Commit Graph

8592 Commits

Author SHA1 Message Date
bcr
ba9cb725b9 Make setkey(8) more clear about anti-replay window size option semantics.
PR:			172913
Submitted by:		john@saltant.com
Reviewed by:		ae@
MFC after:		2 weeks
Differential Revision:	https://reviews.freebsd.org/D10304
2017-04-09 15:17:55 +00:00
brooks
de9ed2cf03 Remove support for long gone oldnfs.
The code was calling nmount with an fstype of everything in the program
name after the last '_'. This was there to support mount_nfs being
linked to mount_oldnfs. Support for the link was removed in 2015 with
r281691.

Reviewed by:	rmacklem
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D10301
2017-04-07 18:31:31 +00:00
asomers
ef7bb44013 sbin/mount: strcpy -> strlcpy
Reported by:	Coverity
CID:		1011173, 1011174
MFC after:	3 weeks
Sponsored by:	Spectra Logic Corp
2017-04-07 15:39:41 +00:00
asomers
9c1572debc Fix memory leak in "gpart bootcode"
Also, annotate that gpart_issue never returns

Reported by:	Coverity
CID:		1007105
MFC after:	3 weeks
Sponsored by:	Spectra Logic Corp
2017-04-05 18:31:26 +00:00
asomers
d33759b51b Fix clearing geom metadata if DIOCGSECTORSIZE fails
An unhandled error case would result in passing SIZE_MAX to malloc.
While I'm here, remove an unnecessary NULL check before free

Reported by:	Coverity
CID:		1017793
MFC after:	3 weeks
Sponsored by:	Spectra Logic Corp
2017-04-05 17:17:18 +00:00
ae
eeabfe4bc2 Use unique SPI.
MFC after:	1 week
2017-04-04 23:30:05 +00:00
ae
fefa8a6940 In the example section show that TCP-MD5 connection needs SA for both
directions.

Submitted by:	Mike Tancsa <mike at sentex net>
MFC after:	1 week
2017-04-04 23:28:22 +00:00
sevan
293d8d9102 Whilst mount_pcfs originated as a patch in 386BSD, NetBSD 0.8 actually
was the first release of an OS to ship with it.
Heads up by Ingo Schwarze.

Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D10209
2017-04-03 18:50:04 +00:00
ae
fccd5b2db9 Add ipfw_pmod kernel module.
The module is designed for modification of a packets of any protocols.
For now it implements only TCP MSS modification. It adds the external
action handler for "tcp-setmss" action.

A rule with tcp-setmss action does additional check for protocol and
TCP flags. If SYN flag is present, it parses TCP options and modifies
MSS option if its value is greater than configured value in the rule.
Then it adjustes TCP checksum if needed. After handling the search
continues with the next rule.

Obtained from:	Yandex LLC
MFC after:	2 weeks
Relnotes:	yes
Sponsored by:	Yandex LLC
No objection from: #network
Differential Revision:	https://reviews.freebsd.org/D10150
2017-04-03 03:07:48 +00:00
ae
5b90a3f01f Add O_EXTERNAL_DATA opcode support.
This opcode can be used to attach some data to external action opcode.
And unlike to O_EXTERNAL_INSTANCE opcode, this opcode does not require
creating of named instance to pass configuration arguments to external
action handler. The data is coming just next to O_EXTERNAL_ACTION opcode.

The userlevel part currenly supports formatting for opcode with ipfw_insn
size, by default it expects u16 numeric value in the arg1.

Obtained from:	Yandex LLC
MFC after:	2 weeks
Sponsored by:	Yandex LLC
2017-04-03 02:44:40 +00:00
adrian
6fcbd9c284 [ifconfig] add some comments around missing net80211 VHT configuration.
VHT STBC, A-MPDU density and A-MPDU size configuration parameters are
different when doing VHT.
2017-03-31 22:05:10 +00:00
n_hibma
03ca34f30c Make dhcp-lease-time option supersedable as well.
Note: It is not recommended to set this value to above the value that
the server provided, unless that value is bogus.
2017-03-30 18:20:04 +00:00
n_hibma
f7f038e32a Allow superseding the lease renewal and rebind times.
Also make sure that the renewal is never more than 1/2 * expiry and
rebind never more than 7/4 * renewal (the default values in the spec).
This should allow adjusting high values from the server as well as
making sure the values from the server make sense.

Renewal and rebind times will be adjusted down if the expiry time is set
very high in a server, not the other way around. This change just makes
sure the values keep making sense.
2017-03-30 17:31:12 +00:00
ngie
d456a253b9 Don't use K&R style prototypes; ANSIfy them
This fixes several -Wold-style-definition warnings.

X-MFC with:	313191
Reported by:	amd64-gcc-6.3.0 (devel/amd64-xtoolchain-gcc)
Sponsored by:	Dell EMC Isilon
2017-03-28 20:34:02 +00:00
imp
051928ab3c Use a more stream-lined version of fix_value.
Submitted by: ian@
2017-03-24 13:46:26 +00:00
ngie
bc30970903 Add a post-humous manpage for cd9660(5), the ISO-9660 file system
Describe (briefly) how to compile the filesystem into the kernel and
load as a module.

Reference cd9660(5) in mount(8) and mount_cd9660(8).

MFC after:	1 month
Sponsored by:	Dell EMC Isilon
2017-03-23 02:57:08 +00:00
ngie
d7014acbcf mount.conf(8): fix a .Xr call
Add the missing section number for devfs(5)

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-03-23 02:50:35 +00:00
imp
27fcf5063f Implement quote escaping. String values may now contain " if you
it is preceded by \.

foo="I \"like\" C++"

gives the value 'I "like" C++' to the variable 'foo'. If a character
other than " follows the \, both the \ and that character are passed
through.

Differential Revision: https://reviews.freebsd.org/D6286
Sponsored by: Netflix
2017-03-23 02:36:51 +00:00
mav
7c140f41f3 Fix printing bits above first eight.
Reported by:	Coverity
CID:		1372596
MFC after:	1 week
2017-03-22 13:53:21 +00:00
ngie
2f90b68f28 Delete trailing whitespace (no functional change)
MFC after:	3 days
Sponsored by:	Dell EMC Isilon
2017-03-21 22:00:52 +00:00
maxim
d30b41ad65 The .Cm macro usage fixed.
PR:		217977
Submitted by:	tobik
2017-03-21 13:01:08 +00:00
trasz
3521420b56 Document how to use reroot with NFS.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-03-19 15:49:51 +00:00
ae
452baa814d Change the syntax of ipfw's named states.
Since the state name is an optional argument, it often can conflict
with other options. To avoid ambiguity now the state name must be
prefixed with a colon.

Obtained from:	Yandex LLC
MFC after:	2 week
Sponsored by:	Yandex LLC
2017-03-15 13:36:35 +00:00
amdmi3
1237e7dadb Fix late and noauto with geli swap
With the following in /etc/fstab:

/dev/gpt/swap.eli none swap sw,late 0 0

swap will not be enabled, with `swapon -aL' complaining:

swapon: Invalid option: late

This happens because swap_on_geli_args() which parses geli arguments
out of all mount options does not expect late or noauto among them.
Fix this by explicitly allowing these arguments.

Reviewed by:	jilles
Approved by:	jilles
MFC after:	2 weeks
Differential Revision:	D9835
2017-03-14 12:39:19 +00:00
cy
62f5b7c6f4 Disconnect ipftest and ipresend from the build until it can be verified
that they still work. These utilities have become out of sync with the
code in the kernel and need work to bring them back into shape.
Most people test on real systems or VMs on real networks.

Suggested by:	glebius
2017-03-14 02:10:37 +00:00
cy
bdd38049b7 Revert r315218 so that it may be committed together with r315219. 2017-03-14 02:06:12 +00:00
cy
8fe1c778c8 Disconnect ipftest and ipresend from the build until it can be verified
that they still work. These utilities have become out of sync with the
code in the kernel and need work to bring them back into shape.
Most people test on real systems or VMs on real networks.

Sugested by:	glebius
2017-03-14 01:00:09 +00:00
ngie
2fad502048 sbin/dhclient: fix vendor storage leak in parse_option_decl(..)
This ensures the storage isn't leaked when non-NULL and the function
returns early, prior to the `free(vendor)` later on in the function.

MFC after:	1 week
Reported by:	Coverity
CID:		1007111-1007113
Reviewed by:	cem
Sponsored by:	Dell EMC Isilon
Differential Revision:	D9993
2017-03-13 17:45:00 +00:00
ngie
9d2dfc21b0 Fix -Wunused-but-set-warning with ret
While here, resolve Coverity warnings by demonstrating that vfprintf's
return value is being explicitly ignored.

MFC after:	1 week
Reported by:	gcc 6.3.0
Tested with:	clang, gcc 4.2.1, gcc 6.3.0
Sponsored by:	Dell EMC Isilon
2017-03-13 17:15:45 +00:00
ngie
b990ff3c5d sbin/dhclient: fix a memory leak in parse_client_lease_statement(..)
The memory stored by `lease` would have previously been leaked if an
unterminated lease declaration was found in an early-return code path.

MFC after:	1 week
Reported by:	clang static analyzer, Coverity
CID:		1007114
Submitted by:	Tom Rix <trix@juniper.net>
Sponsored by:	Dell EMC Isilon; Juniper, Inc
Differential Revision:	D9992
2017-03-13 17:05:49 +00:00
ngie
1a7bb4a7a9 Fix CFLAGS for including netipsec headers #includes
The netipsec headers are referenced via netipsec/..., not ./... .
Thus, assuming that the netipsec/... is nested under ${SRCTOP}/sys/netipsec
is wrong.

This tripped up some individuals building ^/head on systems pre-r314812.

MFC after:	1 week
Reported by:	Roberto Rodriguez Jr <rob.rodz.jr9@gmail.com>
Sponsored by:	Dell EMC Isilon
2017-03-13 01:05:25 +00:00
araujo
4c79d31083 Add the capability to refresh the gpart(8) label without need a reboot.
gpart(8) has functionality to change the label of an GPT partition.
This functionality works like it should, however, after a label change
the /dev/gpt/ entries remain unchanged. glabel(8) status output remains
unchanged. The change only takes effect after a reboot.

PR:		162690
Submitted by:	sub.mesa@gmail, Ben RUBSON <ben.rubson@gmail.com>, ae
Reviewed by:	allanjude, bapt, bcr
MFC after:	6 weeks.
Differential Revision:	https://reviews.freebsd.org/D9935
2017-03-12 04:15:56 +00:00
ngie
f5809ea627 Delete duplicate -I <SRCTOP>/lib/libipsec added in r171135
It's already handled earlier on in the Makefile, per the change made
in r80029.

MFC after:	1 month
Sponsored by:	Dell EMC Isilon
2017-03-12 02:21:16 +00:00
markj
58ed2fd17c Typo.
MFC after:	3 days
2017-03-10 19:13:38 +00:00
mav
9252ae8d16 Decode modern PIM flags.
MFC after:	2 weeks
2017-03-09 16:34:55 +00:00
ngie
30cd7c65c0 sbin/devfs: clarify usage
- Note existence of -m option.
- Note that -s applies to rule keyword, only, by adding usage text
  specifically for the `rule` and `ruleset` keywords.

Don't go into any further detail in usage(..) -- it's best that one
reads the manpage to get a better idea of how things work as there are
a number of different option-specific keywords and arguments, as well
as some rule grammar.

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-03-08 23:58:10 +00:00
ae
749be37c28 Introduce the concept of IPsec security policies scope.
Currently are defined three scopes: global, ifnet, and pcb.
Generic security policies that IKE daemon can add via PF_KEY interface
or an administrator creates with setkey(8) utility have GLOBAL scope.
Such policies can be applied by the kernel to outgoing packets and checked
agains inbound packets after IPsec processing.
Security policies created by if_ipsec(4) interfaces have IFNET scope.
Such policies are applied to packets that are passed through if_ipsec(4)
interface.
And security policies created by application using setsockopt()
IP_IPSEC_POLICY option have PCB scope. Such policies are applied to
packets related to specific socket. Currently there is no way to list
PCB policies via setkey(8) utility.

Modify setkey(8) and libipsec(3) to be able distinguish the scope of
security policies in the `setkey -DP` listing. Add two optional flags:
'-t' to list only policies related to virtual *tunneling* interfaces,
i.e. policies with IFNET scope, and '-g' to list only policies with GLOBAL
scope. By default policies from all scopes are listed.

To implement this PF_KEY's sadb_x_policy structure was modified.
sadb_x_policy_reserved field is used to pass the policy scope from the
kernel to userland. SADB_SPDDUMP message extended to support filtering
by scope: sadb_msg_satype field is used to specify bit mask of requested
scopes.

For IFNET policies the sadb_x_policy_priority field of struct sadb_x_policy
is used to pass if_ipsec's interface if_index to the userland. For GLOBAL
policies sadb_x_policy_priority is used only to manage order of security
policies in the SPDB. For IFNET policies it is not used, so it can be used
to keep if_index.

