Commit Graph

7969 Commits

Author SHA1 Message Date
emaste
8dec90b4ee newfs_msdos: prefer snprintf to sprintf
Obtained from:	NetBSD
Sponsored by:	The FreeBSD Foundation
2015-10-16 15:19:36 +00:00
emaste
86f2836d37 newfs_msdos: move mkfs_msdos to separate file for later use in makefs
Sponsored by:	The FreeBSD Foundation
2015-10-15 19:00:33 +00:00
emaste
e0a76fc624 newfs_msdos: rework option parsing to match NetBSD
NetBSD split newfs_msdos in two so that they can reuse the file system
creation part in makefs. This change is a step on the path of bringing
that support to FreeBSD.

Reviewed by:	kib, pfg
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D3905
2015-10-15 16:19:00 +00:00
ngie
15f4d13e5b Replace references to /dev/acd0 with /dev/cd0
atapicd(4) was replaced by cd(4) with the atacam work done by
mav@ and then removed in r249083

X-MFC to: stable/10
MFC after: 2 weeks
2015-10-13 17:14:27 +00:00
adrian
3f29c57f4e casperd: bump default socket queue length to SOMAXCONN; make length configurable.
The current default listen queue for casperd is too small (8) and
hard-coded.

This patch increases the default to SOMAXCONN, and introduces a command
line flag that can used to further increase or decrease the queue length.

PR:		bin/202147
Submitted by:	<lidl@pix.net>
2015-10-13 02:34:41 +00:00
ngie
dd1f618367 Refactor the test/ Makefiles after recent changes to bsd.test.mk (r289158) and
netbsd-tests.test.mk (r289151)

- Eliminate explicit OBJTOP/SRCTOP setting
- Convert all ad hoc NetBSD test integration over to netbsd-tests.test.mk
- Remove unnecessary TESTSDIR setting
- Use SRCTOP where possible for clarity

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Divison
2015-10-12 08:16:03 +00:00
mav
64d53c4c7d Remove compatibility shims for legacy ATA device names.
We got new ATA stack in FreeBSD 8.x, switched to it at 9.x, completely
removed old stack at 10.x, so at 11.x it is time to remove compat shims.
2015-10-11 13:01:51 +00:00
trasz
8eb11bc852 Add 'p' postfix to mdconfig(8).
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-10-10 09:37:31 +00:00
trasz
1c53e39027 Make geom_nop(4) collect statistics on all types of BIOs, not just
reads and writes.

PR:		kern/198405
Submitted by:	Matthew D. Fuller <fullermd at over-yonder dot net>
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D3679
2015-10-10 09:03:31 +00:00
bapt
8a05965c77 Only print the errno string in case sysctl(3) does not file with ENOENT
This reduces the noise in error reporing from sysctl(8):

Before:
$ sysctl bla=something
sysctl: unknown oid 'bla': No such file or directory

After:
$ sysctl bla=something
sysctl: unknown oid 'bla'

MFC after:	1 week
Sponsored by:	Gandi.net
2015-10-07 09:28:54 +00:00
bapt
198f362e32 Trim spaces at the end of the buffer before trying to convert it to an oid
This allows to write entries in sysctl.conf with spaces before the '=' like
kern.ipc.shmmax = 9663676416

MFC after:	1 week
Sponsored by:	Gandi.net
2015-10-07 08:56:01 +00:00
delphij
4ba30d9149 Now that we own the code, use arc4random(3) unconditionally
and remove the corresponding HAVE_ARC4RANDOM conditions.

MFC after:	2 weeks
2015-10-06 23:42:58 +00:00
ae
8472d6f85d Fix possible segmentation fault.
PR:		203494
MFC after:	1 week
2015-10-03 03:12:57 +00:00
bdrewery
2a5d62de17 META_MODE: For some reason meta mode cannot generate the intermediate tab.c
files.  Split up all of the targets to be more clear on how they are generated
to fix the problem.

MFC after:	2 weeks
Sponsored by:	EMC / Isilon Storage Division
2015-10-02 07:00:43 +00:00
cperciva
8e136c4370 Disable suspend when we're shutting down. This solves the "tell FreeBSD
to shut down; close laptop lid" scenario which otherwise tended to end
with a laptop overheating or the battery dying.

The implementation uses a new sysctl, kern.suspend_blocked; init(8) sets
this while rc.suspend runs, and the ACPI sleep code ignores requests while
the sysctl is set.

Discussed on:	freebsd-acpi (35 emails)
MFC after:	1 week
2015-10-01 10:52:26 +00:00
ngie
224e90af33 Replace N #defines with nitems to simplify ifconfig code slightly
MFC after: 1 week
2015-09-27 07:51:18 +00:00
bdrewery
54ea4abf6e Add SUBDIR_PARALLEL.
MFC after:	2 weeks
Sponsored by:	EMC / Isilon Storage Division
2015-09-26 01:28:50 +00:00
bdrewery
e29e60475b Remove disconnected directories.
These were added disconnected in 2005 in r145524.

Sponsored by:	EMC / Isilon Storage Division
2015-09-26 01:24:35 +00:00
bdrewery
459799dc3d META_MODE: Remove DEP_MACHINE from Makefile.depend files.
This has not been needed since r246865 in projects/bmake.

