Revision tags: vendor/file/5.42, vendor/llvm-project/llvmorg-15-init-15358-g53dc0f107877, vendor/openssl/1.1.1p, vendor/bc/5.3.3, vendor/bc/5.3.2, vendor/llvm-project/llvmorg-14.0.5-0-gc12386ae247c, vendor/bc/5.3.1, vendor/bc/5.3.0, vendor/unbound/1.16.0, vendor/llvm-project/llvmorg-14.0.4-0-g29f1039a7285, vendor/sqlite3/sqlite-3380500, release/13.1.0, upstream/13.1.0, vendor/bc/5.2.5, vendor/openssl/1.1.1o, vendor/llvm-project/llvmorg-14.0.2-0-g0e27d08cdeb3, vendor/llvm-project/llvmorg-14.0.3-0-g1f9140064dfb, vendor/NetBSD/bmake/20220418, vendor/bearssl/20220418, vendor/bc/5.2.4, vendor/NetBSD/libedit/2022-04-11 |
|
#
f328c46f |
| 13-Apr-2022 |
John Baldwin <jhb@FreeBSD.org> |
TCP sysctl handlers: fin and lin are only used for INET.
|
#
700a395c |
| 13-Apr-2022 |
John Baldwin <jhb@FreeBSD.org> |
tcp_log_vain/addrs: Use a const pointer for the IPv4 header.
The pointer to the IPv6 header was already const.
|
#
13ec6858 |
| 13-Apr-2022 |
John Baldwin <jhb@FreeBSD.org> |
tcp_log_addr: ip is only used for INET.
|
#
742e7210 |
| 11-Apr-2022 |
Kristof Provost <kp@FreeBSD.org> |
udp: allow udp_tun_func_t() to indicate it did not eat the packet
Allow udp tunnel functions to indicate they have not taken ownership of the packet, and that normal UDP processing should continue.
udp: allow udp_tun_func_t() to indicate it did not eat the packet
Allow udp tunnel functions to indicate they have not taken ownership of the packet, and that normal UDP processing should continue.
This is especially useful for scenarios where the kernel has taken ownership of a socket that was originally created by userspace. It allows the tunnel function to pass through certain packets for userspace processing.
The primary user of this is if_ovpn, when it receives messages from unknown peers (which might be a new client).
Reviewed by: tuexen Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D34883
show more ...
|
Revision tags: vendor/openssh/9.0p1, vendor/NetBSD/bmake/20220330, vendor/acpica/20220331, vendor/zlib/1.2.12, vendor/llvm-project/llvmorg-14.0.0-2-g3f43d803382d, vendor/heimdal/7.7.0, vendor/expat/2.4.7, vendor/llvm-project/llvmorg-14.0.0-rc4-2-gadd3ab7f4c8a, vendor/tzdata/tzdata2022a, vendor/openssl/1.1.1n, vendor/bsddialog/0.2, vendor/libcxxrt/2022-03-09-fd484be8d1e94a1fcf6bc5c67e5c07b65ada19b6, vendor/bc/5.2.3, vendor/llvm-project/llvmorg-14.0.0-rc2-12-g09546e1b5103, vendor/expat/2.4.6, vendor/openssh/8.9p1 |
|
#
ea9017fb |
| 21-Feb-2022 |
Randall Stewart <rrs@FreeBSD.org> |
tcp: Congestion control move to using reference counting.
In the transport call on 12/3 Gleb asked to move the CC modules towards using reference counting to prevent folks from unloading a module in
tcp: Congestion control move to using reference counting.
In the transport call on 12/3 Gleb asked to move the CC modules towards using reference counting to prevent folks from unloading a module in use. It was also agreed that Michael would do a user space utility like tcp_drop that could be used to move all connections that are using a specific CC to some other CC.
This is the half I committed to doing, making it so that we maintain a refcount on a cc module every time a pcb refers to it and decrementing that every time a pcb no longer uses a cc module. This also helps us simplify the whole unloading process by getting rid of tcp_ccunload() which munged through all the tcb's. Instead we mark a module as being removed and prevent further references to it. We also make sure that if a module is marked as being removed it cannot be made as the default and also the opposite of that, if its a default it fails and does not mark it as being removed.
