running kernel instead of the stats of the crashed kernel. The current
version uses sysctls to query the stats and does not work at all (anymore)
on crash dumps.
Repeating the default WARNS here makes it slightly more difficult to
experiment with default WARNS changes, e.g. if we did something absolutely
bananas and introduced a WARNS=7 and wanted to try lifting the default to
that.
Drop most of them; there is one in the blake2 kernel module, but I suspect
it should be dropped -- the default WARNS in the rest of the build doesn't
currently apply to kernel modules, and I haven't put too much thought into
whether it makes sense to make it so.
In order to prioritize iSCSI traffic across a network,
DSCP can be used. In order not to rely on "ipfw setdscp"
or in-network reclassification, this adds the dscp value
directly to the portal group (where TCP sessions are accepted).
The incoming iSCSI session is first handled by ctld for any
CHAP authentication and the socket is then handed off to the
in-kernel iscsi driver without modification of the socket
parameters. Simply setting up the socket in ctld is sufficient
to keep sending outgoing iSCSI related traffic with the
configured DSCP value.
Reviewed by: mav, trasz
MFC after: 2 weeks
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D26385
Prune dead mirrors from the list of mirrors in bsdconfig and bsdinstall.
All these return NXDOMAIN when trying to resolve them.
Reviewed by: emaste
Approved by: emaste
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D26535
When the DEVICE_PATH is <= 4 that means it's effectively empty. I have
a laptop that has a BIOS that likes to generate these:
8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot2001
0000: 01 00 00 00 04 00 45 00 46 00 49 00 20 00 55 00
0010: 53 00 42 00 20 00 44 00 65 00 76 00 69 00 63 00
0020: 65 00 00 00 7f ff 04 00 52 43
which now decodes as
8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot2001
* EFI USB Device
Empty path
Option:
0000: 52 43
which matches my hand-decode.
Add an extra newline after Option: to make it look nice.
I suspect that these entries really should be VenHw entries instead,
but my ability to change that is NIL, so cope with them as best we can.
efibootmgr(8)'s output is fine and doesn't need adjusting.
For a long period value and the duty specified as a percentage,
there could be an overflow.
Using unsigned integers aligns the code with struct pwm_state and allows
to safely use periods up to 4 seconds where supported by drivers.
MFC after: 2 weeks
received.
The default system log rotation mechanism (newsyslog(8)) requires ability to send
signal to a daemon in order to properly complete rotation of the logs in an "atomic"
manner without having to making a copy and truncating original file. Unfortunately
our built-in mechanism to convert "dumb" programs into daemons has no way to handle
this rotation properly. This change adds this ability, to be enabled by supplying -H
option in addition to the -o option.
Reviewed by: markj, rpokala (manpages)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D26526
* powerpc time_t is 64 bit, not 32 bit.
* Add definition for powerpc64le.
With this, powerpc64le ntpd and ntpdate operate correctly instead of
corrupting the clock and exiting.
Tested on powerpc64, powerpc64le, and powerpc.
No feedback from cy@.
I am a bit confused as to how SIZEOF_TIME_T being wrong ever worked on
powerpc, it being big endian and all.
Sponsored by: Tag1 Consulting, Inc.
Differential Revision: https://reviews.freebsd.org/D26379
This fixes a compile issue under gcc6 which complains about
legacy style C function declarations.
Differential Revision: https://reviews.freebsd.org/D26504
This allows us to redirect its output in cmd_cron, so that the
"src component not installed, skipped" message will be treated
the same way as other output from freebsd-update cron: Sent
in an email to root (or other address specified) if there are
updates to install, and silenced otherwise.
PR: 202492
MFC After: 1 week
Differential Revision: https://reviews.freebsd.org/D26432
The current default is provided in various Makefile.inc in some top-level
directories and covers a good portion of the tree, but doesn't cover parts
of the build a little deeper (e.g. libcasper).
Provide a default in src.sys.mk and set WARNS to it in bsd.sys.mk if that
variable is defined. This lets us relatively cleanly provide a default WARNS
no matter where you're building in the src tree without breaking things
outside of the tree.
Crunchgen has been updated as a bootstrap tool to work on this change
because it needs r365605 at a minimum to succeed. The cleanup necessary to
successfully walk over this change on WITHOUT_CLEAN builds has been added.
There is a supplemental project to this to list all of the warnings that are
encountered when the environment has WARNS=6 NO_WERROR=yes:
https://warns.kevans.dev -- this project will hopefully eventually go away
in favor of CI doing a much better job than it.
Reviewed by: emaste, brooks, ngie (all earlier version)
Reviewed by: emaste, arichardson (depend-cleanup.sh change)
Differential Revision: https://reviews.freebsd.org/D26455
The language id of String Descriptors in usb mouse is
0x0904, while the spec require 0x0409 (English - United States)
Submitted by: Wanpeng Qian
Reviewed by: grehan
Approved by: grehan (#bhyve)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D26472
As of r365829, any given base distribution set will now include the /etc/ssl
symlinks that this rehash would've otherwise installed. This extra step is
no longer required.
