patch supplied by Allan Jude <freebsd@allanjude.com>. Add xref to
pam_passwdqc(8), where that testing is now done.
PR: docs/184482
Submitted by: Ryan Gerstenkorn <ryan_gerstenkorn@fastmail.fm>
Reviewed by: jilles, eadler
MFC after: 3 days
insert flow entry. During the route lookup the critical section is
exited. It may happen, that after route lookup we will be executed
on an other CPU that already has such flowentry. Before this change
we simply freed the flowentry and returned to ip_output() with
failure.
Actually there is nothing wrong with using previously allocated
flow entry, updating it properly. Thus, make flowentry_insert()
return the new either old fle, and make use of it.
Count reuses as "collisions" and real inserts as "inserts".
Reviewed by: adrian
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
Some of the collisions that are occuring are due to flowtable lookups
that succeed but have an invalid lle - typically because the L2 adjacency
lookup hasn't completed. This would lead to a follow-up insert which
would then fail (ie, collision) and the code would fall through to doing
a slow-path L2/L3 lookup in the netinet/netinet6 code.
This patch simply aborts storing a new flowtable entry if the lle isn't
yet valid.
Whilst I'm here, add a new pcpu counter for the item so the number of
failures can be tracked separately from generic "collisions."
Reviewed by: glebius
MFC after: 10 days
Sponsored by: Netflix, Inc.
- ip_output() and ip_output6() simply call flowtable_lookup(),
passing mbuf and address family. That's the only code under
#ifdef FLOWTABLE in the protocols code now.
o Revamp statistics gathering and export.
- Remove hand made pcpu stats, and utilize counter(9).
- Snapshot of statistics is available via 'netstat -rs'.
- All sysctls are moved into net.flowtable namespace, since
spreading them over net.inet isn't correct.
o Properly separate at compile time INET and INET6 parts.
o General cleanup.
- Remove chain of multiple flowtables. We simply have one for
IPv4 and one for IPv6.
- Flowtables are allocated in flowtable.c, symbols are static.
- With proper argument to SYSINIT() we no longer need flowtable_ready.
- Hash salt doesn't need to be per-VNET.
- Removed rudimentary debugging, which use quite useless in dtrace era.
The runtime behavior of flowtable shouldn't be changed by this commit.
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
report the actual number of RPCs issued, not the theoretical number
that would be issued if all caching was disabled.
Reviewed by: rmacklem
MFC after: 2 weeks
commit c1acf022c533c5ae27e0cd556977eafe3f5959eb
Author: Brooks Davis <brooks@one-eyed-alien.net>
Date: Fri Jan 17 21:46:44 2014 +0000
Add an option WITHOUT_NCURSESW to suppress building and linking to
libncursesw. While wide character support it useful we'd like to
only need one ncurses library on embedded systems.
MFC after: 4 weeks
Sponsored by: DARPA, AFRL
propagate the buffer size to libc, which uses a 1 kB buffer by default,
negating any hypothetical benefit of increasing fetch(1)'s buffer size.
MFC after: 3 days
This avoids leaving stale entries in utmpx after the connection is closed on
an open login session. It also allows a clean way (SIGTERM) to forcibly
terminate a user's terminal session.
This does not affect the situation for "hung" processes after the connection
is closed. The foreground process group receives SIGHUP and the tty becomes
inaccessible.
Also replace all use of the obsolete signal() function with sigaction() (not
only the part where it is actually required: SIGHUP and SIGTERM must mask
the other as well when caught).
PR: misc/183495
Reviewed by: ed
killall confusing killall -INT with killall -I (interactive
confirmation) which resulted in the wrong signal (TERM)
being delivered to the process(s).
Discussed with: delphij
MFC after: 2 weeks
Do this by generating misc_helpers explicitly, without using the
ATF_TESTS_SH functionality.
