 847be4997226..8f2f0d78bb07 100644
--- a/sys/security/mac_ddb/mac_ddb.c
+++ b/sys/security/mac_ddb/mac_ddb.c
@@ -196,6 +196,7 @@ db_show_rman_valid(db_expr_t addr, bool have_addr,
db_expr_t count, char *modif)
static int
db_show_vnet_valid(db_expr_t addr, bool have_addr, db_expr_t count, char
*modif)
{
+#ifdef VIMAGE
VNET_ITERATOR_DECL(vnet);
if (!have_addr)
@@ -207,6 +208,9 @@ db_show_vnet_valid(db_expr_t addr, bool have_addr,
db_expr_t count, char *modif)
}
return (EACCES);
+#else
+ return (EOPNOTSUPP);
+#endif
}
#endif
Re: git: 4e2121c10afc - main - mac_ddb: add some validation functions
On 7/19/2022 10:26 AM, Konstantin Belousov wrote:
On Mon, Jul 18, 2022 at 10:06:57PM +, Allan Jude wrote:
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=4e2121c10afc3d9273368eae776fe31d0c68ba6a
commit 4e2121c10afc3d9273368eae776fe31d0c68ba6a
Author: Mitchell Horne
AuthorDate: 2022-07-18 21:25:00 +
Commit: Allan Jude
CommitDate: 2022-07-18 22:06:22 +
mac_ddb: add some validation functions
These global objects are easy to validate, so provide the helper
functions to do so and include these commands in the allow lists.
Reviewed by:markj
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D35372
---
sys/security/mac_ddb/mac_ddb.c | 101 +
1 file changed, 101 insertions(+)
+static int
+db_show_vnet_valid(db_expr_t addr, bool have_addr, db_expr_t count, char
*modif)
+{
+ VNET_ITERATOR_DECL(vnet);
+
+ if (!have_addr)
+ return (0);
+
+ VNET_FOREACH(vnet) {
+ if ((void *)vnet == (void *)addr)
+ return (0);
+ }
+
+ return (EACCES);
+}
This seems to break non-VNET builds:
/usr/home/kostik/work/DEV/src/sys/security/mac_ddb/mac_ddb.c:200:15: error: use
of undeclared identifier 'vnet'; did you mean 'int'?
if ((void *)vnet == (void *)addr)
^~~~
int
/usr/home/kostik/work/DEV/src/sys/security/mac_ddb/mac_ddb.c:200:15: error:
expected expression
2 errors generated.
--- mac_ddb.o ---
*** [mac_ddb.o] Error code 1
I reached out to Mitchell, but he hasn't gotten back to me yet (he is on
vacation), so I've committed a fix.
--
Allan Jude
git: e89841f89318 - main - Revert "mac_ddb: Make db_show_vnet_valid() handle !VIMAGE"
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=e89841f893181fc2539b741418202ab3a2155eba
commit e89841f893181fc2539b741418202ab3a2155eba
Author: Allan Jude
AuthorDate: 2022-07-21 14:26:54 +
Commit: Allan Jude
CommitDate: 2022-07-21 14:26:54 +
Revert "mac_ddb: Make db_show_vnet_valid() handle !VIMAGE"
jhb@ already fixed this in a different way
Reported by: andrew
This reverts commit 3810b37903220af1a369d3c4032ae25fb2d7949d.
---
sys/security/mac_ddb/mac_ddb.c | 4
1 file changed, 4 deletions(-)
diff --git a/sys/security/mac_ddb/mac_ddb.c b/sys/security/mac_ddb/mac_ddb.c
index 8f2f0d78bb07..847be4997226 100644
--- a/sys/security/mac_ddb/mac_ddb.c
+++ b/sys/security/mac_ddb/mac_ddb.c
@@ -196,7 +196,6 @@ db_show_rman_valid(db_expr_t addr, bool have_addr,
db_expr_t count, char *modif)
static int
db_show_vnet_valid(db_expr_t addr, bool have_addr, db_expr_t count, char
*modif)
{
-#ifdef VIMAGE
VNET_ITERATOR_DECL(vnet);
if (!have_addr)
@@ -208,9 +207,6 @@ db_show_vnet_valid(db_expr_t addr, bool have_addr,
db_expr_t count, char *modif)
}
return (EACCES);
-#else
- return (EOPNOTSUPP);
-#endif
}
#endif
git: b20ec58669e2 - main - vfs.typenumhash: fix sysctl description
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=b20ec58669e274b8632a253040bb3d41df3cb58b commit b20ec58669e274b8632a253040bb3d41df3cb58b Author: Allan Jude AuthorDate: 2022-09-10 22:47:51 + Commit: Allan Jude CommitDate: 2022-09-10 22:47:51 + vfs.typenumhash: fix sysctl description a string continuation was missing a space, resulting in two works being smushed together. Sponsored by: Klara, Inc. --- sys/kern/vfs_init.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/vfs_init.c b/sys/kern/vfs_init.c index d6065deb25fe..6572a8e362c2 100644 --- a/sys/kern/vfs_init.c +++ b/sys/kern/vfs_init.c @@ -80,7 +80,7 @@ SX_SYSINIT(vfsconf, &vfsconf_sx, "vfsconf"); static int vfs_typenumhash = 1; SYSCTL_INT(_vfs, OID_AUTO, typenumhash, CTLFLAG_RDTUN, &vfs_typenumhash, 0, "Set vfc_typenum using a hash calculation on vfc_name, so that it does not" -"change when file systems are loaded in a different order."); +" change when file systems are loaded in a different order."); /* * A Zen vnode attribute structure.
git: 066a576c5f1b - main - ipfw: update man page example for nat show log
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=066a576c5f1beac1c42370135f6eddf026561430 commit 066a576c5f1beac1c42370135f6eddf026561430 Author: Roman Bogorodskiy AuthorDate: 2021-04-07 15:37:46 + Commit: Allan Jude CommitDate: 2021-04-07 15:37:46 + ipfw: update man page example for nat show log In d6164b77f8b779cd7357387dcfcd3407f1457579 the ability to show ranges of nat log entries was removed. PR: 254192 Reviewed by:allanjude --- sbin/ipfw/ipfw.8 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index d2c4885bc119..439738a54e34 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 21, 2020 +.Dd April 7, 2021 .Dt IPFW 8 .Os .Sh NAME @@ -4536,9 +4536,9 @@ To see configuration of nat instance 123: .Pp .Dl "ipfw nat 123 show config" .Pp -To show logs of all the instances in range 111-999: +To show logs of all instances: .Pp -.Dl "ipfw nat 111-999 show" +.Dl "ipfw nat show log" .Pp To see configurations of all instances: .Pp ___ dev-commits-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all To unsubscribe, send any mail to "dev-commits-src-all-unsubscr...@freebsd.org"
git: 50315501340c - main - Bump MAC_VERSION to 5
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=50315501340cc3ca1a565c4f9700bbadcdaa5c01
commit 50315501340cc3ca1a565c4f9700bbadcdaa5c01
Author: Allan Jude
AuthorDate: 2022-10-07 14:37:35 +
Commit: Allan Jude
CommitDate: 2022-10-07 15:24:32 +
Bump MAC_VERSION to 5
2449b9e5fe565be757a4b29093fd1c9c6ffcf3c9 introduced API changes
that require ensuring that loadable MAC modules use the matching API.
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
---
sys/security/mac/mac_policy.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/sys/security/mac/mac_policy.h b/sys/security/mac/mac_policy.h
index 97b3522abf51..1f9a5485b136 100644
--- a/sys/security/mac/mac_policy.h
+++ b/sys/security/mac/mac_policy.h
@@ -1022,8 +1022,9 @@ struct mac_policy_conf {
* 2 6.x
* 3 7.x
* 4 8.x
+ * 5 14.x
*/
-#defineMAC_VERSION 4
+#defineMAC_VERSION 5
#defineMAC_POLICY_SET(mpops, mpname, mpfullname, mpflags,
privdata_wanted) \
static struct mac_policy_conf mpname##_mac_policy_conf = { \
git: c6ec1b441ad3 - stable/13 - Add support for adding default routes for other FIBs
The branch stable/13 has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=c6ec1b441ad3fdfa2d3a22d0b66d53006c5e292b
commit c6ec1b441ad3fdfa2d3a22d0b66d53006c5e292b
Author: Andrew Fengler
AuthorDate: 2021-05-12 01:59:10 +
Commit: Allan Jude
CommitDate: 2022-12-02 21:27:57 +
Add support for adding default routes for other FIBs
Make rc.d/routing read defaultrouter_fibN and ipv6_defaultrouter_fibN, and
set it as the default gateway for FIB N, where N is from 1 to (net.fibs - 1)
This allows adding gateways for multiple FIBs in the same format as the main
gateway. (FIB 0)
Reviewed by:olivier, rgrimes, bcr (man page)
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D22706
(cherry picked from commit 30659d1dcbcc92016833f0956461314ed501ac83)
---
libexec/rc/rc.conf | 2 ++
libexec/rc/rc.d/routing | 38 --
share/man/man5/rc.conf.5 | 11 ++-
3 files changed, 48 insertions(+), 3 deletions(-)
diff --git a/libexec/rc/rc.conf b/libexec/rc/rc.conf
index 46a81508f844..82796ba0ec48 100644
--- a/libexec/rc/rc.conf
+++ b/libexec/rc/rc.conf
@@ -446,6 +446,7 @@ bsnmpd_flags="" # Flags for bsnmpd.
### Network routing options: ###
defaultrouter="NO" # Set to default gateway (or NO).
+#defaultrouter_fibN="192.0.2.1"# Use this form to set a gateway for
FIB N
static_arp_pairs=""# Set to static ARP list (or leave empty).
static_ndp_pairs=""# Set to static NDP list (or leave empty).
static_routes="" # Set to static route list (or leave empty).
@@ -508,6 +509,7 @@ ipv6_activate_all_interfaces="NO" # If NO, interfaces
which have no
# reason.
ipv6_defaultrouter="NO"# Set to IPv6 default gateway (or NO).
#ipv6_defaultrouter="2002:c058:6301::" # Use this for 6to4 (RFC 3068)
+#ipv6_defaultrouter_fibN="2001:db8::" # Use this form to set a gateway for
FIB N
ipv6_static_routes="" # Set to static route list (or leave empty).
#ipv6_static_routes="xxx" # An example to set fec0:::0006::/64
# route toward loopback interface.
diff --git a/libexec/rc/rc.d/routing b/libexec/rc/rc.d/routing
index 043c5b15fbaa..37b3da0f0cef 100755
--- a/libexec/rc/rc.d/routing
+++ b/libexec/rc/rc.d/routing
@@ -140,11 +140,12 @@ get_fibmod()
static_inet()
{
- local _action _if _skip _fibmod
+ local _action _if _skip _fibmod _fibs
_action=$1
_if=$2
_fibmod=`get_fibmod`
+ _fibs=$((`${SYSCTL_N} net.fibs` - 1))
# Provide loopback route in all routing tables. This has to come
# first so that any following routes can be added.
@@ -161,6 +162,22 @@ static_inet()
;;
esac
+ # Add default routes for fibs
+ if [ ${_fibs} -gt 0 ]; then
+ for _fibnum in `jot ${_fibs}` ; do
+ eval _fib_gw=\${defaultrouter_fib${_fibnum}}
+ case ${_fib_gw} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ static_routes="${static_routes}
_default_fib${_fibnum}"
+ eval route__default_fib${fibnum}="'default
${_fib_gw} -fib ${_fibnum}'"
+ ;;
+ esac
+ done
+ fi
+
+
# Install configured routes.
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
@@ -185,11 +202,12 @@ static_inet()
static_inet6()
{
- local _action _if _skip fibmod allfibs
+ local _action _if _skip fibmod _fibs
_action=$1
_if=$2
fibmod=`get_fibmod`
+ _fibs=$((`${SYSCTL_N} net.fibs` - 1))
# Add pre-defined static routes first.
ipv6_static_routes="_v4mapped _v4compat ${ipv6_static_routes}"
@@ -221,6 +239,22 @@ static_inet6()
;;
esac
+ # Add default routes for fibs
+ if [ ${_fibs} -gt 0 ]; then
+ for _fibnum in `jot ${_fibs}` ; do
+ eval _fib_gw=\${ipv6_defaultrouter_fib${_fibnum}}
+ case ${_fib_gw} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ ipv6_static_routes="${static_routes}
_default_fib${_fibnum}"
+ eval ipv6_route__default_fib${fibnum}="'default
${_fib_gw} -fib ${_fibnum}'"
+ ;;
+ esac
+ done
+
git: 461ccb55d50c - main - dhclient: add ability to ignore options in offers
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=461ccb55d50ccf1b5bcfe1310fe32d72f8b0ecdd
commit 461ccb55d50ccf1b5bcfe1310fe32d72f8b0ecdd
Author: Rob Norris
AuthorDate: 2023-03-14 22:07:18 +
Commit: Allan Jude
CommitDate: 2023-04-10 23:13:18 +
dhclient: add ability to ignore options in offers
A machine might exist on multiple networks, all of which offer, say, default
routes or name servers. There's no easy way to indicate in the config
that those options are only valid for a single interface.
Now, we can write:
interface "lan0" {
request routers;
require routers;
}
interface "lan1" {
ignore routers;
}
And only take action on default routes offered on lan0.
Tested by: Jose Luis Duran
MFC after: 2 months
Reviewed by:allanjude, imp
Sponsored by: Zenith Electronics LLC
Sponsored by: Klara, Inc.
