Commit Graph

7503 Commits

Author SHA1 Message Date
Pawel Jakub Dawidek
8da93e6861 MFp4 @229488:
Sandbox unprivileged process using capability mode.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:23:25 +00:00
Pawel Jakub Dawidek
a6f38228d4 MFp4 @229487:
Revoke all capability rights from STDIN and allow only for write to STDOUT and
STDERR. All those descriptors are redirected to /dev/null.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:22:29 +00:00
Pawel Jakub Dawidek
4c7a48b7a9 MFp4 @229486:
Once PID is written to the pidfile, revoke all capability rights.
We just want to keep the pidfile open.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:21:11 +00:00
Pawel Jakub Dawidek
fe5c716394 MFp4 @229485:
Only allow to overwrite lease file.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:19:43 +00:00
Pawel Jakub Dawidek
f73ac8b9de MFp4 @229484:
Limit routing socket so only poll(2) and read(2) are allowed (CAP_POLL_EVENT
and CAP_READ). This prevents unprivileged process from adding, removing or
modifying system routes.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:18:40 +00:00
Pawel Jakub Dawidek
de2c882f5c MFp4 @229483:
Limit communication pipe with privileged process to CAP_READ and CAP_WRITE.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:17:29 +00:00
Pawel Jakub Dawidek
3b2ed0659c MFp4 @229482:
- Limit bpf descriptor in unprivileged process to CAP_POLL_EVENT, CAP_READ and
  allow for SIOCGIFFLAGS, SIOCGIFMEDIA ioctls.
- While here limit bpf descriptor in privileged process to only CAP_WRITE.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:16:02 +00:00
Pawel Jakub Dawidek
235eb53002 MFp4 @229481:
Currently it was allowed to send any UDP packets from unprivileged process and
possibly any packets because /dev/bpf was open for writing.

Move sending packets to privileged process. Unprivileged process has no longer
access to not connected UDP socket and has only access to /dev/bpf in read-only
mode.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:12:54 +00:00
Pawel Jakub Dawidek
e374cef518 MFp4 @229480:
Shutdown write direction of the routing socket. We only need to read from it.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:09:02 +00:00
Pawel Jakub Dawidek
7fdc27bc51 MFp4 @229479:
- Add new request (IMSG_SEND_PACKET) that will be handled by privileged process.
- Add $FreeBSD$.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:07:55 +00:00
Pawel Jakub Dawidek
0bbe83068e MFp4 @229477:
The gethostname(3) function won't work in capability mode, because reading
kern.hostname sysctl is not permitted there.  Cache hostname early and use
cached value later.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:05:36 +00:00
Pawel Jakub Dawidek
c786bc9089 Remove redundant white-spaces. 2013-07-03 22:03:19 +00:00
Pawel Jakub Dawidek
b0f1b32afb MFp4 @229476,229478:
Make use of two fields: rfdesc and wfdesc to keep bpf descriptor open for
reading only in rfdesc and bpf descriptor open for writing only in wfdesc.
In the end they will be used by two different processes.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:01:52 +00:00
Pawel Jakub Dawidek
3a0fc7d8a9 MFp4 @229474:
iov_base field is 'void *' in FreeBSD, no need to cast.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 21:58:26 +00:00
Pawel Jakub Dawidek
e8da500388 MFp4 @229473:
No caller checks send_packet() return value, so make it void.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 21:57:24 +00:00
Pawel Jakub Dawidek
ba019ae51f MFp4 @229472:
Use the same type for 'from' and 'to' argument in send_packet().

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 21:53:54 +00:00
Pawel Jakub Dawidek
d1f4d85494 MFp4 @229471:
Remove unused argument from assemble_hw_header().

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 21:49:10 +00:00
Pawel Jakub Dawidek
592291c1e7 MFp4 @229470:
Remove unused argument from send_packet().

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 21:45:29 +00:00
Pawel Jakub Dawidek
181ab08d9e MFp4: @229469:
Garbage-collect dead prototypes.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 21:41:35 +00:00
Hiroki Sato
4099f7e640 Fix a typo (s/error/errno/). 2013-07-03 09:50:59 +00:00
Xin LI
fa3483e67c When listing with -f, skip all memory disks that are not vnode-backed.
Noticed by:	kevlo
MFC after:	3 days
2013-07-02 19:42:47 +00:00
Xin LI
1bf9e66cbc Plug a memory leak. 2013-07-02 17:34:34 +00:00
Alan Somers
967ecf4aed Explicitly include <cstdarg> to fix compilation with libc++. It is implicitly
included by libstdc++.

Reported By: Oliver Hartmann
Approved by: gibbs (co-mentor, implicit)
2013-07-02 14:48:39 +00:00
Bruce M Simpson
d32438c3f1 When acquiring a lease, record the value of the BOOTP siaddr field
contained in the DHCP offer, and write it out to the lease file
as an unquoted value of the "next-server" keyword. The value is ignored
when the lease is read back by dhclient, however other applications
are free to parse it.

The intent behind this change is to allow easier interoperability
with automated installation systems e.g. Cobbler, Foreman, Razor;
FreeBSD installation kernels can automatically probe the network
to discover deployment servers.  There are no plans to MFC this
change unless a backport is specifically requested.

The syntax of the "next-server <ip>" lease keyword is intended to be
identical to that used by the ISC DHCPD server in its configuration files.
The required defines are already present in dhclient but were unused before
this change. (Note: This is NOT the same as Option 66, tftp-server-name).

It has been exercised in a university protocol testbed environment, with
Cobbler and an mfsBSD image containing pc-sysinstall (driven by Cobbler
Cheetah templates). The SYSLINUX memdisk driver is used to boot mfsBSD.
Currently this approach requires that a dedicated system profile has
been created for the node where FreeBSD is to be deployed. If this
is not present, the pc-sysinstall wrapper will be unable to obtain
a node configuration. There is code in progress to allow mfsBSD images
to obtain the required hints from the memdisk environment by parsing
the MBFT ACPI chunk.  This is non-standard as it is not linked into
the platform's ACPI RSDT.

Reviewed by:	des
2013-07-02 13:24:37 +00:00
Warren Block
42c916d7ee Add a new gptboot(8) man page. Factor out the redundant information
in gpart(8) and boot(8), adding references to gptboot(8) in both.

Reviewed by:	jhb, ae, pjd, Paul Schenkeveld <bsdcan@psconsult.nl>, david_a_bright@dell.com (portions), gjb
MFC after:	1 week
2013-07-01 22:38:36 +00:00
Alan Somers
0285e9b1cf style(9) fixes, including the removal of page break characters. No functional
changes.

Approved by:	gibbs (co-mentor)
2013-07-01 21:49:17 +00:00
Alan Somers
be685e0128 Add a SIGINFO handler to devd. It will send useful statistics to syslog or
stderr as appropriate.  Currently, the only statistic printed is the number of
events received.

Reviewed by:	eadler
Approved by:	gibbs (co-mentor)
2013-07-01 21:33:05 +00:00
Alan Somers
6d1014a32b Add syslog(3) support to devd(8).
sbin/devd/devd.cc
        All output will now go to syslog(3) if devd is daemonized, or stderr
        if it's running in the foreground.

sbin/devd/devd.8
        Remove the "-D" flag.  Filtering messages by priority now
	happens in the usual syslog way.  For performance reasons, a few
	extra-verbose debugging statements are now conditional on the "-d" (do
	not daemonize) flag.

etc/syslog.conf
etc/newsyslog.conf
        Direct messages from devd(8) to /var/log/devd.log, but leave it
        disabled by default

Reviewed by:	eadler
Approved by:	gibbs (co-mentor)
MFC after:	never (removed a command-line option from devd)
2013-07-01 21:20:17 +00:00
Xin LI
0d8a14f9b1 Correct a typo in comment. 2013-07-01 21:18:39 +00:00
Mikolaj Golub
14f200d97e Make hastctl(1) ('list' command) output a worker pid.
Reviewed by:	pjd
MFC after:	3 days
2013-07-01 18:41:07 +00:00
Jens Schweikhardt
1862d13b8a Correct some grammar. 2013-06-30 17:59:40 +00:00
Hiroki Sato
33cfdcc3ba Do not display a warning message in a jail without AF_INET6 support.
MFC after:	3 days
2013-06-30 07:37:31 +00:00
Xin LI
8f8de1e127 - Modify swapon(8) so that it uses most of geli(8) defaults for swap,
which is presently: AES-XTS, no authentication.  Create provider
   with pagesize as sectorsize by default.
 - Rewrite parsing code for geli(8)-backed swap options, now options
   are required to be exact match, and unrecognized options will trigger
   a warning.
 - Don't initialize GELI device if it's already initialized.  This
   restores previous behavior.
 - Don't duplicate file descriptor when working with geli(8) and
   gbde(8) as there is no need to communicate with the utility other
   than exit status.
 - When calling swap_on_off_* routines, which_prog can only be SWAP_ON
   or SWAP_OFF.  Eliminate unneeded case branches by replacing switch
   with if's.
 - Plug a few memory leaks.