Sponsored by:	EMC / Isilon Storage Division
2015-09-25 19:44:01 +00:00
bdrewery
f37faa57f7 META_MODE: Remove DEP_RELDIR from Makefile.depend files.
This has not been needed since r284171 in projects/bmake.

Sponsored by:	EMC / Isilon Storage Division
2015-09-25 19:26:08 +00:00
phk
97cc39b53e Fix two cases where "const" were washed off pointers with strchr(3) 2015-09-25 07:37:00 +00:00
rstone
24d3763284 Fix /sbin/route to never look up (invalid) interface names through DNS
/sbin/route has a bug where if it is passed an interface name that does
not exist, it falls through and winds up interpreting it as a hostname.
It fails out eventually, but on a system where DNS lookup is broken you
can end up waiting for up to 60 seconds waiting for the DNS lookup to
timeout.  I'm not quite sure what happens if the DNS lookup somehow
succeeds but I doubt that can end well.

Reviewed by:	markj, cem
MFC after:	2 weeks
Sponsored by:	EMC/Isilon Storage Division
2015-09-17 16:56:49 +00:00
bdrewery
bdebc05d94 Update META_MODE dependencies. 2015-09-17 05:06:34 +00:00
allanjude
6093eb3b9f Make ifconfig always exit with an error code if an important ioctl fails
PR:		203062
Arm Twisting by:	Kristof Provost
Reviewed by:	kp
Approved by:	bapt (mentor)
MFC after:	2 weeks
Relnotes:	yes
Sponsored by:	ScaleEngine Inc.
Sponsored by:	vBSDCon
Differential Revision:	https://reviews.freebsd.org/D3644
2015-09-16 03:03:19 +00:00
trasz
58cf716bce Add a way to specify stripesize and stripeoffset to gnop(8). This makes
it possible to "simulate" 4K media, to eg test alignment handling.

Reviewed by:	mav@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D3664
2015-09-15 18:01:59 +00:00
hrs
f39d1c8c53 - Remove #ifdef HAVE_POLL_H.
- Use nitems().

MFC after:	3 days
2015-09-10 06:40:28 +00:00
hrs
099cf5ebd0 - Remove GIF_{SEND,ACCEPT}_REVETHIP.
- Simplify EADDRNOTAVAIL and EAFNOSUPPORT conditions.

MFC after:	3 days
2015-09-10 05:59:39 +00:00
trasz
38650361d8 The dumpfs(8) utility doesn't actually use disktab(5); remove it
from "SEE ALSO".

MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-09-03 11:40:47 +00:00
trasz
d120f27870 Fix markup.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-09-02 14:10:09 +00:00
trasz
c05bbe4d23 It's 2015, and some people are still trying to use fdisk and then
go asking what debug flags to set for GEOM to make it work.  Advice
them to use gpart(8) instead.

Something similar should probably done with disklabel,
but I need to rewrite the disklabel examples first.

Reviewed by:	wblock@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D3315
2015-09-02 14:08:43 +00:00
kp
2a1a59d8e1 pf: Remove support for 'scrub fragment crop|drop-ovl'
The crop/drop-ovl fragment scrub modes are not very useful and likely to confuse
users into making poor choices.
It's also a fairly large amount of complex code, so just remove the support
altogether.

Users who have 'scrub fragment crop|drop-ovl' in their pf configuration will be
implicitly converted to 'scrub fragment reassemble'.

Reviewed by:	gnn, eri
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D3466
2015-08-27 21:27:47 +00:00
araujo
f03e7b319b Code cleanup unused-but-set-variable spotted by gcc.
Approved by:	bapt (mentor)
Differential Revision:	D3475
2015-08-25 15:33:09 +00:00
araujo
9ff051aa1c Code cleanup unused-but-set-variable spotted by gcc.
Reviewed by:	melifaro
Approved by:	bapt (mentor)
Differential Revision:	D3473
2015-08-25 15:32:08 +00:00
marcel
02ffac2cca Upgrade libxo to 0.4.5.
Local changes incorporated by 0.4.5: r284340
Local changes retained: r276260, r282117

Obtained from:	https://github.com/Juniper/libxo
2015-08-24 16:26:20 +00:00
loos
498601242d Add ALTQ(9) support for the CoDel algorithm.
CoDel is a parameterless queue discipline that handles variable bandwidth
and RTT.

It can be used as the single queue discipline on an interface or as a sub
discipline of existing queue disciplines such as PRIQ, CBQ, HFSC, FAIRQ.

Differential Revision:	https://reviews.freebsd.org/D3272
Reviewd by:	rpaulo, gnn (previous version)
Obtained from:	pfSense
Sponsored by:	Rubicon Communications (Netgate)
2015-08-21 22:02:22 +00:00
ken
44638d924c Revamp camcontrol(8) fwdownload support and add the opcodes subcommand.
The significant changes and bugs fixed here are:

1. Fixed a bug in the progress display code:

   When the user's filename is too big, or his terminal width is too
   small, the progress code could wind up using a negative number for
   the length of the "stars" that it uses to indicate progress.

   This negative value was assigned to an unsigned variable, resulting
   in a very large positive value.