Pull Request: #693
---
sbin/dhclient/clparse.c | 4
sbin/dhclient/conflex.c | 2 ++
sbin/dhclient/dhclient.c | 13 +++--
sbin/dhclient/dhclient.conf.5 | 7 ++-
sbin/dhclient/dhcpd.h | 1 +
sbin/dhclient/dhctoken.h | 1 +
6 files changed, 25 insertions(+), 3 deletions(-)
diff --git a/sbin/dhclient/clparse.c b/sbin/dhclient/clparse.c
index c7b02a073aa3..295a800a7328 100644
--- a/sbin/dhclient/clparse.c
+++ b/sbin/dhclient/clparse.c
@@ -186,6 +186,7 @@ read_client_leases(void)
* hardware-declaration |
* REQUEST option-list |
* REQUIRE option-list |
+ * IGNORE option-list |
* TIMEOUT number |
* RETRY number |
* REBOOT number |
@@ -249,6 +250,9 @@ parse_client_statement(FILE *cfile, struct interface_info
*ip,
sizeof(config->required_options));
parse_option_list(cfile, config->required_options);
return;
+ case IGNORE:
+ parse_option_list(cfile, config->ignored_options);
+ return;
case TIMEOUT:
parse_lease_time(cfile, &config->timeout);
return;
diff --git a/sbin/dhclient/conflex.c b/sbin/dhclient/conflex.c
index c11c9189527e..3a6824a9a815 100644
--- a/sbin/dhclient/conflex.c
+++ b/sbin/dhclient/conflex.c
@@ -413,6 +413,8 @@ intern(char *atom, int dfv)
return (HOSTNAME);
break;
case 'i':
+ if (!strcasecmp(atom + 1, "gnore"))
+ return (IGNORE);
if (!strcasecmp(atom + 1, "nitial-interval"))
return (INITIAL_INTERVAL);
if (!strcasecmp(atom + 1, "nterface"))
diff --git a/sbin/dhclient/dhclient.c b/sbin/dhclient/dhclient.c
index da9a567fad04..4261251b6b78 100644
--- a/sbin/dhclient/dhclient.c
+++ b/sbin/dhclient/dhclient.c
@@ -1039,7 +1039,6 @@ dhcpoffer(struct packet *packet)
note("%s from %s", name, piaddr(packet->client_addr));
-
/* If this lease doesn't supply the minimum required parameters,
blow it off. */
for (i = 0; ip->client->config->required_options[i]; i++) {
@@ -1141,8 +1140,9 @@ dhcpoffer(struct packet *packet)
struct client_lease *
packet_to_lease(struct packet *packet)
{
+ struct interface_info *ip = packet->interface;
struct client_lease *lease;
- int i;
+ int i, j;
lease = malloc(sizeof(struct client_lease));
@@ -1156,6 +1156,15 @@ packet_to_lease(struct packet *packet)
/* Copy the lease options. */
for (i = 0; i < 256; i++) {
if (packet->options[i].len) {
+ int ignored = 0;
+ for (j = 0; ip->client->config->ignored_options[j]; j++)
+ if (i ==
+ ip->client->config->ignored_options[j]) {
+ ignored = 1;
+ break;
+ }
+ if (ignored)
+ continue;
lease->options[i].data =
malloc(packet->options[i].len + 1);
if (!lease->options[i].data) {
diff --git a/sbin/dhclient/dhclient.conf.5 b/sbin/dhclient/dhclient.conf.5
index 14a0de4111dd..39a00fd0f207 100644
--- a/sbin/dhclient/dhclient.conf.5
+++ b/sbin/dhclient/dhclient.conf.5
@@ -38,7 +38,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd July 21, 2021
+.Dd March 17, 2023
.Dt DHCLIENT.CONF 5
.Os
.Sh NAME
@@ -200,6 +200,11 @@ option other than the default requested lease time, which
is two hours.
The other obvious use for this statement is to send information to the server
that will allow it to differentiate betw
git: bb61cba751b3 - main - ddb: add the DB_CMD_MEMSAFE flag for commands
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=bb61cba751b3b1620d14af987a4025974b4b1b2e
commit bb61cba751b3b1620d14af987a4025974b4b1b2e
Author: Mitchell Horne
AuthorDate: 2022-07-18 20:04:24 +
Commit: Allan Jude
CommitDate: 2022-07-18 22:06:04 +
ddb: add the DB_CMD_MEMSAFE flag for commands
This flag value can be used to indicate if a command has the property of
being "memory safe". In this instance, memory safe means that the
command does not allow/enable reads or writes of arbitrary memory,
regardless of the arguments passed to it. For example, 'backtrace' is
considered a memory-safe command since its output is deterministic,
while 'show vnode' is not, since it requires a memory address as an
argument and will print the contents beginning at that location.
Apply the flag to the "show all" command macros. It is expected that
commands added to this table will always exhibit this property.
Reviewed by:markj
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D35581
---
sys/ddb/ddb.h | 16 ++--
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/sys/ddb/ddb.h b/sys/ddb/ddb.h
index 4e63907a6ed0..dce4e80ac117 100644
--- a/sys/ddb/ddb.h
+++ b/sys/ddb/ddb.h
@@ -110,13 +110,15 @@ typedef void db_cmdfcn_t(db_expr_t addr, bool have_addr,
db_expr_t count,
* Command table entry.
*/
struct db_command {
- char * name; /* command name */
+ char *name; /* command name */
db_cmdfcn_t *fcn; /* function to call */
- int flag; /* extra info: */
+ int flag;
#defineCS_OWN 0x1 /* non-standard syntax */
#defineCS_MORE 0x2 /* standard syntax, but may have other
words
* at end */
#defineCS_SET_DOT 0x100 /* set dot after command */
+#defineDB_CMD_MEMSAFE 0x1000 /* Command does not allow reads or
writes to
+* arbitrary memory. */
struct db_command_table *more; /* another level of command */
LIST_ENTRY(db_command) next; /* next entry in the command table */
};
@@ -180,10 +182,12 @@ _func(db_expr_t addr, bool have_addr, db_expr_t count,
char *modif)
_DB_SET(_show, alias_name, func_name, db_show_table, flags, NULL)
#defineDB_SHOW_ALIAS(alias_name, func_name) \
DB_SHOW_ALIAS_FLAGS(alias_name, func_name, 0)
-#defineDB_SHOW_ALL_COMMAND(cmd_name, func_name) \
- _DB_FUNC(_show_all, cmd_name, func_name, db_show_all_table, 0, NULL)
-#defineDB_SHOW_ALL_ALIAS(alias_name, func_name) \
- _DB_SET(_show_all, alias_name, func_name, db_show_all_table, 0, NULL)
+#defineDB_SHOW_ALL_COMMAND(cmd_name, func_name)
\
+ _DB_FUNC(_show_all, cmd_name, func_name, db_show_all_table, \
+ DB_CMD_MEMSAFE, NULL)
+#defineDB_SHOW_ALL_ALIAS(alias_name, func_name)
\
+ _DB_SET(_show_all, alias_name, func_name, db_show_all_table,\
+ DB_CMD_MEMSAFE, NULL)
extern db_expr_t db_maxoff;
extern int db_indent;
git: c84c5e00ac28 - main - ddb: annotate some commands with DB_CMD_MEMSAFE
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=c84c5e00ac28c8e00a56019031d1eaec74428b54
commit c84c5e00ac28c8e00a56019031d1eaec74428b54
Author: Mitchell Horne
AuthorDate: 2022-07-18 21:21:38 +
Commit: Allan Jude
CommitDate: 2022-07-18 22:06:09 +
ddb: annotate some commands with DB_CMD_MEMSAFE
This is not completely exhaustive, but covers a large majority of
commands in the tree.
Reviewed by:markj
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D35583
---
sys/amd64/amd64/machdep.c | 8
sys/ddb/db_command.c | 2 +-
sys/ddb/db_watch.c| 2 +-
sys/dev/pci/pci.c | 6 +++---
sys/i386/i386/machdep.c | 8
sys/kern/init_main.c | 2 +-
sys/kern/kern_cpuset.c| 4 ++--
sys/kern/kern_descrip.c | 2 +-
sys/kern/kern_intr.c | 4 ++--
sys/kern/kern_ktr.c | 2 +-
sys/kern/kern_linker.c| 2 +-
sys/kern/kern_malloc.c| 2 +-
sys/kern/kern_proc.c | 2 +-
sys/kern/kern_shutdown.c | 2 +-
sys/kern/kern_timeout.c | 2 +-
sys/kern/subr_autoconf.c | 2 +-
sys/kern/subr_devmap.c| 2 +-
sys/kern/subr_intr.c | 2 +-
sys/kern/subr_pcpu.c | 6 +++---
sys/kern/subr_physmem.c | 2 +-
sys/kern/subr_prf.c | 2 +-
sys/kern/subr_rman.c | 4 ++--
sys/kern/subr_turnstile.c | 2 +-
sys/kern/subr_witness.c | 6 +++---
sys/kern/vfs_bio.c| 6 +++---
sys/kern/vfs_subr.c | 2 +-
sys/net/vnet.c| 6 +++---
sys/opencrypto/crypto.c | 2 +-
sys/vm/uma_core.c | 4 ++--
sys/vm/vm_object.c| 4 ++--
sys/vm/vm_page.c | 4 ++--
sys/vm/vm_phys.c | 2 +-
sys/x86/x86/local_apic.c | 4 ++--
33 files changed, 56 insertions(+), 56 deletions(-)
diff --git a/sys/amd64/amd64/machdep.c b/sys/amd64/amd64/machdep.c
index 368a3c56c900..8174a8e850c8 100644
--- a/sys/amd64/amd64/machdep.c
+++ b/sys/amd64/amd64/machdep.c
@@ -521,7 +521,7 @@ extern inthand_t
* Display the index and function name of any IDT entries that don't use
* the default 'rsvd' entry point.
*/
-DB_SHOW_COMMAND(idt, db_show_idt)
+DB_SHOW_COMMAND_FLAGS(idt, db_show_idt, DB_CMD_MEMSAFE)
{
struct gate_descriptor *ip;
int idx;
@@ -540,7 +540,7 @@ DB_SHOW_COMMAND(idt, db_show_idt)
}
/* Show privileged registers. */
-DB_SHOW_COMMAND(sysregs, db_show_sysregs)
+DB_SHOW_COMMAND_FLAGS(sysregs, db_show_sysregs, DB_CMD_MEMSAFE)
{
struct {
uint16_t limit;
@@ -573,7 +573,7 @@ DB_SHOW_COMMAND(sysregs, db_show_sysregs)
db_printf("GSBASE\t0x%016lx\n", rdmsr(MSR_GSBASE));
}
-DB_SHOW_COMMAND(dbregs, db_show_dbregs)
+DB_SHOW_COMMAND_FLAGS(dbregs, db_show_dbregs, DB_CMD_MEMSAFE)
{
db_printf("dr0\t0x%016lx\n", rdr0());
@@ -581,7 +581,7 @@ DB_SHOW_COMMAND(dbregs, db_show_dbregs)
db_printf("dr2\t0x%016lx\n", rdr2());
db_printf("dr3\t0x%016lx\n", rdr3());
db_printf("dr6\t0x%016lx\n", rdr6());
- db_printf("dr7\t0x%016lx\n", rdr7());
+ db_printf("dr7\t0x%016lx\n", rdr7());
}
#endif
diff --git a/sys/ddb/db_command.c b/sys/ddb/db_command.c
index e6de6cd716e2..06eab31dbfa8 100644
--- a/sys/ddb/db_command.c
+++ b/sys/ddb/db_command.c
@@ -511,7 +511,7 @@ db_command(struct db_command **last_cmdp, struct
db_command_table *cmd_table,
* At least one non-optional command must be implemented using
* DB_COMMAND() so that db_cmd_set gets created. Here is one.
*/
-DB_COMMAND(panic, db_panic)
+DB_COMMAND_FLAGS(panic, db_panic, DB_CMD_MEMSAFE)
{
db_disable_pager();
panic("from debugger");
diff --git a/sys/ddb/db_watch.c b/sys/ddb/db_watch.c
index 3226b050a4c3..62585731e82e 100644
--- a/sys/ddb/db_watch.c
+++ b/sys/ddb/db_watch.c
@@ -216,7 +216,7 @@ db_watchpoint_cmd(db_expr_t addr, bool have_addr, db_expr_t
count,
* At least one non-optional show-command must be implemented using
* DB_SHOW_COMMAND() so that db_show_cmd_set gets created. Here is one.
*/
-DB_SHOW_COMMAND(watches, db_listwatch_cmd)
+DB_SHOW_COMMAND_FLAGS(watches, db_listwatch_cmd, DB_CMD_MEMSAFE)
{
db_list_watchpoints();
db_md_list_watchpoints();
diff --git a/sys/dev/pci/pci.c b/sys/dev/pci/pci.c
index 6c09212c2656..34eab9fdd2bb 100644
--- a/sys/dev/pci/pci.c
+++ b/sys/dev/pci/pci.c
@@ -5376,7 +5376,7 @@ pci_write_ivar(device_t dev, device_t child, int which,
uintptr_t value)
* List resources based on pci map registers, used for within ddb
*/
-DB_SHOW_COMMAND(pciregs, db_pci_dump)
+DB_SHOW_COMMAND_FLAGS(pciregs, db_pci_dump, DB_CMD_MEMSAFE)
{
struct pci_devinfo *dinfo;
struct devlist *devlist_head;
@@ -6787,7 +6787,7 @@ pci_print_faulted_dev(void)
}
#ifdef DDB
-DB_SHOW_COMMAND(pcierr, pci_print_faulted_dev_db)
+DB_SHOW_COMMAND_FLAGS(pcierr, pci
git: a305b20ead13 - main - ddb: tag core commands with DB_CMD_MEMSAFE
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=a305b20ead13bb29880e15ff20c3bb83b5397a82
commit a305b20ead13bb29880e15ff20c3bb83b5397a82
Author: Mitchell Horne
AuthorDate: 2022-07-18 21:22:36 +
Commit: Allan Jude
CommitDate: 2022-07-18 22:06:11 +
ddb: tag core commands with DB_CMD_MEMSAFE
Those which are statically defined in db_command.c.
