Commit Graph

18301 Commits

Author SHA1 Message Date
Ravi Pokala
90e43b446d Add and document options to allow rpc.lockd and rpc.statd to run in the
foreground.

This allows a separate process to monitor when and how those programs exit.
That process can then restart them if needed.

Submitted by:	Alex Burlyga
Reviewed by:	bcr, imp
MFC after:	1 week
Sponsored by:	Panasas
Differential Revision:	https://reviews.freebsd.org/D22474
2019-11-22 16:53:30 +00:00
Cy Schubert
964c4a37b0 Chase r344883. ntp is 4.2.8p13.
MFC after:	3 days
2019-11-21 20:15:22 +00:00
Mateusz Piotrowski
6e02be63f4 bsdinstall.8: Fix description of DISTRIBUTIONS environment variable
Reviewed by:	bcr
Approved by:	bcr (mentor)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D22478
2019-11-21 15:54:56 +00:00
Ed Maste
1da495d063 revert r354935 and apply fix for cleandir failure
This reapplies the RISC-V GNU ld workaround from r354896, r354899, and
354900, along with a fix for the build failure during cleandir.

LINKER_TYPE was not being set during cleandir, resulting in
Malformed conditional (${LINKER_TYPE} == "bfd" && ${MACHINE} == "riscv")
from Cirrus-CI.

PR:		242109
Sponsored by:	The FreeBSD Foundation
2019-11-21 13:56:16 +00:00
Glen Barber
fb1c294d47 Revert r354896, r354899, r354900:
Fix build.

Sponsored by:	Rubicon Communications, LLC (netgate.com)
2019-11-21 04:12:08 +00:00
Gleb Smirnoff
71f0077631 Remove sio(4).
It had been disconnected from build in r181233 in 2008.

Reviewed by:	imp
2019-11-21 01:24:49 +00:00
Mark Johnston
e7485a436b Avoid relying on pollution from libcasper.h.
Reported by:	sjg
Sponsored by:	The FreeBSD Foundation
2019-11-21 00:17:14 +00:00
Warner Losh
1cdb8eb8fe Add --esp/-E argument to print the currently booted ESP
Add code to decode the BootCurrent and BootXXXX variable it points at
to deduce the ESP used to boot the system. By default, it prints the
path to that device. With --unix-path (-p) it will instead print the
current mount point for the ESP, if any (or an error). With
--device-path (-d) it wil print the UEFI device path for the ESP.

Note: This is the best guess based on the UEFI variables. If the ESP
is part of a gmirror, etc, that won't be reported. If by some weird
chance there was a complicated series of chain boots, this may not be
what you want. For setups that don't add layers on top of the raw
devices, it is accurate.

Differential Revision: https://reviews.freebsd.org/D22432
2019-11-20 23:58:36 +00:00
Li-Wen Hsu
7cef5cac04 Use the correct variable, also limit the scope to bfd
PR:		242109
Reported by:	jhb
Sponsored by:	The FreeBSD Foundation
2019-11-20 16:54:21 +00:00
Li-Wen Hsu
f10ddee841 Limit the workaround to riscv only
PR:		242109
Sponsored by:	The FreeBSD Foundation
2019-11-20 16:35:58 +00:00
Li-Wen Hsu
53c772bbd7 Workaround riscv64 build when using binutils 2.33.1
PR:		242109
Reviewed by:	bapt
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D22457
2019-11-20 16:20:49 +00:00
Vincenzo Maffione
d70b206955 bhyve: virtio-net: disable receive until features are negotiated
This patch fixes a race condition where the receive callback is called
while the device is being reset. Since the rx_merge variable may change
during reset, the receive callback may operate inconsistently with what
the guest expects.
Also, get rid of the unused rx_vhdrlen variable.

PR:	242023
Reported by:	aleksandr.fedorov@itglobal.com
Reviewed by:	markj, jhb
MFC with:	r354552
Differential Revision:	https://reviews.freebsd.org/D22440
2019-11-19 21:10:44 +00:00
Alex Richardson
21697a7a3a Fix error found by new clang operator precendence warning
error: operator '?:' has lower precedence than '|'; '|' will be evaluated first

I discovered this in CheriBSD after updating our fork of clang to the latest
upstream master.

