update paths; and include everything in the "base" distribution.
The "games" distribution being optional made sense when there were more
games and we had small disks; but the "games-like" games were moved into
the ports tree a dozen years ago and the remaining "utility-like" games
occupy less than 0.001% of my laptop's small hard drive. Meanwhile every
new user is confronted by the question "do you want games installed" when
they they try to install FreeBSD.
The next steps will be:
2. Removing punch card (bcd, ppt), phase-of-moon (pom), clock (grdc), and
caesar cipher (caesar, rot13) utilities. I intend to keep fortune, factor,
morse, number, primes, and random, since there is evidence that those are
still being used.
3. Merging src/games into src/usr.bin.
This change will not be MFCed.
Reviewed by: jmg
Discussed at: EuroBSDCon
Approved by: gjb (release-affecting changes)
r272959 broke compatibility with mfsBSD that stores the default network
config file in /etc/rc.conf.d/network. In order to fix that load the network
config file from netif also.
This change implements a notification (via devctl) to userland when
the kernel produces coredumps after a process has crashed.
devd can then run a specific command to produce a human readable crash
report. The command is most usually a helper that runs gdb/lldb
commands on the file/coredump pair. It's possible to use this
functionality for implementing automatic generation of crash reports.
devd(8) will be notified of the full path of the binary that crashed and
the full path of the coredump file.
This was a discrepancy between ^/projects/building-blocks and ^/head that I
didn't resolve before committing the change to ^/head
Pointyhat to: me
Reported by: jhb
MFC after: 20 days
X-MFC with: r278249
Sponsored by: EMC / Isilon Storage Division
build/install without disrupting other dependent services (see r278249, et
al):
- MK_LOCATE
- MK_MAN
- MK_NLS
- MK_OPENSSL
- MK_PKGBOOTSTRAP
- MK_SENDMAIL
Additional flags need to be handled in etc/Makefile, but it requires
refactoring the relevant scripts in etc/rc.d/*
MFC after: 3 weeks
Sponsored by: EMC / Isilon Storage Division
and IPv6 rules in a single table. ipf -6 -Fa will flush the whole table,
including IPv4 rules. This patch removes the redundant ipf -I -6 -Fa
statement.
PR: 188318
MFC after: 2 weeks
https://wiki.freebsd.org/ReproducibleBuilds
The contrib/sendmail change will be made in the upstream source for a
future sendmail release.
Reviewed by: des
MFC after: 3 days
It tests that all FIBs get a static IPv6 loopback route.
Submitted by: asomers
MFC after: 1 week
Sponsored by: Spectra Logic
MFSpectraBSD: 1048456 on 2014/03/13
1114523 on 2015/01/23
Up to 7 archives of the log will be kept (just for consistency with the other
log rotation rules)
PR: 196788
MFC after: 1 week
Reviewed by: hselasky
Sponsored by: EMC / Isilon Storage Division
Some users build FreeBSD as non-root in Perforce workspaces. By default,
Perforce sets files read-only unless they're explicitly being edited.
As a result, the -f argument must be used to cp in order to override the
read-only flag when copying source files to object directories. Bare use of
'cp' should be avoided in the future.
Update all current users of 'cp' in the src tree.
Reviewed by: emaste
MFC after: 1 week
Sponsored by: Spectra Logic
periodic(8) run, taken from uname(1) '-U' and '-K'
flags.
Reviewed by: allanjude, dvl
Differential Revision: https://reviews.freebsd.org/D1541
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
contains the libraries for Address Sanitizer (asan), Undefined Behavior
Sanitizer (ubsan) and Profile Guided Optimization.
ASan is a fast memory error detector. It can detect the following types
of bugs:
Out-of-bounds accesses to heap, stack and globals
Use-after-free
Use-after-return (to some extent)
Double-free, invalid free
Memory leaks (experimental)
Typical slowdown introduced by AddressSanitizer is 2x.
UBSan is a fast and compatible undefined behavior checker. It enables a
number of undefined behavior checks that have small runtime cost and no
impact on address space layout or ABI.
