Page MenuHomeFreeBSD
Differential D31139

pf: syncookie ioctl interface
ClosedPublic
Actions

Authored by kp on Jul 11 2021, 8:18 AM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Apr 9, 2:42 PM
Unknown Object (File)
Tue, Apr 8, 8:41 AM
Unknown Object (File)
Tue, Apr 8, 8:03 AM
Unknown Object (File)
Tue, Apr 8, 5:53 AM
Unknown Object (File)
Mar 10 2025, 1:36 PM
Unknown Object (File)
Feb 23 2025, 4:50 PM
Unknown Object (File)
Feb 18 2025, 7:53 PM
Unknown Object (File)
Feb 18 2025, 6:31 PM
View All Files
Subscribers
ae
farrokhi
imp
melifaro

Details

Reviewers
None
Group Reviewers
network
Commits
rG2987a3643be7: pf: syncookie ioctl interface
rG4c36e9454374: pf: syncookie ioctl interface
rG231e83d3422f: pf: syncookie ioctl interface
Summary

Kernel side implementation to allow switching between on and off modes,
and allow this configuration to be retrieved.

MFC after: 1 week
Sponsored by: Modirum MDPay

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
net/
2 lines
netpfil/
pf/
18 lines
84 lines

Diff 92473

View Options

sys/net/pfvar.h

Show First 20 LinesShow All 147 Lines▼ Show 20 Lines
static uint8_t cpu_cst_cnt; /* Indicate we are _CST aware. */ static uint8_t cpu_cst_cnt; /* Indicate we are _CST aware. */
static int cpu_quirks; /* Indicate any hardware bugs. */ static int cpu_quirks; /* Indicate any hardware bugs. */
/* Values for sysctl. */ /* Values for sysctl. */
static struct sysctl_ctx_list cpu_sysctl_ctx; static struct sysctl_ctx_list cpu_sysctl_ctx;
static struct sysctl_oid *cpu_sysctl_tree; static struct sysctl_oid *cpu_sysctl_tree;
static int cpu_cx_generic; static int cpu_cx_generic;
static int cpu_cx_lowest_lim; static int cpu_cx_lowest_lim;
static bool cppc_notify;
static struct acpi_cpu_softc **cpu_softc; static struct acpi_cpu_softc **cpu_softc;
ACPI_SERIAL_DECL(cpu, "ACPI CPU"); ACPI_SERIAL_DECL(cpu, "ACPI CPU");
static int acpi_cpu_probe(device_t dev); static int acpi_cpu_probe(device_t dev);
static int acpi_cpu_attach(device_t dev); static int acpi_cpu_attach(device_t dev);
static int acpi_cpu_suspend(device_t dev); static int acpi_cpu_suspend(device_t dev);
static int acpi_cpu_resume(device_t dev); static int acpi_cpu_resume(device_t dev);
▲ Show 20 LinesShow All 227 Lines▼ Show 20 Lines
#if defined(__i386__) || defined(__amd64__) #if defined(__i386__) || defined(__amd64__)
/* /*
* Ask for MWAIT modes if not disabled and interrupts work * Ask for MWAIT modes if not disabled and interrupts work
* reasonable with MWAIT. * reasonable with MWAIT.
*/ */
if (!acpi_disabled("mwait") && cpu_mwait_usable()) if (!acpi_disabled("mwait") && cpu_mwait_usable())
sc->cpu_features |= ACPI_CAP_SMP_C1_NATIVE | ACPI_CAP_SMP_C3_NATIVE; sc->cpu_features |= ACPI_CAP_SMP_C1_NATIVE | ACPI_CAP_SMP_C3_NATIVE;
/*
* Work around a lingering SMM bug which leads to freezes when handling
* CPPC notifications. Tell the SMM we will handle any CPPC notifications.
*/
if ((cpu_power_eax & CPUTPM1_HWP_NOTIFICATION) && cppc_notify)
sc->cpu_features |= ACPI_CAP_INTR_CPPC;
#endif #endif
jhbUnsubmitted
Not Done
Inline Actions

I would maybe call the hint cppc_notify with the sense being that "1" enables it and "0" disables notifications (we try to avoid "negative" hints/tunables). You would then just want to set the default value to 1 and change the last test to cppcval != 0. I would also perhaps rename cppcval to cppc_notify as well.

