summaryrefslogtreecommitdiff
path: root/share/man/man4
Commit message (Collapse)AuthorAgeFilesLines
* Filter TCP connections to SO_REUSEPORT_LB listen sockets by NUMA domainAndrew Gallatin2020-12-191-1/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In order to efficiently serve web traffic on a NUMA machine, one must avoid as many NUMA domain crossings as possible. With SO_REUSEPORT_LB, a number of workers can share a listen socket. However, even if a worker sets affinity to a core or set of cores on a NUMA domain, it will receive connections associated with all NUMA domains in the system. This will lead to cross-domain traffic when the server writes to the socket or calls sendfile(), and memory is allocated on the server's local NUMA node, but transmitted on the NUMA node associated with the TCP connection. Similarly, when the server reads from the socket, he will likely be reading memory allocated on the NUMA domain associated with the TCP connection. This change provides a new socket ioctl, TCP_REUSPORT_LB_NUMA. A server can now tell the kernel to filter traffic so that only incoming connections associated with the desired NUMA domain are given to the server. (Of course, in the case where there are no servers sharing the listen socket on some domain, then as a fallback, traffic will be hashed as normal to all servers sharing the listen socket regardless of domain). This allows a server to deal only with traffic that is local to its NUMA domain, and avoids cross-domain traffic in most cases. This patch, and a corresponding small patch to nginx to use TCP_REUSPORT_LB_NUMA allows us to serve 190Gb/s of kTLS encrypted https media content from dual-socket Xeons with only 13% (as measured by pcm.x) cross domain traffic on the memory controller. Reviewed by: jhb, bz (earlier version), bcr (man page) Tested by: gonzo Sponsored by: Netfix Differential Revision: https://reviews.freebsd.org/D21636 Notes: svn path=/head/; revision=368819
* ndis(4): expand deprecation to the whole driverBrooks Davis2020-12-111-1/+1
| | | | | | | | | | | | | | | nids(4) was a clever idea in the early 2000's when the market was flooded with 10/100 NICs with Windows-only drivers, but that hasn't been the case for ages and the driver has had no meaningful maintenance in ages. It only supports Windows-XP era drivers. Reviewed by: imp, bcr MFC after: 3 days Sponsored by: DARPA Differential Revision: https://reviews.freebsd.org/D27527 Notes: svn path=/head/; revision=368561
* hme(4): Remove as previous announcedBrooks Davis2020-12-115-142/+0
| | | | | | | | | | | | The hme (Happy Meal Ethernet) driver was the onboard NIC in most supported sparc64 platforms. A few PCI NICs do exist, but we have seen no evidence of use on non-sparc systems. Reviewed by: imp, emaste, bcr Sponsored by: DARPA Notes: svn path=/head/; revision=368559
* New Netgraph module ng_macfilter:Nick Hibma2020-12-082-0/+223
| | | | | | | | | | | | | | | Macfilter to route packets through different hooks based on sender MAC address. Based on ng_macfilter written by Pekka Nikander Sponsered by Retina b.v. Reviewed by: afedorov MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D27268 Notes: svn path=/head/; revision=368443
* Add deprecation notice to mn(4)Ed Maste2020-12-061-1/+7
| | | | | | | | | | | | | | | | | Sync serial (T1/E1) interfaces are largely irrelevant today and phk confirms this driver is unnecessary in review D23928. This leaves ce(4) and cp(4) in the tree. They're likely not relevant either, but glebius contacted the manufacturer and those devices are still available for purchase. At glebius' suggestion leave them in the tree as long as they do not impose a maintenace burden. Approved by: phk MFC after: 3 days Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=368397
* ossl: port to arm64Mitchell Horne2020-12-041-2/+4
| | | | | | | | | | | | | | Enable in-kernel acceleration of SHA1 and SHA2 operations on arm64 by adding support for the ossl(4) crypto driver. This uses OpenSSL's assembly routines under the hood, which will detect and use SHA intrinsics if they are supported by the CPU. Reviewed by: jhb Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D27390 Notes: svn path=/head/; revision=368350
* Fix a couple of typos.John Baldwin2020-12-011-3/+3
| | | | | | | Submitted by: rmacklem Notes: svn path=/head/; revision=368247
* Add watchdog(9) driver for the Fintek F81803 SuperIO chipPoul-Henning Kamp2020-11-282-0/+68
| | | | Notes: svn path=/head/; revision=368130
* ping: fix some man pages and tests after r368045Alan Somers2020-11-261-2/+2
