Commit Graph

8976 Commits

Author SHA1 Message Date
Kristof Provost
4c8fb952b5 pfctl: Fix ifa_grouplookup()
Setting the length of the request got lost in r343287, which means SIOCGIFGMEMB
gives us the required length, but does not copy the names of the group members.
As a result we don't get a correct list of group members, and 'set skip on
<ifgroup>' broke.

This produced all sorts of very unexpected results, because we would end up
applying 'set skip' to unexpected interfaces.

X-MFC-with:	r343287
2019-02-10 21:22:55 +00:00
Guangyuan Yang
c68d0f8b3d Remove -R option which was added to sysctl(8) man page per r244106, but it is not implemented.
MFC after:	3 days
Submitted by:	Alfonso Siciliano <alfix86@gmail.com>
Reviewed by:	0mp, imp
Differential Revision: 	https://reviews.freebsd.org/D19012
2019-02-09 04:36:02 +00:00
Jilles Tjoelker
3b08e0fcf3 dhclient: Return non-zero status when script exits due to a signal
r343896 made it such that a non-zero exit status was passed through, but was
still wrong if the script exits on a signal. POSIX does not say what the
WEXITSTATUS macro returns in this case and in practice 0 is a common value.

Instead, translate the wait status into 8 bits the same way as the shell
calculates $?.

Reviewed by:	kib, Nash Kaminski
MFC after:	1 week
2019-02-08 23:03:28 +00:00
Konstantin Belousov
95f237c2f6 Correctly return exit status from the exited process.
This is also OpenBSD rev. 1.117, as pointed out by
Ryan Moeller <ryan@ixsystems.com>.

Submitted by:	Nash Kaminski <nashkaminski@gmail.com>
MFC after:	1 week
2019-02-08 07:36:08 +00:00
Bryan Drewery
10e3bebf9e Fix build of r343877
MFC after:	2 weeks
X-MFC-with:	r343877
Pointyhat to:	bdrewery
2019-02-07 21:41:27 +00:00
Bryan Drewery
2b3d664738 ipfw table list: Fix showing header outside of 'all'.
Properly pass down is_all to table_show_list().  This restores the behavior
before r272840 so that only 'ipfw table all list' shows the headers.

MFC after:	2 weeks
Relnotes:	yes
2019-02-07 21:05:44 +00:00
Andriy Voskoboinyk
ec835c9dec recoverdisk(1): fclose() file supplied via '-r readlist' parameter when
it's no longer needed

PR:		204952
Reported by:	David Binderman <dcb314@hotmail.com>
MFC after:	5 days
2019-02-07 14:40:28 +00:00
Warner Losh
52467047aa Regularize the Netflix copyright
Use recent best practices for Copyright form at the top of
the license:
1. Remove all the All Rights Reserved clauses on our stuff. Where we
   piggybacked others, use a separate line to make things clear.
2. Use "Netflix, Inc." everywhere.
3. Use a single line for the copyright for grep friendliness.
4. Use date ranges in all places for our stuff.

Approved by: Netflix Legal (who gave me the form), adrian@ (pmc files)
2019-02-04 21:28:25 +00:00
Andriy Voskoboinyk
b90dad3524 ifconfig(8): actually, non-11n rates should be divided by 2...
MFC after:	1 week
MFC with:	343698
2019-02-03 04:41:00 +00:00
Andriy Voskoboinyk
35a5128d50 ifconfig(8): display management / multicast wlan(4) rates properly
For 11n / 11ac we are still using non-11n rates for management and
multicast traffic by default; check 'MCS rate' bit to determine how
to print them correctly.

PR:		161035
MFC after:	1 week
2019-02-03 03:02:59 +00:00
Andriy Voskoboinyk
22cde055c2 ifconfig(8): interpret VHT rates correctly for 'list roam / txparam' options
They are represented via MCS rate index, not as a 'speed in MBps' * 2.