jhb: I would maybe call the hint `cppc_notify` with the sense being that "1" enables it and "0"…
if (devclass_get_drivers(device_get_devclass(dev), &drivers, if (devclass_get_drivers(device_get_devclass(dev), &drivers,
&drv_count) == 0) { &drv_count) == 0) {
for (i = 0; i < drv_count; i++) { for (i = 0; i < drv_count; i++) {
if (ACPI_GET_FEATURES(drivers[i], &features) == 0) if (ACPI_GET_FEATURES(drivers[i], &features) == 0)
sc->cpu_features |= features; sc->cpu_features |= features;
} }
free(drivers, M_TEMP); free(drivers, M_TEMP);
▲ Show 20 LinesShow All 563 Lines▼ Show 20 Lines if ((sc = cpu_softc[i]) != NULL)
acpi_cpu_startup_cx(sc); acpi_cpu_startup_cx(sc);
} }
/* Add a sysctl handler to handle global Cx lowest setting */ /* Add a sysctl handler to handle global Cx lowest setting */
SYSCTL_ADD_PROC(&cpu_sysctl_ctx, SYSCTL_CHILDREN(cpu_sysctl_tree), SYSCTL_ADD_PROC(&cpu_sysctl_ctx, SYSCTL_CHILDREN(cpu_sysctl_tree),
OID_AUTO, "cx_lowest", CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_MPSAFE, OID_AUTO, "cx_lowest", CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_MPSAFE,
NULL, 0, acpi_cpu_global_cx_lowest_sysctl, "A", NULL, 0, acpi_cpu_global_cx_lowest_sysctl, "A",
"Global lowest Cx sleep state to use"); "Global lowest Cx sleep state to use");
/* Add sysctl handler to control registering for CPPC notifications */
cppc_notify = 1;
SYSCTL_ADD_BOOL(&cpu_sysctl_ctx, SYSCTL_CHILDREN(cpu_sysctl_tree),
OID_AUTO, "cppc_notify", CTLFLAG_RDTUN | CTLFLAG_MPSAFE,
&cppc_notify, 0, "Register for CPPC Notifications");
/* Take over idling from cpu_idle_default(). */ /* Take over idling from cpu_idle_default(). */
cpu_cx_lowest_lim = 0; cpu_cx_lowest_lim = 0;
CPU_FOREACH(i) { CPU_FOREACH(i) {
if ((sc = cpu_softc[i]) != NULL) if ((sc = cpu_softc[i]) != NULL)
enable_idle(sc); enable_idle(sc);
} }
#if defined(__i386__) || defined(__amd64__) #if defined(__i386__) || defined(__amd64__)
▲ Show 20 LinesShow All 525 LinesShow Last 20 Lines
View Options

sys/netpfil/pf/pf_ioctl.c

Show First 20 LinesShow All 147 Lines▼ Show 20 Lines
static uint8_t cpu_cst_cnt; /* Indicate we are _CST aware. */ static uint8_t cpu_cst_cnt; /* Indicate we are _CST aware. */
static int cpu_quirks; /* Indicate any hardware bugs. */ static int cpu_quirks; /* Indicate any hardware bugs. */
/* Values for sysctl. */ /* Values for sysctl. */
static struct sysctl_ctx_list cpu_sysctl_ctx; static struct sysctl_ctx_list cpu_sysctl_ctx;
static struct sysctl_oid *cpu_sysctl_tree; static struct sysctl_oid *cpu_sysctl_tree;
static int cpu_cx_generic; static int cpu_cx_generic;
static int cpu_cx_lowest_lim; static int cpu_cx_lowest_lim;
static bool cppc_notify;
static struct acpi_cpu_softc **cpu_softc; static struct acpi_cpu_softc **cpu_softc;
ACPI_SERIAL_DECL(cpu, "ACPI CPU"); ACPI_SERIAL_DECL(cpu, "ACPI CPU");
static int acpi_cpu_probe(device_t dev); static int acpi_cpu_probe(device_t dev);
static int acpi_cpu_attach(device_t dev); static int acpi_cpu_attach(device_t dev);
static int acpi_cpu_suspend(device_t dev); static int acpi_cpu_suspend(device_t dev);
static int acpi_cpu_resume(device_t dev); static int acpi_cpu_resume(device_t dev);
▲ Show 20 LinesShow All 227 Lines▼ Show 20 Lines
#if defined(__i386__) || defined(__amd64__) #if defined(__i386__) || defined(__amd64__)
/* /*
* Ask for MWAIT modes if not disabled and interrupts work * Ask for MWAIT modes if not disabled and interrupts work
* reasonable with MWAIT. * reasonable with MWAIT.
*/ */
if (!acpi_disabled("mwait") && cpu_mwait_usable()) if (!acpi_disabled("mwait") && cpu_mwait_usable())
sc->cpu_features |= ACPI_CAP_SMP_C1_NATIVE | ACPI_CAP_SMP_C3_NATIVE; sc->cpu_features |= ACPI_CAP_SMP_C1_NATIVE | ACPI_CAP_SMP_C3_NATIVE;
/*
* Work around a lingering SMM bug which leads to freezes when handling
* CPPC notifications. Tell the SMM we will handle any CPPC notifications.
*/
if ((cpu_power_eax & CPUTPM1_HWP_NOTIFICATION) && cppc_notify)
sc->cpu_features |= ACPI_CAP_INTR_CPPC;
#endif #endif
jhbUnsubmitted
Not Done
Inline Actions

