Modify /usr/sbin/pkg to use environment variables specified in pkg.conf.
This allows control over underlying libraries like fetch(3), which can
be configured by setting HTTP_PROXY.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D29820
Allow up to 5 labels to be set on each rule.
This offers more flexibility in using labels. For example, it replaces
the customer 'schedule' keyword used by pfSense to terminate states
according to a schedule.
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29936
This fixes a bug in an earlier change to move tree rotation to
the end of the update where the step to make room for the new
preworld tree was deleting the old "current" tree instead of
the old "preworld" tree.
Reported by: olivier, dhw
Fixes: 0611aec3cf
MFC after: 2 weeks
Fixes segfault with the command `bhyve -s 0,virtio-scsi`, which is used
by some third party software to probe bhyve for virtio-scsi support.
Reviewed by: jhb
MFC after: 1 day
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D29926
A slight mix-up of the flags means this case isn't triggered when it
should be. Now, `pmcstat -s event -t 1234` will print the correct
error message.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
For an infrequent event, pmcstat may report (u_long)-1 for CPUs where
the counter was never incremented. Just set this to zero, instead.
ev->ev_count is passed as the 'count' argument to pmc_allocate(3), but
this wasn't always the case.
Reviewed by: gnn
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29887
Run the 'build_tree' function inside of a subshell and trap SIGINT to
return an error to the caller. This allows callers to gracefully
cleanup a partially created tree.
While here, redirect stdout/stderr of the subshell to the log file
instead of applying redirections individually to each command executed
while building the tree.
Reviewed by: imp
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D29844
etcupdate has had a somewhat nasty race condition since its creation
in that its state machine can get very confused if it is interrupted
while building the tree to compare against. This is exacerbated by
the fact that etcupdate doesn't emit any output while building the
tree which can take several seconds (especially in recent years with
the addition of the tree-wide buildconfig/installconfig passes).
To mitigate this, always install a new tree into a temporary directory
created via mktemp as was previously done only for dry-runs via -n.
The existing trees are only rotated and the new tree installed as
/var/db/etcupdate/current after the update command has completed.
Reported by: dim, np (and many others)
Reviewed by: imp
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D29843
This fix mprutil on big endian platforms, as follow up of D25785.
Flash operations are still not working, such as MPI2_FUNCTION_FW_UPLOAD
failing due to timeout.
Firmware version used during tests: 16.00.01.00
Submitted by: Andre Fernando da Silva <andre.silva@eldorado.org.br>
Reviewed by: luporl, Sreekanth Reddy <sreekanth.reddy@broadcom.com> (by e-mail)
Sponsored by: Eldorado Research Institute (eldorado.org.br)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26040
Use NULL for pointers instead of '0' (though hey are the same thing in
these cases). Ditto for using the zero character '\0' instead of a naked
0 (ditto).
Reviewed by: markj@
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D29847
Apparently new dialog does not like the height of 2 for the
timebox widget, use 0 (minimum size) instead.
Do the same for calendar widget as it does not change the
appearance and to prevent possible future surprises.
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D29720
- Use appropriate mdoc macros
- Document that tcp= is a synonym to rfb= (tcp is used in the examples,
but never mentioned)
- Clarify the IP address specification
MFC after: 2 weeks
- Set width of the list to the longest key word for readability.
- Separate descriptions of amd_hostbridge and hostbridge emulations.
Also, wordsmith their descriptions for consistency with other entries.
- Use Cm instead of Li for command modifiers.
- Do not stylize AMD with Li, there's no need to do it.
- Mention COM3 and COM4 in the definition of lpc.
- Fix a typo in the definition of ahci-hd ("hard drive" instead of
"hard-drive").
MFC after: 2 weeks
Also, remove the macros of the nested list which contained slot,
emulation and conf. This decreases the indention of the -s description.
It was necessary to clean up the slot description.
MFC after: 2 weeks
- Describe "-l help" separately for readability.
- List all the supported comX devices explicitly
- Use Cm instead of Ar for command modifiers (i.e., literal values a
user can specify as an argument to the command).
- Explain where to get more information about the possible values of the
conf argument.
MFC after: 2 weeks
In particular:
- Sort short options to align with style(9)
- Add two missing flags: -G and -r
- Drop unnecessary angle brackets for consistency
- Rename the "vm" argument to vmname for consistency with the manual
page
MFC after: 2 weeks
There is no need to squeeze all the possible options into one synopsis
entry. Let "-l help" and "-s help" be listed separately.
While here, keep -s and its arguments on the same line.
