Flush remaining routes from the routing table during VNET shutdown.
Summary:
This fixes rtentry leak for the cloned interfaces created inside the
VNET.
Loopback teardown order is `SI_SUB_INIT_IF`, which happens after `SI_SUB_PROTO_DOMAIN` (route table teardown).
Thus, any route table operations are too late to schedule.
As the intent of the vnet teardown procedures to minimise the amount of effort by doing global cleanups instead of per-interface ones, address this by adding a relatively light-weight routing table cleanup function, `rib_flush_routes()`.
It removes all remaining routes from the routing table and schedules the deletion, which will happen later, when `rtables_destroy()` waits for the current epoch to finish.
Traditionally *BSD routing stack required to supply some
interface data for blackhole/reject routes. This lead to
varieties of hacks in routing daemons when inserting such routes.
With the recent routeing stack changes, gateway sockaddr without
RTF_GATEWAY started to be treated differently, purely as link
identifier.
This change broke net/bird, which installs blackhole routes with
127.0.0.1 gateway without RTF_GATEWAY flags.
Fix this by automatically constructing necessary gateway data at
rtsock level if RTF_REJECT/RTF_BLACKHOLE is set.
Reported by: Marek Zarychta <zarychtam at plan-b.pwste.edu.pl>
Reviewed by: donner
Dimitry Andric [Sat, 13 Mar 2021 13:54:05 +0000 (14:54 +0100)]
Partially revert libcxxrt changes to avoid _Unwind_Exception change
(Note I am also applying this to main and stable/13, to restore the old
libcxxrt ABI and to avoid having to maintain a compat library.)
After the recent cherry-picking of libcxxrt commits 0ee0dbfb0d26 and d2b3fadf2db5, users reported that editors/libreoffice packages from the
official package builders did not start anymore. It turns out that the
combination of these commits subtly changes the ABI, requiring all
applications that depend on internal details of struct _Unwind_Exception
(available via unwind-arm.h and unwind-itanium.h) to be recompiled.
However, the FreeBSD package builders always use -RELEASE jails, so
these still use the old declaration of struct _Unwind_Exception, which
is not entirely compatible. In particular, LibreOffice uses this struct
in its internal "uno bridge" component, where it attempts to setup its
own exception handling mechanism.
To fix this incompatibility, go back to the old declarations of struct
_Unwind_Exception, and restore the __LP64__ specific workaround we had
in place before (which was to cope with yet another, older ABI bug).
Effectively, this reverts upstream libcxxrt commits 88bdf6b290da
("Specify double-word alignment for ARM unwind") and b96169641f79
("Updated Itanium unwind"), and reapplies our commit 3c4fd2463bb2
("libcxxrt: add padding in __cxa_allocate_* to fix alignment").
Jamie Gritton [Tue, 23 Feb 2021 01:04:06 +0000 (17:04 -0800)]
MFC jail: Don't allow jails under dying parents
If a jail is created with jail_set(...JAIL_DYING), and it has a parent
currently in a dying state, that will bring the parent jail back to
life. Restrict that to require that the parent itself be explicitly
brought back first, and not implicitly created along with the new
child jail.
Jamie Gritton [Mon, 22 Feb 2021 20:27:44 +0000 (12:27 -0800)]
MFC jail: Add PD_KILL to remove a prison in prison_deref().
Add the PD_KILL flag that instructs prison_deref() to take steps
to actively kill a prison and its descendents, namely marking it
PRISON_STATE_DYING, clearing its PR_PERSIST flag, and killing any
attached processes.
This replaces a similar loop in sys_jail_remove(), bringing the
operation under the same single hold on allprison_lock that it already
has. It is also used to clean up failed jail (re-)creations in
kern_jail_set(), which didn't generally take all the proper steps.
Make sure PD_KILL isn't passed to do_jail_attach, where it might end
up trying to kill the caller's prison (even prison0).
Fix the child jail loop in prison_deref_kill, which was doing the
post-order part during the pre-order part. That's not a system-
killer, but make jails not always die correctly.