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D35584
---
sys/ddb/db_command.c | 78 ++--
1 file changed, 39 insertions(+), 39 deletions(-)
diff --git a/sys/ddb/db_command.c b/sys/ddb/db_command.c
index 06eab31dbfa8..71e9b039d7a9 100644
--- a/sys/ddb/db_command.c
+++ b/sys/ddb/db_command.c
@@ -94,13 +94,13 @@ static db_cmdfcn_t db_watchdog;
}
static struct db_command db_show_active_cmds[] = {
- DB_CMD("trace", db_stack_trace_active, 0),
+ DB_CMD("trace", db_stack_trace_active, DB_CMD_MEMSAFE),
};
struct db_command_table db_show_active_table =
LIST_HEAD_INITIALIZER(db_show_active_table);
static struct db_command db_show_all_cmds[] = {
- DB_CMD("trace", db_stack_trace_all, 0),
+ DB_CMD("trace", db_stack_trace_all, DB_CMD_MEMSAFE),
};
struct db_command_table db_show_all_table =
LIST_HEAD_INITIALIZER(db_show_all_table);
@@ -108,9 +108,9 @@ struct db_command_table db_show_all_table =
static struct db_command db_show_cmds[] = {
DB_TABLE("active", &db_show_active_table),
DB_TABLE("all", &db_show_all_table),
- DB_CMD("registers", db_show_regs, 0),
- DB_CMD("breaks",db_listbreak_cmd, 0),
- DB_CMD("threads", db_show_threads,0),
+ DB_CMD("registers", db_show_regs, DB_CMD_MEMSAFE),
+ DB_CMD("breaks",db_listbreak_cmd, DB_CMD_MEMSAFE),
+ DB_CMD("threads", db_show_threads,DB_CMD_MEMSAFE),
};
struct db_command_table db_show_table = LIST_HEAD_INITIALIZER(db_show_table);
@@ -121,48 +121,48 @@ static struct db_command db_cmds[] = {
DB_CMD("examine", db_examine_cmd, CS_SET_DOT),
DB_CMD("x", db_examine_cmd, CS_SET_DOT),
DB_CMD("search",db_search_cmd, CS_OWN|CS_SET_DOT),
- DB_CMD("set", db_set_cmd, CS_OWN),
+ DB_CMD("set", db_set_cmd, CS_OWN|DB_CMD_MEMSAFE),
DB_CMD("write", db_write_cmd, CS_MORE|CS_SET_DOT),
DB_CMD("w", db_write_cmd, CS_MORE|CS_SET_DOT),
- DB_CMD("delete",db_delete_cmd, 0),
- DB_CMD("d", db_delete_cmd, 0),
- DB_CMD("dump", db_dump,0),
- DB_CMD("break", db_breakpoint_cmd, 0),
- DB_CMD("b", db_breakpoint_cmd, 0),
- DB_CMD("dwatch",db_deletewatch_cmd, 0),
- DB_CMD("watch", db_watchpoint_cmd, CS_MORE),
- DB_CMD("dhwatch", db_deletehwatch_cmd,0),
- DB_CMD("hwatch",db_hwatchpoint_cmd, 0),
- DB_CMD("step", db_single_step_cmd, 0),
- DB_CMD("s", db_single_step_cmd, 0),
- DB_CMD("continue", db_continue_cmd,0),
- DB_CMD("c", db_continue_cmd,0),
- DB_CMD("until", db_trace_until_call_cmd, 0),
- DB_CMD("next", db_trace_until_matching_cmd, 0),
+ DB_CMD("delete",db_delete_cmd, DB_CMD_MEMSAFE),
+ DB_CMD("d", db_delete_cmd, DB_CMD_MEMSAFE),
+ DB_CMD("dump", db_dump,DB_CMD_MEMSAFE),
+ DB_CMD("break", db_breakpoint_cmd, DB_CMD_MEMSAFE),
+ DB_CMD("b", db_breakpoint_cmd, DB_CMD_MEMSAFE),
+ DB_CMD("dwatch",db_deletewatch_cmd, DB_CMD_MEMSAFE),
+ DB_CMD("watch", db_watchpoint_cmd, CS_MORE|DB_CMD_MEMSAFE),
+ DB_CMD("dhwatch", db_deletehwatch_cmd,DB_CMD_MEMSAFE),
+ DB_CMD("hwatch",db_hwatchpoint_cmd, DB_CMD_MEMSAFE),
+ DB_CMD("step", db_single_step_cmd, DB_CMD_MEMSAFE),
+ DB_CMD("s", db_single_step_cmd, DB_CMD_MEMSAFE),
+ DB_CMD("continue", db_continue_cm
git: 2449b9e5fe56 - main - mac: kdb/ddb framework hooks
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=2449b9e5fe565be757a4b29093fd1c9c6ffcf3c9
commit 2449b9e5fe565be757a4b29093fd1c9c6ffcf3c9
Author: Mitchell Horne
AuthorDate: 2022-07-18 21:23:16 +
Commit: Allan Jude
CommitDate: 2022-07-18 22:06:13 +
mac: kdb/ddb framework hooks
Add three simple hooks to the debugger allowing for a loaded MAC policy
to intervene if desired:
1. Before invoking the kdb backend
2. Before ddb command registration
3. Before ddb command execution
We extend struct db_command with a private pointer and two flag bits
reserved for policy use.
Reviewed by:markj
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D35370
---
sys/conf/files | 1 +
sys/ddb/db_command.c | 16 ++
sys/ddb/ddb.h| 3 ++
sys/kern/subr_kdb.c | 11 +++
sys/security/mac/mac_framework.h | 10 ++
sys/security/mac/mac_kdb.c | 69
sys/security/mac/mac_policy.h| 17 ++
sys/security/mac_stub/mac_stub.c | 31 ++
sys/security/mac_test/mac_test.c | 39 +++
9 files changed, 197 insertions(+)
diff --git a/sys/conf/files b/sys/conf/files
index 30cd9eb7e741..4e1279adc073 100644
--- a/sys/conf/files
+++ b/sys/conf/files
@@ -5118,6 +5118,7 @@ security/audit/bsm_socket_type.c optional audit
security/audit/bsm_token.c optional audit
security/mac/mac_audit.c optional mac audit
security/mac/mac_cred.coptional mac
+security/mac/mac_kdb.c optional mac
security/mac/mac_framework.c optional mac
security/mac/mac_inet.coptional mac inet | mac inet6
security/mac/mac_inet6.c optional mac inet6
diff --git a/sys/ddb/db_command.c b/sys/ddb/db_command.c
index 71e9b039d7a9..ab7bec8f2ffc 100644
--- a/sys/ddb/db_command.c
+++ b/sys/ddb/db_command.c
@@ -59,6 +59,8 @@ __FBSDID("$FreeBSD$");
#include
#include
+#include
+
/*
* Exported global variables
*/
@@ -236,6 +238,13 @@ db_command_register(struct db_command_table *list, struct
db_command *cmd)
{
struct db_command *c, *last;
+#ifdef MAC
+ if (mac_ddb_command_register(list, cmd)) {
+ printf("%s: MAC policy refused registration of command %s\n",
+ __func__, cmd->name);
+ return;
+ }
+#endif
last = NULL;
LIST_FOREACH(c, list, next) {
int n = strcmp(cmd->name, c->name);
@@ -480,6 +489,13 @@ db_command(struct db_command **last_cmdp, struct
db_command_table *cmd_table,
*last_cmdp = cmd;
if (cmd != NULL) {
+#ifdef MAC
+ if (mac_ddb_command_exec(cmd, addr, have_addr, count, modif)) {
+ db_printf("MAC prevented execution of command %s\n",
+ cmd->name);
+ return;
+ }
+#endif
/*
* Execute the command.
*/
diff --git a/sys/ddb/ddb.h b/sys/ddb/ddb.h
index dce4e80ac117..4c8a4f165461 100644
--- a/sys/ddb/ddb.h
+++ b/sys/ddb/ddb.h
@@ -119,8 +119,11 @@ struct db_command {
#defineCS_SET_DOT 0x100 /* set dot after command */
#defineDB_CMD_MEMSAFE 0x1000 /* Command does not allow reads or
writes to
* arbitrary memory. */
+#defineDB_MAC1 0x1 /* For MAC policy use */
+#defineDB_MAC2 0x2
struct db_command_table *more; /* another level of command */
LIST_ENTRY(db_command) next; /* next entry in the command table */
+ void *mac_priv; /* For MAC policy use */
};
/*
diff --git a/sys/kern/subr_kdb.c b/sys/kern/subr_kdb.c
index 6aa8bd17e048..b1bf197be3dc 100644
--- a/sys/kern/subr_kdb.c
+++ b/sys/kern/subr_kdb.c
@@ -53,6 +53,8 @@ __FBSDID("$FreeBSD$");
#include
#endif
+#include
+
u_char __read_frequently kdb_active = 0;
static void *kdb_jmpbufp = NULL;
struct kdb_dbbe *kdb_dbbe = NULL;
@@ -731,6 +733,15 @@ kdb_trap(int type, int code, struct trapframe *tf)
cngrab();
for (;;) {
+#ifdef MAC
+ if (mac_kdb_check_backend(be) != 0) {
+ printf("MAC prevented execution of KDB backend: %s\n",
+ be->dbbe_name);
+ /* Unhandled breakpoint traps are fatal. */
+ handled = 1;
+ break;
+ }
+#endif
handled = be->dbbe_trap(type, code);
if (be == kdb_dbbe)
break;
diff --git a/sys/security/mac/mac_framework.h b/sys/security/mac/mac_framework.h
index 7a46fbedb28d..78a991fe10fe 100644
--- a/sys/security/mac/m
git: 287d467c5db5 - main - mac: add new mac_ddb(4) policy
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=287d467c5db5a46f13566a2f9dae80a695335c73 commit 287d467c5db5a46f13566a2f9dae80a695335c73 Author: Mitchell Horne AuthorDate: 2022-07-18 21:24:06 + Commit: Allan Jude CommitDate: 2022-07-18 22:06:15 + mac: add new mac_ddb(4) policy Generally, access to the kernel debugger is considered to be unsafe from a security perspective since it presents an unrestricted interface to inspect or modify the system state, including sensitive data such as signing keys. However, having some access to debugger functionality on production systems may be useful in determining the cause of a panic or hang. Therefore, it is desirable to have an optional policy which allows limited use of ddb(4) while disabling the functionality which could reveal system secrets. This loadable MAC module allows for the use of some ddb(4) commands while preventing the execution of others. The commands have been broadly grouped into three categories: - Those which are 'safe' and will not emit sensitive data (e.g. trace). Generally, these commands are deterministic and don't accept arguments. - Those which are definitively unsafe (e.g. examine , search ) - Commands which may be safe to execute depending on the arguments provided (e.g. show thread ). Safe commands have been flagged as such with the DB_CMD_MEMSAFE flag. Commands requiring extra validation can provide a function to do so. For example, 'show thread ' can be used as long as addr can be checked against the system's list of process structures. The policy also prevents debugger backends other than ddb(4) from executing, for example gdb(4). Reviewed by:markj, pauamma_gundo.com (manpages) Sponsored by: Juniper Networks, Inc. Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D35371 --- sbin/ddb/ddb.8| 1 + share/man/man4/ddb.4 | 1 + share/man/man4/mac.4 | 6 +- share/man/man4/mac_bsdextended.4 | 1 + share/man/man4/mac_ddb.4 | 108 share/man/man4/mac_lomac.4| 1 + share/man/man4/mac_mls.4 | 1 + share/man/man4/mac_none.4 | 1 + share/man/man4/mac_partition.4| 1 + share/man/man4/mac_portacl.4 | 1 + share/man/man4/mac_seeotheruids.4 | 1 + share/man/man4/mac_stub.4 | 1 + share/man/man4/mac_test.4 | 1 + share/man/man9/mac.9 | 1 + sys/conf/NOTES| 1 + sys/conf/files| 1 + sys/conf/options | 1 + sys/ddb/ddb.h | 1 + sys/modules/Makefile | 4 + sys/modules/mac_ddb/Makefile | 6 + sys/security/mac_ddb/mac_ddb.c| 266 ++ 21 files changed, 404 insertions(+), 2 deletions(-) diff --git a/sbin/ddb/ddb.8 b/sbin/ddb/ddb.8 index 0fb9687991e5..54e5aa1b390c 100644 --- a/sbin/ddb/ddb.8 +++ b/sbin/ddb/ddb.8 @@ -150,6 +150,7 @@ and manual pages. .Sh SEE ALSO .Xr ddb 4 , +.Xr mac_ddb 4 , .Xr textdump 4 , .Xr sysctl 8 .Sh HISTORY diff --git a/share/man/man4/ddb.4 b/share/man/man4/ddb.4 index cfc2d37287e1..6dec3924ef79 100644 --- a/share/man/man4/ddb.4 +++ b/share/man/man4/ddb.4 @@ -1602,6 +1602,7 @@ directory. .Xr kgdb 1 , .Xr acpi 4 , .Xr CAM 4 , +.Xr mac_ddb 4 , .Xr mac_test 4 , .Xr netgraph 4 , .Xr textdump 4 , diff --git a/share/man/man4/mac.4 b/share/man/man4/mac.4 index ecc13257960d..98d685143d88 100644 --- a/share/man/man4/mac.4 +++ b/share/man/man4/mac.4 @@ -30,7 +30,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 20, 2021 +.Dd June 29, 2022 .Dt MAC 4 .Os .Sh NAME @@ -51,10 +51,11 @@ security provisions such as file permissions and superuser checks. .Pp Currently, the following MAC policy modules are shipped with .Fx : -.Bl -column ".Xr mac_seeotheruids 4" "low-watermark mac policy" ".Em Labeling" "boot only" +.Bl -column ".Xr mac_seeotheruids 4" "ddb(4) interface restrictions" ".Em Labeling" "boot only" .It Sy Name Ta Sy Description Ta Sy Labeling Ta Sy "Load time" .It Xr mac_biba 4 Ta "Biba integrity policy" Ta yes Ta boot only .It Xr mac_bsdextended 4 Ta "File system firewall" Ta no Ta any time +.It Xr mac_ddb 4 Ta "ddb(4) interface restrictions" Ta no Ta any time .It Xr mac_ifoff 4 Ta "Interface silencing" Ta no Ta any time .It Xr mac_lomac 4 Ta "Low-Watermark MAC policy" Ta yes Ta boot only .It Xr mac_mls 4 Ta "Confidentiality policy" Ta yes Ta boot only @@ -201,6 +202,7 @@ man page. .Xr mac 3 , .Xr mac_biba 4 , .Xr mac_bsdextended 4 , +.Xr mac_ddb 4 ,
git: 4e2121c10afc - main - mac_ddb: add some validation functions
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=4e2121c10afc3d9273368eae776fe31d0c68ba6a
commit 4e2121c10afc3d9273368eae776fe31d0c68ba6a
Author: Mitchell Horne
AuthorDate: 2022-07-18 21:25:00 +
Commit: Allan Jude
CommitDate: 2022-07-18 22:06:22 +
mac_ddb: add some validation functions
These global objects are easy to validate, so provide the helper
functions to do so and include these commands in the allow lists.
