786 Commits

Author SHA1 Message Date
obrien
b450ec770a The PADLOCK_RNG and RDRAND_RNG kernel options are now devices.
Thus "device padlock_rng" and "device rdrand_rng" should be
used instead of "options PADLOCK_RNG" & "options RDRAND_RNG".

Requested by:	so@ (des)
Submitted by:	obrien, arthurmesh@gmail.com
Obtained from:	Juniper Networks
2013-08-21 22:43:29 +00:00
peter
9b26a41643 Add a note that if you were WITH_ICONV before, you should turn on
WITH_LIBICONV_COMPAT.
2013-08-13 07:31:27 +00:00
peter
995e1f0063 The iconv in libc did two things - implement the standard APIs, the GNU
extensions and also tried to be link time compatible with ports libiconv.
This splits that functionality and enables the parts that shouldn't
interfere with the port by default.

WITH_ICONV (now on by default) - adds iconv.h, iconv_open(3) etc.
WITH_LIBICONV_COMPAT (off by default) adds the libiconv_open etc API, linker
symbols and even a stub libiconv.so.3 that are good enough to be able
to 'pkg delete -f libiconv' on a running system and reasonably expect it
to work.

I have tortured many machines over the last few days to try and reduce
the possibilities of foot-shooting as much as I can.  I've successfully
recompiled to enable and disable the libiconv_compat modes, ports that use
libiconv alongside system iconv etc.  If you don't enable the
WITH_LIBICONV_COMPAT switch, they don't share symbol space.

This is an extension of behavior on other system.  iconv(3) is a standard
libc interface and libiconv port expects to be able to run alongside it on
systems that have it.

Bumped osreldate.
2013-08-13 07:15:01 +00:00
avg
a07c9d34c3 opensolaris code: translate INVARIANTS to DEBUG and ZFS_DEBUG
Do this by forcing inclusion of
sys/cddl/compat/opensolaris/sys/debug_compat.h
via -include option into all source files from OpenSolaris.
Note that this -include option must always be after -include opt_global.h.

Additionally, remove forced definition of DEBUG for some modules and fix
their build without DEBUG.

Also, meaning of DEBUG was overloaded to enable WITNESS support for some
OpenSolaris (primarily ZFS) locks.  Now this overloading is removed and
that use of DEBUG is replaced with a new option OPENSOLARIS_WITNESS.

MFC after:	17 days
2013-08-06 15:51:56 +00:00
hrs
6d5d461dc1 Document IPv6 timer value change in r253970. 2013-08-05 20:30:15 +00:00
jilles
713e53c6b9 find: Allow -delete to delete files given as arguments.
Formerly, a command like find dir1/dir2 -delete would delete everything
under dir1/dir2 but not dir1/dir2 itself.

When -L is not specified and "." can be opened, the fts(3) code underlying
find(1) is careful to avoid following symlinks or being dropped in different
locations by moving the directory fts is currently traversing. If a
problematic concurrent modification is detected, fts will not enter the
directory or abort. Files found in the search are returned via the current
working directory and a pathname not containing a slash.

For paranoia, find(1) verifies this when -delete is used. However, it is too
paranoid about the root of the traversal. It is already assumed that the
initial pathname does not refer to directories or symlinks that might be
replaced by untrusted users; otherwise, the whole traversal would be unsafe.
Therefore, it is not necessary to do the check for fts_level ==
FTS_ROOTLEVEL.

Deleting the pathnames given as arguments can be prevented without error
messages using -mindepth 1 or by changing directory and passing "." as
argument to find. This works in the old as well as the new version of find.

Tested by:	Kurt Lidl
Reviewed by:	jhb
2013-08-02 14:14:23 +00:00
obrien
7999076e3e Back out r253779 & r253786. 2013-07-31 17:21:18 +00:00
obrien
721ce839c7 Decouple yarrow from random(4) device.
* Make Yarrow an optional kernel component -- enabled by "YARROW_RNG" option.
  The files sha2.c, hash.c, randomdev_soft.c and yarrow.c comprise yarrow.

