its value once per ifconfig run. Use Sam's new callback
operation to set it when everything is done.
The purpose for this is that if you did something like
ifconfig bge0 media 100baseTX mediaopt full-duplex
multiple times it would end up causing the PHY to re-sync
since it would send the IOCTLs:
ifconfig bge0 media 100baseTX -mediaopt full-duplex
ifconfig bge0 media 100baseTX mediaopt full-duplex
This would cause the PHY to be updated twice even though
there really wasn't any change since the check in
sys/net/if_media.c would always fail.
Caveat is that this doesn't fix the case of:
ifconfig bge0 media autoselect
etc. since in sys/net/if_media.c it forces an autoselect to go through
the entire process in ifmedia_ioctl :-( :
/*
* If no change, we're done.
* XXX Automedia may invole software intervention.
* Keep going in case the the connected media changed.
* Similarly, if best match changed (kernel debugger?).
*/
if ((IFM_SUBTYPE(newmedia) != IFM_AUTO) &&
(newmedia == ifm->ifm_media) &&
(match == ifm->ifm_cur))
return 0;
Briefly looked at by: sam
with -k option and never be used without kflag. This confuses
gcc because we set "kflag" at the same time with "kernel", but
the logic is not that apparant for gcc.
Since we can initialize "kernel" to NULL then know if "k" option
is set through determining whether it is still NULL, don't try
to have gcc to guess why we are connecting "kflag" with "kernel"
and use "kernel" directly in place of kflag.
Bump WARNS?= from 2 to 6
the new filesystem. This is intended for memory and vnode filesystems
that will never be fsck'ed or dumped.
Obtained from: St. Bernard Software RAPID
MFC after: 2 weeks
generate snapshots in when -L is requested. If the .snap directory
does not exist, or is not a directory, issue a warning and revert
to the non- live behavior.
Obtained from: St. Bernard Software RAPID
- Initialize everything in the struct array, not only the mentioned
ones
- Unconditionally initialize hs to 0 to avoid repeatly doing so
- Cast to unsigned int when comparing to unsigned variables.
This commit replaces those with two new functions that simplify the code
and produce warnings that the syntax is deprecated. A small number of
sensible abbreviations may be explicitly added based on user feedback.
There were previously three types of strncmp use in ipfw:
- Most commonly, strncmp(av, "string", sizeof(av)) was used to allow av
to match string or any shortened form of it. I have replaced this
with a new function _substrcmp(av, "string") which returns 0 if av
is a substring of "string", but emits a warning if av is not exactly
"string".
- The next type was two instances of strncmp(av, "by", 2) which allowed
the abbreviation of bytes to "by", "byt", etc. Unfortunately, it
also supported "bykHUygh&*g&*7*ui". I added a second new function
_substrcmp2(av, "by", "bytes") which acts like the strncmp did, but
complains if the user doesn't spell out the word "bytes".
- There is also one correct use of strncmp to match "table(" which might
have another token after it without a space.
Since I changed all the lines anyway, I also fixed the treatment of
strncmp's return as a boolean in many cases. I also modified a few
strcmp cases as well to be fully consistent.
- Convert the (char *) cast+cast backs magic to
memcpy(3). Without this, the resulting code
is potentially risky with higher optimization
levels.
- Avoid same name when calling local variables,
as well as global symbols. This reduces
confusion for both human and compiler.
- Add necessary casts, consts
- Use new style function defination.
- Minor style.Makefile(5) tweak
- Bump WARNS?= from 0 to 6
** for the aout code: changes are intentionally limited
to ease maintaince.
the given providers. Without even one of the configured components there
should be no way to get the secret.
Supported by: WHEEL Sp. z o.o.
http://www.wheel.pl
- Use more ``const''s where suitable.
- Define strk() as a static function in global scope.
This avoids the "nested extern declaration" warnings.
- Use static initialization of strings, rather than
referring string constants through char *.
- Bump WARNS from 0 to 6.
complementing the existing special case of a not existing /dev prefix
with the recognition of an already existing /dev prefix.
This implicitly solves the following two issues related to working on
GEOM devices /dev/foo/bar (which have the GEOM provider name "foo/bar")
with the expected commands like "bsdlabel /dev/foo/bar":
1. the error "Geom not found" when trying to write or edit the BSD
label (because previously the incorrect GEOM name "bar" instead of
"foo/bar" was derived from "/dev/foo/bar").