Jamie Gritton [Sun, 21 Feb 2021 21:24:47 +0000 (13:24 -0800)]
MFC jail: Add pr_state to struct prison
Rather that using references (pr_ref and pr_uref) to deduce the state
of a prison, keep track of its state explicitly. A prison is either
"invalid" (pr_ref == 0), "alive" (pr_uref > 0) or "dying"
(pr_uref == 0).
State transitions are generally tied to the reference counts, but with
some flexibility: a new prison is "invalid" even though it now starts
with a reference, and jail_remove(2) sets the state to "dying" before
the user reference count drops to zero (which was prviously
accomplished via the PR_REMOVE flag).
pr_state is protected by both the prison mutex and allprison_lock, so
it has the same availablity guarantees as the reference counts do.
Kyle Evans [Mon, 8 Mar 2021 20:20:10 +0000 (14:20 -0600)]
x86: tsc: deprioritize TSC on VirtualBox
Misbehavior has been observed with TSC under VirtualBox, where threads
doing small sleeps (~1 second) may miss their wake up and hang around
in a sleep state indefinitely. Switching back to ACPI-fast decidedly
fixes it, so stop using TSC on VirtualBox at least for the time being.
This partially reverts 84eaf2ccc6aa, applying it only to VirtualBox and
increasing the quality to 0. Negative qualities can never be chosen and
cannot be chosen with the tunable recently added. If we do not have a
timecounter with a higher quality than 0, then TSC does at least leave
the system mostly usable.
Jamie Gritton [Sun, 21 Feb 2021 18:55:44 +0000 (10:55 -0800)]
MFC jail: Change the locking around pr_ref and pr_uref
Require both the prison mutex and allprison_lock when pr_ref or
pr_uref go to/from zero. Adding a non-first or removing a non-last
reference remain lock-free. This means that a shared hold on
allprison_lock is sufficient for prison_isalive() to be useful, which
removes a number of cases of lock/check/unlock on the prison mutex.
Expand the locking in kern_jail_set() to keep allprison_lock held
exclusive until the new prison is valid, thus making invalid prisons
invisible to any thread holding allprison_lock (except of course the
one creating or destroying the prison). This renders prison_isvalid()
nearly redundant, now used only in asserts.
Jamie Gritton [Sat, 20 Feb 2021 22:38:58 +0000 (14:38 -0800)]
MFC jail: Improve locking when removing prisons
Change the flow of prison_deref() so it doesn't let go of allprison_lock
until it's completely done using it (except for a possible drop as part
of an upgrade on its first try).
Mark Johnston [Fri, 5 Mar 2021 23:07:47 +0000 (18:07 -0500)]
netmap: Stop printing a line to the dmesg in netmap_init()
netmap is compiled into the kernel by default so initialization was
always reported, and netmap uses a formatting convention not used in the
rest of the kernel.
Reviewed by: vmaffione
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29099
John Baldwin [Mon, 8 Mar 2021 18:46:40 +0000 (10:46 -0800)]
Correct the name of the structure used for TCP socket options.
The structure was renamed while refactoring Netflix's KTLS changes for
upstreaming, but the original name remained in tcp.4 and was
subsequently copied to ktls.4.
Gordon Bergling [Sun, 7 Mar 2021 19:27:59 +0000 (20:27 +0100)]
wg(4): Fix an example in the manual page
The example in the manual page of wg(4) for connecting to a
peer was missing the 'public-key' ifconfig(8) keyword and for the
addressed peer the port must be specified.
P2P ifa may require 2 routes: one is the loopback route, another is
the "prefix" route towards its destination.
Current code marks loopback routes existence with IFA_RTSELF and
"prefix" p2p routes with IFA_ROUTE.
For historic reasons, we fill in ifa_dstaddr for loopback interfaces.
To avoid installing the same route twice, we preemptively set
IFA_RTSELF when adding "prefix" route for loopback.
However, the teardown part doesn't have this hack, so we try to
remove the same route twice.
