Commit Graph

8648 Commits

Author SHA1 Message Date
Andrey V. Elsukov
7a07dfbc7c Make the name of option that toggles IFCAP_HWRXTSTMP capability to
match the name of this capability. It was added recently and is not merged
to stable branch, so I hope it is not too late to change the name.

Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D15475
2018-05-18 12:12:24 +00:00
Ed Maste
408c1ff8f4 Clarify that boot_mute / boot -m mutes kernel console only
Perhaps RB_MUTE could mute user startup (rc) output as well, but right
now it mutes only kernel console output, so make the documentation match
reality.

PR:		228193
Sponsored by:	The FreeBSD Foundation
2018-05-16 02:15:18 +00:00
Ed Maste
c44e7d2f2f gpart.8: list all options in table form for each command
Previously gpart's man page listed some command options in prose, and
some in table form, which made it more difficult to use as a reference.

Reviewed by:	bcr
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D15135
2018-05-11 12:58:36 +00:00
Ed Maste
6c967db174 gpart.8: sort suboptions per mdoc(7)
Alphabetical order, uppercase before lowercase for each letter and with
no regard to whether an option takes an argument.

Sponsored by:	The FreeBSD Foundation
2018-05-11 12:57:25 +00:00
Andrey V. Elsukov
51d5442fef Fix the printing of rule comments.
Change uint8_t type of opcode argument to int in the print_opcode()
function. Use negative value to print the rest of opcodes, because
zero value is O_NOP, and it can't be uses for this purpose.

Reported by:	lev
MFC after:	1 week
2018-05-10 12:25:01 +00:00
Mariusz Zaborski
31f7586d73 Introduce the 'n' flag for the geli attach command.
If the 'n' flag is provided the provided key number will be used to
decrypt device. This can be used combined with dryrun to verify if the key
is set correctly. This can be also used to determine which key slot we want to
change on already attached device.

Reviewed by:	allanjude
Differential Revision:	https://reviews.freebsd.org/D15309
2018-05-09 20:53:38 +00:00
Mariusz Zaborski
c2ac0fc5e0 Change option dry-run from 'n' to 'C' in geli attach command.
'n' is used in other commands to define the key index.
We should be consistent with that.
'C' option is used by patch(1) to perform dryrun so lets use that.

Reviewed by:	allanjude
Differential Revision:	https://reviews.freebsd.org/D15308
2018-05-09 20:51:16 +00:00
Warner Losh
0272270a8d nda protocol rate reporting
Report the NVMe spec, number of lanes (and max) as well as the PCIe
generation we're negotiated at (and max) for the camcontrol rate
command.

Reviewed by: scottl (the output, not the code)
Sponsored by: Netflix
2018-05-09 18:41:04 +00:00
Andrey V. Elsukov
c54e0abbc6 Update NAT64 documentation, now we support any IPv6 prefixes.
MFC after:	1 month
2018-05-09 12:25:23 +00:00
Andrey V. Elsukov
782360dec3 Bring in some last changes in NAT64 implementation:
o Modify ipfw(8) to be able set any prefix6 not just Well-Known,
  and also show configured prefix6;
o relocate some definitions and macros into proper place;
o convert nat64_debug and nat64_allow_private variables to be
  VNET-compatible;
o add struct nat64_config that keeps generic configuration needed
  to NAT64 code;
o add nat64_check_prefix6() function to check validness of specified
  by user IPv6 prefix according to RFC6052;
o use nat64_check_private_ip4() and nat64_embed_ip4() functions
  instead of nat64_get_ip4() and nat64_set_ip4() macros. This allows
  to use any configured IPv6 prefixes that are allowed by RFC6052;
o introduce NAT64_WKPFX flag, that is set when IPv6 prefix is
  Well-Known IPv6 prefix. It is used to reduce overhead to check this;
o modify nat64lsn_cfg and nat64stl_cfg structures to use nat64_config
  structure. And respectivelly modify the rest of code;
o remove now unused ro argument from nat64_output() function;
o remove __FreeBSD_version ifdef, NAT64 was not merged to older versions;
o add commented -DIPFIREWALL_NAT64_DIRECT_OUTPUT flag to module's Makefile
  as example.

