in favor of just rendering the manpage instead of relying on pre-formatted
catpages. Note, this does not impede the ability to use existing catpages,
it just removes the utility to generate them.
Reviewed by: imp, allanjude
Approved by: emaste (mentor)
Differential Revision: https://reviews.freebsd.org/D12317
warning about a filesystem which doesn't have a mountpoint. Presumably, the
person who wrote the install script knew what they were doing.
Submitted by: Brian Mueller <bmueller@panasas.com>
MFC after: 1 month
Sponsored by: Panasas
Differential Revision: https://reviews.freebsd.org/D12346
If the iovctl command was invoked with only the -C flag, the user would
receive a message claiming that they needed to also supply either the
-d flag or the -f flag. However, in the case of the -C mode, only the
-f flag is acceptable. Correct this error message in this case.
PR: 222050
Submitted by: Heinz N. Gies
Reported by: Heinz N. Gies
MFC after: 1 week
The existing scan code is based on sending an i2c START condition and if
there is no error it assumes there is a device at that i2c address. Some
i2c controllers don't support sending individual start/stop signals on the
bus, they can only perform complete data transfers with start/stop handled
in the silicon.
This adds a fallback mechanism that attempts to read a single byte from each
i2c address. It's less reliable than looking for an an ACK repsonse to a
start, because some devices will NAK an attempt to read that isn't preceeded
by a write of a register address. Writing to devices to probe them is too
dangerous to even consider. The user is told that a less-reliable scan is
being done, so even if the read-scan comes up empty too, it's still a vast
improvement over the old situation where it would just claim there were no
devices on the bus even though the devices were there and working fine.
If the i2c controller responds with a proper ENODEV (device doesn't support
operation) or an almost-proper EOPNOTSUPP, the START/STOP scan is switched
to a read-scan right away. Most controllers respond with ENXIO or EIO if
they don't support START/STOP, so no quick-out is available. For those,
if a scan of all 127 addresses and come up empty, the scan is re-done using
the read method.
Reported by: Maxim Filimonov <che@bein.link>
This was originally added as "exit $SUCCESS" but with nothing to set the
SUCCESS variable. Thus it became an exit with no argument, which just
exits with the status of the preceding command.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
code. I think it is safe to say it's not going to be. I'm also working to
de-orbit catman, so remove the reference in the manpage.
Reviewed by: allanjude
Split out asciidump, utf8dump, bindump, and hexdump into a separate
file efiutil.c. Implement new efi_print_load_option for printing out
the EFI_LOADER_OPTION data structure used to specify different options
to the UEFI boot manager.
Sponsored by: Netflix
Many UEFI variables are UCS2 strings (some NUL terminated, others
not). Add --utf8 (-u) to convert UCS2 strings to UTF8 before printing.
Sponsored by: Netflix
mtree path names and link attributes are encoded, generally using strvis. Newer
versions of mtree will use C-style escapes but previously the accepted form was
octal escapes. makefs' mtree code spots the C-style escapes but fails to deal
with octal escapes correctly.
Remove mtree's escape-decoding code (except for a few instances where it's
needed) and instead pass pathnames and link targets through strunvis prior to
use.
Reviewed by: marcel
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D12104
Advertise this by changing the defaults to mostly red. If you don't like
this, change them (almost) back using:
vidcontrol -c charcolors,base=7,height=0
vidcontrol -c mousecolors,base=0[,height=15]
The (graphics mode only) mouse cursor colors were hard-coded to a black
border and lightwhite interior. Black for the border is the worst
possible default, since it is the same as the default black background
and not good for any dark background. Reversing this gives the better
default of X Windows. Coloring everything works better still. Now
the coloring defaults to a lightwhite border and red interior.
Coloring for the character cursor is more complicated and mode
dependent. The new coloring doesn't apply for hardware cursors. For
non-block cursors, it only applies in graphics mode. In text mode,
the cursor color was usually a hard-coded (dull)white for the background
only, unless the foreground was white when it was a hard-coded black
for the background only, unless the foreground was white and the
background was black it was reverse video. In graphics mode, it was
always reverse video for the block cursor. Reverse video is worse,
especially over cutmarking regions, since cutmarking still uses simple
reverse video (nothing better is possible in text mode) and double
reverse video for the cursor gives normal video. Now, graphics mode
uses the same algorithm as the best case for text mode in all cases
for graphics mode. The hard-coded sequence { white, black, } for the
background is now { red, white, blue, } where the first 2 colors can
be configured. The blue color at the end is a sentinel which prevents
reverse video being used in most cases but breaks the compatibility
setting for white on black and black on white characters. This will
be fixed later. The compatibility setting is most needed for mono modes.
The previous commit to syscons.c changed sc_cnterm() to be more careful.
It followed null pointers in some cases. But sc_cnterm() has been
unreachable for 15+ years since changes for multiple consoles turned
off calls to the the cnterm destructor for all console drivers. Before
them, it was only called at boot time. So no driver with an attached
console has ever been unloadable and not even the non-console destructors
have been tested much.
and r322101), adding atf_expect_fail() before chflags(8) is invoked
if the filesystem is ZFS, which does not support UF_IMMUTABLE.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
and repurposing "blink". Improve accuracy of documentation of historical
mistakes and other bugs.
"blink" now means "set the blink attribute for the target(s)" instead of
"set the blink attribute and clear other attributes [and control flags]".
It was even more confusing to use "blinking" for the single attribute to
keep the old meaning for "blink".
"destructive" is not as historically broken or gone as the previous version
said.
The bugs involving resetting from defaults are now understood and partly
documented (the defaults are mis-initialized).
Previouly it was possible to create users with spaces in the name with:
pw useradd -u 1234 -g 1234 -n 'test user'
The "-g 1234" is relevant, without it the name was already rejected
as expected:
[fk@test ~]$ sudo pw useradd -u 1234 -n 'test user'
pw: invalid character ` ' at position 4 in userid/group name
Bug unintentionally found with a salt config without explicit name entry:
test user:
user.present:
- uid: 1234
- gid: 1234
- fullname: Test user
- shell: /usr/local/bin/bash
- home: /home/test
- groups:
- wheel
- salt
"Luckily" salt modules rarely bother with input validation either ...