PLEASE NOTE: the sanitizers still have some rough edges on FreeBSD,
particularly on i386. These will hopefully be smoothed out in the
coming time.
Differential Revision: https://reviews.freebsd.org/D1505
- Fix depend target by removing a space after an "-I" inclusion option.
- Fix some minor compile issues in the "osmtest" utility.
MFC after: 3 days
PR: 196580
Sponsored by: Mellanox Technologies
The SAMPLE message and notes where tab seperated for some parts and hence
displayed incorrectly unless tabstop was set to 8. Switch to spaces to it
displays correctly independent of the tabstop setting.
Sponsored by: Multiplay
The work in r258233 hardcoded the assumption that tests was the last component
of the tests tree by pushing tests as an explicit prefix for the paths in
BSD.tests.dist and /usr was the prefix for all tests, per BSD.usr.dist and all
of the mtree calls used in Makefile.inc1. This assumption breaks if/when one
provides a custom TESTSBASE "prefix", e.g. TESTSBASE=/mytests .
One thing that r258233 did properly though was remove "/usr/tests" creation
from BSD.usr.dist -- that should have not been there in the first place. That
was an "oops" on my part for the work that was originally committed in r241823
MFC after: 2 weeks
Phabric: D1301
Reviewed by: imp
Sponsored by: EMC / Isilon Storage Division
for counter mode), and AES-GCM. Both of these modes have been added to
the aesni module.
Included is a set of tests to validate that the software and aesni
module calculate the correct values. These use the NIST KAT test
vectors. To run the test, you will need to install a soon to be
committed port, nist-kat that will install the vectors. Using a port
is necessary as the test vectors are around 25MB.
All the man pages were updated. I have added a new man page, crypto.7,
which includes a description of how to use each mode. All the new modes
and some other AES modes are present. It would be good for someone
else to go through and document the other modes.
A new ioctl was added to support AEAD modes which AES-GCM is one of them.
Without this ioctl, it is not possible to test AEAD modes from userland.
Add a timing safe bcmp for use to compare MACs. Previously we were using
bcmp which could leak timing info and result in the ability to forge
messages.
Add a minor optimization to the aesni module so that single segment
mbufs don't get copied and instead are updated in place. The aesni
module needs to be updated to support blocked IO so segmented mbufs
don't have to be copied.
We require that the IV be specified for all calls for both GCM and ICM.
This is to ensure proper use of these functions.
Obtained from: p4: //depot/projects/opencrypto
Relnotes: yes
Sponsored by: FreeBSD Foundation
Sponsored by: NetGate
drives or flash keys. It can be enabled by uncommenting a single entry
in default /etc/auto_master. It can also be easily modified to use
fuse-based filesystems instead of in-kernel ones.
There is still one deficiency - the mountpoints are permanent, they
don't disappear when user removes the media. Fixing it needs some
autofs changes.
Differential Revision: https://reviews.freebsd.org/D1210
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
service does not run in jails, it was necessary to change it to something
else when jailed, and NETWORKING was arbitrarily chosen. The divider was
later moved to FILESYSTEMS when it was introduced, but the logic to change
it to NETWORKING when jailed remained. Remove it, as it no longer serves
any purpose.
PR: 194975
MFC after: 1 week
mrouted has been available in ports for the last 8 years as net/mrouted . An
equivalent rc.d script has been present in the port.
Remove all corresponding variables from etc/defaults/rc.conf
Relnotes: yes
A variant of this code has been tested on amd64/i386 for some time by
EMC/Isilon on 10-STABLE/11-CURRENT. It builds on other architectures, but the
code will remain off until it's proven it works on virtual hardware or real
hardware on other architectures
Sponsored by: EMC / Isilon Storage Division
A variant of this code has been tested on amd64/i386 for some time by
EMC/Isilon on 10-STABLE/11-CURRENT. It builds on other architectures, but the
code will remain off until it's proven it works on virtual hardware or real
hardware on other architectures
Sponsored by: EMC / Isilon Storage Division
lib/libthr/tests
A variant of this code has been tested on amd64/i386 for some time by
EMC/Isilon on 10-STABLE/11-CURRENT. It builds on other architectures, but the
code will remain off until it's proven it works on virtual hardware or real
hardware on other architectures
Original work by: pho
Sponsored by: EMC / Isilon Storage Division
have chosen different (and more traditional) stateless/statuful
NAT64 as translation mechanism. Last non-trivial commits to both
faith(4) and faithd(8) happened more than 12 years ago, so I assume
it is time to drop RFC3142 in FreeBSD.
