contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual
merge). Add libauditd build parts and add to auditd's linkage;
force libbsm to build before libauditd.
OpenBSM history for imported revisions below for reference.
MFC after: 1 month
Sponsored by: Apple Inc.
Obtained from: TrustedBSD Project
OpenBSM 1.1 alpha 4
- With the addition of BSM error number mapping, we also need to map the
local error number passed to audit_submit(3) to a BSM error number,
rather than have the caller perform that conversion.
- Reallocate user audit events to avoid collisions with Solaris; adopt a
more formal allocation scheme, and add some events allocated in Solaris
that will be of immediate use on other platforms.
- Add an event for Calife.
- Add au_strerror(3), which allows generating strings for BSM errors
directly, rather than requiring applications to map to the local error
space, which might not be able to entirely represent the BSM error
number space.
- Major auditd rewrite for launchd(8) support. Add libauditd library
that is shared between launchd and auditd.
- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for
(re)starting auditing under launchd(8) on Mac OS X.
- Add 'current' symlink to active audit trail.
- Add crash recovery of previous audit trail file when detected on audit
startup that it has not been properly terminated.
- Add the event AUE_audit_recovery to indicated when an audit trail file
has been recovered from not being properly terminated. This event is
stored in the new audit trail file and includes the path of recovered
audit trail file.
- Mac OS X and FreeBSD dependent code in auditd.c is separated into
auditd_darwin.c and auditd_fbsd.c files.
- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system
calls.
- For Mac OS X, we use ASL(3) instead of syslog(3) for logging.
- Add support for NOTICE level logging.
OpenBSM 1.1 alpha 3
- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map
between BSM error numbers (largely the Solaris definitions) and local
errno(2) values for 32-bit and 64-bit return tokens. This is required
as operating systems don't agree on some of the values of more recent
error numbers.
- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the
total size for the token. This buge.
- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed.
FPA floating-point format is identical to the VFP format,
but is always stored in big-endian.
Introduce _IEEE_WORD_ORDER to describe the byte-order of
the FP representation.
Obtained from: Juniper Networks, Inc
rather than usually returning 1 but in a few instances using a sysexits(3)
return value.
2. Remove a few unused variables from libfetch.
PR: docs/122470 (1, only)
Reviewed by: des
fetch(1) accepts a new argument -i <file> that if specified will cause
the file to be downloaded only if it is more recent than the mtime of
<file>.
libfetch(3) accepts the mtime in the url structure and a flag to
indicate when this behavior is desired.
PR: bin/87841
Submitted by: Jukka A. Ukkonen <jau@iki.fi> (partially)
Reviewed by: des, ru
MFC after: 3 weeks
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
It includes the following fix:
2426. [bug] libbind: inet_net_pton() can sometimes return the
wrong value if excessively large netmasks are
supplied. [RT #18512]
Reported by: Maksymilian Arciemowicz <cxib__at__securityreason.com>
This change was erronously ommitted from the r185690, and attempt
to simply add the prototype to string.h has revealed that several
contributed programs defined local prototypes for strndup(), controlled
by autoconfed config.h. So, manually change #undef HAVE_STRNDUP to
#define HAVE_STRNDUP 1. Next import of the corresponding program would
regenerate config.h, overriding the changes in this commit.
No objections from: kan
in order to get the symbol binding state "just so". This is to allow
locking to be activated and not run into recursion problems later.
However, one of the magic bits involves an explicit call to _umtx_op()
to force symbol resolution. It does a wakeup operation on a fake,
uninitialized (ie: random contents) umtx. Since libthr isn't active, this
is harmless. Nothing can match the random wakeup.
However, valgrind finds this and is not amused. Normally I'd just
write a suppression record for it, but the idea of passing random
args to syscalls (on purpose) just doesn't feel right.
Copyright attribution is kept the same as in original NetBSD source.
