diff options
78 files changed, 946 insertions, 482 deletions
diff --git a/Makefile.inc1 b/Makefile.inc1 index dcd4fd23c087..3f93e1065622 100644 --- a/Makefile.inc1 +++ b/Makefile.inc1 @@ -466,7 +466,7 @@ SUBDIR+= ${_DIR} # by calling 'makedb' in share/man. This is only relevant for # install/distribute so they build the whatis file after every manpage is # installed. -.if make(installworld) || make(install) +.if make(installworld) || make(install) || make(distributeworld) || make(distribute) SUBDIR+=.WAIT .endif SUBDIR+=etc @@ -12,6 +12,9 @@ Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before updating system packages and/or ports. +20251105: + pf(4) now supports nat64 via the af-to keyword. + 20251030: flua(1) has moved to the new FreeBSD-flua package. If you use flua, you may want to install this package if it's not otherwise installed diff --git a/etc/mtree/BSD.include.dist b/etc/mtree/BSD.include.dist index ea333a38d889..56d3a823a8f2 100644 --- a/etc/mtree/BSD.include.dist +++ b/etc/mtree/BSD.include.dist @@ -2,17 +2,17 @@ # Please see the file src/etc/mtree/README before making changes to this file. # -/set type=dir uname=root gname=wheel mode=0755 +/set type=dir uname=root gname=wheel mode=0755 tags=package=clibs-dev . arpa .. - atf-c + atf-c tags=package=atf-dev .. - atf-c++ + atf-c++ tags=package=atf-dev .. - bsm + bsm tags=package=audit-dev .. - bsnmp + bsnmp tags=package=bsnmp-dev .. c++ v1 @@ -118,7 +118,7 @@ scsi .. .. - casper + casper tags=package=libcasper-dev .. crypto .. @@ -190,10 +190,10 @@ wg .. .. - devdctl + devdctl tags=package=utilities-dev .. - edit - readline + edit tags=package=runtime-dev + readline tags=package=runtime-dev .. .. fs @@ -252,39 +252,39 @@ virstor .. .. - gssapi + gssapi tags=package=kerberos-dev .. - gssrpc + gssrpc tags=package=kerberos-dev .. - infiniband - complib + infiniband tags=package=utilities-dev + complib tags=package=utilities-dev .. - iba + iba tags=package=utilities-dev .. - opensm + opensm tags=package=utilities-dev .. - vendor + vendor tags=package=utilities-dev .. .. isofs cd9660 .. .. - kadm5 + kadm5 tags=package=kerberos-dev .. krb5 tags=package=kerberos-dev .. - lib80211 + lib80211 tags=package=runtime-dev .. - lib9p + lib9p tags=package=lib9p-dev .. libipt .. - libmilter + libmilter tags=package=libmilter-dev .. - libxo + libxo tags=package=runtime-dev .. - lzma + lzma tags=package=xz-dev .. machine pc @@ -323,7 +323,7 @@ .. .. netpfil - pf + pf tags=package=pf-dev .. .. netsmb @@ -348,20 +348,20 @@ stm .. .. - openssl + openssl tags=package=openssl-dev .. - pcap + pcap tags=package=utilities-dev .. protocols .. - rdma + rdma tags=package=utilities-dev .. rpc .. rpcsvc .. security - audit + audit tags=package=audit-dev .. mac_biba .. diff --git a/etc/mtree/BSD.usr.dist b/etc/mtree/BSD.usr.dist index 6a8c155e5e73..54d408865fa5 100644 --- a/etc/mtree/BSD.usr.dist +++ b/etc/mtree/BSD.usr.dist @@ -6,35 +6,35 @@ . bin .. - include - private - bsddialog + include tags=package=clibs-dev + private tags=package=clibs-dev + bsddialog tags=package=utilities-dev .. - bsdstat + bsdstat tags=package=libbsdstat-dev .. - event1 + event1 tags=package=libevent1-dev .. - gmock - internal - custom + gmock tags=package=utilities-dev + internal tags=package=utilities-dev + custom tags=package=utilities-dev .. .. .. - gtest - internal - custom + gtest tags=package=utilities-dev + internal tags=package=utilities-dev + custom tags=package=utilities-dev .. .. .. - samplerate + samplerate tags=package=sound-dev .. - sqlite3 + sqlite3 tags=package=libsqlite3-dev .. - ucl + ucl tags=package=libucl-dev .. - yaml + yaml tags=package=libyaml-dev .. - zstd + zstd tags=package=runtime-dev .. .. .. diff --git a/krb5/lib/kadm5clnt/Makefile b/krb5/lib/kadm5clnt/Makefile index 52a7187cf9bb..ef01a5f779e3 100644 --- a/krb5/lib/kadm5clnt/Makefile +++ b/krb5/lib/kadm5clnt/Makefile @@ -86,7 +86,8 @@ ${CHPASS_UTIL_STRINGS_ERR_C}: ${CHPASS_UTIL_STRINGS_ERR} rm -f et-c-${.PREFIX}.et et-c-${.PREFIX}.c afterinstall: - ${INSTALL_LIBSYMLINK} ${SHLIB_LINK} ${DESTDIR}${LIBDIR}/libkadm5clnt.so + ${INSTALL_LIBSYMLINK} ${DEV_TAG_ARGS} ${SHLIB_LINK} \ + ${DESTDIR}${LIBDIR}/libkadm5clnt.so .include <bsd.lib.mk> diff --git a/lib/atf/Makefile.inc b/lib/atf/Makefile.inc index bebed0280596..af176036f136 100644 --- a/lib/atf/Makefile.inc +++ b/lib/atf/Makefile.inc @@ -24,7 +24,7 @@ # SUCH DAMAGE. # -PACKAGE= atf +PACKAGE?= atf LIB_PACKAGE= CFLAGS+= -DHAVE_CONFIG_H diff --git a/lib/atf/libatf-c++/tests/Makefile b/lib/atf/libatf-c++/tests/Makefile index 839c6902d6b1..dc052c19df67 100644 --- a/lib/atf/libatf-c++/tests/Makefile +++ b/lib/atf/libatf-c++/tests/Makefile @@ -1,5 +1,7 @@ .include <bsd.init.mk> +PACKAGE= tests + TESTS_SUBDIRS= detail ATF= ${SRCTOP}/contrib/atf diff --git a/lib/atf/libatf-c++/tests/detail/Makefile b/lib/atf/libatf-c++/tests/detail/Makefile index 4b95f8dbd663..55cefe524068 100644 --- a/lib/atf/libatf-c++/tests/detail/Makefile +++ b/lib/atf/libatf-c++/tests/detail/Makefile @@ -1,5 +1,7 @@ .include <bsd.init.mk> +PACKAGE= tests + TESTSDIR= ${TESTSBASE}/lib/atf/libatf-c++/detail ATF= ${SRCTOP}/contrib/atf diff --git a/lib/atf/libatf-c/tests/Makefile b/lib/atf/libatf-c/tests/Makefile index 5647e7b9fcbe..c81c18a91f00 100644 --- a/lib/atf/libatf-c/tests/Makefile +++ b/lib/atf/libatf-c/tests/Makefile @@ -1,5 +1,7 @@ .include <bsd.init.mk> +PACKAGE= tests + TESTS_SUBDIRS= detail ATF= ${SRCTOP}/contrib/atf diff --git a/lib/atf/libatf-c/tests/detail/Makefile b/lib/atf/libatf-c/tests/detail/Makefile index 5123f6f4d796..3fa2919b98b9 100644 --- a/lib/atf/libatf-c/tests/detail/Makefile +++ b/lib/atf/libatf-c/tests/detail/Makefile @@ -1,5 +1,7 @@ .include <bsd.init.mk> +PACKAGE= tests + TESTSDIR= ${TESTSBASE}/lib/atf/libatf-c/detail ATF= ${SRCTOP}/contrib/atf diff --git a/lib/atf/tests/Makefile b/lib/atf/tests/Makefile index 500ff0f20c3b..2609bb593d57 100644 --- a/lib/atf/tests/Makefile +++ b/lib/atf/tests/Makefile @@ -1,4 +1,7 @@ .PATH: ${SRCTOP}/tests + +PACKAGE= tests + KYUAFILE= yes SUBDIR= test-programs diff --git a/lib/geom/part/gpart.8 b/lib/geom/part/gpart.8 index f76c1d9d5d6c..2e11417f8494 100644 --- a/lib/geom/part/gpart.8 +++ b/lib/geom/part/gpart.8 @@ -22,7 +22,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd February 11, 2025 +.Dd October 24, 2025 .Dt GPART 8 .Os .Sh NAME @@ -1497,6 +1497,26 @@ and .Bd -literal -offset indent /sbin/gpart backup ada0 | /sbin/gpart restore -F ada1 ada2 .Ed +.Sh DIAGNOSTICS +.Bl -diag +.It gpart: arg0 '%s': Invalid argument +The provided +.Ar geom +argument +is not a GEOM provider. +Not every device in +.Xr devfs 4 +is a GEOM provider. +For example, a +.Xr zfs 4 +zvol will show up as a GEOM provider only if its +.Sy volmode +is set properly +.Po refer to +.Xr zfsprops 8 +for details +.Pc . +.El .Sh SEE ALSO .Xr geom 4 , .Xr boot0cfg 8 , diff --git a/lib/libcasper/Makefile.inc b/lib/libcasper/Makefile.inc index 00bd221feb27..73a761ba4ce3 100644 --- a/lib/libcasper/Makefile.inc +++ b/lib/libcasper/Makefile.inc @@ -1,5 +1,7 @@ .include <src.opts.mk> +PACKAGE?= libcasper + .if ${MK_CASPER} != "no" CFLAGS+=-DWITH_CASPER .endif diff --git a/lib/libcasper/libcasper/Makefile b/lib/libcasper/libcasper/Makefile index 4db26f665f19..1a794791570f 100644 --- a/lib/libcasper/libcasper/Makefile +++ b/lib/libcasper/libcasper/Makefile @@ -1,5 +1,3 @@ -PACKAGE= runtime - SHLIBDIR?= /lib .include <src.opts.mk> diff --git a/lib/libcasper/services/cap_dns/Makefile b/lib/libcasper/services/cap_dns/Makefile index 4b11c97d29e5..b090c553bd28 100644 --- a/lib/libcasper/services/cap_dns/Makefile +++ b/lib/libcasper/services/cap_dns/Makefile @@ -2,8 +2,6 @@ SHLIBDIR?= /lib .include <src.opts.mk> -PACKAGE= runtime - SHLIB_MAJOR= 2 INCSDIR?= ${INCLUDEDIR}/casper diff --git a/lib/libcasper/services/cap_fileargs/Makefile b/lib/libcasper/services/cap_fileargs/Makefile index 2c52d0887a48..9d70d0ab9237 100644 --- a/lib/libcasper/services/cap_fileargs/Makefile +++ b/lib/libcasper/services/cap_fileargs/Makefile @@ -2,8 +2,6 @@ SHLIBDIR?= /lib .include <src.opts.mk> -PACKAGE= runtime - SHLIB_MAJOR= 1 INCSDIR?= ${INCLUDEDIR}/casper diff --git a/lib/libcasper/services/cap_grp/Makefile b/lib/libcasper/services/cap_grp/Makefile index a921dfa87e7c..13e695813bcf 100644 --- a/lib/libcasper/services/cap_grp/Makefile +++ b/lib/libcasper/services/cap_grp/Makefile @@ -2,8 +2,6 @@ SHLIBDIR?= /lib .include <src.opts.mk> -PACKAGE= runtime - SHLIB_MAJOR= 1 INCSDIR?= ${INCLUDEDIR}/casper diff --git a/lib/libcasper/services/cap_net/Makefile b/lib/libcasper/services/cap_net/Makefile index 1ba35a674a05..4e9814118c41 100644 --- a/lib/libcasper/services/cap_net/Makefile +++ b/lib/libcasper/services/cap_net/Makefile @@ -2,8 +2,6 @@ SHLIBDIR?= /lib .include <src.opts.mk> -PACKAGE=libcasper - SHLIB_MAJOR= 1 INCSDIR?= ${INCLUDEDIR}/casper diff --git a/lib/libcasper/services/cap_netdb/Makefile b/lib/libcasper/services/cap_netdb/Makefile index 853052e78d04..a330eeedeb11 100644 --- a/lib/libcasper/services/cap_netdb/Makefile +++ b/lib/libcasper/services/cap_netdb/Makefile @@ -2,8 +2,6 @@ SHLIBDIR?= /lib .include <src.opts.mk> -PACKAGE= runtime - SHLIB_MAJOR= 1 INCSDIR?= ${INCLUDEDIR}/casper diff --git a/lib/libcasper/services/cap_pwd/Makefile b/lib/libcasper/services/cap_pwd/Makefile index a1e97845c736..ba8df80d5ad7 100644 --- a/lib/libcasper/services/cap_pwd/Makefile +++ b/lib/libcasper/services/cap_pwd/Makefile @@ -2,8 +2,6 @@ SHLIBDIR?= /lib .include <src.opts.mk> -PACKAGE= runtime - SHLIB_MAJOR= 1 INCSDIR?= ${INCLUDEDIR}/casper diff --git a/lib/libcasper/services/cap_sysctl/Makefile b/lib/libcasper/services/cap_sysctl/Makefile index 522313df4ffc..4408bad4efb4 100644 --- a/lib/libcasper/services/cap_sysctl/Makefile +++ b/lib/libcasper/services/cap_sysctl/Makefile @@ -2,8 +2,6 @@ SHLIBDIR?= /lib .include <src.opts.mk> -PACKAGE= runtime - SHLIB_MAJOR= 2 INCSDIR?= ${INCLUDEDIR}/casper diff --git a/lib/libcasper/services/cap_syslog/Makefile b/lib/libcasper/services/cap_syslog/Makefile index 88979d8bed23..d18ad6d76ede 100644 --- a/lib/libcasper/services/cap_syslog/Makefile +++ b/lib/libcasper/services/cap_syslog/Makefile @@ -2,8 +2,6 @@ SHLIBDIR?= /lib .include <src.opts.mk> -PACKAGE= runtime - SHLIB_MAJOR= 1 INCSDIR?= ${INCLUDEDIR}/casper diff --git a/lib/libcasper/services/tests/Makefile b/lib/libcasper/services/tests/Makefile index 29b1b564beca..4b6c72fd86e8 100644 --- a/lib/libcasper/services/tests/Makefile +++ b/lib/libcasper/services/tests/Makefile @@ -1,4 +1,6 @@ .PATH: ${SRCTOP}/tests + +PACKAGE= tests KYUAFILE= yes .include <bsd.test.mk> diff --git a/lib/libcasper/tests/Makefile b/lib/libcasper/tests/Makefile index 29b1b564beca..4b6c72fd86e8 100644 --- a/lib/libcasper/tests/Makefile +++ b/lib/libcasper/tests/Makefile @@ -1,4 +1,6 @@ .PATH: ${SRCTOP}/tests + +PACKAGE= tests KYUAFILE= yes .include <bsd.test.mk> diff --git a/libexec/atf/Makefile.inc b/libexec/atf/Makefile.inc index e40827fa0b69..5fd06c35cd09 100644 --- a/libexec/atf/Makefile.inc +++ b/libexec/atf/Makefile.inc @@ -24,7 +24,7 @@ # SUCH DAMAGE. # -PACKAGE= atf +PACKAGE?= atf LIB_PACKAGE= CFLAGS+= -DHAVE_CONFIG_H diff --git a/libexec/atf/atf-check/tests/Makefile b/libexec/atf/atf-check/tests/Makefile index e98f82d941cd..6e21e4ede211 100644 --- a/libexec/atf/atf-check/tests/Makefile +++ b/libexec/atf/atf-check/tests/Makefile @@ -1,6 +1,8 @@ ATF= ${SRCTOP}/contrib/atf .PATH: ${ATF}/atf-sh +PACKAGE= tests + ATF_TESTS_SH= atf-check_test .include <bsd.test.mk> diff --git a/libexec/atf/tests/Makefile b/libexec/atf/tests/Makefile index 29b1b564beca..ad9431e75a63 100644 --- a/libexec/atf/tests/Makefile +++ b/libexec/atf/tests/Makefile @@ -1,4 +1,7 @@ .PATH: ${SRCTOP}/tests + +PACKAGE= tests + KYUAFILE= yes .include <bsd.test.mk> diff --git a/release/Makefile.vm b/release/Makefile.vm index a04f779ebebb..142fd6e7bdf5 100644 --- a/release/Makefile.vm +++ b/release/Makefile.vm @@ -129,6 +129,13 @@ ${_CW:tu}${_FS:tu}${_FMT:tu}IMAGE= ${_CW:tl}.