No objections from: net@
500 new testcases
Various TODOs have been sprinkled around the Makefiles for items that even need
to be ported (missing features), testcases have issues with building/linking, or
issues at runtime.
A variant of this code has been tested extensively on amd64 and i386
10-STABLE/11-CURRENT for several months without issue. It builds on other
architectures, but the code will remain off until I have prove it works on
virtual hardware or real hardware on other architectures
In collaboration with: pho, Casey Peel <casey.peel@isilon.com>
Sponsored by: EMC / Isilon Storage Division
pjdfstest execution is opt-in and must be done as root due to some of the
assumptions made by the test suite and lack of error checking in the non-root
case
A description of how to execute pjdfstest with kyua is provided in
share/pjdfstest/README
Phabric: D824 (an earlier prototype patch)
MFC after: 1 month
Relnotes: yes
Sponsored by: EMC / Isilon Storage Division
random script ran before filesystems were mounted, which is no
longer the case.
In random_start(), immediately delete each file that is fed into
/dev/random, and recreate the default entropy file immediately
after reading and deleting it. The logic used in random_stop()
to determine which file to write to should probably be factored
out and used here as well.
do not require additional entropy to function.
It would create a circular dependency (not immediately obvious:
geli provides 'disks' and requires 'random' as of r273872,
'random' requires 'FILESYSTEMS', 'FILESYSTEMS' requires 'root',
'root' requires 'swap', and finally 'swap' requires 'disk').
This code has had an extensive rewrite and a good series of reviews, both by the author and other parties. This means a lot of code has been simplified. Pluggable structures for high-rate entropy generators are available, and it is most definitely not the case that /dev/random can be driven by only a hardware souce any more. This has been designed out of the device. Hardware sources are stirred into the CSPRNG (Yarrow, Fortuna) like any other entropy source. Pluggable modules may be written by third parties for additional sources.
The harvesting structures and consequently the locking have been simplified. Entropy harvesting is done in a more general way (the documentation for this will follow). There is some GREAT entropy to be had in the UMA allocator, but it is disabled for now as messing with that is likely to annoy many people.
The venerable (but effective) Yarrow algorithm, which is no longer supported by its authors now has an alternative, Fortuna. For now, Yarrow is retained as the default algorithm, but this may be changed using a kernel option. It is intended to make Fortuna the default algorithm for 11.0. Interested parties are encouraged to read ISBN 978-0-470-47424-2 "Cryptography Engineering" By Ferguson, Schneier and Kohno for Fortuna's gory details. Heck, read it anyway.
Many thanks to Arthur Mesh who did early grunt work, and who got caught in the crossfire rather more than he deserved to.
My thanks also to folks who helped me thresh this out on whiteboards and in the odd "Hallway track", or otherwise.
My Nomex pants are on. Let the feedback commence!
Reviewed by: trasz,des(partial),imp(partial?),rwatson(partial?)
Approved by: so(des)
Directories for /usr/lib{,32}/{i18n,private} were missing from the mtree
file, which caused installworld to install the files that should be in
the directory as the name of the directory.
interpreted the listed items as port numbers of TCP services.
A service with no suffix still works and recognized as a TCP service for
backward compatibility. It should be updated with /tcp suffix.
PR: 194292
MFC after: 1 week
for i386/amd64. Rather, it only works on i386/amd64 and should only be
built there. Rather than change the default based on which
architecutre, do things more directly by only building it on
i386/amd64 and having it always on. This is how we handle other
options that are relevant only for a few architectures.