Submitted by: Florian Smeets <flo kasimir com>
Obtained from: NetBSD
MFC after: 2 weeks
* support for bzip2 file with multiple concatenated bzip2 streams
* support for bzip2 file with junk after bzip2 stream
* support for gzip file with junk after gzip stream
* "fuzz" tester randomly modifies a bunch of input files in order to try
to crash libarchive (this found an amusing hang in the ISO9660 code
when trying to read images that advertised a zero blocksize).
This test is implemented, but commented out for now:
* support for gzip file with multiple concatenated gzip streams
This is an attempt to eliminate a lot of redundant
code from the read ("decompression") filters by
changing them to juggle arbitrary-sized blocks
and consolidate reblocking code at a single point
in archive_read.c.
Along the way, I've changed the internal read/consume
API used by the format handlers to a slightly
different style originally suggested by des@. It
does seem to simplify a lot of common cases.
The most dramatic change is, of course, to
archive_read_support_compression_none(), which
has just evaporated into a no-op as the blocking
code this used to hold has all been moved up
a level.
There's at least one more big round of refactoring
yet to come before the individual filters are as
straightforward as I think they should be...
* Wrap long declarations to fit 80 chars
* #undef macros that shouldn't be exported
* Organize the version-dependent conditionals a
bit more consistently
Speculative:
* libarchive 3.0 will (eventually) use int64_t
instead of off_t. This is an attempt to avoid
some the headaches caused by Linux LFS. (I'll
still have to do ugly things for the struct stat
references in archive_entry.h, of course.)
revised/modified by me) to store dhcp options into kenv variables,
so the information is available to the boot loader and can be used
to customize the boot process.
The change is totally unintrusive, essentially made of a single
function to be called while parsing a dhcp response, and a couple
of tables to classify options. The values extracted from dhcp
options are stored in the kenv environment in one of these forms:
+ options whose name and type is known are saved as
dhcp.name = value (string, or number/ip addresses lists)
+ unknown options are assumed to be strings and saved as
dhcp.option-NNN = "value"
+ options listed as '__INDIR' and sent on the wire as e.g.
option unknown-252 "some.name=the actual value"
are saved as
some.name = "the actual value"
+ options listed as '__ILIST' and sent on the wire as e.g.
option unknown-249 "a.b=foo bar; c.d= 123; e.f=done"
are saved as multiple values
a.b="foo bar"
c.d="123"
e.f="done"
As you can see there is quite a bit of flexibility on what can
be passed to the loader or the kernel.
For the time being the vendor-specific table is mostly disabled,
because there is no standard set of options for FreeBSD, and I don't
know all the pxe-specific vendor options.
Also, applications using libstand may live in memory-constrained
environments, so it makes sense to keep these tables as small as
possible, especially considering that one can generate arbitrary
name=value pairs using site-specific options of type __INDIR or
__ILIST (there are 4 __ILIST and 5 __INDIR in the table, numbered
246..249 and 250..254).
Actually, considering that probably 75% of the standard dhcp options
are totally useless, it might make sense to remove them as well.
Submitted by: Danny Braniss
MFC after: 4 weeks
does not use any external symbols, thus avoiding possible recursion into
rtld to resolve symbols, when called.
Reviewed by: kan, davidxu
Tested by: rink
MFC after: 1 month
This changes struct kinfo_filedesc and kinfo_vmentry such that they are
same on both 32 and 64 bit platforms like i386/amd64 and won't require
sysctl wrapping.
Two new OIDs are assigned. The old ones are available under
COMPAT_FREEBSD7 - but it isn't that simple. The superceded interface
was never actually released on 7.x.
The other main change is to pack the data passed to userland via the
sysctl. kf_structsize and kve_structsize are reduced for the copyout.
If you have a process with 100,000+ sockets open, the unpacked records
require a 132MB+ copyout. With packing, it is "only" ~35MB. (Still
seriously unpleasant, but not quite as devastating). A similar problem
exists for the vmentry structure - have lots and lots of shared libraries
and small mmaps and its copyout gets expensive too.