PR: 221416
Submitted by: Fabian Keil
Obtained from: ElectroBSD
MFC after: 1 week
"pw usermod someuser -G ''" is supposed make sure that someuser
doesn't have any secondary group memberships.
Previouly it was a nop because split_groups() only intitialised
"groups" if at least one group was specified. As a result the
existing secondary group memberships were kept.
PR: 221417
Submitted by: Fabian Keil
Obtained from: ElectroBSD
MFC after: 1 week
Relnotes: yes
- Remove ad hoc inet_ntoa prototype declaration; it's already handled
by the included headers.
- De-K&Rify the function prototypes for eachres_whoami(..),
eachres_getfile(..), and main(..).
MFC after: 1 week
PR: 71667
Tested with: clang (5.0), gcc (4.2.1, 5)
breaks in the vt case to the same places that the man(1) puts then in
the SYNOPSIS. This was already done for the syscons case. Man pages
can't depend on the driver, and the SYNOPSIS is hard-coded for syscons
except for -f where it is hard-coded for vt. The usage message reverses
this for sc. The only other differences are whitespace and removing
-[dL] and -l for vt.
capabilities.
Most of the capabilities (all of the arcane ones) were in FreeBSD-2.0.5,
but were harder to use then, and vidcontrol didn't try. FreeBSD-4.1.0
added per-vty support, fixed the destructivness of the "destructive"
cursor, and improved APIs. Start using the new APIs, support all of
their capabilities, and document all of the capabilities and some of
the historical mistakes.
vt doesn't support any of this before or after the change.
Fix minor unrelated bitrot in the usage message for the syscons case.
sequence "ESC [ %d A" for this although that was used here. I will fix
teken later, but use the more portable ioctl KDSBORDER here.
The ioctl is also much easier to use if you check that it works. For
-b, check it and complain and exit if it failed, so that it is more
obvious that that vt doesn't support border colors. Don't check it
when restoring the border color in revert(), since revert() is used
on vt for handling other errors.
Fix nearby error handling and style. For the error of an invalid
color, revert() and print a specific error message using err() instead
of not revert()ing and printing spam using usage().
Non-tests/... changes:
- Add HAS_TESTS= to Makefiles with libraries and programs to enable iteration
and propagate the appropriate environment down to *.test.mk.
tests/... changes:
- Add appropriate support Makefile.inc's to set HAS_TESTS in a minimal manner,
since tests/... is a special subdirectory tree compared to the others.
MFC after: 2 months
MFC with: r322511
Reviewed by: arch (silence), testing (silence)
Differential Revision: D12014
Note: Mouse's bthidd.conf record should contain vendor and device IDs
to make proper device detection. If it does not contain IDs,
regenerate record with "Query" command of recent bthidcontrol(8).
Submitted by: Dirk Engling <erdgeist@erdgeist.org>
Reviewed by: emax
Approved by: bapt (mentor), gonzo (mentor)
Differential Revision: https://reviews.freebsd.org/D3702
Extend bthidd.conf format to store vendor and product IDs of remote
Bluetooth HID devices to make possible implementation of device
specific quirks inside bthidd(8).
Add support for querying of this information from device's SDP records
with bthidcontrol(8) "Query" command.
Submitted by: Dirk Engling <erdgeist@erdgeist.org>
Reviewed by: emax
Approved by: bapt (mentor), gonzo (mentor)
Differential Revision: https://reviews.freebsd.org/D3702
Previously we added an ifconfig_$INTERFACE line to rc.conf for each
unsuccessful DCHP attempt.
PR: 219515
Reviewed by: allanjude
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D11967
As peter@ points out in pr/220953:
"rwho, rwhod and ruptime are not part of the remote login suite (rsh, rlogin
etc).
They should *not* be in the rcmds package which is disabled by default. We
rely on rwho/rwhod/ruptime in the freebsd.org cluster."
This commit is a re-commit of r322029 and r322031 with a better commit log, as
pointed out by ngie@.
This also includes the necesary changes to OptionalObsoleteFiles.inc, as
requested by jhb@.
PR: 220953
Reported by: peter@, jhb@
Differential Revision: https://reviews.freebsd.org/D11743
the previous behavior actually is required for setting up configurations
in which the RTC is using UTC but the timezone is not. Still, besides
uniform error handling, that file should get the same treatment in the
non-interactive variants supported by tzsetup(8).
of the initial UTC dialog to install_zoneinfo() so that file gets the
necessary treatment also when that dialog is skipped via "-s", when
selecting UTC from the time zone menu or on the command-line instead
etc.
- Make the initial UTC dialog actually work by giving the relevant files
the necessary treatment and then exit when choosing "Yes" there instead
of moving on to the time zone menu regardless.
- Since r301131, /etc/localtime is also installed when selecting UTC in
interactive configurations (which previously meant only via the time
zone menu, though). Thus, the code added in r230298 which treats a
NULL zone file name as UTC and removes /etc/localtime in that case can
go again.
- Consistently refer to "could not delete" (as chosen by the oldest such
code in here) when unlink(2) fails instead of a to mixture of "delete"
and "unlink" in error messages.
debug (cudbg) code, hooked up to the main driver via an ioctl.
The ioctl can be used to collect the chip's internal state in a
compressed dump file. These dumps can be decoded with the "view"
component of cudbg.
Obtained from: Chelsio Communications
MFC after: 2 months
Sponsored by: Chelsio Communications
directories to SUBDIR.${MK_TESTS} idiom
This is being done to pave the way for future work (and homogenity) in
^/projects/make-check-sandbox .
No functional change intended.
MFC after: 1 weeks
On the systems on which I tested this exporter, I never ran into metrics
that were named in such a way that they couldn't be exported to
Prometheus metrics directly. Now it turns out that on systems with NUMA,
the sysctl tree contains metrics named dev.${driver}.${index}.%domain.
