| created | 2021-06-06T21:23:06Z |
|---|---|
| begin | 2021-02-23T00:00:00Z |
| end | 2021-02-24T00:00:00Z |
| path | src/sys |
| commits | 25 |
| date | 2021-02-23T00:03:01Z | |||
|---|---|---|---|---|
| author | jsg | |||
| files | src/sys/dev/acpi/acpiec.c | log | diff | annotate |
| message |
remove unused acpiec_lock() acpiec_unlock() functions ok kettenis@ pirofti@ |
|||
| date | 2021-02-23T03:30:04Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/conf/files | log | diff | annotate |
| src/sys/net/if_veb.c | log | diff | annotate | |
| message |
add veb(4), a Virtual Ethernet Bridge driver. my intention is to replace bridge(4), but the way it works is different enough from from bridge that a name change is justified to distinguish them. it also makes it easier to commit it to the tree and work on it in parallel to bridge, and allows a window of migration. the main difference between veb(4) and bridge(4) is how they use interfaces as ports. veb takes over interfaces completely and only uses them to receive and transmit ethernet packets. bridge also use each interface as a port to the ethernet segment it's connected to, but also tries to continue supporting the use of the interface as a way to talk to the network stack on the local system. supporting the use of interfaces for both external and local communication is where most of my confusion with bridge comes from, both when i'm trying to operate it and also understand the code. changing this semantic is where most of the simplification in veb comes from compared to bridge. because veb takes over interfaces, the ethernet network set up on a veb is isolated from the host network stack. by default veb does not interact with pf or the ip (and mpls) stacks. to enable pf for ip frames going over veb ports link1 on the veb interface must be set. to have the stack interact with a veb network, vport interfaces must be created and added as ports to a veb. the vport interface driver is provided as part of veb, and is handled specially by veb. veb usually prevents the use of ports by the stack for sending an receiving packets, but that's why vports exist, so veb has special handling for them. veb already supports a lot of the other features that bridge has, including bridge rules and protected domains, but i got tired of working out of the tree and stopped implementing them. the main outstanding features is better address table management, the blocknonip flag on ports, transparent ipsec interception, and spanning tree. i may not bother with spanning tree unless someone tells me that they actually use it. the core ethernet learning bridge functionality is provided by the etherbridge code that was factored out of nvgre and bpe. veb is already (a lot) faster than bridge, and is better prepared to operate in parallel on multiple CPUs concurrently. thanks to hrvoje popovski for testing some earlier versions of this. discussed with many ok patrick@ jmatthew@ |
|||
| date | 2021-02-23T04:40:27Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_veb.c | log | diff | annotate |
| message |
filter MAC Bridge component Reserved address im considering converting ethernet addresses into uint64_ts to make comparisons (and masking) easier. im trialling it here, and it doesn't seem like the worst. |
|||
| date | 2021-02-23T04:44:30Z | |||
|---|---|---|---|---|
| author | cheloha | |||
| files | src/sys/arch/alpha/alpha/clock.c | log | diff | annotate |
| src/sys/arch/amd64/amd64/tsc.c | log | diff | annotate | |
| src/sys/arch/amd64/isa/clock.c | log | diff | annotate | |
| src/sys/arch/arm/cortex/agtimer.c | log | diff | annotate | |
| src/sys/arch/arm/cortex/amptimer.c | log | diff | annotate | |
| src/sys/arch/arm64/dev/agtimer.c | log | diff | annotate | |
| src/sys/arch/armv7/omap/dmtimer.c | log | diff | annotate | |
| src/sys/arch/armv7/omap/gptimer.c | log | diff | annotate | |
| src/sys/arch/armv7/sunxi/sxitimer.c | log | diff | annotate | |
| src/sys/arch/hppa/dev/clock.c | log | diff | annotate | |
| src/sys/arch/i386/isa/clock.c | log | diff | annotate | |
| src/sys/arch/i386/pci/geodesc.c | log | diff | annotate | |
| src/sys/arch/i386/pci/gscpm.c | log | diff | annotate | |
| src/sys/arch/i386/pci/ichpcib.c | log | diff | annotate | |
| src/sys/arch/macppc/macppc/clock.c | log | diff | annotate | |
| src/sys/arch/mips64/mips64/mips64_machdep.c | log | diff | annotate | |
| message |
timecounting: use C99-style initialization for all timecounter structs The timecounter struct is large and I think it may change in the future. Changing it later will be easier if we use C99-style initialization for all timecounter structs. It also makes reading the code a bit easier. For reasons I cannot explain, switching to C99-style initialization sometimes changes the hash of the resulting object file, even though the resulting struct should be the same. So there is a binary change here, but only sometimes. No behavior should change in either case. I can't compile-test this everywhere but I have been staring at the diff for days now and I'm relatively confident this will not break compilation. Fingers crossed. ok gnezdo@ |
