OpenBSD cvs log

created 2023-07-07T13:14:23Z
begin 2023-07-06T00:00:00Z
end 2023-07-07T00:00:00Z
path src/sys
commits 18

date 2023-07-06T04:13:52Z
author jsg
files src/sys/dev/pci/drm/amd/display/dc/core/amdgpu_dc.c log diff annotate
message drm/amd/display: Remove optimization for VRR updates

From Alvin Lee
dd6d6f9d47aebf50713fb857f91402a1c6c3131c in linux-6.1.y/6.1.38
3442f4e0e55555d14b099c17382453fdfd2508d5 in mainline linux

date 2023-07-06T04:16:28Z
author jsg
files src/sys/dev/pci/drm/amd/display/dc/core/amdgpu_dc.c log diff annotate
message drm/amd/display: Do not update DRR while BW optimizations pending

From Aric Cyr
a905b0b318ad7d37c3041573454129923e0a0723 in linux-6.1.y/6.1.38
32953485c558cecf08f33fbfa251e80e44cef981 in mainline linux

date 2023-07-06T04:18:04Z
author jsg
files src/sys/dev/pci/drm/amd/amdgpu/amdgpu_vm.c log diff annotate
message drm/amdgpu: Validate VM ioctl flags.

From Bas Nieuwenhuizen
9d0b2afadfd71e9bedd593358bd7ac4701e46477 in linux-6.1.y/6.1.38
a2b308044dcaca8d3e580959a4f867a1d5c37fac in mainline linux

date 2023-07-06T04:20:00Z
author jsg
files src/sys/dev/pci/drm/amd/display/dc/core/amdgpu_dc.c log diff annotate
message drm/amd/display: Ensure vmin and vmax adjust for DCE

From Rodrigo Siqueira
c50065a3927932cd9baf3d5c94c91b58c31200d5 in linux-6.1.y/6.1.38
2820433be2a33beb44b13b367e155cf221f29610 in mainline linux

date 2023-07-06T04:55:04Z
author dlg
files src/sys/net/if.c log diff annotate
message big update to pfsync to try and clean up locking in particular.

moving pf forward has been a real struggle, and pfsync has been a
constant source of pain. we have been papering over the problems
for a while now, but it reached the point that it needed a fundamental
restructure, which is what this diff is.

the big headliner changes in this diff are:

- pfsync specific locks

this is the whole reason for this diff.

rather than rely on NET_LOCK or KERNEL_LOCK or whatever, pfsync now
has it's own locks to protect it's internal data structures. this
is important because pfsync runs a bunch of timeouts and tasks to
push pfsync packets out on the wire, or when it's handling requests
generated by incoming pfsync packets, both of which happen outside
pf itself running. having pfsync specific locks around pfsync data
structures makes the mutations of these data structures a lot more
explicit and auditable.

- partitioning

to enable future parallelisation of the network stack, this rewrite
includes support for pfsync to partition states into different "slices".
these slices run independently, ie, the states collected by one slice
are serialised into a separate packet to the states collected and
serialised by another slice.

states are mapped to pfsync slices based on the pf state hash, which
is the same hash that the rest of the network stack and multiq
hardware uses.

- no more pfsync called from netisr

pfsync used to be called from netisr to try and bundle packets, but now
that there's multiple pfsync slices this doesnt make sense. instead it
uses tasks in softnet tqs.

- improved bulk transfer handling

there's shiny new state machines around both the bulk transmit and
receive handling. pfsync used to do horrible things to carp demotion
counters, but now it is very predictable and returns the counters back
where they started.

- better tdb handling

the tdb handling was pretty hairy, but hrvoje has kicked this around
a lot with ipsec and sasyncd and we've found and fixed a bunch of
issues as a result of that testing.