I would maybe call the hint cppc_notify with the sense being that "1" enables it and "0" disables notifications (we try to avoid "negative" hints/tunables). You would then just want to set the default value to 1 and change the last test to cppcval != 0. I would also perhaps rename cppcval to cppc_notify as well.

jhb: I would maybe call the hint `cppc_notify` with the sense being that "1" enables it and "0"…
if (devclass_get_drivers(device_get_devclass(dev), &drivers, if (devclass_get_drivers(device_get_devclass(dev), &drivers,
&drv_count) == 0) { &drv_count) == 0) {
for (i = 0; i < drv_count; i++) { for (i = 0; i < drv_count; i++) {
if (ACPI_GET_FEATURES(drivers[i], &features) == 0) if (ACPI_GET_FEATURES(drivers[i], &features) == 0)
sc->cpu_features |= features; sc->cpu_features |= features;
} }
free(drivers, M_TEMP); free(drivers, M_TEMP);
▲ Show 20 LinesShow All 563 Lines▼ Show 20 Lines if ((sc = cpu_softc[i]) != NULL)
acpi_cpu_startup_cx(sc); acpi_cpu_startup_cx(sc);
} }
/* Add a sysctl handler to handle global Cx lowest setting */ /* Add a sysctl handler to handle global Cx lowest setting */
SYSCTL_ADD_PROC(&cpu_sysctl_ctx, SYSCTL_CHILDREN(cpu_sysctl_tree), SYSCTL_ADD_PROC(&cpu_sysctl_ctx, SYSCTL_CHILDREN(cpu_sysctl_tree),
OID_AUTO, "cx_lowest", CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_MPSAFE, OID_AUTO, "cx_lowest", CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_MPSAFE,
NULL, 0, acpi_cpu_global_cx_lowest_sysctl, "A", NULL, 0, acpi_cpu_global_cx_lowest_sysctl, "A",
"Global lowest Cx sleep state to use"); "Global lowest Cx sleep state to use");
/* Add sysctl handler to control registering for CPPC notifications */
cppc_notify = 1;
SYSCTL_ADD_BOOL(&cpu_sysctl_ctx, SYSCTL_CHILDREN(cpu_sysctl_tree),
OID_AUTO, "cppc_notify", CTLFLAG_RDTUN | CTLFLAG_MPSAFE,
&cppc_notify, 0, "Register for CPPC Notifications");
/* Take over idling from cpu_idle_default(). */ /* Take over idling from cpu_idle_default(). */
cpu_cx_lowest_lim = 0; cpu_cx_lowest_lim = 0;
CPU_FOREACH(i) { CPU_FOREACH(i) {
if ((sc = cpu_softc[i]) != NULL) if ((sc = cpu_softc[i]) != NULL)
enable_idle(sc); enable_idle(sc);
} }
#if defined(__i386__) || defined(__amd64__) #if defined(__i386__) || defined(__amd64__)
▲ Show 20 LinesShow All 525 LinesShow Last 20 Lines
View Options

