We restrict the (optional) input file and output files. It would be
nice to restrict the KVM files, but that's up to libkvm.
We wait until after kvm_nlist() is invoked to cap_enter() because
kldsym() isn't supported in the Capsicum sandbox.
Feedback from: emaste@ (earlier versions)
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D7921
Separate dataset opening from reading/parsing. The number of input
files is already capped to a small number, so just open all input files
before sandboxing.
Feedback from: allanjude@ (earlier version), emaste@ (earlier version)
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D7925
The restriction here is pretty late and pretty minimal. We need a lot
of authority to open password databases, and don't do much after that
point.
Feedback from: lifanov at mail.lifanov.com (earlier version), emaste (earlier version)
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D7988
This is a direct port of the kernel %b format.
I'm unclear on if (more) non-portable printf extensions will be a
problem. I think it's desirable to have userspace formats include all
kernel formats, but there may be competing goals I'm not aware of.
Reviewed by: no one, unfortunately
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8426
Needed for 'readelf -l' of extended phnum files. (Parity with GNU
binutils.)
Reviewed by: no one, unfortunately
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8703
Extended numbering is used for any of these fields overflowing.
Reviewed by: emaste@
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8701
Add a helper routine for opening a directory that is restricted to being
used for opening relative files as stdio streams.
I think this will really help basic adaptation of multi-file programs to
Capsicum. Rather than having each program initialize a rights object and
ioctl/fcntl arrays for their root fd for relative opens, consolidate in the
logical place.
Reviewed by: oshogbo@
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8743
Initialize l_sec_contents to make sure that free(l_sec_contents) is called
on valid pointers.
Obtained from: OpenBSD (partial CVS rev 1.18)
MFC after: 5 days
The kernel builds reproducibly, except for the time, date, user, and
hostname baked into the kernel (reported at startup and via the
kern.version sysctl for uname). Add a build knob to disable the
inclusion of this metadata.
Reviewed by: jhb
MFC after: 1 month
Relnotes: Yes
Sponsored by: Reproducible Builds World Summit 2, Berlin
Differential Revision: https://reviews.freebsd.org/D8809
Unlike UFS or TMPFS, ZFS sets uarch automatically whenever a file is
updated. The test must explicitly clear uarch to be portable across
filesystems. Also, it doesn't need to run as root.
PR: 215179
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D8741
Build metadata (username, hostname, etc.) prevents the FreeBSD kernel
from building reproducibly. Add an option to disable inclusion of that
metadata but retain the release information and SVN/git VCS details.
See https://reproducible-builds.org/ for additional background.
Reviewed by: bapt
Obtained from: NetBSD
MFC after: 1 month
Sponsored by: Reproducible Builds World Summit 2, Berlin
Differential Revision: https://reviews.freebsd.org/D4347
This paves way to implement VDSO for the enlightened time counter.
Reviewed by: kib
MFC after: 1 week
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D8768
The object is not yet fully constructed and must not be available to
other threads. This makes default_pager_alloc() almost identical to
swap_pager_alloc_init().
Reviewed by: alc
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
The primary purpose is to call nmount() in a loop with new iovec's so
free_iovec takes arguments by reference and resets their values.
Reviewed by: cem
MFC after: 1 week
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D8513
feature_barrier and feature_flush variables. Otherwise, adjacent
variables on the stack, such as sector_size, may be overwritten, with
disastrous results.
Note that I did not see a good reason to revert the addition of zero
checks introduced in r310013. Better safe than sorry.
PR: 215209
Tested by: royger
MFC after: 3 days
The MCA taskqueue is not initialized until some time after CMCIs are
enabled on the BSP.
Reviewed by: cem, jhb
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8783
in this file actually described the operation of the swap pager, not the
default pager. Given that this is the wrong place to discuss the
implementation of the swap pager, it shouldn't come as a surprise that as
the swap pager evolved these comments became increasingly stale. In
addition, apply some style fixes, like modernizing a few remaining old-
style function definitions.
Reviewed by: kib, markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D8781
Without this change, every individual FEATURE() declaration would have
an individual metric in Prometheus. Though this wouldn't be harmful, it
would look very cluttered.
By letting it use a single metric with the name of the feature attached
as a label, it also becomes easier to search, as you can apply regex
matching, etc.
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D8775
This way it becomes possible to graph a property for all instances of a
single driver. For example, graphing the number of packets across all
USB controllers, the amount of dropped packets on all NICs, etc.
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D8775
In order to make Prometheus do graphing/alerting on thermal sensors in a
generic fashion, we should attach the name of the thermal zone device as
a label. That way there is only a single metric for the temperature of a
thermal zone, with its name attached as a label.
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D8775
Sysctls like kern.eventtimer.et.*.quality currently embed the name of
the clock device. This is problematic for the Prometheus metrics
exporter for two reasons:
- Some of those clocks have dashes in their names, which Prometheus
doesn't allow to be used in metric names.
- It doesn't allow for extracting the same property of all clocks on the
system from within a single query.
Attach these nodes to have a label, so that the Prometheus metrics
exporter gives these metric a uniform name with the name of the clock
attached as a label.
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D8775
Under kern.cam we have certain sysctls that are per-device, such as the
ones under kern.cam.ada.[0-9]+.*. Add a "device_index" label annotation
to such sysctls, so that the Prometheus metrics exporter will give all
of those metrics the same name. The device number will be added to the
metric name as the "device_index" label.
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D8775
I'm currently working on writing a metrics exporter for the Prometheus
monitoring system to provide access to sysctl metrics. Prometheus and
sysctl have some structural differences:
- sysctl is a tree of string component names.
- Prometheus uses a flat namespace for its metrics, but allows you to
attach labels with values to them, so that you can do aggregation.
An initial version of my exporter simply translated
hw.acpi.thermal.tz1.temperature
to
sysctl_hw_acpi_thermal_tz1_temperature_celcius
while we should ideally have
sysctl_hw_acpi_thermal_temperature_celcius{thermal_zone="tz1"}
allowing you to graph all thermal zones on a system in one go.
The change presented in this commit adds support for accomplishing this,
by providing the ability to attach labels to nodes. In the example I
gave above, the label "thermal_zone" would be attached to "tz1". As this
is a feature that will only be used very rarely, I decided to not change
the KPI too aggressively.
Discussed on: hackers@
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D8775
hammer_time(). This makes assembler exception handlers not fault
itself when setting PCB flags, and allow normal kernel trap handler to
get control. The pointer is reset after FPU parameters are obtained.
Set thread0.td_critnest to 1 for duration of hammer_time() as well.
In particular, page faults at that early stage panic immediately
instead of trying to call not yet operational VM to resolve it.
As result, faults during second half of the hammer_time() execution
have a chance to be reported instead of silent machine reboot or hang.
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
- Speeds up the boot process by disabling sendmail.
- Allows an user to ssh as root with a public key.
- Make ssh(1) respond faster by disabling DNS lookups.
- Enable DHCP on the vtnet(4) interface.
Note: The CLOUDWARE list has not yet been changed to include the
OpenStack target by default yet.
Submitted by: Diego Casati
PR: 215258
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
