libpkgconf: Fix paths
${LOCALBASE:U} evaluates to exactly the same thing as ${LOCALBASE}.
Presumably what was meant was ${LOCALBASE:U/usr/local}.
Fixes: b8352da33f34 ("pkgconf: import into the base system")
Reviewed by: khorben
Differential Revision: https://reviews.freebsd.org/D56642
pf: fix duplicate rule detection for automatic tables
We should look at the table name for automatic tables as well. These
are different tables, so the rules using them are (or can be) different
as well.
MFC after: 3 days
Reported by: Michael Sinatra <michael at burnttofu.net>
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit fb838352751767e756bd45cd2040fa464ed4de20)
pf: fix duplicate rule detection for automatic tables
We should look at the table name for automatic tables as well. These
are different tables, so the rules using them are (or can be) different
as well.
MFC after: 3 days
Reported by: Michael Sinatra <michael at burnttofu.net>
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit fb838352751767e756bd45cd2040fa464ed4de20)
tuntap: add SIOCGIFCAP and SIOCSIFCAP ioctls
Add SIOCGIFCAP ioctl-command for tun/tap character device to be used
by bhyve for offloading in the future.
Add SIOCSIFCAP for symmetry.
Reviewed by: markj, pouria, tuexen
MFC after: 1 week
Event: Wiesbaden Hackathon 2026
Differential Revision: https://reviews.freebsd.org/D51289
vtnet: remove loader tunable fixup_needs_csum
Removes the deprecated loader tunable fixup_needs_csum. Removes also
the sysctl counter rx_csum_bad_offset that is no longer in use.
Reviewed by: tuexen
Event: Wiesbaden Hackathon 2026
Differential Revision: https://reviews.freebsd.org/D55588
tcp: use RFC 6191 for connection recycling in TIME-WAIT
Implement the criteria specified in RFC 6191 for recycling TCP
connections in TIME-WAIT.
Reviewed by: rscheff, Marius Halden
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D56321
Event: Wiesbaden Hackathon 2026
(cherry picked from commit 3a54aa3b0911bef15e014b8a8185e116efb0a918)
bpf: fix handling the read timeout on ppc64
On platforms other than amd64, BIOCSRTIMEOUT is equal to
BIOCSRTIMEOUT32. Therefore, running the COMPAT_FREEBSD32 code
basically clears tv_usec on big endian platforms. When tcpdump is
used, the timeout requested is 100ms, which gets cleared to 0 on
ppc64 platforms. This results in tcpdump showing the packets only
when the read buffer is full.
Thanks to kib for guiding me to the correct fix.
Reported by: ivy
Reviewed by: adrian, kib
Differential Revision: https://reviews.freebsd.org/D56399
Event: Wiesbaden Hackathon 2026
(cherry picked from commit 04b994d19eec68a6b5d27ff4b0fa223a05f00e1f)
tcp: retire TF_SENTSYN
This TF_-flag is only used in the RACK stack and not really needed.
So replace it, since glebius@ needs a TF_ flag and right now all
of them are taken.
No functional change intended.
Reviewed by: rrs, glebius, rscheff, Nick Banks
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D56025
Event: Wiesbaden Hackathon 2024
(cherry picked from commit 32cc4beb0a8c3cadc0de4c255ba512fd7b196607)
virtio: add loader tunables to sysctl
virtio_pci uses two loader tunables that should be more visible.
This patch adds these loader tunables to sysctl and describes them
in the virtio(4) man page.
Reviewed by: imp (erlier version), tuexen
Differential Revision: https://reviews.freebsd.org/D55533
Event: Wiesbaden Hackathon 2026
(cherry picked from commit c70755bc0d8f703dbaa1520c15e8213a95847dd5)
arm64/pmap: fix pmap_is_valid_memattr()
The function pmap_is_valid_memattr(pmap, mode) checks whether the
given variable mode is between the two constant values
VM_MEMATTR_DEVICE and VM_MEMATTR_WRITE_THROUGH.