${_FS}.${_FMT} cw-${_CW:tl}-${_FS}-${_FMT}: cw-ec2-base-${_FS}-${_FMT} .endif +# Special handling: GCE images ingest src.txz and ports.txz and expect them +# to be in the /ftp/ directory. Note: This will need to be reworked before +# distribution sets go away! +.if ${_CW} == GCE +cw-${_CW:tl}-${_FS}-${_FMT}: ftp +.endif + cw-${_CW:tl}-${_FS}-${_FMT}: ${QEMUTGT} ${PKGBASE_REPO_DIR} mkdir -p ${.OBJDIR}/${.TARGET} env TARGET=${TARGET} TARGET_ARCH=${TARGET_ARCH} SWAPSIZE=${SWAPSIZE} \ diff --git a/release/packages/sets/base-dbg.ucl b/release/packages/sets/base-dbg.ucl index 79e5de22522e..c96b10416dcb 100644 --- a/release/packages/sets/base-dbg.ucl +++ b/release/packages/sets/base-dbg.ucl @@ -28,5 +28,8 @@ deps { }, "set-devel-dbg" { version = "${VERSION}" + }, + "set-optional-dbg" { + version = "${VERSION}" } } diff --git a/release/tools/gce.conf b/release/tools/gce.conf index a7ccfc27a75c..2fa23f6e54f4 100644 --- a/release/tools/gce.conf +++ b/release/tools/gce.conf @@ -21,7 +21,7 @@ vm_extra_install_base() { echo 'search google.internal' > ${DESTDIR}/etc/resolv.conf echo 'nameserver 169.254.169.254' >> ${DESTDIR}/etc/resolv.conf echo 'nameserver 8.8.8.8' >> ${DESTDIR}/etc/resolv.conf - metalog_add ./etc/resolv.conf + metalog_add_data ./etc/resolv.conf } vm_extra_pre_umount() { @@ -100,11 +100,12 @@ EOF fi if [ -e "${DESTDIR}/../ftp/ports.txz" ]; then tar fxJ ${DESTDIR}/../ftp/ports.txz -C ${DESTDIR} - _INSTALLED_PACKAGES=$(pkg -r ${DESTDIR} info -o -q -a) + _INSTALLED_PACKAGES=$(pkg -r ${DESTDIR} info -o -q -a | grep -v ^base/) for PACKAGE in ${_INSTALLED_PACKAGES}; do make -C ${DESTDIR}/usr/ports/${PACKAGE} fetch \ - DISTDIR=${DESTDIR}/usr/ports/distfiles - + DISTDIR=${DESTDIR}/usr/ports/distfiles \ + DISABLE_VULNERABILITIES=YES \ + I_DONT_CARE_IF_MY_BUILDS_TARGET_THE_WRONG_RELEASE=YES done fi diff --git a/release/tools/vmimage.subr b/release/tools/vmimage.subr index 3bfef585f613..92f00f9cf7c3 100644 --- a/release/tools/vmimage.subr +++ b/release/tools/vmimage.subr @@ -212,6 +212,13 @@ vm_extra_install_packages() { -r ${DESTDIR} \ install -y -r ${PKG_REPO_NAME} $pkg done + INSTALL_AS_USER=yes \ + ${PKG_CMD} \ + -o ABI=${PKG_ABI} \ + -o REPOS_DIR=${PKG_REPOS_DIR} \ + -o PKG_DBDIR=${DESTDIR}/var/db/pkg \ + -r ${DESTDIR} \ + autoremove metalog_add_data ./var/db/pkg/local.sqlite else if [ -n "${WITHOUT_QEMU}" ]; then @@ -224,6 +231,8 @@ vm_extra_install_packages() { chroot ${DESTDIR} ${EMULATOR} env ASSUME_ALWAYS_YES=yes \ /usr/sbin/pkg install -y ${p} done + chroot ${DESTDIR} ${EMULATOR} env ASSUME_ALWAYS_YES=yes \ + /usr/sbin/pkg autoremove fi return 0 @@ -440,7 +449,11 @@ vm_create_disk() { # Create an ESP espfilename=$(mktemp /tmp/efiboot.XXXXXX) make_esp_file ${espfilename} ${fat32min} ${BOOTFILES}/efi/loader_lua/loader_lua.efi - BOOTPARTS="${BOOTPARTS} -p efi/efiboot0:=${espfilename}" + espsuffix="" + if [ -z "${BOOTPARTS}" ]; then + espsuffix="${BOOTPARTSOFFSET}" + fi + BOOTPARTS="${BOOTPARTS} -p efi/efiboot0:=${espfilename}${espsuffix}" # Add this to fstab mkdir -p ${DESTDIR}/boot/efi diff --git a/sbin/dumpon/dumpon.8 b/sbin/dumpon/dumpon.8 index a57dfef7096d..f2082a58851d 100644 --- a/sbin/dumpon/dumpon.8 +++ b/sbin/dumpon/dumpon.8 @@ -228,6 +228,20 @@ total amount of physical memory as reported by the .Va hw.physmem .Xr sysctl 8 variable. +.Sh SYSCTL VARIABLES +The following +.Xr sysctl 8 +variables can be used to modify or monitor the behavior of crash dumps: +.Bl -tag -width "machdep.dump_retry_count" +.It Va debug.minidump +Set the type of kernel crash dump. +Possible values are 0 for a full crash dump or 1 for a minidump. +The default is minidump. +.It Va machdep.dump_retry_count +The maximum number of times dump will retry before giving up. +The default value is 5. +This sysctl is only supported on PowerPC and AMD64. +.El .Sh IMPLEMENTATION NOTES Because the file system layer is already dead by the time a crash dump is taken, it is not possible to send crash dumps directly to a file. @@ -377,6 +391,7 @@ needed. .Xr loader 8 , .Xr rc 8 , .Xr savecore 8 , +.Xr sysctl 8 , .Xr swapon 8 , .Xr panic 9 .Sh HISTORY diff --git a/sbin/mksnap_ffs/mksnap_ffs.c b/sbin/mksnap_ffs/mksnap_ffs.c index 0d8e32a15ab3..58939cc69029 100644 --- a/sbin/mksnap_ffs/mksnap_ffs.c +++ b/sbin/mksnap_ffs/mksnap_ffs.c @@ -150,7 +150,7 @@ main(int argc, char **argv) errx(1, "%s: Not a mount point", stfsbuf.f_mntonname); } if (cp != stfsbuf.f_mntonname) - strlcpy(stfsbuf.f_mntonname, cp, sizeof(stfsbuf.f_mntonname)); + memmove(stfsbuf.f_mntonname, cp, strlen(cp) + 1); /* * Having verified access to the directory in which the diff --git a/secure/lib/libcrypto/Makefile.inc b/secure/lib/libcrypto/Makefile.inc index 5b281166df61..73c650d590ff 100644 --- a/secure/lib/libcrypto/Makefile.inc +++ b/secure/lib/libcrypto/Makefile.inc @@ -1,6 +1,6 @@ .include <bsd.own.mk> -PACKAGE= openssl +PACKAGE?= openssl LIB_PACKAGE= LCRYPTO_SRC= ${SRCTOP}/crypto/openssl diff --git a/share/man/man4/ciss.4 b/share/man/man4/ciss.4 index 28d6556ecd85..d731aaddad38 100644 --- a/share/man/man4/ciss.4 +++ b/share/man/man4/ciss.4 @@ -1,7 +1,7 @@ .\" Written by Tom Rhodes .\" This file is in the public domain. .\" -.Dd January 26, 2012 +.Dd November 6, 2025 .Dt CISS 4 .Os .Sh NAME @@ -87,9 +87,10 @@ might be solved by updating the firmware and/or setting the .Va hw.ciss.nop_message_heartbeat tunable to non-zero at boot time. .Sh HARDWARE -Controllers supported by the +The .Nm -driver include: +driver supports controllers implementing +Common Interface for SCSI-3 Support Open Specification v1.04, including: .Pp .Bl -bullet -compact .It @@ -145,6 +146,8 @@ HP Smart Array P430i .It HP Smart Array P431 .It +HP Smart Array P440ar +.It HP Smart Array P530 .It HP Smart Array P531 diff --git a/share/man/man4/hifn.4 b/share/man/man4/hifn.4 index 22494fcb6c6d..f145d61282fc 100644 --- a/share/man/man4/hifn.4 +++ b/share/man/man4/hifn.4 @@ -24,7 +24,7 @@ .\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd July 29, 2020 +.Dd October 31, 2025 .Dt HIFN 4 .Os .Sh NAME @@ -46,6 +46,11 @@ module at boot time, place the following line in .Bd -literal -offset indent hifn_load="YES" .Ed +.Sh DEPRECATION NOTICE +The +.Nm +driver is deprecated and is scheduled for removal in +.Fx 16.0 . .Sh DESCRIPTION The .Nm diff --git a/share/man/man4/ice.4 b/share/man/man4/ice.4 index 172b5a197b64..a54a6b3fd6f3 100644 --- a/share/man/man4/ice.4 +++ b/share/man/man4/ice.4 @@ -32,12 +32,12 @@ .\" .\" * Other names and brands may be claimed as the property of others. .\" -.Dd March 28, 2025 +.Dd November 5, 2025 .Dt ICE 4 .Os .Sh NAME .Nm ice -.Nd Intel Ethernet 800 Series Driver +.Nd Intel Ethernet 800 Series 1GbE to 200GbE driver .Sh SYNOPSIS .Cd device iflib .Cd device ice @@ -62,42 +62,75 @@ or .Cd dev.ice.#.pba_number .Cd dev.ice.#.hw.mac.* .Sh DESCRIPTION -.Ss Features The .Nm driver provides support for any PCI Express adapter or LOM -(LAN On Motherboard) -in the Intel\(rg Ethernet 800 Series. -As of this writing, the series includes devices with these model numbers: +.Pq LAN On Motherboard +in the Intel Ethernet 800 Series. +.Pp +The following topics are covered in this manual: .Pp .Bl -bullet -compact .It -Intel\(rg Ethernet Controller E810\-C +.Sx Features +.It +.Sx Dynamic Device Personalization +.It +.Sx Jumbo Frames +.It +.Sx Remote Direct Memory Access +.It +.Sx RDMA Monitoring +.It +.Sx Data Center Bridging +.It +.Sx L3 QoS Mode +.It +.Sx Firmware Link Layer Discovery Protocol Agent +.It +.Sx Link-Level Flow Control +.It +.Sx Forward Error Correction +.It +.Sx Speed and Duplex Configuration +.It +.Sx Disabling physical link when the interface is brought down +.It +.Sx Firmware Logging +.It +.Sx Debug Dump +.It +.Sx Debugging PHY Statistics .It -Intel\(rg Ethernet Controller E810\-XXV +.Sx Transmit Balancing .It -Intel\(rg Ethernet Connection E822\-C +.Sx Thermal Monitoring .It -Intel\(rg Ethernet Connection E822\-L +.Sx Network Memory Buffer Allocation .It -Intel\(rg Ethernet Connection E823\-C +.Sx Additional Utilities .It -Intel\(rg Ethernet Connection E823\-L +.Sx Optics and auto-negotiation .It -Intel\(rg Ethernet Connection E825\-C +.Sx PCI-Express Slot Bandwidth .It -Intel\(rg Ethernet Connection E830\-C +.Sx HARDWARE .It -Intel\(rg Ethernet Connection E830\-CC +.Sx LOADER TUNABLES .It -Intel\(rg Ethernet Connection E830\-L +.Sx SYSCTL VARIABLES .It -Intel\(rg Ethernet Connection E830\-XXV +.Sx INTERRUPT STORMS +.It +.Sx IOVCTL OPTIONS +.It +.Sx SUPPORT +.It +.Sx SEE ALSO +.It +.Sx HISTORY .El -.Pp -For questions related to hardware requirements, refer to the documentation -supplied with your adapter. -.Pp +.Ss Features Support for Jumbo Frames is provided via the interface MTU setting. Selecting an MTU larger than 1500 bytes with the .Xr ifconfig 8 @@ -141,21 +174,20 @@ downloading a new driver or DDP package. Safe Mode only applies to the affected physical function and does not impact any other PFs. See the -.Dq Intel\(rg Ethernet Adapters and Devices User Guide +.Dq Intel Ethernet Adapters and Devices User Guide for more details on DDP and Safe Mode. .Pp -If you encounter issues with the DDP package file, you may need to download -an updated driver or +If issues are encountered with the DDP package file, an updated driver or .Sy ice_ddp -module. +module may need to be downloaded. See the log messages for more information. .Pp -You cannot update the DDP package if any PF drivers are already loaded. +The DDP package cannot be updated if any PF drivers are already loaded. To overwrite a package, unload all PFs and then reload the driver with the new package. .Pp -You can only use one DDP package per driver, even if you have more than one -device installed that uses the driver. +Only one DDP package can be used per driver, +even if more than one installed device uses the driver. .Pp Only the first loaded PF per device can download a package for that device. .Ss Jumbo Frames @@ -174,9 +206,9 @@ each jumbo packet. This should help to avoid buffer starvation issues when allocating receive packets. .Pp -Packet loss may have a greater impact on throughput when you use jumbo -frames. -If you observe a drop in performance after enabling jumbo frames, enabling +Packet loss may have a greater impact on throughput when jumbo frames are in +use. +If a drop in performance is observed after enabling jumbo frames, enabling flow control may mitigate the issue. .Ss Remote Direct Memory Access Remote Direct Memory Access, or RDMA, allows a network device to transfer data @@ -188,20 +220,20 @@ RoCEv2 (RDMA over Converged Ethernet) protocols. The major difference is that iWARP performs RDMA over TCP, while RoCEv2 uses UDP. .Pp -Devices based on the Intel\(rg Ethernet 800 Series do not support RDMA when +Devices based on the Intel Ethernet 800 Series do not support RDMA when operating in multiport mode with more than 4 ports. .Pp For detailed installation and configuration information for RDMA, see .Xr irdma 4 . .Ss RDMA Monitoring -For debugging/testing purposes, you can use sysctl to set up a mirroring +For debugging/testing purposes, a sysctl can be used to set up a mirroring interface on a port. The interface can receive mirrored RDMA traffic for packet analysis tools like .Xr tcpdump 1 . This mirroring may impact performance. .Pp -To use RDMA monitoring, you may need to reserve more MSI\-X interrupts. +To use RDMA monitoring, more MSI-X interrupts may need to be reserved. Before the .Nm driver loads, configure the following tunable provided by @@ -210,7 +242,7 @@ driver loads, configure the following tunable provided by dev.ice.