inline most of the considered lost condensation.
This is a small cleanup to consolidate the considered lost reduction and marking to an
inline function. There are two places where we are using hookery in SACK processing where
we can't use it. All other places we move to the function. This code in theory changes nothing
and just makes things a bit more readable and consistent.
Reviewed by:tuexen
Differential Revision: <https://reviews.freebsd.org/D53021>
socket: bump socket buffer limit to 8MB
Bump the socket buffer limit from 2 MB to 8MB.
In particular, this allows to use larger values for TCP sockets,
which may result in higher throughput values with default settings.
In the review I was proposing using 16 MB, but in the transport
call today we settled on a more conservative value of 8.
Bumping it further will be done in combination with mitigations
for mbuf exhaustion attacks.
Reviewed by: rscheff, Peter Lei, jtl, thj
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D52873
(cherry picked from commit 1fe6497b48d6954ac07870d920b2e5d6d206be5e)
tcp: bump max rcv buffer size for autoscaling
This allows in higher throughput values with default settings.
In the review I was proposing using 16 MB, but in the transport
call today we settled on a more conservative value of 8.
Bumping it further will be done in combination with mitigations
for mbuf exhaustion attacks.
Reviewed by: rscheff, Peter Lei, jtl, thj
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D52871
(cherry picked from commit baeff75122e5cdb669c920414e054224270383d7)
tcp: bump max snd buffer size for autoscaling
This allows in higher throughput values with default settings.
In the review I was proposing using 16 MB, but in the transport
call today we settled on a more conservative value of 8.
Bumping it further will be done in combination with mitigations
for mbuf exhaustion attacks.
Reviewed by: rscheff, cc, glebius, Nick Banks, Peter Lei, jtl, thj, rrs
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D52872
(cherry picked from commit 9dd4742ee51ae80639b087a60ce7d15811c2b1e6)
release.7: Update RPI example + CHROOTDIR + SPDX
+ arm/RPI-B.conf no longer exists, adjust for arm64/RPI.conf
+ document default CHROOTDIR, also add to FILES list
+ tag SPDX
MFC after: 3 days
Reviewed by: cperciva
Differential Revision: https://reviews.freebsd.org/D53078
(cherry picked from commit 8a9f1a2286689c447e8528dc79ee6c4a47423fdc)
mkimg: Add a -h option and improve usage output to be more expressive
Reviewed by: imp, kp
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D52906
rc: dmesg: Allow umask to be configurable
Allow umask to be configurable.
Being able to set the umask via an rc variable is useful when setting:
security.bsd.unprivileged_read_msgbuf=0
As it allows a user to configure:
dmesg_umask="066"
Without modifying the rc script, and preventing the contents of the
$dmesg_file (/var/run/dmesg.boot) from being publicly readable.
PR: 272552
Reviewed by: netchild
MFC after: 2 days
Differential Revision: https://reviews.freebsd.org/D53169
libc: Import OpenBSD's inet_net_{ntop,pton}
Our versions of these functions (originally taken from BIND) simply
don't work correctly for AF_INET6. These were removed from BIND itself
quite a while ago, but OpenBSD has made several fixes in the mean time,
so import their code.
Add tests for both functions.
PR: 289198
Reported by: Nico Sonack <nsonack at herrhotzenplotz.de>
MFC after: 1 week
Reviewed by: des
Obtained from: OpenBSD (lib/libc/net)
Sponsored by: https://www.patreon.com/bsdivy
Differential Revision: https://reviews.freebsd.org/D52629
devd/snd.conf: Note that any command can be used for the action
Sponsored by: The FreeBSD Foundation
MFC after: 1 day
Differential Revision: https://reviews.freebsd.org/D53175
ipfw: do not use errno value for error reporting
table_do_modify_record() already uses errno value on error.
Also this fixes problem when `ipfw table add` returns ENOTTY that
is unrelated to operation.
Tested by: dhw
Fixes: 09025a714708
Differential Revision: https://reviews.freebsd.org/D53050
(cherry picked from commit dfd822b1f0846bdaa9a14457346f7431a86d3a64)
carp6: revise the generation of ND6 NA
* use ND_NA_FLAG_ROUTER flag in carp_send_na() when we work as router.
* use in6addr_any as destination address for nd6_na_output(), then it
will use ipv6-all-nodes multicast address.
* add in6_selectsrc_nbr() function that accepts additional argument
ip6_moptions. Use this function from ND6 code to avoid cases when
nd6_na_output/nd6_ns_output can not find source address for
multicast destinations.
* add some comments from RFC2461 for better understanding.
* use tlladdr argument as flags and use ND6_NA_OPT_LLA when we need
to add target link-layer address option, and ND6_NA_CARP_MASTER when
we know that target address is CARP master. Then we can prepare
correct CARP's mac address if target address is CARP master.
* move blocks of code where multicast options is initialized and
use it when destination address is multicast.
Reviewed by: kp
Obtained from: Yandex LLC
[4 lines not shown]
carp6: revise the generation of ND6 NA
* use ND_NA_FLAG_ROUTER flag in carp_send_na() when we work as router.
* use in6addr_any as destination address for nd6_na_output(), then it
will use ipv6-all-nodes multicast address.
* add in6_selectsrc_nbr() function that accepts additional argument
ip6_moptions. Use this function from ND6 code to avoid cases when
nd6_na_output/nd6_ns_output can not find source address for
multicast destinations.
* add some comments from RFC2461 for better understanding.
* use tlladdr argument as flags and use ND6_NA_OPT_LLA when we need
to add target link-layer address option, and ND6_NA_CARP_MASTER when
we know that target address is CARP master. Then we can prepare
correct CARP's mac address if target address is CARP master.
* move blocks of code where multicast options is initialized and
use it when destination address is multicast.
Reviewed by: kp
Obtained from: Yandex LLC
[4 lines not shown]
kern_descrip.c: add struct proc argument to fdcopy()
The proc is the owner of the copied filedesc.
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D52045
kqueuex(2): add KQUEUE_CPONFORK
The created kqueue is copied on fork, together with the registered
events. This means that a new kqueue is created at the same fd index
as the parent' kqueue, and all registered events are copied into the
new kqueue (when possible). The current active events list is also
duplicated.
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D52045
kern/kern_event.c: extract kern_kqueue_alloc() from kern_kqueue()
The new helper function allows to allocate a kqueue and its file,
without also allocating file descriptor.
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D52045