Reviewed By:	ian
Differential Revision: https://reviews.freebsd.org/D22433
2019-11-17 19:04:02 +00:00
Alex Richardson
1e9f67e2e4 makefs: Also set UFS di_birthtime when building on Linux
Since st_birthtime doesn't exists on Linux (unless you use statx(2)), we
instead populate it with the st_ctime value.

Reviewed By:	emaste
Differential Revision: https://reviews.freebsd.org/D22386
2019-11-15 18:34:30 +00:00
Alex Richardson
62a3510f1f Fix contents= being ignored in msdosfs makefs mtree
I noticed this while trying to build an EFI boot image

Reviewed By:	emaste
Differential Revision: https://reviews.freebsd.org/D22387
2019-11-15 18:34:23 +00:00
Konstantin Belousov
7672c254eb cpucontrol: print more useful information when MSR access fails.
Instead of providing ioctl cmd value, which has no meaning to user,
print MSR number.  The later is what the user expects in this place
even.

Reported by:	pstef
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2019-11-13 22:43:11 +00:00
Alan Somers
9f96f106f8 sesutil: fix another memory leak
Instead of calloc()ing (and forgetting to free) in a tight loop, just put
this small array on the stack.

Reported by:	Coverity
Coverity CID:	1331665
MFC after:	2 weeks
Sponsored by:	Axcient
2019-11-12 23:57:57 +00:00
Alan Somers
a221b104de sesutil: fix some memory leaks
Reported by:	Coverity
Coverity CID:	1331665
MFC after:	2 weeks
Sponsored by:	Axcient
2019-11-12 23:09:55 +00:00
Alan Somers
691a834cb7 sesutil: fix an out-of-bounds array access
sesutil would allow the user to toggle an LED that was one past the maximum
element.  If he tried, ENCIOC_GETELMSTAT would return EINVAL.

Reported by:	Coverity
Coverity CID:	1398940
MFC after:	2 weeks
Sponsored by:	Axcient
2019-11-12 23:03:52 +00:00
Vincenzo Maffione
07b35f77c0 bhyve: rework mevent processing to fix a race condition
At the end of both mevent_add() and mevent_update(), mevent_notify()
is called to wakeup the I/O thread, that will call kevent(changelist)
to update the kernel.
A race condition is possible where the client calls mevent_add() and
mevent_update(EV_ENABLE) before the I/O thread has the chance to wake
up and call mevent_build()+kevent(changelist) in response to mevent_add().
The mevent_add() is therefore ignored by the I/O thread, and
kevent(fd, EV_ENABLE) is called before kevent(fd, EV_ADD), resuliting
in a failure of the kevent(fd, EV_ENABLE) call.

PR:	241808
Reviewed by:	jhb, markj
MFC with:	r354288
Differential Revision:	https://reviews.freebsd.org/D22286
2019-11-12 21:07:51 +00:00
Edward Tomasz Napierala
b5961be1ab Add GEOM attribute to report physical device name, and report it
via 'diskinfo -v'.  This avoids the need to track it down via CAM,
and should also work for disks that don't use CAM.  And since it's
inherited thru the GEOM hierarchy, in most cases one doesn't need
to walk the GEOM graph either, eg you can use it on a partition
instead of disk itself.

Reviewed by:	allanjude, imp
Sponsored by:	Klara Inc
Differential Revision:	https://reviews.freebsd.org/D22249
2019-11-09 17:30:19 +00:00
Vincenzo Maffione
d55e0373f1 bhyve: add support for virtio-net mergeable rx buffers
Mergeable rx buffers is a virtio-net feature that allows the hypervisor
to use multiple RX descriptor chains to receive a single receive packet.
Without this feature, a TSO-enabled guest is compelled to publish only
64K (or 32K) long chains, and each of these large buffers is consumed
to receive a single packet, even a very short one. This is a waste of
memory, as a RX queue has room for 256 chains, which means up to 16MB
of buffer memory for each (single-queue) vtnet device.
With the feature on, the guest can publish 2K long chains, and the
hypervisor will merge them as needed.

This change also enables the feature in the netmap backend, which
supports virtio-net offloads. We plan to add support for the
tap backend too.
Note that differently from QEMU/KVM, here we implement one-copy receive,
while QEMU uses two copies.