Fix this by checking if ifa_dstaddr is different from the ifa_addr
and moving this logic into a separate function.
in6_selectsrc() may call fib6_lookup() in some cases, which requires
epoch. Wrap in6_selectsrc* calls into epoch inside its users.
Mark it as requiring epoch by adding NET_EPOCH_ASSERT().
Changes in the 2fe5a79425c7 moved dst sockaddr masking from the
routing control plane to the rtsock code.
It broke arp/ndp deletion.
It turns out, arp/ndp perform RTM_GET request first to get an
interface index necessary for the deletion.
Then they simply stamp the reply with RTF_LLDATA and set the
command to RTM_DELETE.
As a result, kernel receives request with non-empty RTA_NETMASK
and clears RTA_DST host bits before passing the message to the
lla code.
De facto, the only needed bits are RTA_DST, RTA_GATEWAY and the
subset of rtm_flags.
With that in mind, fix the interace by clearing RTA_NETMASK
for every messages with RTF_LLDATA.
Traditionally routing socket code did almost zero checks on
the input message except for the most basic size checks.
This resulted in the unclear KPI boundary for the routing system code
(`rtrequest*` and now `rib_action()`) w.r.t message validness.
Multiple potential problems and nuances exists:
* Host bits in RTAX_DST sockaddr. Existing applications do send prefixes
with hostbits uncleared. Even `route(8)` does this, as they hope the kernel
would do the job of fixing it. Code inside `rib_action()` needs to handle
it on its own (see `rt_maskedcopy()` ugly hack).
* There are multiple way of adding the host route: it can be DST without
netmask or DST with /32(/128) netmask. Also, RTF_HOST has to be set correspondingly.
Currently, these 2 options create 2 DIFFERENT routes in the kernel.
* no sockaddr length/content checking for the "secondary" fields exists: nothing
stops rtsock application to send sockaddr_in with length of 25 (instead of 16).
Kernel will accept it, install to RIB as is and propagate to all rtsock consumers,
potentially triggering bugs in their code. Same goes for sin_port, sin_zero, etc.
The goal of this change is to make rtsock verify all sockaddr and prefix consistency.
Said differently, `rib_action()` or internals should NOT require to change any of the
sockaddrs supplied by `rt_addrinfo` structure due to incorrectness.
To be more specific, this change implements the following:
* sockaddr cleanup/validation check is added immediately after getting sockaddrs from rtm.
* Per-family dst/netmask checks clears host bits in dst and zeros all dst/netmask "secondary" fields.
* The same netmask checking code converts /32(/128) netmasks to "host" route case
(NULL netmask, RTF_HOST), removing the dualism.
* Instead of allowing ANY "known" sockaddr families (0<..<AF_MAX), allow only actually
supported ones (inet, inet6, link).
* Automatically convert `sockaddr_sdl` (AF_LINK) gateways to
`sockaddr_sdl_short`.
Reported by: Guy Yur <guyyur at gmail.com>
Reviewed By: donner
Differential Revision: https://reviews.freebsd.org/D28668
Add ifa_try_ref() to simplify ifa handling inside epoch.
More and more code migrates from lock-based protection to the NET_EPOCH
umbrella. It requires some logic changes, including, notably, refcount
handling.
When we have an `ifa` pointer and we're running inside epoch we're
guaranteed that this pointer will not be freed.
However, the following case can still happen:
* in thread 1 we drop to 0 refcount for ifa and schedule its deletion.
* in thread 2 we use this ifa and reference it
* destroy callout kicks in
* unhappy user reports bug
To address it, new `ifa_try_ref()` function is added, allowing to return
failure when we try to reference `ifa` with 0 refcount.
Additionally, existing `ifa_ref()` is enforced with `KASSERT` to provide
cleaner error in such scenarious.
Remove per-packet ifa refcounting from IPv6 fast path.
Currently ip6_input() calls in6ifa_ifwithaddr() for
every local packet, in order to check if the target ip
belongs to the local ifa in proper state and increase
its counters.
in6ifa_ifwithaddr() references found ifa.
