src/sys/netlink, branch main FreeBSD source tree if_geneve: Add Support for Geneve (RFC8926) 2026-04-13T14:14:58+00:00 Pouria Mousavizadeh Tehrani pouria@FreeBSD.org 2026-04-11T14:12:01+00:00 e44d2e941e8ebd74e6a1b1fdbed83fe86671cbc6 geneve creates a generic network virtualization tunnel interface for Tentant Systems over an L3 (IP/UDP) underlay network that provides a Layer 2 (ethernet) or Layer 3 service using the geneve protocol. This implementation is based on RFC8926. Reviewed by: glebius, adrian Discussed with: zlei, kp Relnotes: yes Differential Revision: https://reviews.freebsd.org/D54172 
geneve creates a generic network virtualization tunnel interface
for Tentant Systems over an L3 (IP/UDP) underlay network that provides
a Layer 2 (ethernet) or Layer 3 service using the geneve protocol.
This implementation is based on RFC8926.

Reviewed by:	glebius, adrian
Discussed with:	zlei, kp
Relnotes:	yes
Differential Revision: https://reviews.freebsd.org/D54172
if_clone: Make ifnet_detach_sxlock opaque to consumers 2026-04-13T04:38:44+00:00 Zhenlei Huang zlei@FreeBSD.org 2026-04-13T04:38:44+00:00 e9fc0c538264355bd3fd9120c650078281c2a290 The change e133271fc1b5e introduced ifnet_detach_sxlock, and change 6d2a10d96fb5 widened its coverage, but there are still consumers, net80211 and tuntap e.g., want it. Instead of sprinkling it everywhere, make it opaque to consumers. Out of tree drivers shall also benefit from this change. Reviewed by: kp MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D56298 
The change e133271fc1b5e introduced ifnet_detach_sxlock, and change
6d2a10d96fb5 widened its coverage, but there are still consumers,
net80211 and tuntap e.g., want it. Instead of sprinkling it everywhere,
make it opaque to consumers.

Out of tree drivers shall also benefit from this change.

Reviewed by:	kp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D56298
routing: Retire ROUTE_MPATH compile option 2026-03-27T20:25:33+00:00 Pouria Mousavizadeh Tehrani pouria@FreeBSD.org 2026-03-27T11:20:05+00:00 254b23eb1f540844cf2a90f2781ae4231c5701ce The ROUTE_MPATH compile option was introduced to test the new multipath implementation. Since compiling it has no overhead and it's enabled by default, remove it. Reviewed by: melifaro, markj Relnotes: yes Differential Revision: https://reviews.freebsd.org/D55884 
The ROUTE_MPATH compile option was introduced to
test the new multipath implementation.
Since compiling it has no overhead and it's enabled
by default, remove it.

Reviewed by:	melifaro, markj
Relnotes:	yes
Differential Revision: https://reviews.freebsd.org/D55884
snl: Remove duplicate rta_expires member in route parser 2026-02-27T20:42:35+00:00 Pouria Mousavizadeh Tehrani pouria@FreeBSD.org 2026-02-27T20:41:51+00:00 82069fae3ff956ecf833d239864e34a3efc3356e There is no user for `rta_expires` member and it's duplicate of `rta_expire`. Reviewed By: melifaro Differential Revision: https://reviews.freebsd.org/D55445 
There is no user for `rta_expires` member and it's
duplicate of `rta_expire`.

Reviewed By: melifaro
Differential Revision: https://reviews.freebsd.org/D55445
rtnetlink: Add support for nexthop expiration in new/get route 2026-02-26T09:37:14+00:00 Pouria Mousavizadeh Tehrani pouria@FreeBSD.org 2026-02-22T17:46:12+00:00 ff6d1faa65a1a77d04746b43023feb457cfa27b8 Before this change, netlink only shows nexthop expire value if route is not multipath. Now it can set expire time during route creation. Also, show expire time of multipath nexthops. Reviewed by: glebius MFC after: 3 weeks Differential Revision: https://reviews.freebsd.org/D55442 
Before this change, netlink only shows nexthop
expire value if route is not multipath.
Now it can set expire time during route creation.
Also, show expire time of multipath nexthops.

Reviewed by: glebius
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D55442
if_gre: Add netlink support with tests 2026-02-18T19:42:29+00:00 Pouria Mousavizadeh Tehrani pouria@FreeBSD.org 2026-02-18T18:12:35+00:00 e1e18cc12e68762b641646b203d9ac42d10e3b1f Migrate to new if_clone KPI and implement netlink support for gre(4). Also refactor some of the gre specific ioctls. Reviewed by: glebius, zlei Differential Revision: https://reviews.freebsd.org/D54443 
Migrate to new if_clone KPI and implement netlink support
for gre(4). Also refactor some of the gre specific ioctls.