Reviewed by:    jhb
MFC after:      3 weeks
Differential Revision:	https://reviews.freebsd.org/D21007
2019-11-08 17:57:03 +00:00
Vincenzo Maffione
3e11768ee1 bhyve: add backend rx backpressure to virtio-net
If a VM is flooded with more ingress packets than the guest OS
can handle, the current virtio-net code will keep reading those
packets and drop most of them as no space is available in the
receive queue. This is an undesirable receive livelock, which
is a waste of CPU and memory resources and potentially opens to
DoS attacks.
With this change, virtio-net uses the new netbe_rx_disable()
function to disable ingress operation in the backend while the
guest is short on RX buffers. Once the guest makes more buffers
available to the RX virtqueue, ingress operation is enabled again
by calling netbe_rx_enable().

Reviewed by:	bryanv, jhb
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D20987
2019-11-03 19:02:32 +00:00
Vincenzo Maffione
14d726374b bhyve: fix mistake introduced by r352841
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D20973
2019-11-03 18:53:42 +00:00
Vincenzo Maffione
c7c7805531 add valectl to the system commands
The valectl(4) program is used to manage vale(4) switches.
Add it to the system commands so that it can be used right away.
This program was previously called vale-ctl, and stored in
tools/tools/netmap

Reviewed by:	hrs, bcr, lwhsu, kevans
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D22146
2019-10-31 21:01:34 +00:00
Jung-uk Kim
412d13d559 Catch up with ACPICA 20191018.
PR:		241467
XMFC with:	r353764
2019-10-24 22:33:46 +00:00
Jung-uk Kim
a009b7dcab Merge ACPICA 20191018. 2019-10-19 14:56:44 +00:00
Scott Long
fe1c359603 Fix the botched field ordering in the last commit. While here, fix
whitespace, and also reorder the fields so they are easier to read on
an 80 column display (the lines wrapped even before these changes).
Also fix non-standard nomenclature in the Caps code, and update the
man page.

Reported by:	rpokala
2019-10-13 05:11:53 +00:00
Scott Long
635cfe5b81 Change from the non-standard nomenclature of "chip" and "card" to the
standard nomenclature of "device" and "vendor" with the "sub" variants.
This changes the printed format, so anything that scrapes and parses
this will need to be adapted.  No compatibility shims are provided,
but this will not be MFC'd.

Reviewed by:	jhb, emaste, gtetlow
Approved by:	jhb, emaste, gtetlow
2019-10-12 22:27:57 +00:00
Yuri Pankov
a89559c269 bsdinstall: fix ESP detection for auto ZFS layout
Pass the list of user selected disks from zfsboot to bootconfig so that
the latter doesn't rely on ESP autodetection that apparently fails for
some cases, e.g. memstick installation with nvme (boot) and sata drives.

While here, fix printing of debug messages in bootconfig.

Reviewed by:	bcran, imp, tsoome
Differential Revision:	https://reviews.freebsd.org/D21930
2019-10-09 05:28:10 +00:00
Brooks Davis
f189761366 Fix various -Wpointer-compare warnings
This warning (comparing a pointer against a zero character literal
rather than NULL) has existed since GCC 7.1.0, and was recently added to
Clang trunk.

Almost all of these are harmless, except for fwcontrol's str2node, which
needs to both guard against dereferencing a NULL pointer (though in
practice it appears none of the callers will ever pass one in), as well
as ensure it doesn't parse the empty string as node 0 due to strtol's
awkward interface.

Submitted by:	James Clarke <jtrc27@jrtc27.com>
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D21914
2019-10-08 21:14:09 +00:00
Glen Barber
48c8f7d454 Rework the logic for installing the pkg(8) configuration.
'quarterly' package sets do not exist for head, so explicitly
install the 'latest' configuration file there.  Otherwise,
fall back to the original conditional evaluation to determine
if the 'latest' or 'quarterly' configuration file should be
installed.