- mpsafe pf state purges

this was committed previously, but because the locks pfsync relied on
weren't clear this just caused a ton of bugs. as part of this diff it's
now reliable, and moves a big chunk of work out from under KERNEL_LOCK,
which in turn improves the responsiveness and throughput of a firewall
even if you're not using pfsync.

there's a bunch of other little changes along the way, but the above are
the big ones.

hrvoje has done performance testing with this diff and notes a big
improvement when pfsync is not in use. performance when pfsync is
enabled is about the same, but im hoping the slices means we can scale
along with pf as it improves.

lots (months) of testing by me and hrvoje on pfsync boxes
tests and ok sashan@
deraadt@ says this is a good time to put it in

date 2023-07-06T04:55:05Z
author dlg
files src/sys/net/if_pfsync.c log diff annotate
src/sys/net/if_pfsync.h log diff annotate
src/sys/net/netisr.h log diff annotate
src/sys/net/pf.c log diff annotate
src/sys/net/pf_ioctl.c log diff annotate
src/sys/net/pf_norm.c log diff annotate
src/sys/net/pfvar.h log diff annotate
src/sys/net/pfvar_priv.h log diff annotate
src/sys/netinet/in_proto.c log diff annotate
src/sys/netinet/ip_ipsp.h log diff annotate
message big update to pfsync to try and clean up locking in particular.

moving pf forward has been a real struggle, and pfsync has been a
constant source of pain. we have been papering over the problems
for a while now, but it reached the point that it needed a fundamental
restructure, which is what this diff is.

the big headliner changes in this diff are:

- pfsync specific locks

this is the whole reason for this diff.

rather than rely on NET_LOCK or KERNEL_LOCK or whatever, pfsync now
has it's own locks to protect it's internal data structures. this
is important because pfsync runs a bunch of timeouts and tasks to
push pfsync packets out on the wire, or when it's handling requests
generated by incoming pfsync packets, both of which happen outside
pf itself running. having pfsync specific locks around pfsync data
structures makes the mutations of these data structures a lot more
explicit and auditable.

- partitioning

to enable future parallelisation of the network stack, this rewrite
includes support for pfsync to partition states into different "slices".
these slices run independently, ie, the states collected by one slice
are serialised into a separate packet to the states collected and
serialised by another slice.

states are mapped to pfsync slices based on the pf state hash, which
is the same hash that the rest of the network stack and multiq
hardware uses.

- no more pfsync called from netisr

pfsync used to be called from netisr to try and bundle packets, but now
that there's multiple pfsync slices this doesnt make sense. instead it
uses tasks in softnet tqs.

- improved bulk transfer handling

there's shiny new state machines around both the bulk transmit and
receive handling. pfsync used to do horrible things to carp demotion
counters, but now it is very predictable and returns the counters back
where they started.

- better tdb handling

the tdb handling was pretty hairy, but hrvoje has kicked this around
a lot with ipsec and sasyncd and we've found and fixed a bunch of
issues as a result of that testing.

- mpsafe pf state purges

this was committed previously, but because the locks pfsync relied on
weren't clear this just caused a ton of bugs. as part of this diff it's
now reliable, and moves a big chunk of work out from under KERNEL_LOCK,
which in turn improves the responsiveness and throughput of a firewall
even if you're not using pfsync.

there's a bunch of other little changes along the way, but the above are
the big ones.

hrvoje has done performance testing with this diff and notes a big
improvement when pfsync is not in use. performance when pfsync is
enabled is about the same, but im hoping the slices means we can scale
along with pf as it improves.

lots (months) of testing by me and hrvoje on pfsync boxes
tests and ok sashan@
deraadt@ says this is a good time to put it in

date 2023-07-06T06:58:07Z
author deraadt
files src/sys/dev/acpi/acpi.c log diff annotate
src/sys/dev/acpi/acpi_x86.c log diff annotate
message moving acpiioctl to a different file than acpiopen is not going to work
for ramdisks. noticed by anton.
this must be reconsidered.

date 2023-07-06T07:49:52Z
author deraadt
files src/sys/kern/kern_exec.c log diff annotate
message remove during-development special cases for MNT_WXALLOWED and chrome and
IBT/BTI, because many more things are about to work correctly

date 2023-07-06T08:32:37Z
author jmatthew
files src/sys/dev/fdt/if_dwge.c log diff annotate
message Register a mapping of dwge interfaces to ofw nodes/phandles.

ok kettenis@

date 2023-07-06T09:15:23Z
author bluhm
files src/sys/netinet/tcp_input.c log diff annotate
message Convert tcp_now() time counter to 64 bit.