| | | | | | | MFC-with: r368045 Notes: svn path=/head/; revision=368046
* Add a manpage for kernel TLS.John Baldwin2020-11-253-76/+276
| | | | | | | | | | | | This subsumes some of the content from tcp(4) describing the socket options but also adds additional notes. Reviewed by: gallatin, hselasky Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D27272 Notes: svn path=/head/; revision=368040
* Remove a reference to CRIOGET missed in r368005.John Baldwin2020-11-251-5/+0
| | | | Notes: svn path=/head/; revision=368007
* Remove the cloned file descriptors for /dev/crypto.John Baldwin2020-11-251-22/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | Crypto file descriptors were added in the original OCF import as a way to provide per-open data (specifically the list of symmetric sessions). However, this gives a bit of a confusing API where one has to open /dev/crypto and then invoke an ioctl to obtain a second file descriptor. This also does not match the API used with /dev/crypto on other BSDs or with Linux's /dev/crypto driver. Character devices have gained support for per-open data via cdevpriv since OCF was imported, so use cdevpriv to simplify the userland API by permitting ioctls directly on /dev/crypto descriptors. To provide backwards compatibility, CRIOGET now opens another /dev/crypto descriptor via kern_openat() rather than dup'ing the existing file descriptor. This preserves prior semantics in case CRIOGET is invoked multiple times on a single file descriptor. Reviewed by: markj Relnotes: yes Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D27302 Notes: svn path=/head/; revision=368005
* Port rtsx(4) driver for Realtek SD card reader from OpenBSD.Jung-uk Kim2020-11-242-0/+122
| | | | | | | | | | | | | | | This driver provides support for Realtek PCI SD card readers. It attaches mmc(4) bus on card insertion and detaches it on card removal. It has been tested with RTS5209, RTS5227, RTS5229, RTS522A, RTS525A and RTL8411B. It should also work with RTS5249, RTL8402 and RTL8411. PR: 204521 Submitted by: Henri Hennebert (hlh at restart dot be) Reviewed by: imp, jkim Differential Revision: https://reviews.freebsd.org/D26435 Notes: svn path=/head/; revision=367998
* Remove parallel SCSI and 1/2Gb FC support from isp(4).Alexander Motin2020-11-202-54/+15
| | | | | | | | | | | | | | | | | | | | | This removes 288KB (36%) of the driver code and zillions of hacks and workarounds, making single driver uniformly support several different generations of hardware interfaces, not counting minor card variations. After years of the hopeless fight, I don't think it worth to continue support for hardware obsolete for 15-20 years. Instead much cleaner now code should allow to move forward toward better locking, multiple queues and other cool features. All the remaining Qlogic cards starting from 4Gb 24xx to 32Gb 27xx use the same hardware/firmware interface with minor incremental improvements, so it seems to be a good new starting point. Except one PCI-X model all all of them are PCIe and so still usable in modern systems. Discussed with: ken, scottl, jpaetzel, imp Relnotes: yes Notes: svn path=/head/; revision=367857
* Add an option for entering KDB on recursive panicsMitchell Horne2020-11-191-1/+11
| | | | | | | | | | | | | | | | | | | | There are many cases where one would choose avoid entering the debugger on a normal panic, opting instead to reboot and possibly save a kernel dump. However, recursive kernel panics are an unusual case that might warrant attention from a human, so provide a secondary tunable, debug.debugger_on_recursive_panic, to allow entering the debugger only when this occurs. For for simplicity in maintaining existing behaviour, the tunable defaults to zero. Reviewed by: cem, markj Sponsored by: NetApp, Inc. Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D27271 Notes: svn path=/head/; revision=367848
* Document disk ioctlWarner Losh2020-11-192-0/+211
| | | | | | | | | | | First stab at documenting the different disk ioctl commands defined in sys/disk.h. Reviewed by: phk (prior version) Differential Revision: https://reviews.freebsd.org/D26994 Notes: svn path=/head/; revision=367847
* Fix mandoc lint warnings.Nick Hibma2020-11-181-13/+5
| | | | Notes: svn path=/head/; revision=367804
* Add SPDX license tag to the ENA driver filesMarcin Wojtas2020-11-181-1/+3