<interface #>.iflib.use_extra_msix_vectors=4 .Ed .Pp -You may need to adjust the number of extra MSI\-X interrupt vectors. +The number of extra MSI-X interrupt vectors may need to be adjusted. .Pp To create/delete the interface: .Bd -literal -offset indent @@ -246,14 +278,15 @@ DCB is normally configured on the network using the DCBX protocol (802.1Qaz), a specialization of LLDP (802.1AB). The .Nm driver supports the following mutually exclusive variants of DCBX support: +.Pp .Bl -bullet -compact .It -Firmware\-based LLDP Agent +Firmware-based LLDP Agent .It -Software\-based LLDP Agent +Software-based LLDP Agent .El .Pp -In firmware\-based mode, firmware intercepts all LLDP traffic and handles DCBX +In firmware-based mode, firmware intercepts all LLDP traffic and handles DCBX negotiation transparently for the user. In this mode, the adapter operates in .Dq willing @@ -263,30 +296,30 @@ The local user can only query the negotiated DCB configuration. For information on configuring DCBX parameters on a switch, please consult the switch manufacturer'ss documentation. .Pp -In software\-based mode, LLDP traffic is forwarded to the network stack and user +In software-based mode, LLDP traffic is forwarded to the network stack and user space, where a software agent can handle it. In this mode, the adapter can operate in .Dq nonwilling DCBX mode and DCB configuration can be both queried and set locally. -This mode requires the FW\-based LLDP Agent to be disabled. +This mode requires the FW-based LLDP Agent to be disabled. .Pp -Firmware\-based mode and software\-based mode are controlled by the +Firmware-based mode and software-based mode are controlled by the .Dq fw_lldp_agent sysctl. Refer to the Firmware Link Layer Discovery Protocol Agent section for more information. .Pp -Link\-level flow control and priority flow control are mutually exclusive. +Link-level flow control and priority flow control are mutually exclusive. The ice driver will disable link flow control when priority flow control is enabled on any traffic class (TC). It will disable priority flow control when link flow control is enabled. .Pp -To enable/disable priority flow control in software\-based DCBX mode: +To enable/disable priority flow control in software-based DCBX mode: .Bd -literal -offset indent sysctl dev.ice.<interface #>.pfc=1 (or 0 to disable) .Ed .Pp -Enhanced Transmission Selection (ETS) allows you to assign bandwidth to certain +Enhanced Transmission Selection (ETS) allows bandwidth to be assigned to certain TCs, to help ensure traffic reliability. To view the assigned ETS configuration, use the following: .Bd -literal -offset indent @@ -308,10 +341,10 @@ For example, to map UP 0 and 1 to TC 0, UP 2 and 3 to TC 1, UP 4 and .Bd -literal -offset indent sysctl dev.ice.<interface #>.up2tc_map=0,0,1,1,2,2,3,3 .Ed -.Ss L3 QoS mode +.Ss L3 QoS Mode The .Nm -driver supports setting DSCP\-based Layer 3 Quality of Service (L3 QoS) +driver supports setting DSCP-based Layer 3 Quality of Service (L3 QoS) in the PF driver. The driver initializes in L2 QoS mode by default; L3 QoS is disabled by default. @@ -320,13 +353,13 @@ Use the following sysctl to enable or disable L3 QoS: sysctl dev.ice.<interface #>.pfc_mode=1 (or 0 to disable) .Ed .Pp -If you disable L3 QoS mode, it returns to L2 QoS mode. +If L3 QoS mode is disabled, it returns to L2 QoS mode. .Pp To map a DSCP value to a traffic class, separate the values by commas. -For example, to map DSCPs 0\-3 and DSCP 8 to DCB TCs 0\-3 and 4, respectively: +For example, to map DSCPs 0-3 and DSCP 8 to DCB TCs 0-3 and 4, respectively: .Bd -literal -offset indent -sysctl dev.ice.<interface #>.dscp2tc_map.0\-7=0,1,2,3,0,0,0,0 -sysctl dev.ice.<interface #>.dscp2tc_map.8\-15=4,0,0,0,0,0,0,0 +sysctl dev.ice.<interface #>.dscp2tc_map.0-7=0,1,2,3,0,0,0,0 +sysctl dev.ice.<interface #>.dscp2tc_map.8-15=4,0,0,0,0,0,0,0 .Ed .Pp To change the DSCP mapping back to the default traffic class, set all the @@ -337,25 +370,25 @@ To view the currently configured mappings, use the following: sysctl dev.ice.<interface #>.dscp2tc_map .Ed .Pp -L3 QoS mode is not available when FW\-LLDP is enabled. +L3 QoS mode is not available when FW-LLDP is enabled. .Pp -You also cannot enable FW\-LLDP if L3 QoS mode is active. +FW-LLDP cannot be enabled if L3 QoS mode is active. .Pp -Disable FW\-LLDP before switching to L3 QoS mode. +Disable FW-LLDP before switching to L3 QoS mode. .Pp Refer to the .Sx Firmware Link Layer Discovery Protocol Agent -section in this README for more information on disabling FW\-LLDP. +section in this README for more information on disabling FW-LLDP. .Ss Firmware Link Layer Discovery Protocol Agent -Use sysctl to change FW\-LLDP settings. -The FW\-LLDP setting is per port and persists across boots. +Use sysctl to change FW-LLDP settings. +The FW-LLDP setting is per port and persists across boots. .Pp -To enable the FW\-LLDP Agent: +To enable the FW-LLDP Agent: .Bd -literal -offset indent sysctl dev.ice.<interface #>.fw_lldp_agent=1 .Ed .Pp -To disable the FW\-LLDP Agebt: +To disable the FW-LLDP Agebt: .Bd -literal -offset indent sysctl dev.ice.<interface #>.fw_lldp_agent=0 .Ed @@ -365,15 +398,18 @@ To check the current LLDP setting: sysctl dev.ice.<interface #>.fw_lldp_agent .Ed .Pp -You must enable the UEFI HII LLDP Agent attribute for this setting +The UEFI HII LLDP Agent attribute must be enabled for this setting to take effect. If the .Dq LLDP AGENT -attribute is set to disabled, you cannot enable the FW\-LLDP Agent from the +attribute is set to disabled, the FW-LLDP Agent cannot be enabled from the driver. -.Ss Link\-Level Flow Control (LFC) -Ethernet Flow Control (IEEE 802.3x) can be configured with sysctl to enable -receiving and transmitting pause frames for +.Ss Link-Level Flow Control +Ethernet Flow Control +.Pq IEEE 802.3x or LFC +can be configured with +.Xr sysctl 8 +to enable receiving and transmitting pause frames for .Nm . When transmit is enabled, pause frames are generated when the receive packet buffer crosses a predefined threshold. @@ -426,16 +462,16 @@ provide a stable link without FEC. .Pp For devices to benefit from this feature, link partners must have FEC enabled. .Pp -If you enable the sysctl -.Em allow_no_fec_modules_in_auto -Auto FEC negotiation will include +If the +.Va allow_no_fec_modules_in_auto +sysctl is enabled Auto FEC negotiation will include .Dq No FEC -in case your link partner does not have FEC enabled or is not FEC capable: +in case the link partner does not have FEC enabled or is not FEC capable: .Bd -literal -offset indent sysctl dev.ice.<interface #>.allow_no_fec_modules_in_auto=1 .Ed .Pp -NOTE: This flag is currently not supported on the Intel\(rg Ethernet 830 +NOTE: This flag is currently not supported on the Intel Ethernet 830 Series. .Pp To show the current FEC settings that are negotiated on the link: @@ -450,32 +486,32 @@ sysctl dev.ice.<interface #>.requested_fec .Pp To see the valid FEC modes for the link: .Bd -literal -offset indent -sysctl \-d dev.ice.<interface #>.requested_fec +sysctl -d dev.ice.<interface #>.requested_fec .Ed .Ss Speed and Duplex Configuration -You cannot set duplex or autonegotiation settings. +The speed and duplex settings cannot be hard set. .Pp -To have your device change the speeds it will use in auto-negotiation or +To have the device change the speeds it will use in auto-negotiation or force link with: .Bd -literal -offset indent sysctl dev.ice.<interface #>.advertise_speed=<mask> .Ed .Pp Supported speeds will vary by device. -Depending on the speeds your device supports, valid bits used in a speed mask +Depending on the speeds the device supports, valid bits used in a speed mask could include: .Bd -literal -offset indent -0x0 \- Auto -0x2 \- 100 Mbps -0x4 \- 1 Gbps -0x8 \- 2.5 Gbps -0x10 \- 5 Gbps -0x20 \- 10 Gbps -0x80 \- 25 Gbps -0x100 \- 40 Gbps -0x200 \- 50 Gbps -0x400 \- 100 Gbps -0x800 \- 200 Gbps +0x0 - Auto +0x2 - 100 Mbps +0x4 - 1 Gbps +0x8 - 2.5 Gbps +0x10 - 5 Gbps +0x20 - 10 Gbps +0x80 - 25 Gbps +0x100 - 40 Gbps +0x200 - 50 Gbps +0x400 - 100 Gbps +0x800 - 200 Gbps .Ed .Ss Disabling physical link when the interface is brought down When the @@ -495,7 +531,7 @@ The driver allows for the generation of firmware logs for supported categories of events, to help debug issues with Customer Support. Refer to the -.Dq Intel\(rg Ethernet Adapters and Devices User Guide +.Dq Intel Ethernet Adapters and Devices User Guide for an overview of this feature and additional tips. .Pp At a high level, to capture a firmware log: @@ -503,13 +539,13 @@ At a high level, to capture a firmware log: .It Set the configuration for the firmware log. .It -Perform the necessary steps to generate the issue you are trying to debug. +Perform the necessary steps to reproduce the issue. .It Capture the firmware log. .It Stop capturing the firmware log. .It -Reset your firmware log settings as needed. +Reset the firmware log settings as needed. .It Work with Customer Support to debug the issue. .El @@ -554,7 +590,7 @@ DCBx (Bit 11) .It Va dcb DCB (Bit 12) .It Va xlr -XLR (function\-level resets; Bit 13) +XLR (function-level resets; Bit 13) .It Va nvm NVM (Bit 14) .It Va auth @@ -562,7 +598,7 @@ Authentication (Bit 15) .It Va vpd Vital Product Data (Bit 16) .It Va iosf -Intel On\-Chip System Fabric (Bit 17) +Intel On-Chip System Fabric (Bit 17) .It Va parser Parser (Bit 18) .It Va sw @@ -593,8 +629,8 @@ PF Registration (Bit 30) Module Version (Bit 31) .El .Pp -You can change the verbosity level of the firmware logs. -You can set only one log level per module, and each level includes the +The verbosity level of the firmware logs can be modified. +It is possible to set only one log level per module, and each level includes the verbosity levels lower than it. For instance, setting the level to .Dq normal @@ -650,8 +686,8 @@ dmesg > log_output NOTE: Logging a large number of modules or too high of a verbosity level will add extraneous messages to dmesg and could hinder debug efforts. .Ss Debug Dump -Intel\(rg Ethernet 800 Series devices support debug dump, which allows you to -obtain runtime register values from the firmware for +Intel Ethernet 800 Series devices support debug dump, +which allows gathering of runtime register values from the firmware for .Dq clusters of events and then write the results to a single dump file, for debugging complicated issues in the field. @@ -663,8 +699,8 @@ Debug dump captures the current state of the specified cluster(s) and is a stateless snapshot of the whole device. .Pp NOTE: Like with firmware logs, the contents of the debug dump are not -human\-readable. -You must work with Customer Support to decode the file. +human-readable. +Work with Customer Support to decode the file. .Pp Debug dump is per device, not per PF. .Pp @@ -686,7 +722,7 @@ pass the argument. For example: .Bd -literal -offset indent -sysctl \-d dev.ice.0.debug.dump.clusters +sysctl -d dev.ice.0.debug.dump.clusters .Ed .Pp Possible bitmask values for @@ -694,24 +730,24 @@ Possible bitmask values for are: .Bl -bullet -compact .It -0 \- Dump all clusters (only supported on Intel\(rg Ethernet E810 Series and -Intel\(rg Ethernet E830 Series) +0 - Dump all clusters (only supported on Intel Ethernet E810 Series and +Intel Ethernet E830 Series) .It -0x1 \- Switch +0x1 - Switch .It -0x2 \- ACL +0x2 - ACL .It -0x4 \- Tx Scheduler +0x4 - Tx Scheduler .It -0x8 \- Profile Configuration +0x8 - Profile Configuration .It -0x20 \- Link +0x20 - Link .It -0x80 \- DCB +0x80 - DCB .It -0x100 \- L2P +0x100 - L2P .It -0x400000 \- Manageability Transactions (only supported on Intel\(rg Ethernet +0x400000 - Manageability Transactions (only supported on Intel Ethernet E810 Series) .El .Pp @@ -727,20 +763,19 @@ sysctl dev.ice.0.debug.dump.clusters=0 .Pp NOTE: Using 0 will skip Manageability Transactions data. .Pp -If you don't specify a cluster, the driver will dump all clusters to a -single file. +If a single cluster is not specified, +the driver will dump all clusters to a single file. Issue the debug dump command, using the following: .Bd -literal -offset indent -sysctl \-b dev.ice.