* random(4) device doesn't really depend on rijndael-*.  Yarrow, however, does.

* Add random_adaptors.[ch] which is basically a store of random_adaptor's.
  random_adaptor is basically an adapter that plugs in to random(4).
  random_adaptor can only be plugged in to random(4) very early in bootup.
  Unplugging random_adaptor from random(4) is not supported, and is probably a
  bad idea anyway, due to potential loss of entropy pools.
  We currently have 3 random_adaptors:
  + yarrow
  + rdrand (ivy.c)
  + nehemeiah

* Remove platform dependent logic from probe.c, and move it into
  corresponding registration routines of each random_adaptor provider.
  probe.c doesn't do anything other than picking a specific random_adaptor
  from a list of registered ones.

* If the kernel doesn't have any random_adaptor adapters present then the
  creation of /dev/random is postponed until next random_adaptor is kldload'ed.

* Fix randomdev_soft.c to refer to its own random_adaptor, instead of a
  system wide one.

Submitted by: arthurmesh@gmail.com, obrien
Obtained from: Juniper Networks
Reviewed by: obrien
2013-07-29 20:26:27 +00:00
avg
28a30460d2 fix UPDATING entry in r253677
MFC after:	3 weeks
X-MFC with:	r253677
2013-07-26 14:43:38 +00:00
avg
4b4c561bbf make path matching in devfs rules consistent and sane (and safer)
Before this change path matching had the following features:
- for device nodes the patterns were matched against full path
- in the above case '/' in a path could be matched by a wildcard
- for directories and links only the last component was matched

So, for example, a pattern like 're*' could match the following entries:
- re0 device
- responder/u0 device
- zvol/recpool directory

Although it was possible to work around this behavior (once it was spotted
and understood), it was very confusing and contrary to documentation.

Now we always match a full path for all types of devfs entries (devices,
directories, links) and a '/' has to be matched explicitly.
This behavior follows the shell globbing rules.

This change is originally developed by Jaakko Heinonen.
Many thanks!

PR:		kern/122838
Submitted by:	jh
MFC after:	4 weeks
2013-07-26 14:25:58 +00:00
andrew
073bcf595a 2 years, 10 months, 22 days after the projects/arm_eabi branch was created
make the ARM EABI the default ABI on arm, armeb, armv6 and armv6eb.

This is intended to be the default ABI from now on with the old ABI to be
retired. Because of this all users are strongly suggested to upgrade to the
ARM EABI.

As the two ABIs are incompatible it is unlikely upgrading in place will
work. Users should perform a full backup and either use an external machine
to upgrade, or install to an alternative location on their media. They
should also reinstall all ports or packages when these are available.

The only known issues are:
 - pkg incorrectly detects the ABI. This is fixed upstream, and will a
   patch will be made to the port.
 - GDB can have issues with executables built with clang.

__FreeBSD_version has been bumped.
2013-07-16 19:15:19 +00:00
rpaulo
3f85c7a457 Fix a grammatical error. 2013-07-14 20:22:16 +00:00
bapt
3ea3f0e782 Disable building of pkg_install by default
If people still want to have pkg_install they can specify WITH_PKGTOOLS when building world
2013-07-12 23:11:17 +00:00
ae
2d294b765d Bump __FreeBSD_version to reflect changes in statistics structures. 2013-07-09 10:20:27 +00:00
sjg
6759835495 Use && rather than ; when success of previous job matters. 2013-06-30 15:00:07 +00:00
des
f5b61fedc2 Fix a bug that allowed a tracing process (e.g. gdb) to write
to a memory-mapped file in the traced process's address space
even if neither the traced process nor the tracing process had
write access to that file.