Obtained from:	Yandex LLC
MFC after:	1 month
Sponsored by:	Yandex LLC
2018-05-09 11:59:24 +00:00
Mark Johnston
0ff40d3d29 Add netdump support to dumpon(8).
A new usage is added so that parameters for netdump may be specified.
Specifically, one configures an interface for netdump with:

# dumpon -c <client IP> -s <server IP> [-g <gateway IP>] <iface name>

Reviewed by:	bdrewery, cem (earlier versions), sbruno
MFC after:	1 month
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D15254
2018-05-06 00:42:30 +00:00
Alexander Motin
ba405bc811 Add NVMe Namespace Management support to nvmecontrol(8).
This allows create/delete/attach/detach namespaces on new NVMe controllers.
This is only a first user-level part of the bigger change set.  Kernel part
required to detect and handle the configuration changes without reboot is
completely independent and will be added separately.

Submitted by:	Matt Williams <mffbsdw@gmail.com> (original version)
Differential Revision:	https://reviews.freebsd.org/D11399
2018-05-05 20:08:03 +00:00
Xin LI
3e855e9c21 Don't bail out from the check if readboot() returns !FSFATAL.
This can happen when the fsinfo signature is invalid, and the
user have choose to fix it, in which case the code would return
FSBOOTMOD (not FSOK but not FSFATAL either).

All other (fatal) cases would return FSFATAL.

Obtained from:	Android Open Source Project
Obtained from:	d8775a29ea
MFC after:	2 weeks
2018-04-30 05:57:55 +00:00
Kristof Provost
c5e105655b pfctl: Don't break connections on skipped interfaces on reload
On reload we used to first flush everything, including the list of skipped
interfaces.  This can lead to termination of these connections if they send
packets before the new configuration is applied.

Note that this doesn't currently happen on 12 or 11, because of special EACCES
handling introduced in r315514. This special behaviour in tcp_output() may
change, hence the fix in pfctl.

PR:		214613
2018-04-28 13:16:58 +00:00
Brooks Davis
4204224162 Finish removing FDDI and tokenring media support.
This fixes media display for 802.11 wireless devices.

Software outside the base system that uses these media types and
defines should use #ifdef IFM_FDDI or IFM_TOKEN to include or remove
support.

Reported by:	zeising
Reviewed by:	emaste, kib, zeising
Tested by:	zeising
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D15170
2018-04-23 21:10:33 +00:00
Andrew Gallatin
47528c67ef Make lagg creation more fault tolerant
- Warn, don't exit, when SIOCSLAGGPORT returns an error.

When we exit with an error during lagg creation, a single
failed NIC (which no longer attaches) can prevent lagg
creation and other configuration, such as adding an IPv4
address, and thus leave a machine unreachable.

- Preserve non-EEXISTS errors for exit status from SIOCSLAGGPORT,
  in case scripts are looking for it. Hopefully this can be
  extended if other parts of ifconfig can allow a "soft" failure.

- Improve the warning message to mention what lagg and what
  member are problematic.

Reviewed by: jtl, glebius
Sponsored by: Netflix
Differential Revision:	https://reviews.freebsd.org/D15046
2018-04-17 12:54:58 +00:00
Brooks Davis
eec02418d8 Remove support for FDDI and token ring media types in userland utilities.
Reviewed by:	kib
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D15077
2018-04-16 18:07:51 +00:00
Andrey V. Elsukov
0f71e509e5 Fix indenting in ipv6.c file, use tabs instead of mixing tabs and spaces.
MFC after:	1 week
2018-04-12 20:05:26 +00:00
Andrey V. Elsukov
bd32e33552 Remove printing of "not" keyword from print_ip6() function.
After r331668 handling of F_NOT flag done in one place by
print_instruction() function. Also remove unused argument from
print_ip[6]() functions.