MFC after: 2 weeks
Some people expect jail.conf(5) to have a list of jail parameters.
jail(8) contains a comprehensive list of all parameters to be used during jail
invocation or in jail.conf.
Highlighting where to look for jail parameters seems a reasonable solution.
PR: 244569
Reported by: joneum@
Approved by: 0mp (manpages, mentor)
Reviewed by: debdrup
Differential Revision: https://reviews.freebsd.org/D28701
b51f459a20 resulted in a mismerge
due to having to do a remerge because my tree was over a week out of
date. Changes that were made to fix the build were lost in the remerge
resulting in build errors that were fixed a week ago.
This is necessary for use with supervision, e.g. runit.
I chose -F simply because that is what the folks at LPRng use.
Approved by: pfg, gad, ngie
Differential Revision: https://reviews.freebsd.org/D29566
Without the -w option, Windows guests crash on boot. This is caused by a rdmsr
of MSR_IA32_FEATURE_CONTROL. Windows checks this MSR to determine enabled VMX
features. This MSR isn't emulated in bhyve, so a #GP exception is injected
which causes Windows to crash.
Fix by returning a rdmsr of MSR_IA32_FEATURE_CONTROL with Lock Bit set and
VMX disabled to informWindows that VMX isn't available.
Reviewed by: jhb, grehan (bhyve)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D29665
FreeBSD's version of the config(8) utility is based on 4.3BSD not
4.4BSD. So correct the mentioned paper in the SEE ALSO section.
Reported by: imp
Reviewed by: imp
X-MFC-with: 2b59392cb0
Differential Revision: https://reviews.freebsd.org/D29701
The check needs to be in the public routine (gdb_cpu_suspend()), not
in the internal routine called from various places
(_gdb_cpu_suspend()). All the other callers of _gdb_cpu_suspend()
already check gdb_active, and this breaks the use of snapshots when
the debug server is not enabled since gdb_cpu_suspend() tries to lock
an uninitialized mutex.
Reported by: Darius Mihai, Elena Mihailescu
Reviewed by: elenamihailescu22_gmail.com
Fixes: 621b509048
Differential Revision: https://reviews.freebsd.org/D29538
Add the System Management BIOS Baseboard (or Module) Information
a.k.a. Type 2 structure to the SMBIOS emulation.
Reviewed by: rgrimes, bcran, grehan
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D29657
This is intended to be used with memory mapped IO, e.g. from
bus_space_map with no flags, or pmap_mapdev.
Use this new memory type in the map request configured by
resource_init_map_request, and in pciconf.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D29692
Stop using the kernel's struct pf_rule, switch to libpfctl's pfctl_rule.
Now that we use nvlists to communicate with the kernel these structures
can be fully decoupled.
Reviewed by: glebius
MFC after: 4 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29644
Rather than int flags we ++, use booleans for all command line args.
No functional change intended.
Reviewed by: markj@
Sponsored by: Netflix, Inc
Differential Revision: https://reviews.freebsd.org/D29621
Due to how we're parsing UUIDs, we were disallowing setting, printing or
deleting any UEFI variable with a '-' in it when you attempted to do that
operation with the exact name (wildcard reporting was unaffected). Fix the
parser to loop over all the dashes in the name and only give up when all
possible matches are exhausted.
Reviewed by: markj@
Sponsored by: Netflix, Inc
Differential Revision: https://reviews.freebsd.org/D29620
Add -q/--quiet flag to the command line. With it, errors are not reported at
all. Instead nothing is printed and the exit code is non-zero.
Reviewed by: markj
Sponsored by: Netflix, Inc
Differential Revision: https://reviews.freebsd.org/D29619
Commit 621b509048 introduced a regression
in legacy virtio-9p config parsing by not initializing *sharename to
NULL. As a result, "sharename != NULL" check in the first iteration fails
and bhyve exits with "virtio-9p: more than one share name given".
Fix by adding NULL back.
Approved by: grehan
With new ZFS prefetcher improvements it is no longer needed to fully
serialize reads to reach decent prediction hit rate. Softer variant
only creates small time window to reduce races instead of completely
blocking following reads while previous is running. It much less
hurts the performance in case of prediction miss.
MFC after: 1 month
By default, makefs(8) has very few spare inodes in its output images,
which is fine for static filesystems, but not so great for VM images
where many more files will be added. Make makefs(8) use the same
default settings as newfs(8) when creating images with free space --
there isn't much point to leaving free space on the image if you
can't put files there. If no free space is requested, use current
behavior of a minimal number of available inodes.