<interface #>.debug.dump.dump=1 > dump.bin +sysctl -b dev.ice.<interface #>.debug.dump.dump=1 > dump.bin .Ed .Pp -NOTE: The driver will not receive the command if you do not write -.Dq 1 -to the sysctl. +NOTE: The driver will not receive the command if the sysctl is not set to +.Dq 1 . .Pp Replace .Dq dump.bin -above with the file name you want to use. +above with the preferred file name. .Pp To clear the .Va clusters @@ -754,7 +789,7 @@ The ice driver supports the ability to obtain the values of the PHY registers from Intel(R) Ethernet 810 Series devices in order to debug link and connection issues during runtime. .Pp -The driver allows you to obtain information about: +The driver provides information about: .Bl -bullet .It Rx and Tx Equalization parameters @@ -767,13 +802,13 @@ Use the following sysctl to read the PHY registers: sysctl dev.ice.<interface #>.debug.phy_statistics .Ed .Pp -NOTE: The contents of the registers are not human\-readable. -Like with firmware logs and debug dump, you must work with Customer Support +NOTE: The contents of the registers are not human-readable. +Like with firmware logs and debug dump, work with Customer Support to decode the file. .Ss Transmit Balancing -Some Intel(R) Ethernet 800 Series devices allow you to enable a transmit +Some Intel(R) Ethernet 800 Series devices allow for enabling a transmit balancing feature to improve transmit performance under certain conditions. -When the feature is enabled, you should experience more consistent transmit +When enabled, this feature should provide more consistent transmit performance across queues and/or PFs and VFs. .Pp By default, transmit balancing is disabled in the NVM. @@ -794,7 +829,7 @@ configures the device accordingly. .Pp NOTE: The user selection for transmit balancing in EPCT or HII is persistent across reboots. -You must reboot the system for the selected setting to take effect. +The system must be rebooted for the selected setting to take effect. .Pp This setting is device wide. .Pp @@ -811,7 +846,7 @@ sysctl dev.ice.<interface #>.temp may have a low number of network memory buffers (mbufs) by default. If the number of mbufs available is too low, it may cause the driver to fail to initialize and/or cause the system to become unresponsive. -You can check to see if the system is mbuf\-starved by running +Check to see if the system is mbuf-starved by running .Ic netstat Fl m . Increase the number of mbufs by editing the lines below in .Pa /etc/sysctl.conf : @@ -823,8 +858,8 @@ kern.ipc.nmbjumbo16 kern.ipc.nmbufs .Ed .Pp -The amount of memory that you allocate is system specific, and may require some -trial and error. +The amount of memory that should be allocated is system specific, +and may require some trial and error. Also, increasing the following in .Pa /etc/sysctl.conf could help increase network performance: @@ -849,13 +884,91 @@ To change the behavior of the QSFP28 ports on E810-C adapters, use the Intel To update the firmware on an adapter, use the Intel .Sy Non-Volatile Memory (NVM) Update Utility for Intel Ethernet Network Adapters E810 series - FreeBSD .El +.Ss Optics and auto-negotiation +Modules based on 100GBASE-SR4, +active optical cable (AOC), and active copper cable (ACC) +do not support auto-negotiation per the IEEE specification. +To obtain link with these modules, +auto-negotiation must be turned off on the link partner's switch ports. +.Pp +Note that adapters also support +all passive and active limiting direct attach cables +that comply with SFF-8431 v4.1 and SFF-8472 v10.4 specifications. +.Ss PCI-Express Slot Bandwidth +Some PCIe x8 slots are actually configured as x4 slots. +These slots have insufficient bandwidth +for full line rate with dual port and quad port devices. +In addition, +if a PCIe v4.0 or v3.0-capable adapter is placed into into a PCIe v2.x +slot, full bandwidth will not be possible. +.Pp +The driver detects this situation and +writes the following message in the system log: +.Bd -ragged -offset indent +PCI-Express bandwidth available for this device +may be insufficient for optimal performance. +Please move the device to a different PCI-e link +with more lanes and/or higher transfer rate. +.Ed +.Pp +If this error occurs, +moving the adapter to a true PCIe x8 or x16 slot will resolve the issue. +For best performance, install devices in the following PCI slots: +.Bl -bullet +.It +Any 100Gbps-capable Intel(R) Ethernet 800 Series device: Install in a +PCIe v4.0 x8 or v3.0 x16 slot +.It +A 200Gbps-capable Intel(R) Ethernet 830 Series device: Install in a +PCIe v5.0 x8 or v4.0 x16 slot +.El +.Pp +For questions related to hardware requirements, +refer to the documentation supplied with the adapter. .Sh HARDWARE The .Nm -driver supports the Intel Ethernet 800 series. -Some adapters in this series with SFP28/QSFP28 cages -have firmware that requires that Intel qualified modules are used; these -qualified modules are listed below. +driver supports the following +Intel 800 series 1Gb to 200Gb Ethernet controllers: +.Pp +.Bl -bullet -compact +.It +Intel Ethernet Controller E810-C +.It +Intel Ethernet Controller E810-XXV +.It +Intel Ethernet Connection E822-C +.It +Intel Ethernet Connection E822-L +.It +Intel Ethernet Connection E823-C +.It +Intel Ethernet Connection E823-L +.It +Intel Ethernet Connection E825-C +.It +Intel Ethernet Connection E830-C +.It +Intel Ethernet Connection E830-CC +.It +Intel Ethernet Connection E830-L +.It +Intel Ethernet Connection E830-XXV +.It +Intel Ethernet Connection E835-C +.It +Intel Ethernet Connection E835-CC +.It +Intel Ethernet Connection E835-L +.It +Intel Ethernet Connection E835-XXV +.El +.Pp +The +.Nm +driver supports some adapters in this series with SFP28/QSFP28 cages +which have firmware that requires that Intel qualified modules are used; +these qualified modules are listed below. This qualification check cannot be disabled by the driver. .Pp The @@ -864,13 +977,13 @@ driver supports 100Gb Ethernet adapters with these QSFP28 modules: .Pp .Bl -bullet -compact .It -Intel\(rg 100G QSFP28 100GBASE-SR4 E100GQSFPSR28SRX +Intel 100G QSFP28 100GBASE-SR4 E100GQSFPSR28SRX .It -Intel\(rg 100G QSFP28 100GBASE-SR4 SPTMBP1PMCDF +Intel 100G QSFP28 100GBASE-SR4 SPTMBP1PMCDF .It -Intel\(rg 100G QSFP28 100GBASE-CWDM4 SPTSBP3CLCCO +Intel 100G QSFP28 100GBASE-CWDM4 SPTSBP3CLCCO .It -Intel\(rg 100G QSFP28 100GBASE-DR SPTSLP2SLCDF +Intel 100G QSFP28 100GBASE-DR SPTSLP2SLCDF .El .Pp The @@ -879,11 +992,11 @@ driver supports 25Gb and 10Gb Ethernet adapters with these SFP28 modules: .Pp .Bl -bullet -compact .It -Intel\(rg 10G/25G SFP28 25GBASE-SR E25GSFP28SR +Intel 10G/25G SFP28 25GBASE-SR E25GSFP28SR .It -Intel\(rg 25G SFP28 25GBASE-SR E25GSFP28SRX (Extended Temp) +Intel 25G SFP28 25GBASE-SR E25GSFP28SRX (Extended Temp) .It -Intel\(rg 25G SFP28 25GBASE-LR E25GSFP28LRX (Extended Temp) +Intel 25G SFP28 25GBASE-LR E25GSFP28LRX (Extended Temp) .El .Pp The @@ -892,54 +1005,15 @@ driver supports 10Gb and 1Gb Ethernet adapters with these SFP+ modules: .Pp .Bl -bullet -compact .It -Intel\(rg 1G/10G SFP+ 10GBASE-SR E10GSFPSR +Intel 1G/10G SFP+ 10GBASE-SR E10GSFPSR .It -Intel\(rg 1G/10G SFP+ 10GBASE-SR E10GSFPSRG1P5 +Intel 1G/10G SFP+ 10GBASE-SR E10GSFPSRG1P5 .It -Intel\(rg 1G/10G SFP+ 10GBASE-SR E10GSFPSRG2P5 +Intel 1G/10G SFP+ 10GBASE-SR E10GSFPSRG2P5 .It -Intel\(rg 10G SFP+ 10GBASE-SR E10GSFPSRX (Extended Temp) +Intel 10G SFP+ 10GBASE-SR E10GSFPSRX (Extended Temp) .It -Intel\(rg 1G/10G SFP+ 10GBASE-LR E10GSFPLR -.El -.Pp -Note that adapters also support all passive and active -limiting direct attach cables that comply with SFF-8431 v4.1 and -SFF-8472 v10.4 specifications. -.Pp -This is not an exhaustive list; please consult product documentation for an -up-to-date list of supported media. -.Ss Fiber optics and auto\-negotiation -Modules based on 100GBASE\-SR4, active optical cable (AOC), and active copper -cable (ACC) do not support auto\-negotiation per the IEEE specification. -To obtain link with these modules, auto\-negotiation must be turned off on the -link partner's switch ports. -.Ss PCI-Express Slot Bandwidth -Some PCIe x8 slots are actually configured as x4 slots. -These slots have insufficient bandwidth for full line rate with dual port and -quad port devices. -In addition, if you put a PCIe v4.0 or v3.0\-capable adapter into a PCIe v2.x -slot, you cannot get full bandwidth. -.Pp -The driver detects this situation and writes the following message in the -system log: -.Bd -literal -offset indent -PCI\-Express bandwidth available for this device may be insufficient for -optimal performance. -Please move the device to a different PCI\-e link with more lanes and/or -higher transfer rate. -.Ed -.Pp -If this error occurs, moving your adapter to a true PCIe x8 or x16 slot will -resolve the issue. -For best performance, install devices in the following PCI slots: -.Bl -bullet -.It -Any 100Gbps\-capable Intel(R) Ethernet 800 Series device: Install in a -PCIe v4.0 x8 or v3.0 x16 slot -.It -A 200Gbps\-capable Intel(R) Ethernet 830 Series device: Install in a -PCIe v5.0 x8 or v4.0 x16 slot +Intel 1G/10G SFP+ 10GBASE-LR E10GSFPLR .El .Sh LOADER TUNABLES Tunables can be set at the @@ -1037,11 +1111,11 @@ on. Disabled by default. .It num-queues Pq uint16_t Specify the number of queues the VF will have. -By default, this is set to the number of MSI\-X vectors supported by the VF +By default, this is set to the number of MSI-X vectors supported by the VF minus one. .It mirror-src-vsi Pq uint16_t Specify which VSI the VF will mirror traffic from by setting this to a value -other than \-1. +other than -1. All traffic from that VSI will be mirrored to this VF. Can be used as an alternative method to mirror RDMA traffic to another interface than the method described in the diff --git a/share/man/man4/safe.4 b/share/man/man4/safe.4 index 89375d058bf7..914b2dd0dd1c 100644 --- a/share/man/man4/safe.4 +++ b/share/man/man4/safe.4 @@ -25,7 +25,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd November 22, 2024 +.Dd October 31, 2025 .Dt SAFE 4 .Os .Sh NAME @@ -57,6 +57,11 @@ In .Cd hw.safe.rngbufsize .Cd hw.safe.rngmaxalarm .Ed +.Sh DEPRECATION NOTICE +The +.Nm +driver is deprecated and is scheduled for removal in +.Fx 16.0 . .Sh DESCRIPTION The .Nm @@ -128,5 +133,14 @@ packet processing. .Xr random 4 , .Xr crypto 7 , .Xr crypto 9 +.Sh HISTORY +The +.Nm +driver first appeared in +.Fx 5.2 . +It is deprecated in +.Fx 15.0 +and removed in +.Fx 16.0 . .Sh BUGS Public key support is not implemented. diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile index a4d4a58c350d..4cea099b6c07 100644 --- a/share/man/man9/Makefile +++ b/share/man/man9/Makefile @@ -90,6 +90,7 @@ MAN= accept_filter.9 \ DECLARE_MODULE.9 \ DEFINE_IFUNC.9 \ DELAY.9 \ + deadfs.9 \ devclass.9 \ devclass_find.9 \ devclass_get_device.9 \ diff --git a/share/man/man9/buf.9 b/share/man/man9/buf.9 index ecd4a1487735..ff9a1d0d46e0 100644 --- a/share/man/man9/buf.9 +++ b/share/man/man9/buf.9 @@ -36,44 +36,70 @@ The kernel implements a KVM abstraction of the buffer cache which allows it to map potentially disparate vm_page's into contiguous KVM for use by (mainly file system) devices and device I/O. This abstraction supports -block sizes from DEV_BSIZE (usually 512) to upwards of several pages or more. +block sizes from +.Dv