This change includes the framework for testing the auditability of various
syscalls, and includes changes for the first 12. The tests will start
auditd(8) if needed, though they'll be much faster if it's already running.
The syscalls tested in this commit include mkdir(2), mkdirat(2), mknod(2),
mknodat(2), mkfifo(2), mkfifoat(2), link(2), linkat(2), symlink(2),
symlinkat(2), rename(2), and renameat(2).
Submitted by: aniketp
MFC after: 2 weeks
Sponsored by: Google, Inc (GSoC 2018)
Differential Revision: https://reviews.freebsd.org/D15286
The lmc(4) driver was removed in r333144 and relevant files added to
ObsoleteFiles.inc, however, include/sys/dev/lmc was not removed from mtree
and is recreated on every install. Remove it from mtree.
Reviewed by: imp, emaste
Approved by: emaste
Differential Revision: https://reviews.freebsd.org/D15590
switch the default kldxref_enable to YES.
The reason is that it's required for every image that's being cross-built,
as kldxref(8) cannot handle files for non-native architectures. For the
one that is not - amd64 - having it on by default doesn't change anything;
the script is noop if the linker.hints already exists.
MFC after: 2 weeks
Sponsored by: DARPA, AFRL
The current support for setting environment via foo_env="" in rc.conf is
not scalable and does not handle envs with spaces in the value. It seems
a common pattern for some newer software is to skip configuration files
altogether and rely on the env. This is well supported in systemd unit
files and may be the inspiration for this trend.
MFH: 1 week
Differential Revision: https://reviews.freebsd.org/D14453
contain any kernel modules. This makes the common case completely silent,
as it should be.
Reviewed by: imp@
MFC after: 2 weeks
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D14694
This is a component of a system which lets the kernel dump core to
a remote host after a panic, rather than to a local storage device.
The server component is available in the ports tree. netdump is
particularly useful on diskless systems.
The netdump(4) man page contains some details describing the protocol.
Support for configuring netdump will be added to dumpon(8) in a future
commit. To use netdump, the kernel must have been compiled with the
NETDUMP option.
The initial revision of netdump was written by Darrell Anderson and
was integrated into Sandvine's OS, from which this version was derived.
Reviewed by: bdrewery, cem (earlier versions), julian, sbruno
MFC after: 1 month
X-MFC note: use a spare field in struct ifnet
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D15253
Remove line about allowed flags. It was missing 'pRTY' and is duplicative
of the man page. It didn't describe the flags in any detail to help
remind users of how to configure newsylog.
User-visible changes:
"-u" is added to to list of command line options supported by bthidd.
Use it to enable evdev support. uinput and evdev modules should be
kld-loaded or compiled into the kernel in that case.
bthidd_evdev_support rc.conf variable is added to control enabling of
evdev support in bthidd startup script. Possible values are: "YES", "NO",
"AUTO"(default). Setting bthidd_evdev_support to "AUTO" inserts "-u" option
if kernel is compiled with EVDEV_SUPPORT option enabled.
Support for consumer HID usage page keyboard events is implemented. Most of
them are available only through evdev protocol.
kern.evdev.rcpt_mask sysctl is checked, so "sysctl kern.evdev.rcpt_mask=12"
should be executed if EVDEV_SUPPORT is compiled into kernel.
It is recommended to regenerate bthidd.conf entries with bthidcontrol(8)
"Query" command to set user-friendly names of bluetooth devices.
Reviewed by: emax, gonzo, wblock (docs), bcr (docs, early version)
Differential Revision: https://reviews.freebsd.org/D13456
r288291 added a call to limits(1), which isn't available before partitions
are mounted. This broke the ddb rc script, which does not provide its own
start_cmd.
Alleviate the situation here by providing a start_cmd. We still have other
problems with diskless setups that need to be considered, but this is a
start.
PR: 206291
Submitted by: cy
Discussed with: rgrimes
MFC after: 3 days
fget_cap() tries to do a cheaper snapshot of a file descriptor without
holding the file descriptor lock. This snapshot does not do a deep
copy of the ioctls capability array, but instead uses a different
return value to inform the caller to retry the copy with the lock
held. However, filecaps_copy() was returning 1 to indicate that a
retry was required, and fget_cap() was checking for 0 (actually
'!filecaps_copy()'). As a result, fget_cap() did not do a deep copy
of the ioctls array and just reused the original pointer. This cause
multiple file descriptor entries to think they owned the same pointer
and eventually resulted in duplicate frees.
The only code path that I'm aware of that triggers this is to create a
listen socket that has a restricted list of ioctls and then call
accept() which calls fget_cap() with a valid filecaps structure from
getsock_cap().
To fix, change the return value of filecaps_copy() to return true if
it succeeds in copying the caps and false if it fails because the lock
is required. I find this more intuitive than fixing the caller in
this case. While here, change the return type from 'int' to 'bool'.
Finally, make filecaps_copy() more robust in the failure case by not
copying any of the source filecaps structure over. This avoids the
possibility of leaking a pointer into a structure if a similar future
caller doesn't properly handle the return value from filecaps_copy()
at the expense of one more branch.
I also added a test case that panics before this change and now passes.
Reviewed by: kib
Discussed with: mjg (not a fan of the extra branch)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D15047
OpenCSD is an ARM CoreSight(tm) trace packets decoder.
- Connect libopencsd to the arm64 build.