Reviewed by: manu
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D29492
Some architectures - armv7, armv8 and riscv use VM_MEMATTR_DEVICE
when mapping device registers in kernel. Do the same in pciconf.
On armada8k SoC all reads from BARs mapped with hitherto attribute
(VM_MEMATTR_UNCACHEABLE) return 0xff's.
Submitted by: Kornel Duleba <mindal@semihalf.com>
Reviewed by: kib
Obtained from: Semihalf
Sponsored by: Marvell
Differential revision: https://reviews.freebsd.org/D29603
freebsd-update compares the dates on man pages with mandoc.db, and if
any newer pages are found it regenerates mandoc.db.
Previously, if mandoc.db did not already exist the check failed and
freebsd-update then failed to create one. Now, check that mandoc.db
exists before performing the check for newer pages.
Reported by: bdrewery (in D10482)
Reviewed by: gordon
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29575
Follow-up to the removal of the mcov from kernel.
Noted by: mckusick
Reviewed by: mckusick
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D29563
This allows the xhci tablet device to be recognized and a PCI device
instantiated.
Reviewed by: jhb
Fixes: 621b509048 Refactor configuration management in bhyve.
MFC after: 3 months.
and other equivalent ways to request mcount-based profiling, like
'profile N' in kernel config.
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D29529
An NFSv4 only configuration does not register with
rpcbind(). Without this patch a failure to rpcb_unset()
is reported when the daemon is terminated for this case.
This is harmless noise, but this patch avoids calling
rpcb_unset() for the NFSv4 only case, avoiding the noise.
When called with "-d", it still does the rpcb_unset(),
assuming that the configuration might have been
changed to NFSv4 only and unregistering with
rpcbind() might still be needed.
Reviewed by: freqlabs
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D29449
- Always use distinct sockets for send and recv
- Limit rights on the recv socket
For ICMP6 we were using the same socket for both send and receive, and
we limited rights on the socket such that it's impossible to receive
anything.
PR: 254623
Diagnosed by: Zhenlei Huang <zlei.huang@gmail.com>
Reviewed by: oshogbo
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D29523
The old prototype requires callers to inspect flags of each descriptors
to get the starting position of host-writable iovecs.
vq_getchain() is changed to return a virtio request with the number of
host-readable iovecs and host-writable iovecs instead. Callers can avoid
boilerplate code of getting the start offset of host-writable iovecs.
Sponsored by: The FreeBSD Foundation
MFC after: 3 weeks
Reviewed by: afedorov
Approved by: philip (mentor)
Differential Revision: https://reviews.freebsd.org/D29433
The previous commit added the handler to parse the command line
options for virtio-scsi devices but forgot to set the correct function
pointer to point to the handler.
Reported by: vangyzen
Reviewed by: vangyzen
Fixes: 621b509048
Differential Revision: https://reviews.freebsd.org/D29438
When lockd is configured with a debug level of > 0 and foreground == 0,
the process is daemonized with a truth noclose argument to daemon().
This doesn't seem to be the desired behavior because that prevents
stdout and stderr from being closed, however, stdout and stderr aren't
used anywhere else. Furthermore, the man pages state that with a higher
debug level it will use the syslog facilities to do so.
Submitted by: Caleb St. John
Discussed with: rmacklem
MFC after: 3 days
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D29415
If the disk parameter "DEFAULT" is set in place of an actual device name,
or no disk is specified for the PARTITIONS parameter, the installer will
follow the logic used in the automatic-partitioning mode, in which it
will either provide a selection dialog for one of several disks if
several are present or automatically select it if there is only one. This
simplifies the creation of fully-automatic installation media for
hardware or VMs with varying disk names.
Suggested by: Egoitz Aurrekoetxea <egoitz@sarenet.es>
MFC after: 3 weeks
Relnotes: yes
There are scenarios where an NFS client will mount an NFSv4 export
without specifying a callback address.
When running nfsdumpstate under this circumstance, the column output is
shifted incorrectly which places the "ClientID" value underneath the
"Clientaddr" column.
This diff is a small cosmetic change that prints a blank in the
"Clientaddr" column and ensures the data for the columns are aligned
appropriately.
Submitted by: Caleb St. John
Reviewed by: sef (previous version)
MFC after: 3 days
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D18958
"device" is already used as the generic PCI-level name of the device
model to use (e.g. "hostbridge"). The result was that parsing
"hostbridge" as an integer failed and the host bridge used a device ID
of 0. The EFI ROM asserts that the device ID of the hostbridge is not
0, so booting with the current EFI ROM was failing during the ROM
boot.