Reviewed by: Michael Tuexen, Gleb Smirnoff Sponsored by: Netflix Inc. Differential Revision: https://reviews.freebsd.org/D33249
show more ...
|
Revision tags: vendor/llvm-project/llvmorg-13.0.1-0-g75e33f71c2da, vendor/llvm-project/llvmorg-14.0.0-rc1-74-g4dc3cb8e3255, vendor/unbound/1.15.0, vendor/NetBSD/bmake/20220208 |
|
#
a35bdd44 |
| 09-Feb-2022 |
Michael Tuexen <tuexen@FreeBSD.org> |
tcp: add sysctl interface for setting socket options
This interface allows to set a socket option on a TCP endpoint, which is specified by its inp_gencnt. This interface will be used in an upcoming
tcp: add sysctl interface for setting socket options
This interface allows to set a socket option on a TCP endpoint, which is specified by its inp_gencnt. This interface will be used in an upcoming command line tool tcpsso.
Reviewed by: glebius, rrs Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D34138
show more ...
|
Revision tags: vendor/bc/5.2.2, vendor/NetBSD/bmake/20220204, vendor/llvm-project/llvmorg-14-init-18315-g190be5457c90, vendor/llvm-project/llvmorg-14-init-18294-gdb01b123d012 |
|
#
1ebf4607 |
| 03-Feb-2022 |
Richard Scheffenegger <rscheff@FreeBSD.org> |
tcp: Access all 12 TCP header flags via inline function
In order to consistently provide access to all (including reserved) TCP header flag bits, use an accessor function tcp_get_flags and tcp_set_f
tcp: Access all 12 TCP header flags via inline function
In order to consistently provide access to all (including reserved) TCP header flag bits, use an accessor function tcp_get_flags and tcp_set_flags. Also expand any flag variable from uint8_t / char to uint16_t.
Reviewed By: hselasky, tuexen, glebius, #transport Sponsored by: NetApp, Inc. Differential Revision: https://reviews.freebsd.org/D34130
show more ...
|
Revision tags: vendor/terminus/terminus-font-4.49.1, vendor/bsddialog/0.1, vendor/llvm-project/llvmorg-14-init-17616-g024a1fab5c35, vendor/dma/2022-01-27, vendor/ena-com/2.5.0, vendor/wpa/2.10, vendor/expat/2.4.3, vendor/sqlite3/sqlite-3370200, vendor/wpa/gb26f5c0fe, vendor/sqlite3/sqlite-3370100 |
|
#
fec8a8c7 |
| 03-Jan-2022 |
Gleb Smirnoff <glebius@FreeBSD.org> |
inpcb: use global UMA zones for protocols
Provide structure inpcbstorage, that holds zones and lock names for a protocol. Initialize it with global protocol init using macro INPCBSTORAGE_DEFINE().
inpcb: use global UMA zones for protocols
Provide structure inpcbstorage, that holds zones and lock names for a protocol. Initialize it with global protocol init using macro INPCBSTORAGE_DEFINE(). Then, at VNET protocol init supply it as the main argument to the in_pcbinfo_init(). Each VNET pcbinfo uses its private hash, but they all use same zone to allocate and SMR section to synchronize.
Note: there is kern.ipc.maxsockets sysctl, which controls UMA limit on the socket zone, which was always global. Historically same maxsockets value is applied also to every PCB zone. Important fact: you can't create a pcb without a socket! A pcb may outlive its socket, however. Given that there are multiple protocols, and only one socket zone, the per pcb zone limits seem to have little value. Under very special conditions it may trigger a little bit earlier than socket zone limit, but in most setups the socket zone limit will be triggered earlier. When VIMAGE was added to the kernel PCB zones became per-VNET. This magnified existing disbalance further: now we have multiple pcb zones in multiple vnets limited to maxsockets, but every pcb requires a socket allocated from the global zone also limited by maxsockets. IMHO, this per pcb zone limit doesn't bring any value, so this patch drops it. If anybody explains value of this limit, it can be restored very easy - just 2 lines change to in_pcbstorage_init().