- Install opencsd headers to /usr/include/opencsd/
Sponsored by: DARPA, AFRL
summits at BSDCan and BSDCam in 2017.
The TCP Blackbox Recorder allows you to capture events on a TCP connection
in a ring buffer. It stores metadata with the event. It optionally stores
the TCP header associated with an event (if the event is associated with a
packet) and also optionally stores information on the sockets.
It supports setting a log ID on a TCP connection and using this to correlate
multiple connections that share a common log ID.
You can log connections in different modes. If you are doing a coordinated
test with a particular connection, you may tell the system to put it in
mode 4 (continuous dump). Or, if you just want to monitor for errors, you
can put it in mode 1 (ring buffer) and dump all the ring buffers associated
with the connection ID when we receive an error signal for that connection
ID. You can set a default mode that will be applied to a particular ratio
of incoming connections. You can also manually set a mode using a socket
option.
This commit includes only basic probes. rrs@ has added quite an abundance
of probes in his TCP development work. He plans to commit those soon.
There are user-space programs which we plan to commit as ports. These read
the data from the log device and output pcapng files, and then let you
analyze the data (and metadata) in the pcapng files.
Reviewed by: gnn (previous version)
Obtained from: Netflix, Inc.
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D11085
The former is fairly vague; these are FDT overlays to be applied to the
running system, so /boot/dtb is a sensible location to put it without
cluttering up /boot/dtb even further if desired.
r328013 introduced a new error code from fsck_ffs that indicates that
it could not completely fix the file system; this happens when it
prints the message PLEASE RERUN FSCK. However, this status can happen
when fsck is run in "preen" mode and the rc.d/fsck script does not
handle that error code. Modify rc.d/fsck so that if "fsck -p"
("preen") returns the new status code (16) it will run "fsck -y", as
it currently does for a status code of 8 (the "standard error exit").
Reported by: markj
Reviewed by: mckusick, markj, ian, rgrimes
MFC after: 3 days
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D14679
ConnectX-4/5 devices in mlx5core.
The dump is obtained by reading a predefined register map from the
non-destructive crspace, accessible by the vendor-specific PCIe
capability (VSC). The dump is stored in preallocated kernel memory and
managed by the mlx5tool(8), which communicates with the driver using a
character device node.
The utility allows to store the dump in format
<address> <value>
into a file, to reset the dump content, and to manually initiate the
dump.
A call to mlx5_fwdump() should be added at the places where a dump
must be fetched automatically. The most likely place is right before a
firmware reset request.
Submitted by: kib@
MFC after: 1 week
Sponsored by: Mellanox Technologies
(Due to some misconfiguration) I ended up with _mask set to
"-v<something>", and /etc/rc.d/jail then failed with
"expr: illegal option -- v".
Use "expr --" so that variable content is never interpreted as an
option.
Reviewed by: jamie
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D14535
When checking the validity of the pf.conf file also include the user supplied
pf_flags. These flags might overrule macros or specify anchors, which we will
apply when actually applying the pf.conf file, so we must also take them into
account when verifying the validity.
Submitted by: Andreas Longwitz <longwitz at incore.de>
MFC after: 3 weeks
pfctl only takes the last '-F' argument into account, so this never did what
was intended.
Moreover, there is no reason to flush rules before reloading, because pf keeps
track of the rule which created a given state. That means that existing
connections will keep being processed according to the rule which originally
created them. Simply reloading the (new) rules suffices. The new rules will
apply to new connections.
PR: 127814
Submitted by: Andreas Longwitz <longwitz at incore.de>
MFC after: 3 weeks
It was originally written by Sun as part of the STF (Solaris test framework).
They open sourced it in OpenSolaris, then HighCloud partially ported it to
FreeBSD, and Spectra Logic finished the port. We also added many testcases,
fixed many broken ones, and converted them all to the ATF framework. We've had
help along the way from avg, araujo, smh, and brd.
By default most of the tests are disabled. Set the disks Kyua variable to
enable them.
Submitted by: asomers, will, justing, ken, brd, avg, araujo, smh
Sponsored by: Spectra Logic Corp, HighCloud
after r190575 there is an option to call rc.firewall with the firewall_type
passed in as an argument.
Submitted by: David P. Discher <dpd@dpdtech.com>
MFC after: 3 weeks.
Sponsored by: iXsystems Inc.
Differential Revision: https://reviews.freebsd.org/D14286
appearing as a single argument passed to devmatch(8).
Don't depend on "sort" utility from usr/bin which might not be
available when devd is started.
Sponsored by: Mellanox Technologies
In devd/devmatch.conf, we need to pass the event to the devmatch
serivce. It gets passed to devmatch -p for matching. We always pass
this, unlike hps' original patch, so we kill two birds with one stone
and only match modules to the event passed in.
Submitted by: hps@
Sponsored by: Netflix
to parse rather than searching for all events. Pass with new -p arg to
devmatch. devmatch will use that one event rather than walking the
entire tree.
kldload will stop at the first failure. So we need to loop. Also,
symbolic links may confused kldload into trying (and failing) to load
multiple modules at once, so guard against that.
Noticed by: hps (with similar patch)
Sponsored by: Netflix
Turn devmatch on by default. However, use 'start' instead of
'onestart' in the devmatch.conf file so the setting of
'devmatch_enable' is honored. Give an example of what to put in
devd.conf if you want to disable just the run-time part of devmatch.
Relnotes: yes