   The result is that we wound up writing garbage from memory to the
   user's terminal.

   With an 80 column terminal, a file name length of more than 35
   characters would generate this problem.

   To address this, we now set a minimum progress bar length, and
   truncate the user's file name as needed.

   This has been tested with large filenames and small terminals, and
   at least produces reasonable results.  If the terminal is too
   narrow, the progress display takes up an additional line with each
   update, but this is more user friendly than writing garbage to the
   tty.

2. SATA drives connected via a SATA controller didn't have SCSI Inquiry
   data populated in struct cam_device.  This meant that the code in
   fw_get_vendor() in fwdownload.c would try to match a zero-length
   vendor ID, and so return the first entry in the vendor table.  (Which
   used to be HITACHI.)  Fixed by grabbing identify data, passing the
   identify buffer into fw_get_vendor(), and matching against the model
   name.

3. SATA drives connected via a SAS controller do have Inquiry data
   populated.  The table included a couple of entries -- "ATA ST" and
   "ATA HDS", intended to handle Seagate and Hitachi SATA drives attached
   via a SAS controller.  SCSI to ATA translation layers use a vendor
   ID of "ATA" (which is standard), and then the model name from the ATA
   identify data as the SCSI product name when they are returning data on
   SATA disks.  The cam_strmatch code will match the first part of the
   string (because the length it is given is the length of the vendor,
   "ATA"), and return 0 (i.e. a match).  So all SATA drives attached to
   a SAS controller would be programmed using the Seagate method
   (WRITE BUFFER mode 7) of SCSI firmware downloading.

4. Issue #2 above covered up a bug in fw_download_img() -- if the
   maximum packet size in the vendor table was 0, it tried to default
   to a packet size of 32K.  But then it didn't actually succeed in
   doing that, because it set the packet size to the value that was
   in the vendor table (0).  Now that we actually have ATA attached
   drives fall use the VENDOR_ATA case, we need a reasonable default
   packet size.  So this is fixed to properly set the default packet size.

5. Add support for downloading firmware to IBM LTO drives, and add a
   firmware file validation method to make sure that the firmware
   file matches the drive type.  IBM tape drives include a Load ID and
   RU name in their vendor-specific VPD page 0x3.  Those should match
   the IDs in the header of the firmware file to insure that the
   proper firmware file is loaded.

6. This also adds a new -q option to the camcontrol fwdownload
   subcommand to suppress informational output.  When -q is used in
   combination with -y, the firmware upgrade will happen without
   prompting and without output except if an error condition occurs.

7. Re-add support for printing out SCSI inquiry information when
   asking the user to confirm that they want to download firmware, and
   add printing of ATA Identify data if it is a SATA disk.  This was
   removed in r237281 when support for flashing ATA disks was added.

8. Add a new camcontrol(8) "opcodes" subcommand, and use the
   underlying code to get recommended timeout values for drive
   firmware downloads.

   Many SCSI devices support the REPORT SUPPORTED OPERATION CODES
   command, and some support the optional timeout descriptor that
   specifies nominal and recommended timeouts for the commands
   supported by the device.

   The new camcontrol opcodes subcommand allows displaying all
   opcodes supported by a drive, information about which fields
   in a SCSI CDB are actually used by a given SCSI device, and the
   nominal and recommended timeout values for each command.

   Since firmware downloads can take a long time in some devices, and
   the time varies greatly between different types of devices, take
   advantage of the infrastructure used by the camcontrol opcodes
   subcommand to determine the best timeout to use for the WRITE
   BUFFER command in SCSI device firmware downloads.

   If the device recommends a timeout, it is likely to be more
   accurate than the default 50 second timeout used by the firmware
   download code.  If the user specifies a timeout, it will override
   the default or device recommended timeout.  If the device doesn't
   support timeout descriptors, we fall back to the default.

9. Instead of downloading firmware to SATA drives behind a SAS controller
   using WRITE BUFFER, use the SCSI ATA PASS-THROUGH command to compose
   an ATA DOWNLOAD MICROCODE command and it to the drive.  The previous
   version of this code attempted to send a SCSI WRITE BUFFER command to
   SATA drives behind a SAS controller.  Although that is part of the
   SAT-3 spec, it doesn't work with the parameters used with LSI
   controllers at least.

10.Add a new mechanism for making common ATA passthrough and
   ATA-behind-SCSI passthrough commands.

   The existing camcontrol(8) ATA command mechanism checks the device
   type on every command executed.  That works fine for individual
   commands, but is cumbersome for things like a firmware download
   that send a number of commands.

   The fwdownload code detects the device type up front, and then
   sends the appropriate commands.

11.In simulation mode (-s), if the user specifies the -v flag, print out
   the SCSI CDB or ATA registers that would be sent to the drive.  This will
   aid in debugging any firmware download issues.

sbin/camcontrol/fwdownload.c:
	Add a device type to the fw_vendor structure, so that we can
	specify different download methods for different devices from the
	same vendor.  In this case, IBM hard drives (from when they
	still made hard drives) and tape drives.

	Add a tur_status field to the fw_vendor structure so that we can
	specify whether the drive to be upgraded should be ready, not
	ready, or whether it doesn't matter.  Add the corresponding
	capability in fw_download_img().