With epoch changes, both `ip6_input()` and all other current callers
of `in6ifa_ifwithaddr()` do not need this reference
anymore, as epoch provides stability guarantee.
Given that, update `in6ifa_ifwithaddr()` to allow
it to return ifa without referencing it, while preserving
option for getting referenced ifa if so desired.
Do not reference returned ifa in in6_ifawithifp().
The only place where in6_ifawithifp() is used is ip6_output(),
which uses the returned ifa to bump traffic counters.
Given ifa stability guarantees is provided by epoch, do not refcount ifa.
Greg V [Tue, 2 Mar 2021 11:01:14 +0000 (06:01 -0500)]
openzfs: attach pam_zfs_key to build
This PAM module allows unlocking encrypted user home datasets when
logging in (and changing passphrase when changing the account password),
see https://github.com/openzfs/zfs/pull/9903
Also supposed to unload the key when the last session for the user is
done, but there are EBUSY issues:
https://github.com/openzfs/zfs/issues/11222#issuecomment-731897858
Submitted by: Greg V <greg_unrelenting.technology>
Reviewed by: mm
Differential Revision: https://reviews.freebsd.org/D28018
Martin Matuska [Fri, 26 Feb 2021 21:52:41 +0000 (22:52 +0100)]
zfs: add missing checks for unsupported features
After the merge of OpenZFS master-9312e0fd1 it has become possible to
import ZFS pools witn an active org.illumos:edonr feature on FreeBSD,
leading to a panic.
In addition, "zpool status" reported all pools without edonr as upgradable
and "zpool upgrade -v" lists edonr in the list of upgradable features.
This is an accepted but not yet included bugfix by upstream.
Notable upstream changes: 778869fa1 Fix reporting of mount progress e7adccf7f Disable use of hardware crypto offload drivers on FreeBSD 03e02e5b5 Fix checksum errors not being counted on repeated repair 64e0fe14f Restore FreeBSD resource usage accounting 11f2e9a49 Fix panic if scrubbing after removing a slog device
This update introduces a new pool property called "compatibility"
that can be used to enable a limited set of pool features on pool
creation and "stick" to it, so the "zpool upgrade" does not
accidentally enable features that are not desired. The value of
this property may then be changed later.
See zpool-features(5) for more information about the "compatibility"
pool property.
Eric Joyner [Tue, 23 Feb 2021 01:45:09 +0000 (17:45 -0800)]
ice(4): Update to version 0.28.1-k
This updates the driver to align with the version included in
the "Intel Ethernet Adapter Complete Driver Pack", version 25.6.
There are no major functional changes; this mostly contains
bug fixes and changes to prepare for new features. This version
of the driver uses the previously committed ice_ddp package
1.3.19.0.
This fixes mpr driver on big-endian devices.
Tested on powerpc64 and powerpc64le targets using a SAS9300-8i card
(LSISAS3008 pci vendor=0x1000 device=0x0097)
Submitted by: Andre Fernando da Silva <andre.silva@eldorado.org.br>
Reviewed by: luporl, alfredo, Sreekanth Reddy <sreekanth.reddy@broadcom.com> (by email)
Sponsored by: Eldorado Research Institute (eldorado.org.br)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D25785
Dimitry Andric [Fri, 5 Mar 2021 20:06:05 +0000 (21:06 +0100)]
Add a few missed files to libclang_rt.profile-<arch>.a
Otherwise, programs compiled with -fprofile-instr-generate will
encounter undefined symbol errors during linking, for example
__llvm_profile_counter_bias, lprofSetRuntimeCounterRelocation and a few
others were missing from the profile library.
Dimitry Andric [Tue, 23 Feb 2021 20:03:32 +0000 (21:03 +0100)]
Build lib/msun tests with compiler builtins disabled
This forces the compiler to emit calls to libm functions, instead of
possibly substituting pre-calculated results at compile time, which
should help to actually test those functions.