Reviewed by:	hrs (but bugs are mine)
MFC after:	1 week
X-MFC-with:	r252310, r252332, r252345
2013-06-29 22:04:04 +00:00
Ed Schouten
f758648022 Don't let hastd use C11 atomics.
Due to possible concerns about the stability of C11 atomics, use our
existing atomics API instead.

Requested by:	pjd
2013-06-29 20:13:39 +00:00
Joel Dahl
a9ca77e055 mdoc: remove EOL whitespace. 2013-06-29 16:05:44 +00:00
Davide Italiano
237abf0c56 - Trim an unused and bogus Makefile for mount_smbfs.
- Reconnect with some minor modifications, in particular now selsocket()
internals are adapted to use sbintime units after recent'ish calloutng
switch.
2013-06-28 21:00:08 +00:00
Hiroki Sato
d122ff71eb Fix build with gcc. 2013-06-28 16:24:14 +00:00
Hiroki Sato
cb754f614f Fix build.
Spotted by:	gjb
2013-06-28 05:09:01 +00:00
Hiroki Sato
268a55bc98 - Add vnode-backed swap space specification support. This is enabled when
device names "md" or "md[0-9]*" and a "file" option are specified in
  /etc/fstab like this:

  md    none    swap    sw,file=/swap.bin       0       0

- Add GBDE/GELI encrypted swap space specification support, which
  rc.d/encswap supported.  The /etc/fstab lines are like the following:

  /dev/ada1p1.bde       none    swap    sw      0       0
  /dev/ada1p2.eli       none    swap    sw      0       0

  .eli devices accepts aalgo, ealgo, keylen, and sectorsize as options.

  swapctl(8) can understand an encrypted device in the command line
  like this:

  # swapctl -a /dev/ada2p1.bde

- "-L" flag is added to support "late" option to defer swapon until
  rc.d/mountlate runs.

- rc.d script change:

    rc.d/encswap -> removed
    rc.d/addswap -> just display a warning message if $swapfile is defined
    rc.d/swap1 -> renamed to rc.d/swap
    rc.d/swaplate -> newly added to support "late" option

These changes alleviate a race condition between device creation/removal
and swapon/swapoff.

MFC after:	1 week
Reviewed by:	wblock (manual page)
2013-06-27 18:28:45 +00:00
Gleb Smirnoff
25fa33476b Fix build. 2013-06-27 10:42:09 +00:00
Jim Harris
49fac6101d Add firmware replacement and activation support to nvmecontrol(8) through
a new firmware command.

NVMe controllers may support up to 7 firmware slots for storing of
different firmware revisions.  This new firmware command supports
firmware replacement (i.e. firmware download) with or without immediate
activation, or activation of a previously stored firmware image.  It
also supports selection of the firmware slot during replacement
operations, using IDENTIFY information from the controller to
check that the specified slot is valid.

Newly activated firmware does not take effect until the new controller
reset, either via a reboot or separate 'nvmecontrol reset' command to the
same controller.

Submitted by:	Joe Golio <joseph.golio@emc.com>
Obtained from:	EMC / Isilon Storage Division
MFC after:	3 days
2013-06-27 00:08:25 +00:00
Jim Harris
75871362ad Add log page support to nvmecontrol(8) through a new logpage command.
This includes pretty printers for all of the standard NVMe log pages
(Error, SMART/Health, Firmware), as well as hex output for non-standard
or vendor-specific log pages.

Submitted by:	Joe Golio <joseph.golio@emc.com>
Obtained from:	EMC / Isilon Storage Division
MFC after:	3 days
2013-06-26 23:53:54 +00:00
Jim Harris
e83c9e35a7 Add generalized helper functions for printing hex data as part of
nvmecontrol commands.

Submitted by:	Joe Golio <joseph.golio@emc.com>
Obtained from:	EMC / Isilon Storage Division
MFC after:	3 days
2013-06-26 23:46:31 +00:00
Jim Harris
d2cdb28b6f Ensure that a device node is specified when invoking the identify or reset
commands.

Also improve the checking of device node names, so that better error
messages are displayed when incorrect names are specified.

Sponsored by:	Intel
MFC after:	3 days
2013-06-26 23:41:07 +00:00
Jim Harris
6420873cd6 Create #defines for NVME_CTRLR_PREFIX and NVME_NS_PREFIX for the "nvme"
and "ns" strings, rather than hardcoding the string values throughout the
nvmecontrol code base.

Sponsored by:	Intel
MFC after:	3 days
2013-06-26 23:20:08 +00:00
Jim Harris
7cdb43c490 Add an nvme_function structure array, defining the name, C function and
usage message for each nvmecontrol command.  This helps reduce some code
clutter both now and for future commits which will add logpage and
firmware support to nvmecontrol(8).

Also move helper function prototypes to the end of the header file, after
the per-command functions.

Sponsored by:	Intel
MFC after:	3 days
2013-06-26 23:11:20 +00:00
Jim Harris
28c091109b Break out code related to the reset command into a separate source file.
Sponsored by:	Intel
MFC after:	3 days
2013-06-26 23:05:48 +00:00
Jim Harris
bbc1ac6304 Break out code related to the perftest command into a separate file.
Sponsored by:	Intel
MFC after:	3 days
2013-06-26 23:02:48 +00:00
Jim Harris
6f0823e45d Break out code related to the identify command into a separate source file.
Sponsored by:	Intel
MFC after:	3 days
2013-06-26 23:00:42 +00:00
Jim Harris
6660d5e435 Break out code related to the devlist command into a separate source file.
Sponsored by:	Intel
MFC after:	3 days
2013-06-26 22:58:59 +00:00
Jim Harris
a4acc8c3df Add separate *_usage() functions for each nvmecontrol command.
Sponsored by:	Intel
MFC after:	3 days
2013-06-26 22:53:21 +00:00
Jim Harris
eadf2a44c2 Add an open_dev() helper function to be used in the various places
where nvmecontrol needs to open a handle to a controller or namespace
device node.

Sponsored by:	Intel
MFC after:	3 days
2013-06-26 22:50:49 +00:00
Hiroki Sato
db3fdd7f63 - Use length of _PATH_DEV instead of a hardcoded value[*].
- Use MD_NAME for "md".

Pointed out by:	trasz [*]
MFC after:	1 week
2013-06-21 01:47:22 +00:00
Hiroki Sato
dc017e3401 eturn -1 when the specified backing store file is not found in the md
device list.

MFC after:	1 week
2013-06-20 17:01:02 +00:00
Hiroki Sato
b78ae23fdd - Add "-f file" support to listing mode (-l). When a -f option is
specified, only md(4) devices which have the specified file as backing
  store are displayed.
- Use MD_NAME instead of "md".
- Use _PATH_DEV instead of "/dev/".

MFC after:	1 week
2013-06-20 14:30:16 +00:00
Ed Schouten
87f02f6f89 Let hastd use C11 atomics.
C11 atomics now work on all the architectures. Have at least a single
piece of software in our base system that uses C11 atomics. This
somewhat makes it less likely that we break it because of LLVM imports,
etc.
2013-06-15 22:17:59 +00:00
Alexander Motin
126690fec1 Improve firmware download status check. Previous check was insufficient for
ATA since it ignored transport errors like command timeouts, while for SCSI
it was just wrong.
2013-06-14 08:26:58 +00:00
Alexander Motin
2c3ba49168 Fix build after r251654. 2013-06-12 19:21:23 +00:00
Alexander Motin
3c2305c3a5 Use CAM_DIR_NONE for requests without data.
Wrong values there confuse some drivers.

MFC after:	1 week
2013-06-12 16:13:05 +00:00
Florian Smeets
e1de133c2e Move the check whether the clear flag is set. This has 2 advantages
- When operating on a core file (-M) and -c is specified we don't clear
  the message buffer of the running system.
- If we don't have permission to clear the buffer print the error message
  only. That's what Linux does in this case, where this feature was ported
  from, and it ensures that the error message doesn't get lost in the noise.