Fixes: 621b509048
An install using -DNO_ROOT emits mtree entries containing tags used by
pkgbase. makefs(8) can safely ignore them, so do that rather than
emitting a warning for each entry.
Reviewed by: brooks, imp
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29384
Add a -M option to control the maximum length of forwarded messages.
syslogd(8) used to truncate forwarded messages to 1024 bytes, but after
commit 1a874a126a ("Add RFC 5424 syslog message output to syslogd.")
applies a more conservative limit of 480 bytes for IPv4 per RFC 5426
section 3.2. Restore the old default behaviour of truncating to 1024
bytes. RFC 5424 specifies no upper limit on the length of forwarded
messages, while for RFC 3164 the limit is 1024 bytes.
Increase MAXLINE to 8192 bytes to correspond to commit 672ef817a192.
Replaced bootfile[] size for MAXPATHLEN used in getbootfile(3) as a
returned value. Using (MAXLINE+1) as a size for bootfile[] is excessive.
PR: 241937
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D27206
Because the ESP mount point (/boot/efi) is in mtree, tar will attempt to
extract a directory at that point post-mount when the system is installed.
Normally, this is fine, since tar can happily set whatever properties it
wants. For FAT32 file systems, however, like the ESP, tar will attempt to
set mtime on the root directory, which FAT does not support, and tar will
interpret this as a fatal error, breaking the install (see
https://github.com/libarchive/libarchive/issues/1516). This issue would
also break scripted installs on bare-metal POWER8, POWER9, and PS3
systems, as well as some ARM systems.
This patch solves the problem in two ways:
- If stdout is a TTY, use the distextract stage instead of tar, as in
interactive installs. distextract solves this problem internally and
provides a nicer UI to boot, but requires a TTY.
- If stdout is not a TTY, use tar but, as a stopgap for 13.0, exclude
boot/efi from tarball extraction and then add it by hand. This is a
hack, and better solutions (as in the libarchive ticket above) will
obsolete it, but it solves the most common case, leaving only
unattended TTY-less installs on a few tier-2 platforms broken.
In addition, fix a bug with fstab generation uncovered once the tar issue
is fixed that umount(8) can depend on the ordering of lines in fstab in a
way that mount(8) does not. The partition editor now writes out fstab in
mount order, making sure umount (run at the end of scripted, but not
interactive, installs) succeeds.
PR: 254395
Reviewed by: gjb, imp
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D29380
In particular:
- There is no need to do anything with gpart (the installer does that
for you).
- There is no need to specify the network interface, since we have
an option for defaults.
The header specifies the size of the option in multiples of eight bytes.
The option consists of an eight-byte header followed by one or more IPv6
addresses, so the option is invalid if the size is not equal to 1+2n for
some n>0. Check this.
The bug can cause random stack data to be formatted as an IPv6 address
and passed to resolvconf(8), but a host able to trigger the bug may also
specify arbitrary addresses this way.
Reported by: Q C <cq674350529@gmail.com>
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
We want to allow the UEFI firmware to enumerate and assign
addresses to PCI devices so we can boot from NVMe[1]. Address
assignment of PCI BARs is properly handled by the PCI emulation
code in general, but a few specific cases need additional support.
fbuf and passthru map additional objects into the guest physical
address space and so need to handle address updates. Here we add a
callback to emulated PCI devices to inform them of a BAR
configuration change. fbuf and passthru then watch for these BAR
changes and relocate the frame buffer memory segment and passthru
device mmio area respectively.
We also add new VM_MUNMAP_MEMSEG and VM_UNMAP_PPTDEV_MMIO ioctls
to vmm(4) to facilitate the unmapping needed for addres updates.
[1]: https://github.com/freebsd/uefi-edk2/pull/9/
Originally by: scottph
MFC After: 1 week
Sponsored by: Intel Corporation
Reviewed by: grehan
Approved by: philip (mentor)
Differential Revision: https://reviews.freebsd.org/D24066
Replace the existing ad-hoc configuration via various global variables
with a small database of key-value pairs. The database supports
heirarchical keys using a MIB-like syntax to name the path to a given
key. Values are always stored as strings. The API used to manage
configuation values does include wrappers to handling boolean values.
Other values use non-string types require parsing by consumers.
The configuration values are stored in a tree using nvlists. Leaf
nodes hold string values. Configuration values are permitted to
reference other configuration values using '%(name)'. This permits
constructing template configurations.
