| Age | Commit message (Collapse) | Author |
|---|
|
|
|
- queue packets from pf(4) to a userspace application
- reinject packets from the application into the kernel stack.
The divert socket can be bound to a special "divert port" and will
receive every packet diverted to that port by pf(4).
The pf syntax is pretty simple, e.g.:
pass on em0 inet proto tcp from any to any port 80 divert-packet port 1
A lot of discussion have happened since my last commit that resulted
in many changes and improvements.
I would *really* like to thank everyone who took part in the discussion
especially canacar@ who spotted out which are the limitations of this approach.
OpenBSD divert(4) is meant to be compatible with software running on
top of FreeBSD's divert sockets even though they are pretty different and will
become even more with time.
discusses with many, but mainly reyk@ canacar@ deraadt@ dlg@ claudio@ beck@
tested by reyk@ and myself
ok reyk@ claudio@ beck@
manpage help and ok by jmc@
|
|
Reader.
|
|
Sorry.
|
|
- queue packets from pf(4) to a userspace application
- reinject packets from the application into the kernel stack.
The divert socket can be bound to a special "divert port" and will
receive every packet diverted to that port by pf(4).
The pf syntax is pretty simple, e.g.:
pass on em0 inet proto tcp from any to any port 80 divert-packet port 8000
test, bugfix and ok by reyk@
manpage help and ok by jmc@
no objections from many others.
|
|
problem noticed by deraadt@
ok beck@
|
|
attachment. Add SBus support to the bus-agnostic code.
|
|
It currently doesn't compile and this is unlikely to change
as there are many alternatives now since we no longer live
in the early 1990s and Metricom went bankrupt some time ago.
ok many @
|
|
each mount, and when work is "found", peg an aiod to that mount todo the
I/O. Make nfs_asyncio() a bit smarter when deciding when to do asyncio
and when to force it sync, this is done by keeping the aiod's one two lists,
an "idle" and an "all" list, so asyncio is only done when there are aiods
hanging around todo it for us or are already pegged to the mount.
Idea liked by at least beck@ (and I think art@).
Extensive testing done by myself and jasper and a few others on various
arch's.
Ideas/Code from Net/Free.
OK blambert@.
|
|
a few arches where toolchain limitations apply) will embed some symbolic
information about the various structs used within the kernel, and have
new ddb commands allowing struct display and some useful information
gathering. Kernel rodata increase varies accross platforms from ~150KB to
~300KB.
This option is not enabled by default.
|
|
thinks they could be available via multiple paths. those stolen
devices are then made available via mpath(4).
this is the minimum amount of code to implement the stealing. it
is generally broken and very brittle, so it is currently disabled.
it is going in so i can work on it in the tree.
|
|
ok marco@
|
|
have been going on. this appears to bring us back to stable state.
lots of testing by oga and ariane and my self.
|
|
allocator).
"i can't see any obvious problems" oga
|
|
separately).
a change at or just before the hackathon has either exposed or added a
very very nasty memory corruption bug that is giving us hell right now.
So in the interest of kernel stability these diffs are being backed out
until such a time as that corruption bug has been found and squashed,
then the ones that are proven good may slowly return.
a quick hitlist of the main commits this backs out:
mine:
uvm_objwire
the lock change in uvm_swap.c
using trees for uvm objects instead of the hash
removing the pgo_releasepg callback.
art@'s:
putting pmap_page_protect(VM_PROT_NONE) in uvm_pagedeactivate() since
all callers called that just prior anyway.
ok beck@, ariane@.
prompted by deraadt@.
|
|
|
|
shitz.
Code mostly from netbsd with some tweaks from me. The loaning case is
specifcically if 0ed out right now because we do not do loaning.
ok ariane@, art@.
|
|
|
|
|
|
Tested on multiple i386 and it works, amd64 works also with a few
exceptions that will get fixed.
The initial effort of importing was done by oga@, thanks!
Lots of testing and debugging by mlarkin@ and me.
Okay deraadt@, oga@, mlarkin@.
|
|
ok jj@
|
|
one by tedu@. It doesn't do anything smart yet, it just uses
plain old disksort. we also keep the old method of queueing bufs
since some miods have crazy MD drivers that need some love.
ok beck@, art@
tested by many on many archs.
|
|
arches. ok todd@ beck@
|
|
to free ranges.
Classify memory based on region with associated use-counter (which is used
to construct a priority list of where to allocate memory).
Based on code from tedu@, help from many.