Reviewed by: glebius, zlei
Differential Revision: https://reviews.freebsd.org/D54443
netlink: force uninline of nl_receive_message() 2026-02-16T23:39:29+00:00 Gleb Smirnoff glebius@FreeBSD.org 2026-02-16T23:39:29+00:00 11c1b69885be9c20fba8f7b0d41bd6da8202b972 The entire netlink(4) message processing thread is all inlined into nl_taskqueue_handler() making it difficult to dtrace(1) on a message level. 
The entire netlink(4) message processing thread is all inlined into
nl_taskqueue_handler() making it difficult to dtrace(1) on a message
level.
sockets: let protocols be responsible for socket buffer mutexes 2026-02-03T17:09:49+00:00 Gleb Smirnoff glebius@FreeBSD.org 2026-02-03T17:09:49+00:00 64f7e3c9c178ab35cb1f8fdf791aec74ede6f6b2 Sockets that implement their own socket buffers (marked with PR_SOCKBUF) are now also responsible for initialization of socket buffer mutexes in pr_attach and for destruction in pr_detach (or pr_close). This removes a big bunch of reported LORs, as now WITNESS is able to see that tcp(4) socket buffer mutex and netlink(4) socket buffer mutex are two different things. Distinct names also improve diagnostics for blocked threads. This also removes a hack from unix(4), where we used to mtx_destroy(). Also removes an innocent bug from unix(4) where for accept(2)-ed socket soreserve() was called twice. This one was innocent since first call to soreserve() was asking for 0 bytes of space. This slightly increased amount of pasted code in TCP's syncache_socket(). The problem is that while for sockets created with socket(2) it is pr_attach responsible for call to soreserve() (including !PR_SOCKBUF protocols), but for the sockets created with accept(2) it was solisten_clone() doing soreserve(), combined with the fact that for accept(2) TCP completely bypasses pr_attach. This all should improve once TCP has its own socket buffers. Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D54984 
Sockets that implement their own socket buffers (marked with PR_SOCKBUF)
are now also responsible for initialization of socket buffer mutexes in
pr_attach and for destruction in pr_detach (or pr_close).

This removes a big bunch of reported LORs, as now WITNESS is able to see
that tcp(4) socket buffer mutex and netlink(4) socket buffer mutex are two
different things.  Distinct names also improve diagnostics for blocked
threads.

This also removes a hack from unix(4), where we used to mtx_destroy().
Also removes an innocent bug from unix(4) where for accept(2)-ed socket
soreserve() was called twice.  This one was innocent since first call to
soreserve() was asking for 0 bytes of space.

This slightly increased amount of pasted code in TCP's syncache_socket().
The problem is that while for sockets created with socket(2) it is
pr_attach responsible for call to soreserve() (including !PR_SOCKBUF
protocols), but for the sockets created with accept(2) it was
solisten_clone() doing soreserve(), combined with the fact that for
accept(2) TCP completely bypasses pr_attach. This all should improve once
TCP has its own socket buffers.

Reviewed by:		markj
Differential Revision:	https://reviews.freebsd.org/D54984
netlink: make compile without VIMAGE 2026-01-25T12:35:23+00:00 Bjoern A. Zeeb bz@FreeBSD.org 2026-01-25T12:33:17+00:00 072af59d46af264c835c8cda21d61b82fb4251ab Add the #include for proc.h which seems to be there in the VIMAGE case through some other includes only. Sponsored by: The FreeBSD Foundation Fixes: 04f6b99947d2 
Add the #include for proc.h which seems to be there in the VIMAGE
case through some other includes only.

Sponsored by:	The FreeBSD Foundation
Fixes:		04f6b99947d2
netlink: use caller's credentials in rtnl_handle_newlink 2026-01-24T09:50:50+00:00 Pouria Mousavizadeh Tehrani pouria@FreeBSD.org 2026-01-24T09:50:50+00:00 04f6b99947d2d2e0f6ec7703609c74083b5646e2 Make sure rtnl_handle_newlink sets the caller's credential during calls to ifc_create_ifp_nl and ifc_modify_ifp_nl Reviewed by: glebius, melifaro Approved by: glebius (mentor) Differential Revision: https://reviews.freebsd.org/D54109 
Make sure rtnl_handle_newlink sets the caller's credential
during calls to ifc_create_ifp_nl and ifc_modify_ifp_nl

Reviewed by: glebius, melifaro
Approved by: glebius (mentor)
Differential Revision: https://reviews.freebsd.org/D54109