All existing command line arguments now set configuration values. For
devices, the "-s" option parses its option argument to generate a list
of key-value pairs for the given device.
A new '-o' command line option permits setting an individual
configuration variable. The key name is always given as a full path
of dot-separated components.
A new '-k' command line option parses a simple configuration file.
This configuration file holds a flat list of 'key=value' lines where
the 'key' is the full path of a configuration variable. Lines
starting with a '#' are comments.
In general, bhyve starts by parsing command line options in sequence
and applying those settings to configuration values. Once this is
complete, bhyve then begins initializing its state based on the
configuration values. This means that subsequent configuration
options or files may override or supplement previously given settings.
A special 'config.dump' configuration value can be set to true to help
debug configuration issues. When this value is set, bhyve will print
out the configuration variables as a flat list of 'key=value' lines.
Most command line argments map to a single configuration variable,
e.g. '-w' sets the 'x86.strictmsr' value to false. A few command
line arguments have less obvious effects:
- Multiple '-p' options append their values (as a comma-seperated
list) to "vcpu.N.cpuset" values (where N is a decimal vcpu number).
- For '-s' options, a pci.<bus>.<slot>.<function> node is created.
The first argument to '-s' (the device type) is used as the value of
a "device" variable. Additional comma-separated arguments are then
parsed into 'key=value' pairs and used to set additional variables
under the device node. A PCI device emulation driver can provide
its own hook to override the parsing of the additonal '-s' arguments
after the device type.
After the configuration phase as completed, the init_pci hook
then walks the "pci.<bus>.<slot>.<func>" nodes. It uses the
"device" value to find the device model to use. The device
model's init routine is passed a reference to its nvlist node
in the configuration tree which it can query for specific
variables.
The result is that a lot of the string parsing is removed from
the device models and centralized. In addition, adding a new
variable just requires teaching the model to look for the new
variable.
- For '-l' options, a similar model is used where the string is
parsed into values that are later read during initialization.
One key note here is that the serial ports use the commonly
used lowercase names from existing documentation and examples
(e.g. "lpc.com1") instead of the uppercase names previously
used internally in bhyve.
Reviewed by: grehan
MFC after: 3 months
Differential Revision: https://reviews.freebsd.org/D26035
Definitions inside usr.sbin/bhyve/virtio.h are thrown away.
Definitions in sys/dev/virtio are used instead.
This reduces code duplication.
Sponsored by: The FreeBSD Foundation
Reviewed by: grehan
Approved by: philip (mentor)
Differential Revision: https://reviews.freebsd.org/D29084
The package extension is going to be changed to .bsd to be among other
things resilient to the change of compression format used and reduce
the impact of all third party tool of that change.
Ensure the bootstrap knows about it
Reviewed by: manu
Differential revision: https://reviews.freebsd.org/D29232
Remove references for: athdebug(8), athstats(8) and wlanstats(8)
Those are tools in the tools/ directory that are not built as part of the base
system. According to the toolds/README file:
"...these tools are not meant to be built as part of the standard system..."
Even more, the tools/tools/README is not udpated and wlanstats does not even
built on current:
error: cast from 'struct sockaddr *' to 'const struct sockaddr_dl *' increases
required alignment from 1 to 2 [-Werror,-Wcast-align]
PR: 227174
Reported by: freebsd.org@alexandrews.me.uk
Reviewed by: gbe@ adrian@
Approved by: gbe@ (mentor) adrian@
Differential Revision: https://reviews.freebsd.org/D29033
When an automounted filesystem is successfully unmounted, call
rpc.umntall(8) with the -k flag.
rpc.umntall(8) is used to clean up /var/db/mounttab on the client and
/var/db/mountdtab on the server. This is only useful for NFSv3.
PR: 251906
Reviewed by: trasz
Differential Revision: https://reviews.freebsd.org/D27801
The pwm utility cant set the only flag defined (PWM_POLARITY_INVERTED) so this
patch add the option -I (capital letter i) to send it to the drivers.
None of existing PWM driver have implemented support for flags.
But soon:ish I will put up an review of a pwm driver using TI OMAP DMTimer.
Differential Revision: https://reviews.freebsd.org/D29137
MFC after: 2 weeks
Daniel reported that NFSv4 mounts were not working despite having
set "nfsv4_server_enable=YES" in /etc/rc.conf. Mountd was logging a
message that there was no /etc/exports file.
He noted that creating a /etc/exports file with a "V4:" line in it
was needed make NFSv4 mounts work.