2. the multiple times reported "magically introduced" partition offset
of 63 blocks and the resulting errors like "partition extends past
end of unit" and "partition c doesn't start at 0!".
This implicitly resulted because bsdlabel(8) determines the "MBR
offset" via GEOM and (intentionally) silently falls back to an offset
of 0 if it could not be queried (which is the case if the name was
incorrectly derived).
Usually (at least on PCs) the offset for the first slice is 63 blocks
and bsdlabel(8) automatically subtracts them from the absolute
offsets in the read on-disk BSD label, resulting in the display of an
effective offset of 0. If the GEOM query fails, the assumed offset of
0 is subtracted and an incorrect effective offset of 63 is displayed
and tried to be worked upon.
Reviewed by: pjd
MFC after: 1 week
checking and only recognizes numbers in base 10. The attached patch
checks errno after strtol() and uses a base of 0 to allow octal, or hex
sector numbers too.
PR: 73112
Submitted by: keramida
MFC after: 2 weeks
strings. This isn't necessarily a bug, but it can be slightly inconvenient,
because atol() doesn't know how to parse hexadecimal or octal numbers and at
least one of the options of ffsinfo(8) would be easier to use if it did.
Changing atol() -> strtol() allows one to use hex masks for -l MASK, i.e.:
orion:/a/freebsd/src/sbin/ffsinfo# ./ffsinfo -l 0x3ff /
PR: 73110
Submitted by: keramida
MFC after: 2 weeks
special-purpose code to display status for an interface for
state that was not address-oriented. This status reporting
was merged in to the address-oriented status reporting but
did not work for link address reporting (as discovered with
fwip interfaces). Correct this mis-merge and eliminate the
bogus kludge that was used for link-level address reporting.
o add an af_other_status method for an address family for
reporting status of things like media, vlan, etc.
o call the af_other_status methods after reporting address
status for an interface
o special-case link address status; when reporting all
status for an interface invoke it specially prior to
reporting af_other_status methods (since it requires the
sockaddr_dl that is passed in to status separately from
the rtmsg address state)
o correct the calling convention for link address status;
don't cast types, construct the proper parameter
This fixes ifconfig on fwip interfaces.
show file name for 'mdconfig -l -u <x>' command.
This allows to preserve API/ABI compatibility with version 0 (that's why
I changed version number back to 0) and will allow to merge this change
to RELENG_5.
MFC after: 5 days
After this change, when component is disconnected because of an I/O error,
it will not be connected and synchronized automatically, it will be logged
as broken and skipped. Autosynchronization can occur, when component is
disconnected (on orphan event) and connected again - there were no I/O
error, so there is no need to not connected the component, but when there were
writes while it wasn't connected, it will be synchronized.
This fix cases, when component is disconnected because of I/O error and can be
connected again and again.
- Bump version number.
- Implement backward compatibility mechanism. After this change when metadata in
old version is detected, it is automatically upgraded to the new (current)
version.
After this change, when component is disconnected because of an I/O error,
it will not be connected and synchronized automatically, it will be logged
as broken and skipped. Autosynchronization can occur, when component is
disconnected (on orphan event) and connected again - there were no I/O
error, so there is no need to not connected the component, but when there were
writes while it wasn't connected, it will be synchronized.
This fix cases, when component is disconnected because of I/O error and can be
connected again and again.
- Bump version number.
- Add version change history.
- Implement backward compatibility mechanism. After this change when metadata in
old version is detected, it is automatically upgraded to the new (current)
version.
o break per-address family support out into separate files
o modularize per-address family and functional operations using
a registration mechanism; this permits configuration according
to which files you include (but beware that order of the files
is important to insure backwards compatibility)
o many cleanups to eliminate incestuous behaviour, global variables,
and poor coding practices (still much more to fix)
The original motivation of this work was to support dynamic addition
of functionality based on the interface so we can eliminate the various
little control programs and so that vendors can distribute ifconfig
plugins that support their in-kernel code. That work is still to be
completed.
o Update 802.11 support for all the new net80211 functionality; some
of these operations (e.g. list *) may be better suited in a different
program
allows the user to force the creation of a GPT even when there's a
MBR on the device. The MBR is simply wiped and any partitions
described by it are lost. Without the -f option one cannot create
a GPT when there's a MBR.
and 'mediasz' is in bytes. As it so happens, we define 'last' as the
sector number of the last sector on the medium which also is the size
of the PMBR partition. Therefore, use 'last' instead of 'mediasz'.