Discussed with:	antoine, cognet
Approved by:	cognet
2013-06-11 17:46:32 +00:00
Marcel Moolenaar
3bd22a9cc8 Change the set and unset ctlreqs by making the index argument optional.
This allows setting attributes on tables. One simply does not provide
an index in that case. Otherwise the entry corresponding the index has
the attribute set or unset.

Use this change to fix a relatively longstanding bug in our GPT scheme
that's the result of rev 198097 (relatively harmless) followed by rev
237057 (damaging). The damaging part being that our GPT scheme always
has the active flag set on the PMBR slice. This is in violation with
EFI. Existing EFI implementions for both x86 and ia64 reject the GPT.
As such, GPT disks created by us aren't usable under EFI because of
that.

After this change, GPT disks never have the active flag set on the PMBR
slice. In order to make the GPT disk bootable under some x86 BIOSes,
the reason of rev 198097, one must now set the active attribute on the
gpt table. The kernel will apply this to the PMBR slice For (S)ATA:
	gpart set -a active ada0

To fix an existing GPT disk that has the active flag set in the PMBR,
and that does not need the flag, use (again for (S)ATA):
	gpart unset -a active ada0

The EBR, MBR & PC98 schemes, which also impement at least 1 attribute,
now check to make sure the entry passed is valid. They do not have
attributes that apply to the table.
2013-06-09 23:34:26 +00:00
Hiroki Sato
7df84c2b74 Fix a bug that the gateway address was not shown when a -gateway modifier
was used.
2013-06-09 17:40:06 +00:00
Jaakko Heinonen
4feadec3c4 Revert r238399.
The "failok" option doesn't have any effect at all unless specified in
fstab(5) and combined with the -a flag. The "failok" option is already
documented in fstab(5).

PR:		177630
No objection:	eadler
MFC after:	1 week
2013-06-07 07:17:46 +00:00
Jung-uk Kim
eb8b73d6ae Improve compatibility with old flex and fix build with GCC. 2013-05-22 17:47:45 +00:00
Alexander V. Chernikov
21278efe5b Fix ipfw(8) sets of ipv6 addresses handling.
Conditionally use stack buffer instead of calling strdup().

PR:		bin/104921
MFC after:	2 weeks
2013-05-18 04:49:00 +00:00
Xin LI
1b83e8a3f8 Constify string pointers.
Verified with:	sha256(1)
MFC after:	2 weeks
2013-05-16 21:04:56 +00:00
Kirk McKusick
9d384d4d3d When running the -m option to generate a newfs(8) command suitable for
recreating the filesystem, check for and output the -i, -k, and -l
options if appropriate.

Note the remaining deficiencies of the -m option in the dumpfs(8)
manual page. Specifically that newfs(8) options -E, -R, -S, and -T
options are not handled and that -p is not useful so is omitted.
Also document that newfs(8) options -n and -r are neither checked
for nor output but should be. The -r flag is needed if the filesystem
uses gjournal(8).

PR:           bin/163992
Reported by:  Dieter <freebsd@sopwith.solgatos.com>
Submitted by: Andy Kosela <akosela@andykosela.com>
MFC after:    1 week
2013-05-16 20:07:08 +00:00
Kirk McKusick
3e8b845956 Clean up trailing whitespace.
Submitted by: Andy Kosela
MFC after:    1 week
2013-05-16 19:39:11 +00:00
Alan Somers
8a20d4d1f4 sbin/camcontrol/camcontrol.c
If an expander returns 0x00 (no device attached) in the ATTACHED DEVICE
	field of the SMP DISCOVER response, ignore the value of ATTACHED SAS
	ADDRESS, because it is invalid.  Some expanders zero out the address
	when the attached device is removed, but others do not.  Section
	9.4.3.10 of the SAS Protocol Layer 2 revision 04b does not require them
	to do so.

Approved by:	ken (mentor)
MFC after:	3 weeks
2013-05-15 17:26:50 +00:00
Joel Dahl
37b983c09b mdoc sweep 2013-05-13 18:13:50 +00:00
Joel Dahl
2710751bc3 mdoc sweep. 2013-05-12 22:22:12 +00:00
Mikolaj Golub
1df892f44c Get rid of libl dependency. We needed it only to provide yywrap. But
yywrap is not necessary when parsing a single hast.conf file.

Suggested by:	kib
Reviewed by:	pjd
2013-05-11 09:51:44 +00:00
Eitan Adler
a93b9b7d11 Bump .Dd for recent content change.
Reported by:	delphij
2013-05-10 12:49:16 +00:00
Eitan Adler
11967f3ce1 Add support for 'dmesg -c' which clears the dmesg buffer after it has
been printed.  This provides compatibility with other *nix systems
(including Linux).

While here use stdbool booleans for 'all'.

PR:		bin/178295
Submitted by:	Levent Serinol <lserinol@gmail.com>
Reviewed by:	will
2013-05-10 03:42:48 +00:00
Joel Dahl
b266cbe17d Remove EOL whitespace. 2013-05-08 21:04:19 +00:00
Joel Dahl
8495c3d9a7 mdoc: new sentence, new line. 2013-05-08 21:02:48 +00:00
Adrian Chadd
e6e5db845a Add vlan configuration support to etherswitchcfg.
This adds the support to the config keyword (vlan operation mode), ports
flags, prints the vlan mode and vlan capabilities. It also adds some basic
information to usage() and support the keyword 'help' as a shortcut to
usage(). The manual page is also updated with the new options.

Submitted by:	Luiz Otavio O Souza <loos.br@gmail.com>
Reviewed by:	ray
2013-05-08 20:52:22 +00:00
Eitan Adler
63efd0a107 Allow the use of lowercase 'yes'
PR:		bin/178422
Submitted by:	Garrett Cooper <yaneurabeya@gmail.com>
2013-05-08 18:55:38 +00:00
Eitan Adler
9e2b4b0da3 Remove includes for old versions of FreeBSD.
Reviewed by:	stass
Obtained From:	DragonFlyBSD
MFC After:	1 week
2013-05-06 17:44:12 +00:00
Hiroki Sato
5df1b6b57e Use FF02:0:0:0:0:2:FF00::/104 prefix for IPv6 Node Information Group
Address.  Although KAME implementation used FF02:0:0:0:0:2::/96 based on
older versions of draft-ietf-ipngwg-icmp-name-lookup, it has been changed
in RFC 4620.

The kernel always joins the /104-prefixed address, and additionally does
/96-prefixed one only when net.inet6.icmp6.nodeinfo_oldmcprefix=1.
The default value of the sysctl is 1.

ping6(8) -N flag now uses /104-prefixed one.  When this flag is specified
twice, it uses /96-prefixed one instead.

Reviewed by:		ume
Based on work by:	Thomas Scheffler
PR:			conf/174957
MFC after:		2 weeks
2013-05-04 19:16:26 +00:00
Chris Rees
b48b774f99 Introduce and use new flag -L to mount for mounting only late filesystems.
Previously, rc.d/mountlate mounted *all* filesystems, causing problems with
background NFS mounts being mounted twice.

PR:		conf/137629
Submitted by:	eadler (original concept)
Reviewed by:	mjg
Approved by:	hrs
2013-05-04 14:00:16 +00:00
Jung-uk Kim
a7880d59c9 Improve compatibility with recent flex from flex.sourceforge.net. 2013-05-03 23:51:32 +00:00
Eitan Adler
d005340fe9 Prefer using the C++ version of the standard headers. These place the
names within the std namespace (and possibly within the global
namespace).

The main advantage is that the C++ versions can provide optimized
versions or simplified interfaces.
2013-05-02 17:02:50 +00:00
Joel Dahl
4684a6ef0c Adapt to the fact that minidumps are now on by default.
PR:		177188
2013-04-30 07:22:03 +00:00
Dag-Erling Smørgrav
5c6fe3a917 Style nit. 2013-04-29 20:14:11 +00:00
Dag-Erling Smørgrav
2b5373de83 Add a -Z option which zeroes unused blocks. It can be combined with -E,
in which case unused blocks are first zeroed and then erased.

Reviewed by:	mckusick
MFC after:	3 weeks
2013-04-29 20:13:09 +00:00
Ed Schouten
24084cdd91 Partially revert my last change.
I forgot that I still had a locally applied patch to my copy of Clang
that needs to be pushed in before we should use C11 atomics.
2013-04-27 05:06:25 +00:00
Ed Schouten
6e87c1514b Use C11 <stdatomic.h> instead of our non-standard <machine/atomic.h>.
Reviewed by:	pjd
2013-04-27 05:01:29 +00:00
Alan Somers
0425e01683 According to devctl(4), clients must read events whole; they may not
piece them together from multiple reads().  It's as if /dev/devctl is
a datagram device instead of a stream device.  However, devd's
internal buffer was too small (1025 bytes) to read an entire
ereport.fs.zfs.checksum event (variable, up to ~1300 bytes).  This
commit enlarges the buffer to 8k.