Ok art@
|
|
sensor. Based on msts(4). Tested with Praecis Ct
(http://www.endruntechnologies.com/network-time-source.htm).
help and feedback mbalmer
'no problem with this sensor going in' deraadt
|
|
pf_lb.c. This will ease the process of adding more selection types
without bloatening pf.c even more.
ok and a weird death threat, henning@
raised eyebrow, dlg@
|
|
and to print out struct nfsreq.
"get it in so people can pound on it" blambert@
OK and information_s_ on the manpage from miod@
|
|
|
|
ok claudio@
|
|
userland for handling. this is to scsi what tun(4) is for networks.
this is going into the tree so i can work on some crazy scsi stuff, but its
not being enabled since it is useless unless you're working on some crazy
scsi stuff.
|
|
|
|
|
|
vga1 at pci0
inteldrm0 at vga1
to
vga1 at pci0
inteldrm0 at vga1
drm0 at inteldrm0
i.e. a similar scheme to audio(4) where the interface attaches on top of
the wildly different drivers. This helps to clean up the code a lot
(more is coming) and help me start to move drm to being essentially bus
independent, which will help in the future.
|
|
Tested by naddy@. 'go for it' marco@
|
|
previously, we had a static list of pcidevs and which agp driver would
be interanlly attached. Instead, split the agp drivers so they work like
audio(4), where we attach a driver, which sets up some callbacks and
initial state, then attaches the interface (agp(4)). Since this allows
us to attach different drivers in different places, and give them
/proper/ probe functions move most of the drivers back to attaching at
pchb, where they should, and intagp (formerly agp_i810) stays attaching
at vga, since it's part of the intel integrated graphics chips.
Diff shrinks the kernel slightly, gets rid of the annoying "no integrated
graphics" warning, and allows more cleanup later.
Tested by many. fix for alpha build (the only other vga_pci.c consumer)
suggested by miod.
|
|
which are uniform for the profclock on each cpu in a SMP system (but using
a different seed for each cpu). on all cpus, avoid seeding with a value out
of the [0, 2^31-1] range (since that is not stable)
ok kettenis drahn
|
|
has never been performance sensitive.
Running on all platforms, discussed with millert and kettenis, ok toby
|
|
flows export data gathered from pf states.
initial implementation by Joerg Goltermann <jg@osn.de>, guidance and many
changes by me. 'put it in' theo
|
|
|
|
in Draft IEEE P802.11w.
It provides data integrity and replay protection for broadcast/
multicast robust management frames (not used yet) using AES-128
in CMAC mode.
|
|
and AES Key Wrap algorithms.
They will replace/extend the non-generic implementation in net80211.
AES-128-CMAC tested by sobrado@ (AlphaServer 1200),
naddy@ (alpha/sparc64) and sthen@ (sparc64, armish).
HMAC-* reviewed by hshoexer@
ok and hints from djm@
|
|
|
|
it only provides the hosts machines clock as a timedelta sensor so far.
getting it into the tree so people can work on it as suggested by fgsch@
|
|
Implementation from NetBSD. Ported via FreeBSD's version in trunk^Wlagg(4).
This is still work in progress. Tested with a HP ProCurve 3500.
OK reyk@
|
|
ok thib beck art
|
|
file copies to nfsv2 causes the system to eventually peg the console.
On the console ^T indicates that the load is increasing rapidly, ddb
indicates many calls to getbuf, there is some very slow nfs traffic
making none (or extremely slow) progress. Eventually some machines
seize up entirely.
|
|
1) remove multiple size queues, introduced as a stopgap.
2) decouple pages containing data from their mappings
3) only keep buffers mapped when they actually have to be mapped
(right now, this is when buffers are B_BUSY)
4) New functions to make a buffer busy, and release the busy flag
(buf_acquire and buf_release)
5) Move high/low water marks and statistics counters into a structure
6) Add a sysctl to retrieve buffer cache statistics
Tested in several variants and beat upon by bob and art for a year. run
accidentally on henning's nfs server for a few months...
ok deraadt@, krw@, art@ - who promises to be around to deal with any fallout
|
|
near maximal (2^32) cycle times. These are useful for network
IDs in cases where there are negative consequences to ID prediction
and/or reuse.
Use the idgen32() functions to generate IPv6 IDs and NFS client/server
XIDs.
Pseudorandom permutation code in crypto/idgen.c based on public
domain skip32.c from Greg Rose.
feedback & ok thib@ deraadt@
|
|
in progress and some bits need to be cleaned up but will be in-tree for
convenience.
ok claudio@, norby@
|
|
It doesn't compile, was never finished, is now irrelevant, and miod
has taken it apon himself to scare good boys and girls by suggesting
they read the code.
ok dlg@
|