We could just use a C implementation using __builtin_fabs(), but using
this assembly version guarantees that there is no additional prolog/epilog
code. Additionally, clang generates worse code for masking off the top bit
than GCC: https://bugs.llvm.org/show_bug.cgi?id=49377.
This fixes the RISCV64 softfloat world build after cf97d2a1dab8. That commit
added -fno-builtin to the msun tests which resulted in the first references to
fabs (previously the compiler inlined all calls).
Reviewed By: dim
Reported by: mjg
Differential Revision: https://reviews.freebsd.org/D28994
Nathan Whitehorn [Tue, 23 Feb 2021 21:16:52 +0000 (16:16 -0500)]
Mount the EFI system partition (ESP) on newly-installed systems and VM
images.
Per hier(7), the ESP will be mounted at /boot/efi. On UFS systems,
any existing ESP will be reused and mounted there; otherwise, a new one
will be made. On ZFS systems, space for an ESP is allocated on all disks
in the root pool, but only the partition actually used to boot is set up
and mounted.
This makes future upgrades of the EFI loader easier (upgrade scripts can
just change /boot/efi) and also greatly simplifies the parts of the
installer involved in initialization of the ESP. It also makes the
installer's behavior correspond to the documentation in hier(7).
Alexander Motin [Sat, 6 Mar 2021 03:39:52 +0000 (22:39 -0500)]
Do not exit ctl_be_block_worker() prematurely.
Return while there are any I/Os in a queue may result in them stuck
indefinitely, since there is only one taskqueue task for all of them.
I think I've reproduced this by switching ha_role to secondary under
heavy load.
Brandon Bergren [Mon, 1 Mar 2021 02:35:53 +0000 (20:35 -0600)]
[PowerPC64] Fix multiple issues in fpsetmask().
Building R exposed a problem in fpsetmask() whereby we were not properly
clamping the provided mask to the valid range.
R initilizes the mask by calling fpsetmask(~0) on FreeBSD. Since we
recently enabled precise exceptions, this was causing an immediate
SIGFPE because we were attempting to set invalid bits in the fpscr.
Properly limit the range of bits that can be set via fpsetmask().
While here, use the correct fp_except_t type instead of fp_rnd_t.
Reported by: pkubaj (in IRC)
Sponsored by: Tag1 Consulting, Inc.
Brandon Bergren [Thu, 25 Feb 2021 18:55:58 +0000 (12:55 -0600)]
[PowerPC64LE] pseries: Fix input buffering logic.
In uart_phyp_get(), when the internal buffer is empty, we make a
hypercall to retrieve up to 16 bytes of input data from the
hypervisor. As this is specified to be returned in BE format, we need
to do a 64-bit byte swap on the first and second half of the data.
If the buffer being passed in was insufficient to return the fetched
data, we store the remainder in the internal buffer and use it to
satisfy the following calls to uart_phyp_get() until it is drained.
However, in this case, we were accidentally byteswapping the internal
buffer again.
Move the byteswapping code to just after the hypercall so it only gets
swapped when we're filling the buffer.
Fixes arrow keys in qemu on pseries, among other console oddities.
Mitchell Horne [Thu, 4 Mar 2021 17:52:45 +0000 (13:52 -0400)]
riscv: fix errors in some atomic type aliases
This appears to be a copy-and-paste error that has simply been
overlooked. The tree contains only two calls to any of the affected
variants, but recent additions to the test suite started exercising the
call to atomic_clear_rel_int() in ng_leave_write(), reliably causing
panics.
Apparently, the issue was inherited from the arm64 atomic header. That
instance was addressed in c90baf6817a0, but the fix did not make its way
to RISC-V.
Note that the particular test case ng_macfilter_test:main still appears
to fail on this platform, but this change reduces the panic to a
timeout.
Mitchell Horne [Mon, 1 Mar 2021 14:01:25 +0000 (10:01 -0400)]
arm64: add definition for IS_SSTEP_TRAP()
arm64 has a distinct exception code for single-step, so we can use this
to detect when an unexpected SS trap is encountered, or when an expected
one is not. See db_stop_at_pc().