Differential revision: https://reviews.freebsd.org/D33542
show more ...
|
#
89128ff3 |
| 03-Jan-2022 |
Gleb Smirnoff <glebius@FreeBSD.org> |
protocols: init with standard SYSINIT(9) or VNET_SYSINIT
The historical BSD network stack loop that rolls over domains and over protocols has no advantages over more modern SYSINIT(9). While doing t
protocols: init with standard SYSINIT(9) or VNET_SYSINIT
The historical BSD network stack loop that rolls over domains and over protocols has no advantages over more modern SYSINIT(9). While doing the sweep, split global and per-VNET initializers.
Getting rid of pr_init allows to achieve several things: o Get rid of ifdef's that protect against double foo_init() when both INET and INET6 are compiled in. o Isolate initializers statically to the module they init. o Makes code easier to understand and maintain.
Reviewed by: melifaro Differential revision: https://reviews.freebsd.org/D33537
show more ...
|
Revision tags: vendor/file/5.41 |
|
#
a370832b |
| 26-Dec-2021 |
Gleb Smirnoff <glebius@FreeBSD.org> |
tcp: remove delayed drop KPI
No longer needed after tcp_output() can ask caller to drop.
Reviewed by: rrs, tuexen Differential revision: https://reviews.freebsd.org/D33371
|
#
f64dc2ab |
| 26-Dec-2021 |
Gleb Smirnoff <glebius@FreeBSD.org> |
tcp: TCP output method can request tcp_drop
The advanced TCP stacks (bbr, rack) may decide to drop a TCP connection when they do output on it. The default stack never does this, thus existing frame
tcp: TCP output method can request tcp_drop
The advanced TCP stacks (bbr, rack) may decide to drop a TCP connection when they do output on it. The default stack never does this, thus existing framework expects tcp_output() always to return locked and valid tcpcb.
Provide KPI extension to satisfy demands of advanced stacks. If the output method returns negative error code, it means that caller must call tcp_drop().
In tcp_var() provide three inline methods to call tcp_output(): - tcp_output() is a drop-in replacement for the default stack, so that default stack can continue using it internally without modifications. For advanced stacks it would perform tcp_drop() and unlock and report that with negative error code. - tcp_output_unlock() handles the negative code and always converts it to positive and always unlocks. - tcp_output_nodrop() just calls the method and leaves the responsibility to drop on the caller.
Sweep over the advanced stacks and use new KPI instead of using HPTS delayed drop queue for that.
Reviewed by: rrs, tuexen Differential revision: https://reviews.freebsd.org/D33370
show more ...
|
#
40fa3e40 |
| 26-Dec-2021 |
Gleb Smirnoff <glebius@FreeBSD.org> |
tcp: mechanically substitute call to tfb_tcp_output to new method.
Made with sed(1) execution:
sed -Ef sed -i "" $(grep --exclude tcp_var.h -lr tcp_output sys/)
sed: s/tp->t_fb->tfb_tcp_output\(tp
tcp: mechanically substitute call to tfb_tcp_output to new method.
Made with sed(1) execution:
sed -Ef sed -i "" $(grep --exclude tcp_var.h -lr tcp_output sys/)
sed: s/tp->t_fb->tfb_tcp_output\(tp\)/tcp_output(tp)/ s/to tfb_tcp_output\(\)/to tcp_output()/
Reviewed by: rrs, tuexen Differential revision: https://reviews.freebsd.org/D33366
show more ...
|
#
5b08b46a |
| 26-Dec-2021 |
Gleb Smirnoff <glebius@FreeBSD.org> |
tcp: welcome back tcp_output() as the right way to run output on tcpcb.
Reviewed by: rrs, tuexen Differential revision: https://reviews.freebsd.org/D33365
|
Revision tags: vendor/llvm-project/llvmorg-14-init-13186-g0c553cc1af2e, vendor/bsddialog/0.0.2, vendor/NetBSD/bmake/20211212, vendor/openssl/1.1.1m, vendor/unbound/1.14.0, vendor/bsddialog/0.0.1 |
|
#
c2c8e360 |
| 04-Dec-2021 |
Alexander V. Chernikov <melifaro@FreeBSD.org> |
tcp: virtualise net.inet.tcp.msl sysctl.
VNET teardown waits 2*MSL (60 seconds by default) before expiring tcp PCBs. These PCBs holds references to nexthops, which, in turn, reference ifnets. This
tcp: virtualise net.inet.tcp.msl sysctl.