|||
| date | 2021-02-23T04:44:31Z | |||
|---|---|---|---|---|
| author | cheloha | |||
| files | src/sys/arch/powerpc64/powerpc64/clock.c | log | diff | annotate |
| src/sys/arch/sparc64/dev/psycho.c | log | diff | annotate | |
| src/sys/arch/sparc64/sparc64/clock.c | log | diff | annotate | |
| src/sys/dev/acpi/acpihpet.c | log | diff | annotate | |
| src/sys/dev/acpi/acpitimer.c | log | diff | annotate | |
| src/sys/dev/pci/amdpm.c | log | diff | annotate | |
| src/sys/dev/pci/viapm.c | log | diff | annotate | |
| src/sys/dev/pv/hyperv.c | log | diff | annotate | |
| src/sys/dev/pv/pvclock.c | log | diff | annotate | |
| src/sys/kern/kern_tc.c | log | diff | annotate | |
| message |
timecounting: use C99-style initialization for all timecounter structs The timecounter struct is large and I think it may change in the future. Changing it later will be easier if we use C99-style initialization for all timecounter structs. It also makes reading the code a bit easier. For reasons I cannot explain, switching to C99-style initialization sometimes changes the hash of the resulting object file, even though the resulting struct should be the same. So there is a binary change here, but only sometimes. No behavior should change in either case. I can't compile-test this everywhere but I have been staring at the diff for days now and I'm relatively confident this will not break compilation. Fingers crossed. ok gnezdo@ |
|||
| date | 2021-02-23T05:01:00Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_veb.c | log | diff | annotate |
| message | add support for setting and getting bridge port flags. | |||
| date | 2021-02-23T05:23:02Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_veb.c | log | diff | annotate |
| message | implement support for the blocknonip port flag. | |||
| date | 2021-02-23T07:29:07Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_veb.c | log | diff | annotate |
| message | use link0 to allow vlans to cross the bridge. | |||
| date | 2021-02-23T09:51:08Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_bridge.c | log | diff | annotate |
| message |
use the ipv6 dst addr to look up an ipsec tdb in bridge_ipsec in. using the ipv6 next protocol header probably doesnt work. it also probably doesnt matter cos i'm not sure anyone uses this feature in bridge. or maybe there isn't anyone who uses ipv6. both are plausible options. hahaha^Wok patrick@ |
|||
| date | 2021-02-23T10:20:10Z | |||
|---|---|---|---|---|
| author | jsg | |||
| files | src/sys/arch/arm/armv7/Attic/armv7reg.h | log | diff | annotate |
| src/sys/arch/arm64/include/Attic/internal_types.h | log | diff | annotate | |
| src/sys/arch/i386/stand/libsa/Attic/cpuprobe.h | log | diff | annotate | |
| src/sys/arch/sh/include/Attic/sh_opcode.h | log | diff | annotate | |
| src/sys/dev/ic/Attic/dc503reg.h | log | diff | annotate | |
| message | remove some unused includes | |||
| date | 2021-02-23T10:20:11Z | |||
|---|---|---|---|---|
| author | jsg | |||
| files | src/sys/dev/ic/Attic/espreg.h | log | diff | annotate |
| src/sys/dev/ic/Attic/hayespreg.h | log | diff | annotate | |
| src/sys/dev/ic/Attic/i82595reg.h | log | diff | annotate | |
| src/sys/dev/ic/Attic/i82810reg.h | log | diff | annotate | |
| src/sys/dev/ic/Attic/ibm525reg.h | log | diff | annotate | |
| src/sys/dev/ic/Attic/intersil7170.h | log | diff | annotate | |
| src/sys/dev/isa/Attic/madreg.h | log | diff | annotate | |
| src/sys/dev/isa/Attic/rtreg.h | log | diff | annotate | |
| src/sys/dev/isa/Attic/rtvar.h | log | diff | annotate | |
| src/sys/dev/microcode/ises/Attic/ises_fw.h | log | diff | annotate | |
| src/sys/dev/mii/Attic/mtdphyreg.h | log | diff | annotate | |
| src/sys/dev/mii/Attic/txphyreg.h | log | diff | annotate | |
| src/sys/dev/pci/Attic/bt8370reg.h | log | diff | annotate | |
| src/sys/dev/pci/Attic/pciide_i31244_reg.h | log | diff | annotate | |
| message | remove some unused includes | |||
| date | 2021-02-23T10:41:59Z | |||
|---|---|---|---|---|
| author | mpi | |||
| files | src/sys/uvm/uvm_fault.c | log | diff | annotate |
| message |
Move `pgo_fault' handler outside of uvm_fault_lower(). Reduce differences with NetBSD and prepare for `uobj' locking. No functionnal change. ok chris@, kettenis@ |
|||
| date | 2021-02-23T11:22:20Z | |||
|---|---|---|---|---|
| author | jsg | |||
| files | src/sys/uvm/uvm_map.c | log | diff | annotate |
| message |
remove unused uvm_mapent_bias() ok mpi@ |
|||
| date | 2021-02-23T11:40:28Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_veb.c | log | diff | annotate |
