Replace MD5_ASM with function specific defines.
Use the same pattern that is now used for most other code - provide
HAVE_MD5_BLOCK_DATA_ORDER and use this to selectively enable source code.
Replace GHASH_ASM with function specific defines.
Use the same pattern that is now used for most other code - provide HAVE_*
defines for functions and use these to selectively enable source code.
Use .section before .rodata to appease gas.
gas dislikes bare .rodata - add .section before .rodata to make it happier
(LLVM does not care and is happy with either). For consistency, do the same
with .text.
Inflate gzip compressed CCR files on the fly in filemode
Turns out CCR data is highly compressable (~50% reduction with gzip).
Filemode recognizes compressed files by the .gz filename extension and
handles those transparently, i.e. 'rpki-client -jf *.ccr.gz *.mft.gz'
will output the hash identifier for a given file's uncompressed form.
OK tb@
asn1t.h: whitespace tweaks
Add missing space after commas, shorten a couple comments in structs,
reflow weirdly wrapped long comments and improve the random line
breaks in typedefs and prototypes.
un-ifdef i8259
We don't need different code variants for the legacy PIC. Just keep the
default variant and remove lots of #ifdefs
always defined:
ICU_HARDWARE_MASK
never defined:
ICU_SPECIAL_MASK_MODE
AUTO_EOI_1
AUTO_EOI_2
PIC_MASKDELAY
MASKDELAY
REORDER_IRQ
ok kettenis@ hshoexer@
bcmsdhost: Set bus clock after reset
The host reset during attach nukes SDCDIV that the bus clock setup has
initialized right before. Reorder to keep the correct value in SDCDIV.
ok kettenis@
In SEV-ES mode, guest userland is allowed to execute the vmgexit
instruction, although it has no control over the GHCB. Therefore,
it is important that the GHCB does not contain a valid request after
use.
In all "vmgexit paths" the GHCB is cleared by ghcb_sync_in() (it
calls ghcb_clear()) after returning from the hypervisor back into
the guest.
However, in _ghcb_mem_rw() I missed this when requesting MMIO writes
from the hypervisor. The diff below corrects this.
I want to keep this pattern in all vmgexit paths:
ghcb_sync_out
vmgexit
ghcb_verify_bm
ghcb_sync_in
[4 lines not shown]
As vmd(8) direct kernel launch now uses 32-bit legacy mode (with
paging disabled) we do not need the 64-bit #VC handling in locore0
anymore.
ok mlarkin@
pfctl(8): change default limiter action from no-match to block
pf(4) users who use limiters in current should update the rules
accordingly to reflect the change in default behavior. The existing
rule which reads as follows:
pass in from any to any state limiter test
needs to be changed to:
pass in from any to any state limiter test (no-match)
OK dlg@
vio: Support MTU feature
Add support for the VIRTIO_NET_F_MTU which allows to get the hardmtu
from the hypervisor. Also set the current mtu to the same value. The
virtio standard is not clear if that is recommended, but Linux does
this, too.
Use ETHER_MAX_HARDMTU_LEN as upper hardmtu limit instead of MAXMCLBYTES,
as this seems to be more correct.
If the hypervisor requests a MTU larger than ETHER_MAX_HARDMTU_LEN,
redo feature negotiation without VIRTIO_NET_F_MTU.
With this commit, OpenBSD finally works on Apple Virtualization.
Input and testing from @helg
ok jan@
make aq_start check the link is up before putting packets on the ring.
without link the hardware seems to hold onto the packets. if you
keep pushing packets onto the interface then the driver goes oactive
and then the ifqs fill up and then the system ends up short of
mbufs.
reported by Alisdair MacLeod on misc@ and narrowed down with sthen@
ok jmatthew@
Move the function reset and qportcfg operations to prepare for host memory
allocations required to support newer hardware generations.
tested by bluhm@ and stsp@ (as part of a larger diff)
ok bluhm@
Make the output of bse(4) mp-safe. Use consumer and provider indexes
instead of sc_tx.queued to determine the number of used tx slots.
Tested on RPI4.
Feedback and OK from jmatthew@/
Emulate AMD SysCfg MSR in vmm(4).
Linux kernels like to poke this to check for memory encryption
settings. Return 0's on reads instead of injecting #GP. Writes
continue to be ignored.
This reduces some noise for Linux guests on boot.
ok hshoexer@, mlarkin@
Increase MAXCPUs on amd64 to 255
Now that we have larger bitmask support for more than 64 CPUs, we can increase
the max to 255. 255 is the max that xapic can support; this number can be
bumped later if we want to discriminate x2apic vs xapic.
with input from and ok deraadt. also ok kettenis
Support more than 64 bits for amd64 TLB shootdown IPI masks
The TLB shootdown code used a uint64_t to track which CPUs needed to have
their TLB remotely flushed during pmap operations. This allowed for up to
64 CPUs maximum on amd64.
This diff changes the single uint64_t mask to an array of uint8_t masks,
sized based on MAXCPUS, and utilizes the bitmask macros in param.h to
manipulate these masks.
with input from and ok deraadt. also ok kettenis
pmap functions send various TLB shootdown operations by IPI to other cpus.
A lock is grabbed to serialize this. Then recipient cpus get sent an IPI
demanding this work. The lock is reused as a counter of cpus doing the work,
and each cpu's IPI handler decrements the counter.
The local cpu can do some operations in the parallel, before verifying
the TLB operations have completed in pmap_tlb_shootwait() which spins
for the counter to reach 0. But the counter is also a lock, and 0
means other cpu can grab it. So if the latency for the local work
exceeds the latency on the recepient cpus, the "counter-lock" can be
grabbed by a different cpu for its own TLB shootdown operations. The
original cpu will now spin waiting for this second cpu's work to
finish, creating pmap function latency.
To fix this, I create per-cpu counters which are seperate from the lock.
The IPI functions written in asm now decrement this per-cpu counter, and
when it reaches 0, the shared lock is cleared allowing another cpu to
being shootdowns tracked by its own per-cpu counter. The waiting
function only spins on the correct per-cpu counter.
As a bonus, the lock (and new variable indicating the shooting cpu)
are now in cache-aligned.
[2 lines not shown]