VNET teardown waits 2*MSL (60 seconds by default) before expiring tcp PCBs. These PCBs holds references to nexthops, which, in turn, reference ifnets. This chain results in VNET interfaces being destroyed and moved to default VNET only after 60 seconds. Allow tcp_msl to be set in jail by virtualising net.inet.tcp.msl sysctl, permitting more predictable VNET tests outcomes.
MFC after: 1 week Reviewed by: glebius Differential Revision: https://reviews.freebsd.org/D33270
show more ...
|
#
75add59a |
| 17-Dec-2021 |
Gleb Smirnoff <glebius@FreeBSD.org> |
tcp: allocate statistics in the main tcp_init()
No reason to have a separate SYSINIT.
|
#
36f42c5e |
| 03-Dec-2021 |
Gleb Smirnoff <glebius@FreeBSD.org> |
tcp_ccalgounload(): initialize the inpcb iterator when curvnet is set
Pointy hat to: glebius Fixes: de2d47842e88
|
Revision tags: vendor/unbound/1.14.0rc1 |
|
#
12ae3476 |
| 03-Dec-2021 |
Gleb Smirnoff <glebius@FreeBSD.org> |
tcp_drain(): initialize the inpcb iterator when curvnet is set
Reported by: cy Pointy hat to: glebius Fixes: de2d47842e88
|
#
db0ac6de |
| 02-Dec-2021 |
Cy Schubert <cy@FreeBSD.org> |
Revert "wpa: Import wpa_supplicant/hostapd commit 14ab4a816"
This reverts commit 266f97b5e9a7958e365e78288616a459b40d924a, reversing changes made to a10253cffea84c0c980a36ba6776b00ed96c3e3b.
A mism
Revert "wpa: Import wpa_supplicant/hostapd commit 14ab4a816"
This reverts commit 266f97b5e9a7958e365e78288616a459b40d924a, reversing changes made to a10253cffea84c0c980a36ba6776b00ed96c3e3b.
A mismerge of a merge to catch up to main resulted in files being committed which should not have been.
show more ...
|
Revision tags: vendor/llvm-project/llvmorg-14-init-11187-g222442ec2d71 |
|
#
2e27230f |
| 02-Dec-2021 |
Gleb Smirnoff <glebius@FreeBSD.org> |
tcp_hpts: rewrite inpcb synchronization
Just trust the pcb database, that if we did in_pcbref(), no way an inpcb can go away. And if we never put a dropped inpcb on our queue, and tcp_discardcb() a
tcp_hpts: rewrite inpcb synchronization
Just trust the pcb database, that if we did in_pcbref(), no way an inpcb can go away. And if we never put a dropped inpcb on our queue, and tcp_discardcb() always removes an inpcb to be dropped from the queue, then any inpcb on the queue is valid.
Now, to solve LOR between inpcb lock and HPTS queue lock do the following trick. When we are about to process a certain time slot, take the full queue of the head list into on stack list, drop the HPTS lock and work on our queue. This of course opens a race when an inpcb is being removed from the on stack queue, which was already mentioned in comments. To address this race introduce generation count into queues. If we want to remove an inpcb with generation count mismatch, we can't do that, we can only mark it with desired new time slot or -1 for remove.
Reviewed by: rrs Differential revision: https://reviews.freebsd.org/D33026
show more ...
|
#
f971e791 |
| 02-Dec-2021 |
Gleb Smirnoff <glebius@FreeBSD.org> |
tcp_hpts: rename input queue to drop queue and trim dead code
The HPTS input queue is in reality used only for "delayed drops". When a TCP stack decides to drop a connection on the output path it ca
tcp_hpts: rename input queue to drop queue and trim dead code
The HPTS input queue is in reality used only for "delayed drops". When a TCP stack decides to drop a connection on the output path it can't do that due to locking protocol between main tcp_output() and stacks. So, rack/bbr utilize HPTS to drop the connection in a different context.
In the past the queue could also process input packets in context of HPTS thread, but now no stack uses this, so remove this functionality.
Reviewed by: rrs Differential revision: https://reviews.freebsd.org/D33025
show more ...
|
#
de2d4784 |
| 02-Dec-2021 |
Gleb Smirnoff <glebius@FreeBSD.org> |
SMR protection for inpcbs
With introduction of epoch(9) synchronization to network stack the inpcb database became protected by the network epoch together with static network data (interfaces, addre
SMR protection for inpcbs
With introduction of epoch(9) synchronization to network stack the inpcb database became protected by the network epoch together with static network data (interfaces, addresses, etc). However, inpcb aren't static in nature, they are created and destroyed all the time, which creates some traffic on the epoch(9) garbage collector.