	Add comments describing each of the vendor table fields.

	Add HGST and SmrtStor to the supported SCSI vendors list.

	In fw_get_vendor(), look at ATA identify data if we have a SATA
	device to try to identify what the drive vendor is.

	Add IBM firmware file validation.  This gets VPD page 0x3, and
	compares the Load ID and RU name in the page to the values
	included in the header.  The validation code will refuse to load
	a firmware file if the values don't match.  This does allow the
	user to attempt a downgrade; whether or not it succeeds will
	likely depend on the drive settings.

	Add a -q option, and disable all informative output
	(progress bars, etc.) when this is enabled.

	Re-add the inquiry in the confirmation dialog so the user has
	a better idea of which device he is talking to.  Add support for
	displaying ATA identify data.

	Don't automatically disable confirmation in simulation (-s) mode.
	This allows the user to see the inquiry or identify data in the
	dialog, and see exactly what they would see when the command
	actually runs.  Also, in simulation mode, if the user specifies
	the -v flag, print out the SCSI CDB or ATA registers that would
	be sent to the drive.  This will aid in debugging any firmware
	download issues.

	Add a timeout field and timeout type to the firmware download
	vendor table.  This allows specifying a default timeout and allows
	specifying whether we should attempt to probe for a recommended
	timeout from the drive.

	Add a new fuction, fw_get_timeout(), that will determine
	which timeout to use for the WRITE BUFFER command.  If the
	user specifies a timeout, we always use that.  Otherwise,
	we will use the drive recommended timeout, if available,
	and fall back to the default when a drive recommended
	timeout isn't available.

	When we prompt the user, tell him what timeout we're going
	to use, and the source of the timeout.

	Revamp the way SATA devices are handled.

	In fwdownload(), use the new get_device_type() function to
	determine what kind of device we're talking to.

	Allow firmware downloads to any SATA device, but restrict
	SCSI downloads to known devices.  (The latter is not a
	change in behavior.)

	Break out the "ready" check from fw_download_img() into a
	new subfunction, fw_check_device_ready().  This sends the
	appropriate command to the device in question -- a TEST
	UNIT READY or an IDENTIFY.  The IDENTIFY for SATA devices
 	a SAT layer is done using the SCSI ATA PASS-THROUGH
	command.

	Use the new build_ata_cmd() function to build either a SCSI or
	ATA I/O CCB to issue the DOWNLOAD MICROCODE command to SATA
	devices.  build_ata_cmd() figures looks at the devtype argument
	and fills in the correct CCB type and CDB or ATA registers.

	Revamp the vendor table to remove the previous
	vendor-specific ATA entries and use a generic ATA vendor
	placeholder.  We currently use the same method for all ATA
	drives, although we may have to add vendor-specific
	behavior once we test this with more drives.

sbin/camcontrol/progress.c:
	In progress_draw(), make barlength a signed value so that
	we can easily detect a negative value.

	If barlength (the length of the progress bar) would wind up
	negative due to a small TTY width or a large filename,
	set the bar length to the new minimum (10 stars) and
	truncate the user's filename.  We will truncate it down to
	0 characters if necessary.

	Calculate a new prefix_len variable (user's filename length)
	and use it as the precision when printing the filename.

sbin/camcontrol/camcontrol.c:
	Implement a new camcontrol(8) subcommand, "opcodes".  The
	opcodes subcommand allows displaying the entire list of
	SCSI commands supported by a device, or details on an
	individual command.  In either case, it can display
	nominal and recommended timeout values.

	Add the scsiopcodes() function, which calls the new
	scsigetopcodes() function to fetch opcode data from a
	drive.

	Add two new functions, scsiprintoneopcode() and
	scsiprintopcodes(), which print information about one
	opcode or all opcodes, respectively.

	Remove the get_disk_type() function.  It is no longer used.

	Add a new function, dev_has_vpd_page(), that fetches the
	supported INQUIRY VPD list from a device and tells the
	caller whether the requested VPD page is available.

	Add a new function, get_device_type(), that returns a more
	precise device type than the old get_disk_type() function.
	The get_disk_type() function only distinguished between
	SCSI and ATA devices, and SATA devices behind a SCSI to ATA
	translation layer were considered to be "SCSI".

	get_device_type() offers a third type, CC_DT_ATA_BEHIND_SCSI.
	We need to know this to know whether to attempt to send ATA
	passthrough commands.  If the device has the ATA
	Information VPD page (0x89), then it is an ATA device
	behind a SCSI to ATA translation layer.

	Remove the type argument from the fwdownload() subcommand.

	Add a new function, build_ata_cmd(), that will take one set
	of common arguments and build either a SCSI or ATA I/O CCB,
	depending on the device type passed in.

sbin/camcontrol/camcontrol.h:
	Add a prototype for scsigetopcodes().

	Add a new enumeration, camcontrol_devtype.

	Add prototypes for dev_has_vpd_page(), get_device_type()
	and build_ata_cmd().

	Remove the type argument from the fwdownload() subcommand.

sbin/camcontrol/camcontrol.8
	Explain that the fwdownload subcommand will use the drive
	recommended timeout if available, and that the user can
	override the timeout.