MFC after:	5 days
2019-02-03 00:18:29 +00:00
Gleb Smirnoff
2e15db7bcd Hopefully fix compilation by other compilers. 2019-02-01 00:34:18 +00:00
Gleb Smirnoff
b252313f0b New pfil(9) KPI together with newborn pfil API and control utility.
The KPI have been reviewed and cleansed of features that were planned
back 20 years ago and never implemented.  The pfil(9) internals have
been made opaque to protocols with only returned types and function
declarations exposed. The KPI is made more strict, but at the same time
more extensible, as kernel uses same command structures that userland
ioctl uses.

In nutshell [KA]PI is about declaring filtering points, declaring
filters and linking and unlinking them together.

New [KA]PI makes it possible to reconfigure pfil(9) configuration:
change order of hooks, rehook filter from one filtering point to a
different one, disconnect a hook on output leaving it on input only,
prepend/append a filter to existing list of filters.

Now it possible for a single packet filter to provide multiple rulesets
that may be linked to different points. Think of per-interface ACLs in
Cisco or Juniper. None of existing packet filters yet support that,
however limited usage is already possible, e.g. default ruleset can
be moved to single interface, as soon as interface would pride their
filtering points.

Another future feature is possiblity to create pfil heads, that provide
not an mbuf pointer but just a memory pointer with length. That would
allow filtering at very early stages of a packet lifecycle, e.g. when
packet has just been received by a NIC and no mbuf was yet allocated.

Differential Revision:	https://reviews.freebsd.org/D18951
2019-01-31 23:01:03 +00:00
Dmitry Morozovsky
1165591e7f Allow dashes as a valid character in UFS labels.
Reviewed by:	mckusick, imp, 0mp
MFC after:	2 weeks
Differential Revision:	D18991
2019-01-29 10:21:41 +00:00
Kyle Evans
bf05ccc397 bectl(8) test: Force destroy the zpool in cleanup
This is a wild guess as to why bectl tests failed once upon a time in CI,
given no apparent way to see a transcript of cleanup routines with Kyua. The
bectl tests construct a new, clean zpool for every test. The failure
indicated was because of a mount that was leftover from a previous test, but
the previous test had succeeded so it's not clear how the mount remained
leftover unless the `zpool get health ${pool}` had somehow failed.

MFC after:	1 week
2019-01-29 04:08:49 +00:00
Patrick Kelsey
80e72d5216 Speed up non-status operations applied to a single interface
When performing a non-status operation on a single interface, it is
not necessary for ifconfig to build a list of all addresses in the
system, sort them, then iterate through them looking for the entry for
the single interface of interest. Doing so becomes increasingly
expensive as the number of interfaces in the system grows (e.g., in a
system with 1000+ vlan(4) interfaces).

Reviewed by:	ae, kp
MFC after:	1 week
Sponsored by:	RG Nets
Differential Revision:	https://reviews.freebsd.org/D18919
2019-01-28 20:30:04 +00:00
Alan Somers
fbf997c5eb ifconfig: fix endianness bug displaying pfsync interfaces
Reviewed by:	kp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D19005
2019-01-28 18:34:04 +00:00
Kristof Provost
542feeff96 pfctl: Point users to net.pf.request_maxcount if large requests are rejected
The kernel will reject very large tables to avoid resource exhaustion
attacks. Some users run into this limit with legitimate table
configurations.

The error message in this case was not very clear:

    pf.conf:1: cannot define table nets: Invalid argument
    pfctl: Syntax error in config file: pf rules not loaded

If a table definition fails we now check the request_maxcount sysctl,
and if we've tried to create more than that point the user at
net.pf.request_maxcount:

    pf.conf:1: cannot define table nets: too many elements.
    Consider increasing net.pf.request_maxcount.
    pfctl: Syntax error in config file: pf rules not loaded

PR:		235076
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D18909
2019-01-28 08:36:10 +00:00
Andriy Voskoboinyk
bbf61f79ce devd.conf(5): simplify regex
Submitted by:	Helge Oldach <freebsd@oldach.net>
MFC after:	5 days
2019-01-27 15:29:58 +00:00
Kirk McKusick
cd29c58eae Update tunefs and newfs error messages for the -L (volume label) option
to note that underscores are valid.