MFC after:	1 week
2018-04-12 19:44:04 +00:00
Andrey V. Elsukov
09a6be91bc Remove printing of "not" keyword from print_ip() function.
After r331668 handling of F_NOT flag done in one place by
print_instruction() function.

MFC after:	1 week
2018-04-12 19:34:35 +00:00
Brooks Davis
0437c8e3b1 Remove support for FDDI networks.
Defines in net/if_media.h remain in case code copied from ifconfig is in
use elsewere (supporting non-existant media type is harmless).

Reviewed by:	kib, jhb
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D15017
2018-04-11 17:28:24 +00:00
Oleg Bulyzhin
e5e8324fea Fix typo.
MFC after:	1 week
2018-04-11 11:17:57 +00:00
Mariusz Zaborski
8f1c45c20a Introduce dry run option for attaching the device.
This will allow us to verify if passphrase and key is valid without
decrypting whole device.

Reviewed by:	cem@, allanjude@
Differential Revision:	https://reviews.freebsd.org/D15000
2018-04-10 13:22:48 +00:00
Edward Tomasz Napierala
f0bbdd70ad Strip trailing whitespace.
MFC after:	2 weeks
2018-04-10 08:13:59 +00:00
Kirk McKusick
2a36aee276 When using the fsdb `blocks' command, replace the long and ugly list of
blocks with the much more concise and readable block list shown by the
prtblknos() function imported from tools/diag/prtblknos.
2018-04-08 07:06:12 +00:00
Rodney W. Grimes
2e23ded5c4 Exit with usage when extra arguments are on command line
preventing mistakes such as "halt 0p" for "halt -p".
Approved by:	bde (mentor), phk (mentor)
MFC after:	1 week
2018-04-05 15:00:08 +00:00
Alexander V. Chernikov
2d5832444f Fix memory leaks in route(8).
Submitted by:	Tom Rix (trix_juniper.net)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D9676
2018-03-31 15:06:14 +00:00
Andrey V. Elsukov
aed0267989 Rework ipfw rules parsing and printing code.
Introduce show_state structure to keep information about printed opcodes.
Split show_static_rule() function into several smaller functions. Make
parsing and printing opcodes into several passes. Each printed opcode
is marked in show_state structure and will be skipped in next passes.
Now show_static_rule() function is simple, it just prints each part
of rule separately: action, modifiers, proto, src and dst addresses,
options. The main goal of this change is avoiding occurrence of wrong
result of `ifpw show` command, that can not be parsed by ipfw(8).
Also now it is possible to make some simple static optimizations
by reordering of opcodes in the rule.

PR:		222705
Discussed with:	melifaro
MFC after:	2 weeks
Sponsored by:	Yandex LLC
2018-03-28 12:44:28 +00:00
Edward Tomasz Napierala
0457d75c14 Bump .Dd after r331113.
Reported by:	oshogbo@
MFC after:	2 weeks
2018-03-27 16:38:32 +00:00
Konstantin Belousov
f137973487 Allow to specify PCP on packets not belonging to any VLAN.
According to 802.1Q-2014, VLAN tagged packets with VLAN id 0 should be
considered as untagged, and only PCP and DEI values from the VLAN tag
are meaningful.  See for instance
https://www.cisco.com/c/en/us/td/docs/switches/connectedgrid/cg-switch-sw-master/software/configuration/guide/vlan0/b_vlan_0.html.

Make it possible to specify PCP value for outgoing packets on an
ethernet interface.  When PCP is supplied, the tag is appended, VLAN
id set to 0, and PCP is filled by the supplied value.  The code to do
VLAN tag encapsulation is refactored from the if_vlan.c and moved into
if_ethersubr.c.