| | | | | | | | | | | | | | | | | | Refering to guide: https://wiki.freebsd.org/SPDX the SPDX tag should not replace the standard license text, however it should be added over the standard license text to make the automation easier. Because of that, the old license was kept, but the SPDX tag was added on top of every ENA driver file. Submited by: Michal Krawczyk <mk@semihalf.com> Obtained from: Semihalf Sponsored by: Amazon, Inc MFC after: 1 week Differential revision: https://reviews.freebsd.org/D27117 Notes: svn path=/head/; revision=367801
* unix(4): Enhance LOCAL_CREDS_PERSISTENT ABIConrad Meyer2020-11-171-1/+36
| | | | | | | | | | | | | | As this ABI is still fresh (r367287), let's correct some mistakes now: - Version the structure to allow for future changes - Include sender's pid in control message structure - Use a distinct control message type from the cmsgcred / sockcred mess Discussed with: kib, markj, trasz Differential Revision: https://reviews.freebsd.org/D27084 Notes: svn path=/head/; revision=367776
* uplcom: add ATen/Prolific USB-232 Controller D USB IDEd Maste2020-11-171-0/+4
| | | | | | | | | PR: 251166 Submitted by: marcus MFC after: 2 weeks Notes: svn path=/head/; revision=367772
* - add more linux socket options (sorted by value)Alexander Leidinger2020-11-081-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - map those IPv4 / IPv6 socket options which exist in FreeBSD + most of them visually verified to have the same type/layout of arguments + not tested with linux programs to behave as intended - be more human readable for known options which are not handled - be more verbose for unhandled socket message flags we know about - print the jail ID in linux_msg if run in a jail - add possibility to print debug message about known missing parts only once - add multiple levels of sysctl linux.debug: 1: print debug messages, tell about unimplemented stuff (only once) 2: like 1, but also print messages about implemented but not tested stuff (only once) 3+: like 2, but no rate limiting of messages - increase default linux debug level from 1 to 3 We are a lot more verbose in as we need to be (e.g. some of the IP socket options which are the same, and share the same memory layout, and are believed to work). The reason is that we have no good testsuite to test those linux-bits. The LTP or other test suites like the python one, are not fully up to the task we need. As such the excessive messages about emulated but not tested socket options. IMO any MFC (possible, but most probably not by me) should set the default debug level to 1. Discussed with: trasz Notes: svn path=/head/; revision=367481
* Update copies of ioctl structures to match recent changes in head.John Baldwin2020-11-061-22/+24
| | | | | | | | - Update for C99 types and void pointers. - Update example algorithms to not use removed algorithms. Notes: svn path=/head/; revision=367437
* Add qat(4)Mark Johnston2020-11-052-0/+101
| | | | | | | | | | | | | | | | | | | This provides an OpenCrypto driver for Intel QuickAssist devices. The driver was initially ported from NetBSD and comes with a few improvements: - support for GMAC/AES-GCM, AES-CTR and AES-XTS, and support for SHA/HMAC-authenticated encryption - support for detaching the driver - various bug fixes - DH895X support Discussed with: jhb MFC after: 3 days Sponsored by: Rubicon Communications, LLC (Netgate) Differential Revision: https://reviews.freebsd.org/D26963 Notes: svn path=/head/; revision=367386
* acpi_video(4): mention that acpi_video should be loaded after any drm driverEmmanuel Vadot2020-11-041-0/+9
| | | | | | | | | | | | When not adhering to this order, brightness sysctl's do not show up on some laptop. Submitted by: driesm.michiels@gmail.com Reviewed by: uqs Differential Revision: https://reviews.freebsd.org/D26073 Notes: svn path=/head/; revision=367328
* unix(4): Add SOL_LOCAL:LOCAL_CREDS_PERSISTENTConrad Meyer2020-11-031-2/+15
| | | | | | | | | | | | This option is intended to be semantically identical to Linux's SOL_SOCKET:SO_PASSCRED. For now, it is mutually exclusive with the pre-existing sockopt SOL_LOCAL:LOCAL_CREDS. Reviewed by: markj (penultimate version) Differential Revision: https://reviews.freebsd.org/D27011 Notes: svn path=/head/; revision=367287
* Implement the USB_GET_DEVICEINFO ioctl(2) for uhid(4).Hans Petter Selasky2020-10-311-1/+6
| | | | | | | | | Submitted by: pedro martelletto <pedro@ambientworks.net> MFC after: 1 week Sponsored by: Mellanox Technologies // NVIDIA Networking Notes: svn path=/head/; revision=367236
* Drop "All rights reserved" from all my stuff. This includesEdward Tomasz Napierala2020-10-283-3/+0