PR:           235182
Reported by:  Rodney W. Grimes (rgrimes@)
Sponsored by: Netflix
2019-01-26 22:27:12 +00:00
Kirk McKusick
0cde0ab2d3 Allow tunefs to include '_' as a legal character in label names
to make it consistent with newfs. Document the legality of '_'
in label names in both tunefs(8) and newfs(8).

PR:           235182
Submitted by: darius@dons.net.au
Reviewed by:  Conrad Meyer
MFC after:    3 days
Sponsored by: Netflix
2019-01-25 20:07:18 +00:00
Andriy Voskoboinyk
938ed5dad6 ifconfig: drop unused macros from ifieee80211.c
MFC after:	5 days
2019-01-23 13:07:05 +00:00
Patrick Kelsey
0e4ef871dc Remove unused function gsc_destroy()
gsc_destroy() is no longer needed as of r343287.

MFC after:	1 week
2019-01-22 02:53:59 +00:00
Patrick Kelsey
1d34c9dac8 Reduce pf.conf parsing cost for configs that define N queues from O(N^2) to O(N)
The number of syscalls made during parsing of any config that
defines tables is also reduced, and incorrect warnings that HFSC
parent queue bandwidths were smaller than the sum of their child
bandwidths have been fixed.

Reviewed by:	kp
MFC after:	1 week
Sponsored by:	RG Nets
Differential Revision:	https://reviews.freebsd.org/D18759
2019-01-22 00:50:24 +00:00
Andriy Voskoboinyk
51a3cc6ca4 Fix duplicate wpa_supplicant(8) / hostapd(8) startup with devd(8)
Do not invoke 'wlan_up' function from devd(8) on interface
creation event (an example to create such event:
'ifconfig wlan0 create wlandev rtwn0');
they're typically produced during 'service netif (re)start'
and result in duplicate interface initialization.

From the user side if WPA option is used, this result in messages like:
- /etc/rc.d/wpa_supplicant: WARNING: failed to start wpa_supplicant
or
- wpa_supplicant already running?  (pid=xxxx).
(for HOSTAP interfaces this race may result in startup failure).

As a side effect, wpa_supplicant(8) / hostapd(8) will not be
invoked when new wlan(4) interface is created manually and
corresponding configuration for it is present in rc.conf(5).

This change does not affect device attach / removal events.

MFC after:	5 days
2019-01-21 04:50:56 +00:00
Andriy Voskoboinyk
271b714d95 devd.conf(5): add otus(4) into wifi-driver-regex
MFC after:	5 days
2019-01-21 03:38:37 +00:00
Oleksandr Tymoshenko
f280f93df7 [ifconfig] Print more WPS attributes in verbose "list scan" output
- Move WPS related defines to dedicated file
- Add handlers for more WPS attributes

PR:		217317
Submitted by:	J.R. Oldroyd <fbsd@opal.com>
MFC after:	3 weeks
2019-01-20 00:45:44 +00:00
Kristof Provost
b1f3ab0051 pfctl: Fix 'set skip' handling for groups
When we skip on a group the kernel will automatically skip on the member
interfaces. We still need to update our own cache though, or we risk
overruling the kernel afterwards.

This manifested as 'set skip' working initially, then not working when
the rules were reloaded.

PR:		229241
MFC after:	1 week
2019-01-13 05:30:26 +00:00
Kyle Evans
0a603a6ece libbe(3): Change be_mount to mount/unmount child datasets
This set of changes is geared towards making bectl respect deep boot
environments when they exist and are mounted. The deep BE composition
functionality (`bectl add`) remains disabled for the time being. This set of
changes has no effect for the average user. but allows deep BE users to
upgrade properly with their current setup.

libbe(3): Open the target boot environment and get a zfs handle, then pass
that with the target mountpoint to be_mount_iter; If the BE_MNT_DEEP flag is
set call zfs_iter_filesystems and mount the child datasets.