DEV_BSIZE +(usually 512) to upwards of several pages or more. It also supports a relatively primitive byte-granular valid range and dirty range currently hardcoded for use by NFS. The code implementing the VM Buffer abstraction is mostly concentrated in -.Pa /usr/src/sys/kern/vfs_bio.c . +.Pa sys/kern/vfs_bio.c +in the +.Fx +source tree. .Pp One of the most important things to remember when dealing with buffer pointers -(struct buf) is that the underlying pages are mapped directly from the buffer +.Pq Vt struct buf +is that the underlying pages are mapped directly from the buffer cache. No data copying occurs in the scheme proper, though some file systems such as UFS do have to copy a little when dealing with file fragments. The second most important thing to remember is that due to the underlying page -mapping, the b_data base pointer in a buf is always *page* aligned, not -*block* aligned. -When you have a VM buffer representing some b_offset and -b_size, the actual start of the buffer is (b_data + (b_offset & PAGE_MASK)) -and not just b_data. +mapping, the +.Va b_data +base pointer in a buf is always +.Em page Ns -aligned , +not +.Em block Ns -aligned . +When you have a VM buffer representing some +.Va b_offset +and +.Va b_size , +the actual start of the buffer is +.Ql b_data + (b_offset & PAGE_MASK) +and not just +.Ql b_data . Finally, the VM system's core buffer cache supports -valid and dirty bits (m->valid, m->dirty) for pages in DEV_BSIZE chunks. +valid and dirty bits +.Pq Va m->valid , m->dirty +for pages in +.Dv DEV_BSIZE +chunks. Thus a platform with a hardware page size of 4096 bytes has 8 valid and 8 dirty bits. These bits are generally set and cleared in groups based on the device block size of the device backing the page. Complete page's worth are often -referred to using the VM_PAGE_BITS_ALL bitmask (i.e., 0xFF if the hardware page +referred to using the +.Dv VM_PAGE_BITS_ALL +bitmask (i.e., 0xFF if the hardware page size is 4096). .Pp VM buffers also keep track of a byte-granular dirty range and valid range. This feature is normally only used by the NFS subsystem. I am not sure why it -is used at all, actually, since we have DEV_BSIZE valid/dirty granularity +is used at all, actually, since we have +.Dv DEV_BSIZE +valid/dirty granularity within the VM buffer. -If a buffer dirty operation creates a 'hole', +If a buffer dirty operation creates a +.Dq hole , the dirty range will extend to cover the hole. If a buffer validation -operation creates a 'hole' the byte-granular valid range is left alone and +operation creates a +.Dq hole +the byte-granular valid range is left alone and will not take into account the new extension. Thus the whole byte-granular abstraction is considered a bad hack and it would be nice if we could get rid @@ -81,16 +107,24 @@ of it completely. .Pp A VM buffer is capable of mapping the underlying VM cache pages into KVM in order to allow the kernel to directly manipulate the data associated with -the (vnode,b_offset,b_size). +the +.Pq Va vnode , b_offset , b_size . The kernel typically unmaps VM buffers the moment -they are no longer needed but often keeps the 'struct buf' structure -instantiated and even bp->b_pages array instantiated despite having unmapped +they are no longer needed but often keeps the +.Vt struct buf +structure +instantiated and even +.Va bp->b_pages +array instantiated despite having unmapped them from KVM. If a page making up a VM buffer is about to undergo I/O, the -system typically unmaps it from KVM and replaces the page in the b_pages[] +system typically unmaps it from KVM and replaces the page in the +.Va b_pages[] array with a place-marker called bogus_page. The place-marker forces any kernel -subsystems referencing the associated struct buf to re-lookup the associated +subsystems referencing the associated +.Vt struct buf +to re-lookup the associated page. I believe the place-marker hack is used to allow sophisticated devices such as file system devices to remap underlying pages in order to deal with, @@ -107,18 +141,29 @@ you wind up with pages marked clean that are actually still dirty. If not treated carefully, these pages could be thrown away! Indeed, a number of -serious bugs related to this hack were not fixed until the 2.2.8/3.0 release. -The kernel uses an instantiated VM buffer (i.e., struct buf) to place-mark pages +serious bugs related to this hack were not fixed until the +.Fx 2.2.8 / +.Fx 3.0 +release. +The kernel uses an instantiated VM buffer (i.e., +.Vt struct buf ) +to place-mark pages in this special state. -The buffer is typically flagged B_DELWRI. +The buffer is typically flagged +.Dv B_DELWRI . When a -device no longer needs a buffer it typically flags it as B_RELBUF. +device no longer needs a buffer it typically flags it as +.Dv B_RELBUF . Due to -the underlying pages being marked clean, the B_DELWRI|B_RELBUF combination must +the underlying pages being marked clean, the +.Ql B_DELWRI|B_RELBUF +combination must be interpreted to mean that the buffer is still actually dirty and must be written to its backing store before it can actually be released. In the case -where B_DELWRI is not set, the underlying dirty pages are still properly +where +.Dv B_DELWRI +is not set, the underlying dirty pages are still properly marked as dirty and the buffer can be completely freed without losing that clean/dirty state information. (XXX do we have to check other flags in @@ -128,7 +173,9 @@ The kernel reserves a portion of its KVM space to hold VM Buffer's data maps. Even though this is virtual space (since the buffers are mapped from the buffer cache), we cannot make it arbitrarily large because -instantiated VM Buffers (struct buf's) prevent their underlying pages in the +instantiated VM Buffers +.Pq Vt struct buf Ap s +prevent their underlying pages in the buffer cache from being freed. This can complicate the life of the paging system. diff --git a/share/man/man9/deadfs.9 b/share/man/man9/deadfs.9 new file mode 100644 index 000000000000..360451266625 --- /dev/null +++ b/share/man/man9/deadfs.9 @@ -0,0 +1,36 @@ +.\" +.\" SPDX-License-Identifier: BSD-2-Clause +.\" +.\" Copyright (c) 2025 Mateusz Piotrowski <0mp@FreeBSD.org> +.\" +.Dd October 24, 2025 +.Dt DEADFS 9 +.Os +.Sh NAME +.Nm deadfs +.Nd pseudo-filesystem to own reclaimed vnodes +.Sh DESCRIPTION +The +.Nm +file system implements operations that do not modify any data +and instead return indications of invalid IO. +Its role is to provide a fallback vnode operations vector for reclaimed +.Xr vnode 9 Ap s . +.Pp +It is a kernel-only pseudo-file system and so cannot be mounted from userspace. +.Sh SEE ALSO +.Xr insmntque 9 , +.Xr vnode 9 , +.Xr VOP_RECLAIM 9 +.Sh HISTORY +UNIX System Manager's Manual (SMM) for +.Bx 4.4 +described +.Nm +as a file system +.Dq where rejected vnods go to die . +.Sh AUTHORS +The +.Nm +manual page was written by +.An Mateusz Piotrowski Aq Mt 0mp@FreeBSD.org . diff --git a/sys/amd64/include/vmm.h b/sys/amd64/include/vmm.h index 66d8991d36e8..ad67510fecf3 100644 --- a/sys/amd64/include/vmm.h +++ b/sys/amd64/include/vmm.h @@ -237,7 +237,7 @@ extern u_int vm_maxcpu; /* maximum virtual cpus */ int vm_create(const char *name, struct vm **retvm); struct vcpu *vm_alloc_vcpu(struct vm *vm, int vcpuid); void vm_disable_vcpu_creation(struct vm *vm); -void vm_slock_vcpus(struct vm *vm); +void vm_lock_vcpus(struct vm *vm); void vm_unlock_vcpus(struct vm *vm); void vm_destroy(struct vm *vm); int vm_reinit(struct vm *vm); @@ -362,6 +362,7 @@ enum vcpu_state { }; int vcpu_set_state(struct vcpu *vcpu, enum vcpu_state state, bool from_idle); +int vcpu_set_state_all(struct vm *vm, enum vcpu_state state); enum vcpu_state vcpu_get_state(struct vcpu *vcpu, int *hostcpu); static int __inline diff --git a/sys/amd64/vmm/vmm.c b/sys/amd64/vmm/vmm.c index 7254ebed6097..473887240b9b 100644 --- a/sys/amd64/vmm/vmm.c +++ b/sys/amd64/vmm/vmm.c @@ -562,9 +562,9 @@ vm_alloc_vcpu(struct vm *vm, int vcpuid) } void -vm_slock_vcpus(struct vm *vm) +vm_lock_vcpus(struct vm *vm) { - sx_slock(&vm->vcpus_init_lock); + sx_xlock(&vm->vcpus_init_lock); } void @@ -991,6 +991,54 @@ save_guest_fpustate(struct vcpu *vcpu) static VMM_STAT(VCPU_IDLE_TICKS, "number of ticks vcpu was idle"); +/* + * Invoke the rendezvous function on the specified vcpu if applicable. Return + * true if the rendezvous is finished, false otherwise. + */ +static bool +vm_rendezvous(struct vcpu *vcpu) +{ + struct vm *vm = vcpu->vm; + int vcpuid; + + mtx_assert(&vcpu->vm->rendezvous_mtx, MA_OWNED); + KASSERT(vcpu->vm->rendezvous_func != NULL, + ("vm_rendezvous: no rendezvous pending")); + + /* 'rendezvous_req_cpus' must be a subset of 'active_cpus' */ + CPU_AND(&vm->rendezvous_req_cpus, &vm->rendezvous_req_cpus, + &vm->active_cpus); + + vcpuid = vcpu->vcpuid; + if (CPU_ISSET(vcpuid, &vm->rendezvous_req_cpus) && + !CPU_ISSET(vcpuid, &vm->rendezvous_done_cpus)) { + VMM_CTR0(vcpu, "Calling rendezvous func"); + (*vm->rendezvous_func)(vcpu, vm->rendezvous_arg); + CPU_SET(vcpuid, &vm->rendezvous_done_cpus); + } + if (CPU_CMP(&vm->rendezvous_req_cpus, + &vm->rendezvous_done_cpus) == 0) { + VMM_CTR0(vcpu, "Rendezvous completed"); + CPU_ZERO(&vm->rendezvous_req_cpus); + vm->rendezvous_func = NULL; + wakeup(&vm->rendezvous_func); + return (true); + } + return (false); +} + +static void +vcpu_wait_idle(struct vcpu *vcpu) +{ + KASSERT(vcpu->state != VCPU_IDLE, ("vcpu already idle")); + + vcpu->reqidle = 1; + vcpu_notify_event_locked(vcpu, false); + VMM_CTR1(vcpu, "vcpu state change from %s to " + "idle requested", vcpu_state2str(vcpu->state)); + msleep_spin(&vcpu->state, &vcpu->mtx, "vmstat", hz); +} + static int vcpu_set_state_locked(struct vcpu *vcpu, enum vcpu_state newstate, bool from_idle) @@ -1005,13 +1053,8 @@ vcpu_set_state_locked(struct vcpu *vcpu, enum vcpu_state newstate, * ioctl() operating on a vcpu at any point. */ if (from_idle) { - while (vcpu->state != VCPU_IDLE) { - vcpu->reqidle = 1; - vcpu_notify_event_locked(vcpu, false); - VMM_CTR1(vcpu, "vcpu state change from %s to " - "idle requested", vcpu_state2str(vcpu->state)); - msleep_spin(&vcpu->state, &vcpu->mtx, "vmstat", hz); - } + while (vcpu->state != VCPU_IDLE) + vcpu_wait_idle(vcpu); } else { KASSERT(vcpu->state != VCPU_IDLE, ("invalid transition from " "vcpu idle state")); @@ -1063,6 +1106,95 @@ vcpu_set_state_locked(struct vcpu *vcpu, enum vcpu_state newstate, return (0); } +/* + * Try to lock all of the vCPUs in the VM while taking care to avoid deadlocks + * with vm_smp_rendezvous(). + * + * The complexity here suggests that the rendezvous mechanism needs a rethink. + */ +int +vcpu_set_state_all(struct vm *vm, enum vcpu_state newstate) +{ + cpuset_t locked; + struct vcpu *vcpu; + int error, i; + uint16_t maxcpus; + + KASSERT(newstate != VCPU_IDLE, + ("vcpu_set_state_all: invalid target state %d", newstate)); + + error = 0; + CPU_ZERO(&locked); + maxcpus = vm->maxcpus; + + mtx_lock(&vm->rendezvous_mtx); +restart: + if (vm->rendezvous_func != NULL) { + /* + * If we have a pending rendezvous, then the initiator may be + * blocked waiting for other vCPUs to execute the callback. The + * current thread may be a vCPU thread so we must not block + * waiting for the initiator, otherwise we get a deadlock. + * Thus, execute the callback on behalf of any idle vCPUs. + */ + for (i = 0; i < maxcpus; i++) { + vcpu = vm_vcpu(vm, i); + if (vcpu == NULL) + continue; + vcpu_lock(vcpu); + if (vcpu->state == VCPU_IDLE) { + (void)vcpu_set_state_locked(vcpu, VCPU_FROZEN, + true); + CPU_SET(i, &locked); + } + if (CPU_ISSET(i, &locked)) { + /* + * We can safely execute the callback on this + * vCPU's behalf. + */ + vcpu_unlock(vcpu); + (void)vm_rendezvous(vcpu); + vcpu_lock(vcpu); + } + vcpu_unlock(vcpu); + } + } + + /* + * Now