After the code for this function was written, the value of
VM_MEMATTR_DEVICE changed from 0 to 4. Since VM_MEMATTR_WRITE_THROUGH
is still 3, the condition is always false.
This patch changes the condition to check whether mode is equal to any
of the VM_MEMATTR* constants.
Reviewed by: andrew, tuexen
Differential Revision: https://reviews.freebsd.org/D55534
Event: Wiesbaden Hackathon 2026
(cherry picked from commit 0272359ada144aa540c28fefaf996afa30dc0aa5)
tcp: improve handling of segments in TIME WAIT
The check for excluding duplicate ACKs needs to consider only TH_SYN
and TH_FIN. We know that TH_ACK is set and TH_RST is cleared. All
other flags, in particular TH_ECE, TH_CWR, and TH_AE needs to be
ignored for the check.
PR: 292293
Reviewed by: rrs
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D55489
Event: Wiesbaden Hackathon 2026
(cherry picked from commit f3364d3c8c876074a9a6f68168e5eb8bd60207de)
ure: improve receive checksum offloading
Let the receive checksum offload for TCP/IPv6 and UDP/IPv6 be
controlled by ifconfig rxcsum6 and not by ifconfig rxcsum.
While there, make the code more compact and improve stlye.9
conformity.
Reviewed by: Timo Völker
Differential Revision: https://reviews.freebsd.org/D55188
Event: Wiesbaden Hackathon 2026
(cherry picked from commit 378577393e407fa2cd9677392da2287e37b4dd33)
ure: improve transmit checksum offloading
Apparently, the name of the variable l4off was correct. Providing the
offset to the TCP or UDP header allows the transmit checksum offload to
work for TCP/IPv4, TCP/IPv6, UDP/IPv4, and UDP/IPv6.
Reported by: vishwin
Reviewed by: vishwin
Differential Revision: https://reviews.freebsd.org/D55187
Event: Wiesbaden Hackathon 2026
(cherry picked from commit 7266121ce985a1a895441357c20b0e9d56b4e5f5)
sctp: fix socket type created by sctp_peeloff()
When calling sctp_peeloff() on a SOCK_SEQPACKET socket, the created
and returned socket has the type SOCK_STREAM.
This is specified in section 9.2 of RFC 6458.
Reported by: Xin Long
MFC after: 3 days
Event: Wiesbaden Hackathon 2026
(cherry picked from commit d195b3783fa4de5c1a95f6d95eb9444abce6778b)
ure: improve checksum offloading
This patch fixes three issues:
(1) Initially, set the hwassist flags correctly when enabling
transmit checksum offload for TCP/IPv6 and UDP/IPv6.
(2) Keep the hwassist flags in sync with the capabilities when
changing txcsum.
(3) Keep the hwasssit flags in sync with the capabilities when
changing txcsum6.
Without this patch, transmit checksum offloading for TCP/IPv6 and
UDP/IPv6 is never used and transmit checksum offloading for IPv4,
TCP/IPv4 and UDP/IPv4 is always used, even if disabled via
ifconfig ue? -txcsum.
Reviewed by: Timo Völker
Differential Revision: https://reviews.freebsd.org/D54974
Event: Wiesbaden Hackathon 2026
(cherry picked from commit 7b6e84c9ac5668134ab2d075019ef0b827d90c84)
epair: add VLAN_HWTAGGING
Add capability VLAN_HWTAGGING to the epair interface and enable it by
default.
When sending a packet over a VLAN interface that uses an epair
interface, the flag M_VLANTAG and the ether_vtag (which contains the
VLAN ID and/or PCP) are set in the mbuf to inform the hardware that
the VLAN header has to be added. The sending epair end does not need
to actually add a VLAN header. It can just pass the mbuf with this
setting to the other epair end, which receives the packet. The
receiving epair end can just pass the mbuf with this setting to the
upper layer. Due to this setting, the upper layer believes that there
was a VLAN header that has been removed by the interface.