Reviewed by:markj
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D35372
---
sys/security/mac_ddb/mac_ddb.c | 101 +
1 file changed, 101 insertions(+)
diff --git a/sys/security/mac_ddb/mac_ddb.c b/sys/security/mac_ddb/mac_ddb.c
index 8f07a664b7eb..89cba3145945 100644
--- a/sys/security/mac_ddb/mac_ddb.c
+++ b/sys/security/mac_ddb/mac_ddb.c
@@ -29,11 +29,17 @@
*/
#include
+#include
#include
#include
+#include
#include
+#include
+#include
#include
+#include
+
#include
#include
@@ -67,6 +73,11 @@ typedef int db_validation_fn_t(db_expr_t addr, bool
have_addr, db_expr_t count,
char *modif);
static db_validation_fn_t db_thread_valid;
+static db_validation_fn_t db_show_ffs_valid;
+static db_validation_fn_t db_show_prison_valid;
+static db_validation_fn_t db_show_proc_valid;
+static db_validation_fn_t db_show_rman_valid;
+static db_validation_fn_t db_show_vnet_valid;
struct cmd_list_item {
const char *name;
@@ -80,7 +91,12 @@ static const struct cmd_list_item command_list[] = {
/* List of ddb(4) 'show' commands which are allowed by this policy. */
static const struct cmd_list_item show_command_list[] = {
+ { "ffs",db_show_ffs_valid },
+ { "prison", db_show_prison_valid },
+ { "proc", db_show_proc_valid },
+ { "rman", db_show_rman_valid },
{ "thread", db_thread_valid },
+ { "vnet", db_show_vnet_valid },
};
static int
@@ -103,6 +119,91 @@ db_thread_valid(db_expr_t addr, bool have_addr, db_expr_t
count, char *modif)
return (EACCES);
}
+static int
+db_show_ffs_valid(db_expr_t addr, bool have_addr, db_expr_t count, char *modif)
+{
+ struct mount *mp;
+
+ /* No addr will show all mounts. */
+ if (!have_addr)
+ return (0);
+
+ TAILQ_FOREACH(mp, &mountlist, mnt_list)
+ if ((void *)mp == (void *)addr)
+ return (0);
+
+ return (EACCES);
+}
+
+static int
+db_show_prison_valid(db_expr_t addr, bool have_addr, db_expr_t count,
+char *modif)
+{
+ struct prison *pr;
+ int pr_id;
+
+ if (!have_addr || addr == 0)
+ return (0);
+
+ /* prison can match by pointer address or ID. */
+ pr_id = (int)addr;
+ TAILQ_FOREACH(pr, &allprison, pr_list)
+ if (pr->pr_id == pr_id || (void *)pr == (void *)addr)
+ return (0);
+
+ return (EACCES);
+}
+
+static int
+db_show_proc_valid(db_expr_t addr, bool have_addr, db_expr_t count,
+char *modif)
+{
+ struct proc *p;
+ int i;
+
+ /* Default will show the current proc. */
+ if (!have_addr)
+ return (0);
+
+ for (i = 0; i <= pidhash; i++) {
+ LIST_FOREACH(p, &pidhashtbl[i], p_hash) {
+ if ((void *)p == (void *)addr)
+ return (0);
+ }
+ }
+
+ return (EACCES);
+}
+
+static int
+db_show_rman_valid(db_expr_t addr, bool have_addr, db_expr_t count, char
*modif)
+{
+ struct rman *rm;
+
+ TAILQ_FOREACH(rm, &rman_head, rm_link) {
+ if ((void *)rm == (void *)rm)
+ return (0);
+ }
+
+ return (EACCES);
+}
+
+static int
+db_show_vnet_valid(db_expr_t addr, bool have_addr, db_expr_t count, char
*modif)
+{
+ VNET_ITERATOR_DECL(vnet);
+
+ if (!have_addr)
+ return (0);
+
+ VNET_FOREACH(vnet) {
+ if ((void *)vnet == (void *)addr)
+ return (0);
+ }
+
+ return (EACCES);
+}
+
static int
command_match(struct db_command *cmd, struct cmd_list_item item)
{
git: fd5e9210598c - main - Add CPU Ident for Qualcomm Kryo 400 (used in MS Dev Kit)
The branch main has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=fd5e9210598cfafbecc05b5ec03da25483833f90
commit fd5e9210598cfafbecc05b5ec03da25483833f90
Author: Allan Jude
AuthorDate: 2022-12-20 21:31:38 +
Commit: Allan Jude
CommitDate: 2023-01-18 21:04:49 +
Add CPU Ident for Qualcomm Kryo 400 (used in MS Dev Kit)
Reviewed by:imp
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D37767
---
sys/arm64/arm64/identcpu.c | 10 +-
sys/arm64/include/cpu.h| 5 +
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/sys/arm64/arm64/identcpu.c b/sys/arm64/arm64/identcpu.c
index 4f176ceef0b8..dadb589e9294 100644
--- a/sys/arm64/arm64/identcpu.c
+++ b/sys/arm64/arm64/identcpu.c
@@ -199,6 +199,7 @@ static const struct cpu_parts cpu_parts_arm[] = {
{ CPU_PART_NEOVERSE_N1, "Neoverse-N1" },
{ CPU_PART_NEOVERSE_N2, "Neoverse-N2" },
{ CPU_PART_NEOVERSE_V1, "Neoverse-V1" },
+ { CPU_PART_NEOVERSE_V2, "Neoverse-V2" },
CPU_PART_NONE,
};
@@ -215,6 +216,13 @@ static const struct cpu_parts cpu_parts_apm[] = {
CPU_PART_NONE,
};
+/* Qualcomm */
+static const struct cpu_parts cpu_parts_qcom[] = {
+ { CPU_PART_KRYO400_GOLD, "Kryo 400 Gold" },
+ { CPU_PART_KRYO400_SILVER, "Kryo 400 Silver" },
+ CPU_PART_NONE,
+};
+
/* Unknown */
static const struct cpu_parts cpu_parts_none[] = {
CPU_PART_NONE,
@@ -237,7 +245,7 @@ const struct cpu_implementers cpu_implementers[] = {
{ CPU_IMPL_INTEL, "Intel",cpu_parts_none },
{ CPU_IMPL_MARVELL, "Marvell", cpu_parts_none },
{ CPU_IMPL_NVIDIA, "NVIDIA", cpu_parts_none },
- { CPU_IMPL_QUALCOMM,"Qualcomm", cpu_parts_none },
+ { CPU_IMPL_QUALCOMM,"Qualcomm", cpu_parts_qcom },
CPU_IMPLEMENTER_NONE,
};
diff --git a/sys/arm64/include/cpu.h b/sys/arm64/include/cpu.h
index 2318c9d54cf3..280a759a4f06 100644
--- a/sys/arm64/include/cpu.h
+++ b/sys/arm64/include/cpu.h
@@ -111,6 +111,7 @@
#defineCPU_PART_CORTEX_X1C 0xD4C
#defineCPU_PART_CORTEX_A7150xD4D
#defineCPU_PART_CORTEX_X3 0xD4E
+#defineCPU_PART_NEOVERSE_V20xD4F
/* Cavium Part numbers */
#defineCPU_PART_THUNDERX 0x0A1
@@ -126,6 +127,10 @@
/* APM / Ampere Part Number */
#define CPU_PART_EMAG8180 0x000
+/* Qualcomm */
+#defineCPU_PART_KRYO400_GOLD 0x804
+#defineCPU_PART_KRYO400_SILVER 0x805
+
#defineCPU_IMPL(midr) (((midr) >> 24) & 0xff)
#defineCPU_PART(midr) (((midr) >> 4) & 0xfff)
#defineCPU_VAR(midr) (((midr) >> 20) & 0xf)
git: 501fe0cd6ac0 - Create tag vendor/zstd/1.5.2
The annotated tag vendor/zstd/1.5.2 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=vendor/zstd/1.5.2 tag vendor/zstd/1.5.2 Tagger: Allan Jude TaggerDate: 2023-01-25 01:22:23 + Import 1.5.2 commit b3392d84da5bf2162baf937c77e0557f3fd8a52b Author: Allan Jude AuthorDate: 2023-01-25 01:20:16 + Commit: Allan Jude CommitDate: 2023-01-25 01:20:16 + Import zstd 1.5.2
git: 4ab8c5c83ce9 - Create tag zfs-0.5.1
The annotated tag zfs-0.5.1 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.5.1 tag zfs-0.5.1 Tagger: Brian Behlendorf TaggerDate: 2010-09-13 16:04:47 + ZFS Version 0.5.1 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQBMjkuiCrnpkcavZYsRAmiwAJ4k2y2OLUnYM0oOUqNdDD36Ud8vywCgsslZ XchYOFH9yRJRq5fp+ytfMXM= =gG96 -END PGP SIGNATURE- commit 2c4834f87af4beec4b16157622c85d2850cce25f Author: Brian Behlendorf AuthorDate: 2010-09-11 04:44:17 + Commit: Brian Behlendorf CommitDate: 2010-09-12 03:54:41 + Wait up to timeout seconds for udev device Occasional failures were observed in zconfig.sh because udev could be delayed for a few seconds. To handle this the wait_udev function has been added to wait for timeout seconds for an expected device before returning an error. By default callers currently use a 30 seconds timeout which should be much longer than udev ever needs but not so long to worry the test suite is hung.
git: f6ae97673c28..b3392d84da5b - vendor/zstd - vendor branch updated
The branch vendor/zstd has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/log/?id=f6ae97673c28..b3392d84da5b b3392d84da5b Import zstd 1.5.2
git: 45a1044a53a1 - Create tag zfs-0.5.2
The annotated tag zfs-0.5.2 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.5.2 tag zfs-0.5.2 Tagger: Brian Behlendorf TaggerDate: 2010-11-12 21:57:17 + ZFS Version 0.5.2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEABECAAYFAkzduD0ACgkQCrnpkcavZYsC4QCfQkan1399tvn6qqRtJ9q9RTSp 63IAoNleFR15qrTtMLxWWu3UQnHdXQS9 =U6HP -END PGP SIGNATURE- commit 5e7affae52365f9f329cc63a53ae570352c4d993 Author: Brian Behlendorf AuthorDate: 2010-11-12 17:33:17 + Commit: Brian Behlendorf CommitDate: 2010-11-12 17:33:17 + Skip /dev/hpet during 'zpool import' If libblkid does not contain ZFS support, then 'zpool import' will scan all block devices in /dev/ to determine which ones are components of a ZFS filesystem. It does this by opening all the devices and stat'ing them to determine which ones are block devices. If the device turns out not to be a block device it is skipped. Usually, this whole process is pretty harmless (although slow). But there are certain devices in /dev/ which must be handled in a very specific way or your system may crash. For example, if /dev/watchdog is simply opened the watchdog timer will be started and your system will panic when the timer expires. It turns out the /dev/hpet causes similiar problems although only when accessed under a virtual machine. For some reason accessing /dev/hpet causes qemu to crash. To address this issue this commit adds /dev/hpet to the device blacklist, it will be skipped solely based on its name.