	Document the new opcodes subcommand.

	Explain that we will attempt to download firmware to any
	SATA device.

	Document supported SCSI vendors, and models tested if known.

	Explain the commands used to download firmware for the
	three different drive and controller combinations.

	Document that the -v flag in simulation mode for the fwdownload
	subcommand will print out the SCSI CDBs or ATA registers that would
	be used.

sys/cam/scsi/scsi_all.h:
	Add new bit definitions for the one opcode descriptor for
	the REPORT SUPPORTED OPCODES command.

	Add a function prototype for scsi_report_supported_opcodes().

sys/cam/scsi/scsi_all.c:
	Add a new CDB building function, scsi_report_supported_opcodes().

Sponsored by:	Spectra Logic
MFC after:	1 week
2015-08-20 16:07:51 +00:00
delphij
376f56d8e0 Use arc4random_buf(). While there, unifdef the code for HAVE_ARC4RANDOM.
MFC after:	2 weeks
2015-08-16 23:23:58 +00:00
dim
06a3ccc484 In ipfw2, avoid left-shifting negative integers, which is undefined.
While here, make some other arguments to htonl(3) unsigned too.

MFC after:	3 days
2015-08-12 21:07:57 +00:00
hiren
99dda03ed4 Make LAG LACP fast timeout tunable through IOCTL.
Differential Revision:	D3300
Submitted by:		LN Sundararajan <lakshmi.n at msystechnologies>
Reviewed by:		wblock, smh, gnn, hiren, rpokala at panasas
MFC after:		2 weeks
Sponsored by:		Panasas
2015-08-12 20:21:04 +00:00
brueffer
2dc82f9774 Fix a few mandoc warnings.
MFC after:	1 week
2015-08-12 10:34:05 +00:00
feld
c11e6697ea sbin/ipfw fix typo: info -> into
example:

DEPRECATED: inserting data into non-existent table sshguard. (auto-created)

Approved by:	bdrewery
2015-08-10 22:02:01 +00:00
pjd
f1eded629e Allow to disable BIO_DELETE passthru in fstab for swap-on-geli devices by
passing 'notrim' option.

PR:		198863
Submitted by:	Matthew D. Fuller fullermd at over-yonder dot net
2015-08-08 09:57:38 +00:00
pjd
2ae822a47d Enable BIO_DELETE passthru in GELI, so TRIM/UNMAP can work as expected when
GELI is used on a SSD or inside virtual machine, so that guest can tell
host that it is no longer using some of the storage.

Enabling BIO_DELETE passthru comes with a small security consequence - an
attacker can tell how much space is being really used on encrypted device and
has less data no analyse then. This is why the -T option can be given to the
init subcommand to turn off this behaviour and -t/T options for the configure
subcommand can be used to adjust this setting later.

PR:		198863
Submitted by:	Matthew D. Fuller fullermd at over-yonder dot net

This commit also includes a fix from Fabian Keil freebsd-listen at
fabiankeil.de for 'configure' on onetime providers which is not strictly
related, but is entangled in the same code, so would cause conflicts if
separated out.
2015-08-08 09:51:38 +00:00
trasz
06d7ad38a7 Whoops, wrong flag.
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-08-06 07:49:34 +00:00
trasz
041feea99f Tweak mdconfig(8) manual page, in particular revise the EXAMPLES
section.  This removes stuff that doesn't really belong there,
and simplifies examples for the basic operations.

Reviewed by:	wblock@
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D3198
2015-08-06 07:47:13 +00:00
delphij
247f258761 Fix a bug which could make routed(8) daemon exit by sending a special RIP
query from a remote machine, similar to SA-14:21.routed.

Submitted by:	hrs
2015-08-05 22:04:56 +00:00
melifaro
bcaee5870c Fix ipfw range deletion.
Spotted by:	ian,julian
2015-08-03 14:31:06 +00:00
gnn
526fd31fd3 Add support for keys that include 4 byte SALT values,
including GCM and ICM/CTR modes for AES.

Reviewed by:	jmg
MFC after:	1 week
Sponsored by:	Rubicon Communications (Netgate)
2015-07-31 23:40:18 +00:00
gnn
a2deec2ed0 Summary: Remove unsupported 3des-deriv encryption algorithm from documentation. 2015-07-31 17:41:53 +00:00
imp
5f3e1e3c1b Teach sysctl about the new optional suffix after IK to specify
precision. Update input as well. Add IK to the manual (it was missing
completely).

Differential Revision: https://reviews.freebsd.org/D3181
2015-07-29 02:34:25 +00:00
trasz
b634dbb0e0 Add missing SIGUSR1 description.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2015-07-24 18:14:57 +00:00
cem
a5167194cf mount_nfs: Be more clear on nmount(2) error with errmsg unset
Differential Revision:	https://reviews.freebsd.org/D3147
Reviewed by:	rmacklem
Approved by:	markj (mentor)
MFC after:	2 weeks
Sponsored by:	EMC / Isilon Storage Division
2015-07-22 22:53:40 +00:00
jimharris
407398e138 nvmecontrol: read controller identify data before any log page operations
MFC after:	3 days
Sponsored by:	Intel
2015-07-22 16:10:29 +00:00
ae
d0ec2bec82 lseek() allows an offset to be set beyond the end of file. Using
it to check that partition has enough space to write bootcode doesn't
work. Use the known size of provider instead.