| | | | | | | | | | | | Foundation copyrights, approved by emaste@. It does not include files which carry other people's copyrights; if you're one of those people, feel free to make similar change. Reviewed by: emaste, imp, gbe (manpages) Differential Revision: https://reviews.freebsd.org/D26980 Notes: svn path=/head/; revision=367105
* Use my FreeBSD.org mail address in man pages I have writtenGordon Bergling2020-10-271-1/+1
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=367091
* ntb: Add Intel Xeon Gen3 supportMark Johnston2020-10-231-8/+11
| | | | | | | | | | | | | | | | | The NTB hardware starting with Skylake has some changes to the register map and the doorbell interface. Add a new NTB_XEON_GEN3 device type and use it to conditionalize driver logic that differs from the existing Xeon code. Reviewed by: vangyzen Discussed with: cem, Bret Ketchum <Bret.Ketchum@dell.com> MFC after: 1 month Sponsored by: NetApp, Inc. Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D26683 Notes: svn path=/head/; revision=366969
* Add support for IP over infiniband, IPoIB, to lagg(4). Currently onlyHans Petter Selasky2020-10-221-1/+10
| | | | | | | | | | | | | | | | | | | | | | the failover protocol is supported due to limitations in the IPoIB architecture. Refer to the lagg(4) manual page for how to configure and use this new feature. A new network interface type, IFT_INFINIBANDLAG, has been added, similar to the existing IFT_IEEE8023ADLAG . ifconfig(8) has been updated to accept a new laggtype argument when creating lagg(4) network interfaces. This new argument is used to distinguish between ethernet and infiniband type of lagg(4) network interface. The laggtype argument is optional and defaults to ethernet. The lagg(4) command line syntax is backwards compatible. Differential Revision: https://reviews.freebsd.org/D26254 Reviewed by: melifaro@ MFC after: 1 week Sponsored by: Mellanox Technologies // NVIDIA Networking Notes: svn path=/head/; revision=366933
* Add a kernel crypto driver using assembly routines from OpenSSL.John Baldwin2020-10-202-0/+107
| | | | | | | | | | | | | | | | | | Currently, this supports SHA1 and SHA2-{224,256,384,512} both as plain hashes and in HMAC mode on both amd64 and i386. It uses the SHA intrinsics when present similar to aesni(4), but uses SSE/AVX instructions when they are not. Note that some files from OpenSSL that normally wrap the assembly routines have been adapted to export methods usable by 'struct auth_xform' as is used by existing software crypto routines. Reviewed by: gallatin, jkim, delphij, gnn Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D26821 Notes: svn path=/head/; revision=366901
* cxgbe(4): Updates to the drop features from r366532.Navdeep Parhar2020-10-191-2/+5
| | | | | | | | MFC after: 1 week Sponsored by: Chelsio Communications Notes: svn path=/head/; revision=366862
* Mark asymmetric cryptography via OCF deprecated for 14.0.John Baldwin2020-10-191-1/+6
| | | | | | | | | | | | | | | | | Only one MIPS-specific driver implements support for one of the asymmetric operations. There are no in-kernel users besides /dev/crypto. The only known user of the /dev/crypto interface was the engine in OpenSSL releases before 1.1.0. 1.1.0 includes a rewritten engine that does not use the asymmetric operations due to lack of documentation. Reviewed by: cem, markj MFC after: 1 week Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D26810 Notes: svn path=/head/; revision=366844
* Update arcmsr(4) to 1.50.00.00:Xin LI2020-10-161-1/+3
| | | | | | | | | | | | Add support for ARC-1886, NVMe/SAS/SATA controller. Many thanks to Areca for continuing to support FreeBSD. Submitted by: 黃清隆 <ching2048 areca com tw> MFC after: 2 weeks Notes: svn path=/head/; revision=366767
* Implement SIOCGIFALIAS.Andrey V. Elsukov2020-10-141-1/+8
| | | | | | | | | | | | It is lightweight way to check if an IPv4 address exists. Submitted by: Roy Marples Reviewed by: gnn, melifaro MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D26636 Notes: svn path=/head/; revision=366695
* dtrace_audit(4): Fix a typoGordon Bergling2020-10-101-1/+1
| | | | | | | | | - asynchonously -> asynchronously MFC after: 1 week Notes: svn path=/head/; revision=366609
* Fix a few mandoc issuesGordon Bergling2020-10-0913-26/+25
| | | | | | | | | | - skipping paragraph macro: Pp after Sh - sections out of conventional order: Sh EXAMPLES - whitespace at end of input line - normalizing date format Notes: svn path=/head/; revision=366583
* bpf(4): Update the man page to reflect realityGordon Bergling2020-10-091-41/+118