For these metrics, the % in the name is problematic, as Prometheus
doesn't allow this symbol to be used.
Remove the assertions that were originally put in place to prevent the
exporter from generating malformed output and add code to deal with it
accordingly. For metric names, convert any unsupported character to an
underscore. For label values, perform string escaping.
PR: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221035
Reported by: lifanov@
Gcc noticed that the result of the bit shift is always zero. Shift so
that the ATC_CS_C67 bits end up in bits 6 & 7.
Reviewed by: grehan, tychon
Approved by: markj (mentor)
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D11775
Gcc complained that e82545_tx_thread has a return type declared but
doesn't return anything. Annotate the procedure with _Noreturn.
Reviewed by: grehan
Approved by: markj (mentor)
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D11774
kldfind() only matches kernel modules, so if you link imgact_binmisc directly
into the kernel, binmiscctl can't find it, tries to load it, and errors
out with:
Can't load imgact_binmisc kernel module: File exists
A quick search of other base commands shows that the correct procedure is to
call modfind(), and then try kldload() if that fails.
PR: 218593
Submitted by: Dan Nelson <dnelson_1901@yahoo.com>
MFC after: 1 week
Since kib's change the stack guard is now ON by default,
this option in hardening menu of bsdinstall is no longer needed.
Submitted by: Bartlomiej Rutkowski <robak@FreeBSD.org>
Reviewed by: bapt
Approved by: bapt
MFC after: 1 day
Sponsored by: Pixeware LTD
Differential Revision: https://reviews.freebsd.org/D11686
the newer RFCs (5661 and 7530). The main man changes are for the
case of "numbers in strings" for user/groups that RFC7530 allows
and avoids use of nfsuserd(8).
This is a content change.
Reviewed by: trasz (earlier version)
MFC after: 1 week
- Document /etc/cron.d and /usr/local/etc/cron.d under FILES.
- Reword documentation for -n: add appropriate soft-stop and remove
contraction to appease igor.
MFC after: 3 days
Long objdir paths make it easy to hit the version string length limit in
kernel dump headers. The build number and timestamp are unlikely to be
truncated and ought to be sufficient to protect against false positives.
Discussed with: jhb
MFC after: 1 week
The usual case of a mismatched checksum for installer snapshots
(e.g., -CURRENT, -ALPHA*) is that a newer snapshot has been built and
the old install sets have been replaced. Provide a specific error
message for checksum mismatches there that suggests looking for a newer
snapshot.
Submitted by: Guangyuan Yang <yzgyyang@outlook.com>
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D11641
delete subcommand in the modify section. Rewrite the
modify description text in two places to say modify/modified
instead of remove/removed.
PR: 220710
Submitted by: sseekamp@risei.net
Reviewed by: mav@
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D11608
This patch modifies the nfsuserd daemon so that it uses an AF_LOCAL socket
for upcalls by default. This should fix the problem with using a UDP
socket upcall to 127.0.0.1 when jails are used.
The AF_LOCAL socket case only supports a single server daemon, since hangs
were observed by the original problem reporter when multiple daemons
were used.
The patch adds a command line option called "-use-udpsock" which makes
the daemon revert to its prepatched behaviour.
Suggested by: dfr
PR: 205193
Relnotes: yes
After the addition of SUBDIR.yes, uniquifying/ordering the SUBDIRs doesn't
make a whole lot of sense, and it's in effect a half measure.
Ordering SUBDIR (after adding SUBDIR.yes to it) in bsd.subdir.mk is a
separate change that warrants more discussion/testing, because while
the SUBDIR_PARALLEL work largely fixed dependency ordering for SUBDIRs,
there might be downstream FreeBSD consumers that rely on the SUBDIR
ordering.
MFC after: 2 months
Reviewed by: bdrewery
Differential Revision: D11398
ZFS SLOGs have very specific access pattern with many cache flushes,
which none of benchmarks I know can simulate. Since SSD vendors rarely
specify cache flush time, this measurement can be useful to explain why
some ZFS pools are slower then expected. This test writes data chunks
of different size followed by cache flush, alike to what ZFS SLOG does,
and measures average time.
To illustrate, here is result for 6 years old SATA Intel 710 Series SSD:
Synchronous random writes:
0.5 kbytes: 138.3 usec/IO = 3.5 Mbytes/s
1 kbytes: 137.7 usec/IO = 7.1 Mbytes/s
2 kbytes: 151.1 usec/IO = 12.9 Mbytes/s
4 kbytes: 158.2 usec/IO = 24.7 Mbytes/s
8 kbytes: 175.6 usec/IO = 44.5 Mbytes/s
16 kbytes: 210.1 usec/IO = 74.4 Mbytes/s
32 kbytes: 274.2 usec/IO = 114.0 Mbytes/s
64 kbytes: 416.5 usec/IO = 150.1 Mbytes/s
128 kbytes: 776.6 usec/IO = 161.0 Mbytes/s
256 kbytes: 1503.1 usec/IO = 166.3 Mbytes/s
512 kbytes: 2968.7 usec/IO = 168.4 Mbytes/s
1024 kbytes: 5866.8 usec/IO = 170.5 Mbytes/s
2048 kbytes: 11696.6 usec/IO = 171.0 Mbytes/s
4096 kbytes: 23329.6 usec/IO = 171.5 Mbytes/s
8192 kbytes: 46779.5 usec/IO = 171.0 Mbytes/s
, and much newer and supposedly much faster NVMe Samsung 950 PRO SSD:
Synchronous random writes:
0.5 kbytes: 2092.9 usec/IO = 0.2 Mbytes/s
1 kbytes: 2013.1 usec/IO = 0.5 Mbytes/s
2 kbytes: 2014.8 usec/IO = 1.0 Mbytes/s
4 kbytes: 2090.7 usec/IO = 1.9 Mbytes/s
8 kbytes: 2044.5 usec/IO = 3.8 Mbytes/s
16 kbytes: 2084.8 usec/IO = 7.5 Mbytes/s
32 kbytes: 2137.1 usec/IO = 14.6 Mbytes/s
64 kbytes: 2173.4 usec/IO = 28.8 Mbytes/s
128 kbytes: 2923.9 usec/IO = 42.8 Mbytes/s
256 kbytes: 3085.3 usec/IO = 81.0 Mbytes/s
512 kbytes: 3112.2 usec/IO = 160.7 Mbytes/s
1024 kbytes: 2430.6 usec/IO = 411.4 Mbytes/s
2048 kbytes: 3788.9 usec/IO = 527.9 Mbytes/s
4096 kbytes: 6198.0 usec/IO = 645.4 Mbytes/s
8192 kbytes: 10764.9 usec/IO = 743.2 Mbytes/s
While the first one obviously has maximal throughput limitations, the
second one has so high cache flush latency (about 2 millisecond), that
it makes one almost useless in SLOG role, despite of its good throughput
numbers. Power loss protection is out of scope of this test, but I
suspect it can be related.