PR:		201504
MFC after:	1 week
2015-07-21 06:18:42 +00:00
gnn
1c64df87f0 Only report the lack of ALTQ support if pfctl is using verbose (-v) mode.
PR:		194935
Submitted by:	Jim Thompson
MFC after:	2 weeks
2015-07-20 23:24:25 +00:00
trasz
99151ef476 Document suspend/resume notification in devd.conf(5).
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2015-07-18 12:24:54 +00:00
trasz
fd66ea2d92 Add CARP events description to devd.conf(5).
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2015-07-18 12:17:59 +00:00
araujo
fef08dc0c4 Fix contraction spotted by igor(1) and remove 2 .Ed spotted by mandoc(1).
Also, don't capitalize "module" and remove a redundant phrase introduced
in my previous commit.

Differential Revision:	D3112
Reviewed by:		wblock
Sponsored by:		gandi.net
2015-07-18 03:14:49 +00:00
araujo
e34b290dec Describe how to load gmultipath at boot time.
Differential Revision:	D3112
Reviewed by:		allanjude, bapt
Sponsored by:		gandi.net
2015-07-17 06:34:46 +00:00
jmg
9a743646f3 fix the docs, the number of frags per inode (NFPI) changed in r228794
to 2 from 4, but the man page didn't get updated...

other minor changes to make igor happy...

MFC after:	3 days
2015-07-15 21:35:09 +00:00
allanjude
44bd001082 Add a new option to gpart(8) to fix Lenovo BIOS boot issue
PR:		184910
Reviewed by:	ae, wblock
Approved by:	marcel
MFC after:	3 days
Relnotes:	yes
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D3065
2015-07-15 02:23:55 +00:00
brueffer
b7efde0f3f Cleanup; mostly language with a little bit of mdoc style.
MFC after:	1 week
2015-07-14 14:01:33 +00:00
brueffer
5026cf8dae Unbreak ggatec and ggatel on i386 after r238119, which added two more
'struct g_gate_ctl_create' fields.

While the behaviour was technically undefined on other architectures
as well, on the reporter's amd64 systems the uninitialized bytes the
kernel cares about were always zero so everything worked as expected.

PR:		197309, 199559
Submitted by:	ota@j.email.ne.jp, Fabian Keil
Reviewed by:	pjd
MFC after:	1 week
2015-07-14 10:49:36 +00:00
brueffer
4ebfbfaa3f If ggated's exports_find() fails, the connection is removed before
(trying to) report the problem to the client.

sendfail() is called with an already closed socket and thus it
fails to inform the client about the problem.

Fix this by calling sendfail() before connection_remove().

PR:		195944
Submitted by:	Fabian Keil
Reviewed by:	pjd
MFC after:	1 week
2015-07-14 09:25:10 +00:00
rmacklem
46b57cf01f Since the case where secflavor < 0 indicates the security flavor is
to be negotiated, it could be a Kerberized mount. As such, filling
in the "principal" argument using the canonized host name makes sense.
If it is negotiated as AUTH_SYS, the "principal" argument is meaningless
but harmless.

Requested by:	masato@itc.naist.jp
Tested by:	masato@itc.naist.jp
PR:		201073
MFC after:	1 month
2015-07-07 23:41:25 +00:00
araujo
b314536951 Remove unused variable flags reported by clang. The function zygote_clone()
always receive the flags with value 0 and this flags is never checked on
zygote_main().

Differential Revision:	D2689
Reviewed by:		rodrigc, oshogbo
2015-07-04 17:38:56 +00:00
gnn
9854b22dd7 Update the date on the manual page.
Noticed by: bz
2015-07-03 20:42:31 +00:00
gnn
ea302f3ee6 New AES modes for IPSec, user space components.
Update setkey and libipsec to understand aes-gcm-16 as an
encryption method.

A partial commit of the work in review D2936.

Submitted by:	eri
Reviewed by:	jmg
MFC after:	2 weeks
Sponsored by:	Rubicon Communications (Netgate)
2015-07-03 20:09:14 +00:00
oshogbo
55d9527633 Let the nv.h and dnv.h includes be only in sys directory.
Change consumers to include those files from sys.
Add duplicated files to ObsoleteFiles.

Approved by:	pjd (mentor)
2015-07-02 21:58:10 +00:00
brueffer
eab58cf894 Add -b to the devlist usage info, forgotten in r260059.
PR:		195094
Submitted by:	robin.hahling@gw-computing.net
MFC after:	1 week
2015-07-02 13:57:26 +00:00
brueffer
7e19266964 Fix an obviously wrong boolean operator.
PR:		200983
Submitted by:	David Bindeman
MFC after:	1 week
2015-07-02 12:14:48 +00:00
pjd
7d4cefa995 Allow to omit keyfile number for the first keyfile. 2015-07-02 10:55:32 +00:00
gnn
2971c30634 Fix support for the null encryption algorithm which now requires
a key.

