Commit Graph

7865 Commits

Author SHA1 Message Date
George V. Neville-Neil
afd010c196 Add support for keys that include 4 byte SALT values,
including GCM and ICM/CTR modes for AES.

Reviewed by:	jmg
MFC after:	1 week
Sponsored by:	Rubicon Communications (Netgate)
2015-07-31 23:40:18 +00:00
George V. Neville-Neil
2deb37542b Summary: Remove unsupported 3des-deriv encryption algorithm from documentation. 2015-07-31 17:41:53 +00:00
Warner Losh
aa255ef6dd Teach sysctl about the new optional suffix after IK to specify
precision. Update input as well. Add IK to the manual (it was missing
completely).

Differential Revision: https://reviews.freebsd.org/D3181
2015-07-29 02:34:25 +00:00
Edward Tomasz Napierala
ef159a1b45 Add missing SIGUSR1 description.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2015-07-24 18:14:57 +00:00
Conrad Meyer
773e56519d mount_nfs: Be more clear on nmount(2) error with errmsg unset
Differential Revision:	https://reviews.freebsd.org/D3147
Reviewed by:	rmacklem
Approved by:	markj (mentor)
MFC after:	2 weeks
Sponsored by:	EMC / Isilon Storage Division
2015-07-22 22:53:40 +00:00
Jim Harris
628683cb81 nvmecontrol: read controller identify data before any log page operations
MFC after:	3 days
Sponsored by:	Intel
2015-07-22 16:10:29 +00:00
Andrey V. Elsukov
109f7a27c4 lseek() allows an offset to be set beyond the end of file. Using
it to check that partition has enough space to write bootcode doesn't
work. Use the known size of provider instead.

PR:		201504
MFC after:	1 week
2015-07-21 06:18:42 +00:00
George V. Neville-Neil
a413464757 Only report the lack of ALTQ support if pfctl is using verbose (-v) mode.
PR:		194935
Submitted by:	Jim Thompson
MFC after:	2 weeks
2015-07-20 23:24:25 +00:00
Edward Tomasz Napierala
4a2a044965 Document suspend/resume notification in devd.conf(5).
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2015-07-18 12:24:54 +00:00
Edward Tomasz Napierala
cdff99588e Add CARP events description to devd.conf(5).
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2015-07-18 12:17:59 +00:00
Marcelo Araujo
c283159997 Fix contraction spotted by igor(1) and remove 2 .Ed spotted by mandoc(1).
Also, don't capitalize "module" and remove a redundant phrase introduced
in my previous commit.

Differential Revision:	D3112
Reviewed by:		wblock
Sponsored by:		gandi.net
2015-07-18 03:14:49 +00:00
Marcelo Araujo
a8d65cade5 Describe how to load gmultipath at boot time.
Differential Revision:	D3112
Reviewed by:		allanjude, bapt
Sponsored by:		gandi.net
2015-07-17 06:34:46 +00:00
John-Mark Gurney
57198f08d3 fix the docs, the number of frags per inode (NFPI) changed in r228794
to 2 from 4, but the man page didn't get updated...

other minor changes to make igor happy...

MFC after:	3 days
2015-07-15 21:35:09 +00:00
Allan Jude
ce808c7ad8 Add a new option to gpart(8) to fix Lenovo BIOS boot issue
PR:		184910
Reviewed by:	ae, wblock
Approved by:	marcel
MFC after:	3 days
Relnotes:	yes
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D3065
2015-07-15 02:23:55 +00:00
Christian Brueffer
b29fdbd8ea Cleanup; mostly language with a little bit of mdoc style.
MFC after:	1 week
2015-07-14 14:01:33 +00:00
Christian Brueffer
74a2f2e85c Unbreak ggatec and ggatel on i386 after r238119, which added two more
'struct g_gate_ctl_create' fields.

While the behaviour was technically undefined on other architectures
as well, on the reporter's amd64 systems the uninitialized bytes the
kernel cares about were always zero so everything worked as expected.

PR:		197309, 199559
Submitted by:	ota@j.email.ne.jp, Fabian Keil
Reviewed by:	pjd
MFC after:	1 week
2015-07-14 10:49:36 +00:00
Christian Brueffer
b4a355e2f3 If ggated's exports_find() fails, the connection is removed before
(trying to) report the problem to the client.

sendfail() is called with an already closed socket and thus it
fails to inform the client about the problem.