Submitted by: Dan Markarian <markarian at apple dot com>
to lo(4) interfaces to have an effect, and that this is not needed
when using IP fast forwarding.
Sponsored by: eXtensible Open Router Project <URL:http://www.xorp.org/>
MFC after: 3 weeks
to PRECIOUSLIB from bsd.lib.mk. The side effect of this
is making installing the world under jail(8) possible by
using another knob, NOFSCHG.
Reviewed by: oliver
implying that geom(8) is a RAID solution, but it can be used for that
purpose, and a pointer in that direction is better than nothing.
PR: 73088
Submitted by: Miguel Mendez <flynn@energyhq.es.eu.org>
the MBR after it is migrated to a GPT. While this was useful during
the early days when GPT support was under development, it's something
that users can use without knowing what they're getting themselves
into. The possible harm outweights the marginal usefulness it now has.
reversals+system lock ups if they are using ucred based rules
while running with debug.mpsafenet=1.
I am working on merging a shared locking mechanism into ipfw which
should take care of this problem, but it still requires a bit more
testing and review.
1) ginode() is passed a cylinder group number and inode number. The inode
number is relative to the cg. Use this relative number rather than the
absolute inode number when searching the cg inode bitmap to see if the inode
is allocated. Using the absolute number quickly runs the check off the end
of the array and causes invalid inodes to be referenced.
2) ginode() checks the absolute indoe number to make sure that it is greater
than ROOTINO. However, the caller loops through all of the possible inode
numbers and directly passes in values that are < ROOTINO. Instead of halting
the program with an error, just return NULL.
3) When allocating new cylinder groups, growfs was initializing all of the
inodes in the group regardless of this only being required for UFS1. Not
doing this for UFS2 provides a significant performance increase.
These fixes allow growing a filesystem beyond a trivial amount and have
been tested to grow an 8GB filesystem to 1.9TB. Much more testing would
be appreciated.
Obtained from: Sandvine, Inc.
count of zero and instead encode this information in the inode state.
Pass 4 performed a linear search of this list for each inode in
the file system, which performs poorly if the list is long.
Reviewed by: sam & keramida (an earlier version of the patch), mckusick
MFC after: 1 month
- Document better what the -C option means.
- The -c option is currently a no-op.
- The -D and -h options do not allow switching between
single/dual console modes and internal/video consoles.
(This used to be true for the old biosdisk boot code,
but now they just force the multiple consoles mode and
serial console, respectively.)
1M blocks and optionally write the read data to a file or disk.
If a read error happens, the 1M block gets put on the end of the worklist
and will be retried with 64k blocksize.
If a read error happens again, the 64k block gets put at the end of the
worklist and will be retried with single sector reads.
The program keeps trying until you stop it.
You can refresh a disk:
recoverdisk /dev/ad1 /dev/ad1
or salvage a floppy:
recoverdisk /dev/fd0 myfloppy.flp
standing ability to list a non-existant device in /etc/ttys to keep it
from dying. This is a documented feature of init(8):
The init utility can also be used to keep arbitrary daemons running,
automatically restarting them if they die. In this case, the first field
in the ttys(5) file must not reference the path to a configured device
node and will be passed to the daemon as the final argument on its com-
mand line. This is similar to the facility offered in the AT&T System V
UNIX /etc/inittab.
So rather than fix the man page to 'break' this feature, back out the change.
At the time this change was made, people felt that the spamage from
getty was annoying on headless consoles. Andrew Gallatin noted:
> Most of my machines are headless without video cards and use a serial
> console. With devfs this means that /dev/ttyv[1-N] do not exist and
> getty bitches like this:
>
> Sep 26 11:00:11 monet getty[543]: open /dev/ttyv1: No such file or directory
and we went off and applied this hack rather than fixing getty to
sleep forever when it gets an unknown device, as was Andrew's other
suggestion. Since it breaks things, I'm off to do that instead.
and disklabel.5. Refrencing bsdlabel.5 is somewhat bogus as it is not
connected to the build and is mostly unwritten at this point.