wait for remaining vCPUs to become idle. This may include the + * initiator of a rendezvous that is currently blocked on the rendezvous + * mutex. + */ + CPU_FOREACH_ISCLR(i, &locked) { + if (i >= maxcpus) + break; + vcpu = vm_vcpu(vm, i); + if (vcpu == NULL) + continue; + vcpu_lock(vcpu); + while (vcpu->state != VCPU_IDLE) { + mtx_unlock(&vm->rendezvous_mtx); + vcpu_wait_idle(vcpu); + vcpu_unlock(vcpu); + mtx_lock(&vm->rendezvous_mtx); + if (vm->rendezvous_func != NULL) + goto restart; + vcpu_lock(vcpu); + } + error = vcpu_set_state_locked(vcpu, newstate, true); + vcpu_unlock(vcpu); + if (error != 0) { + /* Roll back state changes. */ + CPU_FOREACH_ISSET(i, &locked) + (void)vcpu_set_state(vcpu, VCPU_IDLE, false); + break; + } + CPU_SET(i, &locked); + } + mtx_unlock(&vm->rendezvous_mtx); + return (error); +} + static void vcpu_require_state(struct vcpu *vcpu, enum vcpu_state newstate) { @@ -1084,36 +1216,23 @@ vcpu_require_state_locked(struct vcpu *vcpu, enum vcpu_state newstate) static int vm_handle_rendezvous(struct vcpu *vcpu) { - struct vm *vm = vcpu->vm; + struct vm *vm; struct thread *td; - int error, vcpuid; - error = 0; - vcpuid = vcpu->vcpuid; td = curthread; + vm = vcpu->vm; + mtx_lock(&vm->rendezvous_mtx); while (vm->rendezvous_func != NULL) { - /* 'rendezvous_req_cpus' must be a subset of 'active_cpus' */ - CPU_AND(&vm->rendezvous_req_cpus, &vm->rendezvous_req_cpus, &vm->active_cpus); - - if (CPU_ISSET(vcpuid, &vm->rendezvous_req_cpus) && - !CPU_ISSET(vcpuid, &vm->rendezvous_done_cpus)) { - VMM_CTR0(vcpu, "Calling rendezvous func"); - (*vm->rendezvous_func)(vcpu, vm->rendezvous_arg); - CPU_SET(vcpuid, &vm->rendezvous_done_cpus); - } - if (CPU_CMP(&vm->rendezvous_req_cpus, - &vm->rendezvous_done_cpus) == 0) { - VMM_CTR0(vcpu, "Rendezvous completed"); - CPU_ZERO(&vm->rendezvous_req_cpus); - vm->rendezvous_func = NULL; - wakeup(&vm->rendezvous_func); + if (vm_rendezvous(vcpu)) break; - } + VMM_CTR0(vcpu, "Wait for rendezvous completion"); mtx_sleep(&vm->rendezvous_func, &vm->rendezvous_mtx, 0, "vmrndv", hz); if (td_ast_pending(td, TDA_SUSPEND)) { + int error; + mtx_unlock(&vm->rendezvous_mtx); error = thread_check_susp(td, true); if (error != 0) diff --git a/sys/arm64/include/vmm.h b/sys/arm64/include/vmm.h index 84b286a60b38..696a69669a2a 100644 --- a/sys/arm64/include/vmm.h +++ b/sys/arm64/include/vmm.h @@ -177,7 +177,7 @@ DECLARE_VMMOPS_FUNC(int, restore_tsc, (void *vcpui, uint64_t now)); int vm_create(const char *name, struct vm **retvm); struct vcpu *vm_alloc_vcpu(struct vm *vm, int vcpuid); void vm_disable_vcpu_creation(struct vm *vm); -void vm_slock_vcpus(struct vm *vm); +void vm_lock_vcpus(struct vm *vm); void vm_unlock_vcpus(struct vm *vm); void vm_destroy(struct vm *vm); int vm_reinit(struct vm *vm); diff --git a/sys/arm64/vmm/vmm.c b/sys/arm64/vmm/vmm.c index 4f266de0cfb1..14ea26c3668c 100644 --- a/sys/arm64/vmm/vmm.c +++ b/sys/arm64/vmm/vmm.c @@ -469,9 +469,9 @@ vm_alloc_vcpu(struct vm *vm, int vcpuid) } void -vm_slock_vcpus(struct vm *vm) +vm_lock_vcpus(struct vm *vm) { - sx_slock(&vm->vcpus_init_lock); + sx_xlock(&vm->vcpus_init_lock); } void diff --git a/sys/dev/hifn/hifn7751.c b/sys/dev/hifn/hifn7751.c index 2e7545779b09..7452c00d0b21 100644 --- a/sys/dev/hifn/hifn7751.c +++ b/sys/dev/hifn/hifn7751.c @@ -586,6 +586,9 @@ hifn_attach(device_t dev) callout_init(&sc->sc_tickto, 1); callout_reset(&sc->sc_tickto, hz, hifn_tick, sc); + gone_in(16, "%s(4) is deprecated in 15.0 and removed in 16.0\n", + hifn_driver.name); + return (0); fail_intr: diff --git a/sys/dev/random/fenestrasX/fx_pool.c b/sys/dev/random/fenestrasX/fx_pool.c index 95c2d223e0de..35d06c2a9df1 100644 --- a/sys/dev/random/fenestrasX/fx_pool.c +++ b/sys/dev/random/fenestrasX/fx_pool.c @@ -127,7 +127,7 @@ static const struct fxrng_ent_cls fxrng_garbage = { */ static const struct fxrng_ent_char { const struct fxrng_ent_cls *entc_cls; -} fxrng_ent_char[ENTROPYSOURCE] = { +} fxrng_ent_char[/*ENTROPYSOURCE*/] = { [RANDOM_CACHED] = { .entc_cls = &fxrng_hi_push, }, @@ -167,13 +167,7 @@ static const struct fxrng_ent_char { [RANDOM_RANDOMDEV] = { .entc_cls = &fxrng_lo_push, }, - [RANDOM_PURE_SAFE] = { - .entc_cls = &fxrng_hi_push, - }, - [RANDOM_PURE_GLXSB] = { - .entc_cls = &fxrng_hi_push, - }, - [RANDOM_PURE_HIFN] = { + [RANDOM_PURE_TPM] = { .entc_cls = &fxrng_hi_push, }, [RANDOM_PURE_RDRAND] = { @@ -200,13 +194,29 @@ static const struct fxrng_ent_char { [RANDOM_PURE_DARN] = { .entc_cls = &fxrng_hi_pull, }, - [RANDOM_PURE_TPM] = { + [RANDOM_PURE_VMGENID] = { .entc_cls = &fxrng_hi_push, }, - [RANDOM_PURE_VMGENID] = { + [RANDOM_PURE_QUALCOMM] = { + .entc_cls = &fxrng_hi_pull, + }, + [RANDOM_PURE_ARMV8] = { + .entc_cls = &fxrng_hi_pull, + }, + [RANDOM_PURE_ARM_TRNG] = { + .entc_cls = &fxrng_hi_pull, + }, + [RANDOM_PURE_SAFE] = { + .entc_cls = &fxrng_hi_push, + }, + [RANDOM_PURE_GLXSB] = { + .entc_cls = &fxrng_hi_push, + }, + [RANDOM_PURE_HIFN] = { .entc_cls = &fxrng_hi_push, }, }; +CTASSERT(nitems(fxrng_ent_char) == ENTROPYSOURCE); /* Useful for single-bit-per-source state. */ BITSET_DEFINE(fxrng_bits, ENTROPYSOURCE); diff --git a/sys/dev/random/random_harvestq.c b/sys/dev/random/random_harvestq.c index e38fd38c310b..0e90b4d6ef9b 100644 --- a/sys/dev/random/random_harvestq.c +++ b/sys/dev/random/random_harvestq.c @@ -88,7 +88,7 @@ static void random_sources_feed(void); static __read_mostly bool epoch_inited; static __read_mostly epoch_t rs_epoch; -static const char *random_source_descr[ENTROPYSOURCE]; +static const char *random_source_descr[]; /* * How many events to queue up. We create this many items in @@ -109,6 +109,7 @@ volatile int random_kthread_control; * Updates are synchronized by the harvest mutex. */ __read_frequently u_int hc_source_mask; +CTASSERT(ENTROPYSOURCE <= sizeof(hc_source_mask) * NBBY); struct random_sources { CK_LIST_ENTRY(random_sources) rrs_entries; @@ -647,7 +648,7 @@ SYSCTL_PROC(_kern_random_harvest, OID_AUTO, mask_bin, random_print_harvestmask, "A", "Entropy harvesting mask (printable)"); -static const char *random_source_descr[ENTROPYSOURCE] = { +static const char *random_source_descr[/*ENTROPYSOURCE*/] = { [RANDOM_CACHED] = "CACHED", [RANDOM_ATTACH] = "ATTACH", [RANDOM_KEYBOARD] = "KEYBOARD", @@ -661,9 +662,7 @@ static const char *random_source_descr[ENTROPYSOURCE] = { [RANDOM_UMA] = "UMA", [RANDOM_CALLOUT] = "CALLOUT", [RANDOM_RANDOMDEV] = "RANDOMDEV", /* ENVIRONMENTAL_END */ - [RANDOM_PURE_SAFE] = "PURE_SAFE", /* PURE_START */ - [RANDOM_PURE_GLXSB] = "PURE_GLXSB", - [RANDOM_PURE_HIFN] = "PURE_HIFN", + [RANDOM_PURE_TPM] = "PURE_TPM", /* PURE_START */ [RANDOM_PURE_RDRAND] = "PURE_RDRAND", [RANDOM_PURE_RDSEED] = "PURE_RDSEED", [RANDOM_PURE_NEHEMIAH] = "PURE_NEHEMIAH", @@ -672,13 +671,16 @@ static const char *random_source_descr[ENTROPYSOURCE] = { [RANDOM_PURE_BROADCOM] = "PURE_BROADCOM", [RANDOM_PURE_CCP] = "PURE_CCP", [RANDOM_PURE_DARN] = "PURE_DARN", - [RANDOM_PURE_TPM] = "PURE_TPM", [RANDOM_PURE_VMGENID] = "PURE_VMGENID", [RANDOM_PURE_QUALCOMM] = "PURE_QUALCOMM", [RANDOM_PURE_ARMV8] = "PURE_ARMV8", [RANDOM_PURE_ARM_TRNG] = "PURE_ARM_TRNG", + [RANDOM_PURE_SAFE] = "PURE_SAFE", + [RANDOM_PURE_GLXSB] = "PURE_GLXSB", + [RANDOM_PURE_HIFN] = "PURE_HIFN", /* "ENTROPYSOURCE" */ }; +CTASSERT(nitems(random_source_descr) == ENTROPYSOURCE); static int random_print_harvestmask_symbolic(SYSCTL_HANDLER_ARGS) diff --git a/sys/dev/safe/safe.c b/sys/dev/safe/safe.c index c512f3fc62c0..21824ba8de8d 100644 --- a/sys/dev/safe/safe.c +++ b/sys/dev/safe/safe.c @@ -424,6 +424,8 @@ safe_attach(device_t dev) #ifdef SAFE_DEBUG safec = sc; /* for use by hw.safe.dump */ #endif + gone_in(16, "%s(4) is deprecated in 15.0 and removed in 16.0\n", + safe_driver.name); return (0); bad4: crypto_unregister_all(sc->sc_cid); diff --git a/sys/dev/usb/serial/u3g.c b/sys/dev/usb/serial/u3g.c index a549f93b2af1..0fc774d83ee1 100644 --- a/sys/dev/usb/serial/u3g.c +++ b/sys/dev/usb/serial/u3g.c @@ -531,6 +531,7 @@ static const STRUCT_USB_HOST_ID u3g_devs[] = { U3G_DEV(QUECTEL, RG520, 0), U3G_DEV(QUECTEL, EC200, 0), U3G_DEV(QUECTEL, EC200S, 0), + U3G_DEV(QUECTEL, EM060K, 0), U3G_DEV(QUECTEL, EC200T, 0), U3G_DEV(QUECTEL, UC200, 0), U3G_DEV(SIERRA, AC402, 0), @@ -600,6 +601,7 @@ static const STRUCT_USB_HOST_ID u3g_devs[] = { U3G_DEV(SIERRA, EM7455_2, 0), U3G_DEV(SIERRA, EM7565, 0), U3G_DEV(SIERRA, EM7565_2, 0), + U3G_DEV(SIERRA, EM7590, 0), U3G_DEV(SILABS, SAEL, U3GINIT_SAEL_M460), U3G_DEV(STELERA, C105, 0), U3G_DEV(STELERA, E1003, 0), diff --git a/sys/dev/usb/usbdevs b/sys/dev/usb/usbdevs index 2318e6bd0017..bb039f59ce19 100644 --- a/sys/dev/usb/usbdevs +++ b/sys/dev/usb/usbdevs @@ -4070,6 +4070,7 @@ product QUECTEL RG500 0x0800 Quectel RG500/RM500/RG510/RM510 product QUECTEL RG520 0x0801 Quectel RG520/RM520/SG520 product QUECTEL EC200 0x6000 Quectel EC200/UC200 product QUECTEL EC200S 0x6002 Quectel EC200S +product QUECTEL EM060K 0x6008 Quectel EM060K product QUECTEL EC200T 0x6026 Quectel EC200T product QUECTEL UC200 0x6120 Quectel UC200 @@ -4431,6 +4432,7 @@ product SIERRA EM7455 0x9078 Sierra Wireless EM7455 Qualcomm Snapdragon X7 LTE- product SIERRA EM7455_2 0x9079 Sierra Wireless EM7455 Qualcomm Snapdragon X7 LTE-A product SIERRA EM7565 0x9090 Sierra Wireless EM7565 Qualcomm Snapdragon X7 LTE-A product SIERRA EM7565_2 0x9091 Sierra Wireless EM7565 Qualcomm Snapdragon X7 LTE-A +product SIERRA EM7590 0xc081 Sierra Wireless EM7590 Qualcomm Snapdragon X7 LTE-A /* Sigmatel products */ product SIGMATEL WBT_3052 0x4200 WBT-3052 IrDA/USB Bridge diff --git a/sys/dev/virtio/virtqueue.c b/sys/dev/virtio/virtqueue.c index cc7a233d60ee..41e01549c8b2 100644 --- a/sys/dev/virtio/virtqueue.c +++ b/sys/dev/virtio/virtqueue.c @@ -580,7 +580,8 @@ virtqueue_dequeue(struct virtqueue *vq, uint32_t *len) void *cookie; uint16_t used_idx, desc_idx; - if (vq->vq_used_cons_idx == vq_htog16(vq, vq->vq_ring.used->idx)) + if (vq->vq_used_cons_idx == + vq_htog16(vq, atomic_load_16(&vq->vq_ring.used->idx))) return (NULL); used_idx = vq->vq_used_cons_idx++ & (vq->vq_nentries - 1); diff --git a/sys/dev/vmm/vmm_dev.c b/sys/dev/vmm/vmm_dev.c index 5b857a171e94..ebbceb25b69e 100644 --- a/sys/dev/vmm/vmm_dev.c +++ b/sys/dev/vmm/vmm_dev.c @@ -121,18 +121,18 @@ vcpu_unlock_one(struct vcpu *vcpu) vcpu_set_state(vcpu, VCPU_IDLE, false); } +#ifndef __amd64__ static int -vcpu_lock_all(struct vmmdev_softc *sc) +vcpu_set_state_all(struct vm *vm, enum vcpu_state newstate) { struct vcpu *vcpu; int error; uint16_t i, j, maxcpus; error = 0; - vm_slock_vcpus(sc->vm); - maxcpus = vm_get_maxcpus(sc->vm); + maxcpus = vm_get_maxcpus(vm); for (i = 0; i < maxcpus; i++) { - vcpu = vm_vcpu(sc->vm, i); + vcpu = vm_vcpu(vm, i); if (vcpu == NULL) continue; error = vcpu_lock_one(vcpu); @@ -142,16 +142,32 @@ vcpu_lock_all(struct vmmdev_softc *sc) if (error) { for (j = 0; j < i; j++) { - vcpu = vm_vcpu(sc->vm, j); + vcpu = vm_vcpu(vm, j); if (vcpu == NULL) continue; vcpu_unlock_one(vcpu); } - vm_unlock_vcpus(sc->vm); } return (error); } +#endif + +static int +vcpu_lock_all(struct vmmdev_softc *sc) +{ + int error; + + /* + * Serialize vcpu_lock_all() callers. Individual vCPUs are not locked + * in a consistent order so we need to serialize to avoid deadlocks. + */ + vm_lock_vcpus(sc->vm); + error = vcpu_set_state_all(sc->vm, VCPU_FROZEN); + if (error != 0) + vm_unlock_vcpus(sc->vm); + return (error); +} static void vcpu_unlock_all(struct vmmdev_softc *sc) diff --git a/sys/fs/fuse/fuse_internal.c b/sys/fs/fuse/fuse_internal.c index 61fe2ed032f6..eba0a8a79ff3 100644 --- a/sys/fs/fuse/fuse_internal.c +++ b/sys/fs/fuse/fuse_internal.c @@ -1063,6 +1063,8 @@ fuse_internal_init_callback(struct fuse_ticket *tick, struct uio *uio) if (!fuse_libabi_geq(data, 7, 