This is the current behaviour in OpenBSD and a similar patch exist in
pfSense too.
Obtained from: OpenBSD (partly - rev. 1.625)
MFC after: 2 weeks
Sponsored by: Rubicon Communications (Netgate)
In case where the two events were being received in separate reads, the
event buffer was being null-terminated at the wrong offset.
Also, factored out some common code between the tests, and fixed a comment.
Submitted by: will
MFC after: 3 days
Sponsored by: Spectra Logic Corp
in one command due to wrong file size limit. Do not use bootcode size
to calculate partsize limit.
Also add report message about successful partcode writing.
Reported by: Trond Endrestøl
MFC after: 2 weeks
This flag indicates that the user wishes to use the GELIBOOT feature to boot from a fully encrypted root file system.
Currently, GELIBOOT does not support key files, and in the future when it does, they will be loaded differently.
Due to the design of GELI, and the desire for secrecy, the GELI metadata does not know if key files are used or not, it just adds the key material (if any) to the HMAC before the optional passphrase, so there is no way to tell if a GELI partition requires key files or not.
Since the GELIBOOT code in boot2 and the loader does not support keys, they will now only attempt to attach if this flag is set. This will stop GELIBOOT from prompting for passwords to GELIs that it cannot decrypt, disrupting the boot process
PR: 208251
Reviewed by: ed, oshogbo, wblock
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D5867
program without listening to the devd socket for all events. Define
two new pseudo variables $*, the entire event from devctl and $_,
the entire event without the type character, since it might be easier
to use in some circumstances.
Among other things this gives us the ability to find outthe syscall number of a dynamically loaded syscall that has a dynamicly allocated vector number.
MFC after: 1 week
Sponsored by: Panzura inc.
The standards in the QSFP diagnostics area are not clear when the
additional measurements are present or not. Use a valid temperature
reading as an indicator for the presence of voltage and TX/RX power
measurements.
MFC after: 1 week
Sponsored by: Mellanox Technologies
Tested by: Netflix
Differential Revision: https://reviews.freebsd.org/D5391
Reviewed by: gallatin
This displays the IE names in ifconfig but it doesn't yet decode things.
Submitted by: Idwer Vollering <vidwer@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3782
strlcpy(3) null terminates but does not zero-fill the buffer, so would
leave beind any portion of the previous volume label longer than the
new one.
Note that tunefs only allows -L args up to a length of MAXVOLLEN-1, so
the stored label will be null-terminated (whether or not required by
UFS).
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.
Discussed with: pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by: drysdale@google.com, bdrewery
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4277
These are no longer needed after the recent 'beforebuild: depend' changes
and hooking DIRDEPS_BUILD into a subset of FAST_DEPEND which supports
skipping 'make depend'.
Sponsored by: EMC / Isilon Storage Division
If one does 'ifconfig tap create name blah', it will return error because the
'name' command doesn't properly populate the request sent to ioctl(...). The
'description' command has the same bug, and is also fixed with this patch.
If one does 'ifconfig tap create mtu 9000 name blah', it DOES work, but 'tap0'
(or other sequence number) is echoed, instead of the expected 'blah'. (assuming
the name change actually succeeded)
Submitted by: Marie Helene Kvello-Aune <marieheleneka@gmail.com>
Differential Revision: https://reviews.freebsd.org/D5341
of their individual packages based on MK_foo evaluation.
There is no intent to split inet/inet6 or other similar
combinations for package creation, since they are created
during build time.
Noticed/prodded by: lidl
Sponsored by: The FreeBSD Foundation
The variable isn't actually checked -- just the end result which gets
returned from the function
Differential Revision: https://reviews.freebsd.org/D5156
Reviewed by: araujo, delphij
MFC after: 1 month
Sponsored by: EMC / Isilon Storage Division
embedded structures out of a packed, unaligned struct into local copies
on the stack which are aligned.
The original patch to do this was submitted by Guy Yur <guyyur@gmail.com>,
and this is conceptually the same change, but restructured with the
#ifndef __NO_STRICT_ALIGNMENT wrapper, similar to how the same issue is
handled in the kernel pf code.
PR: 185617
PR: 206658
Some of the structures referenced in power.c (in particular
struct nvme_power_state) are missing from sbin/nvmecontrol/
Pointyhat to: imp
Reported by: Jenkins [*], O. Hartmann <ohartman@zedat.fu-berlin.de>, Outback Dingo <outbackdingo@gmail.com>
The tests will manipulate the system daemon today, which can cause undesired
service interruption when the tests are run.
