boot1.chrp: Specify --image-base
This is required for LLVM 22's ld.lld to avoid a build error:
ld.lld: error: section '.text' address (0x38000) is smaller than image base (0x10000000); specify --image-base
ld.lld: error: section '.rodata' address (0x3b308) is smaller than image base (0x10000000); specify --image-base
ld.lld: error: section '.data' address (0x3b610) is smaller than image base (0x10000000); specify --image-base
ld.lld: error: section '.bss' address (0x3f618) is smaller than image base (0x10000000); specify --image-base
Use 0x38000 for the image base, which is the address of the lowest
(and only) LOAD segment in the file.
Sponsored by: https://www.patreon.com/bsdivy
Differential Revision: https://reviews.freebsd.org/D56459
(cherry picked from commit aa0bc7cca153f67f8becec8a8fb259ff5fd30fd0)
libifconfig: Skip bridge VLAN config for span members
bridge(4) doesn't support BRDGGIFVLANSET for span members, which
means if a span interface is configured, libifconfig will fail to
fetch bridge members. Skip this for IFBIF_SPAN members.
PR: 292634
MFC after: 3 days
Reported by: Emrion <kmachine at free.fr>
Reviewed by: pouria, zlei
Sponsored by: https://www.patreon.com/bsdivy
Differential Revision: https://reviews.freebsd.org/D56694
(cherry picked from commit 454322c08b8aa181939c8d920472f03cfd591032)
nfsd: Disable use of callbacks for NFSv4.0
Commit 71ac1ec5c9d9 disabled callbacks for the NFS
client for NFSv4.0. This patch does the same for
the NFSv4.0 server.
The only use for callbacks for NFSv4.0 is delegations
and delegations rarely work well for NFSv4.0 anyhow.
Therefore, this patch disables callbacks for the
NFSv4.0 server. This is the same behavior as
occurs when vfs.nfsd.issue_delegations is 0.
This change allowed the functions called
nfsrv_getclientipaddr() and nfsrv_getipnumber() to be
removed from the kernel.
MFC after: 2 weeks
tests: Add some simple regression tests for ip_mroute
These use atf_python to create a number of hosts linked to a router.
The router runs pimd (for IPv4) or ip6_mrouter (simplistic IPv6
multicast router that I wrote since I couldn't find one in the ports
tree). The vnet_host*_handler() methods are invoked in different VNET
jails connected to the router; they register the connected epair with a
multicast group and verify that they can send messages to each other.
The tests are synchronized by sending messages over a unix domain
socket. The flow is something like:
1) test startup_method() is called, the unix socket is created,
2) the superclass creates jails and links them together using the
declared topology,
3) we wait for all child jails to start up and send a message on the
unix socket indicating that they are ready
4) we start the routing daemon in the main jail,
5) the test actually starts; starttest() kicks off the
vnet_host*_handlers(), which mostly just verify that they can send
[13 lines not shown]
ip_mroute: Fix a lock leak in X_ip_mforward()
If a FIB does not have a router configured, X_ip_mforward() would leak a
lock. Plug the leak.
The IPv6 counterpart did not have such a check. It wouldn't send an
upcall to a non-existent router anyway due to the router_ver check, but
we should verify that a router is present anyway.
Add regression test cases to exercise these code paths.
Reported by: Claude Opus 4.6
Fixes: 0bb9c2b665d9 ("ip6_mroute: FIBify")
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
(cherry picked from commit 18b7115cba2f698909a4801dc2cc1b04b1f4f210)
ip6_mroute: Handle interface detach events
When an interface goes away we need to make sure the v6 multicast
routing tables don't carry any dangling references to the ifnet. The v4
code handles this already. Copy the approach there and use an
eventhandler to purge the corresponding MIF, if one exists, and further
go through all routes in the FIB and remove references to the interface.
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D55246
(cherry picked from commit a1c042a9641c9df08010e87d0928703849ff9853)
ip6_mroute: Pass the multicast interface number directly to del_m6if()
There's no need to pass a pointer to the interface number. No
functional change intended.