Reported by: Matthias Andree <matthias.andree at web.de>
PR: docs/72020
After this change it should be possible to use very big md(4) devices.
- Clean up and simplify the code a bit.
- Use humanize_number(3) to print size of md(4) devices.
- Add 't' suffix which stands for terabyte.
- Make '-S' to really work with all types of devices.
- Other minor changes.
and sent to the DIVERT socket while the original packet continues with the
next rule. Unlike a normally diverted packet no IP reassembly attemts are
made on tee'd packets and they are passed upwards totally unmodified.
Note: This will not be MFC'd to 4.x because of major infrastucture changes.
PR: kern/64240 (and many others collapsed into that one)
contain O_UID, O_GID and O_JAIL opcodes, the F_NOT or F_OR logical
operator bits get clobbered. Making it impossible to use the ``NOT'' or
``OR'' operators with uid, gid and jail based constraints.
The ipfw_insn instruction template contains a ``len'' element which
stores two pieces of information, the size of the instruction
(in 32-bit words) in the low 6 bits of "len" with the 2 remaining
bits to implement OR and NOT.
The current code clobbers the OR and NOT bits by initializing the
``len'' element to the size, rather than OR'ing the bits. This change
fixes this by changing the initialization of cmd->len to an OR operation
for the O_UID, O_GID and O_JAIL opcodes.
This may be a MFC candidate for RELENG_5.
Reviewed by: andre
Approved by: luigi
PR: kern/63961 (partially)
0xffffffff sectors. Document this limit and avoid installing bogus
labels on disks with more sectors.
Allowing the installation of labels addressing as much of the disk as
possiable may be a useful addition in some situations, but this was easy
to implement and should reduce confusion.
PR: bin/71408
increasing it. Add code to ifconfig to use this size to find the
sockaddr_dl after the struct if_data in the routing message. This
allows struct if_data to grow (up to 255 bytes) without breaking
ifconfig.
Submitted by: peter
keyword but without 'logamount' limit the amount of their log messages
by net.inet.ip.fw.verbose_limit sysctl value.
RELENG_5 candidate.
PR: kern/46080
Submitted by: Dan Pelleg
MFC after: 1 week
verification of regular data when device is in complete state.
On verification error, EIO error is returned for the bio and sysctl
kern.geom.raid3.stat.parity_mismatch is increased.
Suggested by: phk
as well, even if device is in complete state.
I observe 40% of speed-up with this option for random read operations,
but slowdown for sequential reads.
Basically, without this option reading from a RAID3 device built from 5
components (c0-c4) looks like this:
Request no. Used components
1 c0+c1+c2+c3
2 c0+c1+c2+c3
3 c0+c1+c2+c3
With the new feature:
Request no. Used components
1 c0+c1+c2+c3
2 (c1^c2^c3^c4)+c1+c2+c3
3 c0+(c0^c2^c3^c4)+c2+c3
4 c0+c1+(c0^c1^c3^c4)+c3
5 c0+c1+c2+(c0^c1^c2^c4)
6 c0+c1+c2+c3
[...]
has only been partly initialized via newfs(8) so that it applies to both
UFS1 and UFS2.
Submitted by: "Xin LI" delphij at frontfree dot net
MFC: maybe?
Only the actual loopback address should be declared passive, other
addresses are very likely to be desirable to announce.
Check for IFF_LOOPBACK instead of IFF_PASSIVE to determine if we have
an unknown interface type.
Since the only thing truly unique about a prison is it's ID, I figured
this would be the most granular way of handling this.
This commit makes the following changes:
- Adds tokenizing and parsing for the ``jail'' command line option
to the ipfw(8) userspace utility.
- Append the ipfw opcode list with O_JAIL.
- While Iam here, add a comment informing others that if they
want to add additional opcodes, they should append them to the end
of the list to avoid ABI breakage.
- Add ``fw_prid'' to the ipfw ucred cache structure.
