Determine if a device supports "Extended" or "Separate" metadata, and
what the current metadata setting is (None, Extended, Separate)
Also determine if the device supports:
- Sanitize Crypto Erase
- Sanitize Block Erase
- Sanitize Overwrite
Reviewed by: chuck
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
X-NetApp-PR: #49
Differential Revision: https://reviews.freebsd.org/D31067
Implement and document the new depop command. This command manages drive elements
for drives that support it. Storage elements are typically heads. Element status
can be discovered. Elements may be removed or restored. And the status of any
current depop operation can be assessed.
depop -d elm will remove element elm and truncate available capacity.
depop -l will list the current drive elements and their current status.
depop -r elm will try to restore all retired elements and rebuild capacity.
Changing storage elements may reinitialize the drive. This operation will lose
data and may take hours to complete. Use the drive provided timeout for
operations by default.
Reviewed by: gbe (manpages)
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D29018
This adds an option to detect if hole-punching is implemented by the
underlying file system. If this flag is set, and if the underlying file
system does not support hole-punching, md(4) fails BIO_DELETE requests
with EOPNOTSUPP.
Sponsored by: The FreeBSD Foundation
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D31883
Introduce a link to the ipfw command, dnctl, for dummynet configuration.
dnctl only handles dummynet configuration, and is part of the effort to
support dummynet in pf.
/sbin/ipfw continues to accept pipe, queue and sched commands, but these can
now also be issued via the new dnctl command.
Reviewed by: donner
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D30465
795d78a467 pfctl: Don't use PRIu64 mistakenly changed these to be
printed as hexadecimal numbers.
Reported by: Florian Smeets
MFC after: 4 days
Sponsored by: Rubicon Communications, LLC ("Netgate")
Rather than PRIu64 we can just treat the data as uintmax_t, and use %jx
instead.
MFC after: 1 week
Suggested by: kib
Sponsored by: Rubicon Communications, LLC ("Netgate")
Use PRIu64 to printf(3) uint64_t quantities, otherwise this will result
in "error: format specifies type 'unsigned long' but the argument has
type 'uint64_t' (aka 'unsigned long long') [-Werror,-Wformat]" on 32-bit
architectures.
Fixes: 80078d9d38
MFC after: 1 week
Rather than call DIOCGETSTATUS ourselves use the new libpfctl functions.
MFC after: 1 week
Sponsored by: Modirum MDPay
Differential Revision: https://reviews.freebsd.org/D31697
Since the conversion to the new DIOCKILLSTATESNV the kernel no longer
exists the id and creatorid to be big-endian.
As a result killing states by id (i.e. `pfctl -k id -k 12345`) no longer
worked.
Reported by: Özkan KIRIK
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
When invalid statement is found the next statement is skipped even if it
is valid.
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D31527
This allows the maximum value of 4294967295 (~4Gb/s) instead of previous
value of 2147483647 (~2Gb/s).
Reviewed by: np, scottl
Obtained from: pfSense
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31582
That commit moved key generation into a child process, including
a memory allocation referenced by a structure. The child wrote
the structure to the parent over a pipe, but did not write the
referenced allocation. The parent read the structure from the
child and used its pointer, which was bogus in the parent.
In the child, send both chunks of data to the parent. In the
parent, make a corresponding allocation and read both chunks.
Fixes: 372557d8c3
Reviewed by: bdrewery, markj
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D31452
When matching entries, we should ignore those with a name of '#'. It's
the standard way to skip elements and need to be present to have the
proper offsets to the fields that are observed. No bus has a pnp
attribute of '#' and that is now disallowed for future buses that are
written.
Sponsored by: Netflix
Reviewed by: kbowling
Differential Revision: https://reviews.freebsd.org/D31482
Felix switch found in LS1028A supports stripping VLAN tag on
ingress, instead of egress. The striptag flag excepts the latter
behaviour.
Add a new flag to support the feature.
Obtained from: Semihalf
Sponsored by: Alstom Group
Differential Revision: https://reviews.freebsd.org/D30922
SO_RERROR indicates that receive buffer overflows should be handled as
errors. Historically receive buffer overflows have been ignored and
programs could not tell if they missed messages or messages had been
truncated because of overflows. Since programs historically do not
expect to get receive overflow errors, this behavior is not the
default.
This is really really important for programs that use route(4) to keep
in sync with the system. If we loose a message then we need to reload
the full system state, otherwise the behaviour from that point is
undefined and can lead to chasing bogus bug reports.
