udp: make sendto(2) on unconnected UDP socket use public inpcb KPIs
UDP allows to sendto(2) on unconnected socket. The original BSD devise
was that such action would create a temporary (for the duration of the
syscall) connection between our inpcb and remote addr:port specified in
sockaddr 'to' of the syscall. This devise was broken in 2002 in
90162a4e87f0. For more motivation on the removal of the temporary
connection see email [1].
Since the removal of the true temporary connection the sendto(2) on
unconnected socket has the following side effects:
1) After first sendto(2) the "unconnected" socket will receive datagrams
destined to the selected port.
2) All subsequent sendto(2) calls will use the same source port.
Effectively, such sendto(2) acts like a bind(2) to INADDR_ANY:0. Indeed,
if you do this:
[25 lines not shown]
tests/netinet: add few tests for sending a broadcast packet
1) Set SO_BROADCAST and send to INADDR_BROADCAST.
2) Set SO_BROADCAST, set IP_ONESBCAST and cycle through broadcast capable
interfaces sending a datagram on each.
3) Set SO_BROADCAST and send to local broadcast address.
For each test we bind a second socket to check whether the broadcast
is actually received.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D49040
netinet: use in_broadcast() inline
There should be no functional change.
Reviewed by: rrs, markj
Differential Revision: https://reviews.freebsd.org/D49088
netinet: enforce broadcast mode for all-ones and all-zeroes destinations
When a socket has SO_BROADCAST set and destination address is INADDR_ANY
or INADDR_BROADCAST, the kernel shall pick up first broadcast capable
interface and broadcast the packet out of it. Since this API is not
reliable on a machine with > 1 broadcast capable interfaces, all practical
software seems to use IP_ONESBCAST or other mechanisms to send broadcasts.
This has been broken at least since FreeBSD 6.0, see bug 99558. Back then
the problem was in the fact that in_broadcast() check was always done
against the gateway address, not the destination address. Later, with
90cc51a1ab4be, a second problem piled on top - we aren't checking for
INADDR_ANY and INADDR_BROADCAST at all.
Better late than never, fix that by checking destination address.
PR: 99558
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D49042
netinet: rename in_broadcast() to in_ifnet_broadcast()
This aligns with existing in_ifaddr_broadcast() and aligns with other
simple functions or macros with bare "in_" prefix that operator just on
struct in_addr and nothing else, e.g. in_nullhost(). No functional
change.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D49041
umtx: Fix a bug in do_lock_pp()
If the lock is unowned (i.e., owner == UMUTEX_CONTESTED), we might get a
spurious failure, and in that case we need to retry the loop.
Otherwise, the calling thread can end up sleeping forever.
The same problem exists in do_set_ceiling(), which open-codes
do_lock_pp(), so fix it there too.
Reviewed by: olce
Reported by: Daniel King <dmking at adacore.com>
MFC after: 2 weeks
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D49031
vm_page: define partial page invalidate
Two different functions in different files do the same thing - fill a
partial page with zeroes. Add that functionality to vm_page.c and
remove it elsewhere to avoid code duplication.
Reviewed by: markj, kib
Differential Revision: https://reviews.freebsd.org/D49096
sys: Empty hints files
Create empty hints files for these platforms. They don't normally need a
hints file, but people use them for device instance wiring. It's less
confusing if they always exist.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D49052
nvmecontrol: Add more keys for CA page (Additional smart data)
Micron and Samsung also use this standard, though Micron is known to use
a few different keys. Add the ones that public information say are the
same among those the drives that have them.
There's others, but either they aren't publicly documented in datasheets
or nvme-cli code, or they vary betwen models and our code needs a fair
amount of rework needed.
Also print hex value for unknown keys. This allows scripts to more
easily pick bytes out for those keys who have values that are encoded by
packing multiple values into the 48-bit field.
Sponsored by: Netflix
Revert "vm_page: define partial page invalidate"
A negative review arrived as this was being committed, so undo and
reevaluate.
This reverts commit 5611a38d818587b307e1fb110f72d2996c170035.
vm_page: define partial page invalidate
Two different functions in different files do the same thing - fill a
partial page with zeroes. Add that functionality to vm_page.c and
remove it elsewhere to avoid code duplication.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D49096
pkg-stage.sh: Remove kde entirely
The package set for FreeBSD 13.5 comes from the 2025Q1 branch, which
doesn't have the new x11/kde (aka KDE 6) port; but shipping x11/kde5
(which is still in the 2025Q1 branch) doesn't make much sense either
since a few weeks after the release that will no longer be available
in either "latest" or "quarterly" package sets.
Just remove KDE packages from the 13.5 DVD entirely; this also makes
the DVD image fit into 4.7 GB size limit of physical DVDs again.
Direct commit to releng/13.5.
With hat: re
Approved by: re (cperciva)
Fixes: ee6c7bf50b93 ("pkg-stage.sh: kde5 -> kde")
Sponsored by: Amazon
pf: Stop using net_epoch to synchronize access to eth rules
Commit 20c4899a8eea4 modified pf_test_eth_rule() to not acquire the
rules read lock, so pf_commit_eth() was changed to wait until the
now-inactive rules are no longer in use before freeing them. In
particular, it uses the net_epoch to schedule callbacks once the
inactive rules are no longer visible to packet processing threads.
However, since commit 812839e5aaaf4, pf_test_eth_rule() acquires the
rules read lock, so this deferred action is unneeded. This patch
reverts a portion of 20c4899a8eea4 such that we avoid using deferred
callbacks to free inactive rules.