- When initializing ucred cache, if the process is jailed,
set fw_prid to the prison ID, otherwise set it to -1.
- Update man page to reflect these changes.
This change was a strong motivator behind the ucred caching
mechanism in ipfw.
A sample usage of this new functionality could be:
ipfw add count ip from any to any jail 2
It should be noted that because ucred based constraints
are only implemented for TCP and UDP packets, the same
applies for jail associations.
Conceptual head nod by: pjd
Reviewed by: rwatson
Approved by: bmilekic (mentor)
This is implemented through SNMP and requires the ilmi daemon to
run on the system. To prevent bloat in rescue the atmconfig for
rescue is compiled without this stuff.
For incoming packets, the packet's source address is checked if it
belongs to a directly connected network. If the network is directly
connected, then the interface the packet came on in is compared to
the interface the network is connected to. When incoming interface
and directly connected interface are not the same, the packet does
not match.
Usage example:
ipfw add deny ip from any to any not antispoof in
Manpage education by: ru
It allows to fix problems when last provider's sector is shared between few
providers.
- Bump version number for CONCAT and STRIPE and add code for backward
compatibility.
- Do not bump version number of MIRROR, as it wasn't officially introduced yet.
Even if someone started to play with it, there is no big deal, because
wrong MD5 sum of metadata will deny those providers.
- Update manual pages.
- Add version history to g_(stripe|concat).h files.
the bug exists in little-endian machine, it was not triggered due
to the difference of memory ordering between little/big endian
machines. Instead of relying on possibly modified value during
function invokcations, use saved copy of ifr.ifr_addr.sa_family.
Also add a comment at the top of ifconfig.c clarifying the issue
so the bug won't re-appear.
Approved by: jake
Reviewed by: yar
partitions and removes any that matches the pre-conditions. The
options are the same for the add command and are used to select
the partitions to remove.
Currently the remove command without any options deletes all GPT
partitions. This is rather harmful and will need anti-footshooting
measures.
starts at 1. No index is represented by 0.
o Change the show command to display the partition number at the expense
of the partition end columm. We already display the start and size.
o Enhance the add command to accept the -i option. The -i option allows
the user to specify which partition number the new partition should
get.
o Update the manpage accordingly.
While here:
o Make the UUIDs static to avoid runtime initialization,
o Rename ext to mslinux,
o Replace the use of memcmp() with uuid_equal(),
o Various style(9) improvements,
o Order the comparisons based on importance,
o Remove the word partition from all the descriptions,
o Other description improvements.
Includes patch from: T. Muthu Mohan < Muthu_T at dell dot com >
new problem shows up: symblic links (<libname>.so) are created under
/usr/lib/ now, instead of under /lib/geom/ where geom(8) looks for them.
Introduce a workaround to fix this by teaching geom(8) to open libraries
via /lib/geom/<libname>.so.<major_number> instead of /lib/geom/<libname>.so.
features. The gmirror(8) utility should be used for control of this class.
There is no manual page yet, but I'm working on it with keramida@.
Many useful tests provided by: simon (thank you!)
Some ideas from: scottl, simon, phk
provider.
- Bump version number.
This allows for a quite interesting trick. One can setup a stripe with
stripe size of 512 bytes and create transparent provider on top of it
with sector size equal to <ndisks> * 512. The result will be something
like RAID3 without parity disk (every access will touch all disks).
RTF_BLACKHOLE as well.
To quote the submitter:
The uRPF loose-check implementation by the industry vendors, at least on Cisco
and possibly Juniper, will fail the check if the route of the source address
is pointed to Null0 (on Juniper, discard or reject route). What this means is,
even if uRPF Loose-check finds the route, if the route is pointed to blackhole,
uRPF loose-check must fail. This allows people to utilize uRPF loose-check mode
as a pseudo-packet-firewall without using any manual filtering configuration --
one can simply inject a IGP or BGP prefix with next-hop set to a static route
that directs to null/discard facility. This results in uRPF Loose-check failing
on all packets with source addresses that are within the range of the nullroute.
Submitted by: James Jun <james@towardex.com>
where boot.config needs to reside. Also change /kernel
to /boot/loader, as that is the apparent default now. This
man page probably requires more updates.
Add a MOD_QUIESCE event for modules. This should return error (EBUSY)
of the module is in use.