MFC after: 2 weeks
Sponsored by: iXsystems, Inc.
This patch adds new bsdinstall option to hardening section that allows users
to change this behaviour to secure one and updates stack guard option so it
would set the value of relevant sysctl to 512 (2MB)
Submitted by: Bartek Rutkowski
Reviewed by: adrian, bapt, emaste
Approved by: bapt, emaste
MFC after: 1 day
Sponsored by: Pixeware LTD
Differential Revision: https://reviews.freebsd.org/D9700
when jails are being used on the system.
It is hoped that the patches in PR#205193 will someday get tested/debugged
so that they can be committed to fix this.
This is a content change.
PR: 205193
MFC after: 2 weeks
Return the bare requested information, intended for scripting.
The serial number of a SAS/SCSI device can be returned with
'camcontrol inquiry disk -S', but there is no similar switch for SATA.
This provides a way to get this information from both SAS and SATA disks
the -s and -p flags are mutually exclusive, and cannot be used with any
other flags.
Reviewed by: rpokala, wblock
MFC after: 1 month
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D7828
In jemalloc 5, there are no longer chunks, and as configured on
FreeBSD (the "retain" option defaults to false), the mmap()
requests are precisely sized for the specific needs, which means
the virtual memory overhead should be lower for small applications.
Reviewed by: jasone, ian
Differential Revision: https://reviews.freebsd.org/D11366
We do not treat makefs as contrib code. Import copies of makefs msdos
files from NetBSD so that we can track our changes to these files.
These are copied from NetBSD, with only a change to use __FBSDID and
$FreeBSD$ instead of __KERNEL_RCSID and $NetBSD$. A copy of the
original $NetBSD$ tag remains in each source file.
These two files were missed in r320212. Also remove a stray blank line
added in msdosfs_vfsops.c.
Submitted by: Siva Mahadevan
Sponsored by: The FreeBSD Foundation
then printing it.
This prepares the code to make it libxo friendly
Reviewed by: manu, Nikita Kozlov (nikita elyzion.net)
MFC after: 2 weeks
Sponsored by: Gandi.net
We do not treat makefs as contrib code. Import copies of makefs msdos
files from NetBSD so that we can track our changes to these files.
These are copied from NetBSD, with only a change to use __FBSDID and
$FreeBSD$ instead of __KERNEL_RCSID and $NetBSD$. A copy of the
original $NetBSD$ tag remains in each source file.
Submitted by: Siva Mahadevan
Sponsored by: The FreeBSD Foundation
On FreeBSD fstat(2) works fine for querying sizes of plain files,
but not so much for character devices.
So, use DIOCGMEDIASIZE to try to get the correct size for disks
and disk-like devices (e.g. zvols).
PR: 220186
Reviewed by: tsoome, grehan
MFC after: 1 week
Reuse create_service code instead of duplicating it in
lookup_addresses for kernel NLM.
As a (good) side effect this also fixed a few issues that were
already fixed in the former but never applied to the latter.
Reviewed by: kevlo
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D11259
dumpfs prints a harmless warning message (via ufs_disk_fillout(3) and
getfsfile(3)), when /etc/fstab does not exist. We can ignore it.
PR: 220165
Reported by: gjb
MFC after: 3 weeks
Sponsored by: Spectra Logic Corp
The reason is that FreeBSD refcount.h shadows ZFS refcount.h and that
will lead to a build error after a planned import of the ARC buf data
scatter-ization.
It's possible that some day we will have an opposite problem where
a ZFS header would shadow an essential FreeBSD header.
So, we need to think about a better long term solution.
Discussed with: allanjude
MFC after: 17 days
vfs.zfs.min_auto_ashift is a sysctl only not a tunable so updated bsdinstall
to use the correct location /etc/sysctl.conf instead of /boot/loader.conf
Reported by: Aaron Caza
Reviewed by: allanjude
MFC after: 2 days
Sponsored by: Multiplay
Differential Revision: https://reviews.freebsd.org/D11278
Since buildenv exports SYSROOT all of these uses will now look in
WORLDTMP by default.
sys/boot/efi/loader/Makefile
A LIBSTAND hack is no longer required for buildenv.
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
usr.sbin/lpr/lpc/lpc.c
Warning
passing 'char *[20]' to parameter of type 'const char **' discards
qualifiers in nested pointer types
[-Wincompatible-pointer-types-discards-qualifiers]
Fix:
Explicitly cast the variable "margv" to const char ** only for it's
use as a parameter to suppress the error
Submitted by: Aaron Prieger <aprieger@llnw.com>
Sponsored by: Limelight Networks
Differential Revision: https://reviews.freebsd.org/D11019
- increase arm64 EFI partition to 200M, as x86
- use EFI_BOOTPART_SIZE and EFI_BOOTPART_PATH macros on x86
- increase ZFS EFI partition to 200M
PR: 201898
Reviewed by: allanjude, manu
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D11239
pthread_join(3). The variable tid is not yet initialized in case
the authentication fails at early stage, that would lead pthread_join be
called with an uninitialized variable.