Security:	CVE-2013-2171
Security:	FreeBSD-SA-13:06.mmap
Approved by:	so
2013-06-18 07:02:35 +00:00
eadler
bf7c0f2705 Remove CVS from the base system.
Discussed with:	many
Reviewed by:	peter, zi
Approved by:	core
2013-06-15 20:29:07 +00:00
sjg
56067c0e56 Explain remedy for -J error from old make 2013-06-13 18:39:17 +00:00
sjg
8af9405ac4 Mention the switch to bmake by default.
Reviewed by:	obrien
2013-05-21 18:38:09 +00:00
eadler
84205c5d06 Fix typo in UPDATING
Submitted by:	Rainer Hurling <rhurlin@gwdg.de>
2013-05-12 16:07:23 +00:00
imp
3b9d69d79e Add a historic footnote. 2013-05-01 07:13:36 +00:00
brooks
e4064f5b4b Add some advice to get past the hurdle of install -l for the common, but
non-default (and unsupportable) case of setting INSTALL="install -C" in
/etc/make.conf or /etc/src.conf.
2013-04-30 20:53:28 +00:00
des
00848b4635 Forgot to update UPDATING in head last night. 2013-04-30 15:38:31 +00:00
eadler
37a04454fe Remove IDEA from OptionalObsoleteFiles.inc
Also add an UPDATING entry (requsted by gjb)
2013-04-27 00:03:07 +00:00
smh
61d529d085 Changed ZFS TRIM sysctl from vfs.zfs.trim_disable -> vfs.zfs.trim.enabled
Enabled ZFS TRIM by default

Reviewed by:	pjd (mentor)
Approved by:	pjd (mentor)
MFC after:	2 weeks
2013-04-26 11:24:20 +00:00
brooks
53230ee95f Use the system MAKEOBJDIRPREFIX when running make targets in
mergemaster.  This allows bootstrap verions of tools to be used.

Add a note to UPDATING about this change.

Discussed with:	jhb
Sponsored by:	DARPA, AFRL
MFC after:	5 days
2013-04-25 21:19:50 +00:00
imp
9b6d25dacd Fix typos in my last commit.
Submitted by:	Niclas Zeising and Benjamin Kaduk
2013-04-21 17:23:27 +00:00
imp
395db9f048 Add more details about updating across the clang divide.
Add hints about having a root shell around on live updates.
Couple of additional nits.
2013-04-20 23:33:51 +00:00
imp
84eea68afc Add note about fagility of the clang upgrade process. 2013-04-20 01:12:23 +00:00
jilles
99a4c33f11 Add warning about SOCK_CLOEXEC and SOCK_NONBLOCK (r248534).
Reviewed by:	rpaulo
2013-04-06 22:28:19 +00:00
mav
877e10369c Document legacy ATA stack removal. 2013-04-06 13:47:44 +00:00
marius
5f30e9f144 Merge r247814 from x86 modulo whitespace bug:
Turn on the CTL disable tunable by default.

This will allow GENERIC configurations to boot on small memory boxes, but
not require end users who want to use CTL to recompile their kernel.  They
can simply set kern.cam.ctl.disable=0 in loader.conf.
2013-03-08 13:11:45 +00:00
davide
bfc7c5f119 - Bump __FreeBSD_version after recent callout(9) changes.
- Add an entry in UPDATING to notice users about breakages.
2013-03-04 22:41:49 +00:00
ken
d11db422c6 Re-enable CTL in GENERIC on i386 and amd64, but turn on the CTL disable
tunable by default.

This will allow GENERIC configurations to boot on small memory boxes, but
not require end users who want to use CTL to recompile their kernel.  They
can simply set kern.cam.ctl.disable=0 in loader.conf.

The eventual solution to the memory usage problem is to change the way
CTL allocates memory to be more configurable, but this should fix things
for small memory situations in the mean time.

UPDATING:		Explain the change in the CTL configuration, and
			how users can enable CTL if they would like to use
			it.

sys/conf/options:	Add a new option, CTL_DISABLE, that prevents CTL
			from initializing.

ctl.c:			If CTL_DISABLE is turned on, don't initialize.

i386/conf/GENERIC,
amd64/conf/GENERIC:	Re-enable device ctl, and add the CTL_DISABLE
			option.
2013-03-04 21:18:45 +00:00
adrian
f77596bc52 Disable the ctl driver in GENERIC.
It unfortunately steals a fair chunk of RAM at startup even if it's not
actively used, which prevents FreeBSD VMs of 128MB from successfully
booting and running.
2013-03-02 08:12:41 +00:00
gjb
b54216a509 Minor wordsmithing.
X-MFC-Needs:	r245617
2013-02-28 23:45:41 +00:00
delphij
84daad704b Add a reminder that the user should update boot block if they are upgrading
their existing system and use LZ4 compression for ZFS.