git: e02703e32e11 - Create tag zfs-0.6.0-rc1
The annotated tag zfs-0.6.0-rc1 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc1 tag zfs-0.6.0-rc1 Tagger: Brian Behlendorf TaggerDate: 2011-02-18 17:55:35 + ZFS Version 0.6.0-rc1 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEABECAAYFAk1espcACgkQCrnpkcavZYvT8wCfVRkOGzJLKcxO1YiF+b5gwmdi y+8AnjGT17qv5cDUK5nbb4N8ILNOCDbH =MxaK -END PGP SIGNATURE- commit 075cf6cb72a460d884c29085413c3ea16a62d32d Author: Brian Behlendorf AuthorDate: 2011-02-18 17:33:12 + Commit: Brian Behlendorf CommitDate: 2011-02-18 17:33:12 + Prep zfs-0.6.0-rc1 tag Create the first 0.6.0 release candidate tag (rc1). The Posix layer is now functional and passes fstest and several other test suites cleanly. We now need this release candidate tag to broaden the test coverage before we can release the official zfs-0.6.0.
git: 66217339eeed - Create tag zfs-0.6.0-rc11
The annotated tag zfs-0.6.0-rc11 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc11 tag zfs-0.6.0-rc11 Tagger: Brian Behlendorf TaggerDate: 2012-09-18 19:44:17 + ZFS Version 0.6.0-rc11 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAlBYzxEACgkQCrnpkcavZYsLpwCeLCRrlgEtwQTCN+dTkXM1OnwL FDkAn0k+nthnlwtZCQQyBCFkMbeApsz1 =CtL9 -END PGP SIGNATURE- commit 0a2f7b3662fd10e7ac56a4b2859248eb98e31d6d Author: Brian Behlendorf AuthorDate: 2012-09-18 19:33:00 + Commit: Brian Behlendorf CommitDate: 2012-09-18 19:33:37 + Seg fault 'zpool import -d /dev/disk/by-id -a' Introduced by commit 44867b6d6effc1628dd00c36821ab044f89fb988. We should of course check to ensure best isn't NULL before attempting to dereference it. Signed-off-by: Brian Behlendorf Closes #974
git: 0ae234e2d1f2 - Create tag zfs-0.6.0-rc10
The annotated tag zfs-0.6.0-rc10 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc10 tag zfs-0.6.0-rc10 Tagger: Brian Behlendorf TaggerDate: 2012-08-14 22:10:28 + ZFS Version 0.6.0-rc10 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAlAqzNQACgkQCrnpkcavZYv8WQCgzSLYHu8jlDShU9M2/71tDa4P 5FgAnRHVxnv1V0vpWpIXcUv/7wdVYbFL =303x -END PGP SIGNATURE- commit 4276c6f576d396b8c902da6cb168e64b2cff233e Author: Brian Behlendorf AuthorDate: 2012-08-13 17:20:51 + Commit: Brian Behlendorf CommitDate: 2012-08-14 15:38:19 + ZFS 0.6.0-rc10
git: 22e9e7bef251 - Create tag zfs-0.6.0-rc13
The annotated tag zfs-0.6.0-rc13 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc13 tag zfs-0.6.0-rc13 Tagger: Brian Behlendorf TaggerDate: 2012-12-20 19:05:07 + ZFS Version 0.6.0-rc13 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAlDTYWMACgkQCrnpkcavZYt3EQCffOZ75srgWYV1B31RERl6GZHs M4cAoIJizit/iMmh/NsWK6sdBaSb0pp7 =H+Fp -END PGP SIGNATURE- commit 15f9d4e1c2b0ee26546e79d599df1b2adc2e5026 Author: Brian Behlendorf AuthorDate: 2012-12-20 19:02:24 + Commit: Brian Behlendorf CommitDate: 2012-12-20 19:02:24 + ZFS 0.6.0-rc13
git: 8ebcfaddc35b - Create tag zfs-0.6.0-rc12
The annotated tag zfs-0.6.0-rc12 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc12 tag zfs-0.6.0-rc12 Tagger: Brian Behlendorf TaggerDate: 2012-11-13 22:36:32 + ZFS Version 0.6.0-rc12 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAlCiy3AACgkQCrnpkcavZYugnACffiFMQJtvFFP1+lEHnJrmb21o TeAAoJP8n+FTVVdDYmJLg6xiOtboyUaf =fFlb -END PGP SIGNATURE- commit 3997bc74351d608e1a09f8ba8d58fb1c12fff331 Author: Brian Behlendorf AuthorDate: 2012-11-13 22:35:44 + Commit: Brian Behlendorf CommitDate: 2012-11-13 22:35:44 + zfs-0.6.0-rc12
git: c2aae5db2997 - Create tag zfs-0.6.0-rc2
The annotated tag zfs-0.6.0-rc2 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc2 tag zfs-0.6.0-rc2 Tagger: Brian Behlendorf TaggerDate: 2011-03-09 23:39:05 + ZFS Version 0.6.0-rc2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEABECAAYFAk14D5kACgkQCrnpkcavZYtM/gCfX1jFIhMvynrbr4AnPEmAap+i w1oAn0x4K6bps3XAlQQ2ueVzB3Npfxxg =7Dup -END PGP SIGNATURE- commit 3eae80100bb32140aaa76864af636ea165584446 Author: Brian Behlendorf AuthorDate: 2011-03-09 23:17:28 + Commit: Brian Behlendorf CommitDate: 2011-03-09 23:26:48 + Prep zfs-0.6.0-rc2 tag Create the second 0.6.0 release candidate tag (rc2).
git: cf6773d94981 - Create tag zfs-0.6.0-rc3
The annotated tag zfs-0.6.0-rc3 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc3 tag zfs-0.6.0-rc3 Tagger: Brian Behlendorf TaggerDate: 2011-04-08 17:25:42 + ZFS Version 0.6.0-rc3 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEABECAAYFAk2fRRYACgkQCrnpkcavZYvi7wCdHutg90WUv0/oSZNl7gxdTSQn EVoAnj9ZRByqHAyp1MtExip6N8gEe/Cz =/YEX -END PGP SIGNATURE- commit 0f6fd32927aa2b9c63d1b527824705924a5a21ca Author: Brian Behlendorf AuthorDate: 2011-04-08 17:22:42 + Commit: Brian Behlendorf CommitDate: 2011-04-08 17:22:42 + Fix rebuildable RPMs for el6/ch5 When rebuilding the source RPM under el5 you need to append the target_cpu. However, under el6/ch5 things are packaged correctly and the arch is already part of kver. For this reason it also needs to be stripped from kver when setting kverpkg.
git: 00a4ef4a5336 - Create tag zfs-0.6.0-rc14
The annotated tag zfs-0.6.0-rc14 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc14 tag zfs-0.6.0-rc14 Tagger: Brian Behlendorf TaggerDate: 2013-02-01 19:27:34 + ZFS Version 0.6.0-rc14 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAlEMFyYACgkQCrnpkcavZYuzMwCg0Gc1RzHNxAmEoKojMphmstoY MpAAn0dU6xga7DqU1DOKI883WC3qeQQn =JMRd -END PGP SIGNATURE- commit a997dfbaf0c7b95700dedbfe0e704c8cab9f2a34 Author: Brian Behlendorf AuthorDate: 2013-02-01 19:26:55 + Commit: Brian Behlendorf CommitDate: 2013-02-01 19:26:55 + ZFS 0.6.0-rc14
git: 67484f623e18 - Create tag zfs-0.6.0-rc4
The annotated tag zfs-0.6.0-rc4 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc4 tag zfs-0.6.0-rc4 Tagger: Brian Behlendorf TaggerDate: 2011-05-05 17:30:34 + ZFS Version 0.6.0-rc4 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEABECAAYFAk3C3rsACgkQCrnpkcavZYvHuwCdFxSpIiLgnvN9PYkB+WwwosFT 7tcAn1e5wa7dZPI18EMntXgEySOXhofW =1yv4 -END PGP SIGNATURE- commit 3613204cd7e3ab1ae658e31dac875e58827a6655 Author: Brian Behlendorf AuthorDate: 2011-05-05 16:40:57 + Commit: Brian Behlendorf CommitDate: 2011-05-05 17:13:38 + Allow mounting of read-only snapshots With the addition of the mount helper we accidentally regressed the ability to manually mount snapshots. This commit updates the mount helper to expect the possibility of a ZFS_TYPE_SNAPSHOT. All snapshot will be automatically treated as 'legacy' type mounts so they can be mounted manually.
git: 2b8d3bbf0eac - Create tag zfs-0.6.0-rc5
The annotated tag zfs-0.6.0-rc5 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc5 tag zfs-0.6.0-rc5 Tagger: Brian Behlendorf TaggerDate: 2011-07-12 19:22:46 + ZFS Version 0.6.0-rc5 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAk4cnwYACgkQCrnpkcavZYuDQgCfX/prYf3d82BDI13sS/Z87Sy3 Uv4An3rmB0cXEasnEbhIkYcWC51mZ9R+ =Gapb -END PGP SIGNATURE- commit 615ab66d18f74b3f4979c06192e1aa1082523dd3 Author: Kyle Fuller AuthorDate: 2011-07-10 15:57:33 + Commit: Brian Behlendorf CommitDate: 2011-07-11 21:12:23 + Provide a rc.d script for archlinux Unlike most other Linux distributions archlinux installs its init scripts in /etc/rc.d insead of /etc/init.d. This commit provides an archlinux rc.d script for zfs and extends the build infrastructure to ensure it get's installed in the correct place. Signed-off-by: Brian Behlendorf Closes #322
git: 3b1727d59277 - Create tag zfs-0.6.0-rc6
The annotated tag zfs-0.6.0-rc6 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc6 tag zfs-0.6.0-rc6 Tagger: Brian Behlendorf TaggerDate: 2011-10-12 23:38:25 + ZFS Version 0.6.0-rc6 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAk6WJPEACgkQCrnpkcavZYujuwCcDn+0KwUByp8GJGNBSY3jc2Ez vUMAnR+FUIDZqQjwVD2hYlXESp/nrcJg =aPy9 -END PGP SIGNATURE- commit 5cbf6db937a304c4d2b60878a2405a1e2900abdf Author: Brian Behlendorf AuthorDate: 2011-10-11 21:36:42 + Commit: Brian Behlendorf CommitDate: 2011-10-11 21:45:37 + Disable 90-zfs.rules for test suite When running the zconfig.sh, zpios-sanity.sh, and zfault.sh from the installed packages the 90-zfs.rules can cause failures. These will occur because the test suite assumes it has full control over loading/unloading the module stack. If the stack gets asynchronously loaded by the udev rule the test suite will treat it as a failure. Resolve the issue by disabling the offending rule during the tests and enabling it on exit. Signed-off-by: Brian Behlendorf
git: 067cc32039de - Create tag zfs-0.7.0-rc2
The annotated tag zfs-0.7.0-rc2 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.7.0-rc2 tag zfs-0.7.0-rc2 Tagger: Brian Behlendorf TaggerDate: 2016-10-26 17:36:56 + ZFS Version 0.7.0-rc2 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEABECAAYFAlgQ6bgACgkQCrnpkcavZYtj9ACfeDo6E5ZyampsmPPOhy76/rcK 4/0AoKjauKMPGeHYImMj4ZmCNrGPXvF+ =2gi/ -END PGP SIGNATURE- commit c6a89b58a997a2b2c672542542e675447efcf4e4 Author: Brian Behlendorf AuthorDate: 2016-10-26 17:36:33 + Commit: Brian Behlendorf CommitDate: 2016-10-26 17:36:33 + Tag 0.7.0-rc2 Second release candidate. Signed-off-by: Brian Behlendorf
git: ed75ae401975 - Create tag zfs-0.6.4
The annotated tag zfs-0.6.4 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.4 tag zfs-0.6.4 Tagger: Brian Behlendorf TaggerDate: 2015-04-09 03:17:56 + ZFS Version 0.6.4 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAlUl72QACgkQCrnpkcavZYutTgCfZ/BDg3ZOUGzPWRh6HlWx/VqI ifEAn3/KYpYJ2yuLj+Y3PotqZR2jHT5V =oRCr -END PGP SIGNATURE- commit d07a16360c1ee219b8820f80d035e56a18c58b84 Author: Brian Behlendorf AuthorDate: 2015-04-09 03:16:45 + Commit: Brian Behlendorf CommitDate: 2015-04-09 03:16:45 + Tag zfs-0.6.4 META file and release log updated. Signed-off-by: Brian Behlendorf