Fix this by calling sendfail() before connection_remove().

PR:		195944
Submitted by:	Fabian Keil
Reviewed by:	pjd
MFC after:	1 week
2015-07-14 09:25:10 +00:00
Rick Macklem
c088e62e34 Since the case where secflavor < 0 indicates the security flavor is
to be negotiated, it could be a Kerberized mount. As such, filling
in the "principal" argument using the canonized host name makes sense.
If it is negotiated as AUTH_SYS, the "principal" argument is meaningless
but harmless.

Requested by:	masato@itc.naist.jp
Tested by:	masato@itc.naist.jp
PR:		201073
MFC after:	1 month
2015-07-07 23:41:25 +00:00
Marcelo Araujo
a6c4189636 Remove unused variable flags reported by clang. The function zygote_clone()
always receive the flags with value 0 and this flags is never checked on
zygote_main().

Differential Revision:	D2689
Reviewed by:		rodrigc, oshogbo
2015-07-04 17:38:56 +00:00
George V. Neville-Neil
7c160e33d7 Update the date on the manual page.
Noticed by: bz
2015-07-03 20:42:31 +00:00
George V. Neville-Neil
987de84445 New AES modes for IPSec, user space components.
Update setkey and libipsec to understand aes-gcm-16 as an
encryption method.

A partial commit of the work in review D2936.

Submitted by:	eri
Reviewed by:	jmg
MFC after:	2 weeks
Sponsored by:	Rubicon Communications (Netgate)
2015-07-03 20:09:14 +00:00
Mariusz Zaborski
c36e54bb32 Let the nv.h and dnv.h includes be only in sys directory.
Change consumers to include those files from sys.
Add duplicated files to ObsoleteFiles.

Approved by:	pjd (mentor)
2015-07-02 21:58:10 +00:00
Christian Brueffer
fa6e0e5334 Add -b to the devlist usage info, forgotten in r260059.
PR:		195094
Submitted by:	robin.hahling@gw-computing.net
MFC after:	1 week
2015-07-02 13:57:26 +00:00
Christian Brueffer
faf2d8305c Fix an obviously wrong boolean operator.
PR:		200983
Submitted by:	David Bindeman
MFC after:	1 week
2015-07-02 12:14:48 +00:00
Pawel Jakub Dawidek
edaa9008ff Allow to omit keyfile number for the first keyfile. 2015-07-02 10:55:32 +00:00
George V. Neville-Neil
54bf2ef806 Fix support for the null encryption algorithm which now requires
a key.

Sponsored by: Rubicon Communications (Netgate)
2015-06-25 18:38:58 +00:00
Ermal Luçi
a5b789f65a ALTQ FAIRQ discipline import from DragonFLY
Differential Revision:  https://reviews.freebsd.org/D2847
Reviewed by:    glebius, wblock(manpage)
Approved by:    gnn(mentor)
Obtained from:  pfSense
Sponsored by:   Netgate
2015-06-24 19:16:41 +00:00
Rick Macklem
1e68ee21e0 Document that a forced dismount of an NFSv3 mount when the
NLM (rpc.lockd) is running can crash the system.
Unfortunately this is not easy to fix, but I have left
PR#200585 open.

PR:		200585
MFC after:	3 days
2015-06-17 23:24:46 +00:00
Simon J. Gerraty
2ef6d5a7b9 new depends 2015-06-16 23:37:19 +00:00
Baptiste Daroussin
18b2ee82db Revert r284417 it is not necessary anymore 2015-06-15 19:28:07 +00:00
Baptiste Daroussin
4232f82668 Enforce overwritting SHLIBDIR
Since METAMODE has been added, sys.mk loads bsd.mkopt.mk which ends load loading
bsd.own.mk which then defines SHLIBDIR before all the Makefile.inc everywhere.

This makes /lib being populated again.

Reported by:	many
2015-06-15 15:34:20 +00:00
Simon J. Gerraty
ccfb965433 Add META_MODE support.
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.

Still need to add real targets under targets/ to build packages.