If the packet later leaves the host, the outgoing physical interface
can add the VLAN header in hardware if it supports VLAN_HWTAGGING.
If not, the implementation of Ethernet or bridge adds the VLAN header
in software.
Reviewed by: zlei, tuexen
[4 lines not shown]
ip: improve deferred computation of checksums
This patch adds the same functionality for the IPv4 header checksum
as was done erlier for the SCTP/TCP/UDP transport checksum.
When the IP implementation sends a packet, it does not compute the
corresponding checksum but defers that. It will determine whether the
network interface selected for the packet has the requested capability
and computes the checksum in software, if the selected network
interface does not have the requested capability.
Do this not only for packets being sent by the local IP stack, but
also when forwarding packets. Furthermore, when such packets are
delivered to a local IP stack, do not compute or validate the checksum,
since such packets have never been on the wire. This allows to support
checksum offloading also in the case of local virtual machines or
jails. Support for epair interfaces will be added in a separate commit.
Reviewed by: pouria, tuexen
Differential Revision: https://reviews.freebsd.org/D54455
Event: Wiesbaden Hackathon 2026
[2 lines not shown]
tcp: use RFC 6191 for connection recycling in TIME-WAIT
Implement the criteria specified in RFC 6191 for recycling TCP
connections in TIME-WAIT.
Reviewed by: rscheff, Marius Halden
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D56321
Event: Wiesbaden Hackathon 2026
(cherry picked from commit 3a54aa3b0911bef15e014b8a8185e116efb0a918)
bpf: fix handling the read timeout on ppc64
On platforms other than amd64, BIOCSRTIMEOUT is equal to
BIOCSRTIMEOUT32. Therefore, running the COMPAT_FREEBSD32 code
basically clears tv_usec on big endian platforms. When tcpdump is
used, the timeout requested is 100ms, which gets cleared to 0 on
ppc64 platforms. This results in tcpdump showing the packets only
when the read buffer is full.
Thanks to kib for guiding me to the correct fix.
Reported by: ivy
Reviewed by: adrian, kib
Differential Revision: https://reviews.freebsd.org/D56399
Event: Wiesbaden Hackathon 2026
(cherry picked from commit 04b994d19eec68a6b5d27ff4b0fa223a05f00e1f)
virtio: add loader tunables to sysctl
virtio_pci uses two loader tunables that should be more visible.
This patch adds these loader tunables to sysctl and describes them
in the virtio(4) man page.
Reviewed by: imp (erlier version), tuexen
Differential Revision: https://reviews.freebsd.org/D55533
Event: Wiesbaden Hackathon 2026
(cherry picked from commit c70755bc0d8f703dbaa1520c15e8213a95847dd5)
arm64/pmap: fix pmap_is_valid_memattr()
The function pmap_is_valid_memattr(pmap, mode) checks whether the
given variable mode is between the two constant values
VM_MEMATTR_DEVICE and VM_MEMATTR_WRITE_THROUGH.
After the code for this function was written, the value of
VM_MEMATTR_DEVICE changed from 0 to 4. Since VM_MEMATTR_WRITE_THROUGH
is still 3, the condition is always false.
This patch changes the condition to check whether mode is equal to any
of the VM_MEMATTR* constants.
Reviewed by: andrew, tuexen
Differential Revision: https://reviews.freebsd.org/D55534
Event: Wiesbaden Hackathon 2026
(cherry picked from commit 0272359ada144aa540c28fefaf996afa30dc0aa5)
tcp: improve handling of segments in TIME WAIT
The check for excluding duplicate ACKs needs to consider only TH_SYN
and TH_FIN. We know that TH_ACK is set and TH_RST is cleared. All
other flags, in particular TH_ECE, TH_CWR, and TH_AE needs to be
ignored for the check.
PR: 292293
Reviewed by: rrs
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D55489
Event: Wiesbaden Hackathon
(cherry picked from commit f3364d3c8c876074a9a6f68168e5eb8bd60207de)