git: 837bb4bf4360 - Create tag zfs-0.6.0-rc8
The annotated tag zfs-0.6.0-rc8 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc8 tag zfs-0.6.0-rc8 Tagger: Brian Behlendorf TaggerDate: 2012-03-26 18:58:36 + ZFS Version 0.6.0-rc8 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAk9wvFwACgkQCrnpkcavZYsoZwCgtO78zIwV9oLLDNk28iQSkMcQ wwsAoK9S1Bai+z0dbnZEFBYlIb8QTymH =aVxX -END PGP SIGNATURE- commit 2008ab88dd19ae3947b30b4e933fbf2273300aa2 Author: Brian Behlendorf AuthorDate: 2012-03-26 18:55:16 + Commit: Brian Behlendorf CommitDate: 2012-03-26 18:55:32 + ZFS 0.6.0-rc8
git: abf105d505be - Create tag zfs-0.6.0-rc7
The annotated tag zfs-0.6.0-rc7 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc7 tag zfs-0.6.0-rc7 Tagger: Brian Behlendorf TaggerDate: 2012-03-16 18:26:50 + ZFS Version 0.6.0-rc7 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAk9jheoACgkQCrnpkcavZYvGxgCdH8S4mZR3LfBZQ+w/xiouXe8W EOoAnRqKrCEUFl7t2FFe30C7vpEk9WFd =EwWT -END PGP SIGNATURE- commit 43c8454724e0ba70b13e40cd2f63ad0d68942776 Author: Brian Behlendorf AuthorDate: 2012-03-16 18:11:40 + Commit: Brian Behlendorf CommitDate: 2012-03-16 18:25:13 + ZFS 0.6.0-rc7
git: 5bc2fe8ccb6f - Create tag zfs-0.8.0-rc1
The annotated tag zfs-0.8.0-rc1 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.8.0-rc1 tag zfs-0.8.0-rc1 Tagger: Brian Behlendorf TaggerDate: 2018-09-07 16:54:41 + ZFS Version 0.8.0-rc1 -BEGIN PGP SIGNATURE- iHMEABECADMWIQTDPfFCZX7R98MoopYKuemRxq9liwUCW5KtURUcYmVobGVuZG9y ZjFAbGxubC5nb3YACgkQCrnpkcavZYtp+gCePyXHJuxVWIJLA9J9+Cobd8PsNVMA oK6qsBmiBO2B13KEqNfC1RBpeurj =q21b -END PGP SIGNATURE- commit b8a90418f3a9c23b89c5d2c729a4dd0fea644508 Author: Brian Behlendorf AuthorDate: 2018-09-07 16:35:09 + Commit: Brian Behlendorf CommitDate: 2018-09-07 16:35:09 + Tag 0.8.0-rc1 Major new features: - Native encryption - Device removal - Allocation classes - Pool checkpoints - Sequential scrub and resilver - Project quota - Channel programs - Direct IO Signed-off-by: Brian Behlendorf
git: 7acbc7fbe6e1 - Create tag zfs-0.6.3
The annotated tag zfs-0.6.3 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.3 tag zfs-0.6.3 Tagger: Brian Behlendorf TaggerDate: 2014-06-12 20:36:23 + ZFS Version 0.6.3 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAlOaD0cACgkQCrnpkcavZYutdwCff8mQU1ASoViHatRFr2s04MaQ QvEAoNtlHJE6/4jberIlqQRj8eIZrf0z =INFz -END PGP SIGNATURE- commit 07dabd234dd51a1e5adc5bd21cddf5b5fdc70732 Author: Brian Behlendorf AuthorDate: 2014-06-12 18:55:52 + Commit: Brian Behlendorf CommitDate: 2014-06-12 20:34:38 + Tag zfs-0.6.3 META file and release log updated. Signed-off-by: Brian Behlendorf
git: 02f548b73716 - Create tag zfs-0.7.0-rc1
The annotated tag zfs-0.7.0-rc1 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.7.0-rc1 tag zfs-0.7.0-rc1 Tagger: Brian Behlendorf TaggerDate: 2016-09-07 17:32:45 + ZFS Version 0.7.0-rc1 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEABECAAYFAlfQTz0ACgkQCrnpkcavZYtm6wCfbuiQVwxCoOc1DY+s5OW6nXRW iPsAnR4qY7eF+D+/OriHEAxjGdpqv57l =8cj3 -END PGP SIGNATURE- commit 178acea364bc19da6cd30c6aaa7147f9a14fdb5a Author: Brian Behlendorf AuthorDate: 2016-09-07 17:30:52 + Commit: Brian Behlendorf CommitDate: 2016-09-07 17:31:23 + Tag 0.7.0-rc1 First release candidate. Signed-off-by: Brian Behlendorf
git: 0817a3aef367 - Create tag zfs-0.7.0-rc5
The annotated tag zfs-0.7.0-rc5 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.7.0-rc5 tag zfs-0.7.0-rc5 Tagger: Brian Behlendorf TaggerDate: 2017-07-13 19:10:03 + ZFS Version 0.7.0-rc5 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEABECAAYFAllnxYsACgkQCrnpkcavZYvWGACeP4Q5eTR+Pm+EFIU+l4LdE6lv UfIAn1FhlXe1guR9t0K1yyuJggVtU6kg =69Ct -END PGP SIGNATURE- commit ff1cb6bf26cd7d16c6f846ea9199e734025c6d6d Author: Brian Behlendorf AuthorDate: 2017-07-13 19:08:53 + Commit: Brian Behlendorf CommitDate: 2017-07-13 19:08:53 + Tag 0.7.0-rc5 Fifth release candidate. Signed-off-by: Brian Behlendorf `
git: 06a8a7ee691f - Create tag zfs-0.8.0
The annotated tag zfs-0.8.0 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.8.0 tag zfs-0.8.0 Tagger: Brian Behlendorf TaggerDate: 2019-05-21 18:12:17 + ZFS Version 0.8.0 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iEYEABECAAYFAlzkP4EACgkQCrnpkcavZYv99QCdFxAFTpVF+cGYaMvbbgZnw+Sd 3gMAoJY4L4PUIis1QtS8+kcLcBtgWfa4 =s/9j -END PGP SIGNATURE- commit e34c3ee2fcbb320525a110c1811c557bc60479ff Author: Brian Behlendorf AuthorDate: 2019-05-21 17:03:24 + Commit: Brian Behlendorf CommitDate: 2019-05-21 18:11:41 + Tag 0.8.0 Signed-off-by: Brian Behlendorf
git: 717fbcea62f3 - Create tag zfs-0.8.0-rc3
The annotated tag zfs-0.8.0-rc3 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.8.0-rc3 tag zfs-0.8.0-rc3 Tagger: Brian Behlendorf TaggerDate: 2019-01-14 20:41:52 + ZFS Version 0.8.0-rc3 -BEGIN PGP SIGNATURE- iHIEABECADMWIQTDPfFCZX7R98MoopYKuemRxq9liwUCXDz0EBUcYmVobGVuZG9y ZjFAbGxubC5nb3YACgkQCrnpkcavZYtOswCYwCfKGMmaYB4vqIMhwHURuceVKACf Zh60Hz62KYzAYbJ5/eJALFvagrc= =U/4d -END PGP SIGNATURE- commit 9b626c126e78cdc36200b66c7cd1dc6a06cf400d Author: Brian Behlendorf AuthorDate: 2019-01-10 23:58:15 + Commit: Brian Behlendorf CommitDate: 2019-01-14 20:40:42 + Tag 0.8.0-rc3 Signed-off-by: Brian Behlendorf
git: 1eed6a97373a - Create tag zfs-0.8.0-rc2
The annotated tag zfs-0.8.0-rc2 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.8.0-rc2 tag zfs-0.8.0-rc2 Tagger: Brian Behlendorf TaggerDate: 2018-11-12 19:57:56 + ZFS Version 0.8.0-rc2 -BEGIN PGP SIGNATURE- iHMEABECADMWIQTDPfFCZX7R98MoopYKuemRxq9liwUCW+nbRBUcYmVobGVuZG9y ZjFAbGxubC5nb3YACgkQCrnpkcavZYt7rACeO3uovS8SiB9g2wzexvWXi3BgGDoA oJ+YHVj7xEErfAeXBLruxmzWBosk =VQYT -END PGP SIGNATURE- commit af2e8411dacbc694b1aaf9074e68a9d12270e74c Author: Brian Behlendorf AuthorDate: 2018-11-12 19:57:03 + Commit: Brian Behlendorf CommitDate: 2018-11-12 19:57:15 + Tag 0.8.0-rc2 Signed-off-by: Brian Behlendorf
git: 58fc45134e73 - Create tag zfs-0.6.1
The annotated tag zfs-0.6.1 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.1 tag zfs-0.6.1 Tagger: Brian Behlendorf TaggerDate: 2013-03-26 15:51:21 + ZFS Version 0.6.1 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAlFRw/kACgkQCrnpkcavZYv0RgCgrq9xnBoBjGCPKuZeKnCYty8O 5nMAnjvvvf31udAWjxWJQfVYph7oGFaX =1LEq -END PGP SIGNATURE- commit 36c0b62799554d0a41fc0a65602de3b50f9f6409 Author: Brian Behlendorf AuthorDate: 2013-03-25 20:46:37 + Commit: Brian Behlendorf CommitDate: 2013-03-26 15:50:29 + Tag zfs-0.6.1 META file and release log updated. Signed-off-by: Brian Behlendorf
git: be57006b1053 - Create tag zfs-0.6.0-rc9
The annotated tag zfs-0.6.0-rc9 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.0-rc9 tag zfs-0.6.0-rc9 Tagger: Brian Behlendorf TaggerDate: 2012-06-14 19:04:52 + ZFS Version 0.6.0-rc9 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAk/aNdQACgkQCrnpkcavZYthDQCgvJiJJeJWFIuMUy17BVt28Mb2 2j0AnA3qjuUHrUqNZ0c27TAw96r/EQQo =1rhX -END PGP SIGNATURE- commit 7164d092210f122a4564ab37fb4fce476ec4485f Author: Brian Behlendorf AuthorDate: 2012-06-14 18:46:40 + Commit: Brian Behlendorf CommitDate: 2012-06-14 18:46:40 + ZFS 0.6.0-rc9
git: 5e3823239d77 - Create tag zfs-0.6.5
The annotated tag zfs-0.6.5 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.5 tag zfs-0.6.5 Tagger: Brian Behlendorf TaggerDate: 2015-09-11 18:31:42 + ZFS Version 0.6.5 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEABECAAYFAlXzHg4ACgkQCrnpkcavZYvtgwCgzlsTAQUuJf+YEDotcYm+cKQP SocAoJq0Dlna4Fk68UC9tTwpOnWDoX3m =FZaz -END PGP SIGNATURE- commit 7a27ad00ae142b38d4aef8cc0af7a72b4c0e44fe Author: Brian Behlendorf AuthorDate: 2015-09-09 22:25:52 + Commit: Brian Behlendorf CommitDate: 2015-09-11 18:16:38 + Tag zfs-0.6.5 META file and release log updated. Signed-off-by: Brian Behlendorf
git: 547a97ed6bcd - Create tag zfs-0.7.0-rc3
The annotated tag zfs-0.7.0-rc3 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.7.0-rc3 tag zfs-0.7.0-rc3 Tagger: Brian Behlendorf TaggerDate: 2017-01-20 18:20:14 + ZFS Version 0.7.0-rc3 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEABECAAYFAliCVN4ACgkQCrnpkcavZYt42gCgnVOAjyZaX7MLou1Z54cGFFz6 J1QAoKafOiDxa2iREgHIS/BXxnj7soe+ =2iXo -END PGP SIGNATURE- commit 10a3f8885904558c2a406151c4cf960371c34934 Author: Brian Behlendorf AuthorDate: 2017-01-20 18:18:28 + Commit: Brian Behlendorf CommitDate: 2017-01-20 18:18:28 + Tag 0.7.0-rc3 Third release candidate. Signed-off-by: Brian Behlendorf
git: 4616b17df492 - Create tag zfs-0.7.0
The annotated tag zfs-0.7.0 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.7.0 tag zfs-0.7.0 Tagger: Brian Behlendorf TaggerDate: 2017-07-26 17:16:20 + ZFS Version 0.7.0 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEABECAAYFAll4zmQACgkQCrnpkcavZYtmcwCggTpAulHT79Xinw9pZehCTPC+ lCsAn0WM/qrKLOGDsjVjnanrgxW28NH+ =eNDw -END PGP SIGNATURE- commit ccad64314ab55963c1a0731ff62c8cf6c6976f28 Author: Brian Behlendorf AuthorDate: 2017-07-26 17:10:28 + Commit: Brian Behlendorf CommitDate: 2017-07-26 17:13:25 + Tag zfs-0.7.0 META file and changelog updated. Signed-off-by: Brian Behlendorf
git: 966e6714d3af - Create tag zfs-0.7.0-rc4
The annotated tag zfs-0.7.0-rc4 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.7.0-rc4 tag zfs-0.7.0-rc4 Tagger: Brian Behlendorf TaggerDate: 2017-05-05 17:34:28 + ZFS Version 0.7.0-rc4 -BEGIN PGP SIGNATURE- Version: GnuPG v1 iEYEABECAAYFAlkMt6QACgkQCrnpkcavZYti5gCgum+vc9LDzpWTElIegahxhmgz jrMAoJ14JYrUb9SCZwDu6PalpfkJLSoP =/pxP -END PGP SIGNATURE- commit a0e84010c94570fd2b6c8b43da49f0cd3e1a8e09 Author: Brian Behlendorf AuthorDate: 2017-05-05 17:33:40 + Commit: Brian Behlendorf CommitDate: 2017-05-05 17:33:40 + Tag 0.7.0-rc4 Fourth release candidate. Signed-off-by: Brian Behlendorf