Sponsored by: Rubicon Communications (Netgate)
2015-06-25 18:38:58 +00:00
eri
70cda65ad9 ALTQ FAIRQ discipline import from DragonFLY
Differential Revision:  https://reviews.freebsd.org/D2847
Reviewed by:    glebius, wblock(manpage)
Approved by:    gnn(mentor)
Obtained from:  pfSense
Sponsored by:   Netgate
2015-06-24 19:16:41 +00:00
rmacklem
be596a3535 Document that a forced dismount of an NFSv3 mount when the
NLM (rpc.lockd) is running can crash the system.
Unfortunately this is not easy to fix, but I have left
PR#200585 open.

PR:		200585
MFC after:	3 days
2015-06-17 23:24:46 +00:00
sjg
852129abd1 new depends 2015-06-16 23:37:19 +00:00
bapt
594e07bd1b Revert r284417 it is not necessary anymore 2015-06-15 19:28:07 +00:00
bapt
9fb85ece8b Enforce overwritting SHLIBDIR
Since METAMODE has been added, sys.mk loads bsd.mkopt.mk which ends load loading
bsd.own.mk which then defines SHLIBDIR before all the Makefile.inc everywhere.

This makes /lib being populated again.

Reported by:	many
2015-06-15 15:34:20 +00:00
sjg
008d7c831f Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.

Still need to add real targets under targets/ to build packages.

Differential Revision:       D2796
Reviewed by: brooks imp
2015-06-13 19:20:56 +00:00
brueffer
06a33e037a Add a missing word, should have been in r284290.
Submitted by:	Fabian Keil
2015-06-12 15:03:59 +00:00
brueffer
d837fde034 Improve grammar.
PR:		200673
Submitted by:	Fabian Keil
Obtained from:	ElectroBSD
2015-06-11 23:05:49 +00:00
brueffer
31d9c5b9e4 Consistently use trailing whitespace in passphrase prompts.
PR:		193496
Submitted by:	Fabian Keil
MFC after:	1 week
2015-06-11 00:24:33 +00:00
sjg
ffa642d5c6 Revert unneeded change 2015-06-10 13:57:11 +00:00
ken
aec8808588 Add support for reading MAM attributes to camcontrol(8) and libcam(3).
MAM is Medium Auxiliary Memory and is most commonly found as flash
chips on tapes.

This includes support for reading attributes and decoding most
known attributes, but does not yet include support for writing
attributes or reporting attributes in XML format.

libsbuf/Makefile:
	Add subr_prf.c for the new sbuf_hexdump() function.  This
	function is essentially the same function.

libsbuf/Symbol.map:
	Add a new shared library minor version, and include the
	sbuf_hexdump() function.

libsbuf/Version.def:
	Add version 1.4 of the libsbuf library.

libutil/hexdump.3:
	Document sbuf_hexdump() alongside hexdump(3), since it is
	essentially the same function.

camcontrol/Makefile:
	Add attrib.c.

camcontrol/attrib.c:
	Implementation of READ ATTRIBUTE support for camcontrol(8).

camcontrol/camcontrol.8:
	Document the new 'camcontrol attrib' subcommand.

camcontrol/camcontrol.c:
	Add the new 'camcontrol attrib' subcommand.

camcontrol/camcontrol.h:
	Add a function prototype for scsiattrib().

share/man/man9/sbuf.9:
	Document the existence of sbuf_hexdump() and point users to
	the hexdump(3) man page for more details.

sys/cam/scsi/scsi_all.c:
	Add a table of known attributes, text descriptions and
	handler functions.

	Add a new scsi_attrib_sbuf() function along with a number
	of other related functions that help decode attributes.

	scsi_attrib_ascii_sbuf() decodes ASCII format attributes.

	scsi_attrib_int_sbuf() decodes binary format attributes, and
	will pass them off to scsi_attrib_hexdump_sbuf() if they're
	bigger than 8 bytes.

	scsi_attrib_vendser_sbuf() decodes the vendor and drive
	serial number attribute.

	scsi_attrib_volcoh_sbuf() decodes the Volume Coherency
	Information attribute that LTFS writes out.

sys/cam/scsi/scsi_all.h:
	Add a number of attribute-related structure definitions and
	other defines.

	Add function prototypes for all of the functions added in
	scsi_all.c.

sys/kern/subr_prf.c:
	Add a new function, sbuf_hexdump().  This is the same as
	the existing hexdump(9) function, except that it puts the
	result in an sbuf.

	This also changes subr_prf.c so that it can be compiled in
	userland for includsion in libsbuf.

	We should work to change this so that the kernel hexdump
	implementation is a wrapper around sbuf_hexdump() with a
	statically allocated sbuf with a drain.  That will require
	a drain function that goes to the kernel printf() buffer
	that can take a non-NUL terminated string as input.
	That is because an sbuf isn't NUL-terminated until it is
	finished, and we don't want to finish it while we're still
	using it.

	We should also work to consolidate the userland hexdump and
	kernel hexdump implemenatations, which are currently
	separate.  This would also mean making applications that
	currently link in libutil link in libsbuf.

sys/sys/sbuf.h:
	Add the prototype for sbuf_hexdump(), and add another copy
	of the hexdump flag values if they aren't already defined.

