call g_new_geom instead for callers that pass regular string to g_new_geomfReviewed by: impPull Request: https://github.com/freebsd/freebsd-src/pull/1786
geli: Fix signature mismatch in mountroot callbackThis is required for kernel CFI.Reviewed by: rrs, jhb, glebiusDifferential Revision: https://reviews.freebsd.org/D49111
pkcs5v2: Add pkcs5v2_genkey_raw functionThis is like pkcs5v2_genkey but takes a "passphrase" as a buffer andlength rather than a NUL-terminated string.Reviwed by: pjdMFC after: 1 weekSponsored
pkcs5v2: Add pkcs5v2_genkey_raw functionThis is like pkcs5v2_genkey but takes a "passphrase" as a buffer andlength rather than a NUL-terminated string.Reviwed by: pjdMFC after: 1 weekSponsored by: AmazonDifferential Revision: https://reviews.freebsd.org/D46633
show more ...
geli: fix indentationno functional changes
geli: allocate a UMA pool earlierThe functions g_eli_init_uma and g_eli_fini_uma are used to tracethe number of devices in GELI. There is an issue where the g_eli_createfunction may fail before g
geli: allocate a UMA pool earlierThe functions g_eli_init_uma and g_eli_fini_uma are used to tracethe number of devices in GELI. There is an issue where the g_eli_createfunction may fail before g_eli_init_uma is called, howeverg_eli_fini_uma is still executed in the fail path. This canincorrectly decrease the device count to zero, potentially leading tothe UMA pool being freed. Accessing the device after the pool has beenfreed causes a system panic.This commit resolves the issue by ensuring devices count is increassedeariler.PR: 278828Reported by: Andre Albsmeier <mail@fbsd2.e4m.org>Reviewed by: asomersMFC after: 3 daysDifferential Revision: https://reviews.freebsd.org/D45225
geli: add a read-only kern.geom.eli.use_uma_bytes sysctlIt reports the value of the g_eli_alloc_sz variable. Allocations ofthis size or less will use UMA. Larger allocations will use malloc.Sin
geli: add a read-only kern.geom.eli.use_uma_bytes sysctlIt reports the value of the g_eli_alloc_sz variable. Allocations ofthis size or less will use UMA. Larger allocations will use malloc.Since malloc is slower, it is useful for users to know this variable sothey can avoid such allocations. For example, ZFS users can setvfs.zfs.vdev.aggregation_limit to this value.MFC after: 1 weekSponsored by: AxcientReviewed by: markj, impDifferential Revision: https://reviews.freebsd.org/D44904
sys: Automated cleanup of cdefs and other formattingApply the following automated changes to try to eliminateno-longer-needed sys/cdefs.h includes as well as now-emptyblank lines in a row.Remov
sys: Automated cleanup of cdefs and other formattingApply the following automated changes to try to eliminateno-longer-needed sys/cdefs.h includes as well as now-emptyblank lines in a row.Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/Remove /\n+#if.*\n#endif.*\n+/Remove /^#if.*\n#endif.*\n/Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/Sponsored by: Netflix
sys: Remove $FreeBSD$: one-line .c patternRemove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
sys: Remove $FreeBSD$: two-line .h patternRemove /^\s*\*\n \*\s+\$FreeBSD\$$\n/
spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSDThe SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catchup to that fact and revert to their recommended match of
spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSDThe SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catchup to that fact and revert to their recommended match of BSD-2-Clause.Discussed with: pfgMFC After: 3 daysSponsored by: Netflix
GEOM: Remove redundant NULL pointer check before g_free()Reviewed by: melifaro, pjd, impApproved by: kp (mentor)Differential Revision: https://reviews.freebsd.org/D37779
geli: Add a chicken switch for unmapped I/OWe have a report of a panic in GELI that appears to go away whenunmapped I/O is disabled. Add a tunable to make such investigationseasier in the future
geli: Add a chicken switch for unmapped I/OWe have a report of a panic in GELI that appears to go away whenunmapped I/O is disabled. Add a tunable to make such investigationseasier in the future. No functional change intended.PR: 262894Reviewed by: asomersMFC after: 1 weekSponsored by: The FreeBSD FoundationDifferential Revision: https://reviews.freebsd.org/D34944
geom_eli: fix set but not used warning
