Rather than having a tool in the FreeBSD base system for obtaining
the FreeBSD ports tree, users are encouraged to `pkg install git`
and then `git clone https://git.FreeBSD.org/ports.git /usr/ports`.
The portsnap servers will continue operating until FreeBSD 13 reaches
its End-of-Life, and portsnap is available from the ports tree as
ports-mgmt/portsnap.
Requested by: portmgr
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D39563
X-MFC: no
* Align 'on <interface>' parameter with the BNF, so use 'on <ifspec>'
* Clarify etherprotospec BNF, to make it clearer that only numbers are
supported.
Suggested by: Christian McDonald
Sponsored by: Rubicon Communications, LLC ("Netgate")
These bits are obsolete since 58aa35d429.
This change reverts part of 9ba2b298df as
well as effectively bd3d9826d7, i. e. the
SBus-related modifications. This also gets rid of a nasty hack required
as bus_{read,write}_N(9) doesn't really fit bus_space_subregion(9).
The output of hexadecimal bytes are in lowercase. Update the example to
reflect the reality.
Reviewed by: gbe (manpages)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D39543
Introduce the OpenBSD syntax of "scrub" option for "match" and "pass"
rules and the "set reassemble" flag. The patch is backward-compatible,
pf.conf can be still written in FreeBSD-style.
Obtained from: OpenBSD
MFC after: never
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D38025
if_bridge receives packets via a special interface, if_bridge_input,
rather than by if_input. Thus, netmap's usual hooking of ifnet routines
does not work as expected. Instead, modify bridge_input() to pass
packets directly to netmap when it is enabled. This applies to both
locally delivered packets and forwarded packets.
When a netmap application transmits a packet by writing it to the host
TX ring, the mbuf chain is passed to if_input, which ordinarily points
to ether_input(). However, when transmitting via if_bridge,
bridge_input() needs to see the packet again in order to decide whether
to deliver or forward. Thus, introduce a new protocol flag,
M_BRIDGE_INJECT, which 1) causes the packet to be passed to
bridge_input() again after Ethernet processing, and 2) avoids passing
the packet back to netmap. The source MAC address of the packet is used
to determine the original "receiving" interface.
Reviewed by: vmaffione
MFC after: 2 months
Sponsored by: Zenarmor
Sponsored by: OPNsense
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D38066
It was introduced in 2d3614fb13 (bridge: Log MAC address port flapping).
Reviewed by: gbe (manpages)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D39465
List the specific tools that are controlled by WITH_LLVM_BINUTILS, and
mention the tools that are always or never taken from LLVM. Tools come
from one of three sources (LLVM, ELF Tool Chain, bespoke base system)
and it is useful to be explicit.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39428
Currently, sysctls which enable KDB in some way are flagged with
CTLFLAG_SECURE, meaning that you can't modify them if securelevel > 0.
This is so that KDB cannot be used to lower a running system's
securelevel, see commit 3d7618d8bf. However, the newer mac_ddb(4)
restricts DDB operations which could be abused to lower securelevel
while retaining some ability to gather useful debugging information.
To enable the use of KDB (specifically, DDB) on systems with a raised
securelevel, change the KDB sysctl policy: rather than relying on
CTLFLAG_SECURE, add a check of the current securelevel to kdb_trap().
If the securelevel is raised, only pass control to the backend if MAC
specifically grants access; otherwise simply check to see if mac_ddb
vetoes the request, as before.
Add a new secure sysctl, debug.kdb.enter_securelevel, to override this
behaviour. That is, the sysctl lets one enter a KDB backend even with a
raised securelevel, so long as it is set before the securelevel is
raised.
Reviewed by: mhorne, stevek
MFC after: 1 month
Sponsored by: Juniper Networks
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D37122
- Improve the wording that describes cnt and hz (avoid "the long haul")
- Use .Fa for function arguments
- Fix formatting of parenthesis around swi(9) xref
- removed xref to non-existent options(4)
- xref polling(4)
- consistently list xrefs in SEE ALSO
- xref eventtimers(9) in SEE ALSO
Reviewed by: mav, rpokala
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39137
timeout(9) was removed a couple of years ago; all consumers now use the
callout(9) interface.
Explicitly do not bump .Dd anywhere, as this is not a content or
semantic change.
Reviewed by: markj, jhb, Pau Amma <pauamma@gundo.com>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39136
Add more details about the execution and purpose of these shutdown
handlers. Make a point to mention the requirement that they can be run
in a normal or panic context. Add some simple examples.
Add a brief comment to the declaration in sys/eventhandler.h.
Reviewed by: markj
Discussed with: rpokala, Pau Amma <pauamma@gundo.com>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39135
- This function no longer disables interrupts
- MLINK to reboot.9
- The mentions of autoconfiguration is more about shutdown_nice(),
coming in the next commit.
- Describe the RB_* flags relevant to this function
- Describe behaviour when shutdown hooks fail the reset
- Describe expected execution contexts
- Add FF copyright
- xref panic(9)
- xref this page in reboot(2)
Reviewed by: markj
Discussed with: rpokala, Pau Amma <pauamma@gundo.com>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39133
- Better description of what the panic() function does
- Document KERNEL_PANICKED()
- Add a section describing panic execution context
- Add SEE ALSO
Reviewed by: kib, markj, rpokala
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39132
- Add a little bit of introductory text
- Improve the existing example: ANSI C, use a better assertion than a
NULL check (which is discouraged)
- Document the widely used MPASS macro in this page
- Drop the cross-reference to config(8)
Reviewed by: kib, markj, rpokala, Pau Amma <pauamma@gundo.com>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39131
- Document CRITICAL_ASSERT() in this man page.
- Clarify that a thread may also handle interrupts in a critical
section, not only faults/exceptions.
- Note the negative effects of critical section abuse
- Some other minor clarifications
- Add short SEE ALSO
Reviewed by: kib, markj, rpokala, Pau Amma <pauamma@gundo.com>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39130
These functions, vcount() and count_dev(), no longer exist in the source
tree.
Reviewed by: rpokala
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39128
Use .An -nosplit for the AUTHORS section, so that
it renders without an unnecessary newline.
No .Dd bump since it isn't a content change.
MFC after: 3 days
This will build etdump, makefs and mkimg as bootstrap tools to allow
easily creating disk images. Note that etdump is bootstrapped due to its
use in the release scripts for building ISO images.
Reviewed by: emaste, arichardson
Differential Revision: https://reviews.freebsd.org/D39072
Since 9503d2704c LOADER_ZFS gets turned off when ZFS is, and since
63715498ac ZFS is no longer disabled on powerpc and powerpcspe.
Reviewed by: emaste
Fixes: 9503d2704c ("opts: Minor cleanup of ZFS options")
Fixes: 63715498ac ("powerpc: enable ZFS on 32 bit powerpc/powerpcspe")
Differential Revision: https://reviews.freebsd.org/D39071
RFC 4443 specifies cases where certain packets, like those originating from
local-scope addresses destined outside of the scope shouldn't be forwarded.
The current practice is to drop them, send ICMPv6 message where appropriate,
and log the message:
cannot forward src fe80:10::426:82ff:fe36:1d8, dst 2001:db8:db8::10, nxt
58, rcvif vlan5, outif vlan2
At times the volume of such messages cat get very high. Let's allow local
admins to disable such messages on per vnet basis, keeping the current
default (log).
Reported by: zarychtam@plan-b.pwste.edu.pl
Reviewed by: zlei (previous version), pauamma (docs)
Differential Revision: https://reviews.freebsd.org/D38644