tcp: micro-optimize SYN-cookie expansion
Only compute wscale when it is actually used. While there, change the
type of wscale to u_int as suggested by glebius.
No functional change intended.
Reviewed by: glebius, rscheff (older version)
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D52296
(cherry picked from commit 341d1aabc13e47911d2eb38e857b90f7d356134e)
nvme: Linux compat: don't filter & 0x3.
Strictly speaking, opc & 0x3 == 3 is input and output at the same
time. This is undefined, in general. But for vendor commands, it's
vendor specific. Linux allows it generally and treats it as a read,
which is what we do too, so remove this check to be more compatible with
Linux's behavior (which we're trying to emulate).
Sponsored by: Netflix
src.opts.mk: Remove REPRODUCIBLE_BUILD from the default list
It was added to the list in bsd.opts.mk in commit 4f81c42fbd76, so
should have been removed here.
On stable/15, this also fixes a problem in commit
6e7cc49f94cf ("Make stable/15 a stable branch"), which made
REPRODUCIBLE_BUILD a default-yes option. It modified src.opts.mk
instead of bsd.opts.mk. This change modifies the latter accordingly.
Reported by: cperciva
Approved by: re (cperciva)
Fixes: 4f81c42fbd76 ("share/mk: Substitute reproducible prefixes in dwarf info")
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Sponsored by: Klara, Inc.
(cherry picked from commit b2f5dc591ef2547ee2e9b68e58a263cd34948db1)
vtnet: improve checksum offloading
When transmitting a packet over the vtnet interface, map the
csum flags CSUM_DATA_VALID | CSUM_PSEUDO_HDR to the virtio
flag VIRTIO_NET_HDR_F_DATA_VALID.
When receiving a packet over the virtio network channel, translate
the virtio flag VIRTIO_NET_HDR_F_NEEDS_CSUM not to CSUM_DATA_VALID |
CSUM_PSEUDO_HDR, but to CSUM_TCP, CSUM_TCP_IPV6, CSUM_UDP, or
CSUM_UDP_IPV6.
The second change fixes a series of issue related to checksum
offloading for if_vtnet.
While there, improve the stats counters to allow a detailed view
on what is going on in relation to checksum offloading.
PR: 165059
Reviewed by: tuexen, manpages
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D51686
src.opts.mk: Remove REPRODUCIBLE_BUILD from the default list
It was added to the list in bsd.opts.mk in commit 4f81c42fbd76, so
should have been removed here.
Reported by: cperciva
Fixes: 4f81c42fbd76 ("share/mk: Substitute reproducible prefixes in dwarf info")
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Sponsored by: Klara, Inc.
random: Allow pure entropy sources to provide a min-entropy estimate
The current implementation of the NIST health tests assumes a
min-entropy estimate of one bit per sample, which is quite conservative.
For so-called "pure" sources (e.g., virtio-random, TPM) it might be nice
to support larger estimates so that the tests catch failed devices more
quickly.
Thus:
- let each pure random source provide an estimate, so that downstreams
or driver implementors can override defaults if they want to;
- increase the default estimate for pure sources;
- for pure sources initialize the state machine at source registration
time.
Reviewed by: cem
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D52232
random: Make the entropy source registration interface more uniform
Most pure sources work under a "pull" model wherein a dedicated thread
polls the source at regular intervals (every 100ms). A couple of
sources, however, will instead call random_harvest_direct() to provide
entropy samples. Such sources were not calling random_source_register()
and thus weren't in the global random source list.
Modify "push" sources to use random_source_register() like other sources
do. Such sources omit an implementation of rs_read and are thus skipped
by the above-mentioned thread. This makes it easier to allow pure
sources to provide a min-entropy estimate in a uniform way.
Reviewed by: cem
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D52229
random: Exclude the timestamp from healthtest for pure sources
So-called pure sources provide entropy at regular intervals, so the
timestamp counter provides little entropy. Exclude it from health
testing for such sources.
Reviewed by: cem, emaste
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D52233
random: Fix synchronization of hc_source_mask
This variable provides a mask of all registered entropy sources and is
updated when drivers attach and detach (or by sysctl). However, nothing
was synchronizing accesses to it. Use the harvest lock to provide
mutual exclusion for updates, and use atomic_load_int() to mark unlocked
reads.