28)) fsess_set_notimpl(data->mp, FUSE_COPY_FILE_RANGE); + if (fuse_libabi_geq(data, 7, 33) && (fiio->flags & FUSE_SETXATTR_EXT)) + data->dataflags |= FSESS_SETXATTR_EXT; out: if (err) { fdata_set_dead(data); @@ -1115,7 +1117,8 @@ fuse_internal_send_init(struct fuse_data *data, struct thread *td) */ fiii->flags = FUSE_ASYNC_READ | FUSE_POSIX_LOCKS | FUSE_EXPORT_SUPPORT | FUSE_BIG_WRITES | FUSE_WRITEBACK_CACHE - | FUSE_NO_OPEN_SUPPORT | FUSE_NO_OPENDIR_SUPPORT; + | FUSE_NO_OPEN_SUPPORT | FUSE_NO_OPENDIR_SUPPORT + | FUSE_SETXATTR_EXT; fuse_insert_callback(fdi.tick, fuse_internal_init_callback); fuse_insert_message(fdi.tick, false); diff --git a/sys/fs/fuse/fuse_ipc.h b/sys/fs/fuse/fuse_ipc.h index 3bfc859dbac9..d9d79f38c269 100644 --- a/sys/fs/fuse/fuse_ipc.h +++ b/sys/fs/fuse/fuse_ipc.h @@ -243,6 +243,7 @@ struct fuse_data { #define FSESS_MNTOPTS_MASK ( \ FSESS_DAEMON_CAN_SPY | FSESS_PUSH_SYMLINKS_IN | \ FSESS_DEFAULT_PERMISSIONS | FSESS_INTR) +#define FSESS_SETXATTR_EXT 0x8000000 /* extended fuse_setxattr_in */ extern int fuse_data_cache_mode; diff --git a/sys/fs/fuse/fuse_vnops.c b/sys/fs/fuse/fuse_vnops.c index be600b57f0a3..00ad11108ee0 100644 --- a/sys/fs/fuse/fuse_vnops.c +++ b/sys/fs/fuse/fuse_vnops.c @@ -2777,7 +2777,7 @@ fuse_vnop_setextattr(struct vop_setextattr_args *ap) strlen(ap->a_name) + 1; /* older FUSE servers use a smaller fuse_setxattr_in struct*/ - if (fuse_libabi_geq(fuse_get_mpdata(mp), 7, 33)) + if (fuse_get_mpdata(mp)->dataflags & FSESS_SETXATTR_EXT) struct_size = sizeof(*set_xattr_in); fdisp_init(&fdi, len + struct_size + uio->uio_resid); @@ -2786,7 +2786,7 @@ fuse_vnop_setextattr(struct vop_setextattr_args *ap) set_xattr_in = fdi.indata; set_xattr_in->size = uio->uio_resid; - if (fuse_libabi_geq(fuse_get_mpdata(mp), 7, 33)) { + if (fuse_get_mpdata(mp)->dataflags & FSESS_SETXATTR_EXT) { set_xattr_in->setxattr_flags = 0; set_xattr_in->padding = 0; } diff --git a/sys/fs/msdosfs/msdosfs_vnops.c b/sys/fs/msdosfs/msdosfs_vnops.c index 33e0d94954d7..6dfac1b4ebd2 100644 --- a/sys/fs/msdosfs/msdosfs_vnops.c +++ b/sys/fs/msdosfs/msdosfs_vnops.c @@ -1944,6 +1944,9 @@ msdosfs_pathconf(struct vop_pathconf_args *ap) case _PC_HAS_HIDDENSYSTEM: *ap->a_retval = 1; return (0); + case _PC_CASE_INSENSITIVE: + *ap->a_retval = 1; + return (0); default: return (vop_stdpathconf(ap)); } diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index 267b60ffb5bc..523b7e314a10 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -3047,6 +3047,8 @@ do_jail_attach(struct thread *td, struct prison *pr, int drflags) setsugid(p); #ifdef RACCT racct_proc_ucred_changed(p, oldcred, newcred); +#endif +#ifdef RCTL crhold(newcred); #endif PROC_UNLOCK(p); diff --git a/sys/kern/kern_loginclass.c b/sys/kern/kern_loginclass.c index 55db6c28a1db..0c111c4f78d8 100644 --- a/sys/kern/kern_loginclass.c +++ b/sys/kern/kern_loginclass.c @@ -225,6 +225,8 @@ sys_setloginclass(struct thread *td, struct setloginclass_args *uap) proc_set_cred(p, newcred); #ifdef RACCT racct_proc_ucred_changed(p, oldcred, newcred); +#endif +#ifdef RCTL crhold(newcred); #endif PROC_UNLOCK(p); diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index a4c5bcc52529..3c145851b683 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -696,7 +696,7 @@ kern_setcred(struct thread *const td, const u_int flags, gid_t *groups = NULL; gid_t smallgroups[CRED_SMALLGROUPS_NB]; int error; - bool cred_set; + bool cred_set = false; /* Bail out on unrecognized flags. */ if (flags & ~SETCREDF_MASK) @@ -839,17 +839,32 @@ kern_setcred(struct thread *const td, const u_int flags, if (cred_set) { setsugid(p); to_free_cred = old_cred; +#ifdef RACCT + racct_proc_ucred_changed(p, old_cred, new_cred); +#endif +#ifdef RCTL + crhold(new_cred); +#endif MPASS(error == 0); } else error = EAGAIN; unlock_finish: PROC_UNLOCK(p); + /* * Part 3: After releasing the process lock, we perform cleanups and * finishing operations. */ +#ifdef RCTL + if (cred_set) { + rctl_proc_ucred_changed(p, new_cred); + /* Paired with the crhold() just above. */ + crfree(new_cred); + } +#endif + #ifdef MAC if (mac_set_proc_data != NULL) mac_set_proc_finish(td, proc_label_set, mac_set_proc_data); @@ -982,6 +997,8 @@ sys_setuid(struct thread *td, struct setuid_args *uap) proc_set_cred(p, newcred); #ifdef RACCT racct_proc_ucred_changed(p, oldcred, newcred); +#endif +#ifdef RCTL crhold(newcred); #endif PROC_UNLOCK(p); @@ -1390,6 +1407,8 @@ sys_setreuid(struct thread *td, struct setreuid_args *uap) proc_set_cred(p, newcred); #ifdef RACCT racct_proc_ucred_changed(p, oldcred, newcred); +#endif +#ifdef RCTL crhold(newcred); #endif PROC_UNLOCK(p); @@ -1536,6 +1555,8 @@ sys_setresuid(struct thread *td, struct setresuid_args *uap) proc_set_cred(p, newcred); #ifdef RACCT racct_proc_ucred_changed(p, oldcred, newcred); +#endif +#ifdef RCTL crhold(newcred); #endif PROC_UNLOCK(p); diff --git a/sys/kern/kern_racct.c b/sys/kern/kern_racct.c index 7351e9cb6313..61e92678b54d 100644 --- a/sys/kern/kern_racct.c +++ b/sys/kern/kern_racct.c @@ -1236,16 +1236,20 @@ racct_updatepcpu_containers(void) racct_updatepcpu_post, NULL, NULL); } +static bool +racct_proc_to_skip(const struct proc *p) +{ + PROC_LOCK_ASSERT(p, MA_OWNED); + return (p->p_state != PRS_NORMAL || (p->p_flag & P_IDLEPROC) != 0); +} + static void racctd(void) { struct proc *p; - struct proc *idle; ASSERT_RACCT_ENABLED(); - idle = STAILQ_FIRST(&cpuhead)->pc_idlethread->td_proc; - for (;;) { racct_decay(); @@ -1253,12 +1257,7 @@ racctd(void) FOREACH_PROC_IN_SYSTEM(p) { PROC_LOCK(p); - if (p == idle) { - PROC_UNLOCK(p); - continue; - } - if (p->p_state != PRS_NORMAL || - (p->p_flag & P_IDLEPROC) != 0) { + if (racct_proc_to_skip(p)) { PROC_UNLOCK(p); continue; } @@ -1284,7 +1283,7 @@ racctd(void) */ FOREACH_PROC_IN_SYSTEM(p) { PROC_LOCK(p); - if (p->p_state != PRS_NORMAL) { + if (racct_proc_to_skip(p)) { PROC_UNLOCK(p); continue; } diff --git a/sys/kern/vfs_default.c b/sys/kern/vfs_default.c index 85f67731e1cc..71fe0e62d076 100644 --- a/sys/kern/vfs_default.c +++ b/sys/kern/vfs_default.c @@ -458,6 +458,7 @@ vop_stdpathconf(struct vop_pathconf_args *ap) case _PC_HAS_NAMEDATTR: case _PC_HAS_HIDDENSYSTEM: case _PC_CLONE_BLKSIZE: + case _PC_CASE_INSENSITIVE: *ap->a_retval = 0; return (0); default: diff --git a/sys/net/if_vxlan.c b/sys/net/if_vxlan.c index 03184c1fb678..f3a8410a2258 100644 --- a/sys/net/if_vxlan.c +++ b/sys/net/if_vxlan.c @@ -2533,7 +2533,7 @@ vxlan_encap4(struct vxlan_softc *sc, const union vxlan_sockaddr *fvxlsa, ifp = sc->vxl_ifp; srcaddr = sc->vxl_src_addr.in4.sin_addr; - srcport = vxlan_pick_source_port(sc, m); + srcport = htons(vxlan_pick_source_port(sc, m)); dstaddr = fvxlsa->in4.sin_addr; dstport = fvxlsa->in4.sin_port; @@ -2644,7 +2644,7 @@ vxlan_encap6(struct vxlan_softc *sc, const union vxlan_sockaddr *fvxlsa, ifp = sc->vxl_ifp; srcaddr = &sc->vxl_src_addr.in6.sin6_addr; - srcport = vxlan_pick_source_port(sc, m); + srcport = htons(vxlan_pick_source_port(sc, m)); dstaddr = &fvxlsa->in6.sin6_addr; dstport = fvxlsa->in6.sin6_port; diff --git a/sys/netipsec/ipsec_offload.c b/sys/netipsec/ipsec_offload.c index 8a09d5f37b4a..59a107881676 100644 --- a/sys/netipsec/ipsec_offload.c +++ b/sys/netipsec/ipsec_offload.c @@ -300,7 +300,7 @@ ipsec_accel_sa_newkey_cb(if_t ifp, void *arg) dprintf("ipsec_accel_sa_install_newkey: cannot alloc " "drv_spi if %s spi %#x\n", if_name(ifp), be32toh(tq->sav->spi)); - return (ENOMEM); + return (0); } error = ifp->if_ipsec_accel_m->if_sa_newkey(ifp, tq->sav, drv_spi, &priv); @@ -329,7 +329,7 @@ ipsec_accel_sa_newkey_cb(if_t ifp, void *arg) } } out: - return (error); + return (0); } static void @@ -663,7 +663,7 @@ ipsec_accel_spdadd_cb(if_t ifp, void *arg) if (error != 0) { dprintf("ipsec_accel_spdadd: %s if_spdadd %p remember res %d\n", if_name(ifp), sp, error); - return (error); + return (0); } error = ifp->if_ipsec_accel_m->if_spdadd(ifp, sp, inp, &i->ifdata); if (error != 0) { @@ -671,7 +671,7 @@ ipsec_accel_spdadd_cb(if_t ifp, void *arg) dprintf("ipsec_accel_spdadd: %s if_spdadd %p res %d\n", if_name(ifp), sp, error); } - return (error); + return (0); } static void diff --git a/sys/riscv/include/vmm.h b/sys/riscv/include/vmm.h index bc00474ed0fd..e227dd825966 100644 --- a/sys/riscv/include/vmm.h +++ b/sys/riscv/include/vmm.h @@ -149,7 +149,7 @@ DECLARE_VMMOPS_FUNC(void, vmspace_free, (struct vmspace *vmspace)); int vm_create(const char *name, struct vm **retvm); struct vcpu *vm_alloc_vcpu(struct vm *vm, int vcpuid); void vm_disable_vcpu_creation(struct vm *vm); -void vm_slock_vcpus(struct vm *vm); +void vm_lock_vcpus(struct vm *vm); void vm_unlock_vcpus(struct vm *vm); void vm_destroy(struct vm *vm); int vm_reinit(struct vm *vm); diff --git a/sys/riscv/riscv/fpe.c b/sys/riscv/riscv/fpe.c index b6c66e5e4f09..63103a794a8e 100644 --- a/sys/riscv/riscv/fpe.c +++ b/sys/riscv/riscv/fpe.c @@ -69,39 +69,39 @@ fpe_store(struct fpreg *regs) __asm __volatile( "frcsr %0 \n" - "fsd f0, (16 * 0)(%1)\n" - "fsd f1, (16 * 1)(%1)\n" - "fsd f2, (16 * 2)(%1)\n" - "fsd f3, (16 * 3)(%1)\n" - "fsd f4, (16 * 4)(%1)\n" - "fsd f5, (16 * 5)(%1)\n" - "fsd f6, (16 * 6)(%1)\n" - "fsd f7, (16 * 7)(%1)\n" - "fsd f8, (16 * 8)(%1)\n" - "fsd f9, (16 * 9)(%1)\n" - "fsd f10, (16 * 10)(%1)\n" - "fsd f11, (16 * 11)(%1)\n" - "fsd f12, (16 * 12)(%1)\n" - "fsd f13, (16 * 13)(%1)\n" - "fsd f14, (16 * 14)(%1)\n" - "fsd f15, (16 * 15)(%1)\n" - "fsd f16, (16 * 16)(%1)\n" - "fsd f17, (16 * 17)(%1)\n" - "fsd f18, (16 * 18)(%1)\n" - "fsd f19, (16 * 19)(%1)\n" - "fsd f20, (16 * 20)(%1)\n" - "fsd f21, (16 * 21)(%1)\n" - "fsd f22, (16 * 22)(%1)\n" - "fsd f23, (16 * 23)(%1)\n" - "fsd f24, (16 * 24)(%1)\n" - "fsd f25, (16 * 25)(%1)\n" - "fsd f26, (16 * 26)(%1)\n" - "fsd f27, (16 * 27)(%1)\n" - "fsd f28, (16 * 28)(%1)\n" - "fsd f29, (16 * 29)(%1)\n" - "fsd f30, (16 * 30)(%1)\n" - "fsd f31, (16 * 31)(%1)\n" - : "=&r"(fcsr), "=r"(fp_x), "=m"(*fp_x)); + "fsd f0, (16 * 0)(%2)\n" + "fsd f1, (16 * 1)(%2)\n" + "fsd f2, (16 * 2)(%2)\n" + "fsd f3, (16 * 3)(%2)\n" + "fsd f4, (16 * 4)(%2)\n" + "fsd f5, (16 * 5)(%2)\n" + "fsd f6, (16 * 6)(%2)\n" + "fsd f7, (16 * 7)(%2)\n" + "fsd f8, (16 * 8)(%2)\n" + "fsd f9, (16 * 9)(%2)\n" + "fsd f10, (16 * 10)(%2)\n" + "fsd f11, (16 * 11)(%2)\n" + "fsd f12, (16 * 12)(%2)\n" + "fsd f13, (16 * 13)(%2)\n" + "fsd f14, (16 * 14)(%2)\n" + "fsd f15, (16 * 15)(%2)\n" + "fsd f16, (16 * 16)(%2)\n" + "fsd f17, (16 * 17)(%2)\n" + "fsd f18, (16 * 18)(%2)\n" + "fsd f19, (16 * 19)(%2)\n" + "fsd f20, (16 * 20)(%2)\n" + "fsd f21, (16 * 21)(%2)\n" + "fsd f22, (16 * 22)(%2)\n" + "fsd f23, (16 * 23)(%2)\n" + "fsd f24, (16 * 24)(%2)\n" + "fsd f25, (16 * 25)(%2)\n" + "fsd f26, (16 * 26)(%2)\n" + "fsd f27, (16 * 27)(%2)\n" + "fsd f28, (16 * 28)(%2)\n" + "fsd f29, (16 * 29)(%2)\n" + "fsd f30, (16 * 30)(%2)\n" + "fsd f31, (16 * 31)(%2)\n" + : "=&r"(fcsr), "=m"(*fp_x) : "r"(fp_x)); regs->fp_fcsr = fcsr; } diff --git a/sys/riscv/vmm/vmm.c b/sys/riscv/vmm/vmm.c index fda444d6461b..a9eb9d144336 100644 --- a/sys/riscv/vmm/vmm.c +++ b/sys/riscv/vmm/vmm.c @@ -319,10 +319,6 @@ vm_alloc_vcpu(struct vm *vm, int vcpuid) if (vcpuid < 0 || vcpuid >= vm_get_maxcpus(vm)) return (NULL); - /* Some interrupt controllers may have a CPU limit */ - if (vcpuid >= aplic_max_cpu_count(vm->cookie)) - return (NULL); - vcpu = (struct vcpu *) atomic_load_acq_ptr((uintptr_t *)&vm->vcpu[vcpuid]); if (__predict_true(vcpu != NULL)) @@ -346,9 +342,9 @@ vm_alloc_vcpu(struct vm *vm, int vcpuid) } void -vm_slock_vcpus(struct vm *vm) +vm_lock_vcpus(struct vm *vm) { - sx_slock(&vm->vcpus_init_lock); + sx_xlock(&vm->vcpus_init_lock); } void diff --git a/sys/riscv/vmm/vmm_aplic.c b/sys/riscv/vmm/vmm_aplic.c index 4df41f2de1a5..74cb4fef4273 100644 --- a/sys/riscv/vmm/vmm_aplic.c +++ b/sys/riscv/vmm/vmm_aplic.c @@ -577,13 +577,3 @@ aplic_sync_hwstate(struct hypctx *hypctx) { } - -int -aplic_max_cpu_count(struct hyp *hyp) -{ - int16_t max_count; - - max_count = vm_get_maxcpus(hyp->vm); - - return (max_count); -} diff --git a/sys/riscv/vmm/vmm_aplic.h b/sys/riscv/vmm/vmm_aplic.h index 49510221b419..96018fe9adda 100644 --- a/sys/riscv/vmm/vmm_aplic.h +++ b/sys/riscv/vmm/vmm_aplic.h @@ -49,6 +49,5 @@ void aplic_cpuinit(struct hypctx *hypctx); void aplic_cpucleanup(struct hypctx *hypctx); void aplic_flush_hwstate(struct hypctx *hypctx); void aplic_sync_hwstate(struct hypctx *hypctx); -int aplic_max_cpu_count(struct hyp *hyp); #endif /* !