Summary:
Add a polling loop (1Hz) to monitor the battery and AC status, to notify devd
like ACPI does for power monitoring. This allows /etc/rc.d/power_profile to
work on PowerPC laptops
Test Plan:
Tested on a Titanium PowerBook, configuring economy_cpu_freq and
performance_cpu_freq, disabling powerd.
Reviewers: #powerpc, nwhitehorn
Reviewed By: nwhitehorn
Subscribers: rpaulo
Differential Revision: https://reviews.freebsd.org/D937
This will prevent vim users from accidentally checking in buggy mtree files
(mixed tabs/spaces).
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
It defines a variable and its default value in load_rc_config() just after
rc.conf is loaded. "rcvar" command shows the current and the default values.
This is an attempt to solve a problem that rc.d scripts from third-party
software do not have entries in /etc/defaults/rc.conf. The fact that
load_rc_config() reads rc.conf only once and /etc/rc invokes the function
before running rc.d scripts made developers confused for a long time because
load_rc_config() just before run_rc_command() in each rc.d script overrides
variables only when the script is directly invoked, not from /etc/rc.
Variables defined in set_rcvar are always set in load_rc_config() after
loading rc.conf. An rc.d script can now be written in a self-contained
manner regarding the related variables as follows:
---
name=foo
rcvar=foo_enable
set_rcvar foo_enable YES "Enable $name"
set_rcvar foo_flags "-s" "Flags to $name"
...
load_rc_config $name
run_rc_command "$@"
---
collision for "no" as a country code with "NO" meaning "do not load any
keymap" (which also has been the default value in etc/defaults/rc.conf
for a long time).
The result of this collision is, that "kbdcontrol -l no" will load the
Norwegian keymap, while "keymap=no" in rc.conf was interpreted as the
lower case spelling of "NO" meaning "no keyboard" (and "no.kbd" was not
loaded).
Fix this by matching only the upper-case spelling "NO" in rc.d/syscons
when deciding whether to load a keymap file.
This will lead to "no.kbd" being loaded, if the until now valid (but
non-default) spelling "no" was used in an individual rc.conf file to mean
"no keyboard". But all alternatives I could think of introduce a larger
violation of POLA ...
Reported by: Gyrd Thane Lange (gyrd-se at thanelange.no)
MFC after: 3 days
Makefiles should not assume that source files can be overwritten. This is the
common case for Perforce source trees.
This is a followup commit to r211243 in the same vein.
MFC after: 1 month
Sponsored by: Spectra Logic
MFSpectraBSD: r1036319 on 2014/01/29, r1046711 on 2014/03/06
This is cleaner and eliminates the unneeded startup of KVP daemon on
systems that do not run as a Hyper-V guest.
Submitted by: hrs
X-MFC-with: 271493, 271688, 271699
run when asked for by the user. Right now, hv_kvpd is run on every boot.
Don't do that.
Add hv_kvpd_enable= for this script to be run.
MFC with 271493
MFC after: 2 weeks
Relnotes: yes
The following warnings were displayed:
sysctl: net.inet.ip.sourceroute=0: Operation not permitted
sysctl: net.inet.ip.accept_sourceroute=0: Operation not permitted
many thanks for their continued support of FreeBSD.
While I'm there, also implement a new build knob, WITHOUT_HYPERV to
disable building and installing of the HyperV utilities when necessary.
The HyperV utilities are only built for i386 and amd64 targets.
This is a stable/10 candidate for inclusion with 10.1-RELEASE.
Submitted by: Wei Hu <weh microsoft com>
MFC after: 1 week
addresses generated by an address range specification. The default
value is 2048. This can be increased by setting $netif_ipexpand_max
in rc.conf.
- Fix warning messages when an address range spec exceeds the upper limit.
PR: 186841
Mounting something in /tmp such as a build jail with nullfs mounts for
some directories can result in very surprising results the next day.
MFC after: 2 weeks
Relnotes: yes