After this change the output of `setkey -DP` now looks like:
# setkey -DPt
0.0.0.0/0[any] 0.0.0.0/0[any] any
	in ipsec
	esp/tunnel/87.250.242.144-87.250.242.145/unique:145
	spid=7 seq=3 pid=58025 scope=ifnet ifname=ipsec0
	refcnt=1
# setkey -DPg
::/0 ::/0 icmp6 135,0
	out none
	spid=5 seq=1 pid=872 scope=global
	refcnt=1

No objection from:	#network
Obtained from:	Yandex LLC
MFC after:	2 weeks
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D9805
2017-03-07 00:13:53 +00:00
cem
6c71128e6d newfs_nandfs: Fix unaligned pointer warning
PR:		217532
Submitted by:	Trond Endrestol <Trond.Endrestol at ximalas.info>
2017-03-04 16:59:55 +00:00
ngie
3c4b37d990 sbin: normalize paths using SRCTOP-relative paths or :H when possible
This simplifies make logic/output

MFC after:	1 month
Sponsored by:	Dell EMC Isilon
2017-03-04 11:33:01 +00:00
des
21eab27617 Fix date.
Reported by:	delphij, mckay
MFC with:	r314528
2017-03-02 14:50:01 +00:00
des
627a54806e Update to reflect that SHA-1 has now been broken.
Submitted by:	ak
MFC after:	1 week
2017-03-02 00:27:21 +00:00
imp
7e6cabd06e Renumber copyright clause 4
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by:	Jan Schaumann <jschauma@stevens.edu>
Pull Request:	https://github.com/freebsd/freebsd/pull/96
2017-02-28 23:42:47 +00:00
oshogbo
dcf99e738f Add sysctl to control auto resize of the GEOM metadata.
Reviewed by:	AllanJude
Differential Revision:	https://reviews.freebsd.org/D9603
2017-02-27 17:54:01 +00:00
ae
0f1f4af770 Document that the size of AH ICV for HMAC-SHA2-NNN should be half of
NNN bits as described in RFC4868.

PR:		215978
2017-02-27 15:30:27 +00:00
imp
809a7ff179 Make nvmecontrol logpage -p help list known pages.
Make -p help and -v help list all the pages we know about.
Add -v to usage.
Update the man page.

Sponsored by: Netflix
2017-02-25 00:09:16 +00:00
imp
84946c29b0 Exit with usage if argv[1] is NULL in dispatch. This fixes core dumps
when a command has subcommands, but the user doesn't give the
parameters on the command line.

Sponsored by: Netflix
2017-02-25 00:09:12 +00:00
imp
e9c735c666 Fix typos in output.
Sponsored by: Netflix
2017-02-25 00:09:02 +00:00
adrian
addb19a9c4 [ifconfig] handle illegal WPS frames
Some APs broadcast WPS IE frames with totally broken data.  Ifconfig's printwpsie()
loops through WPS frames printing the attributes out; if the frame's data is bad,
printwpsie() can end up looking at out-of-bounds addresses causing ifconfig to
bus error.

Thanks to Takashi Inoue at Nihon U for his efforts in debugging this.

PR:		bin/217312
Submitted by:	fbsd@opal.com
MFC after:	1 week
2017-02-23 20:49:17 +00:00
adrian
555d74ad2d [ifconfig] fix a memory leak!
Submitted by:	Tom Rix <trix@juniper.net>
Differential Revision:	https://reviews.freebsd.org/D9675
2017-02-20 03:12:46 +00:00
adrian
cd1893123f [ifconfig] fix a memory leak.
Submitted by:	Tom Rix <trix@juniper.net>
Differential Revision:	https://reviews.freebsd.org/D9654
2017-02-20 03:10:56 +00:00
adrian
5446f85d9d [net80211] RX parameter shuffle in net80211 in preparation for 4x4 NICs and 160MHz channels.
* Migrate the rx_params stuff out from ieee80211_freebsd.h where it doesn't belong -
  this isn't freebsd specific anymore.

* Don't use a hard-coded number of chains in the ioctl header; now we can shuffle
  MAX_CHAINS around so it can be used in the right spot.

* Extend the signal/noisefloor levels in the mimo stats struct to userland to include
  the signal and noisefloor levels for each 20MHz slice of a 160MHz channel.

* Bump the number of EVM pilots in preparation for 4x4 and 160MHz channels.

Tested:

* ath(4), STA mode
* iwn(4), STA mode
* local ath10k port, STA mode

TODO:

* 11ax chips will come with 5GHz 8x8 hardware for lots of MU-MIMO - I'll re-bump it
  at that point.

Note:

* This breaks the driver and ifconfig ABI; please recompile  the kernel,
  ifconfig and wpa_supplicant/hostapd.
2017-02-20 02:08:08 +00:00
trasz
b1c4c43759 Make savecore(8) output nicer by specifying the maximum field width
instead of minimum one (precision instead of width).

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-02-19 16:59:00 +00:00
trasz
881423faa5 Make mdconfig(8) not segfault when the kernel returns garbage data.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-02-19 16:08:58 +00:00
glebius
0a7efde9f0 Fix the last case when kldload(8) wasn't printing the name of the module
that failed to load.
2017-02-18 18:57:29 +00:00
trasz
4c00b8bf3e Make fsck(8) default to "ufs", like eg mount(8) does.
Approved by:	imp
Discussed with:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D9621
2017-02-18 11:43:13 +00:00
ken
237640bee9 Add task attribute support to camcontrol(8).
Users can use the new generic argument, -Q task_attr, to specify a task
attribute (simple, ordered, head of queue, aca) for the commands issued.
The the default is simple, which works with all SCSI devices that support
tagged queueing.

This will mostly be useful for debugging target behavior in certain
situations.

You can try it out by compiling CTL with CTL_IO_DELAY turned on (in
sys/cam/ctl/ctl_io.h) and then do something like this with one of the CTL
LUNs:

ctladm delay 0:0 -l done -t 10
camcontrol tur da34 -v

And at then before the 10 second timer is up, in another terminal:

camcontrol inquiry da34 -Q ordered -v

The Inquiry should complete just after the TUR completes.  Ordinarily
it would complete first because of the delay injection, but because the
task attribute is set to ordered in this case, CTL holds it up until the
previous command has completed.

sbin/camcontrol/camcontrol.c:
	Add the new generic argument, -Q, which allows the user to specify
	a SCSI task attribute.  The user can specify task attributes by
	name or numerically.

	Add a new task_attr arguments to SCSI sub-functions.

sbin/camcontrol/attrib.c,
sbin/camcontrol/camcontrol.h,
sbin/camcontrol/fwdownload.c,
sbin/camcontrol/modeedit.c,
sbin/camcontrol/persist.c,
sbin/camcontrol/timestamp.c,
sbin/camcontrol/zone.c:
	Add the new task_attr argument to SCSI sub-functions.

sbin/camcontrol/camcontrol.8:
	Document the new -Q option, and add an example.

Sponsored by:	Spectra Logic
MFC after:	1 week
2017-02-17 20:04:22 +00:00
emaste
8e79b56e85 prefix UFS symbols with UFS_ to reduce namespace pollution
Specifically:
  ROOTINO -> UFS_ROOTINO
  WINO -> UFS_WINO
  NXADDR -> UFS_NXADDR
  NDADDR -> UFS_NDADDR
  NIADDR -> UFS_NIADDR
  MAXSYMLINKLEN_UFS[12] -> UFS[12]_MAXSYMLINKLEN (for consistency)

Also prefix ext2's and nandfs's NDADDR and NIADDR with EXT2_ and NANDFS_

Reviewed by:	kib, mckusick
Obtained from:	NetBSD
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D9536
2017-02-15 19:50:26 +00:00
garga
5143a093b5 * Add missing parameters to usage()
* Add missing parameters to manpage synopsis
* Add missing description of -d flag
* Sort flags descriptions

Reviewed by:	allanjude, kib
Approved by:	allanjude
MFC after:	1 week
Sponsored by:	Rubicon Communications (Netgate)
Differential Revision:	https://reviews.freebsd.org/D9152
2017-02-14 21:14:24 +00:00
stevek
20012536fd For MD_PRELOAD type md(4) devices, if there is a file name in the preloaded
meta-data, copy it into the softc structure.

When returning md(4) device details to the caller, include the file name in
any MD_PRELOAD type devices if it is set (first character is not NUL.)

In mdconfig, for "preload" type md(4) devices, if there is file config
available, print it in the file column of the output.

Reviewed by:	brooks
Approved by:	sjg (mentor)
MFC after:	1 month
Sponsored by:	Juniper Networks, Inc.
Differential Revision:	https://reviews.freebsd.org/D9529
2017-02-13 17:44:07 +00:00
delphij
f719d5d44f MFV r313676: libpcap 1.8.1
MFC after:	1 month
2017-02-13 08:23:39 +00:00
cem
d21c7f090e ufs: Use UFS_MAXNAMLEN constant
(like NFS, EXT2FS, SVR4, IBCS2) instead of redefining the MAXNAMLEN
constant.

No functional change.

Reviewed by:	kib@, markj@
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D9500
2017-02-09 17:47:01 +00:00
def
02dfbbd601 Don't decrypt a core if a vmcore file already exists by default.
Allow to change this behaviour using the -f flag.

Approved by:	pjd (mentor)
2017-02-08 23:17:23 +00:00
ae
0fb6ad528e Merge projects/ipsec into head/.
Small summary
 -------------

o Almost all IPsec releated code was moved into sys/netipsec.
o New kernel modules added: ipsec.ko and tcpmd5.ko. New kernel
  option IPSEC_SUPPORT added. It enables support for loading
  and unloading of ipsec.ko and tcpmd5.ko kernel modules.
o IPSEC_NAT_T option was removed. Now NAT-T support is enabled by
  default. The UDP_ENCAP_ESPINUDP_NON_IKE encapsulation type
  support was removed. Added TCP/UDP checksum handling for
  inbound packets that were decapsulated by transport mode SAs.
  setkey(8) modified to show run-time NAT-T configuration of SA.
o New network pseudo interface if_ipsec(4) added. For now it is
  build as part of ipsec.ko module (or with IPSEC kernel).
  It implements IPsec virtual tunnels to create route-based VPNs.
o The network stack now invokes IPsec functions using special
  methods. The only one header file <netipsec/ipsec_support.h>
  should be included to declare all the needed things to work
  with IPsec.
o All IPsec protocols handlers (ESP/AH/IPCOMP protosw) were removed.
  Now these protocols are handled directly via IPsec methods.
o TCP_SIGNATURE support was reworked to be more close to RFC.
o PF_KEY SADB was reworked:
  - now all security associations stored in the single SPI namespace,
    and all SAs MUST have unique SPI.
  - several hash tables added to speed up lookups in SADB.
  - SADB now uses rmlock to protect access, and concurrent threads
    can do SA lookups in the same time.
  - many PF_KEY message handlers were reworked to reflect changes
    in SADB.
  - SADB_UPDATE message was extended to support new PF_KEY headers:
    SADB_X_EXT_NEW_ADDRESS_SRC and SADB_X_EXT_NEW_ADDRESS_DST. They
    can be used by IKE daemon to change SA addresses.
o ipsecrequest and secpolicy structures were cardinally changed to
  avoid locking protection for ipsecrequest. Now we support
  only limited number (4) of bundled SAs, but they are supported
  for both INET and INET6.
o INPCB security policy cache was introduced. Each PCB now caches
  used security policies to avoid SP lookup for each packet.
o For inbound security policies added the mode, when the kernel does
  check for full history of applied IPsec transforms.
o References counting rules for security policies and security
  associations were changed. The proper SA locking added into xform
  code.
o xform code was also changed. Now it is possible to unregister xforms.
  tdb_xxx structures were changed and renamed to reflect changes in
  SADB/SPDB, and changed rules for locking and refcounting.

Reviewed by:	gnn, wblock
Obtained from:	Yandex LLC
Relnotes:	yes
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D9352
2017-02-06 08:49:57 +00:00
ngie
d63dd45974 style(9) cleanup
- Delete trailing whitespace
- Fix alignment/variable sorting
- Delete single-line enclosing braces

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-02-05 05:36:51 +00:00
imp
61164e9188 Use ssize_t instead of uint32_t to prevent warnings about a comparison
with different signs. Due to the promotion rules, this would only
happen on 32-bit platforms.
2017-02-05 01:20:39 +00:00
imp
a0eebeae53 Add the ability to dump log pages directly in binary to stdout.
Update man page to include this flag, and an example of dumping a
vendor-specific page while I'm here.
2017-02-05 00:55:07 +00:00
imp
f59992fabe Add some descriptions to the man page for the supported log pages as
well as the new wdc commands. Make wdc be an alias for hgst when
specifying the vendor to use to interpret the page.
2017-02-05 00:45:02 +00:00
adrian
4214607b6c [net80211] fix quiet_duration parameter to match what is provided in the manpage. 2017-02-04 20:57:12 +00:00
imp
1a316459b6 Fix off by one error that truncated the serial number for filenames. 2017-02-04 20:43:54 +00:00
imp
caf95c0491 Fix a typo in usage string for unimplemented command. 2017-02-04 20:43:45 +00:00
def
1bdea4b6ed Fix bugs found by Coverity in decryptcore(8) and savecore(8):
- Perform final decryption and write decrypted data in case of non-block aligned
input data;
- Use strlcpy(3) instead of strncpy(3) to verify if paths aren't too long;
- Check errno after calling unlink(2) instead of calling stat(2) in order to
verify if a decrypted core was created by a child process;
- Free dumpkey.

Reported by:	Coverity, cem, pfg
Suggested by:	cem
CID:		1366936, 1366942, 1366951, 1366952
Approved by:	pjd (mentor)
2017-02-04 14:10:16 +00:00
allanjude
95b08b8b4a Switch hastctl and hastd to libmd instead of openssl for sha256
Reviewed by:	bapt, brnrd, pjd
Approved by:	pjd (maintainer)
Sponsored by:	ScaleEngine Inc., FOSDEM DevSummit
Differential Revision:	https://reviews.freebsd.org/D9423
2017-02-04 06:12:48 +00:00
imp
52972faf3b Implement 5 wdc-specific nvme control options for their HGST drives:
wdc cap-diag		Capture diagnostic data from drive
	wdc drive-log		Capture drive history data from drive
	wdc get-crash-dump	Retrieve firmware crash dump from drive
2017-02-04 05:53:00 +00:00
imp
1507791e30 Move the usage and command name lookup into functions. 2017-02-04 05:52:53 +00:00
imp
b0f46bfb86 Put the arguments to aligned_alloc in the right order. 2017-02-04 05:52:50 +00:00
pfg
224a227637 resolvconf: restore RESTARTCMD=, CMD1=, CMD2= and sed pattern as before.
r312992 removed RESTARTCMD_WITH_ARG for @RESTARTCMD something@ but
reverted the sed to be '@RESTARTCMD \(.*\)@' and RESTARTCMD= to be
the value of RESTARTCMD_WITH_ARG.