sys/netpfil/pf/pf_syncookies.c

Show First 20 LinesShow All 147 Lines▼ Show 20 Lines
static uint8_t cpu_cst_cnt; /* Indicate we are _CST aware. */ static uint8_t cpu_cst_cnt; /* Indicate we are _CST aware. */
static int cpu_quirks; /* Indicate any hardware bugs. */ static int cpu_quirks; /* Indicate any hardware bugs. */
/* Values for sysctl. */ /* Values for sysctl. */
static struct sysctl_ctx_list cpu_sysctl_ctx; static struct sysctl_ctx_list cpu_sysctl_ctx;
static struct sysctl_oid *cpu_sysctl_tree; static struct sysctl_oid *cpu_sysctl_tree;
static int cpu_cx_generic; static int cpu_cx_generic;
static int cpu_cx_lowest_lim; static int cpu_cx_lowest_lim;
static bool cppc_notify;
static struct acpi_cpu_softc **cpu_softc; static struct acpi_cpu_softc **cpu_softc;
ACPI_SERIAL_DECL(cpu, "ACPI CPU"); ACPI_SERIAL_DECL(cpu, "ACPI CPU");
static int acpi_cpu_probe(device_t dev); static int acpi_cpu_probe(device_t dev);
static int acpi_cpu_attach(device_t dev); static int acpi_cpu_attach(device_t dev);
static int acpi_cpu_suspend(device_t dev); static int acpi_cpu_suspend(device_t dev);
static int acpi_cpu_resume(device_t dev); static int acpi_cpu_resume(device_t dev);
▲ Show 20 LinesShow All 227 Lines▼ Show 20 Lines
#if defined(__i386__) || defined(__amd64__) #if defined(__i386__) || defined(__amd64__)
/* /*
* Ask for MWAIT modes if not disabled and interrupts work * Ask for MWAIT modes if not disabled and interrupts work
* reasonable with MWAIT. * reasonable with MWAIT.
*/ */
if (!acpi_disabled("mwait") && cpu_mwait_usable()) if (!acpi_disabled("mwait") && cpu_mwait_usable())
sc->cpu_features |= ACPI_CAP_SMP_C1_NATIVE | ACPI_CAP_SMP_C3_NATIVE; sc->cpu_features |= ACPI_CAP_SMP_C1_NATIVE | ACPI_CAP_SMP_C3_NATIVE;
/*
* Work around a lingering SMM bug which leads to freezes when handling
* CPPC notifications. Tell the SMM we will handle any CPPC notifications.
*/
if ((cpu_power_eax & CPUTPM1_HWP_NOTIFICATION) && cppc_notify)
sc->cpu_features |= ACPI_CAP_INTR_CPPC;
#endif #endif
jhbUnsubmitted
Not Done
Inline Actions

I would maybe call the hint cppc_notify with the sense being that "1" enables it and "0" disables notifications (we try to avoid "negative" hints/tunables). You would then just want to set the default value to 1 and change the last test to cppcval != 0. I would also perhaps rename cppcval to cppc_notify as well.

jhb: I would maybe call the hint `cppc_notify` with the sense being that "1" enables it and "0"…
if (devclass_get_drivers(device_get_devclass(dev), &drivers, if (devclass_get_drivers(device_get_devclass(dev), &drivers,
&drv_count) == 0) { &drv_count) == 0) {
for (i = 0; i < drv_count; i++) { for (i = 0; i < drv_count; i++) {
if (ACPI_GET_FEATURES(drivers[i], &features) == 0) if (ACPI_GET_FEATURES(drivers[i], &features) == 0)
sc->cpu_features |= features; sc->cpu_features |= features;
} }
free(drivers, M_TEMP); free(drivers, M_TEMP);
▲ Show 20 LinesShow All 563 Lines▼ Show 20 Lines if ((sc = cpu_softc[i]) != NULL)
acpi_cpu_startup_cx(sc); acpi_cpu_startup_cx(sc);
} }
/* Add a sysctl handler to handle global Cx lowest setting */ /* Add a sysctl handler to handle global Cx lowest setting */
SYSCTL_ADD_PROC(&cpu_sysctl_ctx, SYSCTL_CHILDREN(cpu_sysctl_tree), SYSCTL_ADD_PROC(&cpu_sysctl_ctx, SYSCTL_CHILDREN(cpu_sysctl_tree),
OID_AUTO, "cx_lowest", CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_MPSAFE, OID_AUTO, "cx_lowest", CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_MPSAFE,
NULL, 0, acpi_cpu_global_cx_lowest_sysctl, "A", NULL, 0, acpi_cpu_global_cx_lowest_sysctl, "A",
"Global lowest Cx sleep state to use"); "Global lowest Cx sleep state to use");
/* Add sysctl handler to control registering for CPPC notifications */
cppc_notify = 1;
SYSCTL_ADD_BOOL(&cpu_sysctl_ctx, SYSCTL_CHILDREN(cpu_sysctl_tree),
OID_AUTO, "cppc_notify", CTLFLAG_RDTUN | CTLFLAG_MPSAFE,
&cppc_notify, 0, "Register for CPPC Notifications");
/* Take over idling from cpu_idle_default(). */ /* Take over idling from cpu_idle_default(). */
cpu_cx_lowest_lim = 0; cpu_cx_lowest_lim = 0;
CPU_FOREACH(i) { CPU_FOREACH(i) {
if ((sc = cpu_softc[i]) != NULL) if ((sc = cpu_softc[i]) != NULL)
enable_idle(sc); enable_idle(sc);
} }
#if defined(__i386__) || defined(__amd64__) #if defined(__i386__) || defined(__amd64__)
▲ Show 20 LinesShow All 525 LinesShow Last 20 Lines