Reviewed by: markj, jhb
Sponsored by: The FreeBSD Foundation
Mitchell Horne [Mon, 1 Mar 2021 13:59:25 +0000 (09:59 -0400)]
arm64: fix hardware single-stepping from EL1
The main issue is that debug exceptions must to be disabled for the
entire duration that SS bit in MDSCR_EL1 is set. Otherwise, a
single-step exception will be generated immediately. This can occur
before returning from the debugger (when MDSCR is written to) or before
re-entering it after the single-step (when debug exceptions are unmasked
in the exception handler).
Solve this by delaying the unmask to C code for EL1, and avoid unmasking
at all while handling debug exceptions, thus avoiding any recursive
debug traps.
Reviewed by: markj, jhb
Sponsored by: The FreeBSD Foundation
There were two definitions for the SCSI VPD Block Device Characteristics (page
0xb1): struct scsi_vpd_block_characteristics and struct
scsi_vpd_block_device_characteristics. The latter is more complete and more
widely used. Convert uses of the former to the latter by tweaking the da driver
and removing sturct scsi_vpd_block_characteristics.
Warner Losh [Fri, 26 Feb 2021 18:43:35 +0000 (11:43 -0700)]
cam: add new ASC and ASCQ values related to drive depopulation
Add 04/25 Depopulation restoration in progress, 31/04 Depopulation failed, and
31/05 Depopulation restoration failed.
These are defined in SPC-6r2 (though 31/4 was added in an earlier draft). They
relate to different aspects of in-progress or failed depopulation removal and
restoration commands.
Warner Losh [Tue, 23 Feb 2021 19:33:26 +0000 (12:33 -0700)]
camcontrol: change hueristic for I/O-less devtype
Some SATA drives have 'config' set to 0 in the identify block. Rather than rely
on it, use the strings windows uses to display the drive since they are supposed
to be space padded and will always be non-zero.
Andrew Gierth [Wed, 3 Mar 2021 18:25:11 +0000 (12:25 -0600)]
service(8): use an environment more consistent with init(8)
init(8) sets the "daemon" login class without specifying a pw
entry (so no substitutions are done on the variables). service(8)'s
use of env -L had the effect of specifying root's pw entry, with two
effects: getpwnam and getpwuid are being called, which may not be
entirely safe depending on what nsswitch is up to and what stage of
boot we are at, and substitutions would have been done.
Fix by teaching env(8) to allow -L -/classname to set the class
environment with no pw entry at all specified, and use it in
service(8).
Kyle Evans [Thu, 4 Mar 2021 19:28:53 +0000 (13:28 -0600)]
jail(8): reset to root cpuset before attaching to run commands
Recent changes have made it such that attaching to a jail will augment
the attaching process' cpu mask with the jail's cpuset. While this is
convenient for allowing the administrator to cpuset arbitrary programs
that will attach to a jail, this is decidedly not convenient for
executing long-running daemons during jail creation.
This change inserts a reset of the process cpuset to the root cpuset
between the fork and attach to execute a command. This allows commands
executed to have the widest mask possible, and the administrator can
cpuset(1) it back down inside the jail as needed.
With this applied, one should be able to change a jail's cpuset at
exec.poststart in addition to exec.created. The former was made
difficult if jail(8) itself was running with a constrained set, as then
some processes may have been spawned inside the jail with a non-root
set. The latter is the preferred option so that processes starting in
the jail are constrained appropriately up front.
Note that all system commands are still run with the process' initial
cpuset applied.
armv8crypto: fix AES-XTS regression introduced by ed9b7f44
Initialization of the XTS key schedule was accidentally dropped
when adding AES-GCM support so all-zero schedule was used instead.
This rendered previously created GELI partitions unusable.
This change restores proper XTS key schedule initialization.