Suggested by:	mm
MFC after:	3 days
2013-02-27 21:58:06 +00:00
gabor
fc7f8b7f99 - Fix typo
Submitted by:	jkim
2013-01-30 10:23:38 +00:00
gabor
d992e3eb2a - Add a BSD-licensed patch, ported by Pedro F. Giffuni (pfg) from
DragonflyBSD and install it as bsdpatch.  WITH_BSD_PATCH makes it
  default and installs GNU patch as gnupatch.

Submitted by:	pfg
Obtained from:	The DragonflyBSD Project
2013-01-29 17:03:18 +00:00
brooks
3a6566041c Introduce six new options from NetBSD:
* -M <metalog>   Log metadata in mtree format.
 * -D <destdir>   Log paths relative to <destdir>.
 * -h <hash>      Log digest of type <hash>.
 * -T <tags>      Specify which mtree tags to log.
 * -l <linkflag>  Create hard or symbolic links (allows logging).
 * -U             Install without root privileges (owner, group, mode,
                  and flags can be logged via -M

NOTE: In the interest of compatibility with NetBSD and because it is the
obvious letter, the nearly useless -M option (disable mmap) has been
repurposed.

Sponsored by:	DARPA, AFRL
Obtained from:	NetBSD
Reviewed by:	bz
2013-01-18 20:57:50 +00:00
avg
babb1e87f1 UPDATING: add a note about the clang+zfs+i386 stack overflow issue 2012-12-23 13:04:04 +00:00
jh
93c8ab3bc4 Mangle label names containing spaces, non-printable characters '%' or
'"'.  Mangling is only done for label names read from file system
metadata. Encoding resembles URL encoding. For example, the space
character becomes %20.

Help by:	kib
Discussed with:	imp, kib, pjd
2012-12-22 13:43:12 +00:00
pjd
cbf6823f9a Use new savecore(8) option and limit number of kernel dumps that will
be kept around to the 10 most recent ones.

Add UPDATING entry with info how to return to the previous behaviour (no
limits).

Obtained from:	WHEEL Systems
2012-12-16 23:29:56 +00:00
rwatson
932796d554 Specifically point at the Handbook instructions for world updates in
UPDATING by URL.

As there has been some confusion over the need to run "mergemaster -p",
part of our standard upgrade procedure, following the recent addition of
an "auditdistd" user, add a note about it to UPDATING explicitly.
2012-12-02 22:09:16 +00:00
hrs
b4dab2192a Document sin6_scope_id handling change and bump FreeBSD_version to 1000025. 2012-11-23 12:12:06 +00:00
brooks
07e3d575da Fix a minor error in the clang update note.
Reported by:	emaste
2012-11-05 19:20:18 +00:00
brooks
78e7d864ca After years of hard work by many FreeBSD and LLVM developers, make
clang the default compiler on i386 and amd64 systems.

Special thanks to:	dim, ed, rdivacky
2012-11-05 19:08:18 +00:00
ae
4354018055 Remove the recently added sysctl variable net.pfil.forward.
Instead, add protocol specific mbuf flags M_IP_NEXTHOP and
M_IP6_NEXTHOP. Use them to indicate that the mbuf's chain
contains the PACKET_TAG_IPFORWARD tag. And do a tag lookup
only when this flag is set.

Suggested by:	andre
2012-11-02 01:20:55 +00:00
gavin
52d935297f Genericise the (out of date) instructions from moving from stable to
current.

MFC after:	3 days
2012-10-31 13:52:03 +00:00
ae
865c796663 Note the removal of the IPFIREWALL_FORWARD kernel option. 2012-10-25 10:35:08 +00:00