_VMM_APLIC_H_ */ diff --git a/sys/sys/random.h b/sys/sys/random.h index af6b1e117423..64f2a1e1b40c 100644 --- a/sys/sys/random.h +++ b/sys/sys/random.h @@ -89,9 +89,7 @@ enum random_entropy_source { RANDOM_ENVIRONMENTAL_END = RANDOM_RANDOMDEV, /* Fast hardware random-number sources from here on. */ RANDOM_PURE_START, - RANDOM_PURE_SAFE = RANDOM_PURE_START, - RANDOM_PURE_GLXSB, - RANDOM_PURE_HIFN, + RANDOM_PURE_TPM = RANDOM_PURE_START, RANDOM_PURE_RDRAND, RANDOM_PURE_RDSEED, RANDOM_PURE_NEHEMIAH, @@ -100,11 +98,13 @@ enum random_entropy_source { RANDOM_PURE_BROADCOM, RANDOM_PURE_CCP, RANDOM_PURE_DARN, - RANDOM_PURE_TPM, RANDOM_PURE_VMGENID, RANDOM_PURE_QUALCOMM, RANDOM_PURE_ARMV8, RANDOM_PURE_ARM_TRNG, + RANDOM_PURE_SAFE, + RANDOM_PURE_GLXSB, + RANDOM_PURE_HIFN, ENTROPYSOURCE }; _Static_assert(ENTROPYSOURCE <= 32, diff --git a/sys/sys/unistd.h b/sys/sys/unistd.h index 5743dc1c8033..29adf6b59425 100644 --- a/sys/sys/unistd.h +++ b/sys/sys/unistd.h @@ -160,6 +160,7 @@ #define _PC_XATTR_EXISTS _PC_HAS_NAMEDATTR /* Solaris Compatible */ #define _PC_HAS_HIDDENSYSTEM 68 #define _PC_CLONE_BLKSIZE 69 +#define _PC_CASE_INSENSITIVE 70 #endif /* From OpenSolaris, used by SEEK_DATA/SEEK_HOLE. */ diff --git a/tests/sys/fs/fusefs/bad_server.cc b/tests/sys/fs/fusefs/bad_server.cc index af2ca146e431..825523cac2bb 100644 --- a/tests/sys/fs/fusefs/bad_server.cc +++ b/tests/sys/fs/fusefs/bad_server.cc @@ -64,6 +64,11 @@ TEST_F(BadServer, ShortWrite) out.header.error = 0; out.header.unique = 0; // Asynchronous notification out.expected_errno = EINVAL; + /* + * Tell the event loop to quit. The kernel will disconnect us + * because of the short write. + */ + m_mock->m_expect_unmount = true; m_mock->write_response(out); } @@ -93,7 +98,7 @@ TEST_F(BadServer, ErrorWithPayload) out.push_back(std::move(out1)); // The kernel may disconnect us for bad behavior, so don't try - // to read any more. + // to read or write any more. m_mock->m_quit = true; })); diff --git a/tests/sys/fs/fusefs/mockfs.cc b/tests/sys/fs/fusefs/mockfs.cc index 55c191716629..b6a32d9b60af 100644 --- a/tests/sys/fs/fusefs/mockfs.cc +++ b/tests/sys/fs/fusefs/mockfs.cc @@ -433,7 +433,8 @@ MockFS::MockFS(int max_read, int max_readahead, bool allow_other, m_child_pid(-1), m_maxwrite(MIN(max_write, max_max_write)), m_nready(-1), - m_quit(false) + m_quit(false), + m_expect_unmount(false) { struct sigaction sa; struct iovec *iov = NULL; @@ -979,7 +980,7 @@ void MockFS::read_request(mockfs_buf_in &in, ssize_t &res) { } res = read(m_fuse_fd, &in, sizeof(in)); - if (res < 0 && !m_quit) { + if (res < 0 && errno != EBADF && !m_quit && !m_expect_unmount) { m_quit = true; FAIL() << "read: " << strerror(errno); } diff --git a/tests/sys/fs/fusefs/mockfs.hh b/tests/sys/fs/fusefs/mockfs.hh index 4b0628d34dd7..f98a5337c9d1 100644 --- a/tests/sys/fs/fusefs/mockfs.hh +++ b/tests/sys/fs/fusefs/mockfs.hh @@ -360,6 +360,9 @@ class MockFS { /* Tell the daemon to shut down ASAP */ bool m_quit; + /* Tell the daemon that the server might forcibly unmount us */ + bool m_expect_unmount; + /* Create a new mockfs and mount it to a tempdir */ MockFS(int max_read, int max_readahead, bool allow_other, bool default_permissions, bool push_symlinks_in, bool ro, diff --git a/tests/sys/fs/fusefs/xattr.cc b/tests/sys/fs/fusefs/xattr.cc index 0ab203c96254..afeacd4a249e 100644 --- a/tests/sys/fs/fusefs/xattr.cc +++ b/tests/sys/fs/fusefs/xattr.cc @@ -100,7 +100,11 @@ void expect_removexattr(uint64_t ino, const char *attr, int error) ).WillOnce(Invoke(ReturnErrno(error))); } -void expect_setxattr(uint64_t ino, const char *attr, const char *value, +/* + * Expect a FUSE_SETXATTR request in the format used by protocol 7.33 and + * later, with the FUSE_SETXATTR_EXT bit set. + */ +void expect_setxattr_ext(uint64_t ino, const char *attr, const char *value, ProcessMockerT r) { EXPECT_CALL(*m_mock, process( @@ -119,16 +123,10 @@ void expect_setxattr(uint64_t ino, const char *attr, const char *value, ).WillOnce(Invoke(r)); } -}; - -class Xattr_7_32:public FuseTest { -public: -virtual void SetUp() -{ - m_kernel_minor_version = 32; - FuseTest::SetUp(); -} - +/* + * Expect a FUSE_SETXATTR request in the format used by protocol 7.32 and + * earlier. + */ void expect_setxattr_7_32(uint64_t ino, const char *attr, const char *value, ProcessMockerT r) { @@ -148,6 +146,15 @@ void expect_setxattr_7_32(uint64_t ino, const char *attr, const char *value, } }; +class Xattr_7_32: public Xattr { +public: +virtual void SetUp() +{ + m_kernel_minor_version = 32; + Xattr::SetUp(); +} +}; + class Getxattr: public Xattr {}; class Listxattr: public Xattr {}; @@ -182,6 +189,13 @@ void TearDown() { class Removexattr: public Xattr {}; class Setxattr: public Xattr {}; +class SetxattrExt: public Setxattr { +public: +virtual void SetUp() { + m_init_flags |= FUSE_SETXATTR_EXT; + Setxattr::SetUp(); +} +}; class Setxattr_7_32:public Xattr_7_32 {}; class RofsXattr: public Xattr { public: @@ -773,7 +787,7 @@ TEST_F(Setxattr, enosys) ssize_t r; expect_lookup(RELPATH, ino, S_IFREG | 0644, 0, 2); - expect_setxattr(ino, "user.foo", value, ReturnErrno(ENOSYS)); + expect_setxattr_7_32(ino, "user.foo", value, ReturnErrno(ENOSYS)); r = extattr_set_file(FULLPATH, ns, "foo", (const void*)value, value_len); @@ -800,7 +814,7 @@ TEST_F(Setxattr, enotsup) ssize_t r; expect_lookup(RELPATH, ino, S_IFREG | 0644, 0, 1); - expect_setxattr(ino, "user.foo", value, ReturnErrno(ENOTSUP)); + expect_setxattr_7_32(ino, "user.foo", value, ReturnErrno(ENOTSUP)); r = extattr_set_file(FULLPATH, ns, "foo", (const void*)value, value_len); @@ -820,7 +834,7 @@ TEST_F(Setxattr, user) ssize_t r; expect_lookup(RELPATH, ino, S_IFREG | 0644, 0, 1); - expect_setxattr(ino, "user.foo", value, ReturnErrno(0)); + expect_setxattr_7_32(ino, "user.foo", value, ReturnErrno(0)); r = extattr_set_file(FULLPATH, ns, "foo", (const void*)value, value_len); @@ -839,7 +853,7 @@ TEST_F(Setxattr, system) ssize_t r; expect_lookup(RELPATH, ino, S_IFREG | 0644, 0, 1); - expect_setxattr(ino, "system.foo", value, ReturnErrno(0)); + expect_setxattr_7_32(ino, "system.foo", value, ReturnErrno(0)); r = extattr_set_file(FULLPATH, ns, "foo", (const void*)value, value_len); @@ -847,6 +861,10 @@ TEST_F(Setxattr, system) } +/* + * For servers using protocol 7.32 and older, the kernel should use the older + * FUSE_SETXATTR format. + */ TEST_F(Setxattr_7_32, ok) { uint64_t ino = 42; @@ -863,6 +881,25 @@ TEST_F(Setxattr_7_32, ok) ASSERT_EQ(value_len, r) << strerror(errno); } +/* + * Successfully set a user attribute using the extended format + */ +TEST_F(SetxattrExt, user) +{ + uint64_t ino = 42; + const char value[] = "whatever"; + ssize_t value_len = strlen(value) + 1; + int ns = EXTATTR_NAMESPACE_USER; + ssize_t r; + + expect_lookup(RELPATH, ino, S_IFREG | 0644, 0, 1); + expect_setxattr_ext(ino, "user.foo", value, ReturnErrno(0)); + + r = extattr_set_file(FULLPATH, ns, "foo", (const void*)value, + value_len); + ASSERT_EQ(value_len, r) << strerror(errno); +} + TEST_F(RofsXattr, deleteextattr_erofs) { uint64_t ino = 42; diff --git a/usr.bin/cut/cut.1 b/usr.bin/cut/cut.1 index 4f5b7b9bb9a5..42a1726e6e24 100644 --- a/usr.bin/cut/cut.1 +++ b/usr.bin/cut/cut.1 @@ -1,3 +1,6 @@ +.\" +.\" SPDX-License-Identifier: BSD-3-Clause +.\" .\" Copyright (c) 1989, 1990, 1993 .\" The Regents of the University of California. All rights reserved. .\" @@ -86,7 +89,7 @@ It is not an error to select columns or fields not present in the input line. .Pp The options are as follows: -.Bl -tag -width indent +.Bl -tag -width "-d delim" .It Fl b Ar list The .Ar list diff --git a/usr.sbin/cron/lib/env.c b/usr.sbin/cron/lib/env.c index 287dd8636293..5a2d7ad60756 100644 --- a/usr.sbin/cron/lib/env.c +++ b/usr.sbin/cron/lib/env.c @@ -55,7 +55,7 @@ env_copy(char **envp) for (count = 0; envp[count] != NULL; count++) ; - p = (char **) malloc((count+1) * sizeof(char *)); /* 1 for the NULL */ + p = (char **) reallocarray(NULL, count+1, sizeof(char *)); /* 1 for the NULL */ if (p == NULL) { errno = ENOMEM; return NULL; @@ -112,8 +112,7 @@ env_set(char **envp, char *envstr) * one, save our string over the old null pointer, and return resized * array. */ - p = (char **) realloc((void *) envp, - (unsigned) ((count+1) * sizeof(char *))); + p = (char **) reallocarray(envp, count+1, sizeof(char *)); if (p == NULL) { /* XXX env_free(envp); */ errno = ENOMEM; diff --git a/usr.sbin/sysrc/sysrc.8 b/usr.sbin/sysrc/sysrc.8 index bdf3353c2cf9..cb32f72ea587 100644 --- a/usr.sbin/sysrc/sysrc.8 +++ b/usr.sbin/sysrc/sysrc.8 @@ -1,3 +1,6 @@ +.\" +.\" SPDX-License-Identifier: BSD-2-Clause +.\" .\" Copyright (c) 2011-2016 Devin Teske .\" All rights reserved. .\" @@ -408,62 +411,52 @@ and .It Pa /usr/local/etc/rc.conf.d/name/* .El .Sh EXAMPLES -Below are some simple examples of how -.Nm -can be used to query certain values from the -.Xr rc.conf 5 -collection of system configuration files: -.Pp -.Nm -sshd_enable -.Dl returns the value of $sshd_enable, usually YES or NO . +.Ss Working with rc.conf files +Ask the value of +.Cm sshd_enable , +usually YES or NO: +.Dl sysrc sshd_enable .Pp -.Nm -defaultrouter -.Dl returns IP address of default router Pq if configured . -.Pp -Working on other files, such as +Return the IP address of default router +.Pq if configured : +.Dl sysrc defaultrouter +.Ss Working with other files +Return the value of the MAILTO setting, if configured, from .Xr crontab 5 : +.Dl sysrc -f /etc/crontab MAILTO .Pp -.Nm --f /etc/crontab MAILTO -.Dl returns the value of the MAILTO setting Pq if configured . -.Pp -Appending to existing values: -.Pp -.Nm -\&cloned_interfaces+=gif0 -.Dl appends Qo gif0 Qc to $cloned_interfaces Pq see APPENDING VALUES . -.Pp -.Nm -\&cloned_interfaces-=gif0 -.Dl removes Qo gif0 Qc from $cloned_interfaces Pq see SUBTRACTING VALUES . -.Pp -In addition to the above syntax, -.Nm -also supports inline -.Xr sh 1 -PARAMETER expansion for changing the way values are reported, shown below: +Append +.Dq gif0 +to $cloned_interfaces +.Pq see Sx APPENDING VALUES : +.Dl sysrc cloned_interfaces+=gif0 .Pp -.Nm -\&'hostname%%.*' -.Dl returns $hostname up to (but not including) first `.' . +Remove +.Dq gif0 +from $cloned_interfaces +.Pq see Sx SUBTRACTING VALUES : +.Dl sysrc cloned_interfaces-=gif0 +.Ss Inline shell parameter expansion +Return $hostname up to, but not including, first +.Ql \&. : +.Dl sysrc 'hostname%%.*' .Pp -.Nm -\&'network_interfaces%%[$IFS]*' -.Dl returns first word of $network_interfaces . +Return first word of $network_interfaces: +.Dl sysrc 'network_interfaces%%[$IFS]*' .Pp -.Nm -\&'ntpdate_flags##*[$IFS]' -.Dl returns last word of $ntpdate_flags (time server address) . +Return last word of $ntpdate_flags +.Pq time server address : +.Dl sysrc 'ntpdate_flags##*[$IFS]' .Pp -.Nm -usbd_flags-"default" -.Dl returns $usbd_flags or "default" if unset or NULL . +Return $usbd_flags or +.Dq default +if unset or NULL: +.Dl sysrc usbd_flags-"default" .Pp -.Nm -cloned_interfaces+"alternate" -.Dl returns "alternate" if $cloned_interfaces is set . +Return +.Dq alternate +if $cloned_interfaces is set: +.Dl sysrc cloned_interfaces+"alternate" .Sh SEE ALSO .Xr rc.conf 5 , .Xr jail 8 , |