Reviewed by:	imp
Approved by:	ken (mentor)
MFC after:	2 weeks
2013-04-26 19:49:37 +00:00
Joel Dahl
452025cfc6 mdoc: remove superfluous paragraph macro. 2013-04-25 20:23:22 +00:00
Gleb Smirnoff
ab210b8057 Don't free memory that is going to be used as error string.
PR:		bin/178121
Submitted by:	Garrett Cooper <yaneurabeya gmail.com>
2013-04-25 16:34:04 +00:00
Steven Hartland
9e68761ce0 Adds Host Protected Area (HPA) support for ATA disks to camcontrol
Reviewed by:	mav
Approved by:	pjd (mentor)
MFC after:	2 weeks
2013-04-25 14:11:38 +00:00
Kirk McKusick
244dccb7fd Fix error check.
Submitted by: Andrey Chernov (ache@)
MFC after: 3 days
2013-04-23 06:37:50 +00:00
Joel Dahl
6c4b7d71f1 Minor clarificiation.
PR:		177455
2013-04-22 17:38:26 +00:00
John Baldwin
9291a1cd14 Use a higher TTL (128) for DHCP packets. This matches the ISC DHCP client.
PR:		bin/170279
MFC after:	1 week
2013-04-22 15:02:32 +00:00
Adrian Chadd
a321935999 Convert over the etherswitch framework to use VLAN IDs per port, rather
than VLAN groups.

Some chips (eg this rtl8366rb) has a VLAN group per port - you first
define a set of VLANs in a vlan group, then you assign a VLAN group
to a port.

Other chips (eg the AR8xxx switch chips) have a VLAN ID array per
port - there's no group per se, just a list of vlans that can be
configured.

So for now, the switch API will use the latter and rely on drivers
doing the heavy lifting if one wishes to use the VLAN group method.
Maybe later on both can be supported.

PR:		kern/177878
PR:		kern/177873
Submitted by:	Luiz Otavio O Souza <loos.br@gmail.com>
Reviewed by:	ray
2013-04-22 05:52:18 +00:00
Adrian Chadd
cdf0868a3d etherswitchcfg(8) crashes when you don't set vlangroup members.
Fix this to require an argument.

PR:		kern/177872
Submitted by:	Luiz Otavio O Souza <loos.br@gmail.com>
2013-04-22 05:30:20 +00:00
Adrian Chadd
e1d6379074 Initialise this to zero before using it to configure the vlangroup
information.

PR:		kern/177871
Submitted by:	Luiz Otavio O Souza <loos.br@gmail.com>
2013-04-22 05:27:13 +00:00
Ed Schouten
4f929487f3 Unbreak the build of newfs_nandfs.
Mark global variables static. While there, make some small style(9)
cleanups and remove a variable that is unused.
2013-04-21 22:36:14 +00:00
Mikolaj Golub
f7854e9247 Remove code duplication. 2013-04-21 20:51:53 +00:00
Joel Dahl
309bbfe8d2 Move EXAMPLES descriptions to before the actual command.
PR:		177870
Submitted by:	Bjorn Heidotting <b.heidotting@yahoo.com>
2013-04-21 10:08:33 +00:00
Ed Schouten
7e659f9491 Add the Clang specific -Wmissing-variable-declarations to WARNS=6.
This compiler flag enforces that that people either mark variables
static or use an external declarations for the variable, similar to how
-Wmissing-prototypes works for functions.

Due to the fact that Yacc/Lex generate code that cannot trivially be
changed to not warn because of this (lots of yy* variables), add a
NO_WMISSING_VARIABLE_DECLARATIONS that can be used to turn off this
specific compiler warning.

Announced on:	toolchain@
2013-04-19 19:45:00 +00:00
Xin LI
44246b4c36 Use arc4random() instead of random().
MFC after:	2 weeks
2013-04-15 05:39:21 +00:00
John-Mark Gurney
a9fab404d4 update information about debugging sysctl...
MFC after:	1 week
2013-04-14 16:20:25 +00:00
Jim Harris
5076698e19 Remove the NVME_IDENTIFY_CONTROLLER and NVME_IDENTIFY_NAMESPACE IOCTLs and replace
them with the NVMe passthrough equivalent.

Sponsored by:	Intel
2013-04-12 17:56:47 +00:00
Joel Dahl
2063b2c09b Minor spelling and grammar fixes. 2013-04-11 19:05:24 +00:00
Joel Dahl
b1edef175b Remove contractions. 2013-04-11 18:46:41 +00:00
Joel Dahl
50b476b034 Remove kernel options from the SYNOPSIS. They are already documented in the
geom(4) manual page SYNOPSIS.
2013-04-11 18:02:42 +00:00
Ed Schouten
dc5929d40a Prevent the creation of an unused variable.
We're only interested in the enumeration fields; we don't want to create
a variable to store them.

MFC after:	1 week
2013-04-08 08:03:42 +00:00
Joel Dahl
e36a4a7ea0 mdoc: new sentence should be on a new line. Also remove EOL whitespace while
here.
2013-04-06 19:40:04 +00:00
Joel Dahl
791a7de998 mdoc: remove superfluous paragraph macro. 2013-04-05 11:42:28 +00:00
Steven Hartland
1146874aec Adds security options to camcontrol this includes the ability to secure erase
disks such as SSD's

Adds the ability to run ATA commands via the SCSI ATA Pass-Through(16) comand

Reviewed by:	mav
Approved by:	pjd (mentor)
MFC after:	2 weeks
2013-04-04 23:19:51 +00:00
Joel Dahl
6998737d06 Minor rewording.
Discussed with:	mav
2013-04-04 10:26:09 +00:00
Joel Dahl
af9fc0b09c Remove references to ataraid(4) and atacontrol(8). 2013-04-04 08:45:37 +00:00
Alexander Motin
45f6d66569 Remove all legacy ATA code parts, not used since options ATA_CAM enabled in
most kernels before FreeBSD 9.0.  Remove such modules and respective kernel
options: atadisk, ataraid, atapicd, atapifd, atapist, atapicam.  Remove the
atacontrol utility and some man pages.  Remove useless now options ATA_CAM.

No objections:	current@, stable@
MFC after:	never
2013-04-04 07:12:24 +00:00
Jim Harris
021ee26911 Fix typo (devicde -> device). 2013-04-03 20:52:17 +00:00
Jim Harris
47e56bb131 Use errno and strerror to print more descriptive messages when operations
fail in nvmecontrol(8).

While here, use consistent checks of return values from stat, open and
ioctl.

Sponsored by:	Intel
Suggested by:	carl
Reviewed by:	carl
2013-03-26 22:14:47 +00:00
Jim Harris
b846efd7ec Add controller reset capability to nvme(4) and ability to explicitly
invoke it from nvmecontrol(8).

Controller reset will be performed in cases where I/O are repeatedly
timing out, the controller reports an unrecoverable condition, or
when explicitly requested via IOCTL or an nvme consumer.  Since the
controller may be in such a state where it cannot even process queue
deletion requests, we will perform a controller reset without trying
to clean up anything on the controller first.

Sponsored by:	Intel
Reviewed by:	carl
2013-03-26 19:50:46 +00:00
Maxim Konovalov
cd08290b48 o Typo: IEE -> IEEE.
PR:		docs/173069
Submitted by:	Bjorn Heidotting
MFC after:	1 week
2013-03-25 12:38:45 +00:00
Kirk McKusick
061ea59dc2 Note that output is in seconds, not msec.
KNF indentation.
No functional change.
No change to printf strings.
No change to casting of printf arguments.