Similar logic is employed when unmounting the datasets, save for children
are unmounted first.

bectl(8): Change bectl_cmd_jail to pass the BE_MNT_DEEP flag when
calling be_mount as well as call be_unmount when cleaning up after the
jail has exited instead of umount(2) directly.

PR:		234795
Submitted by:	Wes Maag <jwmaag_gmail.com> (test additions by kevans)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D18796
2019-01-10 03:27:20 +00:00
Enji Cooper
8b5fede0ac route(8): clarify -prefixlen description
Try to reword -prefixlen section to more clearly and accurately describe how
the -prefixlen modifier works.

While here, fix a word that igor considered a typo: aggregatable addresses is a
valid technical term per RFC-2374, however, it was superseded by the term
"aggregator" in RFC-3587.

MFC after:	1 week
Reviewed by:	0mp, crees
Approved by:	emaste (mentor)
Differential Revision:	https://reviews.freebsd.org/D10087
2019-01-10 00:10:12 +00:00
Mark Johnston
04e9edb544 Capsicumize rtsol(8) and rtsold(8).
These programs parse ND6 Router Advertisement messages; rtsold(8) has
required an SA, SA-14:20.rtsold, for a bug in this code.  Thus, they
are good candidates for sandboxing.

The approach taken is to run the main executable in capability mode
and use Casper services to provide functionality that cannot be
implemented within the sandbox.  In particular, several custom services
were required.

- A Casper service is used to send Router Solicitation messages on a
  raw ICMP6 socket.  Initially I took the approach of creating a
  socket for each interface upon startup, and connect(2)ing it to
  the all-routers multicast group for the interface.  This permits
  the use of sendmsg(2) in capability mode, but only works if the
  interface's link is up when rtsol(d) starts.  So, instead, the
  rtsold.sendmsg service is used to transmit RS messages on behalf
  of the main process.  One could alternately define a service
  which simply creates and connects a socket for each destination
  address, and returns the socket to the sandboxed process.  However,
  to implement rtsold's -m option we also need to read the ND6 default
  router list, and this cannot be done in capability mode.
- rtsold may execute resolvconf(8) in response to RDNSS and DNSSL
  options in received RA messages.  A Casper service is used to
  fork and exec resolvconf(8), and to reap the child process.
- A service is used to determine whether a given interface's
  link-local address is useable (i.e., not duplicated or undergoing
  DAD).  This information is supplied by getifaddrs(3), which reads
  a sysctl not available in capability mode.  The SIOCGIFCONF socket
  ioctl provides equivalent information and can be used in capability
  mode, but I decided against it for now because of some limitations
  of that interface.

In addition to these new services, cap_syslog(3) is used to send
messages to syslogd.

Reviewed by:	oshogbo
Tested by:	bz (previous versions)
MFC after:	2 months
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17572
2019-01-05 16:05:39 +00:00
Mark Johnston
0fadd6731f Disable savecore(8)'s libcasper support when WITHOUT_DYNAMICROOT=yes.
This follows the example of other Capsicumized programs in /sbin.

Reported by:	Manfred Antar <manfredantar@gmail.com>
MFC with:	r342699
Sponsored by:	The FreeBSD Foundation
2019-01-04 19:20:19 +00:00
Mark Johnston
2e4c75c15e Fix an error check after r342699.
Reported by:	gcc
MFC with:	r342699
Sponsored by:	The FreeBSD Foundation
2019-01-02 17:34:25 +00:00
Mark Johnston
d7fffd0689 Capsicumize savecore(8).
- Use cap_fileargs(3) to open dump devices after entering capability
  mode, and use cap_syslog(3) to log messages.
- Use a relative directory fd to open output files.
- Use zdopen(3) to compress kernel dumps in capability mode.

