866c8b8d debdrup Feb. 8, 2021, 6:57 a.m.
While here, also recommend that loader.conf(5) should only be used in
order to get to mountroot, as rc(8) is less fragile, faster, and is
easier to fix by booting to single-user mode instead of having to
blacklist modules in the loader.

MFH:		2 weeks
cgit
b3c6fe66 wulf Feb. 7, 2021, 11:46 p.m.
Current epoll implementation stores udata fields of epoll_event
structure in special dynamically-sized table rather than in udata field
of backing kevent structure because of 2 reasons:
1. Kevent's udata size is smaller than epoll's on 32-bit archs.
2. Kevent's udata can be clobbered on execution EPOLL_CTL_ADD as kqueue
   modifies existing event while epoll returns error in this case.

After r320043 has introduced four new 64bit user data members (ext[]),
we can store epoll udata in one of them and drop aforementioned table.
According to kqueue_register() source code ext members are not updated
when existing kevent is modified that fixes p.2.

As a side effect the patch fixes PR/252582.

Reviewed by:	trasz
MFC after:	1 month
Differential revision:	https://reviews.freebsd.org/D28169
cgit
d26f2a50 bdragon Feb. 7, 2021, 10:13 p.m.
In 78599c32efed3247d165302a1fbe8d9203e38974, CFI endproc decoration was
added to locore64.S. However, it missed the subtle detail that
__restartkernel_virtual() falls through to __restartkernel(). This was
causing boot failure on PowerMac G5, as it tried to execute the
epilogue as code.

Fix this by branching to __restartkernel() instead of intentionally
running off the end of the function.

While here, add some additional notes on how the virtual mode restart
works.

MFC after:	3 days
cgit
e44a78ce trasz Feb. 7, 2021, 8:42 p.m.
It returns "unconfined", like Linux without SELinux would.

Sponsored By:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28164
cgit
6117aa58 donner Feb. 7, 2021, 7:31 p.m.
The data path in netgraph is designed to work on an read only state of
the whole netgraph network.  Currently this is achived by convention,
there is no technical enforcment.  In the case of NETGRAPH_DEBUG all
nodes can be annotated for debugging purposes, so the strict
enforcment needs to be lifted for this purpose.

This patch is part of a series to make ng_bridge multithreaded, which
is done by rewrite the data path to operate on const.

Reviewed By:	kp
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D28141
cgit
cef689f4 donner Feb. 7, 2021, 4:39 p.m.
Patch mass breaks LINT kernels.

This reverts commit bb67e52db143b699bdac1830717930b26a7b5766.
cgit
bb67e52d donner Feb. 7, 2021, 2:39 p.m.
The data path in netgraph is designed to work on an read only state of
the whole netgraph network.  Currently this is achived by convetion,
there is no technical enforcment.  This patch is part of a series to
make ng_brigde multithreaded, which is done by rewrite the data path
to const handling.

Reviewed By:	kp
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D28141
cgit
ed0a1527 donner Feb. 7, 2021, 2:29 p.m.
This was announced to happen after the 12 relases.
Remove a depeciated ABI.

The complete removal is for HEAD only. I'll remove the #define in
stable/13 as MFC, so the code will still exist in 13.x, but will not
included by default. Earlier versions will not be affected.

Reviewed by:	kp
MFC after:	5 days
Differential Revision: https://reviews.freebsd.org/D28518
cgit
7b51ac02 eduardo Feb. 7, 2021, 1:46 p.m.
f6e8256a trasz Feb. 6, 2021, 11:21 p.m.
Previously the flags were passed as-is, which could resulted
in spurious EAGAIN returned for non-blocking sockets, which
broke some Steam games.

PR:		248065
Reported By:	Alex S <iwtcex@gmail.com>
Tested By:	Alex S <iwtcex@gmail.com>
Reviewed By:	emaste
MFC After:	3 days
Sponsored By:	The FreeBSD Foundation
cgit
8af54bdf manu Feb. 6, 2021, 7:41 p.m.
MFC after:	3 days
cgit
66c72859 donner Feb. 6, 2021, 5:14 p.m.
This is the first patch of a series of necessary steps
to make ng_bridge(4) multithreaded.

Reviewed by:	melifaro (network), afedorov
MFC after:	1 month
Differential Revision: https://reviews.freebsd.org/D28125
cgit
c869d905 donner Feb. 6, 2021, 2:01 p.m.
Handling of unknown MACs on an bridge with incomplete learning
capabilites (aka uplink ports) can be defined in different ways.

The classical approach is to broadcast unicast frames send to an
unknown MAC, because the unknown devices can be everywhere. This mode
is default for ng_bridge(4).

In the case of dedicated uplink ports, which prohibit learning of MAC
addresses in order to save memory and CPU cycles, the broadcast
approach is dangerous. All traffic to the uplink port is broadcasted
to every downlink port, too. In this case, it's better to restrict the
distribution of frames to unknown MAC to the uplink ports only.

In order to keep the chance small and the handling as natural as
possible, the first attached link is used to determine the behaviour
of the bridge: If it is an "uplink" port, then the bridge switch from
classical mode to restricted mode.

Reviewed By:	kp
Approved by:	kp (mentor)
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D28487
cgit
689561d4 donner Feb. 6, 2021, 10:36 a.m.
yuripv@ suggested to replace inapprobriate macros by better ones.

Reviewed by:	philip
Approved by:	philip (mentor)
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D28510
cgit
f961caf2 donner Feb. 6, 2021, 10:09 a.m.
The ng_bridge(4) node is designed to work in moderately small
environments. Connecting such a node to a larger network rapidly fills
the MAC table for no reason. It even become complicated to obtain data
from the gettable message, because the result is too large to
transmit.

This patch introduces, two new functionality bits on the hooks:
  - Allow or disallow MAC address learning for incoming patckets.
  - Allow or disallow sending unknown MACs through this hook.

Uplinks are characterized by denied learing while sending out
unknowns. Normal links are charaterized by allowed learning and
sending out unknowns.

Reviewed by:	kp
Approved by:	kp (mentor)
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D23963
cgit