Reported by: Bruce Evans
2013-03-24 22:37:10 +00:00
Sean Bruno
4b3bbe04fd Resolve clang compile errors on amd64/i386 for certain by casting.
compile tested with clang on i386, amd64
compile tested with gcc on i386, amd64, sparc64

Submitted by:	delphij
2013-03-24 10:41:29 +00:00
Sean Bruno
317e774722 Minor formatting fix for printf() to fix clang builds.
Submitted by:	db
Reviewed by:	gjb
2013-03-24 02:04:19 +00:00
Kirk McKusick
81fbded23f Revert 248634 and 248643 (e.g., restoring 248625 and 248639).
Build verified by: Glen Barber (gjb@)
2013-03-23 20:00:02 +00:00
Glen Barber
e1c7cfb200 Revert r248639 to fix build failure on head/ 2013-03-23 08:57:14 +00:00
Kirk McKusick
25bcd53216 Fix the build after addition of cylinder group cacheing (r248625)
Reported by:   Glen Barber (gjb@)
Pointy hat to: Kirk McKusick (mckusick@)
2013-03-23 07:57:30 +00:00
Sean Bruno
115f80b8d3 Revert svn r248625
Clang errors around printf could be trivially fixed, but the breakage in
sbin/fsdb were to significant for this type of change.

Submitter of this changeset has been notified and hopefully this can be
restored soon.
2013-03-23 04:26:13 +00:00
Kirk McKusick
776816d32b Speed up fsck by caching the cylinder group maps in pass1 so
that they do not need to be read again in pass5. As this nearly
doubles the memory requirement for fsck, the cache is thrown away
if other memory needs in fsck would otherwise fail. Thus, the
memory footprint of fsck remains unchanged in memory constrained
environments.

This work was inspired by a paper presented at Usenix's FAST '13:
www.usenix.org/conference/fast13/ffsck-fast-file-system-checker

Details of this implementation appears in the April 2013 of ;login:
www.usenix.org/publications/login/april-2013-volume-38-number-2.
A copy of the April 2013 ;login: paper can also be downloaded
from: www.mckusick.com/publications/faster_fsck.pdf.

Reviewed by: kib
Tested by:   Peter Holm
MFC after:   4 weeks
2013-03-22 21:50:43 +00:00
Kirk McKusick
baa12a84a7 The purpose of this change to the FFS layout policy is to reduce the
running time for a full fsck. It also reduces the random access time
for large files and speeds the traversal time for directory tree walks.

The key idea is to reserve a small area in each cylinder group
immediately following the inode blocks for the use of metadata,
specifically indirect blocks and directory contents. The new policy
is to preferentially place metadata in the metadata area and
everything else in the blocks that follow the metadata area.

The size of this area can be set when creating a filesystem using
newfs(8) or changed in an existing filesystem using tunefs(8).
Both utilities use the `-k held-for-metadata-blocks' option to
specify the amount of space to be held for metadata blocks in each
cylinder group. By default, newfs(8) sets this area to half of
minfree (typically 4% of the data area).

This work was inspired by a paper presented at Usenix's FAST '13:
www.usenix.org/conference/fast13/ffsck-fast-file-system-checker

Details of this implementation appears in the April 2013 of ;login:
www.usenix.org/publications/login/april-2013-volume-38-number-2.
A copy of the April 2013 ;login: paper can also be downloaded
from: www.mckusick.com/publications/faster_fsck.pdf.

Reviewed by: kib
Tested by:   Peter Holm
MFC after:   4 weeks
2013-03-22 21:45:28 +00:00
Joel Dahl
b22247c287 Remove EOL whitespace. 2013-03-21 11:22:13 +00:00
Alexander V. Chernikov
2d6fcc3912 Remove unused variable. 2013-03-20 10:36:38 +00:00
Alexander V. Chernikov
ae01d73c04 Add ipfw support for setting/matching DiffServ codepoints (DSCP).
Setting DSCP support is done via O_SETDSCP which works for both
IPv4 and IPv6 packets. Fast checksum recalculation (RFC 1624) is done for IPv4.
Dscp can be specified by name (AFXY, CSX, BE, EF), by value
(0..63) or via tablearg.

Matching DSCP is done via another opcode (O_DSCP) which accepts several
classes at once (af11,af22,be). Classes are stored in bitmask (2 u32 words).

Many people made their variants of this patch, the ones I'm aware of are
(in alphabetic order):

Dmitrii Tejblum
Marcelo Araujo
Roman Bogorodskiy (novel)
Sergey Matveichuk (sem)
Sergey Ryabin

PR:		kern/102471, kern/121122
MFC after:	2 weeks
2013-03-20 10:35:33 +00:00
Joel Dahl
7cf62795b7 Add simple example. 2013-03-19 21:40:14 +00:00
Warner Losh
2493aadade Add a comment about why aout support is still here: We need it for
compat2x, which is still in use, as evidence by recent bug reports.
2013-03-19 16:57:04 +00:00
Joel Dahl
245e0480d2 Remove obsolete objformat information.
Submitted by:	db
2013-03-19 12:35:33 +00:00
Pawel Jakub Dawidek
a3d8ae5d2d Reduce stack usage. 2013-03-18 21:11:31 +00:00
Joel Dahl
d1cd5e7cf3 Cross-reference gvinum(8) instead of vinum(8). 2013-03-16 22:02:47 +00:00
Joel Dahl
b63e03632c Remove reference to vinum(4). The manual page was removed in r248370. 2013-03-16 21:50:06 +00:00
Pawel Jakub Dawidek
51ea07d722 Now that ioctl(2) is allowed in capability mode and we can limit ioctls for the
given descriptors, use Capsicum sandboxing for hastd in primary and secondary
modes. Allow for DIOCGDELETE and DIOCGFLUSH ioctls on provider descriptor and
for G_GATE_CMD_MODIFY, G_GATE_CMD_START, G_GATE_CMD_DONE and G_GATE_CMD_DESTROY
on GEOM Gate descriptor.

Sponsored by:	The FreeBSD Foundation
2013-03-14 23:14:47 +00:00
Pawel Jakub Dawidek
9cb0633b1c Minor corrections. 2013-03-14 23:11:52 +00:00
Pawel Jakub Dawidek
9bb2b7f535 Delete requests can be larger than MAXPHYS. 2013-03-14 23:03:48 +00:00
Dmitry Morozovsky
5632176c77 Rename 'status' command to 'list' and introduce new 'status' which produces
more terse output more observable for both scripts and humans.

Also, it shifts hastctl closer to GEOM utilities with their list/status command
pairs.

Approved by:	pjd
MFC after:	4 weeks
2013-03-14 22:29:37 +00:00
Pawel Jakub Dawidek
2ee08bd197 Removed redundant includes. 2013-03-14 21:21:14 +00:00
Xin LI
d44ae92a69 Correct type for DIOCGSTRIPESIZE. Without this there
would be a stack overflow which will crash the program
later.

PR:		bin/176953
Submitted by:	r4721 tormail org
MFC after:	3 days
2013-03-14 20:05:49 +00:00
Joel Dahl
45f5d4d0c2 Minor mdoc fixes. 2013-03-14 18:55:41 +00:00
Sean Bruno
bd9fba0cfe Add legacy support to geom raid to create a /dev/arX device for support
of upgrading older machines using ataraid(4) to newer releases.

This optional parameter is controlled via kern.geom.raid.legacy_aliases
and will create a /dev/ar0 device that will point at /dev/raid/r0 for
example.

Tested on Dell SC 1425 DDF-1 format software raid controllers installing from
stable/7 and upgrading to stable/9 without having to adjust /etc/fstab

Reviewed by:	mav
Obtained from:	Yahoo!
MFC after:	2 Weeks
2013-03-08 20:07:32 +00:00
Jung-uk Kim
067041766e Use build_iovec() to make it less cryptic. This also fixes warnings. 2013-03-06 00:36:33 +00:00
Jung-uk Kim
7eb5d3cfa5 GC unused mount_* directories. mount_reiserfs was disconnected from build
with r158666.  mount_ext2fs and mount_std were disconnected with r164527.
2013-03-05 23:53:37 +00:00
Jung-uk Kim
e8e60cfae2 Update the manual page to reflect reality. With r138509 and r152355,
"nostrictjoliet" option for mount_cd9660(8) was completely replaced with
"brokenjoliet" somehow.

MFC after:	3 days
2013-03-05 23:05:43 +00:00
Jung-uk Kim
7039dfb32f GC unused variables. Prefer NULL over 0 for pointers. 2013-03-05 22:41:35 +00:00
Alexander V. Chernikov
f71133f64f Do not suddenly fail on some rulesets if -n (syntax check only) is specified
and ipfw(4) module is not loaded.