While this script is technically an atf-sh test program, it is not intended
to be run as a test and therefore it mustn't end up in the Kyuafile. Using
ATF_TESTS_SH means that misc_helpers ended up registered in the Kyuafile
and then failed to run as a test.
The alternative would be to supply an explicit Kyuafile from this directory
that lists the known test files, but doing it the way described above will
be easier to maintain.
MFC after: 3 days
These files are required to get packages in ports to build against atf and
also to get a couple of currently-failing tests to pass.
I'm following the approach already used by the libusb pkg-config files
installed by the system regarding the location and the install rules.
MFC after: 5 days
fts(3) detects directories even in FTS_NOSTAT mode (so it can descend into
them).
No functional change is intended, but find commands that use -type d but no
primaries that still require stat/lstat calls make considerably fewer system
calls.
* Do not match symlinks that are followed because of -H or -L. This is
explicitly documented in GNU find's info file and is like -type l.
* Fix matching symlinks in subdirectories when fts changes directories.
Also, avoid some readlink() calls on files that are obviously not symlinks
(because of fts(3) restrictions, not all of them).
MFC after: 1 week
The code did not take into account that readlink() does not add a
terminating '\0', and therefore did not work reliably.
As before, symlinks of length PATH_MAX or more are not handled correctly.
(These can only be created on other operating systems.)
PR: bin/185393
Submitted by: Ben Reser (original version)
MFC after: 1 week
clang-specific or gcc-specific flags, introduce the following new
variables for use in Makefiles:
CFLAGS.clang
CFLAGS.gcc
CXXFLAGS.clang
CXXFLAGS.gcc
In bsd.sys.mk, these get appended to the regular CFLAGS or CXXFLAGS for
the right compiler.
MFC after: 1 week
necessary symbols needed per subsystem. Main kvm(3) init is now delayed
as much as possbile. This finally fixes performance issues reported in
kern/167204.
Some non-working code (ng_socket.ko symbol addresses calculation) removed.
Some global variables eliminated.
PR: kern/167204
MFC after: 4 weeks
to casperd, but we cannot access the service we need we exit with an error.
This should not happen and just indicates some configuration error which
should be fixed, so we force the user to do it by failing.
Discussed with: emaste
instead of peeking inside in-kernel radix via kget.
This permits us to change kernel structures without breaking userland.
Additionally, this change provide more reliable and faster output.
`Refs` and `Use` fields available in IPv4 by default (and via -W
for other families) were removed. `Refs` is radix-specific thing
which is not informative for users. `Use` field value is handy sometimes,
but a) current API does not support it and b) I'm not sure we will
support per-rte pcpu counters in near future.
Old method of retrieving data is still supported (either by defining
NewTree=0 or running netstat with -A). However, Refs/Use fields are
hidden.
Sponsored by: Yandex LLC
MFC after: 4 weeks
PR: kern/167204
is given to convert uids and gids to user names and group names even when
running in capability mode sandbox.
While here log on stderr when we successfully enter the sandbox.
Sponsored by: The FreeBSD Foundation
Prior to the addition of cpp support into calendar itself
#include </usr/share/calendar/calendar.all>
was a legal construction in a calendar file.
Permit this again
intentionally undocumented and its only purpose is that
we do not bail out when used as a drop-in replacement of
a different implementation.
PR: docs/184550
MFC after: 2 weeks
set up a pipe and allow a jr user to watch what I'm doing
by running 'script -F pipefile' on it.
While here, spell out the month in the .Dd tag like other
manual pages.
contrib/byacc/makefile.in ("add YYPATCH here so it can be tested by
applications") so that applications have a hope of detecting newer
FreeBSD YACC output from an older one.
Submitted by: Juniper Networks
a very hard time to fully understand) with much more intuitive rights:
CAP_EVENT - when set on descriptor, the descriptor can be monitored
with syscalls like select(2), poll(2), kevent(2).
CAP_KQUEUE_EVENT - When set on a kqueue descriptor, the kevent(2)
syscall can be called on this kqueue to with the eventlist
argument set to non-NULL value; in other words the given
kqueue descriptor can be used to monitor other descriptors.
