Consistenly use newly-added 'ctx->ifname' as the name of the current
target interface.
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D40438
MFC after: 2 weeks
This is a pre-requisite for the global 'name' variable removal.
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D40432
MFC after: 2 weeks
This variable was used to print the created interface name in the
atexit(3) handler. The interface name was calculated in the
ifclonecreate() by matching old & new names.
This change alter the implementation the following way:
1) the function responsible for the interface creation (ifcreate_ioctl)
updates all necessary state internally. This removes the need for the
name manipulation hack in wlan_create().
2) As atexit(3) handler does not accept any parameters, explicitly store
the name to print in the ifname_to_print variable read by the atexit(3)
handler.
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D40431
MFC after: 2 weeks
This is the continuation of the ifconfig cleanup work. This change is
a pre-requsite for the next changes removing some of the global variables.
It will also help in implementing functionality via Netlink instead of ioctl.
No functional changes intended.
* vxlan_cb() was removed as it contained no code
* ioctl_ifcreate() was renamed to ifcreate_ioctl() to follow the other
netlink/ioctl function naming. Netlink and ioctl provide _different_
interfaces and it's not possible to have a unified interface object
that can be filled by either netlink or ioctl implementations. With that
in mind, I'm leaning more to the function_<nl|ioctl> postfix pattern,
than doing ioctl_ or netlink_ prefix.
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D40426
MFC after: 2 weeks
Add -j <jail> flag to route(8) to allow route to perform actions in
a Jail.
Differential Revision: https://reviews.freebsd.org/D40377
MFC after: 2 weeks
OPENSSL_API_COMPAT can be used to specify the OpenSSL API version in
use for the purpose of hiding deprecated interfaces and enabling
the appropriate deprecation notices.
This change is a NFC while we're still using OpenSSL 1.1.1 but will
avoid deprecation warnings upon the switch to OpenSSL 3.0.
A future update may migrate to use the OpenSSL 3.0 APIs.
PR: 271615
Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
OPENSSL_API_COMPAT can be used to specify the OpenSSL API version in
use for the purpose of hiding deprecated interfaces and enabling
the appropriate deprecation notices.
This change is a NFC while we're still using OpenSSL 1.1.1 but will
avoid deprecation warnings upon the switch to OpenSSL 3.0.
A future update may migrate to use the OpenSSL 3.0 APIs.
PR: 271615
Pull request: https://github.com/freebsd/freebsd-src/pull/757
Sponsored by: The FreeBSD Foundation
ERR_load_crypto_strings() was deprecated in OpenSSL 1.1.0, and explicit
initialization is generally not reqiured. In the case of dumpon however
we initialize prior to entering capability mode, so replace with an
OPENSSL_init_crypto call.
Reviewed by: def, Pierre Pronchery
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40353
ERR_load_crypto_strings is deprecated in OpenSSL 1.1, and OpenSSL 1.1
generally does not require explicit initialization. However, we do need
to ensure that initialization is done before entering capability mode so
call OPENSSL_init_crypto instead. Also include header needed for
ERR_error_string.
Reviewed by: vangyzen
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40343
Make struct pfsync_state contents configurable by sending out new
versions of the structure in separate subheader actions. Both old and
new version of struct pfsync_state can be understood, so replication of
states from a system running an older kernel is possible. The version
being sent out is configured using ifconfig pfsync0 … version XXXX. The
version is an user-friendly string - 1301 stands for FreeBSD 13.1 (I
have checked synchronization against a host running 13.1), 1400 stands
for 14.0.
A host running an older kernel will just ignore the messages and count
them as "packets discarded for bad action".
Reviewed by: kp
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D39392
The previous change to CGSIZE had the unintended side-effect of allowing
newfs and makefs to create file systems that would fail validation when
examined by older commands and kernels, by allowing newfs/makefs to pack
slightly more blocks into a CG than those older binaries think is valid.
Fix this by having newfs/makefs artificially restrict the number of blocks
in a CG to the slightly smaller value that those older binaries will accept.
The validation code will continue to accept the slightly larger value
that the current newfs/makefs (before this change) could create.
Fixes: 0a6e34e950
Reviewed by: mckusick
MFC after: 3 days
Sponsored by: Netflix
When loading the root directory ensure that it is a directory
and has a size greater than the minimum directory size. If an
invalid root directory is found, fall back to full fsck.
Reported-by: Robert Morris
PR: 271414
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
When checking an inode ensure that it does not have a negative size.
Stop scaning a directory when an unallocated block is found.
Fully clear an inode when it is first allocated.
Ensure that an inode is marked dirty whenever it is updated and that
it has a correct check hash when it is released.
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
Check for valid block numbers while loading journal entries that
contain block numbers. If an invalid block number is found, fall
back to full fsck.
Reported-by: Robert Morris
PR: 271383
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
Check for valid file size before processing journal entries for it.
Done by extracting the file size check from pass1.c into chkfilesize()
then using it in the journal code in suj.c
Reported-by: Robert Morris
PR: 271378
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
The last valid inode in the filesystem is maxino - 1, not maxino.
Thus validity checks should ino < maxino, not ino <= maxino.
Reported-by: Robert Morris
PR: 271312
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
Always create a directory inode structure when a directory inode is
found in Pass 1 as it is not known whether it will be saved or removed
in later passes. If it is to be saved the directory inode structure
is needed to track its status and fsck_ffs(8) will segment fault if
it does not exist.
Reported-by: Robert Morris
PR: 271310
PR: 271354
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
This change modifies dumpon to print out the last error from OpenSSL
when `PEM_read_RSA_PUBKEY` fails. This allows end-users to diagnose why
reading in RSA pubkey files fails so they can adjust the usage to meet
the needs of the command.
MFC after: 1 week
Commit fe5e6e2 improved FFS directory placement when creating new
directories. It is done by keeping track of the depth of directories
in the filesystem and placing those lower in the tree closer together
while spreading out those higher in the tree.
Fsck_ffs(8) checks these depths and if incorrect adjusts them to
their correct value. When running in background fsck_ffs(8) needs
to be able to make an adjustment to the depth. This commit adds
the sysctl to make such an adjustment and adds the code to fsck_ffs(8)
to use the new sysctl.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Internally, inet and inet6 family handlers store state for
address addition and deletion separately, as, for example,
"ifconfig lo0 inet 127.0.0.2/32" triggers a) deletion of the
first interface address and b) addition of a new one.
The current logic behind handling "-alias" being the last argument
is to copy the address from "addition" state to the "deletion"
state. It is done by the generic ifconfig code, which explicitly
typecasts opaque handler state pointers to "struct ifreq", which
doesn't work in the Netlink case.
Fix this by introducing family-specific "af_copyaddr" handler,
which removes the peeking & typecasting logic from the generic code.
Reported by: otis
Tested by: otis
The default location for home directories is moving from /usr/home
to /home, including the default zfs datasets. Update accordingly.
Add zroot/usr/src as replacement example of nested datasets.
While here, mark zroot/var as "canmount off" as per current setup.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D40206
The default location for home directories is moving from /usr/home
to /home. Update the examples accordingly.
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D40205
The structure consists of all current context - arguments,
open sockets, current family and so on.
Pass this structure as a first argument to most of the af_ menthods.
This allows to propagate and update shared data without using
global variables.
The diff is pretty large, but de-facto mechanical. All changes
except the structure setup in ifconfig[_netlink].c are one-line
mechanical changes.
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D40239
MFC after: 2 weeks
Cleanup compiler warnings in preparation to set Wextra and remove WARNS?=2
Differential Revision: https://reviews.freebsd.org/D40238
MFC after: 2 weeks