Use the date of the last commit from gj@ (d276a4dfa6f5f3711808eff44ff20a92114b4d6e)
Note that for other developers the date is that when the commit bit was taken
in.
Currently, sysctls which enable KDB in some way are flagged with
CTLFLAG_SECURE, meaning that you can't modify them if securelevel > 0.
This is so that KDB cannot be used to lower a running system's
securelevel, see commit 3d7618d8bf. However, the newer mac_ddb(4)
restricts DDB operations which could be abused to lower securelevel
while retaining some ability to gather useful debugging information.
To enable the use of KDB (specifically, DDB) on systems with a raised
securelevel, change the KDB sysctl policy: rather than relying on
CTLFLAG_SECURE, add a check of the current securelevel to kdb_trap().
If the securelevel is raised, only pass control to the backend if MAC
specifically grants access; otherwise simply check to see if mac_ddb
vetoes the request, as before.
Add a new secure sysctl, debug.kdb.enter_securelevel, to override this
behaviour. That is, the sysctl lets one enter a KDB backend even with a
raised securelevel, so long as it is set before the securelevel is
raised.
Reviewed by: mhorne, stevek
MFC after: 1 month
Sponsored by: Juniper Networks
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D37122
This does not remove LLVM_TARGET_MIPS. Note that the only
MACHINE_ARCH values ending in 'hf' were all MIPS architectures, hence
removing the pattern matches for 'hf'.
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D39331
Make userland tools such as netstat, route, arp and ndp use
either netlink or rtsock interfaces based on the NETLINK_SUPPORT
options.
Both NETLINK and NETLINK_SUPPORT options are turned on by default.
Reviewed By: eugen
Differential Revision: https://reviews.freebsd.org/D39148
Add myself as a doc committer, mentored by carlavilla and dbaio.
Approved by: carlavilla (mentor)
Differential Revision: https://reviews.freebsd.org/D39254
- Improve the wording that describes cnt and hz (avoid "the long haul")
- Use .Fa for function arguments
- Fix formatting of parenthesis around swi(9) xref
- removed xref to non-existent options(4)
- xref polling(4)
- consistently list xrefs in SEE ALSO
- xref eventtimers(9) in SEE ALSO
Reviewed by: mav, rpokala
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39137
timeout(9) was removed a couple of years ago; all consumers now use the
callout(9) interface.
Explicitly do not bump .Dd anywhere, as this is not a content or
semantic change.
Reviewed by: markj, jhb, Pau Amma <pauamma@gundo.com>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39136
Add more details about the execution and purpose of these shutdown
handlers. Make a point to mention the requirement that they can be run
in a normal or panic context. Add some simple examples.
Add a brief comment to the declaration in sys/eventhandler.h.
Reviewed by: markj
Discussed with: rpokala, Pau Amma <pauamma@gundo.com>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39135
- This function no longer disables interrupts
- MLINK to reboot.9
- The mentions of autoconfiguration is more about shutdown_nice(),
coming in the next commit.
- Describe the RB_* flags relevant to this function
- Describe behaviour when shutdown hooks fail the reset
- Describe expected execution contexts
- Add FF copyright
- xref panic(9)
- xref this page in reboot(2)
Reviewed by: markj
Discussed with: rpokala, Pau Amma <pauamma@gundo.com>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39133
- Better description of what the panic() function does
- Document KERNEL_PANICKED()
- Add a section describing panic execution context
- Add SEE ALSO
Reviewed by: kib, markj, rpokala
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39132
- Add a little bit of introductory text
- Improve the existing example: ANSI C, use a better assertion than a
NULL check (which is discouraged)
- Document the widely used MPASS macro in this page
- Drop the cross-reference to config(8)
Reviewed by: kib, markj, rpokala, Pau Amma <pauamma@gundo.com>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39131
- Document CRITICAL_ASSERT() in this man page.
- Clarify that a thread may also handle interrupts in a critical
section, not only faults/exceptions.
- Note the negative effects of critical section abuse
- Some other minor clarifications
- Add short SEE ALSO
Reviewed by: kib, markj, rpokala, Pau Amma <pauamma@gundo.com>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39130
These functions, vcount() and count_dev(), no longer exist in the source
tree.
Reviewed by: rpokala
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39128
Use .An -nosplit for the AUTHORS section, so that
it renders without an unnecessary newline.
No .Dd bump since it isn't a content change.
MFC after: 3 days
This will build etdump, makefs and mkimg as bootstrap tools to allow
easily creating disk images. Note that etdump is bootstrapped due to its
use in the release scripts for building ISO images.
Reviewed by: emaste, arichardson
Differential Revision: https://reviews.freebsd.org/D39072
Since 9503d2704c LOADER_ZFS gets turned off when ZFS is, and since
63715498ac ZFS is no longer disabled on powerpc and powerpcspe.
Reviewed by: emaste
Fixes: 9503d2704c ("opts: Minor cleanup of ZFS options")
Fixes: 63715498ac ("powerpc: enable ZFS on 32 bit powerpc/powerpcspe")
Differential Revision: https://reviews.freebsd.org/D39071
RFC 4443 specifies cases where certain packets, like those originating from
local-scope addresses destined outside of the scope shouldn't be forwarded.
The current practice is to drop them, send ICMPv6 message where appropriate,
and log the message:
cannot forward src fe80:10::426:82ff:fe36:1d8, dst 2001:db8:db8::10, nxt
58, rcvif vlan5, outif vlan2
At times the volume of such messages cat get very high. Let's allow local
admins to disable such messages on per vnet basis, keeping the current
default (log).
Reported by: zarychtam@plan-b.pwste.edu.pl
Reviewed by: zlei (previous version), pauamma (docs)
Differential Revision: https://reviews.freebsd.org/D38644
Mark ZFS broken here too, add comment about why. Add comments about
OFED being disabled on 32-bit arm, add comment about why too.
Sponsored by: Netflix
Remove redundant CPUARCH test: we really just want a plain MACHINE_ARCH
here.
Second, always turn off LOADER_ZFS when we turn off ZFS. Not 100%
required, but we did it some places and not others. There's no current
mechanism to say that if X is disabled then X_Y must be too.
Sponsored by: Netflix