git: d4827ca79575 - Create tag zfs-0.8.0-rc4
The annotated tag zfs-0.8.0-rc4 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.8.0-rc4 tag zfs-0.8.0-rc4 Tagger: Brian Behlendorf TaggerDate: 2019-04-16 20:46:05 + ZFS Version 0.8.0-rc4 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iEYEABECAAYFAly2PxEACgkQCrnpkcavZYuBPwCghSOPrIEON/Xi4P0CY2zrAd4G zisAn0E/38V9EuOcswiWYt3QHAuzrTG1 =jkqL -END PGP SIGNATURE- commit 17cbc2e62b7d561d59ece976f17fe422516587a8 Author: Brian Behlendorf AuthorDate: 2019-04-16 20:24:49 + Commit: Brian Behlendorf CommitDate: 2019-04-16 20:24:49 + Tag 0.8.0-rc4 Signed-off-by: Brian Behlendorf
git: 2752bf9cc8fc - Create tag zfs-0.6.2
The annotated tag zfs-0.6.2 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.6.2 tag zfs-0.6.2 Tagger: Brian Behlendorf TaggerDate: 2013-08-22 21:11:55 + ZFS Version 0.6.2 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAlIWfpsACgkQCrnpkcavZYtLQACfVmrqlXQdfFMcBdJr3qq0/xrb pegAoJGryjVM/lEXI5WKcG96B6g5qx0c =xWBg -END PGP SIGNATURE- commit 0c28fb480836ab7bb1bbf8de6e572d2443273396 Author: Brian Behlendorf AuthorDate: 2013-08-16 22:20:07 + Commit: Brian Behlendorf CommitDate: 2013-08-22 20:33:26 + Tag zfs-0.6.2 META file and release log updated. Signed-off-by: Brian Behlendorf
git: 562deed808fe - Create tag zfs-0.8.0-rc5
The annotated tag zfs-0.8.0-rc5 has been created by allanjude: URL: https://cgit.FreeBSD.org/src/tag/?h=zfs-0.8.0-rc5 tag zfs-0.8.0-rc5 Tagger: Brian Behlendorf TaggerDate: 2019-05-09 17:35:54 + ZFS Version 0.8.0-rc5 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iEYEABECAAYFAlzUZQMACgkQCrnpkcavZYvMvwCfYpcd1k/QQOE6c7S20hdsMs7g PFcAnRHVbdAK7eL4Ki9k26KahQ3zvzE3 =c6Ep -END PGP SIGNATURE- commit f378f42b53382dc8e5a21dfad1a4d71271aba059 Author: Brian Behlendorf AuthorDate: 2019-05-09 17:34:05 + Commit: Brian Behlendorf CommitDate: 2019-05-09 17:34:05 + Tag 0.8.0-rc5 Signed-off-by: Brian Behlendorf
git: 5ff13fbc199b - main - MFV: zstd 1.5.2
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=5ff13fbc199bdf5f0572845351c68ee5ca828e71 commit 5ff13fbc199bdf5f0572845351c68ee5ca828e71 Merge: 68636dcb6fde b3392d84da5b Author: Allan Jude AuthorDate: 2023-01-27 17:22:31 + Commit: Allan Jude CommitDate: 2023-01-27 17:22:31 + MFV: zstd 1.5.2 Merge commit 'b3392d84da5bf2162baf937c77e0557f3fd8a52b' into zstd_1.5.2 full changelog: https://github.com/facebook/zstd/compare/v1.4.8...v1.5.2 Updated sys/kern/subr_compressor.c to new API MFC after: 3 days Relnotes: yes Sponsored by: Klara, Inc. sys/contrib/zstd/CHANGELOG | 105 + sys/contrib/zstd/CONTRIBUTING.md | 211 +- sys/contrib/zstd/Makefile | 87 +- sys/contrib/zstd/README.md | 40 +- sys/contrib/zstd/TESTING.md|1 - sys/contrib/zstd/appveyor.yml | 171 +- sys/contrib/zstd/doc/educational_decoder/Makefile |2 +- sys/contrib/zstd/doc/educational_decoder/harness.c |2 +- .../zstd/doc/educational_decoder/zstd_decompress.c |4 +- .../zstd/doc/educational_decoder/zstd_decompress.h |2 +- sys/contrib/zstd/doc/zstd_compression_format.md|6 +- sys/contrib/zstd/doc/zstd_manual.html | 336 +- sys/contrib/zstd/examples/Makefile |2 +- sys/contrib/zstd/examples/common.h |4 +- sys/contrib/zstd/examples/dictionary_compression.c |2 +- .../zstd/examples/dictionary_decompression.c |2 +- .../zstd/examples/multiple_simple_compression.c|2 +- .../zstd/examples/multiple_streaming_compression.c |2 +- sys/contrib/zstd/examples/simple_compression.c |2 +- sys/contrib/zstd/examples/simple_decompression.c |2 +- sys/contrib/zstd/examples/streaming_compression.c | 32 +- .../examples/streaming_compression_thread_pool.c | 10 +- .../zstd/examples/streaming_decompression.c|2 +- sys/contrib/zstd/examples/streaming_memory_usage.c |2 +- sys/contrib/zstd/lib/BUCK | 12 +- sys/contrib/zstd/lib/Makefile | 266 +- sys/contrib/zstd/lib/README.md | 20 +- sys/contrib/zstd/lib/common/bitstream.h| 35 +- sys/contrib/zstd/lib/common/compiler.h | 135 +- sys/contrib/zstd/lib/common/cpu.h |2 +- sys/contrib/zstd/lib/common/debug.c|2 +- sys/contrib/zstd/lib/common/debug.h|2 +- sys/contrib/zstd/lib/common/entropy_common.c | 18 +- sys/contrib/zstd/lib/common/error_private.c|2 +- sys/contrib/zstd/lib/common/error_private.h| 85 +- sys/contrib/zstd/lib/common/fse.h |7 +- sys/contrib/zstd/lib/common/fse_decompress.c | 42 +- sys/contrib/zstd/lib/common/huf.h | 51 +- sys/contrib/zstd/lib/common/mem.h | 26 +- sys/contrib/zstd/lib/common/pool.c | 19 +- sys/contrib/zstd/lib/common/pool.h |6 +- sys/contrib/zstd/lib/common/portability_macros.h | 137 + sys/contrib/zstd/lib/common/xxhash.c | 814 +-- sys/contrib/zstd/lib/common/xxhash.h | 5739 +++- sys/contrib/zstd/lib/common/zstd_common.c |2 +- sys/contrib/zstd/lib/common/zstd_deps.h|2 +- sys/contrib/zstd/lib/common/zstd_internal.h| 215 +- sys/contrib/zstd/lib/common/zstd_trace.h | 163 + sys/contrib/zstd/lib/compress/clevels.h| 134 + sys/contrib/zstd/lib/compress/fse_compress.c | 92 +- sys/contrib/zstd/lib/compress/hist.c |2 +- sys/contrib/zstd/lib/compress/hist.h |2 +- sys/contrib/zstd/lib/compress/huf_compress.c | 712 ++- sys/contrib/zstd/lib/compress/zstd_compress.c | 2249 ++-- .../zstd/lib/compress/zstd_compress_internal.h | 443 +- .../zstd/lib/compress/zstd_compress_literals.c | 15 +- .../zstd/lib/compress/zstd_compress_literals.h |6 +- .../zstd/lib/compress/zstd_compress_sequences.c| 43 +- .../zstd/lib/compress/zstd_compress_sequences.h|2 +- .../zstd/lib/compress/zstd_compress_superblock.c | 296 +- .../zstd/lib/compress/zstd_compress_superblock.h |2 +- sys/contrib/zstd/lib/compress/zstd_cwksp.h | 241 +- sys/contrib/zstd/lib/compress/zstd_double_fast.c | 417 +- sys/contrib/zstd/lib/compress/zstd_double_fast.h |2 +- sys/contrib/zstd/lib/compress/zstd_fast.c | 445 +- sys/contrib/zstd/lib/compress/zstd_fast.h |2 +- sys/contrib/zstd/lib/compress/zstd_lazy.c | 1352 +++-- sys/contrib/zstd/lib/compress/zstd_lazy.h | 40 +- sys/contrib/zstd/lib/compress/zstd_ldm.c | 474 +- sys/contri
Re: git: 32a2fed6e71f - stable/13 - openssl: Fix detection of ARMv7 and ARM64 CPU features
On 11/23/2021 5:00 AM, Helge Oldach wrote:
Hi,
Allan Jude wrote on Mon, 22 Nov 2021 19:14:13 +0100 (CET):
The branch stable/13 has been updated by allanjude:
URL:
https://cgit.FreeBSD.org/src/commit/?id=32a2fed6e71f896266d4c695754104d82a72c60d
commit 32a2fed6e71f896266d4c695754104d82a72c60d
Author: Allan Jude
AuthorDate: 2021-11-19 15:14:30 +
Commit: Allan Jude
CommitDate: 2021-11-22 18:12:20 +
openssl: Fix detection of ARMv7 and ARM64 CPU features
OpenSSL assumes the same value for AT_HWCAP=16 (Linux)
So it ends up calling elf_auxv_info() with AT_CANARY which
returns ENOENT, and all acceleration features are disabled.
With this, my ARM64 test machine runs the benchmark
`openssl speed -evp aes-256-gcm` nearly 20x faster
going from 100 MB/sec to 2000 MB/sec
It also improves sha256 from 300 MB/sec to 1800 MB/sec
This fix has been accepted but not yet merged upstream:
https://github.com/openssl/openssl/pull/17082
PR: 259937
Reviewed by:manu, imp
MFC after: immediate
Relnotes: yes
Fixes: 88e852c0b5c872b1a ("OpenSSL: Merge OpenSSL 1.1.1j")
Sponsored by: Ampere Computing LLC
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D33060
(cherry picked from commit d9bb798725cfce9c72b80440659b48e8668eb10d)
Hmmm. On a RPi4/8G:
Before (FreeBSD 13.0-STABLE (GENERIC) #366 stable/13-n248173-d16fbc488e6):
| Doing aes-256-gcm for 3s on 16 size blocks: 6710997 aes-256-gcm's in 3.00s
| Doing aes-256-gcm for 3s on 64 size blocks: 1806261 aes-256-gcm's in 3.00s
| Doing aes-256-gcm for 3s on 256 size blocks: 468595 aes-256-gcm's in 3.00s
| Doing aes-256-gcm for 3s on 1024 size blocks: 121282 aes-256-gcm's in 3.00s
| Doing aes-256-gcm for 3s on 8192 size blocks: 14590 aes-256-gcm's in 3.00s
| Doing aes-256-gcm for 3s on 16384 size blocks: 7258 aes-256-gcm's in 3.00s
| OpenSSL 1.1.1l-freebsd 24 Aug 2021
| built on: reproducible build, date unspecified
| options:bn(64,64) rc4(int) des(int) aes(partial) idea(int) blowfish(ptr)
| compiler: clang
| The 'numbers' are in 1000s of bytes per second processed.
| type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes
16384 bytes
| aes-256-gcm 35791.98k38533.57k39986.77k41397.59k
39840.43k39638.36k
After (FreeBSD 13.0-STABLE (GENERIC) #367 stable/13-n248176-f085bb0e621)
| Doing aes-256-gcm for 3s on 16 size blocks: 344 aes-256-gcm's in 3.01s
| Doing aes-256-gcm for 3s on 64 size blocks: 1102925 aes-256-gcm's in 3.04s
| Doing aes-256-gcm for 3s on 256 size blocks: 279608 aes-256-gcm's in 3.03s
| Doing aes-256-gcm for 3s on 1024 size blocks: 69397 aes-256-gcm's in 3.00s
| Doing aes-256-gcm for 3s on 8192 size blocks: 9160 aes-256-gcm's in 3.14s
| Doing aes-256-gcm for 3s on 16384 size blocks: 4385 aes-256-gcm's in 3.00s
| OpenSSL 1.1.1l-freebsd 24 Aug 2021
| built on: reproducible build, date unspecified
| options:bn(64,64) rc4(int) des(int) aes(partial) idea(int) blowfish(ptr)
| compiler: clang
| The 'numbers' are in 1000s of bytes per second processed.
| type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes
16384 bytes
| aes-256-gcm 21277.62k23226.64k23613.90k23687.51k
23892.93k23947.95k
It seems that AES throughput is actually cut by almost half?
Kind regards
Helge
Do you know which of the CPU optimizations your RPi4 supports?
You can set the environment variable OPENSSL_armcap to override
OpenSSL's detection.
Try: env OPENSSL_armcap=0 openssl speed -evp aes-256-gcm
And see if it gets a different result.