Reported by:	manu
Reviewed by:	manu
MFC after:	3 days
Sponsored by:	Rubicon Communications, LLC (Netgate)
2019-10-08 18:58:23 +00:00
Kyle Evans
94a5245c4c certctl(8): let one blacklist based on hashed filenames
It seems reasonable to allow, for instance:

$ certctl list
# reviews output -- ah, yeah, I don't trust that one
$ certctl blacklist ce5e74ef.0
$ certctl rehash

We can unambiguously determine what cert "ce5e74ef.0" refers to, and we've
described it to them in `certctl list` output -- I see little sense in
forcing another level of filesystem inspection to determien what cert file
this physically corresponds to.
2019-10-03 20:45:52 +00:00
Kyle Evans
fa0e0c0269 certctl(8): realpath the file before creating the symlink
Otherwise we end up creating broken relative symlinks in
/etc/ssl/blacklisted.
2019-10-03 20:05:46 +00:00
Andriy Gapon
5fda0d60c1 add ability to set watchdog timeout for a shutdown
This change allows to specify a watchdog(9) timeout for a system
shutdown.  The timeout is activated when the watchdogd daemon is
stopped.  The idea is to a prevent any indefinite hang during late
stages of the shutdown.  The feature is implemented in rc.d/watchdogd,
it builds upon watchdogd -x option.

Note that the shutdown timeout is not actiavted when the watchdogd
service is individually stopped by an operator.  It is also not
activated for the 'shutdown' to the single-user mode.  In those cases it
is assumed that the operator knows what they are doing and they have
means to recover the system should it hang.

Significant subchanges and implementation details:
- the argument to rc.shutdown, completely unused before, is assigned to
  rc_shutdown variable that can be inspected by rc scripts
- init(8) passes "single" or "reboot" as the argument, this is not
  changed
- the argument is not mandatory and if it is not set then rc_shutdown is
  set to "unspecified"
- however, the default jail management scripts and jail configuration
  examples have been updated to pass "jail" to rc.shutdown, just in case
- the new timeout can be set via watchdogd_shutdown_timeout rc option
- for consistency, the regular timeout can now be set via
  watchdogd_timeout rc option
- watchdogd_shutdown_timeout and watchdogd_timeout override timeout
  specifications in watchdogd_flags
- existing configurations, where the new rc options are not set, should
  keep working as before

I am not particularly wed to any of the implementation specifics.
I am open to changing or removing any of them as long as the provided
functionality is the same (or very close) to the proposed one.
For example, I think it can be implemented without using watchdogd -x,
by means of watchdog(1) alone.  In that case there would be a small
window between stopping watchdogd and running watchdog, but I think that
that is acceptable.

Reviewed by:	bcr (man page changes)
MFC after:	5 weeks
Relnotes:	yes
Differential Revision: https://reviews.freebsd.org/D21221
2019-10-03 11:23:10 +00:00
Ian Lepore
b6fa976de2 Bump .Dd for earlier update (should have been part of r353024). 2019-10-02 23:19:34 +00:00
Ian Lepore
0ec0f10d66 Clarify how the -f option for daemon(8) interacts with other options
related to redirecting stdout and stderr.
2019-10-02 23:06:17 +00:00
Glen Barber
e7a71e6d1b Add a comment explaining why the opensolaris_load line in loader.conf
is explicitly added.

Requested by:	rgrimes
MFC after:	3 days
MFC with:	r353004
Sponsored by:	Rubicon Communications, LLC (Netgate)
2019-10-02 16:09:28 +00:00
Glen Barber
8cdae52ef6 Explicitly add opensolaris_load="YES" to loader.conf through the
installer when installing the system on a ZFS root filesystem.

For arm64, zfs_load="YES" does not add opensolaris.ko as a kld
dependency, so add it explicitly to prevent boot-time failures
out-of-box.

PR:		240478
MFC after:	3 days
Sponsored by:	Rubicon Communications, LLC (Netgate)
2019-10-02 13:30:17 +00:00
Kyle Evans
0da4b4089c Unbreak etcupdate(8) and mergemaster(8) after r352950
r352950 introduced improper case fall-through for shell scripts. Fix it with
a pipe.

Reported by:	lwhsu, David Wolfskill
2019-10-02 12:46:28 +00:00
Hans Petter Selasky
eff4361d88 Use size_t for byte_to_write variable when comparing to eeprom_info_out_len
which is also size_t in mlx5tool(8).

Submitted by:	slavash@
MFC after:	3 days
Sponsored by:	Mellanox Technologies
2019-10-02 10:58:27 +00:00
Hans Petter Selasky
133fc15cf3 Add the ability to query the EEPROM information in mlx5tool(8).
Submitted by:	slavash@
MFC after:	3 days
Sponsored by:	Mellanox Technologies
2019-10-02 10:19:17 +00:00
Kyle Evans
bbb8014f09 [3/3] etcupdate and mergemaster support for certctl
This commit add support for certctl in mergemaster and etcupdate. Both will
either rehash or prompt for rehash as new certificates are
trusted/blacklisted.