At least one "V4:" line in one of the exports(5) file(s) is needed to
make NFSv4 mounts work. This patch fixes mountd.c so that it logs a
message indicting that there is no "V4:" line in any exports(5)
file when NFSv4 mounts are enabled.
To avoid this message being generated erroneously, /etc/rc.d/mountd
is updated to make sure vfs.nfsd.server_max_nfsvers is properly set
before mountd(8) is started.
Reported by: debdrup
PR: 253901
MFC after: 2 weeks
The save/restore feature uses a unix domain socket to send messages
from bhyvectl(8) to a bhyve(8) process. A datagram socket will suffice
for this.
An added benefit of using a datagram socket is simplified code. For
bhyve, the listen/accept calls are dropped; and for bhyvectl, the
connect() call is dropped.
EPRINTLN handles raw mode for bhyve(8), use it to print error messages.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D28983
Use errno to print a more descriptive error message when vm_open() fails
libvmm: preserve errno when vm_device_open() fails
vm_destroy() squashes errno by making a dive into sysctlbyname() - we
can safely skip vm_destroy() here since it's not doing any critical
clean up at this point. Replace vm_destroy() with a free() call.
PR: 250671
MFC after: 3 days
Submitted by: marko@apache.org
Reviewed by: grehan
Differential Revision: https://reviews.freebsd.org/D29109
Instead of whether /boot/efi exists, which it now always does, including
on systems that don't and can't use EFI, use whether /boot/efi is
present in fstab to signal to the installer that it is a valid ESP and
should be configured. This has essentially the same semantics, but allows
/boot/efi to be created unconditionally.
Reviewed by: bdragon, imp
Tested by: bdragon (ppc64)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D29068
Recent changes have made it such that attaching to a jail will augment
the attaching process' cpu mask with the jail's cpuset. While this is
convenient for allowing the administrator to cpuset arbitrary programs
that will attach to a jail, this is decidedly not convenient for
executing long-running daemons during jail creation.
This change inserts a reset of the process cpuset to the root cpuset
between the fork and attach to execute a command. This allows commands
executed to have the widest mask possible, and the administrator can
cpuset(1) it back down inside the jail as needed.
With this applied, one should be able to change a jail's cpuset at
exec.poststart in addition to exec.created. The former was made
difficult if jail(8) itself was running with a constrained set, as then
some processes may have been spawned inside the jail with a non-root
set. The latter is the preferred option so that processes starting in
the jail are constrained appropriately up front.
Note that all system commands are still run with the process' initial
cpuset applied.
PR: 253724
MFC after: 3 days
Reviewed by: jamie
Differential Revision: https://reviews.freebsd.org/D29008
On system crontabs, multiple blanks are not being consumed after reading the
username. This change adds blank consumption before parsing any -[qn] options.
Without this change, an entry like:
* * * * * username -n true # Two spaces between username and option.
will fail, as the shell will try to execute (' -n true'), while an entry like:
* * * * * username -n true # One space between username and option.
works as expected (executes 'true').
For user crontabs, this is not an issue as the preceding (day of week
or @shortcut) processing consumes any leading whitespace.
PR: 253699
Submitted by: Eric A. Borisch <eborisch@gmail.com>
MFC after: 1 week
init(8) sets the "daemon" login class without specifying a pw
entry (so no substitutions are done on the variables). service(8)'s
use of env -L had the effect of specifying root's pw entry, with two
effects: getpwnam and getpwuid are being called, which may not be
entirely safe depending on what nsswitch is up to and what stage of
boot we are at, and substitutions would have been done.
Fix by teaching env(8) to allow -L -/classname to set the class
environment with no pw entry at all specified, and use it in
service(8).
PR: 253959
Ranges use the function get_number, which means that ranges of names
are supported and indeed always have been, righ back to the initial
import.
PR: docs/253969
Reported by: Ben Bullock <benkasminbullock@gmail.com>
Set the filter-specific flags VQ_MOUNT and VQ_UNMOUNT for the
EVFILT_FS filter.
The filter-specific flags for the EVFILT_FS filter are undocumented, but
their usage can be found by looking up vfs_event_signal().
Reviewed by: trasz
Differential Revision: https://reviews.freebsd.org/D28975
fmtree(8) deprecation was announced on February 12, 2021, and no longer
built by default as of that date. The deprecation notice was merged
back to stable/12 and stable/13 + releng/13.0.
Continue with the plan by finishing the removal.
Relnotes: yes
In the 761d2bb5b9 we added nojailvnet
keyword. The nojailvnet keyword is used to skip startup scripts in
jails that are run without VNET.