Reviewed by:	cem, oshogbo
MFC after:	2 months
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D18458
2019-01-02 17:09:35 +00:00
Kyle Evans
7ce09314b2 bectl: use jail id as the default jail name for a boot environment
By default, bectl is setting the jail 'name' parameter to the boot
environment name, which causes an error when the boot environment name is
not a valid jail name. With the attached fix, when no name is supplied, the
default jail name will be the jail id - this is is the same behavior as the
jail command.

Additionally, this commit addresses two other bugs that prevented unjailing
in scenarios where the jail name does not match the boot environment name:

1. In 'bectl_locate_jail', 'mountpoint' is used to resolve the boot
  environment path, but really 'mounted' should be used. 'mountpoint' is the
  path where the zfs dataset will be mounted. 'mounted' is the path where
  the dataset is actually mounted.

2. in 'bectl_search_jail_paths', 'jail_getv' would fail after the first
  call. Which is fine, if the boot environment you're unjailing is the next
  one up. According to 'man jail_getv', it's expecting name and value
  strings. 'jail_getv' is being passed an integer for the lastjid, so amend
  that to use a string instead.

Test cases have been amended to reflect the bugs found.

PR:		233637
Submitted by:	Rob <rob.fx907_gmail.com>
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D18607
2018-12-25 15:18:41 +00:00
Eugene Grosbein
8ebaf58450 ifconfig.4, lagg.4: fix documentation bug: -use_flowid needs to be used
to force local hash computation and disable usage of RSS hash
provided by driver.

PR:		234242
MFC after:	1 week
2018-12-22 11:38:54 +00:00
Warner Losh
9d0e9f8ef5 Try the first 256 units with nvmecontrol devlist.
The nvmecontrol code that did the devlist assumed that we had a
tightly-packed allocation of units. Since pci writing exists, this
isn't the case. Loop over the first 256 units, which is a reasonable
number of possible units.

Sponsored by: Netflix
2018-12-21 23:22:37 +00:00
Andrey V. Elsukov
a5178bca19 Allow use underscores and dots in service names without escaping.
PR:		234237
MFC after:	1 week
2018-12-21 10:41:45 +00:00
Bruce Evans
9e5ed8593f Use VOP_ADVISE() with POSIX_FADV_DONTNEED instead of IO_DIRECT to
implement not double-caching for reads from vnode-backed md devices.
Use VOP_ADVISE() similarly instead of !IO_DIRECT unsimilarly for writes.
Add a "cache" option to mdconfig to allow changing the default of not
caching.

This depends on a recent commit to fix VOP_ADVISE().  A previous version
had optimizations for sequential i/o's (merge the i/o's and only uncache
for discontiguous i/o's and for full blocks), but optimizations and
knowledge of block boundaries belong in VOP_ADVISE().  Read-ahead should
also be handled better, by supporting it in md and discarding it in
VOP_ADVISE().

POSIX_FADV_DONTNEED is ignored by zfs, but so is IO_DIRECT.

POSIX_FADV_DONTNEED works better than IO_DIRECT if it is not ignored,
since it only discards from the buffer cache immediately, while
IO_DIRECT also discards from the page cache immediately.

IO_DIRECT was not used for writes since it was claimed to be too slow,
but most of the slowness for writes is from doing them synchronously by
default.  Non-synchronous writes still deadlock in many cases.

IO_DIRECT only has a special implementation for ffs reads with DIRECTIO
configured.  Otherwise, if it is not ignored than it uses the buffer and
page caches normally except for discarding everything after each i/o,
and then it has much the same overheads as POSIX_FADV_DONTNEED.  The
overheads for reading with ffs and DIRECTIO were similar in tests of md.