CAP_KQUEUE_CHANGE - When set on a kqueue descriptor, the kevent(2)
syscall can be called on this kqueue to with the changelist
argument set to non-NULL value; in other words it allows to
modify events monitored with the given kqueue descriptor.
Add alias CAP_KQUEUE, which allows for both CAP_KQUEUE_EVENT and
CAP_KQUEUE_CHANGE.
Add backward compatibility define CAP_POLL_EVENT which is equal to CAP_EVENT.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
'Sponsored by:' in the FreeBSD commit template.
Support for this has already existed ^/head/contrib/subversion
but it was not enabled in usr.bin/svn/svn/Makefile.
To use the pre-populated 'Sponsored by:' entry, set ORGANIZATION
in make.conf(5), for example:
ORGANIZATION= "The FreeBSD Foundation"
Reviewed by: peter
Sponsored by: The FreeBSD Foundation
There is no reason to keep the two knobs separate: if tests are
enabled, the ATF libraries are required; and if tests are disabled,
the ATF libraries are not necessary. Keeping the two just serves
to complicate the build.
Reviewed by: freebsd-testing
Approved by: rpaulo (mentor)
KERN_PROC_PID to obtain the parent process pathname and command, used
to determine the calling shell.
Submitted by: Stefan Neudorf
PR: bin/183484
MFC after: 1 week
Instead, change arguments of internal function digest_update() to accept
signed char arguments.
Remove MAP_FAILED fallback definition and casts of MAP_FAILED.
Thanks to bde@ for looking over this and doing the code analysis.
in order to be consistent with iSCSI terminology. Besides, calling the
option '-h' was just wrong.
This changes usage for newly added iscsictl(8), and two newly added
subcommands to ctladm(8). This breaks POLA between CURRENT and 10,
but since 10.0 has not been released yet, it's still ok to do.
MFC after: 3 days
Discussed with: re (glebius)
Sponsored by: FreeBSD Foundation
user. Kqueue now saves the ucred of the allocating thread, to
correctly decrement the counter on close.
Under some specific and not real-world use scenario for kqueue, it is
possible for the kqueues to consume memory proportional to the square
of the number of the filedescriptors available to the process. Limit
allows administrator to prevent the abuse.
This is kernel-mode side of the change, with the user-mode enabling
commit following.
Reported and tested by: pho
Discussed with: jmg
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
This was not broken on architectures such as ARM where char is unsigned.
Also, remove the first non-portable character from the output. POSIX does
not require this, and printing the first byte may yield an invalid byte
sequence with UTF-8.
PR: bin/165988
Reported by: Nicolas Rachinsky
Things like Makefile.inc1 resort to parsing /usr/include/osreldate.h with
awk because this isn't easily available by other means. The separation
of user and kernel versions is important for jail/chroot environments.
libkvm digging in kernel memory. This is possible since r231506 made
getifaddrs(3) to supply if_data for each ifaddr.
The pros of this change is that now netstat(1) doesn't know about kernel
struct ifnet and struct ifaddr. And these structs are about to change
significantly in head soon. New netstat binary will work well with 10.0
and any future kernel.
The cons is that now it isn't possible to obtain interface statistics
from a vmcore.
Functions intpr() and sidewaysintpr() were rewritten from scratch.
The output of netstat(1) has underwent the following changes:
1) The MTU is not printed for protocol addresses, since it has no notion.
Dash is printed instead. If there would be a strong desire to return
previous output, it is doable.
2) Output interface queue drops are not printed. Currently this data isn't
available to userland via any API. We plan to drop 'struct ifqueue' from
'struct ifnet' very soon, so old kvm(3) access to queue drops is soon
to be broken, too. The plan is that drivers would handle their queues
theirselves and a new field in if_data would be updated in case of drops.