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D55245
(cherry picked from commit 82272cbf56aa5646611c6f1049501cc345fcf6ec)
ip6_mroute: FIBify
Modify the control plane (ioctl and socket option handlers) to use the
routing socket FIB to index into the mfctable array. Modify the
forwarding plane to use the mbuf's FIB to determine which routing table
to use.
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D55242
(cherry picked from commit 0bb9c2b665d90934ae16eee152b6b4f4f4be0dd5)
ip6_mroute: VNETify counters
Commit a223d6c489c7 made most of the ip6_mroute state per-VNET, but
failed to do this for a couple of counter structures. Make them
per-VNET too.
Reported by: zlei
Reviewed by: pouria, zlei
Fixes: a223d6c489c7 ("ip6_mroute: Start putting global variables into a structure")
Differential Revision: https://reviews.freebsd.org/D56253
(cherry picked from commit 77df0240307ebbc606e17c9b83c0d940d33c2649)
Fix nooptions VIMAGE build
The recent FIBify commits deref struct thread without including
sys/proc.h, which can result in a compiler error. This becomes
apparent when building with LINT-NOVIMAGE, as net/vnet.h includes
sys/proc.h. Fix this by directly including sys/proc.h
Fixes: 4c486fe40267 ("ip_mroute: FIBify"), 0bb9c2b665d9 ("ip6_mroute: FIBify")
(cherry picked from commit 3f79bc9ca336f634e1afa262ccf5155882550a8a)
ip6_mroute: Fix the type name in sysctl_mfctable()
No functional change since apparently it's fine to compute the size of
a pointer type when the base type is undefined.
Fixes: 0bb9c2b665d9 ("ip6_mroute: FIBify")
(cherry picked from commit 0dbbed21a643f6c95bebe23008a332ff68adb203)
ip(6)_mroute: Grow the routing tables when the number of FIBs changes
Use the new rtnumfibs_change event to expand the mfctable array when the
number of FIBs increases.
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D55240
(cherry picked from commit 97a4bc9a0da7cd63c660ce59a9dd7c87efe1f218)
ip6_mroute: Start putting global variables into a structure
As in the IPv4 version of this change, I added a struct mf6ctable
structure which holds all global routing table state, soon to become
per-FIB state.
Note that much of the v6 multicast routing code was not VNETified; this
change fixes that too.
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D55238
(cherry picked from commit a223d6c489c7ea9a384f3d2bbda1b05b00d4502d)
net/route: Add an eventhandler for rt_numfibs changes
The multicast routing code will start implementing per-FIB routing
tables. As a part of this, it needs to be notified when the number of
FIBs changes, so that it can expand its tables.
Add an eventhandler for this purpose.
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D55239
(cherry picked from commit 81dbacbb7d71a53eef99ce73f7e589a165c3e1d6)
ip_mroute: FIBify
Modify the control plane (ioctl and socket option handlers) to use the
routing socket FIB to index into the mfctable array. Modify the
forwarding plane to use the mbuf's FIB to determine which routing table
to use.
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D55241
(cherry picked from commit 4c486fe402673c49443293cfb70ad4da61d39916)
ip_mroute: Start moving globals into a structure
I would like to support per-FIB multicast routing tables, such that one
can run a routing daemon per-FIB, with each daemon oblivious to the
existence of others. Currently the multicast routing code is completely
unaware of FIBs.
To that end, start collecting various global variables in ip_mroute.c
into a per-VNET struct mfctable. In a future patch this will be
expanded into an array of mfctable structures, one per FIB. For now,
all of the state is collected into V_mfctables[0].
Each mfctable contains, among other things:
- a pointer to the routing socket, if routing is enabled,
- a hash table of routing cache entries,
- an table of network interfaces participating in the routing
configuration
This change has no functional effect, it is just factoring out these
[8 lines not shown]
tests/if_lagg: Minor improvements
- Set require.kmods instead of relying on ifconfig to load if_lagg.ko,
as this doesn't work when running within a jail.
- Simplify helper functions which create tap and lagg devices.
MFC after: 1 week