My immediate problem is valgrind. It traditionally achieves this
functionality by parsing procfs output, in a packed format. Secondly, when
tracing 32 bit binaries on amd64 under valgrind, it uses a cross compiled
32 bit binary which ran directly into the differing data structures in 32
vs 64 bit mode. (valgrind uses this to track file descriptor operations
and this therefore affected every single 32 bit binary)
I've added two utility functions to libutil to unpack the structures into
a fixed record length and to make it a little more convenient to use.
by switching into single-thread mode.
libthr ignores broken use of lock bitmaps used by default rtld locking
implementation, this in turn turns lock handoff in _rtld_thread_init
into NOP. This in turn makes child processes of forked multi-threaded
programs to run with _thr_signal_block still in effect, with most
signals blocked.
Reported by: phk, kib
us working malloc in the fork child of the multithreaded process.
Although POSIX requires that only async-signal safe functions shall be
operable after fork in multithreaded process, not having malloc lower
the quality of our implementation.
Tested by: rink
Discussed with: kan, davidxu
Reviewed by: kan
MFC after: 1 month
Bring in updated jail support from bz_jail branch.
This enhances the current jail implementation to permit multiple
addresses per jail. In addtion to IPv4, IPv6 is supported as well.
Due to updated checks it is even possible to have jails without
an IP address at all, which basically gives one a chroot with
restricted process view, no networking,..
SCTP support was updated and supports IPv6 in jails as well.
Cpuset support permits jails to be bound to specific processor
sets after creation.
Jails can have an unrestricted (no duplicate protection, etc.) name
in addition to the hostname. The jail name cannot be changed from
within a jail and is considered to be used for management purposes
or as audit-token in the future.
DDB 'show jails' command was added to aid debugging.
Proper compat support permits 32bit jail binaries to be used on 64bit
systems to manage jails. Also backward compatibility was preserved where
possible: for jail v1 syscalls, as well as with user space management
utilities.
Both jail as well as prison version were updated for the new features.
A gap was intentionally left as the intermediate versions had been
used by various patches floating around the last years.
Bump __FreeBSD_version for the afore mentioned and in kernel changes.
Special thanks to:
- Pawel Jakub Dawidek (pjd) for his multi-IPv4 patches
and Olivier Houchard (cognet) for initial single-IPv6 patches.
- Jeff Roberson (jeff) and Randall Stewart (rrs) for their
help, ideas and review on cpuset and SCTP support.
- Robert Watson (rwatson) for lots and lots of help, discussions,
suggestions and review of most of the patch at various stages.
- John Baldwin (jhb) for his help.
- Simon L. Nielsen (simon) as early adopter testing changes
on cluster machines as well as all the testers and people
who provided feedback the last months on freebsd-jail and
other channels.
- My employer, CK Software GmbH, for the support so I could work on this.
Reviewed by: (see above)
MFC after: 3 months (this is just so that I get the mail)
X-MFC Before: 7.2-RELEASE if possible
Threading library calls _pre before the fork, allowing the rtld to
lock itself to ensure that other threads of the process are out of
dynamic linker. _post releases the locks.
This allows the rtld to have consistent state in the child. Although
child may legitimately call only async-safe functions, the call may
need plt relocation resolution, and this requires working rtld.
Reported and debugging help by: rink
Reviewed by: kan, davidxu
MFC after: 1 month (anyway, not before 7.1 is out)
and Core Duo), models 0xF (Core2), model 0x17 (Core2Extreme) and
model 0x1C (Atom).
In these CPUs, the actual numbers, kinds and widths of PMCs present
need to queried at run time. Support for specific "architectural"
events also needs to be queried at run time.
Model 0xE CPUs support programmable PMCs, subsequent CPUs
additionally support "fixed-function" counters.