| | | | | | | | | | | | PR: 131918 Submitted by: guy at alum dot mit dot edu Reviewed by: gnn, gbe Approved by: gnn MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D25993 Notes: svn path=/head/; revision=366580
* Fix a few mandoc issuesGordon Bergling2020-10-094-34/+41
| | | | | | | | | | | | - whitespace at end of input line - skipping paragraph macro: Pp at the end of Sh - new sentence, new line - consider using OS macro: Fx - AUTHORS section without An macro - skipping paragraph macro: Pp before Ss Notes: svn path=/head/; revision=366575
* cxgbe(4): knobs to drop various kinds of undesirable frames on ingress.Navdeep Parhar2020-10-081-1/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These kind of drops come for free in the sense that they do not use the filter TCAM or any other resource that wouldn't normally be used during rx. Frames dropped by the hardware get counted in the MAC's rx stats but are not delivered to the driver. hw.cxgbe.attack_filter Set to 1 to enable the "attack filter". Default is 0. The attack filter will drop an incoming frame if any of these conditions is true: src ip/ip6 == dst ip/ip6; tcp and src/dst ip is not unicast; src/dst ip is loopback (127.x.y.z); src ip6 is not unicast; src/dst ip6 is loopback (::1/128) or unspecified (::/128); tcp and src/dst ip6 is mcast (ff00::/8). hw.cxgbe.drop_ip_fragments Set to 1 to drop all incoming IP fragments. Default is 0. Note that this drops valid frames. hw.cxgbe.drop_pkts_with_l2_errors Set to 1 to drop incoming frames with Layer 2 length or checksum errors. Default is 1. hw.cxgbe.drop_pkts_with_l3_errors Set to 1 to drop incoming frames with IP version, length, or checksum errors. Default is 0. hw.cxgbe.drop_pkts_with_l4_errors Set to 1 to drop incoming frames with Layer 4 length, checksum, or other errors. Default is 0. MFC after: 2 weeks Sponsored by: Chelsio Communications Notes: svn path=/head/; revision=366532
* netmap: minor documentation fixVincenzo Maffione2020-10-031-2/+2
| | | | | | | | | | Also update date of pkt-gen.8 (not done in r366387). Submitted by: milosz.kaniewski@gmail.com MFC after: 3 days Notes: svn path=/head/; revision=366389
* tcp(4): Add a reference for tcp_bbr(4) man pageGordon Bergling2020-09-241-0/+1
| | | | Notes: svn path=/head/; revision=366129
* Add missing file (tcp_bbr.4) from r366127Gordon Bergling2020-09-241-0/+168
| | | | | | | | | Reviewed by: bcr Approved by: bcr Differential Revision: https://reviews.freebsd.org/D24915 Notes: svn path=/head/; revision=366128
* Add a manual page for TCP BBRGordon Bergling2020-09-241-0/+1
| | | | | | | | | Reviewed by: bcr Approved by: bcr Differential Revision: https://reviews.freebsd.org/D24915 Notes: svn path=/head/; revision=366127
* mgb.4: add note about experimental statusEd Maste2020-09-241-5/+4
| | | | | | | Also remove HISTORY section until it is connected to the build. Notes: svn path=/head/; revision=366115
* Document quoting requirements for the devctl protocolWarner Losh2020-09-221-1/+17
| | | | | | | | | | | | | Belatedly document the quoting requirements for the devctl protocol. I thought they'd been previously documented. Also, while I'm here, make igor happy. Reviewed by: bcr Differential Revision: https://reviews.freebsd.org/D26520 Notes: svn path=/head/; revision=366026
* Fix a bunch of mdoc issues found by mandoc -Tlint.Christian Brueffer2020-09-2218-21/+19
| | | | Notes: svn path=/head/; revision=366012
* cxgbe(4): let the PF driver use VM work requests for transmit.Navdeep Parhar2020-09-221-0/+11
| | | | | | | | | | | | This allows the PF interfaces to communicate with the VF interfaces over the internal switch in the ASIC. Fix the GL limits for VM work requests while here. MFC after: 3 days Sponsored by: Chelsio Communications Notes: svn path=/head/; revision=365993
* Add example to ng_bpf(4) showing how ng_bpf(4) can be used to prevent spoofing.Hans Petter Selasky2020-09-211-10/+51
| | | | | | | | | | | Differential Revision: https://reviews.freebsd.org/D26488 MFC after: 1 week Reviewed by: pi, bcr (manpages) Submitted by: lutz_donnerhacke.de (Lutz Donnerhacke) Sponsored by: Mellanox Technologies // NVIDIA Networking Notes: svn path=/head/; revision=365958
* cxgbe(4): add support for stateless offloads for VXLAN traffic.Navdeep Parhar2020-09-181-3/+3
| | | | | | | | | | | Hardware assistance includes checksumming (tx and rx), TSO, and RSS on the inner traffic in a VXLAN tunnel. Relnotes: Yes Sponsored by: Chelsio Communications Notes: svn path=/head/; revision=365871
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-23 08:51:39 +0000