3) In-kernel reference count for multicast addresses isn't printed. I doubt
that anyone used it. Anyway, netstat(1) is sysadmin tool, not kernel
debugger.
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
architectures where they are known not to work. For SVN itself, use
the least common denominator and disable them across the board. This
allows svnlite to build and run on all FreeBSD architectures.
Approved by: re (gjb)
- prince Johan Friso passed away in 2013
- correct status of queen Maxima and crown princess Catharina-Amalia
- language fixes
Approved by: remko (mentor)
Approved by: re (gjb)
MFC after: 3 days
- Ask only once for "Apply anyway". [1]
- Tell user what file have failed patch rather than just how
many hunks failed.
Reported by: jmg via pfg [1]
Tested by: pfg [1]
Approved by: re (gjb)
This connects LLDB to the build, but it is disabled by default. Add
WITH_LLDB= to src.conf to build it.
Note that LLDB requires a C++11 compiler so is disabled on platforms
using GCC.
Approved by: re (gjb)
Sponsored by: DARPA, AFRL
exhausted.
- Add a new protect(1) command that can be used to set or revoke protection
from arbitrary processes. Similar to ktrace it can apply a change to all
existing descendants of a process as well as future descendants.
- Add a new procctl(2) system call that provides a generic interface for
control operations on processes (as opposed to the debugger-specific
operations provided by ptrace(2)). procctl(2) uses a combination of
idtype_t and an id to identify the set of processes on which to operate
similar to wait6().
- Add a PROC_SPROTECT control operation to manage the protection status
of a set of processes. MADV_PROTECT still works for backwards
compatability.
- Add a p_flag2 to struct proc (and a corresponding ki_flag2 to kinfo_proc)
the first bit of which is used to track if P_PROTECT should be inherited
by new child processes.
Reviewed by: kib, jilles (earlier version)
Approved by: re (delphij)
MFC after: 1 month
Otherwise, you would get errors similar to:
$ svn co svn://svn.freebsd.org/base/head test
A test/lib
A test/lib/libutil
svn: E200014: Checksum mismatch for
'/home/dim/test/lib/libutil/kinfo_getproc.3':
expected: 0882097a545210d88edff8f63b328602
actual: b378eb08a0f4d4c97c513c4b17207f59
Approved by: re (gjb, marius)
- Don't treat an options argument of 0 to wait4() as an error in
kdump.
- Decode the wait options passed to wait4() and wait6() in truss
and decode the returned rusage and exit status.
Approved by: re (kib)
MFC after: 1 week
an address in the first 2GB of the process's address space. This flag should
have the same semantics as the same flag on Linux.
To facilitate this, add a new parameter to vm_map_find() that specifies an
optional maximum virtual address. While here, fix several callers of
vm_map_find() to use a VMFS_* constant for the findspace argument instead of
TRUE and FALSE.
Reviewed by: alc
Approved by: re (kib)
in the future in a backward compatible (API and ABI) way.
The cap_rights_t represents capability rights. We used to use one bit to
represent one right, but we are running out of spare bits. Currently the new
structure provides place for 114 rights (so 50 more than the previous
cap_rights_t), but it is possible to grow the structure to hold at least 285
rights, although we can make it even larger if 285 rights won't be enough.
The structure definition looks like this:
struct cap_rights {
uint64_t cr_rights[CAP_RIGHTS_VERSION + 2];
};
The initial CAP_RIGHTS_VERSION is 0.
The top two bits in the first element of the cr_rights[] array contain total
number of elements in the array - 2. This means if those two bits are equal to
0, we have 2 array elements.
The top two bits in all remaining array elements should be 0.
The next five bits in all array elements contain array index. Only one bit is
used and bit position in this five-bits range defines array index. This means
there can be at most five array elements in the future.
To define new right the CAPRIGHT() macro must be used. The macro takes two
arguments - an array index and a bit to set, eg.