Use G_ELI_IVKEYLEN as the size of IV in the user test code.IVs are not the size of keys as a general case. Most often they arethe size of a single block.Reviewed by: impSponsored by: The FreeB
Use G_ELI_IVKEYLEN as the size of IV in the user test code.IVs are not the size of keys as a general case. Most often they arethe size of a single block.Reviewed by: impSponsored by: The FreeBSD FoundationDifferential Revision: https://reviews.freebsd.org/D33885
geom_eli: mostly plug set-but-not-unused varsThe remaining case is an ignored error.Sponsored by: Rubicon Communications, LLC ("Netgate")
geli: eli data -> eli_data for consistency with other geom classesPR: 259392Reported by: dewayne@heuristicsystems.com.auMFC after: 1 week
Don't set GELI UMA zone as UMA_ZONE_NOFREE.That fixes memory leak on last GELI provider destroyed, introducedin 2dbc9a388ee. This patch was originally developed late 2019 andthe flag was necessar
Don't set GELI UMA zone as UMA_ZONE_NOFREE.That fixes memory leak on last GELI provider destroyed, introducedin 2dbc9a388ee. This patch was originally developed late 2019 andthe flag was necessary to prevent zone drainage under memory pressure.Today, with f09cbea31a3f the UMA is fixed not to drain into reserves.Discussed with: jtl, markjFixes: 2dbc9a388eePR: 258787
Fix memory deadlock when GELI partition is used for swap.When we get low on memory, the VM system tries to free some by swappingpages. However, if we are so low on free pages that GELI allocations
Fix memory deadlock when GELI partition is used for swap.When we get low on memory, the VM system tries to free some by swappingpages. However, if we are so low on free pages that GELI allocations block,then the swapout operation cannot complete. This keeps the VM system frombeing able to free enough memory so the allocation can complete.To alleviate this, keep a UMA pool at the GELI layer which is used for databuffer allocation in the fast path, and reserve some of that memory for swapoperations. If an IO operation is a swap, then use the reserved memory. Ifthe allocation still fails, return ENOMEM instead of blocking.For non-swap allocations, change the default to using M_NOWAIT. In general,this *should* be better, since it gives upper layers a signal of the memorypressure and a chance to manage their failure strategy appropriately. However,a user can set the kern.geom.eli.blocking_malloc sysctl/tunable to restorethe previous M_WAITOK strategy.Submitted by: jtlReviewed by: impDifferential Revision: https://reviews.freebsd.org/D24400
eli: Zero pad bytes that arise when certain auth algorithms are usedWhen authentication is configured, GELI ensures that the amount of dataper sector is a multiple of 16 bytes. This is done inel
eli: Zero pad bytes that arise when certain auth algorithms are usedWhen authentication is configured, GELI ensures that the amount of dataper sector is a multiple of 16 bytes. This is done ineli_metadata_softc(). When the digest size is not a multiple of 16bytes, this leaves some extra pad bytes at the end of every sector, andthey were not being zeroed before being written to disk. In particular,this happens with the HMAC/SHA1, HMAC/RIPEMD160 and HMAC/SHA384 dataauthentication algorithms.This change ensures that they are zeroed before being written to disk.Reported by: KMSANReviewed by: delphij, asomersMFC after: 2 weeksSponsored by: The FreeBSD FoundationDifferential Revision: https://reviews.freebsd.org/D31170
opencrypto: Introduce crypto_dispatch_async()Currently, OpenCrypto consumers can request asynchronous dispatch bysetting a flag in the cryptop. (Currently only IPSec may do this.) Ithink this
opencrypto: Introduce crypto_dispatch_async()Currently, OpenCrypto consumers can request asynchronous dispatch bysetting a flag in the cryptop. (Currently only IPSec may do this.) Ithink this is a bit confusing: we (conditionally) set cryptop flags torequest async dispatch, and then crypto_dispatch() immediately examinesthose flags to see if the consumer wants async dispatch. The flag namesare also confusing since they don't specify what "async" applies to:dispatch or completion.Add a new KPI, crypto_dispatch_async(), rather than encoding therequested dispatch type in each cryptop. crypto_dispatch_async() fallsback to crypto_dispatch() if the session's driver provides asynchronousdispatch. Get