Reported by: Peter Jeremy <peter@rulingia.com>
MFC after: immediately
Jung-uk Kim [Wed, 3 Mar 2021 23:10:00 +0000 (18:10 -0500)]
libkvm: Plug couple of memory leaks and check possible calloc(3) failure
First, r204494 introduced dpcpu_off in struct __kvm and it was allocated
from _kvm_dpcpu_init() but it was not free(3)'ed from kvm_close(3).
Second, r291406 introduced kvm_nlist2(3) and converted kvm_nlist(3) to
use the new function but it did not free the temporary buffer.
Also, check possible calloc(3) failure while I am in the neighborhood.
Ed Maste [Tue, 2 Mar 2021 22:35:48 +0000 (17:35 -0500)]
growfs: allow operation on RW-mounted filesystems
growfs supports growing mounted filesystems (writes are temporarily
suspended while the grow happens). Drop the check for fs_clean == 0
to restore this case. Leave fs_flags check for FS_UNCLEAN or
FS_NEEDSFSCK which represent the state of the filesystem when it was
mounted, and fsck should be run first if they are set.
PR: 253754
Reviewed by: mckusick
Fixes: 6eb925f8450f ("Filesystem utilities that modify the...")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29021
Rick Macklem [Thu, 18 Feb 2021 22:08:19 +0000 (14:08 -0800)]
nfs-over-tls: add user space daemons rpc.tlsclntd and rpc.tlsservd
The kernel changes needed for nfs-over-tls have been committed to main.
However, nfs-over-tls requires user space daemons to handle the
TLS handshake and other non-application data TLS records.
There is one daemon (rpc.tlsclntd) for the client side and one daemon
(rpc.tlsservd) for the server side, although they share a fair amount
of code found in rpc.tlscommon.c and rpc.tlscommon.h.
They use a KTLS enabled OpenSSL to perform the actual work and, as such,
are only built when MK_OPENSSL_KTLS is set.
Communication with the kernel is done via upcall RPCs done on AF_LOCAL
sockets and the custom system call rpctls_syscall.
Ed Maste [Fri, 5 Mar 2021 17:49:23 +0000 (12:49 -0500)]
Cirrus-CI: temporarily avoid qemu smoke test boot
Cirrus-CI has been red for some time because we're running out of disk
space on the ephemeral GCP VMs. For now remove the package + qemu boot,
and just check for build regressions.
This change to be reverted once we have identified and addressed the
underlying issue.
Ed Maste [Fri, 29 Jan 2021 14:34:27 +0000 (09:34 -0500)]
Cirrus-CI: remove svn2git remnant
Previously Cirrus was skipped on svn_head to avoid running CI on two
different branches with identical content. With the transition to git
this serves no purpose.
Reported by: kevans
Sponsored by: The FreeBSD Foundation
Ed Maste [Fri, 19 Feb 2021 01:41:33 +0000 (20:41 -0500)]
tests/sys/audit: force PIE off
df093aa9463b linked against libprivateauditd.a, but that is currently
(and incorrectly) built as position-dependent. For now just force PIE
off for this test to fix the WITH_PIE build.
Peter Grehan [Sat, 27 Feb 2021 04:15:04 +0000 (14:15 +1000)]
Import wireguard fixes from pfSense 2.5
Merge the following fixes from https://github.com/pfsense/FreeBSD-src 1940e7d3 Save address of ingress packets to allow wg to work on HA 8f5531f1 Fix connection to IPv6 endpoint 825ed9ee Fix tcpdump for wg IPv6 rx tunnel traffic 2ec232d3 Fix issue with replying to INITIATION messages in server mode ec77593a Return immediately in wg_init if in DETACH'd state 0f0dde6f Remove unnecessary wg debug printf on transmit 2766dc94 Detect and fix case in wg_init() where sockets weren't cleaned up b62cc7ac Close the UDP tunnel sockets when the interface has been stopped
ixl(4): Add ability to control link state on ifconfig down
Add sysctl link_active_on_if_down, which allows user to control
if interface is kept in active state when it is brought
down with ifconfig. Set it to enabled by default to preserve
backwards compatibility.