Fairly new feature of uma(9) - Safe Memory Reclamation allows to safely free memory in page-sized batches, with virtually zero overhead compared to uma_zfree(). However, unlike epoch(9), it puts stricter requirement on the access to the protected memory, needing the critical(9) section to access it. Details:
- The database is already build on CK lists, thanks to epoch(9). - For write access nothing is changed. - For a lookup in the database SMR section is now required. Once the desired inpcb is found we need to transition from SMR section to r/w lock on the inpcb itself, with a check that inpcb isn't yet freed. This requires some compexity, since SMR section itself is a critical(9) section. The complexity is hidden from KPI users in inp_smr_lock(). - For a inpcb list traversal (a pcblist sysctl, or broadcast notification) also a new KPI is provided, that hides internals of the database - inp_next(struct inp_iterator *).
Reviewed by: rrs Differential revision: https://reviews.freebsd.org/D33022
show more ...
|
Revision tags: release/12.3.0, upstream/12.3.0, vendor/wpa/g14ab4a816, vendor/bc/5.2.1, vendor/bc/5.2.0 |
|
#
147bf5e9 |
| 26-Nov-2021 |
Michael Tuexen <tuexen@FreeBSD.org> |
tcp: Don't try to upgrade a read lock just for logging
Reviewed by: glebius, lstewart, rrs Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D33098
|
Revision tags: vendor/bsddialog/2021-11-24, vendor/llvm-project/llvmorg-14-init-10223-g401b76fdf2b3, vendor/llvm-project/llvmorg-14-init-10186-gff7f2cfa959b |
|
#
ff945008 |
| 19-Nov-2021 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Add tcp_freecb() - single place to free tcpcb.
Until this change there were two places where we would free tcpcb - tcp_discardcb() in case if all timers are drained and tcp_timer_discard() otherwise
Add tcp_freecb() - single place to free tcpcb.
Until this change there were two places where we would free tcpcb - tcp_discardcb() in case if all timers are drained and tcp_timer_discard() otherwise. They were pretty much copy-n-paste, except that in the default case we would run tcp_hc_update(). Merge this into single function tcp_freecb() and move new short version of tcp_timer_discard() to tcp_timer.c and make it static.
Reviewed by: rrs, hselasky Differential revision: https://reviews.freebsd.org/D32965
show more ...
|
Revision tags: vendor/mandoc/1.14.6 |
|
#
2f62f92e |
| 14-Nov-2021 |
Michael Tuexen <tuexen@FreeBSD.org> |
tcp: Fix a locking issue related to logging
tcp_respond() is sometimes called with only a read lock. The logging however, requires a write lock. So either try to upgrade the lock if needed, or don't
tcp: Fix a locking issue related to logging
tcp_respond() is sometimes called with only a read lock. The logging however, requires a write lock. So either try to upgrade the lock if needed, or don't log the packet.
Reported by: syzbot+8151ef969c170f76706b@syzkaller.appspotmail.com Reported by: syzbot+eb679adb3304c511c1e4@syzkaller.appspotmail.com Reviewed by: markj, rrs Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D32983
show more ...
|
#
26cbd002 |
| 11-Nov-2021 |
Randall Stewart <rrs@FreeBSD.org> |
tcp: Rack may still calculate long RTT on persists probes.
When a persists probe is lost, we will end up calculating a long RTT based on the initial probe and when the response comes from the second
tcp: Rack may still calculate long RTT on persists probes.
When a persists probe is lost, we will end up calculating a long RTT based on the initial probe and when the response comes from the second probe (or third etc). This means we have a minimum of a confidence level of 3 on a incorrect probe. This commit will change it so that we have one of two options a) Just not count RTT of probes where we had a loss <or> b) Count them still but degrade the confidence to 0.
I have set in this the default being to just not measure them, but I am open to having the default be otherwise.
Reviewed by: Michael Tuexen Sponsored by: Netflix Inc. Differential Revision: https://reviews.freebsd.org/D32897
show more ...
|