| message |
make a start on transparent ipsec interception, based on bridge(4). i found the Transparent Network Security Policy Enforcement paper by angelos and jason was useful for understanding the background and why you'd want to do this. the implementation is a little bit different to the bridge one because i've tweaked the order that pf and ipsec processing happens, depending on which direction the packet is going over the bridge. bridge always runs ipsec processing before pf, no matter which direction the packet is going. packets going into veb, pf runs first and then ipsec input processing is allowed to happen. in the outgoing direction ipsec happens first and then pf. pf runs before ipsec in the inbound direction so pf can apply policy to ipsec encapsulated packets before they hit pf. this allows you to apply policy to both the encrypted and unencrypted packets in both directions. the code is disabled for now. this is mostly because i want veb(4) to have a good chance at operating outside the netlock, and i'm pretty sure the ipsec stack isn't ready for that yet. the other reason why it's disabled is getting a test setup is effort, but i want to sleep. |
|||
| date | 2021-02-23T11:43:40Z | |||
|---|---|---|---|---|
| author | mvs | |||
| files | src/sys/net/pf.c | log | diff | annotate |
| message |
Use NULL instead of 0 in `m_nextpkt' assignment. ok deraadt@ dlg@ |
|||
| date | 2021-02-23T11:43:41Z | |||
|---|---|---|---|---|
| author | mvs | |||
| files | src/sys/netinet/ip_output.c | log | diff | annotate |
| src/sys/netinet6/ip6_output.c | log | diff | annotate | |
| message |
Use NULL instead of 0 in `m_nextpkt' assignment. ok deraadt@ dlg@ |
|||
| date | 2021-02-23T11:44:53Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_bridge.c | log | diff | annotate |
| message | small adjustment of the deck chairs, no functional change. | |||
| date | 2021-02-23T11:48:21Z | |||
|---|---|---|---|---|
| author | aoyama | |||
| files | src/sys/arch/luna88k/luna88k/machdep.c | log | diff | annotate |
| message |
Make more efficient clearing interrupts on all processors at boot time. Without this modification, because of the volatile qualifier, the compiler does not produce four `` = 0 '' assignments, but code equivalent to: *(volatile uint32_t *)INT_ST_MASK3 = 0; *(volatile uint32_t *)INT_ST_MASK2 = *(volatile uint32_t *)INT_ST_MASK3; *(volatile uint32_t *)INT_ST_MASK1 = *(volatile uint32_t *)INT_ST_MASK2; *(volatile uint32_t *)INT_ST_MASK0 = *(volatile uint32_t *)INT_ST_MASK1; Anders Gavare reported to Miod Vallat, and he gave me a diff. |
|||
| date | 2021-02-23T12:14:10Z | |||
|---|---|---|---|---|
| author | bluhm | |||
| files | src/sys/netinet/ip_output.c | log | diff | annotate |
| message |
As ip_insertoptions() may prepend a mbuf, "goto bad" has to free the new chain. This fixes a potential memory leak in ip_output(). Also simplify a bunch of "goto done". OK kn@ mvs@ |
|||
| date | 2021-02-23T13:50:16Z | |||
|---|---|---|---|---|
| author | jsg | |||
| files | src/sys/kern/kern_malloc.c | log | diff | annotate |
| src/sys/sys/malloc.h | log | diff | annotate | |
| message | remove unused malloc_roundup() | |||
| date | 2021-02-23T15:13:58Z | |||
|---|---|---|---|---|
| author | mvs | |||
| files | src/sys/net/if_switch.c | log | diff | annotate |
| message |
Wrap by netlock the whole foreach loop which calls switch_port_detach() in switch_clone_destroy(). This fixes netlock assertion within underlay ifpromisc(). The problem was reported by hrvoje@ [1]. "why not" by deraadt@ 1. https://marc.info/?l=openbsd-bugs&m=161338077403538&w=2 |
|||
| date | 2021-02-23T15:47:53Z | |||
|---|---|---|---|---|
| author | cheloha | |||
| files | src/sys/arch/sparc64/sparc64/clock.c | log | diff | annotate |
| message |
sparc64/clock.c: use ANSI-style function definitions While here, zap a few ARGUSED linter comments. Compile-tested by deraadt@. ok deraadt@ |
|||
| date | 2021-02-23T17:01:17Z | |||
|---|---|---|---|---|
| author | kettenis | |||
| files | src/sys/arch/arm64/conf/GENERIC | log | diff | annotate |
| src/sys/arch/arm64/conf/RAMDISK | log | diff | annotate | |
| src/sys/arch/arm64/conf/files.arm64 | log | diff | annotate | |
| src/sys/arch/arm64/dev/aplintc.c | log | diff | annotate | |
| message |
Add aplintc(4), a driver for the interrupt controller found on Apple M1 SoCs. ok patrick@ |
|||
| date | 2021-02-23T19:43:54Z | |||
|---|---|---|---|---|
| author | tobhe | |||
| files | src/sys/netinet/ip_ipsp.c | log | diff | annotate |
| message |
Use pool to allocate tdbs. ok patrick@ bluhm@ |
|||
| date | 2021-02-23T23:42:17Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_veb.c | log | diff | annotate |
| message | handle ifconfig veb0 flush with etherbridge_flush, like bpe and nvgre | |||