Differential Revision:       D2796
Reviewed by: brooks imp
2015-06-13 19:20:56 +00:00
Christian Brueffer
0031bf7501 Add a missing word, should have been in r284290.
Submitted by:	Fabian Keil
2015-06-12 15:03:59 +00:00
Christian Brueffer
7ff1ea8bdd Improve grammar.
PR:		200673
Submitted by:	Fabian Keil
Obtained from:	ElectroBSD
2015-06-11 23:05:49 +00:00
Christian Brueffer
c06d629a24 Consistently use trailing whitespace in passphrase prompts.
PR:		193496
Submitted by:	Fabian Keil
MFC after:	1 week
2015-06-11 00:24:33 +00:00
Simon J. Gerraty
8bbb3bbab5 Revert unneeded change 2015-06-10 13:57:11 +00:00
Kenneth D. Merry
5672fac935 Add support for reading MAM attributes to camcontrol(8) and libcam(3).
MAM is Medium Auxiliary Memory and is most commonly found as flash
chips on tapes.

This includes support for reading attributes and decoding most
known attributes, but does not yet include support for writing
attributes or reporting attributes in XML format.

libsbuf/Makefile:
	Add subr_prf.c for the new sbuf_hexdump() function.  This
	function is essentially the same function.

libsbuf/Symbol.map:
	Add a new shared library minor version, and include the
	sbuf_hexdump() function.

libsbuf/Version.def:
	Add version 1.4 of the libsbuf library.

libutil/hexdump.3:
	Document sbuf_hexdump() alongside hexdump(3), since it is
	essentially the same function.

camcontrol/Makefile:
	Add attrib.c.

camcontrol/attrib.c:
	Implementation of READ ATTRIBUTE support for camcontrol(8).

camcontrol/camcontrol.8:
	Document the new 'camcontrol attrib' subcommand.

camcontrol/camcontrol.c:
	Add the new 'camcontrol attrib' subcommand.

camcontrol/camcontrol.h:
	Add a function prototype for scsiattrib().

share/man/man9/sbuf.9:
	Document the existence of sbuf_hexdump() and point users to
	the hexdump(3) man page for more details.

sys/cam/scsi/scsi_all.c:
	Add a table of known attributes, text descriptions and
	handler functions.

	Add a new scsi_attrib_sbuf() function along with a number
	of other related functions that help decode attributes.

	scsi_attrib_ascii_sbuf() decodes ASCII format attributes.

	scsi_attrib_int_sbuf() decodes binary format attributes, and
	will pass them off to scsi_attrib_hexdump_sbuf() if they're
	bigger than 8 bytes.

	scsi_attrib_vendser_sbuf() decodes the vendor and drive
	serial number attribute.

	scsi_attrib_volcoh_sbuf() decodes the Volume Coherency
	Information attribute that LTFS writes out.

sys/cam/scsi/scsi_all.h:
	Add a number of attribute-related structure definitions and
	other defines.

	Add function prototypes for all of the functions added in
	scsi_all.c.

sys/kern/subr_prf.c:
	Add a new function, sbuf_hexdump().  This is the same as
	the existing hexdump(9) function, except that it puts the
	result in an sbuf.

	This also changes subr_prf.c so that it can be compiled in
	userland for includsion in libsbuf.

	We should work to change this so that the kernel hexdump
	implementation is a wrapper around sbuf_hexdump() with a
	statically allocated sbuf with a drain.  That will require
	a drain function that goes to the kernel printf() buffer
	that can take a non-NUL terminated string as input.
	That is because an sbuf isn't NUL-terminated until it is
	finished, and we don't want to finish it while we're still
	using it.

	We should also work to consolidate the userland hexdump and
	kernel hexdump implemenatations, which are currently
	separate.  This would also mean making applications that
	currently link in libutil link in libsbuf.

sys/sys/sbuf.h:
	Add the prototype for sbuf_hexdump(), and add another copy
	of the hexdump flag values if they aren't already defined.

	Ideally the flags should be defined in one place but the
	implemenation makes it difficult to do properly.  (See
	above.)