#define CAP_PDKILL CAPRIGHT(1, 0x0000000000000800ULL)
We still support aliases that combine few rights, but the rights have to belong
to the same array element, eg:
#define CAP_LOOKUP CAPRIGHT(0, 0x0000000000000400ULL)
#define CAP_FCHMOD CAPRIGHT(0, 0x0000000000002000ULL)
#define CAP_FCHMODAT (CAP_FCHMOD | CAP_LOOKUP)
There is new API to manage the new cap_rights_t structure:
cap_rights_t *cap_rights_init(cap_rights_t *rights, ...);
void cap_rights_set(cap_rights_t *rights, ...);
void cap_rights_clear(cap_rights_t *rights, ...);
bool cap_rights_is_set(const cap_rights_t *rights, ...);
bool cap_rights_is_valid(const cap_rights_t *rights);
void cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src);
void cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src);
bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little);
Capability rights to the cap_rights_init(), cap_rights_set(),
cap_rights_clear() and cap_rights_is_set() functions are provided by
separating them with commas, eg:
cap_rights_t rights;
cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT);
There is no need to terminate the list of rights, as those functions are
actually macros that take care of the termination, eg:
#define cap_rights_set(rights, ...) \
__cap_rights_set((rights), __VA_ARGS__, 0ULL)
void __cap_rights_set(cap_rights_t *rights, ...);
Thanks to using one bit as an array index we can assert in those functions that
there are no two rights belonging to different array elements provided
together. For example this is illegal and will be detected, because CAP_LOOKUP
belongs to element 0 and CAP_PDKILL to element 1:
cap_rights_init(&rights, CAP_LOOKUP | CAP_PDKILL);
Providing several rights that belongs to the same array's element this way is
correct, but is not advised. It should only be used for aliases definition.
This commit also breaks compatibility with some existing Capsicum system calls,
but I see no other way to do that. This should be fine as Capsicum is still
experimental and this change is not going to 9.x.
Sponsored by: The FreeBSD Foundation
As promised, drop the option to make the older GNU patch
the default.
GNU patch is still being built but something drastic may
happen to it to it before Release.
Notable new features:
* Elliptic Curve Digital Signature Algorithm keys and signatures in
DNSSEC are now supported per RFC 6605. [RT #21918]
* Introduces a new tool "dnssec-verify" that validates a signed zone,
checking for the correctness of signatures and NSEC/NSEC3 chains.
[RT #23673]
* BIND now recognizes the TLSA resource record type, created to
support IETF DANE (DNS-based Authentication of Named Entities)
[RT #28989]
* The new "inline-signing" option, in combination with the
"auto-dnssec" option that was introduced in BIND 9.7, allows
named to sign zones completely transparently.
Approved by: delphij (mentor)
MFC after: 3 days
Sponsored by: DK Hostmaster A/S
address alignment of mappings.
- MAP_ALIGNED(n) requests a mapping aligned on a boundary of (1 << n).
Requests for n >= number of bits in a pointer or less than the size of
a page fail with EINVAL. This matches the API provided by NetBSD.
- MAP_ALIGNED_SUPER is a special case of MAP_ALIGNED. It can be used
to optimize the chances of using large pages. By default it will align
the mapping on a large page boundary (the system is free to choose any
large page size to align to that seems best for the mapping request).
However, if the object being mapped is already using large pages, then
it will align the virtual mapping to match the existing large pages in
the object instead.
- Internally, VMFS_ALIGNED_SPACE is now renamed to VMFS_SUPER_SPACE, and
VMFS_ALIGNED_SPACE(n) is repurposed for specifying a specific alignment.
MAP_ALIGNED(n) maps to using VMFS_ALIGNED_SPACE(n), while
MAP_ALIGNED_SUPER maps to VMFS_SUPER_SPACE.
- mmap() of a device object now uses VMFS_OPTIMAL_SPACE rather than
explicitly using VMFS_SUPER_SPACE. All device objects are forced to
use a specific color on creation, so VMFS_OPTIMAL_SPACE is effectively
equivalent.
