pf: Stop using net_epoch to synchronize access to eth rules
Commit 20c4899a8eea4 modified pf_test_eth_rule() to not acquire the
rules read lock, so pf_commit_eth() was changed to wait until the
now-inactive rules are no longer in use before freeing them. In
particular, it uses the net_epoch to schedule callbacks once the
inactive rules are no longer visible to packet processing threads.
However, since commit 812839e5aaaf4, pf_test_eth_rule() acquires the
rules read lock, so this deferred action is unneeded. This patch
reverts a portion of 20c4899a8eea4 such that we avoid using deferred
callbacks to free inactive rules.
The main motivation is performance: epoch_drain_callbacks() is quite
slow, especially on busy systems, and its use in the DIOCXBEGIN handler
in particular causes long stalls in relayd when reloading configuration.
Reviewed by: kp
MFC after: 2 weeks
[5 lines not shown]
dev/mana: replace power2 function
Replace is_power_of_2(length) with power2(length). When length != 0, as in
this case, they produce the same result. This will allow an implementation
of is_power_of_two to be dropped.
Reviewed by: alc, markj
Differential Revision: https://reviews.freebsd.org/D45536
(cherry picked from commit a94ed493b50752cee09245fc312c63b00331f217)
LinuxKPI: 802.11: adjustments for v6.11 iwlwifi, rtw88 and rtw89
Bring in the LinuxKPI 802.11 compat bits which are altering
the mac80211 KPI.
* In struct ieee80211_bss_conf chandef -> chanreq.
* Various struct ieee80211_ops gained a link_id arguemnt,
stop gained a suspend flag.
* Various functions gained a link_id argument.
* ieee80211_tx_status() was renamed to ieee80211_tx_status_skb()
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 7b43f4d064195bcf66816cb9fe350a1392fe24ce)
libkern: don't use MPASS
Using MPASS in libkern breaks buildworld. Replace MPASS with KASSERT
in three places.
(cherry picked from commit 08f6f78f81e21b21dd002a9389436b0333cb3488)
libkern: avoid local var in order_base_2()
order_base_2(n) is implemented with a variable, which keeps it from
being used at file scope. Implement it instead as ilog2(2*n-1), which
produces a different result when 2*n overflows, which appears unlikely
in practice.
Reviewed by: bz
Differential Revision: https://reviews.freebsd.org/D46826
(cherry picked from commit b7cbf741d55468ba34305a14ac3acc1c286af034)
log2: move log2 functions from linuxkpi to libkern
Linux has a header file that defines an ilog2 function and some simple
functions/macros that use it: roundup_pow_of_two, is_power_of_2,
rounddown_pow_of_two, and order_base_2. This change moves three of
those simple functions (all but is_power_of_2) from linuxkpi to
libkern. It also deletes a few implementations of these functions
that have previously been copied into code for various device drivers,
so that they can use the libkern version. The is_power_of_2 macro was
not moved because powerof2 in param.h provides almost the same service
already (except that they disagree about whether 0 is a power of two).
Since the linux definitions of these functions were copied into
FreeBSD 11 years ago, linux has improved them, and this change
provides those improvements. In particular, a giant table of log
values for evaluating ilog2 for constant values is no longer
necessary.
Reviewed by: alc, markj (previous version)
[3 lines not shown]
libkern: add ilog2 macro
The kernel source contains several definitions of an ilog2 function;
some are slower than necessary, and one of them is incorrect.
Elimininate them all and define an ilog2 macro in libkern to replace
them, in a way that is fast, correct for all argument types, and, in a
GENERIC kernel, includes a check for an invalid zero parameter.
Folks at Microsoft have verified that having a correct ilog2
definition for their MANA driver doesn't break it.
Reviewed by: alc, markj, mhorne (older version), jhibbits (older version)
Differential Revision: https://reviews.freebsd.org/D45170
Differential Revision: https://reviews.freebsd.org/D45235
(cherry picked from commit b0056b31e90029553894d17c441cbb2c06d31412)
igc: Remove unused register IGC_RXD_SPC_VLAN_MASK
We don't use legacy receive descriptors and masking out the vlan ID
isn't necessary since the tag is in the standard format, so remove it.