MFC after: 1 week
X-MFC-With: r365837
Don't permit setting the exception bitmap or VMCS entry interrupt
information. These are not generally useful to set. If it is needed
in the future, dedicated pseudo registers can be added for these that
would be used with vm_set_register().
Discussed with: grehan
MFC after: 1 week
The first issue was lack of quoting around INSTALLFLAGS, which set it
incorrectly and produced an error on -M.
The second issue was that we weren't actually doing the install in
unprivileged mode, making it effectively useless. This was designed to pass
through the proper metalog/unpriv flags to install(1), so just let it
happen.
MFC after: 3 days
This would allow interested parties to do experimental runs with an
environment set appropriately to raise all the warnings throughout the
build; e.g. env WARNS=6 NO_WERROR=yes buildworld.
Not currently touching the numerous instances in ^/tools.
MFC after: 1 week
This was revealed by the rescue build with a patch I'm working on to default
WARNS=6 everywhere. The issues resolved were:
- Missing prototype for _crunched_${ident}_stub in the *_stub.c generated
bits
- Missing prototype for crunched_main
- Incomplete prototype for _crunched_${ident}_stub in the generated parts of
crunched_main
- Literal strings in the stub table must drop const qualifier, unless we
const'ify name
- f field in struct stub didn't have a proper prototype
Most of these issues are minor formalities and easily addressed.
I note that if my patch to eventually raise WARNS for the rescue build
lands, we'll need to bump the __FreeBSD_version requirement for
bootstrapping crunchgen and wipe out the rescue .OBJDIR if it's stale, which
we should be able to detect pretty easily from a couple of the issues that
have been fixed here.
Reviewed by: arichardson
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26363
Currently, certctl rehash will just keep clobbering .0 rather than
incrementing the suffix upon encountering a duplicate. Do this, and do it
for blacklisted certs as well.
This also improves the situation with the blacklist to be a little less
flakey, comparing cert fingerprints for all certs with a matching subject
hash in the blacklist to determine if the cert we're looking at can be
installed.
Future work needs to completely revamp the blacklist to align more with how
it's described in PR 246614. In particular, /etc/ssl/blacklisted should go
away to avoid potential confusion -- OpenSSL will not read it, it's
basically certctl internal.
PR: 246614
Reviewed by: Michael Osipov <michael.osipov siemens com>
Tested by: Michael Osipov
With suggestions from: Michael Osipov
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26167
Currently, WITHOUT_PORTSNAP forces WITHOUT_FREEBSD_UPDATE because the
latter relies on phttpget, which lives inside the portsnap build bits.
Remove the dependency between these two options by moving phttpget out into
^/libexec and building/installing it if either WITH_PORTSNAP or
WITH_FREEBSD_UPDATE.
Future work could remove the conditional if it's decided that users will use
it independently of either the current in-base consumers.
Reported by: swills
Reviewed by: jilles, emaste
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D26255
Just using MD5, SHA1, RMD160 and SHA256 for defines collides with
functions of the same name in OpenSSL. This can cause compilation
issues in downstream consumers if they use OpenSSL for the hash
functions instead of libmd.
Reviewed by: sjg
Obtained from: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D26321
The caller-supplied pointer is unconditionally dereferenced at the
beginning of the function, so there is no point in comparing it with
NULL thereafter.
Reported by: Coverity
MFC after: 1 week
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
from the kernel, but let's try to be on the safe side.
Reviewed by: mav
MFC after: 2 weeks
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D26246
the wrong length to strlcpy(3). It looks like it could overflow into
the next field, isc_user, which is properly long to accomodate for it;
I don't think it could cause any harm other than breaking the connection.
Reviewed by: mav
MFC after: 2 weeks
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D26247
Three new export flags are added to mountd that will restrict exported
file system mounts to use TLS. Without these flags, TLS is allowed, but not
required.
The exports(5) man page will be updated in a future commit.
clash, or redefining name/jid). The current behvaior, of merely warning
and moving on, can lead to unexpected behavior when a jail is created
without the offending parameter defined at all.
The OsIndications UEFI variable can request the firware to stop at
its UI instead of continuing with boot. Add flags for setting and
clearing this request.
Reviewed by: manu, bcr (manpages)
Approved by: scottl (implicit)
MFC after: 1 week
Sponsored by: Ampere Computing, Inc.
Differential Revision: https://reviews.freebsd.org/D25839
While we do support the "O bit" running a script (usually to start a
dhcpv6 client) we have no options for setups which set the "M bit" for,
e.g., static address assignment as in EC2.
Duplicate most of the "O bit" logic to also start a script for the
"M bit" with the one difference: if the "M bit" is set we will not
start the script for the "O bit" as well (per RFC 4861, Section 4.2).
Reviewed by: hrs, markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26099
The macOS assert.h header does not define static_assert when compiling in
C99 mode. To fix this compile with -std=c11.
Reviewed By: emaste
Differential Revision: https://reviews.freebsd.org/D25928