After changing tcp now tick to milliseconds, 32 bits will wrap
around after 49 days of uptime. That may be a problem in some
places of our stack. Better use a 64 bit counter.

As timestamp option is 32 bit in TCP protocol, use the lower 32 bit
there. There are casts to 32 bits that should behave correctly.

Start with random 63 bit offset to avoid uptime leakage. 2^63
milliseconds result in 2.9*10^8 years of possible uptime.

OK yasuoka@

date 2023-07-06T09:15:24Z
author bluhm
files src/sys/netinet/tcp_output.c log diff annotate
src/sys/netinet/tcp_subr.c log diff annotate
src/sys/netinet/tcp_timer.c log diff annotate
src/sys/netinet/tcp_usrreq.c log diff annotate
src/sys/netinet/tcp_var.h log diff annotate
message Convert tcp_now() time counter to 64 bit.

After changing tcp now tick to milliseconds, 32 bits will wrap
around after 49 days of uptime. That may be a problem in some
places of our stack. Better use a 64 bit counter.

As timestamp option is 32 bit in TCP protocol, use the lower 32 bit
there. There are casts to 32 bits that should behave correctly.

Start with random 63 bit offset to avoid uptime leakage. 2^63
milliseconds result in 2.9*10^8 years of possible uptime.

OK yasuoka@

date 2023-07-06T09:40:36Z
author patrick
files src/sys/arch/arm64/dev/agintc.c log diff annotate
message Use correct variable to check for successful allocation.

ok kettenis@

date 2023-07-06T10:16:58Z
author visa
files src/sys/dev/wscons/wsevent.c log diff annotate
message Clear knotes when finishing wseventvar

When finishing a wseventvar in wsevent_fini(), clear the klist.
Otherwise knotes can be left dangling, which can crash the kernel.

In general, klist_invalidate() should happen after vdevgone() in order
to avoid a race with kevent registration. However, the current wscons
drivers clear the wsevent pointer (sc->sc_base.me_evp) before calling
wsevent_fini(). This prevents the drivers from registering new kevents.

Prompted by a report by Peter J. Philipp on bugs@

OK mvs@ miod@

date 2023-07-06T10:17:43Z
author visa
files src/sys/dev/ic/mfi.c log diff annotate
src/sys/dev/ic/mpi.c log diff annotate
src/sys/dev/pci/mfii.c log diff annotate
src/sys/dev/pci/mpii.c log diff annotate
src/sys/scsi/scsi_base.c log diff annotate
message Use mtx_init() to initialize stack-based mutexes

mtx_init() ensures the mutex' lock_object has static storage duration.
This makes it safe to re-enable WITNESS with stack-based mutexes.

OK bluhm@ miod@

date 2023-07-06T10:53:11Z
author jasper
files src/sys/dev/dt/dt_prov_kprobe.c log diff annotate
message if panic() is meant, use panic()

ok mpi@

date 2023-07-06T19:46:53Z
author kn
files src/sys/dev/dt/dt_prov_static.c log diff annotate
src/sys/net/if_ethersubr.c log diff annotate
src/sys/netinet/if_ether.h log diff annotate
src/sys/sys/refcnt.h log diff annotate
message use refcnt API for multicast addresses, add tracepoint:refcnt:ethmulti probe

Replace hand-rolled reference counting with refcnt_init(9) and hook it up
with a new dt(4) probe.

OK mvs
Feedback OK bluhm

date 2023-07-06T20:02:36Z
author uaa
files src/sys/dev/fdt/axppmic.c log diff annotate
message - fix voltage range defined by base2 and delta2 works correctly
- fix AXP209 dcdc3 vmask value
- always use vmask for voltage setting (especially for AXP209 ldo2/ldo5)
- add AXP305 support

ok kettenis@

date 2023-07-06T23:24:37Z
author cheloha
files src/sys/kern/kern_timeout.c log diff annotate
message timeout_hardclock_update: enter timeout_mutex before reading uptime clock

We have no way of knowing how long we will spin before entering
timeout_mutex. Enter timeout_mutex first, then wait until just before
we start dumping kclock buckets to read the uptime clock.