- Use event names that are close to vendor documentation, taking in
account that:
- events with identical semantics on two or more CPUs in this family
can have differing names in vendor documentation,
- identical vendor event names may map to differing events across
CPUs,
- each type of CPU supports a different subset of measurable
events.
Fixed-function and programmable counters both use the same vendor
names for events. The use of a class name prefix ("iaf-" or
"iap-" respectively) permits these to be distinguished.
- In libpmc, refactor pmc_name_of_event() into a public interface
and an internal helper function, for use by log handling code.
- Minor code tweaks: staticize a global, freshen a few comments.
Tested by: gnn
Fix some issues about re-scanning of the devices.
src/lib/libusb20/libusb20_ugen20.c
Fix issue about libusb20 having to release the
USB transfers before doing a SET_CONFIG, else
the kernel will kill the file handle.
src/sys/dev/usb2/core/usb2_device.
src/sys/dev/usb2/core/usb2_generic.c
src/sys/dev/usb2/core/usb2_generic.h
Add support for U3G devices.
Improve and cleanup FIFO free handling.
Improve device re-enumeration.
src/sys/dev/usb2/core/usb2_msctest.c
src/sys/dev/usb2/core/usb2_msctest.h
Fix some problems in the USB Mass Storage Test.
Add Huawei vendor specific quirks.
src/sys/dev/usb2/core/usb2_request.c
Improve device re-enumeration.
src/sys/dev/usb2/ethernet/if_aue2.c
src/sys/dev/usb2/include/usb2_devid.h
src/sys/dev/usb2/include/usb2_devtable.h
src/sys/dev/usb2/quirk/usb2_quirk.c
Integrate changes from the old USB driver.
src/sys/dev/usb2/include/usb2_standard.h
Add definition of USB3.0 structures from USB.org.
src/sys/dev/usb2/serial/u3g2.c
src/sys/dev/usb2/serial/ugensa2.c
src/sys/modules/usb2/Makefile
src/sys/modules/usb2/serial_3g/Makefile
Import U3G driver.
Submitted by: Hans Petter Selasky (usb4bsd)
parentheses.
Fixed alignment issue in gr_dup() in its assignment of gr_mem using a
struct to force alignment without performing alignment mathematics. This
was noticed recently with libutil was built with WARNS=6 on platform such
as sparc64.
Added checks to gr_dup(), gr_equal() and gr_make() to prevent segfaults
when examining struct group's with the struct members pointing to NULL's.
With fix of alignment issue, restore WARNS?=6.
Reviewed by: des
MFC after: 1 week
src/sys/dev/usb2/core/usbdevs
src/sys/dev/usb2/include/urio2_ioctl.h
src/sys/dev/usb2/storage/ustorage2_fs.h
These files are not used any more.
src/usr.sbin/Makefile
src/etc/mtree/BSD.include.dist
src/include/Makefile
src/lib/Makefile
src/share/man/man7/hier.7
src/share/mk/bsd.libnames.mk
src/etc/mtree/BSD.include.dist
Make "usbconfig" and "libusb20" a part of the default build.
src/sys/dev/usb/rio500_usb.h
src/sys/dev/usb2/storage/urio2.c
Use common include file.
src/sys/dev/usb2/bluetooth/ng_ubt2.c
Make USB bluetooth depend on "ng_hci" module.
src/sys/dev/usb2/controller/ehci2.c
src/sys/dev/usb2/controller/ehci2.h
Patches for Marvell EHCI.
src/sys/dev/usb2/core/usb2_busdma.c
Bugfix for 64-bit platforms. Need to unload the previously loaded DMA
map and some cleanup regarding some corner cases.
src/sys/dev/usb2/core/usb2_core.h
src/sys/dev/usb2/core/usb2_dev.c
src/sys/dev/usb2/core/usb2_dev.h
Bugfix for libusb filesystem interface.
New feature: Add support for filtering device data at the expense of the
userland process.
Add some more comments.
Some minor code styling.
Remove unused function, usb2_fifo_get_data_next().