--
Allan Jude
Re: git: 32a2fed6e71f - stable/13 - openssl: Fix detection of ARMv7 and ARM64 CPU features
On 11/24/2021 3:30 AM, Emmanuel Vadot wrote: On Tue, 23 Nov 2021 20:36:40 +0100 (CET) free...@oldach.net (Helge Oldach) wrote: Allan Jude wrote on Tue, 23 Nov 2021 20:14:53 +0100 (CET): On 11/23/2021 5:00 AM, Helge Oldach wrote: Allan Jude wrote on Mon, 22 Nov 2021 19:14:13 +0100 (CET): Hmmm. On a RPi4/8G: Before (FreeBSD 13.0-STABLE (GENERIC) #366 stable/13-n248173-d16fbc488e6): | type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes 16384 bytes | aes-256-gcm 35791.98k38533.57k39986.77k41397.59k 39840.43k39638.36k After (FreeBSD 13.0-STABLE (GENERIC) #367 stable/13-n248176-f085bb0e621) | type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes 16384 bytes | aes-256-gcm 21277.62k23226.64k23613.90k23687.51k 23892.93k23947.95k It seems that AES throughput is actually cut by almost half? Do you know which of the CPU optimizations your RPi4 supports? Is this what you need? Instruction Set Attributes 0 = So there is no AES+PMULL instruction set on RPI4, I guess that openssl uses them for aes-gcm. I wonder what it uses before that make it have this boost. On my rockpro64 I do see the improvement btw : root@generic:~ # cpuset -l 4,5 openssl speed -evp aes-256-gcm ... aes-256-gcm 122861.59k 337938.39k 565408.44k 661223.09k 709175.19k 712327.25k root@generic:~ # cpuset -l 4,5 env OPENSSL_armcap=0 openssl speed -evp aes-256-gcm ... aes-256-gcm 34068.11k38068.62k39435.24k39818.75k39905.34k 39922.35k Running on the big cores at max freq. Instruction Set Attributes 1 = <> Processor Features 0 = Processor Features 1 = <> Memory Model Features 0 = Memory Model Features 1 = <8bit VMID> Memory Model Features 2 = <32bit CCIDX,48bit VA> Debug Features 0 = Debug Features 1 = <> Auxiliary Features 0 = <> Auxiliary Features 1 = <> AArch32 Instruction Set Attributes 5 = AArch32 Media and VFP Features 0 = AArch32 Media and VFP Features 1 = You can set the environment variable OPENSSL_armcap to override OpenSSL's detection. Try: env OPENSSL_armcap=0 openssl speed -evp aes-256-gcm On FreeBSD 13.0-STABLE (GENERIC) #367 stable/13-n248176-f085bb0e621 again (i.e. after this commit): hmo@p48 ~ $ env OPENSSL_armcap=0 openssl speed -evp aes-256-gcm Doing aes-256-gcm for 3s on 16 size blocks: 6445704 aes-256-gcm's in 3.08s Doing aes-256-gcm for 3s on 64 size blocks: 1861149 aes-256-gcm's in 3.00s Doing aes-256-gcm for 3s on 256 size blocks: 479664 aes-256-gcm's in 3.01s Doing aes-256-gcm for 3s on 1024 size blocks: 122853 aes-256-gcm's in 3.04s Doing aes-256-gcm for 3s on 8192 size blocks: 15181 aes-256-gcm's in 3.00s Doing aes-256-gcm for 3s on 16384 size blocks: 7796 aes-256-gcm's in 3.07s OpenSSL 1.1.1l-freebsd 24 Aug 2021 built on: reproducible build, date unspecified options:bn(64,64) rc4(int) des(int) aes(partial) idea(int) blowfish(ptr) compiler: clang The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes 16384 bytes aes-256-gcm 33504.57k39704.51k40825.01k41394.83k41454.25k 41601.52k hmo@p48 ~ $ openssl speed -evp aes-256-gcm Doing aes-256-gcm for 3s on 16 size blocks: 4066201 aes-256-gcm's in 3.00s Doing aes-256-gcm for 3s on 64 size blocks: 1087387 aes-256-gcm's in 3.00s Doing aes-256-gcm for 3s on 256 size blocks: 280110 aes-256-gcm's in 3.03s Doing aes-256-gcm for 3s on 1024 size blocks: 70412 aes-256-gcm's in 3.04s Doing aes-256-gcm for 3s on 8192 size blocks: 8762 aes-256-gcm's in 3.00s Doing aes-256-gcm for 3s on 16384 size blocks: 4402 aes-256-gcm's in 3.02s OpenSSL 1.1.1l-freebsd 24 Aug 2021 built on: reproducible build, date unspecified options:bn(64,64) rc4(int) des(int) aes(partial) idea(int) blowfish(ptr) compiler: clang The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes 16384 bytes aes-256-gcm 21686.41k23197.59k23656.30k23725.04k23926.10k 23916.23k hmo@p48 ~ $ Kind regards, Helge So based on results from Manu, and Mark Millard, it seems almost every ARM platform is faster when it takes advantage of the CPU features, except the RPi4(B). As Manu pointed out, it doesn't appear to have the AES+PMULL feature, which means it must be something else that is slowing it down. What might help, is to try each feature in turn, and figure out which one is causing slower results. #define HWCAP_FP0x0001 #define HWCAP_ASIMD 0x0002 #define HWCAP_EVTSTRM 0x0004 #define HWCAP_AES 0x0008 #define HWCAP_PMULL 0x0010 #def
Re: git: 32a2fed6e71f - stable/13 - openssl: Fix detection of ARMv7 and ARM64 CPU features
On 11/25/2021 2:38 AM, Helge Oldach wrote: Hi, Allan Jude wrote on Wed, 24 Nov 2021 19:02:47 +0100 (CET): On 11/24/2021 3:30 AM, Emmanuel Vadot wrote: On Tue, 23 Nov 2021 20:36:40 +0100 (CET) free...@oldach.net (Helge Oldach) wrote: Allan Jude wrote on Tue, 23 Nov 2021 20:14:53 +0100 (CET): On 11/23/2021 5:00 AM, Helge Oldach wrote: Allan Jude wrote on Mon, 22 Nov 2021 19:14:13 +0100 (CET): Hmmm. On a RPi4/8G: Before (FreeBSD 13.0-STABLE (GENERIC) #366 stable/13-n248173-d16fbc488e6): | type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes 16384 bytes | aes-256-gcm 35791.98k38533.57k39986.77k41397.59k 39840.43k39638.36k After (FreeBSD 13.0-STABLE (GENERIC) #367 stable/13-n248176-f085bb0e621) | type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes 16384 bytes | aes-256-gcm 21277.62k23226.64k23613.90k23687.51k 23892.93k23947.95k It seems that AES throughput is actually cut by almost half? Do you know which of the CPU optimizations your RPi4 supports? Is this what you need? Instruction Set Attributes 0 = So there is no AES+PMULL instruction set on RPI4, I guess that openssl uses them for aes-gcm. I wonder what it uses before that make it have this boost. On my rockpro64 I do see the improvement btw : root@generic:~ # cpuset -l 4,5 openssl speed -evp aes-256-gcm ... aes-256-gcm 122861.59k 337938.39k 565408.44k 661223.09k 709175.19k 712327.25k root@generic:~ # cpuset -l 4,5 env OPENSSL_armcap=0 openssl speed -evp aes-256-gcm ... aes-256-gcm 34068.11k38068.62k39435.24k39818.75k39905.34k 39922.35k Running on the big cores at max freq. Instruction Set Attributes 1 = <> Processor Features 0 = Processor Features 1 = <> Memory Model Features 0 = Memory Model Features 1 = <8bit VMID> Memory Model Features 2 = <32bit CCIDX,48bit VA> Debug Features 0 = Debug Features 1 = <> Auxiliary Features 0 = <> Auxiliary Features 1 = <> AArch32 Instruction Set Attributes 5 = AArch32 Media and VFP Features 0 = AArch32 Media and VFP Features 1 = You can set the environment variable OPENSSL_armcap to override OpenSSL's detection. Try: env OPENSSL_armcap=0 openssl speed -evp aes-256-gcm On FreeBSD 13.0-STABLE (GENERIC) #367 stable/13-n248176-f085bb0e621 again (i.e. after this commit): hmo@p48 ~ $ env OPENSSL_armcap=0 openssl speed -evp aes-256-gcm Doing aes-256-gcm for 3s on 16 size blocks: 6445704 aes-256-gcm's in 3.08s Doing aes-256-gcm for 3s on 64 size blocks: 1861149 aes-256-gcm's in 3.00s Doing aes-256-gcm for 3s on 256 size blocks: 479664 aes-256-gcm's in 3.01s Doing aes-256-gcm for 3s on 1024 size blocks: 122853 aes-256-gcm's in 3.04s Doing aes-256-gcm for 3s on 8192 size blocks: 15181 aes-256-gcm's in 3.00s Doing aes-256-gcm for 3s on 16384 size blocks: 7796 aes-256-gcm's in 3.07s OpenSSL 1.1.1l-freebsd 24 Aug 2021 built on: reproducible build, date unspecified options:bn(64,64) rc4(int) des(int) aes(partial) idea(int) blowfish(ptr) compiler: clang The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes 16384 bytes aes-256-gcm 33504.57k39704.51k40825.01k41394.83k41454.25k 41601.52k hmo@p48 ~ $ openssl speed -evp aes-256-gcm Doing aes-256-gcm for 3s on 16 size blocks: 4066201 aes-256-gcm's in 3.00s Doing aes-256-gcm for 3s on 64 size blocks: 1087387 aes-256-gcm's in 3.00s Doing aes-256-gcm for 3s on 256 size blocks: 280110 aes-256-gcm's in 3.03s Doing aes-256-gcm for 3s on 1024 size blocks: 70412 aes-256-gcm's in 3.04s Doing aes-256-gcm for 3s on 8192 size blocks: 8762 aes-256-gcm's in 3.00s Doing aes-256-gcm for 3s on 16384 size blocks: 4402 aes-256-gcm's in 3.02s OpenSSL 1.1.1l-freebsd 24 Aug 2021 built on: reproducible build, date unspecified options:bn(64,64) rc4(int) des(int) aes(partial) idea(int) blowfish(ptr) compiler: clang The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes 16384 bytes aes-256-gcm 21686.41k23197.59k23656.30k23725.04k23926.10k 23916.23k hmo@p48 ~ $ Kind regards, Helge So based on results from Manu, and Mark Millard, it seems almost every ARM platform is faster when it takes advantage of the CPU features, except the RPi4(B). As Manu pointed out, it doesn't appear to have the AES+PMULL feature, which means it must be something else that is slowing it down. What might help, is to try each feature in turn, and figure out which one is causing slower results. #define HWCAP_FP0x0001 #define HWCAP_ASIMD 0x0002 #define HWCAP_E
Re: git: 32a2fed6e71f - stable/13 - openssl: Fix detection of ARMv7 and ARM64 CPU features
On 11/25/2021 10:31 AM, Helge Oldach wrote: Allan Jude wrote on Thu, 25 Nov 2021 16:09:25 +0100 (CET): On 11/25/2021 2:38 AM, Helge Oldach wrote: hmo@p48 ~ $ for f in 0 1 2 3 8 16 32 64 128 ; do echo -n $f:; env OPENSSL_armcap=$f openssl speed -evp aes-256-gcm 2>&1 | tail -1 | cut -wf7; done 0:42295.15k 1:23891.19k 2:42208.57k 3:23970.56k 8:42354.98k 16:42199.06k 32:size Illegal instruction (core dumped) 64:42322.42k 128:42275.00k hmo@p48 ~ $ So I guess HWCAP_FP is the culprit? Maybe related to hard/soft floating point math which indeed is kind of special on the Pi? So yeah, the issue seems to be that floating point on the RPi4 is slower than not, but now openssl (properly) detects that the CPU advertises support for it. As seen elsewhere in the thread, most other ARM platforms get a very significant speed boost. So can we disable FP within OpenSSL for the RPi by default? This commit basically introduced a regression for this platform and I think that should be fixed. Or it the root cause a suboptimal FP implementation that is not adequate for the RPi? Kind regards Helge The root cause is that the RPi4 advertises support for FP, but its FP is slow. I don't know that there is an easy way to detect the RPi4 specifically. You might be able to just disable the FP bit by setting OPENSSL_armcap=~1 globally, or maybe via openssl.conf? -- Allan Jude
Re: git: 32a2fed6e71f - stable/13 - openssl: Fix detection of ARMv7 and ARM64 CPU features
On 11/25/2021 12:16 PM, Helge Oldach wrote: Allan Jude wrote on Thu, 25 Nov 2021 17:54:06 +0100 (CET): On 11/25/2021 10:31 AM, Helge Oldach wrote: Allan Jude wrote on Thu, 25 Nov 2021 16:09:25 +0100 (CET): On 11/25/2021 2:38 AM, Helge Oldach wrote: hmo@p48 ~ $ for f in 0 1 2 3 8 16 32 64 128 ; do echo -n $f:; env OPENSSL_armcap=$f openssl speed -evp aes-256-gcm 2>&1 | tail -1 | cut -wf7; done 0:42295.15k 1:23891.19k 2:42208.57k 3:23970.56k 8:42354.98k 16:42199.06k 32:size Illegal instruction (core dumped) 64:42322.42k 128:42275.00k hmo@p48 ~ $ So I guess HWCAP_FP is the culprit? Maybe related to hard/soft floating point math which indeed is kind of special on the Pi? So yeah, the issue seems to be that floating point on the RPi4 is slower than not, but now openssl (properly) detects that the CPU advertises support for it. As seen elsewhere in the thread, most other ARM platforms get a very significant speed boost. So can we disable FP within OpenSSL for the RPi by default? This commit basically introduced a regression for this platform and I think that should be fixed. Or it the root cause a suboptimal FP implementation that is not adequate for the RPi? Kind regards Helge The root cause is that the RPi4 advertises support for FP, but its FP is slow. I don't know that there is an easy way to detect the RPi4 specifically. You might be able to just disable the FP bit by setting OPENSSL_armcap=~1 globally, or maybe via openssl.conf? Sure can do that locally - but again: This commit is basically a regression which IMHO should be fixed in a way not requiring users to tweak things? Kind regards Helge It is only a regression to RPi4's, but a massive improvement to every other bit of ARM hardware that has been tested. The error that made OpenSSL disable FP before, was an error (it was calling AT_CANARY instead of AT_HWCAP). So, your issue with openssl being slow on the RPi4 will need to be taken up with OpenSSL. -- Allan Jude
git: 5f034a005435 - main - fstab.5: spell encryption correctly
The branch main has been updated by allanjude: URL: https://cgit.FreeBSD.org/src/commit/?id=5f034a005435815486844bf3b3fed6b7e4ecdd09 commit 5f034a005435815486844bf3b3fed6b7e4ecdd09 Author: Fabian Keil AuthorDate: 2021-12-03 16:27:55 + Commit: Allan Jude CommitDate: 2021-12-03 16:28:46 + fstab.5: spell encryption correctly PR: 260189 MFC after: 2 weeks --- share/man/man5/fstab.5 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/share/man/man5/fstab.5 b/share/man/man5/fstab.5 index a83b26288ebc..752c1c12cda1 100644 --- a/share/man/man5/fstab.5 +++ b/share/man/man5/fstab.5 @@ -426,7 +426,7 @@ resides in # Swap space on a block device. /dev/da0p1 noneswapsw 0 0 # -# Swap space using a block device with GBDE/GELI encyption. +# Swap space using a block device with GBDE/GELI encryption. # aalgo, ealgo, keylen, sectorsize options are available # for .eli devices. /dev/da1p1.bde noneswapsw 0 0