Submitted by:	Guy Yur
x_MFC with:	r312992
2017-02-03 16:08:58 +00:00
imp
d10af717dd Use aligned buffer for the firmware data. Otherwise, when loading a
MAXPHYS bytes of data, the I/O would require MAXPHYS + PAGE_SIZE worth
of pages to do the I/O and we'd hit an assertion in
vm_fault_quick_hold_pages unless MAXPHYS was larger than 1M +
PAGE_SIZE.
2017-02-02 23:04:00 +00:00
pfg
df96004a77 MFV r312970:
openresolv: update to version 3.9.0.

It is now possible to drop the _WITH_ARG vars thanks to a change to the
pdns_recursor upstreamed by Guy Yur.

MFC after:	3 weeks
2017-01-30 16:32:53 +00:00
nyan
259480b6de Remove pc98 support completely.
I thank all developers and contributors for pc98.

Relnotes:	yes
2017-01-28 02:22:15 +00:00
mckusick
c7e840295a By default, when doing incremental restores the restore program
overwrites an existing file rather than removing it and creating a
new file.  If the old and new version of the file both have extended
attributes and the extended attributes of the two versions of the
file are different, the result is that the new file ends up with
the union of the extended attributes of the old and new files.

To get the behavior of replacing the extended attributes rather
than augmenting them requires explicitly removing the old attributes
and then adding the new ones.

To get this behavior, the old file must be unlinked (which clears
out the old extended attributes).  Then the new file of the same
name must be created and the new extended attributes added to it.

This behavior can be obtained by specifying the -u flag when running
restore.  Rather than defaulting the -u option to on and possibly
breaking existing scripts using restore, this change simply notes
in the restore.8 manual page that the -u flag is recommended when
using restore on filesystems that contain extended attributes.

PR:                     216127
Reported by:            dewayne at heuristicsystems.com.au
Differential Revision:  https://reviews.freebsd.org/D9208
2017-01-22 17:49:14 +00:00
avos
8e0917e51f net80211: allow to configure LDPC support
Tested with RTL8821AU, STA mode (Tx support only)

Reviewed by:	adrian
Differential Revision:	https://reviews.freebsd.org/D9268
2017-01-21 14:19:06 +00:00
avos
445f2d1be3 ifconfig(8): fix '-stbc' parameter name.
MFC after:	5 days
2017-01-20 22:41:16 +00:00
asomers
525005cf9e Misc Coverity fixes in camcontrol(8)
CID 1229913	Fix output of "camcontrol persist -i report_capabilities".
		The reported Persistent Reservation Types were wrong in all
		cases.
CID 1356029	Annotate the code so Coverity will know that this is a false
		positive.
CID 1366830	Fix a memory leak in "camcontrol timestamp -s"
CID 1366832	Fix a segfault that could be caused by bad drive firmware

Also, fix the man page entry for the "camcontrol epc state" command to match
what the code does.

Reviewed by:	ken, wblock
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D9239
2017-01-20 21:21:41 +00:00
asomers
b4406e17e9 Fix build of devd with GCC 4.2
Reported by:	olivier
Pointy-hat-to:	asomers
MFC after:	27 days
X-MFC-with:	312395
Sponsored by:	Spectra Logic Corp
2017-01-19 16:59:55 +00:00
asomers
41803adfd4 Fix several Coverity CIDs in devd
CID 1362055, 1362054: File descriptor leaks during shutdown
CID 1362013: Potential null-termination fail with long network device names
CID 1362097: Uncaught exception during memory pressure
CID 1362017, 1362016: Unchecked errors, possibly resulting in weird behavior
	if two devd instances start at the same time.
CID 1362015:	Unchecked error that will probably never fail

Reported by:	Coverity
CID:	1362055 1362054 1362013 1362097 1362017 1362016 1362015
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
2017-01-18 20:24:37 +00:00
cem
63708c4468 restore(8): Handle extended attribute names correctly
UFS2 extended attribute names are not NUL-terminated.  Handle
appropriately.

Correct the EXTATTR_BASE_LENGTH() macro, which handled ea_namelength ==
one (mod eight) extended attributes incorrectly.

PR:		216127
Reported by:	dewayne at heuristicsystems.com.au
Reviewed by:	kib@
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D9208
2017-01-18 18:16:57 +00:00
hselasky
efa6326974 Implement kernel support for hardware rate limited sockets.
- Add RATELIMIT kernel configuration keyword which must be set to
enable the new functionality.

- Add support for hardware driven, Receive Side Scaling, RSS aware, rate
limited sendqueues and expose the functionality through the already
established SO_MAX_PACING_RATE setsockopt(). The API support rates in
the range from 1 to 4Gbytes/s which are suitable for regular TCP and
UDP streams. The setsockopt(2) manual page has been updated.

- Add rate limit function callback API to "struct ifnet" which supports
the following operations: if_snd_tag_alloc(), if_snd_tag_modify(),
if_snd_tag_query() and if_snd_tag_free().

- Add support to ifconfig to view, set and clear the IFCAP_TXRTLMT
flag, which tells if a network driver supports rate limiting or not.

- This patch also adds support for rate limiting through VLAN and LAGG
intermediate network devices.

- How rate limiting works:

1) The userspace application calls setsockopt() after accepting or
making a new connection to set the rate which is then stored in the
socket structure in the kernel. Later on when packets are transmitted
a check is made in the transmit path for rate changes. A rate change
implies a non-blocking ifp->if_snd_tag_alloc() call will be made to the
destination network interface, which then sets up a custom sendqueue
with the given rate limitation parameter. A "struct m_snd_tag" pointer is
returned which serves as a "snd_tag" hint in the m_pkthdr for the
subsequently transmitted mbufs.

2) When the network driver sees the "m->m_pkthdr.snd_tag" different
from NULL, it will move the packets into a designated rate limited sendqueue
given by the snd_tag pointer. It is up to the individual drivers how the rate
limited traffic will be rate limited.

3) Route changes are detected by the NIC drivers in the ifp->if_transmit()
routine when the ifnet pointer in the incoming snd_tag mismatches the
one of the network interface. The network adapter frees the mbuf and
returns EAGAIN which causes the ip_output() to release and clear the send
tag. Upon next ip_output() a new "snd_tag" will be tried allocated.

4) When the PCB is detached the custom sendqueue will be released by a
non-blocking ifp->if_snd_tag_free() call to the currently bound network
interface.

Reviewed by:		wblock (manpages), adrian, gallatin, scottl (network)
Differential Revision:	https://reviews.freebsd.org/D3687
Sponsored by:		Mellanox Technologies
MFC after:		3 months
2017-01-18 13:31:17 +00:00
cem
b2000e56f9 "Buses" is the preferred plural of "bus"
Replace archaic "busses" with modern form "buses."

Intentionally excluded:
* Old/random drivers I didn't recognize
  * Old hardware in general
* Use of "busses" in code as identifiers

No functional change.

http://grammarist.com/spelling/buses-busses/

PR:		216099
Reported by:	bltsrc at mail.ru
Sponsored by:	Dell EMC Isilon
2017-01-15 17:54:01 +00:00
mav
4a119ba4d4 Make camcontrol cmd ... -i ... return only valid bytes.
Previously code ignored resid field and returned extra zeroes in case of
data underflow.  Now it returns only real bytes received from target.

MFC after:	2 weeks
2017-01-15 12:24:23 +00:00
mav
3b220ad926 Add checks for received mode page length.
If our buffer is too small, we may receive part of the page, and should
not try read/write past the end of the buffer.

Reported by:	Coverity
CID:		1368374, 1368375
MFC after:	1 week
2017-01-10 20:52:44 +00:00
allanjude
9742b0cd91 Add skein(3) front ends to the md5 manpage
Reported by:	emaste
2017-01-07 19:43:40 +00:00
mav
3d14c893de Make 'camcontrol modepage' support subpages.
MFC after:	2 weeks
2017-01-07 09:56:12 +00:00
mav
81f5731a26 Make do_buff_decode() not read past the end of the buffer.
Abort format processing as soon as we have no enough data.

MFC after:	2 weeks
2017-01-07 09:33:11 +00:00
adrian
c7adf86d6f [ifconfig] add initial VHT (802.11ac) configuration and channel support to ifconfig.
This is very preliminary and mostly enough for me (with other patches)
to work on VHT support.

It adds:

* VHT20, VHT40 and VHT80 regulatory/band awareness
* VHT20, VHT40 and VHT80 channel configuration / population
* Parses vht channel specifications (eg ifconfig wlan0 create wlandev athp0 wlanmode monitor channel 36:vht/80)
* Configuration of VHT, VHT40, VHT80, VHT80+80, VHT160 channel
  width (IEEE80211_FVHT_VHT* flags in net80211)

TODO:

* No VHT80+80 or VHT160 channels yet - I don't yet have hardware, and I'm
  not yet sure how to support/populate VHT80+80 channels.
* No, I won't update the manpage until this is "more done", lest someone
  tries using vht and gets upset with me.
* No, I won't commit the regulatory database I'm testing with, so you'll
  just end up with no VHT channels ever populated.  Which is good, as there
  isn't an 11ac driver in-tree yet to try it with.
2017-01-07 02:07:05 +00:00
dim
ec67c93f53 Fix clang 4.0.0 warnings about taking the address of a packed member of
struct ip in ping(8):

sbin/ping/ping.c:1684:53: error: taking address of packed member
'ip_src' of class or structure 'ip' may result in an unaligned pointer
value [-Werror,-Waddress-of-packed-member]
        (void)printf(" %s ", inet_ntoa(*(struct in_addr *)&ip->ip_src.s_addr));
                                                           ^~~~~~~~~~~~~~~~~
sbin/ping/ping.c:1685:53: error: taking address of packed member
'ip_dst' of class or structure 'ip' may result in an unaligned pointer
value [-Werror,-Waddress-of-packed-member]
        (void)printf(" %s ", inet_ntoa(*(struct in_addr *)&ip->ip_dst.s_addr));
                                                           ^~~~~~~~~~~~~~~~~

MFC after:	3 days
2017-01-06 18:41:28 +00:00
kib
7c67dd5f60 Use type-independent formats for printing nlink_t and ino_t.
Extracted from:	ino64 work by gleb, mckusick
Discussed with:	mckusick
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2017-01-06 16:59:33 +00:00
asomers
f1c6fc5f44 Remove dead code in dhclient(8)
The offending code has been dead ever since the import from OpenBSD in
r195805.  OpenBSD later deleted that entire function.

Reported by:	Coverity
CID:		500059
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
2017-01-04 18:13:05 +00:00
avos
3d936fef32 sysctl(8): fix typename for uint32_t.
MFC after:	5 days.
2016-12-31 12:39:15 +00:00
marius
35fedb74e5 Fix a bug in r272840; given that the optlen parameter of setsockopt(2)
is a 32-bit socklen_t, do_get3() passes the kernel to access the wrong
32-bit half on big-endian LP64 machines when simply casting the 64-bit
size_t optlen to a socklen_t pointer.
While at it and given that the intention of do_get3() apparently is to
hide/wrap the fact that socket options are used for communication with
ipfw(4), change the optlen parameter of do_set3() to be of type size_t
and as such more appropriate than uintptr_t, too.

MFC after:	3 days
2016-12-28 23:34:28 +00:00
loos
c411c7577d Fix the parsing of NPt binat rules.
In this specific case the src address can be set to any, which was not
accepted prior to this commit.

pfSense bug report:	https://redmine.pfsense.org/issues/6985
Reviewed by:	kp
Obtained from:	pfSense
MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC (Netgate)
2016-12-28 16:16:48 +00:00
brooks
c766e68574 Convert tunefs use to nmount(2)
Reviewed by:	jhb, emaste
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D8822
2016-12-22 00:35:12 +00:00
brooks
9539e15fc7 Add a free_iovec() function to reset iovec's.
The primary purpose is to call nmount() in a loop with new iovec's so
free_iovec takes arguments by reference and resets their values.

Reviewed by:	cem
MFC after:	1 week
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D8513
2016-12-14 21:26:43 +00:00
avos
fd1ed421b2 ifconfig: do not truncate SSID in verbose mode.
Fix 32-character SSID abbreviation for 'ifconfig -v wlan0 scan' command.

PR:		215301
Submitted by:	<ms-freebsd-bugzilla@stoffnet.at>
MFC after:	4 days
2016-12-14 21:12:43 +00:00
brueffer
50773e0271 Language and mdoc cleanup. 2016-12-13 18:15:11 +00:00
ngie
701bd24bf4 Cut to the chase and just call free instead of free(x) + x = NULL
NULLing out x wasn't required as the memory was immediately scribbled
over with strdup in the following call.

MFC after:	1 week
Submitted by:	imp
2016-12-10 23:58:14 +00:00
ngie
09c987d4c9 free/NULL out variables prior to calling strdup to avoid leaking memory
if arguments are specified more than once with "camcontrol timestamp".

CID:		1366829, 1366831
MFC after:	1 week
2016-12-10 23:26:34 +00:00
def
f63c437216 Add support for encrypted kernel crash dumps.
Changes include modifications in kernel crash dump routines, dumpon(8) and
savecore(8). A new tool called decryptcore(8) was added.