MFC after:	2 weeks
2013-03-04 19:01:38 +00:00
Eitan Adler
4cb9d1beca devd: Correct typo in comment.
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
Approved by:	cperciva (mentor)
2013-03-04 02:21:31 +00:00
Eitan Adler
7d9e9c60a0 devd: Use simpler dst += *x instead of str.append(x, 1).
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
Approved by:	cperciva (mentor)
2013-03-04 02:21:29 +00:00
Eitan Adler
a6393aa163 devd: Use string::empty() instea of string::length() == 0.
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
Approved by:	cperciva (mentor)
2013-03-04 02:21:26 +00:00
Eitan Adler
1d9bf149ef devd: Remove unnecessary empty default constructors.
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
Approved by:	cperciva (mentor)
2013-03-04 02:21:24 +00:00
Eitan Adler
012148abc2 devd: Remove empty virtual destructor from class, which has noch subclasses.
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
Approved by:	cperciva (mentor)
2013-03-04 02:21:22 +00:00
Eitan Adler
5a3b1a3d7c devd: Avoid unnecessary temporary objects (and simplify the code) when handling std::string.
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
Approved by:	cperciva (mentor)
2013-03-04 02:21:19 +00:00
Eitan Adler
6d58c721c6 devd: Use the standard constructor of std::string instead of string("").
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
Approved by:	cperciva (mentor)
2013-03-04 02:21:17 +00:00
Eitan Adler
67ae3bf165 devd: Simplify while (1) { if (x) break; } to while (!x) {}.
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
Approved by:	cperciva (mentor)
2013-03-04 02:21:15 +00:00
Eitan Adler
4efceb186c devd: Remove call to _exit() from signal handler, which also sets a stop flag.
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
Approved by:	cperciva (mentor)
2013-03-04 02:21:12 +00:00
Eitan Adler
fcdcaa8807 devd: Use volatile sig_atomic_t for the flag set by a signal handler.
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
Approved by:	cperciva (mentor)
2013-03-04 02:21:08 +00:00
Eitan Adler
11fd1366bc Constify where possible.
Approved by:	cperciva (mentor)
2013-03-04 02:19:55 +00:00
Alexander V. Chernikov
579ed7bd05 Implement buffer size checking in ipfw(8) add cmd.
PR:		bin/65961
Submitted by:	Eugene Grosbein <eugen@grosbein.pp.ru>
MFC after:	2 weeks
2013-03-03 14:05:03 +00:00
Alexander V. Chernikov
136b1ada11 Fix ipfw table argument parsing/printing.
Fix style.

PR:		kern/175909
Submitted by:	Daniel Hagerty <hag@linnaean.org>
MFC after:	2 weeks
2013-03-02 18:51:26 +00:00
Attilio Rao
737a61a1ee Garbage collect NTFS bits which are now completely disconnected from
the tree since few months.

This patch is not targeted for MFC.
2013-03-02 18:40:04 +00:00
Attilio Rao
258bee160c Garbage collect HPFS bits which are now already completely disconnected
from the tree since few months (please note that the userland bits
were already disconnected since a long time, thus there is no need
to update the OLD* entries).

This is not targeted for MFC.
2013-03-02 14:54:33 +00:00
Peter Holm
14951d4234 The .journal file needs to reside on the ROOTINO which must not extend
beyond direct blocks. A typo caused this check to fail.
2013-02-27 18:12:04 +00:00
Benno Rice
085c638420 Fix typo in EFI GPT GUID. 2013-02-27 03:43:16 +00:00
Nick Hibma
0e52eb5ac5 Clarify that overriding the -h/-D flags through flags in device.hints
only works for sio(4) but not for uart(4) which no longer has this flag.
2013-02-26 23:18:35 +00:00
Mikolaj Golub
6559a21f71 Fix casting.
MFC after:	3 days
2013-02-26 20:19:45 +00:00
Mikolaj Golub
2adbba660d Add i/o error counters to hastd(8) and make hastctl(8) display
them.  This may be useful for detecting problems with HAST disks.

Discussed with and reviewed by:	pjd
MFC after:	1 week
2013-02-25 20:09:07 +00:00
Tim Kientzle
f2e472dcf4 Fix ARM build by assigning the computed time here to
a variable of the right type for printf.
2013-02-25 16:25:38 +00:00
Sergey Kandaurov
3dfcb0da4b Catch up with internal API changes for initbarea() and getdatablk()
of fsck_ffs introduced with r247212.

Submitted by:	David Wolfskill <david@catwhisker.org>
2013-02-24 19:32:43 +00:00
Kirk McKusick
ed75b5a156 When running with the -d option, instrument fsck_ffs to track the number,
data type, and running time of its I/O operations.

No functional changes.
2013-02-24 06:44:29 +00:00
Sergey Kandaurov
75dbe5f2b6 Reflect CARP media-type departure.
X-MFC after:	never
2013-02-21 21:35:09 +00:00
Sergey Kandaurov
fe9a760737 Separate items in the list of System values with .Pp to ease readability. 2013-02-21 20:45:19 +00:00
Pawel Jakub Dawidek
d6e636c988 - Add support for 'memsync' mode. This is the fastest replication mode that's
why it will now be the default.
- Bump protocol version to 2 and add backward compatibility for version 1.
- Allow to specify hosts by kern.hostid as well (in addition to hostname and
  kern.hostuuid) in configuration file.

Sponsored by:	Panzura
Tested by:	trociny
2013-02-17 21:12:34 +00:00
Sergey Kandaurov
fa358104b1 Remove write only assignments and thus fix the build after struct bufarea
TAILQ conversion (r246812).
2013-02-15 09:10:01 +00:00
Kirk McKusick
2ec5c91481 Update fsck_ffs buffer cache manager to use TAILQ macros.
No functional changes.
2013-02-15 01:00:48 +00:00
Pawel Jakub Dawidek
b93ca95c4f Fix minor memory leak. 2013-02-10 15:56:47 +00:00
Pawel Jakub Dawidek
2d4b50b61e Assert that if we are not dealing with keyfile we are dealing with passfile. 2013-02-10 15:56:20 +00:00
Pawel Jakub Dawidek
d4e5fe17e6 Use arc4random_buf(3) instead of reimplementing it. 2013-02-10 15:55:42 +00:00
Monthadar Al Jaberi
8904a305ae Mark a mesh path to a mesh gate with a 'G'.
Approved by:	adrian (mentor)
2013-02-07 21:23:03 +00:00
Niclas Zeising
71c2381938 Bump .Dd for the change in r246121.
Approved by:	joel (mentor)
2013-02-05 14:29:37 +00:00
Xin LI
399fe4799b Use stripesize as smallest block size if it's available.
MFC after:	2 weeks
2013-02-04 19:17:15 +00:00
Gleb Smirnoff
9711a168b9 Retire struct sockaddr_inarp.
Since ARP and routing are separated, "proxy only" entries
don't have any meaning, thus we don't need additional field
in sockaddr to pass SIN_PROXY flag.

New kernel is binary compatible with old tools, since sizes
of sockaddr_inarp and sockaddr_in match, and sa_family are
filled with same value.

The structure declaration is left for compatibility with
third party software, but in tree code no longer use it.

Reviewed by:	ru, andre, net@
2013-01-31 08:55:21 +00:00
Ian Lepore
5dfc0f6c53 Improve devd startup time, by tweaking some string handling routines that are
heavily used when parsing config files.  Mostly these changes avoid making
temporary copies of the strings, and avoid doing byte at a time append
operations, on the most-used code path.

On a 1.2 GHz ARM processor this reduces the time to parse the config files
from 13 to 6 seconds.

Reviewed by:	imp
Approved by:	cognet (mentor)
2013-01-30 23:37:35 +00:00
Ian Lepore
e1334f935f Fix a descriptor leak in devd. Clients reading /var/run/devd.pipe can close
their socket connection any time, and devd only notices that when it gets an
error trying to write an event to the client.  On a system with no device
change activity, clients could connect and disappear repeatedly without devd
noticing, leading to an ever-growing list of open socket descriptors in devd.

Now devd uses poll(2) looking for POLLHUP on all existing clients every time
a new client connection is established, and also periodically (once a minute)
to proactively find zombie clients and reap the socket descriptors.  It also
now has a connection limit, configurable with a new -l <num> command line arg.
When the maximum number of connections is reached it stops accepting new
connections until some current clients drop off.

Reviewed by:	imp
Approved by:	cognet (mentor)
2013-01-30 15:21:18 +00:00
Warren Block
0e0d13226c Expand description of how gptboot and gptzfsboot choose a partition for
booting.

Reviewed by:	ae
MFC after:	1 week
2013-01-25 16:33:00 +00:00
Pedro F. Giffuni
f4f891a751 newfs_msdos: cosmetical cleanups
- Simplify diagnostic messages.
- Adopt lowercase first letters to make the messages
  more canonical.