CID: 1375950
Reported by: Coverity, cem
Reviewed by: cem
MFC after: 3 weeks.
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D11150
This file does not exist in NetBSD's makefs, but make the chance for
consistency with memcpy/memset used in the rest of makefs.
Sponsored by: The FreeBSD Foundation
After r319369, the RPC code validates caller supplied buffer length in
taddr2uaddr. When no -h is specified, the sizeof(ai_addr) is used,
which is always smaller than the required size and therefore uaddr
would be NULL, causing the kernel to copyin() from userland NULL
and fail with EFAULT.
Reviewed by: kevlo (via Telegram)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D11151
The tests are largely symmetric with the tests for chmod(1)--added in r319642.
Remove chown-f_test (added in r268030) since the test coverage is now being
provided by `chown_test`.
MFC after: 1 month
Sponsored by: Dell EMC Isilon
To later free the memory, introduce a new variable lnode to track when
this happens.
Submitted by: Thomas Rix <trix@juniper.net>
Reviewed by: emax
Approved by: sjg (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D9878
You may now optionally specify allow.noreserved_ports to prevent root
inside a jail from using privileged ports (less than 1024)
PR: 217728
Submitted by: Matt Miller <mattm916@pulsar.neomailbox.ch>
Reviewed by: jamie, cem, smh
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D10202
In batch mode, most messages go into the core.txt.N file instead of stdout.
Reviewed by: jhb
MFC after: 3 days
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D10429
This modification adds the capability to newsyslog to write the
rotation message in a format that is compliant with RFC5424. This
capability is enabled on a per-log file basis through a new value
("T") in the flags field in newsyslog.conf. This is useful on systems
that use the RFC5424 format for log files so that the rotation message
format matches that of the other log messages. There has been recent
mention of adding an RFC5424 compliant mode to syslogd and at least
one alternative system log daemon (rsyslogd) that already has the
capability to use that format.
Reviewed by: vangyzen, ngie
Approved by: vangyzen (mentor)
MFC after: 2 months
Relnotes: yes
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D10253
it has nothing to do with ffs and will eventually be moved.
gc sectorsize.
This is a corrected version of r317744.
NetBSD versions:
ffs.c 1.58
ffs/buf.c 1.14 1.18
ffs/buf.h 1.8
Submitted by: Siva Mahadevan <smahadevan@freebsdfoundation.org>
Obtained from: NetBSD
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D10803
Since the translation to vt as terminal emulator, the keymaps files
path has changed and this change does not get followed in bsdconfig.
This implicates boot time warnings about a wrong keymap file, what
is very confusing for the new users and for me too, so initialize
the default keymaps search path depending on terminal type.
Differential Revision: https://reviews.freebsd.org/D8734
Submitted by: Oliver Pinter <oliver.pinter@hardenedbsd.org>
Reviewed by: ed, jilles, dteske
MFC after: 3 days
X-MFC-to: stable/11
Sponsored by: HardenedBSD
Signed-off-by: Oliver Pinter <oliver.pinter@hardenedbsd.org>
If /etc/bootparams contains a line with an excessively long pathname, and a
client asks for that path, then bootparamd will overflow a buffer and crash
while parsing that line. This is not remotely exploitable since it requires
a malformed /etc/bootparams file.
Reported by: Coverity
CID: 1305954
MFC after: 1 week
Sponsored by: Spectra Logic Corp
Also add __FBSDID.
Reviewed by: grehan
This file lacks a license(!) so for this change the following declaration
applies:
To the greatest extent permitted by, but not in contravention of,
applicable law, Affirmer hereby overtly, fully, permanently, irrevocably
and unconditionally waives, abandons, and surrenders all of Affirmer's
Copyright and Related Rights and associated claims and causes of action,
whether now known or unknown (including existing as well as future claims
and causes of action).
Extend the ino_t, dev_t, nlink_t types to 64-bit ints. Modify
struct dirent layout to add d_off, increase the size of d_fileno
to 64-bits, increase the size of d_namlen to 16-bits, and change
the required alignment. Increase struct statfs f_mntfromname[] and
f_mntonname[] array length MNAMELEN to 1024.
ABI breakage is mitigated by providing compatibility using versioned
symbols, ingenious use of the existing padding in structures, and
by employing other tricks. Unfortunately, not everything can be
fixed, especially outside the base system. For instance, third-party
APIs which pass struct stat around are broken in backward and
forward incompatible ways.
Kinfo sysctl MIBs ABI is changed in backward-compatible way, but
there is no general mechanism to handle other sysctl MIBS which
return structures where the layout has changed. It was considered
that the breakage is either in the management interfaces, where we
usually allow ABI slip, or is not important.
Struct xvnode changed layout, no compat shims are provided.
For struct xtty, dev_t tty device member was reduced to uint32_t.
It was decided that keeping ABI compat in this case is more useful
than reporting 64-bit dev_t, for the sake of pstat.
Update note: strictly follow the instructions in UPDATING. Build
and install the new kernel with COMPAT_FREEBSD11 option enabled,
then reboot, and only then install new world.
Credits: The 64-bit inode project, also known as ino64, started life
many years ago as a project by Gleb Kurtsou (gleb). Kirk McKusick
(mckusick) then picked up and updated the patch, and acted as a
flag-waver. Feedback, suggestions, and discussions were carried
by Ed Maste (emaste), John Baldwin (jhb), Jilles Tjoelker (jilles),
and Rick Macklem (rmacklem). Kris Moore (kris) performed an initial
ports investigation followed by an exp-run by Antoine Brodin (antoine).
Essential and all-embracing testing was done by Peter Holm (pho).
The heavy lifting of coordinating all these efforts and bringing the
project to completion were done by Konstantin Belousov (kib).
Sponsored by: The FreeBSD Foundation (emaste, kib)
Differential revision: https://reviews.freebsd.org/D10439
- Start new sentences on new lines.
- Separate e.g. (more of an igor thing) with commas, and rewrite some examples
not to be enclosed in parentheses.
Reported by: igor, make manlint
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
It requires a tty, which might not be available in scripted installs. Instead
extract the sets manually using tar.