This work was done primarily by allanjude@, with minor contributions by
myself.

No objection from:	secteam
Differential Revision:	https://reviews.freebsd.org/D17389
2019-10-02 01:06:37 +00:00
Kyle Evans
ccdcb388ba [2/3] Add certctl(8)
This is a simple utility to hash all trusted on the system into
/etc/ssl/certs. It also allows the user to blacklist certificates they do
not trust.

This work was done primarily by allanjude@, with minor contributions by
myself.

No objection from:	secteam
Differential Revision:	https://reviews.freebsd.org/D16857
2019-10-02 01:05:53 +00:00
Kyle Evans
546d30b94b Move httpd to simple_httpd...
This avoids PATH conflicts with a real httpd, as a user will likely almost
always prefer the more fully-featured httpd. This also lines up with the
historical name of the program.
2019-10-01 18:14:37 +00:00
Kyle Evans
2d0a92c9ab Move simple_httpd out of picobsd, add HTTPD option (default OFF)
picobsd/tinyware has had this compact HTTPD server for a long time, and some
people do use it. Move it out into usr.sbin well in advance of any action
being taken on picobsd.

This has been gated behind an HTTPD option defaulted to *off*, primarily for
two reasons:
1.) This code likely needs a good audit, as it's been living off in picobsd
    land for a long time, and
2.) We don't currently ship an httpd and this may not be a welcome surprise.

Reviewed by:	eugen
Differential Revision:	https://reviews.freebsd.org/D21724
2019-10-01 14:55:16 +00:00
Vincenzo Maffione
d12c5ef640 bhyve: support for enabling/disabling the net backend
Extend the net backend interface with two functions, namely netbe_rx_disable()
and netbe_rx_enable(), which can be used by the net device emulators to stop
the backend from invoking the receive callback. This is useful for device
emulators, i.e., on hardware resets or to implement receive backpressure.
The mevent module has been extendede to support the addition of a disabled
event. To prevent race conditions, the net backends will start with receive
operation disabled. A follow-up patch will use the new functionalities in
the virtio-net device.

Reviewed by:	jhb, markj
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D20973
2019-09-28 12:02:43 +00:00
Yuri Pankov
736dcdb75a efibootmgr(8): fix markup and style issues
- split synopsis into separate options that can't be used together
- sort options
- fix (style) issues reported by mandoc lint

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D21710
2019-09-25 21:23:30 +00:00
Kyle Evans
5b80de237b cron: add log suppression and mail suppression for successful runs
This commit adds two new extensions to crontab, ported from OpenBSD:
- -n: suppress mail on succesful run
- -q: suppress logging of command execution

The -q option appears decades old, but -n is relatively new. The
original proposal by Job Snijder can be found here [1], and gives very
convincing reasons for inclusion in base.

This patch is a nearly identical port of OpenBSD cron for -q and -n
features. It is written to follow existing conventions and style of the
existing codebase.

Example usage:

# should only send email, but won't show up in log
* * * * * -q date

# should not send email
* * * * * -n date

# should not send email or log
* * * * * -n -q date

# should send email because of ping failure
* * * * * -n -q ping -c 1 5.5.5.5

[1]: https://marc.info/?l=openbsd-tech&m=152874866117948&w=2

PR:		237538
Submitted by:	Naveen Nathan <freebsd_t.lastninja.net>
Reviewed by:	bcr (manpages)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D20046
2019-09-25 02:37:40 +00:00
Michael Gmelin
8cfda118cb freebsd-update: Add updatesready' and showconfig' commands
`freebsd-update updatesready' can be used to check if there are any pending
fetched updates that can be installed.

`freebsd-update showconfig' writes freebsd-update's configuration to
stdout.

This also changes the exit code of `freebsd-update install' to 2 in case
there are no updates pending to be installed and there wasn't a fetch phase
in the same invocation. This allows scripts to tell apart these error
conditions without breaking existing jail managers.

See freebsd-update(8) for details.

PR:		240757, 240177, 229346
Reviewed by:	manpages (bcr), sectam (emaste), yuripv
Differential Revision:	https://reviews.freebsd.org/D21473
2019-09-24 20:49:33 +00:00