The service.sh was omitted in this commit. The service.sh
even documents that this is the same code as in rc - so lets reflect
that.
Submitted by: Adam Wołk <a.wolk@fudosecurity.com>
Sponsored by: Fudo Security
Based on an idea from dvl's coworker, László DANIELISZ, implement
a new flag, 'E', that prevents newsyslog(8) from rotating the empty
log files. This 'E' flag ist mostly usable in conjunction with 'B'
flag that instructs newsyslog(8) to not insert an informational
message into the log file after rotation, keeping it still empty.
Reviewed by: markj, ian, manpages (rpokala)
Approved by: markj, ian, manpages (rpokala)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D28940
MAX_SNAPSHOT_VMNAME is a macro used to set the size of a character
buffer that stores a filename or the path to a file - this file is used
by the save/restore feature.
Since the file doesn't have anything to do with a vm name, rename
MAX_SNAPSHOT_VMNAME to MAX_SNAPSHOT_FILENAME. Bump the size to PATH_MAX
while here.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D28879
Combine send_start_checkpoint() and send_start_suspend() into a
single function named snapshot_request().
snapshot_request() is equivalent to send_start_checkpoint() and
send_start_suspend() except that it takes an additional argument. The
additional argument, enum ipc_opcode, is used to determine the type of
snapshot request being performed. Also, switch to using strlcpy instead
of strncpy.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D28878
Generalize the naming here since the domain socket that uses these codes
might be used for purposes other than the save/restore feature.
- rename checkpoint_opcodes to ipc_opcode
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D28877
The manual page lists a bunch of examples, some of which already exist
in this file. Since it's both easier to remember when all examples are
listed in the same location, move examples so they get installed into
/etc/inetd.conf
This also means users won't have to copy-paste, but can simply
uncomment one or more services to use them.
As such, it also becomes necessary to remove the examples from the
manual page, so instead add a note explaining where the previous
examples as well as others may be found.
Cross-references, including to ports, have also been added where
applicable.
The rsync example has lived in the bug tracker for too long,
considering how useful it can situationally be, for example when
backup jobs on client devices are run through periodic(8) weekly.
The microsoft-ds entry is necessary for Windows 10 compatibility
(this can be confirmed with packet capturing, as it is not readily
documented at time of writing).
While here, remove two examples for which compatible daemons could not
be found in ports.
Submitted by: David Yeske <dyeske at gmail.com> (in part, prev ver)
PR: 122037
Reviewed by: kevans, brueffer, lwhsu, yuripv
Differential Revision: https://reviews.freebsd.org/D28882
Per hier(7), the ESP will be mounted at /boot/efi. On UFS systems,
any existing ESP will be reused and mounted there; otherwise, a new one
will be made. On ZFS systems, space for an ESP is allocated on all disks
in the root pool, but only the partition actually used to boot is set up
and mounted.
This makes future upgrades of the EFI loader easier (upgrade scripts can
just change /boot/efi) and also greatly simplifies the parts of the
installer involved in initialization of the ESP. It also makes the
installer's behavior correspond to the documentation in hier(7).
Reviewed by: imp, tsoome
MFC after: 1 week
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D28897
Add /var/run/bhyve/ to BSD.var.dist so we don't have to call mkdir when
creating the unix domain socket for a given bhyve vm.
The path to the unix domain socket for a bhyve vm will now be
/var/run/bhyve/vmname instead of /var/run/bhyve/checkpoint/vmname
Move BHYVE_RUN_DIR from snapshot.c to snapshot.h so it can be shared
to bhyvectl(8).
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D28783
The makefs msdosfs code includes fs/msdosfs/denode.h which directly uses
struct buf from <sys/buf.h> rather than the makefs struct m_buf.
To work around this problem provide a local denode.h that includes
ffs/buf.h and defines buf as an alias for m_buf.
Reviewed By: kib, emaste
Differential Revision: https://reviews.freebsd.org/D28835
Make sys/buf.h, sys/pipe.h, sys/fs/devfs/devfs*.h headers usable in
userspace, assuming that the consumer has an idea what it is for.
Unhide more material from sys/mount.h and sys/ufs/ufs/inode.h,
sys/ufs/ufs/ufsmount.h for consumption of userspace tools, with the
same caveat.
Remove unacceptable hack from usr.sbin/makefs which relied on sys/buf.h
being unusable in userspace, where it override struct buf with its own
definition. Instead, provide struct m_buf and struct m_vnode and adapt
code to use local variants.