Reviewed by: alc
MFC after: 1 month
This is the gsoc-2011 project to clean up and backport multibyte support
from other nvi forks in a form we can use.
USE_WIDECHAR is on unless building for the rescue crunchgen. This should
allow editing in the native locale encoding.
USE_ICONV depends on make.conf having 'WITH_ICONV=YES' for now. This
adds the ability to do things like edit a KOI8-R file while having $LANG
set to (say) en_US.UTF-8. iconv is used to transcode the characters for
display.
Other points:
* It uses gencat and catopen/etc instead of homegrown msg catalog stuff.
* A lot of stuff has been trimmed out, eg: the perl and tcl bindings which
we could never use in base anyway.
* It uses ncursesw when in widechar mode. This could be interesting.
GSoC info: http://www.google-melange.com/gsoc/proposal/review/google/gsoc2011/zy/1
Repo at: https://github.com/lichray/nvi2
Obtained from: Zhihao Yuan <lichray@gmail.com>
Formerly, a command like find dir1/dir2 -delete would delete everything
under dir1/dir2 but not dir1/dir2 itself.
When -L is not specified and "." can be opened, the fts(3) code underlying
find(1) is careful to avoid following symlinks or being dropped in different
locations by moving the directory fts is currently traversing. If a
problematic concurrent modification is detected, fts will not enter the
directory or abort. Files found in the search are returned via the current
working directory and a pathname not containing a slash.
For paranoia, find(1) verifies this when -delete is used. However, it is too
paranoid about the root of the traversal. It is already assumed that the
initial pathname does not refer to directories or symlinks that might be
replaced by untrusted users; otherwise, the whole traversal would be unsafe.
Therefore, it is not necessary to do the check for fts_level ==
FTS_ROOTLEVEL.
Deleting the pathnames given as arguments can be prevented without error
messages using -mindepth 1 or by changing directory and passing "." as
argument to find. This works in the old as well as the new version of find.
Tested by: Kurt Lidl
Reviewed by: jhb
components: apr-1.4.6 -> 1.4.8 and apr-util-1.4.1 -> 1.5.2.
This is a post point-zero bug-fix / fix-sharp-edges release, including
some workarounds for UTF-8 for people who haven't yet turned on WITH_ICONV.
The BSD-licensed patch(1) command has matured and it's behaviour
can be considered equivalent to the older version of GNU patch
in the tree.
The switch has been extensively tested [1] and only two ports
presented regressions, which have since been fixed.
For convenience a new WITH_GNU_PATCH option is available,
but it will likely be removed in the near future.
PR: 176313
Approved by: portmgr
structure is used, but they already have equal fields in the struct
newipsecstat, that was introduced with FAST_IPSEC and then was merged
together with old ipsecstat structure.
This fixes kernel stack overflow on some architectures after migration
ipsecstat to PCPU counters.
Reported by: Taku YAMAMOTO, Maciej Milewski
Properly handle input lines containing NUL characters such that pgets()
accurately fills the read buffer.
Callers of pgets() still mis-process the buffer contents if the read line
contains NUL characters, but this at least makes pgets() accurate.
Make it so that 'patch < FUBAR' and 'patch -i FUBAR' operate the same.
The former makes a copy of stdin, but was not accurately putting the
content of stdin into a temp file. This lead to the undercounting
the number of lines in hunks containing NUL characters when reading
from stdin. Thus resulting in "unexpected end of file in patch" errors.
- Reconnect with some minor modifications, in particular now selsocket()
internals are adapted to use sbintime units after recent'ish calloutng
switch.
In BSD, fgetln() available in libc but in Illumos the Solaris port had to
include it internally. It also seems to have caused problems [1].
Aid portability by using getline() instead.
Reference:
https://www.illumos.org/issues/3820 [1]
Submitted by: Johann 'Myrkraverk' Oskarsson <johann@myrkraverk.com>
Reviewed by: dds
MFC after: 2 weeks