A new DIOCSKERNELDUMP I/O control was added to send a kernel crash dump
configuration in the diocskerneldump_arg structure to the kernel.
The old DIOCSKERNELDUMP I/O control was renamed to DIOCSKERNELDUMP_FREEBSD11 for
backward ABI compatibility.

dumpon(8) generates an one-time random symmetric key and encrypts it using
an RSA public key in capability mode. Currently only AES-256-CBC is supported
but EKCD was designed to implement support for other algorithms in the future.
The public key is chosen using the -k flag. The dumpon rc(8) script can do this
automatically during startup using the dumppubkey rc.conf(5) variable.  Once the
keys are calculated dumpon sends them to the kernel via DIOCSKERNELDUMP I/O
control.

When the kernel receives the DIOCSKERNELDUMP I/O control it generates a random
IV and sets up the key schedule for the specified algorithm. Each time the
kernel tries to write a crash dump to the dump device, the IV is replaced by
a SHA-256 hash of the previous value. This is intended to make a possible
differential cryptanalysis harder since it is possible to write multiple crash
dumps without reboot by repeating the following commands:
# sysctl debug.kdb.enter=1
db> call doadump(0)
db> continue
# savecore

A kernel dump key consists of an algorithm identifier, an IV and an encrypted
symmetric key. The kernel dump key size is included in a kernel dump header.
The size is an unsigned 32-bit integer and it is aligned to a block size.
The header structure has 512 bytes to match the block size so it was required to
make a panic string 4 bytes shorter to add a new field to the header structure.
If the kernel dump key size in the header is nonzero it is assumed that the
kernel dump key is placed after the first header on the dump device and the core
dump is encrypted.

Separate functions were implemented to write the kernel dump header and the
kernel dump key as they need to be unencrypted. The dump_write function encrypts
data if the kernel was compiled with the EKCD option. Encrypted kernel textdumps
are not supported due to the way they are constructed which makes it impossible
to use the CBC mode for encryption. It should be also noted that textdumps don't
contain sensitive data by design as a user decides what information should be
dumped.

savecore(8) writes the kernel dump key to a key.# file if its size in the header
is nonzero. # is the number of the current core dump.

decryptcore(8) decrypts the core dump using a private RSA key and the kernel
dump key. This is performed by a child process in capability mode.
If the decryption was not successful the parent process removes a partially
decrypted core dump.

Description on how to encrypt crash dumps was added to the decryptcore(8),
dumpon(8), rc.conf(5) and savecore(8) manual pages.

EKCD was tested on amd64 using bhyve and i386, mipsel and sparc64 using QEMU.
The feature still has to be tested on arm and arm64 as it wasn't possible to run
FreeBSD due to the problems with QEMU emulation and lack of hardware.

Designed by:	def, pjd
Reviewed by:	cem, oshogbo, pjd
Partial review:	delphij, emaste, jhb, kib
Approved by:	pjd (mentor)
Differential Revision:	https://reviews.freebsd.org/D4712
2016-12-10 16:20:39 +00:00
imp
b6004b8cf9 Implement Intel's log page 0xc1 (Read Command Latency Log) and page
0xc1 (Write Command Latency Log).

Sponsored By: Netflix, Inc
2016-12-09 23:37:14 +00:00
imp
7e275564b4 Fix Typo 2016-12-07 21:47:14 +00:00
vangyzen
e39f3fbb42 Add rcorder-visualize.sh, which generates graphviz from rc.d scripts
This is imported from NetBSD.  The author--Joerg Sonnenberger--agreed
to apply a two-clause BSD license, just so the license was clear.

This source tree location matches NetBSD, and is the first place someone
might look for such a tool.

Obtained from:	Joerg Sonnenberger via NetBSD
MFC after:	3 days
Sponsored by:	Dell EMC
2016-12-06 15:49:39 +00:00
adrian
496cc8500c [camcontrol] init ts=0 to quieten gcc.
It "looks" like ts is set to something on success, and not modified on
error.

Checked on IRC with: cem
2016-12-03 20:35:39 +00:00
imp
bbaf65343e Flag the vendor specific pages as such. This allows different decoding
for the same page number as different vendors encode vendor specific
pages differently.
2016-12-02 14:44:45 +00:00
ken
4d0373ddef Add SCSI REPORT TIMESTAMP and SET TIMESTAMP support.
This adds support to camcontrol(8) and libcam(3) for getting and setting
the time on SCSI protocol drives.  This is more commonly found on tape
drives, but is a SPC (SCSI Primary Commands) command, and may be found
on any device that speaks SCSI.

The new camcontrol timestamp subcommand allows getting the current device
time or setting the time to the current system time or any arbitrary time.

sbin/camcontrol/Makefile:
	Add timestamp.c.

sbin/camcontrol/camcontrol.8:
	Document the new timestamp subcommand.

sbin/camcontrol/camcontrol.c:
	Add the timestamp subcommand to camcontrol.

sbin/camcontrol/camcontrol.h:
	Add the timestamp() function prototype.

sbin/camcontrol/timestamp.c:
	Timestamp setting and reporting functionality.

sys/cam/scsi/scsi_all.c:
	Add two new CCB building functions, scsi_set_timestamp() and
	scsi_report_timestamp().  Also, add a new helper function,
	scsi_create_timestamp().

sys/cam/scsi/scsi_all.h:
	Add CDB and parameter data for the the set and report timestamp
	commands.

	Add function declarations for the new CCB building and helper
	functions.

Submitted by:	Sam Klopsch
Sponsored by:	Spectra Logic
MFC After:	2 weeks
2016-12-01 22:20:27 +00:00
imp
00980aa775 Simplify test. 2016-12-01 04:35:38 +00:00
mav
7acb1dbb48 Add gmirror create subcommand, alike to gstripe, gconcat, etc.
It is quite specific mode of operation without storing on-disk metadata.
It can be useful in some cases in combination with some external control
tools handling mirror creation and disks hot-plug.

MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
2016-11-30 09:27:08 +00:00
oleg
2f47929e75 Fix 'ipfw delete set N':
do not emit meaningless 'rule 0 not found' warning if set was already empty.

MFC after:	1 week
2016-11-29 10:43:58 +00:00
brooks
ba54a678f6 Allocate a struct ifreq rather than using a (wrong) computed size for
the BIOCSETIF ioctl.

The kernel always copies an entire struct ifreq and IPv4 addresses will
always fit in an ifreq.

On systems with pointers larger than 64-bits, the computed size will be
less than the size of struct ifreq, potentially resulting in the kernel
attempting to copyin memory from outside the allocation.

Reviewed by:	jhb
Obtained from:	CheriBSD
MFC after:	1 week
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D8445
2016-11-22 22:45:15 +00:00
rmacklem
655307b888 Modify umount so that it does not do an Unmount RPC for NFSv4 mounts
and uses TCP for the Unmount RPC if the mount is over TCP.
Without this patch, umount does an Unmount RPC over UDP for all NFS mounts.

Suggested by:	cperciva
Reviewed by:	cperciva
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D8503
2016-11-19 23:58:50 +00:00
imp
9feb36eb5f i386 turns out to not have __uint128_t. So confusingly use 64-bit math
instead. Since we're little endian, we can get away with it. Also,
since the counters in quesitons would require billions of iops for
tens of billions of seconds to overflow, and since such data rates are
unlikely for people using i386 for a while, that's OK. The fastest
cards today can't do even a million IOPs.

Noticed by: dim@
Sponsored by: Netflix, Inc
2016-11-19 21:46:13 +00:00
imp
7e572bdcfd Decode the Intel-specific Additional SMART data page (0xca) and print
it in human readable form. Include a pointer to the public spec that
was followed to implement this in the code. Samsung also implements
page 0xca on some of their drives, but the format is slighly
different, so the code skips printing zero keys. Samsung's log page
has additional, unknown data after the end of Intel defined data which
isn't displayed.

Supported by: Netfix, Inc
2016-11-19 17:13:12 +00:00
imp
026202c479 Implement HGST Log page 0xc1, as documented in the HGST SN100 and
SN150 product manuals. Subpage 0x32 is documented, but not implemented.

Sponsored by: Netflix, Inc
2016-11-19 17:13:08 +00:00
imp
cc89adf060 Print Intel's expanded Temperature log page.
Sponsored by: Netflix, Inc
2016-11-19 17:13:03 +00:00
imp
69c12da21d Expand the SMART / Health Information Log Page (Page 02) printout
based on NVM Express 1.2.1 Standard.

Sponsored by: Netflix, Inc
2016-11-19 17:12:49 +00:00
imp
f1ad1b0c5a Print numbers instead of hex values for smart data. The full 128-bit
number is printed, even though you'd need like a billion IOPs for a 10
billion seconds to overflow the 64-bit counters (~300 years).

Sponsored by: Netflix, Inc
2016-11-19 17:12:44 +00:00
imp
6e58f09711 Use a table for pages we know the size of. We have a special case for
the error log since it isn't a fixed size.

Sponsored by: Netflix, Inc
2016-11-19 17:12:39 +00:00
imp
2a51f16fac Remove check for valid log pages. Let the drive tell us which pages
are valid or not. While many pages are reserved in the standard, that
doesn't make them invalid and future versions of the standard may
define then.

Sponsored by: Netflix, Inc
2016-11-19 17:12:28 +00:00
adrian
5db09a0fbf [ifconfig] remove now duplicate IEEE80211_C_BITS definition; it's now in _ieee80211.h .
Reviewed by:	avos
Differential Revision:	https://reviews.freebsd.org/D8553
2016-11-18 21:12:36 +00:00
loos
f720186b23 Zero etherswitch_vlangroup structure before doing partial assignments.
MFC after:	3 days
Sponsored by:	Rubicon Communications, LLC (Netgate)
2016-11-17 19:02:25 +00:00
ae
eaf81b99c6 Add missing support of named lookup tables to the IPv6 code.
PR:		214419
MFC after:	1 week
Sponsored by:	Yandex LLC
2016-11-15 07:13:16 +00:00
bdrewery
fa5e66f74b DIRDEPS_BUILD: Update dependencies.
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2016-11-13 00:11:30 +00:00
bdrewery
d54a46a6a5 DIRDEPS_BUILD: Connect new dependencies.
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2016-11-13 00:11:23 +00:00
kp
df497bd192 pfctl: fix nested inline anchors
Import the OpenBSD fix for nested inline anchors.

PR:		196314
Submitted by:	krichy@cflinux.hu
Obtained from:	OpenBSD
2016-11-10 18:41:43 +00:00
bdrewery
30f99dbeef Fix improper use of "its".
Sponsored by:	Dell EMC Isilon
2016-11-08 23:59:41 +00:00
gavin
7a6bca94ef Remove MATCHOUI macro, unused since r197980. 2016-11-01 22:03:36 +00:00
br
616edae0fe Fix alignment issues on MIPS: align the pointers properly.
All the 5520 GEOM_ELI tests passed successfully on MIPS64EB.

Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
Differential Revision:	https://reviews.freebsd.org/D7905
2016-10-31 16:55:14 +00:00
avg
c573dff5b0 zfsbootcfg: a simple tool to set next boot (one time) options for zfsboot
(gpt)zfsboot will read one-time boot directives from a special ZFS pool
area.  The area was previously described as "Boot Block Header", but
currently it is know as Pad2, marked as reserved and is zeroed out on
pool creation.  The new code interprets data in this area, if any, using
the same format as boot.config.  The area is immediately wiped out.
Failure to parse the directives results in a reboot right after the
cleanup.  Otherwise the boot sequence proceeds as usual.

zfsbootcfg writes zfsboot arguments specified on its command line to the
Pad2 area of a disk identified by vfs.zfs.boot.primary_pool and
vfs.zfs.boot.primary_vdev kenv variables that are set by loader during
boot.  Please see the manual page for more.

Thanks to all who reviewed, contributed and made suggestions!  There are
many potential improvements to the feature, please see the review for
details.

Reviewed by:	wblock (docs)
Discussed with:	jhb, tsoome
MFC after:	3 weeks
Relnotes:	yes
Differential Revision: https://reviews.freebsd.org/D7612
2016-10-29 14:09:32 +00:00
jilles
961d4ea064 swapoff: Remove only late devices with -aL.
Currently, '/etc/rc.d/swaplate stop' removes all swap devices. This can be
very slow and may not even be possible if there is a lot of swap space in
use. However, removing swap devices is only needed for late swap devices
that may depend on daemons that subsequent shutdown steps stop. Normal swap
devices such as hard disk partitions will remain available throughout the
shutdown process and need not be removed.

In swapoff, interpret -aL to remove late swap devices only, and use this in
etc/rc.d/swaplate. The meaning of -aL in swapon remains unchanged (add all
swap devices, both normal and late).

PR:		187081
Reviewed by:	wblock (man page only), ngie
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D8126
2016-10-21 21:55:50 +00:00
ken
74fd15a8f4 Fix a problem in camcontrol(8) that cropped up with r307684.
In r307684, I changed rescan_or_reset_bus() to bzero stack-allocated CCBs
before sending them to the kernel because there was stack garbage in there
that wound up meaning that bogus CCB flags were set.

While this fixed the 'camcontrol rescan all' case (XPT_DEV_MATCH CCBs were
failing previously), it broke the 'camcontrol rescan 0' (or any other
number) case when INVARIANTS are turned on.  Rescanning a single bus
reliably produced an assert in cam_periph_runccb():

panic: cam_periph_runccb: ccb=0xfffff80044ffe000, func_code=0x708, flags=0xffffdde0

The flags values don't make sense from the code.  Changing the CCBs in
rescan_or_reset_bus() from stack to heap allocated avoids the problem.