PR:		bin/175404
Submitted by:	Christoph Mallon
Reviewed by:	bde
MFC after:	3 days
2013-01-19 03:34:02 +00:00
Alexander Motin
821a0f639e For Promise/AMD metadata add support for disks with capacity above 2TiB
and for volumes with sector size above 512 bytes.
2013-01-17 00:50:25 +00:00
Eitan Adler
7b6a91800c Correct prefix for "locally installed things"
Approved by:	cperciva
MFC After:	3 days
2013-01-16 05:03:46 +00:00
Alexander Motin
2c6a273750 Allow to insert new component to geom_raid3 without specifying number.
PR:		kern/160562
MFC after:	2 weeks
2013-01-15 10:06:35 +00:00
Xin LI
6f36135181 Use the right format string for line buffer.
PR:		bin/174910
Submitted by:	Fabian Keil <fk fabiankeil.de>
2013-01-13 04:28:44 +00:00
Hajimu UMEMOTO
164051cea5 Add no_prefer_iface option.
It stops treating the address on the interface as special by source
address selection rule even when the interface is outgoing interface.
This is desired in some situation.

Requested by:	hrs
Reviewed by:	IHANet folks including hrs
MFC after:	1 week
2013-01-09 18:18:08 +00:00
Hiroki Sato
9f18a157e8 Fix -iface and -interface modifiers.
Spotted by:	Ian FREISLICH
2013-01-08 17:24:43 +00:00
Konstantin Belousov
7c3b94cfea Use tabs for indentation.
MFC after:	2 weeks
2013-01-05 21:52:38 +00:00
Konstantin Belousov
2dd807c56e Do not round up the size of the UFS filesystem to the fragment size
when comparing its size with the size of the media, to determine if
the last disk block is unused.

Submitted by:	Andreas Longwitz <longwitz@incore.de>
Reviewed by:	pjd
MFC after:	2 weeks
2013-01-05 21:42:14 +00:00
Warren Block
fa7aed6c87 Document the output of the show command. Modified version of patch
provided by Bas Smeelen <b.smeelen@ose.nl>.  Use of 'gpart list'
suggested by by Andrey V. Elsukov <ae@FreeBSD.org>.

PR:		docs/174270
Submitted by:	Ronald F.Guilmette <rfg@tristatelogic.com>
Reviewed by:	ae (block sizes)
MFC after:	1 week
2013-01-03 21:58:28 +00:00
Konstantin Belousov
73a44978ce Allow to specify "cache" and "nocache" as an option for
mount_nullfs(8).

Tested by:	pho
MFC after:	2 weeks
2013-01-03 19:18:46 +00:00
Antoine Brodin
ac9560962d pflogd does not depend on libutil 2013-01-01 18:28:21 +00:00
Kevin Lo
a5752d55e0 Fix socket calls on error post-r243965.
Submitted by:	Garrett Cooper
2012-12-21 15:54:13 +00:00
Hiroki Sato
0a16fa86cb - Fix strtol() error handling.
- Add a range condition of given FIB number and the related error messages.
- Fix free() problem.

Spotted by:	Artyom Mirgorodskiy
Discussed with:	glebius
2012-12-16 23:46:59 +00:00
Pawel Jakub Dawidek
165557e269 With rotating kernel dumps the higest dump number is not necessarily the
last one. To make it easier to find the last one create symlinks with 'last'
suffix that will point to the files of the last coredump, eg.:

	info.last -> info.5
	textdump.tar.last.gz -> textdump.tar.5.gz

Reviewed by:	avg
Obtained from:	WHEEL Systems
2012-12-16 23:09:27 +00:00
Pawel Jakub Dawidek
eeff0b1b27 Implement -m option to savecore(8) that allows to limit number of kernel
dumps stored. Once the limit is reached it restarts from 0.

Reviewed by:	avg
Obtained from:	WHEEL Systems
2012-12-16 23:06:12 +00:00
Pawel Jakub Dawidek
30f6c389ae Make use of the fact that we changed working directory to the dump directory
earlier.

Obtained from:	WHEEL Systems
2012-12-16 23:04:31 +00:00
Eitan Adler
7cb0189de6 Minor wording improvments to some manual pages
Approved by:	bcr (mentor)
Obtained from:	DragonflyBSD (a5294ca835317c68c919ab43936da4f05ab6e926)
MFC after:	3 days
2012-12-16 23:00:13 +00:00
Pawel Jakub Dawidek
3a6e0febc2 Sort flags properly.
Obtained from:	WHEEL Systems
2012-12-16 22:59:58 +00:00
Pawel Jakub Dawidek
87c3930b34 Prefer snprintf() over sprintf().
Obtained from:	WHEEL Systems
2012-12-16 22:59:25 +00:00
Edward Tomasz Napierala
be1bfa99a4 When growing a filesystem, don't leave unused space at the end
if there is not enough room for a full cylinder group.

Reviewed by:	mckusick@
2012-12-16 14:37:25 +00:00
Edward Tomasz Napierala
cd379aaff1 Fix extending filesystems of weird size by making sure the actual size
is always multiple of fragment size.
2012-12-15 08:53:58 +00:00
Pawel Jakub Dawidek
349d039bdb - When checking if a dump exists on the given device there is no need to
provide dump directory. Eliminate this redundant argument. This changes
  the usage, but the only risk here is that a warning will be printed
  about directory given as device.

- Update usage of -C option.

- When clearing dump header from the given device there is also no need to
  provide dump directory, although additional arguments for -c were not
  documented.

- Document that -v can be used with -c and that list of devices can be given.

Obtained from:	WHEEL Systems
2012-12-14 15:12:08 +00:00
Pawel Jakub Dawidek
22374de9ca The clear option (-c) is not compatible with keep (-k) and compress (-z)
options.

Obtained from:	WHEEL Systems
2012-12-14 15:04:39 +00:00
Pawel Jakub Dawidek
410604696d If we are not going to clear the dump (we are either just checking if the dump
exists or we want to keep it), open device read-only.

Obtained from:	WHEEL Systems
2012-12-14 15:03:12 +00:00
Pawel Jakub Dawidek
26ef9e4a3f Whitespace cleanups. 2012-12-14 15:01:23 +00:00
Xin LI
da178c777f Teach sysctl(8) about parsing a file (while I'm there also give it
capability of parsing both = and : formats).

Submitted by:	hrs (initial version, bugs are mine)
MFC after:	3 months
2012-12-13 23:32:47 +00:00
Alfred Perlstein
403c7f59d5 Make Tflag and Wflag filters work for more sysctl options.
To do this move the Tflag and Wflag checks earlier in show_var() so
we bail earlier for variables not matching our query.
2012-12-12 02:55:40 +00:00
Alfred Perlstein
9ecd2e32cd Allow sysctl to filter boot and runtime tunables.
Add the following flags to sysctl:
 -W  - show only writable sysctls
 -T  - show only tuneable sysctls

This can be used to create a /var/run/sysctl.boot to
compare set tunables versus booted tunables.

Sponsored by: iXsystems
2012-12-11 01:28:06 +00:00
Xin LI
aae7510122 In parse():
- Only operate on copy, don't operate on source.
 - Eliminate home-rolled strsep().
 - Constify the parameter.

MFC after:	2 weeks
2012-12-11 01:12:29 +00:00
Rick Macklem
5e70ce7a7c Document the new NFS mount options added by r244042.
This is a content change.
2012-12-09 21:26:47 +00:00
Eitan Adler
839f11a4fe A number of places in the source tree still reference cuad.* after
sio(4) was deprecated by uart(4).

s/cuad/cuau/g/

PR:		docs/171533
Reviewed by:	imp
Approved by:	cperciva (implicit)
MFC after:	3 weeks
2012-12-08 22:16:36 +00:00
Eitan Adler
c3fa0037ba Prefer the use of initalizer lists to ctor assignment.
Approved by:	cperciva
MFC after:	2 weeks
2012-12-06 01:25:21 +00:00
Eitan Adler
edee691dcf Avoid the creation of a temporary object by using the prefix operator
for non-primitive types.

Approved by:	cperciva
MFC after:	2 weeks
2012-12-06 01:25:17 +00:00
Eitan Adler
ef370346d6 Constify where possible
Approved by:	cperciva
MFC after:	2 weeks
2012-12-06 01:25:14 +00:00
Dimitry Andric
0c04d1850f Fix an old bug in devd, where it uses std::sort() to sort the various
lists it reads from its configuration files on the priority field.