Fix an issue about "fifo_index" being used instead of "ep_index".
src/sys/dev/usb2/core/usb2_device.c
src/sys/dev/usb2/core/usb2_generic.c
Bugfix for Linux USB compat layer. Do not free non-generic FIFOs when
doing an alternate setting.
Cleanup USB IOCTL and USB reference handling.
Fix a corner case where USB-FS was left initialised after
setting a new configuration or alternate setting.
src/sys/dev/usb2/core/usb2_hub.c
Improvement: Check all USB HUB ports by default at least one time.
src/sys/dev/usb2/core/usb2_request.c
Bugfix: Make sure destination ASCII string is properly zero terminated
in all cases.
Improvement: Skip invalid characters instead of replacing with a dot.
src/sys/dev/usb2/core/usb2_util.c
src/sys/dev/usb2/image/uscanner2.c
Spelling.
src/sys/dev/usb2/include/Makefile
Share "usbdevs" with the old USB stack.
src/sys/dev/usb2/include/usb2_devid.h
src/sys/dev/usb2/include/usb2_devtable.h
Regenerate files.
Alfred: Please fix the RCS tag at the top.
src/sys/dev/usb2/include/usb2_ioctl.h
Fix compilation of "kdump".
src/sys/dev/usb2/serial/ubsa2.c
src/sys/dev/usb2/serial/ugensa2.c
Remove device ID's which will end up in a new 3G driver.
src/sys/dev/usb2/sound/uaudio2.c
Correct a debug printout.
src/sys/dev/usb2/storage/umass2.c
Sync with old USB stack.
src/lib/libusb20/libusb20.3
Add more documentation.
src/lib/libusb20/libusb20.c
Various bugfixes and improvements.
src/usr.sbin/usbconfig/dump.c
src/usr.sbin/usbconfig/usbconfig.c
New commands for dumping strings and doing custom USB requests from
the command line.
Remove keyword requirements from generated files:
"head/sys/dev/usb2/include/usb2_devid.h"
"head/sys/dev/usb2/include/usb2_devtable.h"
This bring huge amount of changes, I'll enumerate only user-visible changes:
- Delegated Administration
Allows regular users to perform ZFS operations, like file system
creation, snapshot creation, etc.
- L2ARC
Level 2 cache for ZFS - allows to use additional disks for cache.
Huge performance improvements mostly for random read of mostly
static content.
- slog
Allow to use additional disks for ZFS Intent Log to speed up
operations like fsync(2).
- vfs.zfs.super_owner
Allows regular users to perform privileged operations on files stored
on ZFS file systems owned by him. Very careful with this one.
- chflags(2)
Not all the flags are supported. This still needs work.
- ZFSBoot
Support to boot off of ZFS pool. Not finished, AFAIK.
Submitted by: dfr
- Snapshot properties
- New failure modes
Before if write requested failed, system paniced. Now one
can select from one of three failure modes:
- panic - panic on write error
- wait - wait for disk to reappear
- continue - serve read requests if possible, block write requests
- Refquota, refreservation properties
Just quota and reservation properties, but don't count space consumed
by children file systems, clones and snapshots.
- Sparse volumes
ZVOLs that don't reserve space in the pool.
- External attributes
Compatible with extattr(2).
- NFSv4-ACLs
Not sure about the status, might not be complete yet.
Submitted by: trasz
- Creation-time properties
- Regression tests for zpool(8) command.
Obtained from: OpenSolaris
- This also removes $FreeBSD$ from two now unmodifed source files
ncurses/tinfo/lib_raw.c and ncurses/tinfo/lib_baudrate.c
MFC after: 2 months (after 7.1 and 6.4 are released)
- Use `fildes[2]' instead of `*fildes' to make more clear that pipe(2)
fills an array with two descriptors.
- Remove EFAULT from the manual page. Because of the current calling
convention, pipe(2) raises a segmentation fault when an invalid
address is passed.
- Introduce kern_pipe() to make it easier for binary emulations to
implement pipe(2).