Reviewed by: tsoome
Sponsored by: Citrix Systems R&D
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D10736
Because the datasets are already mounted by zfsboot, and the mount script
doesn't know anything about ZFS. Also do not execute the "umount" script for
ZFS for the same reasons.
Reviewed by: dteske, tsoome
Sponsored by: Citrix Systems R&D
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D10738
Fix spelling [1], appease igor and mandoc -Tlint, and adopt the
language style to be more consistent with our corpus.
PR: 219434 [1]
Submitted by: olgeni [1]
entries never expiring. This patch honours the negative cache timeout.
To test/experience the failure do the following:
1. Edit /etc/ncd.conf to adjust the cache timeouts as follows:
positive-time-to-live hosts 30
negative-time-to-live hosts 1
2. Ensure that nsswitch.conf hosts line contains something like:
hosts: files cache dns
Note that cache must be specified before dns.
3. Start nscd.
4. Run the following command:
while true; do nc -z -w 3 www.google.com 80; sleep 5; done
5. While running the command, remove or comment out all nameserver
statements in /etc/resolv.conf. After a short while you will notice
non-recoverable name rsolution failures.
6. Uncomment or replace all nameserver statements back into
/etc/resolv.conf. Take note that name resolution never recovers.
To recover nscd must be restarted. This patch fixes this.
PR: 207804
Submitted by: Jov <amutu@amutu.com>
MFC after: 1 week
Add the ffs option to enable soft-updates.
The option is only processed is ufs2 has been selected.
Reviewed by: emaste, bapt (earlier version), allanjude (earlier version)
Sponsored by: Gandi.net
Differential Revision: https://reviews.freebsd.org/D10773
The default values found in /etc/passwd and /etc/group are 65534, 65533.
In mountd.c, the defaults were -2, which was 65534 back when uid_t was 16bits.
Without this patch, a file created by root on an NFS exported volume without
the "-root=" export option will end up owned by uid 4**32 - 2.
When discussed on freebsd-current@, it seemed that users preferred the
values being changed to 65534/65533.
I have not added code to acquire these values from the databases, since
the mountd daemon might get "stuck" during startup waiting for a non-responsive
password database server.
Discussed on: freebsd-current
- make functions and variables static where appropriate
- use const char * where appropriate
- remove unused variables
Sponsored by: The FreeBSD Foundation
it has nothing to do with ffs and will eventually be moved.
gc sectorsize.
NetBSD versions:
ffs.c 1.58
ffs/buf.c 1.14 1.18
ffs/buf.h 1.8
Obtained from: NetBSD
Sponsored by: The FreeBSD Foundation
not on wildcard. [1]
- Move the default port assignment from pci_fbuf.c to rfb.c,
to avoid polluting pci_fbuf.c with network things.
Suggested by: grehan
When this option is enabled, only gdb and kgdb are installed to
/usr/libexec for use by crashinfo(8). Other bits of GDB such as
gdbserver and gdbtui are not installed. For this option to be
effective, GDB must be enabled.
Rework r317094 to re-enable GDB on all platforms but enable
GDB_LIBEXEC on platforms for which the GDB in ports is a superset of
functionality.
Reviewed by: emaste, kib
Suggested by: kib
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D10449
patm(4) devices.
Maintaining an address family and framework has real costs when we make
infrastructure improvements. In the case of NATM we support no devices
manufactured in the last 20 years and some will not even work in modern
motherboards (some newer devices that patm(4) could be updated to
support apparently exist, but we do not currently have support).
With this change, support remains for some netgraph modules that don't
require NATM support code. It is unclear if all these should remain,
though ng_atmllc certainly stands alone.
Note well: FreeBSD 11 supports NATM and will continue to do so until at
least September 30, 2021. Improvements to the code in FreeBSD 11 are
certainly welcome.
Reviewed by: philip
Approved by: harti
This patch sets the default uid/gid values for "nobody" and "nogroup"
to the values in the password and group databases. Normally nfsuserd(8)
will override these with whatever is in the password/group databases,
so these values are only used when the databases entries aren't available.
It would be nice to use the definitions in sys/conf.h, but those are
in the _KERNEL section of the file.
Reported by: tez@pkgsrc.org
Submitted by: tez@pkgsrc.org
MFC after: 2 weeks
Use unsigned values in some internal variables that will be used during
allocation. The variables are used in reduced scope and have no chance of
becoming negative.
Provide bounds checking through reallocarray(3).
MFC after: 2 weeks
The nfsuserd.8 man page stated that a usertimeout of 0 would disable
the cache timeout. This was simply not true, so this patch deletes
the sentence.
This is a content change.
PR: 217406
MFC after: 2 weeks
rpcbind(8) with/without warmstart support.
The knob defaults to off to preserve POLA for the feature.
See rpcbind(8) for more details about the warmstart feature.
MFC after: 7 weeks
Relnotes: yes
Sponsored by: Dell EMC Isilon
warmstart support saves portmap/rpcbind(8) registration state on exit and
restores the saved registration state on restart.
MFC after: 7 weeks
Sponsored by: Dell EMC Isilon
messages before accessing message fields that may not be present,
removing dead/duplicate/misleading code along the way.
Document the message format for each routing socket message in
route.h.
Fix a bug in usr.bin/netstat introduced in r287351 that resulted in
pointer computation with essentially random 16-bit offsets and
dereferencing of the results.
Reviewed by: ae
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D10330
This makes newsyslog use zstandard to compress log files.
Given Z is already taken for gzip and zstandard compression level stands in
between gzip and xz (which has the X flag) chosing Y sounds ok :)
the r316874: don't call shutdown(2) on all sockets, but only net ones, which seems
to be the behaviour existed before that refactoring. Also don't call listen(2)
in datagram sockets and fix misplaced debug messages while I am here.
Reported by: peter
don't bother to select/recv on that socket. This prevents syslogd(8)
from spinning endlessly when started with the -s option (default).
Reported by: peter
Use a snprintf to write an environment variable to a fixed-size buffer to
avoid stack overflow.