It would be better to understand why userland stack allocated CCBs don't
work properly, since there may be other code that breaks if stack allocated
CCBs don't work.

sbin/camcontrol/camcontrol.c:
	In rescan_or_reset_bus(), allocate the CCBs using malloc(3) instead
	of on the stack to avoid an assertion in cam_periph_runccb().

MFC after:	3 days
Sponsored by:	Spectra Logic
2016-10-21 18:54:56 +00:00
ken
8dfb293335 For CCBs allocated on the stack, we need to clear the entire CCB, not just
the header.  Otherwise stack garbage can lead to random flags getting set.

This showed up as 'camcontrol rescan all' failing with EINVAL because the
address type wasn't CAM_DATA_VADDR.

sbin/camcontrol/camcontrol.c:
	In rescan_or_reset_bus(), bzero the stack-allocated CCBs before
	use instead of clearing the body.

MFC after:	3 days
Sponsored by:	Spectra Logic
2016-10-20 19:42:26 +00:00
emaste
c93e21e3ee md5: enter capability on last fd or when acting as a filter
Reviewed by:	allanjude, cem
MFC after:	2 months
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D8271
2016-10-19 21:07:17 +00:00
ae
095c3cdc33 Add support for non-contiguous IPv6 masks in ipfw(8) rules.
For example fe::640:0:0/ffff::ffff:ffff:0:0 will match
addresses fe:*:*:*:0:640:*:*

Submitted by:	Eugene Mamchits <mamchits at yandex-team dot ru>
Obtained from:	Yandex LLC
MFC after:	2 weeks
Sponsored by:	Yandex LLC
2016-10-18 15:14:46 +00:00
kp
3fbefcb2d1 pf: port extended DSCP support from OpenBSD
Ignore the ECN bits on 'tos' and 'set-tos' and allow to use
DCSP names instead of having to embed their TOS equivalents
as plain numbers.

Obtained from:	OpenBSD
Sponsored by:	OPNsense
Differential Revision:	https://reviews.freebsd.org/D8165
2016-10-13 20:34:44 +00:00
allanjude
8dac0e547a Fix spurious white space introduced in r301059
r301059 accidently introduced a subtle change for point to point interfaces
where an extra space is inserted before the netmask. This can cause issues
for scripts that parse ifconfig output.

Submitted by:	Kevin Bowling <kevin.bowling@kev009.com>
Reviewed by:	hiren
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D8199
2016-10-09 03:20:58 +00:00
sevan
ed345a1d5f Sort SEE ALSO section sequentially.
Highlighted by mandoc -Tlint

PR:		212440
Approved by:	imp
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D8192
2016-10-08 12:53:23 +00:00
adrian
6614f8efef [ifconfig] correctly display RSSI. 2016-10-08 01:00:31 +00:00
kib
a452be0c3c Add verbosity around failed reboot(2) call.
Sponsored by:	The FreeBSD Foundation
MFC after:	3 weeks
2016-10-07 13:43:38 +00:00
kib
c7d05abb4c When making a pause after detecting hard kill of the single-user
shell, ensure that we do sleep for at least the specified time, in
presence of signals.

Interrupted sleep(3) is followed by _exit(), which might cause 'Going
nowhere without my init' panic if init(8) exits before the reboot(2)
really started, or before SIGTSTP stopped init(8) (both events are
initiated by the parallel reboot(8) operation).

I do not see other calls to sleep(STALL_TIMEOUT) as having the same
disasterous consequences and kept them as is until the similar change
is proven required.

Reported and tested by:	Andy Farkas <chuzzwassa@gmail.com>
Sponsored by:	The FreeBSD Foundation
MFC after:	3 weeks
2016-10-07 13:41:28 +00:00
cem
44e4206520 savecore(8): Fix buffer overrun inspecting disks with varying sector size
A premature optimization lead to caching a native-sector sized memory
allocation.  If the program examined a 512 byte sector disk, then a 4096
byte sector disk, the program would overrun the cached 512 byte buffer.

Just remove the optimization to fix the bug.  This was introduced with the 4Kn
dump support in r298076.

Reported by:	markj
Reviewed by:	markj, rpokala
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D8162
2016-10-06 05:16:44 +00:00
sevan
5fcf6553bb Add history section to nos-tun(8)
PR:		212545
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D8104
2016-10-05 20:45:21 +00:00
sevan
b747651fbe Add history section to natd(8)
Fix back sentence raised by igor.

PR:		212544
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D8104
2016-10-05 20:42:35 +00:00
sevan
bc61596e88 Add history section to fsck_ffs(8)
Move sentence to a new line as advised by igor.

PR:		212474
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D8104
2016-10-05 20:38:49 +00:00
sevan
455e5a5c36 Add history section to fsck(8)
PR:		212472
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D8104
2016-10-05 20:31:44 +00:00
sevan
a4231f5c89 Document the history of fdisk based on the original post to comp.unix.bsd by Julian Elischer [1] and the Mach 2.5 Installation notes [2].
I was unable to pin point the exact version of Mach the fdisk utility appeared as I could not find documentation older than version 2.5 & no source code or repo history.
fdisk utility appears as a separate utility[3] in v2.5. Due to this, I have avoided stating the exact version fdisk first appeared in Mach.
Add authors section.

[1] https://groups.google.com/d/topic/comp.unix.bsd/Hhi45vAHxDg/discussion
[2] ftp://ftp.mcs.vuw.ac.nz/doc/misc/mach-i386-doc/i386_install.ps
[3] ftp://ftp.mcs.vuw.ac.nz/doc/misc/mach-i386-doc/i386_manpages.ps

PR:		212470
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D8104
2016-10-05 20:28:04 +00:00
sevan
47c475d402 Document the history of fdisk based on the original post to comp.unix.bsd by Julian Elischer [1] and the Mach 2.5 Installation notes [2].
I was unable to pin point the exact version of Mach the fdisk utility appeared as I could not find documentation older than version 2.5 & no source code or repo history.
fdisk utility appears as a separate utility[3] in v2.5. Due to this, I have avoided stating the exact version fdisk first appeared in Mach.
Add authors section.
Make correction pointed by igor
[1] https://groups.google.com/d/topic/comp.unix.bsd/Hhi45vAHxDg/discussion
[2] ftp://ftp.mcs.vuw.ac.nz/doc/misc/mach-i386-doc/i386_install.ps
[3] ftp://ftp.mcs.vuw.ac.nz/doc/misc/mach-i386-doc/i386_manpages.ps
PR:		212469
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D8104
2016-10-05 20:21:06 +00:00
sevan
62f27c743a Add history section for devfs(8)
Move sentence to a new line as advised by igor.

PR:		212441
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D8104
2016-10-05 20:08:07 +00:00
sevan
1a20feda7f Add history section for devd(8)
Move sentence to a new line as advised by igor

PR:		212439
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D8104
2016-10-05 20:04:36 +00:00
sevan
f241958df7 Add history section for clri(8)
http://minnie.tuhs.org/cgi-bin/utree.pl?file=V6/usr/man/man8/clri.8

PR:		212438
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D8104
2016-10-05 20:01:09 +00:00
sevan
d73f706378 Add history section for bsdlabel(8)
http://minnie.tuhs.org/cgi-bin/utree.pl?file=4.3BSD-Tahoe/usr/man/cat8/disklabel.0
Remove tab after space, highlighted by igor

PR:		212436
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D8104
2016-10-05 19:56:10 +00:00
sevan
b94ac60e03 Add history section for atmconfig(8)
PR:		212415
Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D8104
2016-10-05 19:49:48 +00:00
kp
077476b686 pf: remove fastroute tag
The tag fastroute came from ipf and was removed in OpenBSD in 2011. The code
allows to skip the in pfil hooks and completely removes the out pfil invoke,
albeit looking up a route that the IP stack will likely find on its own.
The code between IPv4 and IPv6 is also inconsistent and marked as "XXX"
for years.

Submitted by:	Franco Fichtner <franco@opnsense.org>
Differential Revision:	https://reviews.freebsd.org/D8058
2016-10-04 19:35:14 +00:00
sevan
6061fc04a9 shutdown appeared as a standalone utility in 4.1BSD.
http://mail-index.netbsd.org/source-changes-d/2016/09/13/msg008686.html
http://mail-index.netbsd.org/source-changes-d/2016/09/14/msg008691.html
PR:		212552
Approved by:	bcr (mentor)
Obtained from:	NetBSD
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-03 00:55:18 +00:00
sevan
21757e3a35 setkey appeared in FreeBSD 4.0
PR:		212551
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-03 00:42:25 +00:00
sevan
97508cc564 sconfig appeared in FreeBSD 5.2.
PR:		212550
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-03 00:40:20 +00:00
sevan
c28389fc20 Note the version PF first appeared in FreeBSD & from which version it was ported from.
Address the contractions raised by igor.

PR:		212574
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-03 00:35:14 +00:00
sevan
d4b8228a58 Note the change of name in FreeBSD 5.0.
PR:		212542
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-03 00:31:58 +00:00
sevan
c39457d039 Note the name change from mount_null to mount_nullfs in FreeBSD 5.0.
PR:		212541
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-03 00:28:42 +00:00
sevan
932348ce3d Amend history to mention predecessor originated from 386BSD[1] & current implementation from NetBSD[2].
Reword history since the utility was renamed once more in FreeBSD 5.0.
Separate out author & historical information regarding character code conversion.
Add AUTHORS section.

[1] https://groups.google.com/forum/#!search/mount_pcfs.c/comp.unix.bsd/9qhH0v1tZm0/inlPnXZj_2sJ
[2] http://cvsweb.netbsd.org/bsdweb.cgi/src/sbin/mount_msdos/mount_msdos.c?rev=1.6&content-type=text/x-cvsweb-markup

PR:		212536
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-03 00:25:15 +00:00
sevan
7c050d6b74 Note mount_fusefs appeared in FreeBSD 10.
Move note regarding implementation to caveats.
Address issued raised by Igor.

PR:		212513
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-03 00:16:16 +00:00
sevan
d49b48358c mksnap_ffs appeared in FreeBSD 5.1.
PR:		212510
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-02 23:59:31 +00:00
sevan
31bba828a2 mknod appeared in V4 UNIX
http://minnie.tuhs.org/cgi-bin/utree.pl?file=V4/man/man8/mknod.8

PR:		212509
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-02 23:56:08 +00:00
sevan
1099f3c184 init was there in UNIX from V1
http://minnie.tuhs.org/cgi-bin/utree.pl?file=V1/init.s

PR:		212503
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-02 23:51:13 +00:00
sevan
23e6cd211f gbde first appeared in FreeBSD 5.0
PR:		212478
Approved by:	brc (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-02 23:48:33 +00:00
sevan
675c34f7d8 Document which version of BSD first showed up in and add the version info
for NetBSD & FreeBSD.

PR:		212477
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-02 23:44:52 +00:00
sevan
5fd7f8475a Mention the version of NetBSD the utility originated from.
PR:		212476
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-02 23:40:17 +00:00
sevan
59111b0218 dumpon(8) appears to be present in FreeBSD 2.0.5,
despite initial import of man page listed FreeBSD 2.1.

PR:		212445
Approved by:	bcr (mentor)
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-02 23:35:45 +00:00
sevan
be0724baae dump(8) first appeared in V4 UNIX
http://minnie.tuhs.org/cgi-bin/utree.pl?file=V4/man/man8

PR:		212444
Approved by:	bcr (mentor)
Obtained from:	TUHS
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-02 23:30:28 +00:00
sevan
9ad0be57c0 dmesg(8) first appeared in 3BSD.
http://minnie.tuhs.org/cgi-bin/utree.pl?file=3BSD/usr/man/man1/dmesg.1m

PR:		212443
Approved by:	bcr (mentor)
Obtained from:	TUHS
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-02 23:26:41 +00:00
sevan
415b773036 ccdconfig first appeared in NetBSD 1.1
From NetBSD man page, confirmed with repo tags in CVS [1]
(there was also no 1.0a release according to [2])

[1] http://cvsweb.netbsd.org/bsdweb.cgi/src/sbin/ccdconfig/ccdconfig.c
[2] http://netbsd.org/releases/formal.html#history

PR:		212437
Approved by:	bcr (mentor)
Obtained from:	NetBSD
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D8105
2016-10-02 23:19:05 +00:00
jilles
7d32c7f32a swapon(8): Update to reality: swapoff ignores -L and the late option in fstab.
MFC after:	1 week
2016-10-02 15:01:31 +00:00
sevan
a927d7f09c Igor suggested moving sentence to new line.
Zap traililng whitespace.

PR:		212447
Approved by:	bcr (mentor)
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D8116
2016-10-02 14:32:04 +00:00
araujo
3be19b292d Indicate that this is a locally administered MAC address.
Submitted by:	lidl
Differential Revision:	https://reviews.freebsd.org/D7903
2016-09-27 17:37:23 +00:00
br
5a8cc77262 Use bsdlabel as we don't have hardlink disklabel -> bsdlabel on MIPS.
Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
2016-09-26 14:01:41 +00:00
asomers
ca02d20de1 Mount msdosfs with longnames support by default.
The old behavior depended on the FAT version and on what files were in the
root directory. "mount_msdosfs -o shortnames" is still supported.

Reviewed by:	wblock, cem
Discussed with:	trasz, adrian, imp
MFC after:	4 weeks
X-MFC-Notes:	Don't MFC the removal of findwin95
Differential Revision:	https://reviews.freebsd.org/D8018
2016-09-23 19:05:07 +00:00
cem
df343ad2c2 dhclient(8): Enable numbered user class ID option
By adding it to the option priorities table.