Sponsored by:	Spectra Logic Corporation
MFC after:	1 week
2015-06-09 21:39:38 +00:00
Simon J. Gerraty
44d314f704 dirdeps.mk now sets DEP_RELDIR 2015-06-08 23:35:17 +00:00
Baptiste Daroussin
d5ce1c7713 Remove useless WARNS 2015-06-06 13:49:54 +00:00
Marcelo Araujo
1bfa92ba85 Remove unused variables reported by clang.
Differential Revision:	D2688
Reviewed by:		rodrigc, mav
2015-06-02 09:05:45 +00:00
Patrick Kelsey
19342eee9d Add CAP_FCNTL to the lease file capsicum rights, and limit to
CAP_FCNTL_GETFL.  Without CAP_FCNTL_GETFL, the lease file truncation
in rewrite_client_leases() will fail to trim old data when rewriting
the file with a lesser amount of data.

Reviewed by: pjd, rwatson
Approved by: jmallett (mentor)
MFC after: 1 week
2015-05-28 05:38:07 +00:00
Simon J. Gerraty
98e0ffaefb Merge sync of head 2015-05-27 01:19:58 +00:00
Andrey V. Elsukov
24211a0afc Print leading zeroes of UFS2 fs_id like we do for UFS1.
PR:		156908
MFC after:	1 week
2015-05-26 18:27:38 +00:00
Alexander V. Chernikov
8755aff6c9 Bring back support for checking tables via "ipfw -n".
Currently we have different table key types which can easily interfere
with each other (numbers and IPv4 address, interface names and hostnames,
  flows and hostnames/addresses).
This conflicts are solved by [auto-]creating _typed_ tables, so after
table is created, only keys of given type can be inserted to that table.
ipfw(8) consults with kernel about key/value type for particular table so
it knows key/value interpretation.
However, we have 2 cases (adding entries to non-existing table and
  parsing configuration file via `ipfw -n`) when kernel is unable to
  provide us table info we need. Fix the latter case by partially importing
  old `table_fill_xentry()` parse function responsible for guessing key type.

Sponsored by:	Yandex LLC
2015-05-19 18:29:13 +00:00
Allan Jude
38eb219c75 Fix error in gmountver(8) man page
Also fixes the usage statement for the binary to use the correct terms (provider and geom name, rather than dev and prov, which is incorrect in the latter case)
Sync the man page summary with the new usage statement

PR:		199540
Differential Revision:	https://reviews.freebsd.org/D2329
Submitted by:	Fabian Keil
Reviewed by:	trasz
Approved by:	eadler (mentor)
Obtained from:	ElectroBSD (original)
MFC after:	1 week
Sponsored by:	ScaleEngine Inc.
2015-05-18 19:37:55 +00:00
Alexander V. Chernikov
5446b3f1d4 * Update SFF-8024 Identifier constants.
* Fix SFF_8436_CC_EXT in SFF-8436 memory map.
* Add SFF-8436/8636 bits (revision compliance/nominal bitrate).
* Do some small style/type fixes.
2015-05-16 13:11:35 +00:00
Alexander V. Chernikov
3d2f502bab Simplify i2c reader: we don't need per-NIC handler anymore.
Make code use read_i2c() function instead of callback.
Simplify&document struct i2c_info.
Consistently use uint8_t to read from i2c.
2015-05-15 12:32:17 +00:00
Andrey V. Elsukov
c1b4f79dfa Add an ability accept encapsulated packets from different sources by one
gif(4) interface. Add new option "ignore_source" for gif(4) interface.
When it is enabled, gif's encapcheck function requires match only for
packet's destination address.

Differential Revision:	https://reviews.freebsd.org/D2004
Obtained from:	Yandex LLC
MFC after:	2 weeks
Sponsored by:	Yandex LLC
2015-05-15 12:19:45 +00:00
Edward Tomasz Napierala
28616c3cc1 Document RCTL events in devd.conf(5).
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2015-05-13 12:02:51 +00:00
Andrey V. Elsukov
eccfe69a5c Add new socket ioctls SIOC[SG]TUNFIB to set FIB number of encapsulated
packets on tunnel interfaces. Add support of these ioctls to gre(4),
gif(4) and me(4) interfaces. For incoming packets M_SETFIB() should use
if_fib value from ifnet structure, use proper value in gre(4) and me(4).

Differential Revision:	https://reviews.freebsd.org/D2462
No objection from:	#network
MFC after:	2 weeks
Sponsored by:	Yandex LLC
2015-05-12 07:37:27 +00:00