- Make Linux binary emulation use kern_pipe(), which means we don't have
to recover td_retval after calling the FreeBSD system call.
Approved by: rdivacky
Discussed on: arch
Looking at our source code history, it seems the uname(),
getdomainname() and setdomainname() system calls got deprecated
somewhere after FreeBSD 1.1, but they have never been phased out
properly. Because we don't have a COMPAT_FREEBSD1, just use
COMPAT_FREEBSD4.
Also fix the Linuxolator to build without the setdomainname() routine by
just making it call userland_sysctl on kern.domainname. Also replace the
setdomainname()'s implementation to use this approach, because we're
duplicating code with sysctl_domainname().
I wasn't able to keep these three routines working in our
COMPAT_FREEBSD32, because that would require yet another keyword for
syscalls.master (COMPAT4+NOPROTO). Because this routine is probably
unused already, this won't be a problem in practice. If it turns out to
be a problem, we'll just restore this functionality.
Reviewed by: rdivacky, kib
struct sockaddr * that it casts internally to the appropriate type based on
sa_family. However, struct sockaddr has very lax alignment requirements,
which causes the compiler to complain when you cast a struct sockaddr * to,
say, a struct sockaddr_in6 *.
I find it reasonable to assume that the pointer we received is in fact
correctly aligned. Therefore, we can work around the compiler warnings by
casting to void * before casting to the desired type. For readability's
sake, this is done with macros.
The same technique should prove useful in other parts of the tree that
deal with socket addresses.
MFC after: 3 weeks
that includes significant features and SMP safety.
This commit includes a more or less complete rewrite of the *BSD USB
stack, including Host Controller and Device Controller drivers and
updating all existing USB drivers to use the new USB API:
1) A brief feature list:
- A new and mutex enabled USB API.
- Many USB drivers are now running Giant free.
- Linux USB kernel compatibility layer.
- New UGEN backend and libusb library, finally solves the "driver
unloading" problem. The new BSD licensed libusb20 library is fully
compatible with libusb-0.1.12 from sourceforge.
- New "usbconfig" utility, for easy configuration of USB.
- Full support for Split transactions, which means you can use your
full speed USB audio device on a high speed USB HUB.
- Full support for HS ISOC transactions, which makes writing drivers
for various HS webcams possible, for example.
- Full support for USB on embedded platforms, mostly cache flushing
and buffer invalidating stuff.
- Safer parsing of USB descriptors.
- Autodetect of annoying USB install disks.
- Support for USB device side mode, also called USB gadget mode,
using the same API like the USB host side. In other words the new
USB stack is symmetric with regard to host and device side.
- Support for USB transfers like I/O vectors, means more throughput
and less interrupts.
- ... see the FreeBSD quarterly status reports under "USB project"
2) To enable the driver in the default kernel build:
2.a) Remove all existing USB device options from your kernel config
file.
2.b) Add the following USB device options to your kernel configuration
file:
# USB core support
device usb2_core
# USB controller support
device usb2_controller
device usb2_controller_ehci
device usb2_controller_ohci
device usb2_controller_uhci
# USB mass storage support
device usb2_storage
device usb2_storage_mass
# USB ethernet support, requires miibus
device usb2_ethernet
device usb2_ethernet_aue
device usb2_ethernet_axe
device usb2_ethernet_cdce
device usb2_ethernet_cue
device usb2_ethernet_kue
device usb2_ethernet_rue
device usb2_ethernet_dav
# USB wireless LAN support
device usb2_wlan
device usb2_wlan_rum
device usb2_wlan_ral
device usb2_wlan_zyd
# USB serial device support
device usb2_serial
device usb2_serial_ark
device usb2_serial_bsa
device usb2_serial_bser
device usb2_serial_chcom
device usb2_serial_cycom
device usb2_serial_foma
device usb2_serial_ftdi
device usb2_serial_gensa
device usb2_serial_ipaq
device usb2_serial_lpt
device usb2_serial_mct
device usb2_serial_modem
device usb2_serial_moscom
device usb2_serial_plcom
device usb2_serial_visor
device usb2_serial_vscom
# USB bluetooth support
device usb2_bluetooth
device usb2_bluetooth_ng
# USB input device support
device usb2_input
device usb2_input_hid
device usb2_input_kbd
device usb2_input_ms
# USB sound and MIDI device support
device usb2_sound
2) To enable the driver at runtime:
2.a) Unload all existing USB modules. If USB is compiled into the
kernel then you might have to build a new kernel.