This change allows the geom_gate tests to be run with an arbitrary ggated(8)
daemon / geom_gate(4) device pairing.
Other changes:
- Sort #includes
- Use a more common idiom for parsing options with getopt(3)
Differential Revision: https://reviews.freebsd.org/D4836
MFC after: 2 weeks
Reviewed by: bjk (manpages), pjd (maintainer timeout)
Sponsored by: EMC / Isilon Storage Division
sent using roundrobin protocol and set a better granularity and distribution
among the interfaces. Tuning the number of packages sent by interface can
increase throughput and reduce unordered packets as well as reduce SACK.
Example of usage:
# ifconfig bge0 up
# ifconfig bge1 up
# ifconfig lagg0 create
# ifconfig lagg0 laggproto roundrobin laggport bge0 laggport bge1 \
192.168.1.1 netmask 255.255.255.0
# ifconfig lagg0 rr_limit 500
Reviewed by: thompsa, glebius, adrian (old patch)
Approved by: bapt (mentor)
Relnotes: Yes
Differential Revision: https://reviews.freebsd.org/D540
The upcoming GELI support in the loader reuses parts of this code
Some ifdefs are added, and some code is moved outside of existing ifdefs
The HMAC parts of GELI are broken out into their own file, to separate
them from the kernel crypto/openssl dependant parts that are replaced
in the boot code.
Passed the GELI regression suite (tools/regression/geom/eli)
Files=20 Tests=14996
Result: PASS
Reviewed by: pjd, delphij
MFC after: 1 week
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D4699
cperciva's libmd implementation is 5-30% faster
The same was done for SHA256 previously in r263218
cperciva's implementation was lacking SHA-384 which I implemented, validated against OpenSSL and the NIST documentation
Extend sbin/md5 to create sha384(1)
Chase dependancies on sys/crypto/sha2/sha2.{c,h} and replace them with sha512{c.c,.h}
Reviewed by: cperciva, des, delphij
Approved by: secteam, bapt (mentor)
MFC after: 2 weeks
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D3929
sbin/mount.c
Check whether an fstab entry has the same fstype as a mounted
filesystem before declaring it to be mounted. This will allow NFS
filesystems that share a mountpoint with a local filesystem to be
automatically mounted at boot.
This is not such an unusual situation. For example, if somebody uses
the standard installer with a ZFS root, he'll get a /usr/home
filesystem, even though he may choose to mount /usr/home over NFS.
Reviewed by: trasz
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D4556
Add -N flag to reboot(8) which bypasses the userland sync(2) during
reboot(8) while still allow the kernel sync during the reboot(2) syscall
to occur.
An example use of this is when rebooting with disconnected iSCSI sessions
which would otherwise cause the reboot to hang on BIOs that will never
complete.
Reviewed by: bjk
MFC after: 2 weeks
Sponsored by: Multiplay
Differential Revision: https://reviews.freebsd.org/D4449
it looks, because we'll hit the sockbuf's mbuf limit long before hitting its
data limit. A 256KB data limit allows creating a ZFS pool on about 450
drives without overflowing the client socket buffers.
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D4476
the real build file.
This lessens the need to define DPADD_<lib> and LDADD_<lib> to just very
special cases.
Sponsored by: EMC / Isilon Storage Division
This had no real impact since libipf is a static INTERNALLIB. It does conflict
with an assertion I am adding for LIBADD though.
Sponsored by: EMC / Isilon Storage Division
This is not properly respecting WITHOUT or ARCH dependencies in target/.
Doing so requires a massive effort to rework targets/ to do so. A
better approach will be to either include the SUBDIR Makefiles directly
and map to DIRDEPS or just dynamically lookup the SUBDIR. These lose
the benefit of having a userland/lib, userland/libexec, etc, though and
results in a massive package. The current implementation of targets/ is
very unmaintainable.
Currently rescue/rescue and sys/modules are still not connected.
Sponsored by: EMC / Isilon Storage Division
Unfortunately filemon/meta mode tracks all indirect dependencies here
since ld(1) is reading libelf when linking in libkvm. Churn would be
reduced if this was able to be limited to direct dependencies.
Sponsored by: EMC / Isilon Storage Division
* remove regdomain.[ch] - it's now part of lib80211.
* convert ifieee80211.c to use the ioctl routines in lib80211 and
implement the "error? exit" wrapper behaviour the callers expect.
Right now net80211 is configured as type IBSS but then treats it
as mediatype ADHOC. This doesn't change that; it just correctly handles
being given a mediatype of IBSS.