PR:		184117
Submitted by:	Lowell Gilbert <freebsd-bugs-local at be-well.ilk.org>
Reported by:	Tomek CEDRO <cederom at tlen.pl>
Reviewed by:	jhb
Differential Revision:	https://reviews.freebsd.org/D7911
2016-09-20 19:21:41 +00:00
pfg
b04abc7966 mount(1): Simplify by using asprintf(3)
Instead of strlen() + malloc() + snprintf, just use asprintf().
No functional change.

Obtained from:	OpenBSD (CVS Rev. 1.67)
2016-09-19 18:42:58 +00:00
kib
90ee5f51f2 Consolidate four efi_next_descriptor() definitions.
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2016-09-18 17:38:02 +00:00
araujo
f6b47f4ebd Invert calloc(3) argument order.
Reviewed by:	ed.
MFC after:	4 weeks.
Differential Revision:	https://reviews.freebsd.org/D7902
2016-09-16 05:33:08 +00:00
allanjude
55b247843a Add missing history sections to a number of storage related man pages
gmultipath.8: Add HISTORY
	Adjust sentences with bad phrases picked up by igor

ggatec.8: Add HISTORY

ggated.8: Add HISTORY

ggatel.8: Add HISTORY
	Seperate out sentence as advised by igor.

hastctl.8: Add HISTORY

hastd.8: Add HISTORY
	Fix sentence highlighted by igor.

iscontrol.8: Add HISTORY

mdmfs.8: Add HISTORY
	Address issues raised by igor

mount_nfs.8: Add HISTORY
	Not sure where mount_nfs first showed up, but the verison used
	in the BSD's originates from 4.4BSD according to CSRG archive.

	Though commercial offerings from Sun and others covers older
	systems, eg https://groups.google.com/forum/#!topic/net.unix-wizards/lMe7aQikqJI

nandfs.8: Add HISTORY
	Adjust sentence in description to address bad phrase highlighted
	by igor.

nvmecontrol.8: Add HISTORY

PR:		212491
PR:		212498
PR:		212499
PR:		212500
PR:		212501
PR:		212502
PR:		212505
PR:		212508
PR:		212540
PR:		212543
PR:		212546
Submitted by:	Sevan Janiyan <venture37@geeklan.co.uk>
2016-09-16 04:28:31 +00:00
araujo
df5ed9f418 Add an option called "random" that combined with "ether" can generate a
random MAC address for an Ethernet interface.

PR:		211984
Submitted by:	pi@
Reviewed by:	gnn, cem, jhb, lidl, rpokala, wblock
Approved by:	wblock (manpages)
2016-09-16 04:22:21 +00:00
allanjude
1596cb1583 sbin/umount/umount.8: Amend HISTORY
umount first appeared in V1, confirmed using TUHS archive
http://minnie.tuhs.org/cgi-bin/utree.pl?file=V1/man/man1/umount.1

PR:		212554
Submitted by:	Sevan Janiyan <venture37@geeklan.co.uk>
2016-09-16 04:12:32 +00:00
allanjude
858c27ed85 sbin/reboot/reboot.8: Amend HISTORY
A standalone reboot utility showed up in 4.0BSD, in AT&T UNIX init has a
case for reboot and is present in the version shipped with V5

either way, current entry is incorrect.

PR:		212548
Submitted by:	Sevan Janiyan <venture37@geeklan.co.uk>
2016-09-16 04:11:04 +00:00
allanjude
58c9c08779 sbin/rcorder/rcorder.8: Amend HISTORY
rcorder appeared in FreeBSD 5.0.
Address issues raised by igor.

PR:		212547
Submitted by:	Sevan Janiyan <venture37@geeklan.co.uk>
2016-09-16 04:08:34 +00:00
cem
413d779950 dhclient: add support for interface-mtu (26)
Make dhclient set interface MTU if it was provided.

This version implements MTU setting in dhclient itself before it runs
dhclient-script.

PR:		206721
Submitted by:	novel@
Reported by:	Jarrod Petz <jlpetz at gmail.com>
Reviewed by:	cem, allanjude
Differential Revision:	https://reviews.freebsd.org/D5675
2016-09-02 21:14:29 +00:00
imp
03c74f1333 The code only converts from bpbHugeSectors to bpbSectors if the sum of
the hidden and huge sectors is less than or equal MAXU16. When
formatting in Windows bpbSectors is still used for 63488 sectors and
2048 hidden (sum > MAXU16). The hidden sectors count is the number of
sectors before the FAT16 Boot Record so it shouldn't affect the sector
count. Attached patch (huge_sec_conversion.patch) to only check for
bpb.bpbHugeSectors <= MAXU16 when converting to bpbSectors.

Submitted by: Guy Yur
PR: 183234
2016-08-30 18:01:26 +00:00
imp
f362638c4f Remove CHS alignment. It's not needed and causes problems for the BBB
boot partition. NetBSD removed it in 1.10 in their repo some time ago.

Submitted by: Guy Yur
PR: 183234
2016-08-30 18:01:19 +00:00
dim
4bd23e1b61 Define hastd's STRICT_ALIGN macro in a defined and portable way.
MFC after:	3 days
2016-08-28 21:26:11 +00:00
ak
937417c103 Remove last remnants of acd(4), mcd(4), and scd(4) drivers.
Approved by:	jhb
2016-08-25 19:36:58 +00:00
mav
cfd6778db0 Fix minor copy/paste bug.
Submitted by:	Dmitry Luhtionov <dmitryluhtionov@gmail.com>
MFC after:	1 week
2016-08-24 15:13:42 +00:00
badger
74fd002fd4 Fix missing substitution of @SBINDIR@ in resolvconf scripts
Certain features, such as resolv_conf_passthrough=NULL, do not work
correctly due to this missing substitution.

Also remove the @PREFIX@ substitution, which is no longer needed.

Reviewed by:	pfg
Approved by:	vangyzen (mentor)
MFC after:	1 week
Sponsored by:	Dell Inc.
Differential Revision:	https://reviews.freebsd.org/D7572
2016-08-23 02:06:20 +00:00
bz
55cbdc7ad3 Remove the kernel optoion for IPSEC_FILTERTUNNEL, which was deprecated
more than 7 years ago in favour of a sysctl in r192648.
2016-08-21 18:55:30 +00:00
mckusick
0a6411edec Fsck_ufs was using an int rather than a ufs2_daddr_t to store the
alternate superblock location when given in the -b option. When int
is 32-bits, block numbers larger than 2^32 would get truncated. This
commit changes the storage fpr the alternate superblock location
to a ufs2_daddr_t.

Submitted by: Dmitry Sivachenko <trtrmitya@gmail.com>
2016-08-19 00:03:41 +00:00
ae
fe7e60ec8a Add an ability to attach comment to check-state rules.
MFC after:	1 week
2016-08-14 18:34:16 +00:00
ae
de0a5f6a76 Do not warn about ambiguous state name when we inspect a comment token.
Reported by:	lev
2016-08-14 18:05:41 +00:00
ae
c20dcf312d Make statistics nat64lsn, nat64stl an nptv6 output netstat-like:
"@value @description" and fix build due to -Wformat errors.
2016-08-14 13:17:55 +00:00
ae
fbd6330956 Add stats reset command implementation to NPTv6 module
to be able reset statistics counters.

Obtained from:	Yandex LLC
Sponsored by:	Yandex LLC
2016-08-13 16:45:14 +00:00
ae
8c03d2551f Add ipfw_nat64 module that implements stateless and stateful NAT64.
The module works together with ipfw(4) and implemented as its external
action module.

Stateless NAT64 registers external action with name nat64stl. This
keyword should be used to create NAT64 instance and to address this
instance in rules. Stateless NAT64 uses two lookup tables with mapped
IPv4->IPv6 and IPv6->IPv4 addresses to perform translation.

A configuration of instance should looks like this:
 1. Create lookup tables:
 # ipfw table T46 create type addr valtype ipv6
 # ipfw table T64 create type addr valtype ipv4
 2. Fill T46 and T64 tables.
 3. Add rule to allow neighbor solicitation and advertisement:
 # ipfw add allow icmp6 from any to any icmp6types 135,136
 4. Create NAT64 instance:
 # ipfw nat64stl NAT create table4 T46 table6 T64
 5. Add rules that matches the traffic:
 # ipfw add nat64stl NAT ip from any to table(T46)
 # ipfw add nat64stl NAT ip from table(T64) to 64:ff9b::/96
 6. Configure DNS64 for IPv6 clients and add route to 64:ff9b::/96
    via NAT64 host.

Stateful NAT64 registers external action with name nat64lsn. The only
one option required to create nat64lsn instance - prefix4. It defines
the pool of IPv4 addresses used for translation.

A configuration of instance should looks like this:
 1. Add rule to allow neighbor solicitation and advertisement:
 # ipfw add allow icmp6 from any to any icmp6types 135,136
 2. Create NAT64 instance:
 # ipfw nat64lsn NAT create prefix4 A.B.C.D/28
 3. Add rules that matches the traffic:
 # ipfw add nat64lsn NAT ip from any to A.B.C.D/28
 # ipfw add nat64lsn NAT ip6 from any to 64:ff9b::/96
 4. Configure DNS64 for IPv6 clients and add route to 64:ff9b::/96
    via NAT64 host.

Obtained from:	Yandex LLC
Relnotes:	yes
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D6434
2016-08-13 16:09:49 +00:00
ae
4500e11f0a Restore "nat global" support.
Now zero value of arg1 used to specify "tablearg", use the old "tablearg"
value for "nat global". Introduce new macro IP_FW_NAT44_GLOBAL to replace
hardcoded magic number to specify "nat global". Also replace 65535 magic
number with corresponding macro. Fix typo in comments.

PR:		211256
Tested by:	Victor Chernov
MFC after:	3 days
2016-08-11 10:10:10 +00:00
ae
c6aaca92fc Fix formatting of setfib opcode.
Zero fib is correct value and it conflicts with IP_FW_TARG.
Use bprint_uint_arg() only when opcode contains IP_FW_TARG,
otherwise just print numeric value with cleared high-order bit.

MFC after:	3 days
2016-08-08 18:30:50 +00:00
ae
357073584e Fix constructing of setdscp opcode with tablearg keyword.
setdscp's argument can have zero value that conflicts with IP_FW_TARG value.
Always set high-order bit if parser doesn't find tablearg keyword.

MFC after:	3 days
2016-08-08 18:10:30 +00:00
loos
e8dc3f01c2 Fix a regression in pf.conf while parsing the 'interval' keyword.
The bug was introduced by r287009.

PR:		210924
Submitted by:	kp@
Sponsored by:	Rubicon Communications (Netgate)
Pointy hat to:	loos
2016-08-05 02:19:03 +00:00
kp
86090567a8 pfctl: Make most global variables static.
This will make it easier to link as a library.

Submitted by:	Christian Mauderer <christian.mauderer@embedded-brains.de>
2016-08-04 19:24:44 +00:00
kp
7f74bdcca7 pfctl: Add missing __FBSDID to pfctl_osfp.c 2016-08-04 19:24:05 +00:00
adrian
d99e1922b9 [etherswitch] add LED API to the documentation and command line tool.
Submitted by:	Dan Nelson <dnelson_1901@yahoo.com>
2016-08-04 17:46:07 +00:00
oshogbo
3f9009779b Fix misleading description of the -b option in the geli init command.
Reviewed by:		bjk, wblock
Differential Revision:	https://reviews.freebsd.org/D7226
Discussed with:		AllanJude
2016-08-03 18:02:10 +00:00
kp
119d258974 pfctl: Use const where possible.
This adds const qualifiers where it is possible.

Submitted by:	Christian Mauderer <christian.mauderer@embedded-brains.de>
2016-08-02 20:32:02 +00:00
kp
7999df886d pfctl: Match prototype of pfctl_load_hostid.
The prototype and the implementation of the pfctl_load_hostid used a
different data type for one of the parameters.

Submitted by:	Christian Mauderer <christian.mauderer@embedded-brains.de>
2016-08-02 19:54:40 +00:00
kp
f9eb7c538a pfctl: Allow TOS bits to be cleared
TOS value 0 is valid, so use 256 as an invalid value rather than zero.
This allows users to enforce TOS == 0 with pf.

Reported by:	Radek Krejča <radek.krejca@starnet.cz>
2016-08-02 15:41:42 +00:00
ae
24f451b374 An old tables implementation had all tables preallocated,
so when user did `ipfw table N flush` it always worked, but now
when table N doesn't exist the kernel returns ESRCH error.
This isn't fatal error for flush and destroy commands. Do not
call err(3) when errno is equal to ESRCH. Also warn only when
quiet mode isn't enabled. This fixes a regression in behavior,
when old rules are loaded from file.
Also use correct value for switch in the table_swap().

Reported by:	Kevin Oberman
MFC after:	3 days
2016-08-01 13:38:48 +00:00
pfg
fcca45d6df resolvconf(8) now needs an additional @RESTARTCMD@ replacement when installing.
After r303062, which brought openresolv 3.8.1, we need to replace an
additional @RESTARTCMD@ in resolvconf.
Apply a read fix this time.

Submitted by:	Guy Yur
X-MFC with:	r303062
2016-07-31 18:14:42 +00:00
pfg
27f5d114c1 resolvconf(8) now needs an additional @RESTARTCMD@ replacement when installing.
After r303062, which brought openresolv 3.8.1, we need to replace an
additional @RESTARTCMD@ in resolvconf.

Reported by:	Guy Yur
X-MFC with:	r303062
2016-07-31 02:54:27 +00:00
araujo
b81bbb0799 Use nitems() from sys/param.h.
Sponsored by:	gandi.net (BSD Day Taiwan)
2016-07-30 06:19:34 +00:00
ae
76a39ff8dc Due to dropped mbuf in netisr queue route(8) can fall into infinity
loop of reading the rtsock's feed. When it used by some scripts,
this leads to growing number of not finished route(8) instances and
thus growing number of rtsock consumers. Add SIGALRM handler to prevent this.