Because some items in the lists have the same priority, and std::sort()
is not stable, the exact order in which the items are enumerated does
not have to correspond to the order they appear in the configuration
files.

Apparently this was never noticed with libstdc++, but with libc++ it
could cause the "uhid" entry from /etc/devd/usb.conf to be used instead
of the "ums" entry (which is earlier in the file).  This caused the
problem described in the PR: the USB mouse module was never loaded, and
the other actions (such as starting moused) were not executed.

To fix the problem, make devd use std:stable_sort() instead.

Reported by:	Jan Beich <jbeich@tormail.org>
PR:		bin/172958
MFC after:	2 weeks
2012-12-05 20:50:40 +00:00
Hiroki Sato
0bebb5448b - Move definition of V_deembed_scopeid to scope6_var.h.
- Deembed scope id in L3 address in in6_lltable_dump().
- Simplify scope id recovery in rtsock routines.
- Remove embedded scope id handling in ndp(8) and route(8) completely.
2012-12-05 19:45:24 +00:00
Gleb Smirnoff
7c283ae860 Fix fallout from r243019, which broke parsing of shortened network
prefixes.

Reported and tested by:	delphij
2012-12-04 20:05:01 +00:00
Hiroki Sato
5c9fa630f6 - Fix LOR in sa6_recoverscope() in rt_msg2()[1].
- Check V_deembed_scopeid before checking if sa_family == AF_INET6.
- Fix scope id handing in route(8)[2] and ifconfig(8).

Reported by:	rpaulo[1], Mateusz Guzik[1], peter[2]
2012-12-04 17:12:23 +00:00
Gleb Smirnoff
f1e17e139d Flush stdout after RTM_IFANNOUNCE message.
PR:		bin/151600
Submitted by:	Eric van Gyzen <eric vangyzen.net>
2012-12-04 11:10:01 +00:00
Gleb Smirnoff
3fa6535388 No need to be root when running with -t or -d. 2012-12-04 10:24:50 +00:00
Eitan Adler
4787668f1a Mark non-returning function as such
PR:		bin/172978
Approved by:	cperciva
MFC after:	3 days
2012-11-29 05:16:50 +00:00
Jaakko Heinonen
734e78dfcb Disallow attaching preloaded memory disks via ioctl.
- The feature is dangerous because the kernel code didn't check
  validity of the memory address provided from user space.
- It seems that mdconfig(8) never really supported attaching preloaded
  memory disks.
- Preloaded memory disks are automatically attached during md(4)
  initialization. Thus there shouldn't be much use for the feature.

PR:		kern/169683
Discussed on:	freebsd-hackers
2012-11-21 16:56:47 +00:00
Joel Dahl
a8114564bd Remove superfluous paragraph macro. 2012-11-18 19:39:42 +00:00
Edward Tomasz Napierala
2ec1a00656 Make it possible to resize filesystems mounted read-write, using newly
introduced UFS write suspension mechanism.

Reviewed by:	kib, mckusick
Sponsored by:	FreeBSD Foundation
2012-11-18 19:01:00 +00:00
Hiroki Sato
6bbfef9004 Fill sin6_scope_id in sockaddr_in6 before passing it from the kernel to
userland via routing socket or sysctl.  This eliminates the following
KAME-specific sin6_scope_id handling routine from each userland utility:

 sin6.sin6_scope_id = ntohs(*(u_int16_t *)&sin6.sin6_addr.s6_addr[2]);

This behavior can be controlled by net.inet6.ip6.deembed_scopeid.  This is
set to 1 by default (sin6_scope_id will be filled in the kernel).

Reviewed by:	bz
2012-11-17 20:19:00 +00:00
Hiroki Sato
9ba63ff592 Add -fib modifier to specify FIB number. The FIB number can be in a
comma-separated list and/or range specification:

 # route add -inet 192.0.2.0/24 198.51.100.1 -fib 1,3-5,6

Although all of the subcommands supports the modifier, "monitor" does not
support the list or range specification at this moment.

Reviewed by:	bz
2012-11-17 19:54:23 +00:00
Eitan Adler
c27063b934 Fix memory leak in umount.c
PR:		bin/172553
Submitted by:	Erik Cederstrand <erik@cederstrand.dk>
Approved by:	cperciva
MFC after:	3 days
2012-11-15 15:06:21 +00:00
Gleb Smirnoff
23454ad0e2 Remove remnants of classful addressing. These magic transformations
of supplied arguments is not what a modern sysadmin expect.
2012-11-14 08:05:21 +00:00
Jeff Roberson
2db62a6b1f - blk_equals() is too strict. If the journal entry defines more frags
than we're claiming it should still be considered an exact match.  This
   would previously leak frags that had been extended.
 - If there is a sequence number problem in the journal print the sequence
   numbers we've seen so far for debugging.
 - Clean up the block mask related debuging printfs.  Some are redundant.

MFC after:	1 week
2012-11-14 06:31:47 +00:00
Warren Block
57ce4667a1 Actually change "silent" to "silence" this time (reviewed by adri@).
MFC after:	1 week
2012-11-07 19:32:21 +00:00
Warren Block
818b39ed9e Remove fifteen-year-old notes on media selection (suggested by simon@).
Add commas after "e.g." and "i.e.".  Change "silent" to "silence" in
wireless create section (reviewed by adri@).

MFC after:	1 week
2012-11-07 19:26:32 +00:00
Warren Block
fd9635ef7a Add devd.conf(5) and devd(8) to SEE ALSO xrefs. Give users a pointer to
seemingly mysterious actions that are not done by ifconfig itself, but
by devd triggering on events caused by ifconfig.

PR:		docs/173405
Submitted by:	Mateusz Kwiatkowski <mateusz.kwiatkowski@atlashost.eu>
MFC after:	1 week
2012-11-07 15:59:24 +00:00
Pawel Jakub Dawidek
771a67330f Revert r228695. We use __func__ here as a format to distinguish between
abort and assert. It would be cleaner to use NULL or "" here, but gcc
complains in both cases.
2012-11-05 00:38:14 +00:00
Warren Block
2f78ba90f4 Add an example showing the use of gnop(8) to skip over header data.
PR:		kern/145999
Reviewed by:	mjg
MFC after:	1 week
2012-11-04 03:19:07 +00:00
Jaakko Heinonen
2923ae8a85 Print a newline after the error message.
PR:		bin/168447
Submitted by:	Boris Kochergin
2012-11-03 09:18:37 +00:00
Alfred Perlstein
4a790edd1b Document that you can use -v along with -l.
Noticed by: pjd
2012-11-02 17:30:08 +00:00
Andrey V. Elsukov
ffdbf9da3b Remove the recently added sysctl variable net.pfil.forward.
Instead, add protocol specific mbuf flags M_IP_NEXTHOP and
M_IP6_NEXTHOP. Use them to indicate that the mbuf's chain
contains the PACKET_TAG_IPFORWARD tag. And do a tag lookup
only when this flag is set.

Suggested by:	andre
2012-11-02 01:20:55 +00:00
Alfred Perlstein
f6848434fe Add an option to display the current dump device via dumpon -l.
MFC after:	2 weeks
2012-11-01 18:59:19 +00:00
Edward Tomasz Napierala
549f62fa42 Fix problem with geom_label(4) not recognizing UFS labels on filesystems
extended using growfs(8).  The problem here is that geom_label checks if
the filesystem size recorded in UFS superblock is equal to the provider
(i.e. device) size.  This check cannot be removed due to backward
compatibility.  On the other hand, in most cases growfs(8) cannot set
fs_size in the superblock to match the provider size, because, differently
from newfs(8), it cannot recompute cylinder group sizes.

To fix this problem, add another superblock field, fs_providersize, used
only for this purpose.  The geom_label(4) will attach if either fs_size
(filesystem created with newfs(8)) or fs_providersize (filesystem expanded
using growfs(8)) matches the device size.

PR:		kern/165962
Reviewed by:	mckusick
Sponsored by:	FreeBSD Foundation
2012-10-30 21:32:10 +00:00
Edward Tomasz Napierala
05d43d9882 Declare functions as static and move global variables to the top;
no functional changes.
2012-10-28 19:38:42 +00:00
Andrey V. Elsukov
c1de64a495 Remove the IPFIREWALL_FORWARD kernel option and make possible to turn
on the related functionality in the runtime via the sysctl variable
net.pfil.forward. It is turned off by default.

Sponsored by:	Yandex LLC
Discussed with:	net@
MFC after:	2 weeks
2012-10-25 09:39:14 +00:00