(cherry picked from commit 124b7722aad7d4cf12d96c030659aef78175aa9c)
ifnet: Detach BPF descriptors on interface vmove event
When an interface is moving to/from a vnet jail, it may still have BPF
descriptors attached. The userland (e.g. tcpdump) does not get noticed
that the interface is departing and still opens BPF descriptors thus
may result in leaking sensitive traffic (e.g. an interface is moved
back to parent jail but a user is still sniffing traffic over it in
the child jail).
Detach BPF descriptors so that the userland will be signaled.
Reviewed by: ae
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D45727
(cherry picked from commit 1ed9b381d4701fc9f66741256e93b96e22273217)
ifnet: Fix build without BPF
[5 lines not shown]
ifnet: Make if_detach_internal() and if_vmove() void
if_detach_internal() never fail since change [1]. As a consequence,
also does its caller if_vmove(). While here, remove a stall comment.
No functional change intended.
This reverts commit c7bab2a7ca9a6dae79f970c6730a19b65a1ed86e.
[1] a779388f8bb3 if: Protect V_ifnet in vnet_if_return()
Reviewed by: glebius
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D48820
(cherry picked from commit bb0348a17974d83671becbd32ea0e4bd2ea61906)
pf: add extra SCTP multihoming probe points
Add probe points in the SCTP multihome parsing code. This is intended to help
debug a multihome issue, and is expected to be generally useful, so will be
included for everyone.
MFC after: 2 weeks
Sponsored by: Orange Business Services
(cherry picked from commit 2d2481c35f5a53322e982e47a2bb8f9085f525b7)
pf: verify SCTP v_tag before updating connection state
Make it harder to manipulate the firewall state by verifying the v tag before we
update states.
MFC after: 2 weeks
Sponsored by: Orange Business Services
(cherry picked from commit 4713d2fd5663eb64aa582dabced21d253c901a66)
pf: verify that ABORT chunks are not mixed with DATA chunks
RFC4960 3.3.7: DATA chunks MUST NOT be bundled with ABORT.
MFC after: 2 weeks
Sponsored by: Orange Business Services
(cherry picked from commit 541ea3d7828e0ede161ac2d8ef3e8419657ef5cb)
pf: allow ICMP messages related to an SCTP state to pass
Much like we already do for TCP and UDP we should also parse SCTP-in-ICMP
messages to see if they apply to an SCTP connection we've already allowed. If so
we should allow the ICMP packet to pass, even if we'd otherwise block it.
Add a test case where we generate an 'ICMP unreachable - need to frag' packet
and check that it passes through pf.
MFC after: 2 weeks
Sponsored by: Orange Business Services
(cherry picked from commit 7d5e02b01577047290e937399accc02e6b184ce9)
rtw88/rtw89: avoid duplicate top-level directory with debugfs
If people like me having multiple cards in the same system
creating the debugfs dirctory leads to a panic upon attaching
the 2nd card due to the duplicate name.
Rather than using the hard coded driver name, use the device name
(e.g., rtw880, rtw881, rtw882).
This solves two issues: it avoids the duplicate name and we get
individual debugging/statistic information for each card.
Sponsored by: The FreeBSD Foundation
X-Note: ath1[01]k and mt76 likely will need a similar change
(cherry picked from commit b4886c4ece3e692c294aa853da7aec849f8d00a2)
rtw88/rtw89: add module_param to enable/disable HT/VHT and EHT
In order to better test HT and VHT support with LinuxKPI add (tunable)
options disabled by default to on-demand enable HT/VHT
and for rtw89 also EHT.
It is expected that we will remove this FreeBSD-specific code again in
the future.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 7a5b55e3b448744b099c274763992cba2e3ebce5)
rtw89: update Realtek's rtw89 driver.
This adds support for the Realtek 8922AE PCI
wireless network (Wi-Fi 7) adapter.
This version is based on
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
98f7e32f20d28ec452afb208f9cffc08448a2652 ( tag: v6.11 ).
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 6d67aabd63555ab62a2f2b7f52a75ef100a2fe75)