MOD_UNLOAD should now only fail if it is impossible (as opposed to
inconvenient) to unload the module. Valid reasons are memory references
into the module which cannot be tracked down and eliminated.
When kldunloading, we abandon if MOD_UNLOAD fails, and if -force is
not given, MOD_QUIESCE failing will also prevent the unload.
For backwards compatibility, we treat EOPNOTSUPP from MOD_QUIESCE as
success.
Document that modules should return EOPNOTSUPP for unknown events.
This class is used for detecting volume labels on file systems:
UFS, MSDOSFS (FAT12, FAT16, FAT32) and ISO9660.
It also provide native labelization (there is no need for file system).
g_label_ufs.c is based on geom_vol_ffs from Gordon Tetlow.
g_label_msdos.c and g_label_iso9660.c are probably hacks, I just found
where volume labels are stored and I use those offsets here,
but with this class it should be easy to do it as it should be done by
someone who know how.
Implementing volume labels detection for other file systems also should
be trivial.
New providers are created in those directories:
/dev/ufs/ (UFS1, UFS2)
/dev/msdosfs/ (FAT12, FAT16, FAT32)
/dev/iso9660/ (ISO9660)
/dev/label/ (native labels, configured with glabel(8))
Manual page cleanups and some comments inside were submitted by
Simon L. Nielsen, who was, as always, very helpful. Thanks!
manpage:
The comparison function must return an integer less than, equal to, or
greater than zero if the first argument is considered to be respectively
less than, equal to, or greater than the second.
Therefore, simply returning "arg1 > arg2" is incorrect. Actually it works
but for the number of items to be sorted less than 7 due to special case
handling in qsort(3);
o add missing '\n' to one of usage() calls.
Approved by: phk
- g_lcm() - calculates Least Common Multiple of two given values,
it is helpful when we need to find sector size for provider
which is based on disks with different sector size;
- g_get_mediasize() - returns media size of given provider;
- g_get_sectorsize() - returns sector size of given provider;
Those function aren't used now, but are used by geom_mirror which will be
committed soon.
routed should be able to specify multicast memberships to be added by
interface index. This should fix the unnumbered / point-to-point case
for RIPv2.
PR: bin/51927
Requested by: Eugene Grosbein
modification of a patch which was already applied for BSD/OS in the
Rhyolite.com sources; this file is already off the vendor branch.
PR: bin/57484
Submitted by: Richard Perini
o Add sanity checking to the firewall delete operation
which tells the user that a firewall rule
specification is required.
The previous behaviour was to exit without reporting any
errors to the user.
Approved by: bmilekic (mentor)
. Implement option -c, all partition sizes will be calculated
in cylinders as opposed to sectors. Since the Sun label is
inherently cylinder-based, this makes the job a little easier.
. Implement option -h, print the label in `human readable'
size/offset format.
. Implement SVR4-compatible VTOC-style elements. They are
fully optional, defaulting to the current behaviour where no
VTOC-style table will be written to disk. However, if
desired, the full functionality of the partitioning menu of
Solaris' format(1m) is now offered (and even more).
. When editing the label, do not loop around edit_label() where
a new template file is generated for each turn, this used to
be annoying in that any possible syntax error caused a
complaint, but then the template was created anew, so the
user had to perform all their editing again. Rather loop
inside edit_label(), similar to bsdlabel(8), so in case of
errors, the user will be presented their previous template
file again.
. If VTOC-style elements are present, the overlap checks are
made less stringent. Overlaps will still be warned about,
but overlaps of `unmountable' partitions against other ones
are no longer fatal. That way, e. g. VxVM encapsulated
disk labels can be fully edited in FreeBSD (but not in
Solaris ;-).
. In print_label(), generate the editing hints only if the -e
flag is in effect. Additionally, print a hint about the
total number of sectors in the (hardware) medium.
. When editing a label, allow for changing the geometry
emulation (and textual name) by modifying the "text:" line
on top. That way, a more effective emulation can be
chosen.
. When editing/reading a label, additionally allow for the
suffixes `s' (512-byte sectors), and `c' (cylinders) in the
partition size field.
. Finally, turn the stub man page into something that really
explains the entire thing.