2.b) Load the "usb2_xxx.ko" modules under /boot/kernel having the same
base name like the kernel device option.
Submitted by: Hans Petter Selasky hselasky at c2i dot net
Reviewed by: imp, alfred
and server. This replaces the RPC implementation of the NFS client and
server with the newer RPC implementation originally developed
(actually ported from the userland sunrpc code) to support the NFS
Lock Manager. I have tested this code extensively and I believe it is
stable and that performance is at least equal to the legacy RPC
implementation.
The NFS code currently contains support for both the new RPC
implementation and the older legacy implementation inherited from the
original NFS codebase. The default is to use the new implementation -
add the NFS_LEGACYRPC option to fall back to the old code. When I
merge this support back to RELENG_7, I will probably change this so
that users have to 'opt in' to get the new code.
To use RPCSEC_GSS on either client or server, you must build a kernel
which includes the KGSSAPI option and the crypto device. On the
userland side, you must build at least a new libc, mountd, mount_nfs
and gssd. You must install new versions of /etc/rc.d/gssd and
/etc/rc.d/nfsd and add 'gssd_enable=YES' to /etc/rc.conf.
As long as gssd is running, you should be able to mount an NFS
filesystem from a server that requires RPCSEC_GSS authentication. The
mount itself can happen without any kerberos credentials but all
access to the filesystem will be denied unless the accessing user has
a valid ticket file in the standard place (/tmp/krb5cc_<uid>). There
is currently no support for situations where the ticket file is in a
different place, such as when the user logged in via SSH and has
delegated credentials from that login. This restriction is also
present in Solaris and Linux. In theory, we could improve this in
future, possibly using Brooks Davis' implementation of variant
symlinks.
Supporting RPCSEC_GSS on a server is nearly as simple. You must create
service creds for the server in the form 'nfs/<fqdn>@<REALM>' and
install them in /etc/krb5.keytab. The standard heimdal utility ktutil
makes this fairly easy. After the service creds have been created, you
can add a '-sec=krb5' option to /etc/exports and restart both mountd
and nfsd.
The only other difference an administrator should notice is that nfsd
doesn't fork to create service threads any more. In normal operation,
there will be two nfsd processes, one in userland waiting for TCP
connections and one in the kernel handling requests. The latter
process will create as many kthreads as required - these should be
visible via 'top -H'. The code has some support for varying the number
of service threads according to load but initially at least, nfsd uses
a fixed number of threads according to the value supplied to its '-n'
option.
Sponsored by: Isilon Systems
MFC after: 1 month
on long long arguments.
Reviewed by: bde (previous version, that included asm implementation
for all ffs and fls functions on i386 and amd64)
MFC after: 2 weeks
is used to set the ELF size attribute for functions. It isn't normally
critical but some things can make use of it (gdb for stack traces).
Valgrind needs it so I'm adding it in. The problem is present on all
branches and on both i386 and amd64.
As discussed on the commits list, there is no need to call revoke()
inside openpty(). On RELENG_6 and RELENG_7 unlockpt() will call
revoke(). On HEAD we create pseudo-terminals on demand, so there is no
need to revoke the slave device node.
This change should never be MFC'd, because the implementation we have in
RELENG_6 and RELENG_7 should work flawlessly with older versions of
libc.