Drivers might have issues with filtering VID 0 packets on
receive.  This bug should be fixed for each driver.

Reviewed by:	ae (previous version), hselasky, melifaro
Sponsored by:	Mellanox Technologies
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D14702
2018-03-27 15:29:32 +00:00
Andriy Gapon
31260bf042 vfs_donmount: in certain cases try r/o mount if r/w mount fails
If the operation is not an update, if neither r/w nor r/o mode is
explicitly requested, if the error code hints at the possibility of the
media being read-only, and if the fallback is allowed, then we can try
to automatically downgrade to the readonly mode.

This is especially useful for auto-mounting of removable media that
sometimes can happen to be write-protected.

The fallback to r/o is not enabled by default.  It can be requested on a
per-mount basis with a new mount option, 'autoro'.  Or it can be
globally allowed by setting vfs.default_autoro.

Reviewed by:	cem, kib
MFC after:	3 weeks
Relnotes:	yes
Differential Revision: https://reviews.freebsd.org/D13361
2018-03-27 14:31:42 +00:00
Andrey V. Elsukov
b43b604b30 Remove note that fwd tablearg is supported only by IPv4. IPv6 is
supported too.

MFC after:	1 week
2018-03-19 10:50:27 +00:00
Edward Tomasz Napierala
7dc5b4402b Xr crashinfo(8) from savecore(8).
MFC after:	2 weeks
2018-03-17 21:58:41 +00:00
Ed Maste
d8ba45e213 Revert r313780 (UFS_ prefix) 2018-03-17 12:59:55 +00:00
Ed Maste
1e2b9afca9 Prefix UFS symbols with UFS_ to reduce namespace pollution
Followup to r313780.  Also prefix ext2's and nandfs's versions with
EXT2_ and NANDFS_.

Reported by:	kib
Reviewed by:	kib, mckusick
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D9623
2018-03-17 01:48:27 +00:00
Kirill Ponomarev
29c29cbb40 Extend SSID maximum string length to 32 chars to support longer SSID
names.

Approved by:	adrian
Differential Revision:	https://reviews.freebsd.org/D14710
2018-03-16 16:56:56 +00:00
Alexander Motin
011bbaa513 Add some argument checks to be more user-friendly.
MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
2018-03-13 15:29:13 +00:00
Alexander Motin
635c517ae9 Add nvmecontrol format subcommand.
It allows to change namespace parameters, such as block size, metadata,
protection information, etc. and/or erase the data.

MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
2018-03-13 03:02:09 +00:00
Alexander Motin
01c1be35e0 Print fuses and fna fields in identify data.
MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
2018-03-12 16:31:25 +00:00
Andrey V. Elsukov
12c080e613 Do not try to reassemble IPv6 fragments in "reass" rule.
ip_reass() expects IPv4 packet and will just corrupt any IPv6 packets
that it gets. Until proper IPv6 fragments handling function will be
implemented, pass IPv6 packets to next rule.

PR:		170604
MFC after:	1 week
2018-03-12 09:40:46 +00:00
Alexander Motin
3fa5467a06 Add new identify data structures fields from NVMe 1.3a.
Some of them are already supported by existing hardware, so reporting
them `nvmecontrol identify` can be useful.
2018-03-11 05:09:02 +00:00
John Baldwin
2365fe5616 Permit sysctl(8) to set an array of numeric values for a single node.
Most sysctl nodes only return a single value, but some nodes return an
array of values (e.g. kern.cp_time).  sysctl(8) understand how to display
the values of a node that returns multiple values (it prints out each
numeric value separated by spaces).  However, until now sysctl(8) has
only been able to set sysctl nodes to a single value.  This change
allows sysctl to accept a new value for a numeric sysctl node that contains
multiple values separated by either spaces or commas.  sysctl(8) parses
this list into an array of values and passes the array as the "new" value
to sysctl(2).