Reviewed by: mckusick
Tested by: pho
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D28679
Changes in the 2fe5a79425 moved dst sockaddr masking from the
routing control plane to the rtsock code.
It broke arp/ndp deletion.
It turns out, arp/ndp perform RTM_GET request first to get an
interface index necessary for the deletion.
Then they simply stamp the reply with RTF_LLDATA and set the
command to RTM_DELETE.
As a result, kernel receives request with non-empty RTA_NETMASK
and clears RTA_DST host bits before passing the message to the
lla code.
De facto, the only needed bits are RTA_DST, RTA_GATEWAY and the
subset of rtm_flags.
With that in mind, fix the interace by clearing RTA_NETMASK
for every messages with RTF_LLDATA.
While here, cleanup arp/ndp code a bit.
MFC after: 1 day
Reviewed by: gnn
Differential Revision: https://reviews.freebsd.org/D28804
The kernel changes needed for nfs-over-tls have been committed to main.
However, nfs-over-tls requires user space daemons to handle the
TLS handshake and other non-application data TLS records.
There is one daemon (rpc.tlsclntd) for the client side and one daemon
(rpc.tlsservd) for the server side, although they share a fair amount
of code found in rpc.tlscommon.c and rpc.tlscommon.h.
They use a KTLS enabled OpenSSL to perform the actual work and, as such,
are only built when MK_OPENSSL_KTLS is set.
Communication with the kernel is done via upcall RPCs done on AF_LOCAL
sockets and the custom system call rpctls_syscall.
Reviewed by: gbe (man pages only), jhb (usr.sbin/Makefile only)
Comments by: jhb
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D28430
Relnotes: yes
struct checkpoint_op, enum checkpoint_opcodes, and
MAX_SNAPSHOT_VMNAME are not vmm specific, move them out of the vmmapi
header.
They are used for the save/restore functionality that bhyve(8)
provides and are better suited in usr.sbin/bhyve/snapshot.h
Since bhyvectl(8) requires these, the Makefile for bhyvectl has been
modified to include usr.sbin/bhyve/snapshot.h
Reviewed by: kevans, grehan
Differential Revision: https://reviews.freebsd.org/D28410
When executing automount(8), it will attempt to create the directory where an
autofs filesystem is to be mounted. Explicity set the root path for this
directory to "/".
This fixes the issue where the directory being created was being treated as a
relative path instead of an absolute path (as expected).
PR: 224601
Reported by: kusumi.tomohiro@gmail.com
Reviewed by: trasz
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D27832
Note that this mtree(8) is actually installed as fmtree(8), while
mtree(8) is located in ^/contrib/mtree -- thus, the reference to
mtree(8) makes a lot more sense in the context in which folks would
actually notice it. Shout-out to Ravi for pointing out that this may
not be an obvious fact.
MFC after: 3 days
Reviewed by: bdrewery, brooks, cy, emaste
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D28573
unsz was always exactly '1' here due to an unfortunate mispositioning
of closing parenthesis. While it's generally irrelevant because bind(2)
is passed the (accurate) sep->se_ctrladdr_size instead, it's not very
helpful for anything locally that wants to use it rather than assuming
that sep->se_ctrladdr_size perfectly fits the end of sun_path.
Just drop unsz entirely and use the result of SUN_LEN() for it.
MFC-after: 3 days
- One (1) spurious whitespace.
- One (1) occurrence of "random(3) bad, arc4random(3)" good.
- Three (3) writes that will never be seen.
The latter two points are complaints from clang-analyze. Switching to
arc4random(3) is decidedly a good idea because we weren't doing any kind
of PRNG seeding anyways. The discarded assignments are arguably good
for future-proofing, but it's better to improve the S/N ratio from
clang-analyze.
Reviewed by: bapt, manu
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D28525
This is limited to bootstrap/add because some real pkg(8) commands
have -r flags with an incompatible meaning/usage, e.g., pkg-audit.
pkg(7) will still commence the search as it has, but it will ignore any
repo objects without the given name so that overrides and whatnot still
work as expected.
The use of it for add is noted in the manpage; notably, that the
signature config for that repository will be used over global config if
it's specified. i.e., pkg(7) should assume that the given pkg did come
from that repository and treat it appropriately.
Reviewed by: bapt, manu
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D28524
Move the check for efi variables being supported to after parsing the args. This
allows '-h' to produce both as a normal user as well as on all systems.
The st variable is used as a shortcut for &node->inode->st, but in one
branch just before the exit we update node->inode without changing st.
Reported by: AddressSanitizer
Reviewed By: emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D28570