	Ideally the flags should be defined in one place but the
	implemenation makes it difficult to do properly.  (See
	above.)

Sponsored by:	Spectra Logic Corporation
MFC after:	1 week
2015-06-09 21:39:38 +00:00
sjg
75a137820d dirdeps.mk now sets DEP_RELDIR 2015-06-08 23:35:17 +00:00
bapt
99d7d587eb Remove useless WARNS 2015-06-06 13:49:54 +00:00
araujo
33cba056a8 Remove unused variables reported by clang.
Differential Revision:	D2688
Reviewed by:		rodrigc, mav
2015-06-02 09:05:45 +00:00
pkelsey
e78dd9d8eb Add CAP_FCNTL to the lease file capsicum rights, and limit to
CAP_FCNTL_GETFL.  Without CAP_FCNTL_GETFL, the lease file truncation
in rewrite_client_leases() will fail to trim old data when rewriting
the file with a lesser amount of data.

Reviewed by: pjd, rwatson
Approved by: jmallett (mentor)
MFC after: 1 week
2015-05-28 05:38:07 +00:00
sjg
65145fa4c8 Merge sync of head 2015-05-27 01:19:58 +00:00
ae
d8fcba70ad Print leading zeroes of UFS2 fs_id like we do for UFS1.
PR:		156908
MFC after:	1 week
2015-05-26 18:27:38 +00:00
melifaro
cf1bb4659c Bring back support for checking tables via "ipfw -n".
Currently we have different table key types which can easily interfere
with each other (numbers and IPv4 address, interface names and hostnames,
  flows and hostnames/addresses).
This conflicts are solved by [auto-]creating _typed_ tables, so after
table is created, only keys of given type can be inserted to that table.
ipfw(8) consults with kernel about key/value type for particular table so
it knows key/value interpretation.
However, we have 2 cases (adding entries to non-existing table and
  parsing configuration file via `ipfw -n`) when kernel is unable to
  provide us table info we need. Fix the latter case by partially importing
  old `table_fill_xentry()` parse function responsible for guessing key type.

Sponsored by:	Yandex LLC
2015-05-19 18:29:13 +00:00
allanjude
81ff9d02cd Fix error in gmountver(8) man page
Also fixes the usage statement for the binary to use the correct terms (provider and geom name, rather than dev and prov, which is incorrect in the latter case)
Sync the man page summary with the new usage statement

PR:		199540
Differential Revision:	https://reviews.freebsd.org/D2329
Submitted by:	Fabian Keil
Reviewed by:	trasz
Approved by:	eadler (mentor)
Obtained from:	ElectroBSD (original)
MFC after:	1 week
Sponsored by:	ScaleEngine Inc.
2015-05-18 19:37:55 +00:00
melifaro
bd614cce8b * Update SFF-8024 Identifier constants.
* Fix SFF_8436_CC_EXT in SFF-8436 memory map.
* Add SFF-8436/8636 bits (revision compliance/nominal bitrate).
* Do some small style/type fixes.
2015-05-16 13:11:35 +00:00
melifaro
78a71b3a33 Simplify i2c reader: we don't need per-NIC handler anymore.
Make code use read_i2c() function instead of callback.
Simplify&document struct i2c_info.
Consistently use uint8_t to read from i2c.
2015-05-15 12:32:17 +00:00
ae
cbc4e577f0 Add an ability accept encapsulated packets from different sources by one
gif(4) interface. Add new option "ignore_source" for gif(4) interface.
When it is enabled, gif's encapcheck function requires match only for
packet's destination address.

Differential Revision:	https://reviews.freebsd.org/D2004
Obtained from:	Yandex LLC
MFC after:	2 weeks
Sponsored by:	Yandex LLC
2015-05-15 12:19:45 +00:00
trasz
2417d5c110 Document RCTL events in devd.conf(5).
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-05-13 12:02:51 +00:00
ae
f154af3452 Add new socket ioctls SIOC[SG]TUNFIB to set FIB number of encapsulated
packets on tunnel interfaces. Add support of these ioctls to gre(4),
gif(4) and me(4) interfaces. For incoming packets M_SETFIB() should use
if_fib value from ifnet structure, use proper value in gre(4) and me(4).

Differential Revision:	https://reviews.freebsd.org/D2462
No objection from:	#network
MFC after:	2 weeks
Sponsored by:	Yandex LLC
2015-05-12 07:37:27 +00:00
hrs
64bd31eb61 - Remove ND6_IFF_IGNORELOOP. This functionality was useless in practice
because a link where looped back NS messages are permanently observed
  does not work with either NDP or ARP for IPv4.

- draft-ietf-6man-enhanced-dad is now RFC 7527.

Discussed with:	hiren
MFC after:	3 days
2015-05-12 03:31:57 +00:00
ngie
9f1fda6985 Use MIN from sys/param.h instead of handrolling the macro
Replace sys/types.h with sys/param.h per-style(9)

MFC after: 3 days
Sponsored by: EMC / Isilon Storage Division
2015-05-11 04:54:56 +00:00
melifaro
462d48d659 Correctly print valtype for empty bitmask. 2015-05-06 11:23:14 +00:00