Reported by: Coverity (CWE-120)
CID: 1238926
Sponsored by: Dell EMC Isilon
It may not do the right thing with these obviously wrong inputs, but at
least it won't smash the stack.
Reported by: Coverity (CWE-120)
CIDs: 1006697, 1006698
Sponsored by: Dell EMC Isilon
From config synthax point of view such portal groups are not incorrect,
but they are useless since can not receive any connection. And since
CTL port resource is very limited, it is good to save it.
MFC after: 2 weeks
FDC_DEBUG is not referenced in any c or header files but traces of it
still remain in other files.
PR: 105608
Reported by: Eugene Grosbein <ports AT grosbein DOT net>
Reviewed by: imp
Approved by: bcr (mentor)
MFC after: 7 days
Differential Revision: https://reviews.freebsd.org/D10303
Users attempting to create images from mtree METALOG files created by
installworld often use -F when they should be passing the METALOG file
in place of a directory. This is often produces difficult to debug
error reports.
Reviewed by: emaste
MFC after: 1 week
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D10038
The emalloc set of error-checking memory allocation routines were added
to libnetbsd in r316572. Use them in makefs to reduce differences with
NetBSD.
NetBSD revs:
cd9660.c 1.39
ffs.c 1.56
makefs.c 1.42
walk.c 1.27
cd9660/cd9660_archimedes.c 1.2
cd9660/cd9660_eltorito.c 1.20
cd9660/cd9660_write.c 1.16
cd9660/iso9660_rrip.c 1.12
ffs/buf.c 1.17
ffs/mkfs.c 1.26
Obtained from: NetBSD
This variable was used 4 times in 1 function and all uses were wrong.
The 4 uses were in he test_frame() (show) function, to try to restore
4 colors, 2 unnecessarily and these 2 now broken. This was wrong
because it is the previous colors that must be restored, but the global
holds the original colors. Excessive setting of colors at the end
restored the previous colors correctly in most cases, but I removed
this a couple of revisions ago.
Originally, this variable had 1 correct use, to test for being on a vty
as a side effect of initializing it. This is now down in init(), and
init() also leaves a better-named global with the same contents.
Fix this by reading the current console info into a local variable in
test_frame(), as is done for several other functions. Fix style bugs
in this reading for all callers:
- extra blank lines
- all error messages different. The first one now in init() is not as
specific as the old one, but it is after a different specific one for
another ioctl and is unlikely to be reached when the first ioctl
succeeds. Ones after the first are to repeat the ioctl, so are even
more likely to be reached. The correctness of full removal of the
old global depends on the error handling for failure to initialize
it being unreachable.
- err() instead of warn() for failure in load_font(). This is almost
unreachable, and it makes no sense to continue after undoing previous
changes with revert().
- unreachable return after err() for failure in dump_screen().
Undo large renaming of local variables from the good name 'info' to the
bad name _info, which was done to protect the buggy global's bad name
from -Wshadow warnings.
Change 25 uses of errc() to err(). 2 of these were correct. 23 used
errno for the arg so were just a verbose spelling of err(). 5 of these
were just style bugs, and 18 depended on revert() saving errno.
1 warn() also depended on revert() saving errno.
Remove 2 warnx()'s that duplicate the message from a later errx().
These used to be before returns, and should have reported errno in
some cases. errno is also not reported for for openguess() failures.
Only "restore" the video mode in revert() if the mode was just set
(necessarily partially). Setting the mode to its current setting
doesn't "restore" it, but resets it, with the least harmful change
being to clear the screen. revert() is called even for some harmless
syntax errors and usually did nothing except reset the mode. Now it
usually does nothing. The only things that it tries to restore apart
from the mode are the active vty number, the screen map, 2 colors that
only need to be restored (only after a mode change) to fix kernel bugs,
and 3 colors that can't be restored due to kernel bugs. (This is
mostly for sc, since vt doesn't support mode changes.)
revert() is not called for syntax and setting errors after [mode], so
the mode reset is only done for failures to set raster mode after
setting graphics mode. normal colors can only be set after [mode],
and that is why reverting them should be unnecessary.
r146736 added an undocumented syntax and many bugs handling it. The
documented syntax is "... [mode] [fg [bg]] [show]", where it is critical
for reducing ambiguity and keeping things simple that the mode is
parsed first. r146736 added buggy support for "... [mode] [fg [bg]]
[show] [mode] [fg [bg]]". One error was that after for failing to set
a partially-supported graphics mode, argv[optind] remains pointing to
the mode so doesn't match the first [fg [bg]], so the setting is
attempted again, with slightly worse error handling.
Fix this by removing it (support for the trailing '[mode] [fg [bg]]')
and cleaning up. The cleanups are mostly to remove convolutions and
bugs that didn't work to handle the ambiguous syntax '[fg [bg]] [fg [bg]]'
when [mode] and [show] are not present. Globals were set to allow
repeating the color settings at the end. The functions that set the
colors earlier were misnamed from set* to get*. All that they "got" is
is settings from argv. They applied the settings to the kernel and
the globals.
Fix restoration of colors in revert() by restoring 2 after the mode
change. Colors should not need to be restored, but a bug in scteken
clobbers them on any mode change, including ones for restoration. Don't
move the restoration of the other 3. Teken doesn't clobber them on
mode changes because it doesn't support them at all (sc still supports
the border color, but only using a non-teken ioctl).
Add restoration of colors after a successful mode change to work around
the scteken bug there too. The bug was previously masked by the general
setting of colors at the end.
Fix a longstanding parsing/error handling bug by exiting almost immediately
after matching the [mode] arg but failing to set the mode. Just revert
if necessary. Don't return to continue parsing but do it wrong. This
bug caused spamming the output with a usage() message and exiting with
status 1 whenever [mode] is not present bug [fg [bg]] or [show]. The
exit code 1 was actualy an ambiguous internal code for failure to match
[mode] or failure to set [mode]. This 1 was obfuscated by spelling it
EXIT_FAILURE, but actual exit codes spell EXIT_FAILURE as 1. Remove
another global which could have been used to disambiguate this but was
only used to micro-optimize the (unnecessary except for other bugs)
setting of colors at the end.
attempts to keep them that way. The bg brightness bit is interpreted
as blinking in some modes, but it would barely be useful to disallow
setting it when it would give blinking in code which knew when that
is. The old code mostly knew this wrong, and added handling errors.