The main motivation is performance: epoch_drain_callbacks() is quite
slow, especially on busy systems, and its use in the DIOCXBEGIN handler
in particular causes long stalls in relayd when reloading configuration.
Reviewed by: kp
MFC after: 2 weeks
[5 lines not shown]
ipfw: make 'ipfw show' output compatible with 'ipfw add' command
If rule was added in compact form and rule body is empty, print
'proto ip' opcode to be compatible with ipfw(8) syntax parser.
Before:
$ ipfw add allow proto ip
000700 allow
After:
$ ipfw add allow proto ip
000700 allow proto ip
(cherry picked from commit 706a03f61bbb6e0cf10e6c3727966495b30d763e)
ipfw: make 'ipfw show' output compatible with 'ipfw add' command
If rule was added in compact form and rule body is empty, print
'proto ip' opcode to be compatible with ipfw(8) syntax parser.
Before:
$ ipfw add allow proto ip
000700 allow
After:
$ ipfw add allow proto ip
000700 allow proto ip
(cherry picked from commit 706a03f61bbb6e0cf10e6c3727966495b30d763e)
pf: Cut down on if statements around pf_icmp_state_lookup
Checked with blambert@, OK millert, henning
Obtained from: OpenBSD, mikeb <mikeb at openbsd.org>, 12e5d1443d
Sponsored by: Rubicon Communications, LLC ("Netgate")
pf: remove redundant argument from pf_icmp_state_lookup()
We already pass struct pf_pdesc to pf_icmp_state_lookup(). There's no need to
also pass the direction.
Sponsored by: Rubicon Communications, LLC ("Netgate")
pf: micro-optimise padding check
In most cases, IP fragments do not have an Ethernet padding. So
add a condition to save a useless call to m_adj() and have a paranoid
length check in the other cases.
OK henning@
Obtained from: OpenBSD, bluhm <bluhm at openbsd.org>, fcf0d61153
Obtained from: OpenBSD, chris <chris at openbsd.org>, ebe64b684c
Sponsored by: Rubicon Communications, LLC ("Netgate")
snmp_pf: fix rules->label use
We now support multiple lables on a rule, so 'rule' is an array of strings, not
just one string. Adjust the check for 'is there a label?'.
CID: 1471808
Sponsored by: Rubicon Communications, LLC ("Netgate")
snmp_pf: address Coverity remarks about time_t
On most platforms time_t is 64 bits wide, but we assign it to 32 bits
variables. Unfortunately these are SNMP fields that are defined to be 32 bits
wide, so we cannot change this. We are similarly unable to prevent the passage
of time, meaning that time_t must remain 64 bits wide as well.
Explicitly cast to tell Coverity that we're aware of these limitations and do
not wish to be reminded of them.
CID: 1553869
CID: 1557025
CID: 1592232
CID: 1592234
Sponsored by: Rubicon Communications, LLC ("Netgate")
pf.conf.5: Don't use greater-equal/less-equal symbols where "<="/">=" are intended.
Also, clean up some usage of predefined strings (which are discouraged by
mandoc_char(7) for portability reasons) and improve spacing in
hostapd.conf(5).
ok schwarze@
Obtained from: OpenBSD, bentley <bentley at openbsd.org>, e369c2e695
Sponsored by: Rubicon Communications, LLC ("Netgate")
pf: make log(matches) more useful
change log(matches) semantics slightly to make it more useful. since it
is a debug tool change of semantics not considered problematic.
up until now, log(matches) forced logging on subsequent matching rules,
the actual logging used the log settings from that matched rule.
now, log(matches) causes subsequent matches to be logged with the log settings
from the log(matches) rule. in particular (this was the driving point),
log(matches, to pflog23) allows you to have the trace log going to a seperate
pflog interface, not clobbering your regular pflogs, actually not affecting
them at all.
long conversation with bluhm about it, which didn't lead to a single bit
changed in the diff but was very very helpful. ok bluhm as well.
Obtained from: OpenBSD, henning <henning at openbsd.org>, f61b1efcce
Sponsored by: Rubicon Communications, LLC ("Netgate")
pf.conf.5: rephrase log() documentation
after some discussion with henning, document the various log options as
one section; some text was altered to make it read better;
ok henning
Obtained from: OpenBSD, jmc <jmc at openbsd.org>, cea6f9db1f
Sponsored by: Rubicon Communications, LLC ("Netgate")
pf tests: test new log(matches) behaviour
Ensure that a log(matches, to pflog1) sends all future matches to pflog1.
Sponsored by: Rubicon Communications, LLC ("Netgate")
pfctl: Rewrite to void using union sockaddr_union
ok mikeb
Obtained from: OpenBSD, deraadt <deraadt at openbsd.org>, 8717211fe3
Sponsored by: Rubicon Communications, LLC ("Netgate")
ASUS_AC1300: add storage device options
This adds the required bits for the installed NAND/NOR chips.
Differential Revision: https://reviews.freebsd.org/D49028
qcom_ess_edma: Add the IPQ4018/IPQ4019 ethernet MAC/MDIO driver.
This adds the ESS EDMA driver introduced by the IPQ4018/IPQ4019.
It provides a number of transmit and receive rings which can be mapped
into virtual ethernet devices, which this driver supports.
It's partially integrated into the ar40xx etherswitch which supplies
the port and some filtering/VPN offload functionality. This driver
only currently supports the per-port options which allow for the
virtual ethernet driver mapping.
This was written by reverse engineering the functionality of the
ethernet switch and ethernet driver support provided by Qualcomm
Atheros via their OpenWRT contributions. The code is all originally
authored by myself.
Differential Revision: https://reviews.freebsd.org/D49027