rid of CRYPTOP_ASYNC() and CRYPTOP_ASYNC_KEEPORDER().Similarly, add crypto_dispatch_batch() to request processing of a tailqof cryptops, rather than encoding the scheduling policy using cryptopflags. Convert GELI, the only user of this interface (disabled bydefault) to use the new interface.Add CRYPTO_SESS_SYNC(), which can be used by consumers to determinewhether crypto requests will be dispatched synchronously. This is justa helper macro. Use it instead of looking at cap flags directly.Fix style in crypto_done(). Also get rid of CRYPTO_RETW_EMPTY() andjust check the relevant queues directly. This could result in someunnecessary wakeups but I think it's very uncommon to be using more thanone queue per worker in a given workload, so checking all three queuesis a waste of cycles.Reviewed by: jhbSponsored by: Ampere ComputingSubmitted by: Klara, Inc.MFC after: 2 weeksDifferential Revision: https://reviews.freebsd.org/D28194
Make MAXPHYS tunable. Bump MAXPHYS to 1M.Replace MAXPHYS by runtime variable maxphys. It is initialized fromMAXPHYS by default, but can be also adjusted with the tunable kern.maxphys.Make b_pag
Make MAXPHYS tunable. Bump MAXPHYS to 1M.Replace MAXPHYS by runtime variable maxphys. It is initialized fromMAXPHYS by default, but can be also adjusted with the tunable kern.maxphys.Make b_pages[] array in struct buf flexible. Size b_pages[] for buffercache buffers exactly to atop(maxbcachebuf) (currently it is sized toatop(MAXPHYS)), and b_pages[] for pbufs is sized to atop(maxphys) + 1.The +1 for pbufs allow several pbuf consumers, among them vmapbuf(),to use unaligned buffers still sized to maxphys, esp. when suchbuffers come from userspace (*). Overall, we save significant amountof otherwise wasted memory in b_pages[] for buffer cache buffers,while bumping MAXPHYS to desired high value.Eliminate all direct uses of the MAXPHYS constant in kernel and driversources, except a place which initialize maxphys. Some random (andarguably weird) uses of MAXPHYS, e.g. in linuxolator, are convertedstraight. Some drivers, which use MAXPHYS to size embeded structures,get private MAXPHYS-like constant; their convertion is out of scopefor this work.Changes to cam/, dev/ahci, dev/ata, dev/mpr, dev/mpt, dev/mvs,dev/siis, where either submitted by, or based on changes by mav.Suggested by: mav (*)Reviewed by: imp, mav, imp, mckusick, scottl (intermediate versions)Tested by: phoSponsored by: The FreeBSD FoundationDifferential revision: https://reviews.freebsd.org/D27225
Move kernel env global variables, etc to sys/kenv.hThe kernel globals for kenv are confined to 2 files that need them anda few that likely shouldn't (but as written the code does). Move themfrom
Move kernel env global variables, etc to sys/kenv.hThe kernel globals for kenv are confined to 2 files that need them anda few that likely shouldn't (but as written the code does). Move themfrom sys/systm.h to sys/kenv.h. This removed a XXX from systm.h andcleans it up a little bit...
We don't need the sc_ekeys_lock in standalone environment.When we bring in geli into the boot loader, we are single threaded sowe don't have to worry about locking. We have no mutexes, and don't n
We don't need the sc_ekeys_lock in standalone environment.When we bring in geli into the boot loader, we are single threaded sowe don't have to worry about locking. We have no mutexes, and don't needto use them, so comment it out.MFC After: 3 days
geom: clean up empty lines in .c and .h files
geli: use unmapped I/OUse unmapped I/O for geli. Unlike most geom providers, geli needs tomanipulate data on every read or write. Previously it would always map bios.On my 16-core, dual socket s
geli: use unmapped I/OUse unmapped I/O for geli. Unlike most geom providers, geli needs tomanipulate data on every read or write. Previously it would always map bios.On my 16-core, dual socket server using geli atop md(4) devices, with 512Bsectors, this change increases geli IOPs by about 3x.Note that geli still can't use unmapped I/O when data integrity verificationis enabled (but it could, with a little more work). And it can't useunmapped I/O in combination with ZFS, because ZFS uses mapped bios.Reviewed by: markj, kib, jhb, mjg, mat, bcr (manpages)MFC after: 1 weekSponsored by: AxcientDifferential Revision: https://reviews.freebsd.org/D25671
123456789