It is in fact impossible to know, since future mode switches may
change the meaning of the bit many times on the screen and in history.
Old versions of vidcontrol disallowed bg color numbers >= 8 in all
cases. This is very VGA/syscons-centric. Syscons uses the VGA defaults
of blinking fg instead of bright bg in text mode and bright bg in
graphics mode. On VGA, this is very easy to toggle at any time, and
vt blows away the VGA text mode default at boot time.
r146736 changed this to try to allow bg color numbers in graphics mode
only. This is even more VGA/syscons-centric, and there are many bugs
in this, and many nearby bugs in the parser. These are increased or
decreased by differences and bugs in vt and teken.
Perhaps the most obvious bug was that almost any vidcontrol command
which changes any color or the mode causes an error if the initial fg
color is bright. E.g., in syscons text mode, after "vidcontrol
lightwhite" to make the fg bright, another "vidcontrol lightwhite" is
rejected and buggy fixup code changes the fg to white. This is because
the bright fg color creates a bright bg color for the phantom reverse
video attribute, so was rejected. (The reverse video attribute is
phantom because teken ignores the user's setting of it and simply
reverses the fg attributes to create the bg attributes. Sometimes
some layer masks off the brightness/blinking bit, but not here.)
Perhaps the next most obvious one was that "vidcontrol lightgreen
lightblue" was misparsed as 2 settings of the fg instead of 1 setting
of the fg and 1 invalid setting of the bg. This is because the
parser supports an undocumented syntax with many parsing bugs (an
ambiguity gives this one).
I recently fix bugs in teken that broke setting of bright fg's and
bg's in the normal way. This gave more settings of then, so the old
bugs showed up more often.
Multiple periodic scripts sleep for a random amount of time in order to
mitigate the thundering herd problem. This is bad, because the sum of
multiple uniformly distributed random variables approaches a normal
distribution, so the problem isn't mitigated as effectively as it would be
with a single sleep.
This change creates a single configurable anticongestion sleep. periodic
will only sleep if at least one script requires it, and it will never sleep
more than once per invocation. It also won't sleep if periodic was run
interactively, fixing an unrelated longstanding bug.
PR: 217055
PR: 210188
Reviewed by: cy
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D10211
The goal of this work is to remove the explicit dependency for ctl(4)
on iscsi(4), so end-users without iscsi(4) support in the kernel can
use ctl(4) for its other functions.
This allows those without iscsi(4) support built into the kernel to use
ctl(4) as a test mechanism. As a sidenote, this was possible around the
10.0-RELEASE period, but made impossible for end-users without iscsi(4)
between 10.0-RELEASE and 11.0-RELEASE.
Automatically load cfiscsi(4) from ctladm(8) and ctld(8) for backwards
compatibility with previously releases. The automatic loading feature is
compiled into the beforementioned tools if MK_ISCSI == yes when building
world.
Add a manpage for cfiscsi(4) and refer to it in ctl(4).
Differential Revision: D10099
MFC after: 2 months
Relnotes: yes
Reviewed by: mav, trasz
Sponsored by: Dell EMC Isilon
Coverity warns that it is invalid to access following struct members by
accessing the current struct member pointer plus one. Assuming the
compilers aren't abusing this kind of UB yet, this cleanup isn't a
functional change.
Reported by: Coverity
CID: 1368713
Sponsored by: Dell EMC Isilon
This is a collection of minor changes as diff reduction against NetBSD.
NetBSD revs:
cd9660.c 1.39
cd9660.h 1.19
makefs.c 1.34
Obtained from: NetBSD
Sponsored by: The FreeBSD Foundation
- Add a new "qsize" parameter in audit_control and the getacqsize(3) API to
query it, allowing to set the kernel's maximum audit queue length.
- Add support to push a mapping between audit event names and event numbers
into the kernel (where supported) using new A_GETEVENT and A_SETEVENT
auditon(2) operations.
- Add audit event identifiers for a number of new (and not-so-new) FreeBSD
system calls including those for asynchronous I/O, thread management, SCTP,
jails, multi-FIB support, and misc. POSIX interfaces such as
posix_fallocate(2) and posix_fadvise(2).
- On operating systems supporting Capsicum, auditreduce(1) and praudit(1) now
run sandboxed.
- Empty "flags" and "naflags" fields are now permitted in audit_control(5).
Many thanks to Christian Brueffer for producing the OpenBSM release and
importing/tagging it in the vendor branch. This release will allow improved
auditing of a range of new FreeBSD functionality, as well as non-traditional
events (e.g., fine-grained I/O auditing) not required by the Orange Book or
Common Criteria.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, AFRL
MFC after: 3 weeks
naming scheme
usr.bin/diff/diff_test was renamed to usr.bin/diff/netbsd_diff_test
to avoid collisions with the renamed FreeBSD test.
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Call `Delete(..)` (a free(3) wrapper) on `name` when bailing from the
function.
Submitted by: Tom Rix <trix@juniper.net>
Reviewed by: ngie
Differential Revision: D10097
Sponsored by: Dell EMC Isilon, Juniper
There is no behavioral difference, as it's just swapping
out the name of two identically-valued constants.
Submitted by: Vicki Pfau (vi AT endrift.com)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D9597
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
- Check the return from a call to malloc() in skim_printcap(), and
return a NULL if that fails.
- Fix a small memory leak in main() that happens if skim_printcap()
returns an error, including the new error-return of NULL.
Submitted by: Tom Rix <trix@juniper.net>
Reviewed by: pfg, ngie
MFC after: 4 weeks
Sponsored by: Dell EMC Isilon, Juniper
Differential Revision: D9954, D9982