Reviewed by:	melifaro
Obtained from:	Yandex LLC
MFC after:	2 weeks
Sponsored by:	Yandex LLC
2016-07-27 08:26:34 +00:00
des
fb5bb38272 Rewrite the GPT and MBR examples. For GPT, ensure that the boot partition
is large enough for gptzfsboot, which has doubled in size since 10.

PR:		211361
MFC after:	3 days
2016-07-25 11:25:33 +00:00
ae
e679279326 Add named dynamic states support to ipfw(4).
The keep-state, limit and check-state now will have additional argument
flowname. This flowname will be assigned to dynamic rule by keep-state
or limit opcode. And then can be matched by check-state opcode or
O_PROBE_STATE internal opcode. To reduce possible breakage and to maximize
compatibility with old rulesets default flowname introduced.
It will be assigned to the rules when user has omitted state name in
keep-state and check-state opcodes. Also if name is ambiguous (can be
evaluated as rule opcode) it will be replaced to default.

Reviewed by:	julian
Obtained from:	Yandex LLC
MFC after:	1 month
Relnotes:	yes
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D6674
2016-07-19 04:56:59 +00:00
ae
2c47439b3f Add ipfw_nptv6 module that implements Network Prefix Translation for IPv6
as defined in RFC 6296. The module works together with ipfw(4) and
implemented as its external action module. When it is loaded, it registers
as eaction and can be used in rules. The usage pattern is similar to
ipfw_nat(4). All matched by rule traffic goes to the NPT module.

Reviewed by:	hrs
Obtained from:	Yandex LLC
MFC after:	1 month
Relnotes:	yes
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D6420
2016-07-18 19:46:31 +00:00
cy
7caf2cf8de r302561 broke buildworld. This patch fixes that.
MFC after:	3 days
X-MFC with:	r302561
2016-07-11 13:41:40 +00:00
ae
92de0ba37b Flush buffer after output. This fixes adding new data to already
printed flows.

PR:		210882
MFC after:	3 days
2016-07-11 12:44:58 +00:00
trasz
aea1562f16 Add new unmount(2) flag, MNT_NONBUSY, to check whether there are
any open vnodes before proceeding. Make autounmound(8) use this flag.
Without it, even an unsuccessfull unmount causes filesystem flush,
which interferes with normal operation.

Reviewed by:	kib@
Approved by:	re (gjb@)
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D7047
2016-07-07 09:03:57 +00:00
araujo
448dc2b255 Fix a regression introduced on revision r271909, when using argument -g
or several hops we have segmentation fault because we overwrite the same
structure to store information for host and gateway.

Submitted by:	Maryse Levavasseur <maryse.levavasseur@stormshield.eu>
Reworked by:	hrs
Approved by:	re (hrs)
Differential Revision:	https://reviews.freebsd.org/D6980
2016-07-05 07:01:42 +00:00
ae
fbde243b6c Hide warning about non-existent lookup tables and informational messages
about modified table entry when quied mode enabled.

Approved by:	re (hrs)
Obtained from:	Yandex LLC
2016-07-02 11:54:20 +00:00
phk
8c8129e2bd Do not coredump if the packet is too long in the global (non-interface
associated) instance.

The result is that the packet is dropped without an indication
that smaller MTU is advisable, which is not optimal, but better
than a NULL pointer deref.

Approved by:	re (glebius)
2016-06-28 20:10:30 +00:00
asomers
b5c3fb9427 Fix "sysctl vm.vmtotal" output on machines with > 2TB virtual memory
sbin/sysctl/sysctl.c
	Fix integer overflows in printf format strings

PR:		199673
Submitted by:	Vitaly Magerya
Reviewed by:	cem
Approved by:	re (marius)
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D6941
2016-06-24 14:58:37 +00:00
kp
b06d3a64e7 pf: Filter on and set vlan PCP values
Adopt the OpenBSD syntax for setting and filtering on VLAN PCP values. This
introduces two new keywords: 'set prio' to set the PCP value, and 'prio' to
filter on it.

Reviewed by:    allanjude, araujo
Approved by:	re (gjb)
Obtained from:  OpenBSD (mostly)
Differential Revision:  https://reviews.freebsd.org/D6786
2016-06-17 18:21:55 +00:00
avos
9c33c8f38a ifconfig: fix wlan creation when unit number is not provided
(was broken after r300738).

Reported by:	Yoshihiro Ota <ota@j.email.ne.jp>, adrian
Tested by:	Yoshihiro Ota <ota@j.email.ne.jp>
2016-06-08 17:21:15 +00:00
araujo
910fd3b83d Bump date on ifconfig(8) and vlan(4) to reflect the changes made
on revision r301496.
2016-06-08 04:18:57 +00:00
araujo
af4ff984e7 Add support to priority code point (PCP) that is an 3-bit field
which refers to IEEE 802.1p class of service and maps to the frame
priority level.

Values in order of priority are: 1 (Background (lowest)),
0 (Best effort (default)), 2 (Excellent effort),
3 (Critical applications), 4 (Video, < 100ms latency),
5 (Video, < 10ms latency), 6 (Internetwork control) and
7 (Network control (highest)).

Example of usage:
root# ifconfig em0.1 create
root# ifconfig em0.1 vlanpcp 3

Note:
The review D801 includes the pf(4) part, but as discussed with kristof,
we won't commit the pf(4) bits for now.
The credits of the original code is from rwatson.

Differential Revision:	https://reviews.freebsd.org/D801
Reviewed by:	gnn, adrian, loos
Discussed with: rwatson, glebius, kristof
Tested by:	many including Matthew Grooms <mgrooms__shrew.net>
Obtained from:	pfSense
Relnotes:	Yes
2016-06-06 09:51:58 +00:00
pfg
bd6fcb16e5 dhclient(1): correct obvious mismatch in get_char().
Correct switch between current and previous line buffers when
encountering a carriage return in the input.

CID:		1305719
Obtained from:	OpenBSD (CVS rev. 1.30)
MFC after:	3 days
2016-06-03 03:40:39 +00:00
allanjude
8e48e06278 Address feedback from hrs@ re: r301059 (ifconfig subnet mask)
- Use NI_MAXHOST to size buffers for getnameinfo()
- remove non-standard 'full' inet6 address printing
- remove 'no scope' option
- use strchr(3) to optimize replacing separator character in lladdrs

Reviewed by:	gnn, jhb
Differential Revision:	https://reviews.freebsd.org/D2856
2016-06-02 03:16:02 +00:00
truckman
debdc06d9e Belatedly bump .Dd date for Dummynet AQM import in r300779. 2016-06-02 00:42:15 +00:00
allanjude
700d26896c ifconfig(8) now supports some output formatting options
specified by the -f flag or IFCONFIG_FORMAT environment variable, the user
can request that inet4 subnet masks be printed in CIDR or dotted-quad
notation, in addition to the traditional hex output.
inet6 prefixes can be printed in CIDR as well.

For more documentation see the ifconfig(8) man page.

PR:		169072
Requested by:	seanc, marcel, brd, many others
Reviewed by:	gnn, jhb (earlier version)
Relnotes:	yes
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D2856
2016-05-31 17:30:08 +00:00
ed
12cc424125 Stop using the non-standard basename_r() function.
This change makes the code use the POSIX basename() function. It has the
advantage that (if implemented correctly), it also imposes no restrict
on the pathname length.

Notice that I haven't added any error handling to the strdup() call. It
looks like none of the other calls to strdup() and malloc() performed by
this utility do it either.

Reviewed by:	hrs
Differential Revision:	https://reviews.freebsd.org/D6626
2016-05-31 06:45:19 +00:00
allanjude
b7cdaf3621 Add Documentation for missing ifconfig(8) flags
autoconf / -autoconf
deprecated / -deprecated
pltime
vltime

PR:		209822
Submitted by:	Sevan Janiyan <venture37@geeklan.co.uk>
MFC after:	2 weeks
2016-05-29 03:44:37 +00:00
allanjude
6d6e6f6722 Import the skein hashing algorithm, based on the threefish block cipher
Connect it to userland (libmd, libcrypt, sbin/md5) and kernel (crypto.ko)

Support for skein as a ZFS checksum algorithm was introduced in r289422
but is disconnected because FreeBSD lacked a Skein implementation.

A further commit will enable it in ZFS.

Reviewed by:	cem
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D6166
2016-05-29 01:15:36 +00:00
allanjude
4581e38971 Implement SHA-512 truncated (224 and 256 bits)
This implements SHA-512/256, which generates a 256 bit hash by
calculating the SHA-512 then truncating the result. A different initial
value is used, making the result different from the first 256 bits of
the SHA-512 of the same input. SHA-512 is ~50% faster than SHA-256 on
64bit platforms, so the result is a faster 256 bit hash.

The main goal of this implementation is to enable support for this
faster hashing algorithm in ZFS. The feature was introduced into ZFS
in r289422, but is disconnected because SHA-512/256 support was missing.
A further commit will enable it in ZFS.

This is the follow on to r292782

Reviewed by:	cem
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D6061
2016-05-28 16:06:07 +00:00
truckman
2a78edb668 Import Dummynet AQM version 0.2.1 (CoDel, FQ-CoDel, PIE and FQ-PIE).
Centre for Advanced Internet Architectures

Implementing AQM in FreeBSD

* Overview <http://caia.swin.edu.au/freebsd/aqm/index.html>

* Articles, Papers and Presentations
  <http://caia.swin.edu.au/freebsd/aqm/papers.html>

* Patches and Tools <http://caia.swin.edu.au/freebsd/aqm/downloads.html>

Overview

Recent years have seen a resurgence of interest in better managing
the depth of bottleneck queues in routers, switches and other places
that get congested. Solutions include transport protocol enhancements
at the end-hosts (such as delay-based or hybrid congestion control
schemes) and active queue management (AQM) schemes applied within
bottleneck queues.

The notion of AQM has been around since at least the late 1990s
(e.g. RFC 2309). In recent years the proliferation of oversized
buffers in all sorts of network devices (aka bufferbloat) has
stimulated keen community interest in four new AQM schemes -- CoDel,
FQ-CoDel, PIE and FQ-PIE.

The IETF AQM working group is looking to document these schemes,
and independent implementations are a corner-stone of the IETF's
process for confirming the clarity of publicly available protocol
descriptions. While significant development work on all three schemes
has occured in the Linux kernel, there is very little in FreeBSD.

Project Goals

This project began in late 2015, and aims to design and implement
functionally-correct versions of CoDel, FQ-CoDel, PIE and FQ_PIE
in FreeBSD (with code BSD-licensed as much as practical). We have
chosen to do this as extensions to FreeBSD's ipfw/dummynet firewall
and traffic shaper. Implementation of these AQM schemes in FreeBSD
will:
* Demonstrate whether the publicly available documentation is
  sufficient to enable independent, functionally equivalent implementations

* Provide a broader suite of AQM options for sections the networking
  community that rely on FreeBSD platforms

Program Members:

* Rasool Al Saadi (developer)

* Grenville Armitage (project lead)

Acknowledgements:

This project has been made possible in part by a gift from the
Comcast Innovation Fund.

Submitted by:	Rasool Al-Saadi <ralsaadi@swin.edu.au>
X-No objection:	core
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D6388
2016-05-26 21:40:13 +00:00
avos
7b68b2abeb ifconfig: set by default FCC regulatory domain for wireless interfaces.
Change default regulatory domain from DEBUG (no limitations;
exposes all device channels) to FCC; as a result, newly created wireless
interface with default settings will have less chances to violate
country-specific regulations.

This change will not affect drivers with pre-initialized regdomain
structure (currentry ath(4) and mwl(4)); in that case, the default
channel list must correspond to the default regdomain / country setting.

You can switch to another regdomain / country via corresponding
ifconfig(8) options; the driver must implement ic_getradiocaps()
method to restore full channel list.

Full country / regdomain list may be obtained via
'ifconfig <iface> list countries' command.

Example: change country to Germany:
ifconfig wlan0 down	# all wlans on the device must be down
ifconfig wlan0 country DE
ifconfig wlan0 up
# wpa_supplicant(8), dhclient(8) etc

At the creation time:
ifconfig wlan0 create wlandev wpi0 country DE

To make changes permanent add the following line to the rc.conf(5):
create_args_wlan0="country DE"

Tested with
 - Intel 3945BG (wpi(4)).
 - WUSB54GC (rum(4)).

Reviewed by:	adrian
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D6228
2016-05-26 13:14:08 +00:00
truckman
1b6bea5af7 Fix a couple of Coverity Unintended sign extension sign extension
defects.  When shifting an unsigned byte into the upper 8 bits of
an int and the resulting value is greater than 0x7FFFFFF, the result
will be sign extended when converting to a 64 bit unsigned long.
Fix by casting to (uint64_t) before the shift.

Reported by:	Coverity
CID:		1356044, 1356045
Reviewed by:	ken
2016-05-25 15:49:29 +00:00
truckman
4122004b6c Fix a couple of new instances of a false positive Coverity buffer
overflow defect.  Use the new CCB_CLEAR_ALL_EXCEPT_HDR() macro
instead of the calling bzero() on the pointer to the header used
as an array and indexed by 1.