Reviewed by: philip (network), kbowling (transport), gbe (manpages)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D26652
This allows the use of VLAN PCP in dhclient, which is required for
certain ISPs (such as Orange.fr).
Reviewed by: bcr (man page)
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31263
Netdump has its own configuration tracking such that
ioctl(/dev/null, DIOCSKERNELDUMP) does a dumper_remove() but does not
notify netdump about the removal. Simply sending the same ioctl to
/dev/netdump handles the situation.
Reviewed by: markj, cem
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D31300
If -v is specified when adding a new device then a full listing of
configured devices is displayed. This requires sysctl access which
genkey()'s use of capability mode was blocking permission to access.
This leads to both confusing console spam but also incorrectly returning
an error status even if no other had been encountered.
dumpon: Sysctl get 'kern.shutdown.dumpdevname': Operation not permitted
Fix this by generating the key in a child process.
Reviewed by: markj
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D31266
This can be useful for, e.g., unmounting filesystems that were needed
for shutdown.
Reviewed by: kib
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
X-NetApp-PR: #63
Differential Revision: https://reviews.freebsd.org/D31230
Support the 'match' keyword.
Note that support is limited to adding queuing information, so without
ALTQ support in the kernel setting match rules is pointless.
For the avoidance of doubt: this is NOT full support for the match
keyword as found in OpenBSD's pf. That could potentially be built on top
of this, but this commit is NOT that.
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D31115
Since bsd.prog.mk includes bsd.obj.mk, and thus bsd.subdir.mk, we must
ensure all our bsd.subdir.mk-affecting variables are set before
including bsd.prog.mk. Since sbin's various Makefile.arch files add to
SUBDIR this results in those not taking effect, and presumably we also
end up not having buildworld as parallel as it should be due to the fact
that SUBDIR_PARALLEL was not being set before including bsd.prog.mk.
MFC with: 0a0f748641
Reviewed by: olivier
Differential Revision: https://reviews.freebsd.org/D31125
Background checks are only allowed for mounted filesystems - don't try
to open the device for writing when performing a background check.
While here, remove a debugging printf that's commented out.
PR: 256746
Fixes: 5cc52631b3
Reviewed by: mckusick
MFC After: 1 week
Differential Revision: https://reviews.freebsd.org/D30880
Commit 1e0a518d65 added a new NFS mount option "nconnect".
This patch adds information on this option to the man page.
It also adds an IMPLEMENTATION section that explains how
the default I/O size is determined and that "nfsstat -m" can
be used to find out what option settings are actually in use.
This is a content change.
Reviewed by: gbe (manpages)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D31135
The description of the power command is missing. While the synopsis is
present, there's no explanation. Add one.
Reviewed by: mav, chuck
PR: 237866
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D31122
These were all incorrectly labeled as 2-clause BSD licenses by a
semi-automated process, when in fact they are 3-clause.
Discussed with: pfg, imp
MFC after: 2 weeks
Sponsored by: Axcient
Xen VMs get a simulated serial device meant for use as a console. Often
an xterm or other advanced terminal is used, so use xterm as the type.
Depending on configuration, FreeBSD on Xen for amd64 may instead use an
emulated serial port, but the virtual console may also be available.
Submitted by: Elliott Mitchell <ehem+freebsd@m5p.com>
Reviewed by: imp (slightly earlier version)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D29873
The tty lists were already pretty similar and there hadn't been any real
need for them to remain distinct for some time. As such, merge to a
single file.
The RISC-V console is preserved. For systems where it doesn't exist, its
presence in /etc/ttys is harmless. The uncommented version of the
ttyv8/XDM line from ttys.amd64 was the one chosen.
Reviewed by: imp
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D30256
Add an option to dumpfs, `-s`, that only prints the super block information.
Reviewed by: chs, imp
Differential Revision: https://reviews.freebsd.org/D30881
As for example pfctl -ss keeps calling it, it saves a lot of overhead
from elided parsing of /etc/nsswitch.conf and /etc/protocols.
Sample result when running a pre-nvlist binary with nfs root and dumping
7 mln states:
before: 24.817u 62.993s 1:28.52 99.1%
after: 8.064u 1.117s 0:18.87 48.5%
Idea by Jim Thompson
Reviewed by: kp
Sponsored by: Rubicon Communications, LLC ("Netgate")