Reviewed by: cem
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D52230
random: Make the min-entropy estimate configurable
Right now the cutoff values for the RCT and APT tests are computed with
a fixed min-entropy estimate of 1. In preparation for permitting
alternative estimates for "pure" sources (i.e., hardware noise sources),
extend the code to handle alternative estimates of an integer number of
bits.
For the RCT test, the cutoff is simply the formula from section 4.4.1 of
NIST SP 800-90B. For the APT test, I used Excel to compute a lookup
table using the formula provided in section 4.4.2.
Reviewed by: cem
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D52228
Revert "LinuxKPI: pci: allocate entire pci_dev hiereachy up to root port on attach"
It turns out this breaks the nvidia-drm drviers.
We'll try to rework things and put it back later.
This reverts commit bbeeb585315645db20118ef349a4e3dc83b148cc.
freebsd-update: Fix the pkgbase check
Even on a pkgbase system, it should be possible to use freebsd-update -j
to upgrade a non-pkgbase jail, at least for the time being. However,
the check_pkgbase() call came before get_params, so BASEDIR was always
set to /.
Make check_pkgbase() a pure function and call it after get_params().
While here, use pkg -r ${BASEDIR} instead of pkg -c ${BASEDIR} since the
latter requires root privileges. freebsd-update is supposed to be run
as root, but it doesn't actually check this that I can see, so let's not
make that assumption here since it affects the result of the function
(i.e., pkg -c ${BASEDIR} always fails as a non-root user).
Reviewed by: des
Fixes: 856e158dc4aa ("freebsd-update: improve pkgbase check")
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D51770
(cherry picked from commit 66c75fa63aff40e9c587345b2cc6b8148e396de8)
libc/amd64: rewrite memrchr() baseline impl. to read the string from the back
This ensures O(1) behaviour if the character is a constant offset
from the end of the string, regardless of how long the string is.
Reported by: Mikael Simonsson <m at mikaelsimonsson.com>
Reviewed by: benni
PR: 288321
MFC after: 1 month
(cherry picked from commit 4b15965daa99044daf184221b7c283bf7f2d7e66)
libc/amd64: rewrite memrchr() scalar impl. to read the string from the back
A very simple implementation as I don't have the patience right now
to write a full SWAR kernel. Should still do the trick if you wish
to opt out of SSE for some reason.
Reported by: Mikael Simonsson <m at mikaelsimonsson.com>
Reviewed by: strajabot
PR: 288321
MFC after: 1 month
(cherry picked from commit 30acc84270266e41f66cf572f67c3290d923da2f)
kern: replace several EBADF with EINVAL
EBADF semantic is that the passed fd is invalid, not that it is of wrong
type. Using EBADF in these places in kern_event.c and sys_procdesc.c
give bad examples to copy from.
Note that places in kern_event.c that checks KQ_CLOSING and return EBADF
are kept, since KQ_CLOSING is the transient state before the fd is
finally closed and become eligible for EBADF.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D52410
[net80211] Quieten the logging from ieee80211_vht_get_vhtflags()
The commit in Fixes: introduced logging the output bits from
ieee80211_vht_get_vhtflags(). This ends up causing quite a lot
of logging when net80211 is doing things like processing
received beacons.
So just remove the logging; if it's needed again then a developer
can add it back to that location, or just use dtrace to capture
the return value.
Fixes: 4bf049bfeefd9
Differential Revision: https://reviews.freebsd.org/D52142
Reviewed by: bz
man: Add -l option
Add a -l option which causes man to interpret all arguments as paths to
open directly rather than man pages to search for in MANPATH. See the
PR for a detailed rationale.
PR: 289245
MFC after: 1 week
Reviewed by: ziaee, emaste
Differential Revision: https://reviews.freebsd.org/D52385
contrib/libxo: fix API header files inclusions in C++ source files
C++ source files need `extern "C"` to disable C++ name mangling.
MFC after: 1 week
Reviewed by: aokblast (previous version), phil, imp (previous version)
Differential Revision: https://reviews.freebsd.org/D47930