Don't leak a buffer after executing "goto restart_report" by
overwriting its pointer with the results of another calloc().
Be sure to clear the buffer before reusing it.  (CID 1356042)

Reported by:	Coverity
CID:		1356022, 1356034, 1356023, 1356035, 1356042
Reviewed by:	ken
2016-05-25 15:43:01 +00:00
truckman
a4774d8f19 Fix multiple Coverity Out-of-bounds access false postive issues in CAM
The currently used idiom for clearing the part of a ccb after its
header generates one or two Coverity errors for each time it is
used.  All instances generate an Out-of-bounds access (ARRAY_VS_SINGLETON)
error because of the treatment of the header as a two element array,
with a pointer to the non-existent second element being passed as
the starting address to bzero().  Some instances also alsp generate
Out-of-bounds access (OVERRUN) errors, probably because the space
being cleared is larger than the sizeofstruct ccb_hdr).

In addition, this idiom is difficult for humans to understand and
it is error prone.  The user has to chose the proper struct ccb_*
type (which does not appear in the surrounding code) for the sizeof()
in the length calculation.  I found several instances where the
length was incorrect, which could cause either an actual out of
bounds write, or incompletely clear the ccb.

A better way is to write the code to clear the ccb itself starting
at sizeof(ccb_hdr) bytes from the start of the ccb, and calculate
the length based on the specific type of struct ccb_* being cleared
as specified by the union ccb member being used.  The latter can
normally be seen in the nearby code.  This is friendlier for Coverity
and other static analysis tools because they will see that the
intent is to clear the trailing part of the ccb.

Wrap all of the boilerplate code in a convenient macro that only
requires a pointer to the desired union ccb member (or a pointer
to the union ccb itself) as an argument.

Reported by:	Coverity
CID:		1007578, 1008684, 1009724, 1009773, 1011304, 1011306
CID:		1011307, 1011308, 1011309, 1011310, 1011311, 1011312
CID:		1011313, 1011314, 1011315, 1011316, 1011317, 1011318
CID:		1011319, 1011320, 1011321, 1011322, 1011324, 1011325
CID:		1011326, 1011327, 1011328, 1011329, 1011330, 1011374
CID:		1011390, 1011391, 1011392, 1011393, 1011394, 1011395
CID:		1011396, 1011397, 1011398, 1011399, 1011400, 1011401
CID:		1011402, 1011403, 1011404, 1011405, 1011406, 1011408
CID:		1011409, 1011410, 1011411, 1011412, 1011413, 1011414
CID:		1017461, 1018387, 1086860, 1086874, 1194257, 1229897
CID:		1229968, 1306229, 1306234, 1331282, 1331283, 1331294
CID:		1331295, 1331535, 1331536, 1331539, 1331540, 1341623
CID:		1341624, 1341637, 1341638, 1355264, 1355324
Reviewed by:	scottl, ken, delphij, imp
MFH:		1 month
Differential Revision:	https://reviews.freebsd.org/D6496
2016-05-24 00:57:11 +00:00
ken
7eeed3c838 Add support for managing Shingled Magnetic Recording (SMR) drives.
This change includes support for SCSI SMR drives (which conform to the
Zoned Block Commands or ZBC spec) and ATA SMR drives (which conform to
the Zoned ATA Command Set or ZAC spec) behind SAS expanders.

This includes full management support through the GEOM BIO interface, and
through a new userland utility, zonectl(8), and through camcontrol(8).

This is now ready for filesystems to use to detect and manage zoned drives.
(There is no work in progress that I know of to use this for ZFS or UFS, if
anyone is interested, let me know and I may have some suggestions.)

Also, improve ATA command passthrough and dispatch support, both via ATA
and ATA passthrough over SCSI.

Also, add support to camcontrol(8) for the ATA Extended Power Conditions
feature set.  You can now manage ATA device power states, and set various
idle time thresholds for a drive to enter lower power states.

Note that this change cannot be MFCed in full, because it depends on
changes to the struct bio API that break compatilibity.  In order to
avoid breaking the stable API, only changes that don't touch or depend on
the struct bio changes can be merged.  For example, the camcontrol(8)
changes don't depend on the new bio API, but zonectl(8) and the probe
changes to the da(4) and ada(4) drivers do depend on it.

Also note that the SMR changes have not yet been tested with an actual
SCSI ZBC device, or a SCSI to ATA translation layer (SAT) that supports
ZBC to ZAC translation.  I have not yet gotten a suitable drive or SAT
layer, so any testing help would be appreciated.  These changes have been
tested with Seagate Host Aware SATA drives attached to both SAS and SATA
controllers.  Also, I do not have any SATA Host Managed devices, and I
suspect that it may take additional (hopefully minor) changes to support
them.

Thanks to Seagate for supplying the test hardware and answering questions.

sbin/camcontrol/Makefile:
	Add epc.c and zone.c.

sbin/camcontrol/camcontrol.8:
	Document the zone and epc subcommands.

sbin/camcontrol/camcontrol.c:
	Add the zone and epc subcommands.

	Add auxiliary register support to build_ata_cmd().  Make sure to
	set the CAM_ATAIO_NEEDRESULT, CAM_ATAIO_DMA, and CAM_ATAIO_FPDMA
	flags as appropriate for ATA commands.

	Add a new get_ata_status() function to parse ATA result from SCSI
	sense descriptors (for ATA passthrough over SCSI) and ATA I/O
	requests.

sbin/camcontrol/camcontrol.h:
	Update the build_ata_cmd() prototype

	Add get_ata_status(), zone(), and epc().

sbin/camcontrol/epc.c:
	Support for ATA Extended Power Conditions features.  This includes
	support for all features documented in the ACS-4 Revision 12
	specification from t13.org (dated February 18, 2016).

	The EPC feature set allows putting a drive into a power power mode
	immediately, or setting timeouts so that the drive will
	automatically enter progressively lower power states after various
	idle times.

sbin/camcontrol/fwdownload.c:
	Update the firmware download code for the new build_ata_cmd()
	arguments.

sbin/camcontrol/zone.c:
	Implement support for Shingled Magnetic Recording (SMR) drives
	via SCSI Zoned Block Commands (ZBC) and ATA Zoned Device ATA
	Command Set (ZAC).

	These specs were developed in concert, and are functionally
	identical.  The primary differences are due to SCSI and ATA
	differences.  (SCSI is big endian, ATA is little endian, for
	example.)

	This includes support for all commands defined in the ZBC and
	ZAC specs.

sys/cam/ata/ata_all.c:
	Decode a number of additional ATA command names in ata_op_string().

	Add a new CCB building function, ata_read_log().

	Add ata_zac_mgmt_in() and ata_zac_mgmt_out() CCB building
	functions.  These support both DMA and NCQ encapsulation.

sys/cam/ata/ata_all.h:
	Add prototypes for ata_read_log(), ata_zac_mgmt_out(), and
	ata_zac_mgmt_in().

sys/cam/ata/ata_da.c:
	Revamp the ada(4) driver to support zoned devices.

	Add four new probe states to gather information needed for zone
	support.

	Add a new adasetflags() function to avoid duplication of large
	blocks of flag setting between the async handler and register
	functions.

	Add new sysctl variables that describe zone support and paramters.

	Add support for the new BIO_ZONE bio, and all of its subcommands:
	DISK_ZONE_OPEN, DISK_ZONE_CLOSE, DISK_ZONE_FINISH, DISK_ZONE_RWP,
	DISK_ZONE_REPORT_ZONES, and DISK_ZONE_GET_PARAMS.

sys/cam/scsi/scsi_all.c:
	Add command descriptions for the ZBC IN/OUT commands.

	Add descriptions for ZBC Host Managed devices.

	Add a new function, scsi_ata_pass() to do ATA passthrough over
	SCSI.  This will eventually replace scsi_ata_pass_16() -- it
	can create the 12, 16, and 32-byte variants of the ATA
	PASS-THROUGH command, and supports setting all of the
	registers defined as of SAT-4, Revision 5 (March 11, 2016).

	Change scsi_ata_identify() to use scsi_ata_pass() instead of
	scsi_ata_pass_16().

	Add a new scsi_ata_read_log() function to facilitate reading
	ATA logs via SCSI.

sys/cam/scsi/scsi_all.h:
	Add the new ATA PASS-THROUGH(32) command CDB.  Add extended and
	variable CDB opcodes.

	Add Zoned Block Device Characteristics VPD page.

	Add ATA Return SCSI sense descriptor.

	Add prototypes for scsi_ata_read_log() and scsi_ata_pass().

sys/cam/scsi/scsi_da.c:
	Revamp the da(4) driver to support zoned devices.

	Add five new probe states, four of which are needed for ATA
	devices.

	Add five new sysctl variables that describe zone support and
	parameters.

	The da(4) driver supports SCSI ZBC devices, as well as ATA ZAC
	devices when they are attached via a SCSI to ATA Translation (SAT)
	layer.  Since ZBC -> ZAC translation is a new feature in the T10
	SAT-4 spec, most SATA drives will be supported via ATA commands
	sent via the SCSI ATA PASS-THROUGH command.  The da(4) driver will
	prefer the ZBC interface, if it is available, for performance
	reasons, but will use the ATA PASS-THROUGH interface to the ZAC
	command set if the SAT layer doesn't support translation yet.
	As I mentioned above, ZBC command support is untested.

	Add support for the new BIO_ZONE bio, and all of its subcommands:
	DISK_ZONE_OPEN, DISK_ZONE_CLOSE, DISK_ZONE_FINISH, DISK_ZONE_RWP,
	DISK_ZONE_REPORT_ZONES, and DISK_ZONE_GET_PARAMS.

	Add scsi_zbc_in() and scsi_zbc_out() CCB building functions.

	Add scsi_ata_zac_mgmt_out() and scsi_ata_zac_mgmt_in() CCB/CDB
	building functions.  Note that these have return values, unlike
	almost all other CCB building functions in CAM.  The reason is
	that they can fail, depending upon the particular combination
	of input parameters.  The primary failure case is if the user
	wants NCQ, but fails to specify additional CDB storage.  NCQ
	requires using the 32-byte version of the SCSI ATA PASS-THROUGH
	command, and the current CAM CDB size is 16 bytes.

sys/cam/scsi/scsi_da.h:
	Add ZBC IN and ZBC OUT CDBs and opcodes.

	Add SCSI Report Zones data structures.

	Add scsi_zbc_in(), scsi_zbc_out(), scsi_ata_zac_mgmt_out(), and
	scsi_ata_zac_mgmt_in() prototypes.

sys/dev/ahci/ahci.c:
	Fix SEND / RECEIVE FPDMA QUEUED in the ahci(4) driver.

	ahci_setup_fis() previously set the top bits of the sector count
	register in the FIS to 0 for FPDMA commands.  This is okay for
	read and write, because the PRIO field is in the only thing in
	those bits, and we don't implement that further up the stack.

	But, for SEND and RECEIVE FPDMA QUEUED, the subcommand is in that
	byte, so it needs to be transmitted to the drive.

	In ahci_setup_fis(), always set the the top 8 bits of the
	sector count register.  We need it in both the standard
	and NCQ / FPDMA cases.

sys/geom/eli/g_eli.c:
	Pass BIO_ZONE commands through the GELI class.

sys/geom/geom.h:
	Add g_io_zonecmd() prototype.

sys/geom/geom_dev.c:
	Add new DIOCZONECMD ioctl, which allows sending zone commands to
	disks.

sys/geom/geom_disk.c:
	Add support for BIO_ZONE commands.

sys/geom/geom_disk.h:
	Add a new flag, DISKFLAG_CANZONE, that indicates that a given
	GEOM disk client can handle BIO_ZONE commands.

sys/geom/geom_io.c:
	Add a new function, g_io_zonecmd(), that handles execution of
	BIO_ZONE commands.

	Add permissions check for BIO_ZONE commands.

	Add command decoding for BIO_ZONE commands.

sys/geom/geom_subr.c:
	Add DDB command decoding for BIO_ZONE commands.

sys/kern/subr_devstat.c:
	Record statistics for REPORT ZONES commands.  Note that the
	number of bytes transferred for REPORT ZONES won't quite match
	what is received from the harware.  This is because we're
	necessarily counting bytes coming from the da(4) / ada(4) drivers,
	which are using the disk_zone.h interface to communicate up
	the stack.  The structure sizes it uses are slightly different
	than the SCSI and ATA structure sizes.

sys/sys/ata.h:
	Add many bit and structure definitions for ZAC, NCQ, and EPC
	command support.

sys/sys/bio.h:
	Convert the bio_cmd field to a straight enumeration.  This will
	yield more space for additional commands in the future.  After
	change r297955 and other related changes, this is now possible.
	Converting to an enumeration will also prevent use as a bitmask
	in the future.

sys/sys/disk.h:
	Define the DIOCZONECMD ioctl.

sys/sys/disk_zone.h:
	Add a new API for managing zoned disks.  This is very close to
	the SCSI ZBC and ATA ZAC standards, but uses integers in native
	byte order instead of big endian (SCSI) or little endian (ATA)
	byte arrays.

	This is intended to offer to the complete feature set of the ZBC
	and ZAC disk management without requiring the application developer
	to include SCSI or ATA headers.  We also use one set of headers
	for ioctl consumers and kernel bio-level consumers.

sys/sys/param.h:
	Bump __FreeBSD_version for sys/bio.h command changes, and inclusion
	of SMR support.

usr.sbin/Makefile:
	Add the zonectl utility.

usr.sbin/diskinfo/diskinfo.c
	Add disk zoning capability to the 'diskinfo -v' output.

usr.sbin/zonectl/Makefile:
	Add zonectl makefile.

usr.sbin/zonectl/zonectl.8
	zonectl(8) man page.

usr.sbin/zonectl/zonectl.c
	The zonectl(8) utility.  This allows managing SCSI or ATA zoned
	disks via the disk_zone.h API.  You can report zones, reset write
	pointers, get parameters, etc.

Sponsored by:	Spectra Logic
Differential Revision:	https://reviews.freebsd.org/D6147
Reviewed by:	wblock (documentation)
2016-05-19 14:08:36 +00:00