Reviewed by:	rpokala
MFC after:	1 week
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D14569
2018-03-09 23:37:19 +00:00
Warner Losh
0b8c33590a Remove decade's old whine about msdos vs msdosfs.
Retain the compatibility silently though.

Reviewed by: cem@, kevans@, emaste@ (and many others in the past)
2018-03-09 21:32:07 +00:00
Conrad Meyer
4e0a8b6105 ipfw(8): Fix endianness for Legacy and Ipv4 table hostname values
The lookup_host() helper subroutine emits a struct in_addr value in network
byte order via caller passed pointer.  However, the table value is expected
to be stored in host byte order.  On little-endian machines, this produced a
reversed endian table value for Legacy or IPv4 table types when the value
was a hostname (instead of a plain IP address).

Fix by using ntohl() on the output 32-bit address.

While here, avoid some aliasing violations by storing the lookup_host()
output in an intermediate object of the correct type.

PR:		226429
Reported by:	bugs.freebsd.org AT mx.zzux.com (also: Tested by)
Security:	ipfw hostname table rules could potentially not act as admin intended
Sponsored by:	Dell EMC Isilon
2018-03-08 17:23:18 +00:00
Warren Block
21b386d516 Clarify and clean up some language, and add an explicit example.
Sponsored by:	iXsystems
Differential Revision:	https://reviews.freebsd.org/D12336
2018-03-02 19:07:32 +00:00
David Bright
3acf1760b7 dhclient violates RFC2131 when sending early DHCPREQUEST message to re-obtain old IP
When dhclient first starts, if an old IP address exists in the
dhclient.leases file, dhclient(8) sends early DHCPREQUEST message(s)
in an attempt to re-obtain the old IP address again. These messages
contain the old IP as a requested-IP-address option in the message
body (correct) but also use the old IP address as the packet's source
IP (incorrect).

RFC2131 sec 4.1 states:

  DHCP messages broadcast by a client prior to that client obtaining
  its IP address must have the source address field in the IP header
  set to 0.

The use of the old IP as the packet's source address is incorrect if
(a) the computer is now on a different network or (b) it is on the
same network, but the old IP has been reallocated to another host.

Fix dhclient to use 0.0.0.0 as the source IP in this circumstance
without removing any existing functionality. Any previously-used old
IP is still requested in the body of an early DHCPREQUEST message.

PR:		199378
Submitted by:	J.R. Oldroyd <fbsd@opal.com>
Reported by:	J.R. Oldroyd <fbsd@opal.com>
Reviewed by:	cem, asomers, vangyzen
MFC after:	1 week
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D14527
2018-02-27 21:59:23 +00:00
Alan Somers
6ef82c0ae2 fix typo in ipfw(8). No functional change.
Submitted by:	zxzharmlesszxz
Pull Request:	https://github.com/freebsd/freebsd/pull/132
2018-02-27 17:12:33 +00:00
Edward Tomasz Napierala
1cde387c83 Improve missing tty handling in init(8). This removes a check that did
nothing - it was checking for ENXIO, which, with devfs, is no longer
returned - and was badly placed anyway, and replaces it with similar
one that works, and is done just before starting getty, instead of being
done when rereading ttys(5).

From the practical point of view, this makes init(8) handle disappearing
terminals (eg /dev/ttyU*) gracefully, without unneccessary getty restarts
and resulting error messages.

Reviewed by:	imp@
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D14307
2018-02-27 10:54:15 +00:00
Eugene Grosbein
0d41f9c9f0 route(8): make it possible to manually delete pinned route
Reported by:	Andreas Longwitz <longwitz@incore.de>
Approved by:	avg (mentor)
MFC after:	1 week
2018-02-24 21:25:56 +00:00
Alan Somers
deeec7728b nvmecontrol: fix build on amd64/clang
Broken by:	329824
Sponsored by:	Spectra Logic Corp
2018-02-22 17:47:16 +00:00