Discussed with: jhb
MFC after: never
according to my reading of the CAM draft is mandatory for
all CCB function calls and enforced by xptioctl() since at
least r168752. Previously we happened to use 0 as the Path
ID, causing the XPT_DEV_MATCH call to fail if there's no
SCSI bus 0. Basically the same bug was also fixed the same
way for camcontrol(8) as part of r126514.
PR: 127605
Submitted by: Eygene Ryabinkin
Approved by: silence from ken and scottl
MFC after: 1 week
from the description but not the errors section. This revision removes it
from the errors statement.
Add a statement about the non-portability of non-page-aligned offsets.
I believe this is not a valid C99 construct. Use directly calculated
offsets into the supplied buffer, using specified members length,
to fill appropriate structure.
Either use sysctl, or copy the value of the UNAME_x environment
variable, instead of unconditionally doing sysctl, and then
overriding a returned value with user-specified one.
Noted and tested by: rdivacky
If it's not a regular file, don't return any data, even if the size is unknown.
Update the Zip test with a hand-tweaked Zip archive that has a
directory (with length-at-end set), a regular file without
length-at-end set, and a regular file with length-at-end set and a bad
CRC. Update the test code to verify that the file size is unset
for the regular file with length-at-end.
MFC after: 7 days
reduce ABI disruptions when new cpu types and new PMC events are added
in the future.
- Support alternate spellings for PMC events. Derive the canonical
spelling of an event name from its enumeration name in 'enum pmc_event'.
- Provide a way for users to disambiguate between identically named events
supported by multiple classes of PMCs in a CPU.
- Change libpmc's machine-dependent event specifier parsing code to
better support CPUs containing two or more classes of PMC resources.
- Pass O_NOCTTY to posix_openpt(2). This makes the implementation work
consistently on implementations that make the PTY the controlling TTY
by default.
- Call unlockpt() before opening the slave device. POSIX mentions that
de slave device should only be opened after grantpt() and unlockpt()
have been called.
- Replace some redundant code by a label.
In theory we could remove a lot of code from openpty() on FreeBSD
-CURRENT, because grantpt(), unlockpt() and revoke() are not needed in
our implementation. We'd better keep them there. This makes the code
still work with older FreeBSD releases and even makes it work on other
non-BSD operating systems.
I've compiled openpty() on Linux. You only need to remove the revoke()
call, because revoke() on Linux always returns -1. Apart from that, it
seems to work like it should.
Reviewed by: jhb
Update referenced example to include unistd.h per manpage.
Update example to be more style(9)-ish, silence warnings and add
FreeBSD id to the source file.
control over the result of buildworld and installworld; this especially
helps packaging systems such as nanobsd
Reviewed by: various (posted to arch)
MFC after: 1 month
where critical. Some places still use ps_pread/ps_pwrite directly,
but only need changed when byte-order comes into the picture.
Also, change th_p in td_event_msg_t from a pointer type to
psaddr_t, so that events also work when psaddr_t is widened.
review by secteam@ for the reasons mentioned below.
1) Rename /dev/urandom to /dev/random since urandom marked as
XXX Deprecated
alias in /sys/dev/random/randomdev.c
(this is our naming convention and no review by secteam@ required)
2) Set rs_stired flag after forced initialization to prevent
double stearing.
(this is already in OpenBSD, i.e. they don't have double stearing.
It means that this change matches their code path and no additional
secteam@ review required)
Submitted by: Thorsten Glaser <tg@mirbsd.de> (2)
- Add a routine for looking up a device and checking if it is a valid geom
provider given a partial or full path to its device node.
Reviewed by: phk
Approved by: pjd (mentor)
logic here gets a little complex, but the net effect is that the
SECURE_SYMLINKS flag will prevent us from ever following a symlink.
Without it, we'll only follow symlinks to dirs. bsdtar specifies
SECURE_SYMLINKS by default, suppresses it for -P.
I've also beefed up the write_disk_secure test to verify this
behavior.
PR: bin/126849