Reviewed by:	kib
2018-12-21 08:15:31 +00:00
Bruce Evans
e6f6d8853c Fix missing (sub)options in usage message to prepare for adding a new one.
Reviewed by:	kib
2018-12-21 06:38:13 +00:00
Mark Johnston
18fcfaa4ca Use caph_enter_casper() in ping(8).
Reported by:	oshogbo
MFC with:	r341837
Sponsored by:	The FreeBSD Foundation
2018-12-18 16:47:03 +00:00
Poul-Henning Kamp
96a3750174 Make (no)ro an alias for (no)readonly 2018-12-16 18:10:55 +00:00
Kirk McKusick
e155208020 Fsck would find, report, and offer to fix inode check-hash failures.
If requested to fix the inode check-hash it would confirm having done
it, but then fail to make the fix. The same code is used in fsdb which,
unlike fsck, would actually fix the inode check-hash.

The discrepancy occurred because fsck has two ways to fetch inodes.
The inode by number function ginode() and the streaming inode
function getnextinode() used during pass1. Fsdb uses the ginode()
function which correctly does the fix, while fsck first encounters
the bad inode check-hash in pass1 where it is using the getnextinode()
function that failed to make the correction. This patch corrects
the getnextinode() function so that fsck now correctly fixes inodes
with incorrect inode check-hashs.

Reported by:  Gary Jennejohn <gljennjohn@gmail.com>
Sponsored by: Netflix
2018-12-15 17:32:47 +00:00
Edward Tomasz Napierala
04e5c6f18a Make fsck(8) use pread(2). This cuts the number of syscalls by half.
Reviewed by:	kib, mckusick
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D17586
2018-12-15 11:36:20 +00:00
Mark Johnston
7bdc329113 Use Capsicum helpers in ping(8).
Also use caph_cache_catpages() to ensure that strerror() works when
run with kern.trap_enotcap=1.

Reviewed by:	oshogbo
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D18514
2018-12-12 02:33:01 +00:00
Kirk McKusick
8f829a5cf0 Continuing efforts to provide hardening of FFS. This change adds a
check hash to the filesystem inodes. Access attempts to files
associated with an inode with an invalid check hash will fail with
EINVAL (Invalid argument). Access is reestablished after an fsck
is run to find and validate the inodes with invalid check-hashes.
This check avoids a class of filesystem panics related to corrupted
inodes. The hash is done using crc32c.

Note this check-hash is for the inode itself and not any of its
indirect blocks. Check-hash validation may be extended to also
cover indirect block pointers, but that will be a separate (and
more costly) feature.

Check hashes are added only to UFS2 and not to UFS1 as UFS1 is
primarily used in embedded systems with small memories and low-powered
processors which need as light-weight a filesystem as possible.

Reviewed by:  kib
Tested by:    Peter Holm
Sponsored by: Netflix
2018-12-11 22:14:37 +00:00
Andrey V. Elsukov
a895c1c28a Rework how protocol number is tracked in rule. Save it when O_PROTO
opcode will be printed. This should solve the problem, when protocol
name is not printed in `ipfw -N show`.

Reported by:	Claudio Eichenberger <cei at yourshop.com>
MFC after:	1 week
2018-12-10 16:23:11 +00:00
Andrey V. Elsukov
5f9c94c592 Use correct size for IPv4 address in gethostbyaddr().
When u_long is 8 bytes, it returns EINVAL and 'ipfw -N show' doesn't work.

Reported by:	Claudio Eichenberger <cei at yourshop.com>
MFC after:	1 week
2018-12-10 15:42:13 +00:00
Eugene Grosbein
2d0a6ce24c ping(8): add space after "<=" as per style(9).
MFC after:	1 week
X-MFC-with:	r341768
2018-12-10 14:39:21 +00:00
Eugene Grosbein
65c3a67d23 ping(8): remove needless comparision with LONG_MAX
after unsigned long ultmp changed to long ltmp in r340245.

MFC after:	1 week
2018-12-09 21:11:15 +00:00