superblock has a check-hash error, an error message noting the
superblock check-hash failure is printed and the mount fails. The
administrator then runs fsck to repair the filesystem and when
successful, the filesystem can once again be mounted.
This approach fails if the filesystem in question is a root filesystem
from which you are trying to boot. Here, the loader fails when trying
to access the filesystem to get the kernel to boot. So it is necessary
to allow the loader to ignore the superblock check-hash error and make
a best effort to read the kernel. The filesystem may be suffiently
corrupted that the read attempt fails, but there is no harm in trying
since the loader makes no attempt to write to the filesystem.
Once the kernel is loaded and starts to run, it attempts to mount its
root filesystem. Once again, failure means that it breaks to its prompt
to ask where to get its root filesystem. Unless you have an alternate
root filesystem, you are stuck.
Since the root filesystem is initially mounted read-only, it is
safe to make an attempt to mount the root filesystem with the failed
superblock check-hash. Thus, when asked to mount a root filesystem
with a failed superblock check-hash, the kernel prints a warning
message that the root filesystem superblock check-hash needs repair,
but notes that it is ignoring the error and proceeding. It does
mark the filesystem as needing an fsck which prevents it from being
enabled for writing until fsck has been run on it. The net effect
is that the reboot fails to single user, but at least at that point
the administrator has the tools at hand to fix the problem.
Reported by: Rick Macklem (rmacklem@)
Discussed with: Warner Losh (imp@)
Sponsored by: Netflix
This can be useful, when net.inet.ip.fw.dyn_keep_states is enabled, but
after rules reloading some state must be deleted. Added new flag '-D'
for such purpose.
Retire '-e' flag, since there can not be expired states in the meaning
that this flag historically had.
Also add "verbose" mode for listing of dynamic states, it can be enabled
with '-v' flag and adds additional information to states list. This can
be useful for debugging.
Obtained from: Yandex LLC
MFC after: 2 months
Sponsored by: Yandex LLC
This was a typo for wdc. Eliminate it since it was in error. People
should use either 'wdc' or 'hgst' for the vendor from now on. 'hgst'
works for all versions this functionality is present for.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
Move the Intel specific log pages (including the one that samsung
implements) to intel.c. Add comment to the samsung vendor that it will
be going away soon.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
Eliminage redundant spaces and nvmecontrol at start of all the usage
strings. Update the usage printing code to add them back when
presenting to the user. Allow multi-line usage messages and print
proper leading spaces for lines starting with a space.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
Provide a usage() function that takes a struct nvme_function pointer
and produces a usage mssage. Eliminate all now-redundant usage
functions. Propigate the new argument through the program as needed.
Use common routine to print usage.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
If the dispatched function doesn't exit, then we get can get a
spurious function not found message. They all do exit, but this is a
little cleaner.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
These are all hgst/wdc specific, so move them into the wdc.c to live
with the wdc command.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
For the upcoming move of vendor specific code into vendor specific
files, make the common logpage routines global and move them to
nvmecontrol.h.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
Move logpage function def to header. Convert all the logpage_function
elements to elements of the linker set. Leave them all in logpage.c
for the moment.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
More commands will be added to nvmecontrol. Also, there will be a few
more vendor commands (some of which may need to remain private to
companies writing them). The first step on that journey is to move to
using linker sets to dispatch commands. The next step will be using
dlopen to bring in the .so's that have the command that might need
to remain private for seamless integration.
Similar changes to this will be needed for vendor specific log pages.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D18403
SELECTIVE MIRRORING
If your network has network traffic analyzer connected to your host
directly via dedicated interface or remotely via RSPAN vlan, you can
selectively mirror some ethernet layer2 frames to the analyzer.
...
report the check-hash failure and offer to search for and use
alternate superblocks. Prior to this fix fsck_ffs would simply
report the check-hash failure and exit.
Reported by: Julian H. Stacey <jhs@berklix.com>
Tested by: Peter Holm
Sponsored by: Netflix
Those two manual pages are already referencing each other in the HISTORY
sections, which people might skip. Mention those manual pages explicitly in
the SEE ALSO sections. Also, remove a reference to be(1) from libbe(3).
Reviewed by: bcr
Approved by: krion (mentor, implicit), mat (mentor, implicit)
Differential Revision: https://reviews.freebsd.org/D18136
Observed in a CI test image, bectl_create test will run and be marked as
skipped because the module is not loaded. The first zpool invocation will
automagically load the module, but bectl_create is still skipped. Subsequent
tests all pass as expected because the module is now loaded and everything
is OK.
MFC after: 3 days
These tests operate on a file-backed zpool that gets created in the kyua
temp dir. root and ZFS support are both required for these tests. Current
tests cover create, destroy, export/import, jail, list (kind of), mount,
rename, and jail.
List tests should later be extended to cover formatting and the different
list flags, but for now only covers basic "are create/destroy actually
reflected properly"
MFC after: 3 days
Add an undocumented -r option preceding the bectl subcommand to specify a BE
root to operate out of. This will remain undocumented for now, as some
caveats apply:
- BEs cannot be activated in the pool that doesn't contain the rootfs
- bectl create cannot work out of the box without the -e option right now,
since it defaults to the rootfs and cross-pool cloning doesn't work like
that (IIRC)
Plumb the BE root through to libbe(3) so that some things -can- be done to
it, e.g.
bectl -r tank/ROOT create -e default upgrade
bectl -r tank/ROOT mount upgrade /mnt
this aides in some upgrade setups where rootfs is not necessarily ZFS, and
also makes it easier/possible to regression-test bectl when combined with a
file-backed zpool.
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D18029
Rather than using a special value to denote "use the default router",
treat the absence of the -g option to mean the same thing. The
in-kernel netdump client will always attempt to reach the server
directly before falling back to the configured gateway anyway. This
change makes it cleaner to support a hostname value for -g.
Reviewed by: cem
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D18025
document the libufs interface for fetching and storing inodes.
The undocumented getino / putino interface has been replaced
with a new getinode / putinode interface.
Convert the utilities that had been using the undocumented
interface to use the new documented interface.
No functional change (as for now the libufs library does not
do inode check-hashes).
Reviewed by: kib
Tested by: Peter Holm
Sponsored by: Netflix
Now an interface name can be specified for nptv6 instance instead of
ext_prefix. The module will track if_addr_ext events and when suitable
IPv6 address will be added to specified interface, it will be configured
as external prefix. When address disappears instance becomes unusable,
i.e. it doesn't match any packets.
Reviewed by: 0mp (manpages)
Tested by: Dries Michiels <driesm dot michiels gmail com>
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D17765
For example, in case of super-user:
$ sudo ping -s -64 127.0.0.1
PING 127.0.0.1 (127.0.0.1): -64 data bytes
ping: sendto: Invalid argument
For unprivileged user:
$ ping -s -64 127.0.0.1
ping: packet size too large: 18446744073709551552 > 56: Operation not permitted
Fix this by switching from strtoul() to strtol() for integer arguments
and adding explicit checks for negative values.
MFC after: 1 month
It produces incompatibility when rules listing is used again to
restore saved ruleset, because "ip6" keyword produces separate opcode.
The kernel already has the check and only IPv6 packets will be checked
for matching.
PR: 232939
MFC after: 3 days
There is no need to check if capdns is NULL.
If we will build the system without casper all cap_gethostaddr will be
replaced by the standard functions.
Make it clear that ipfw action set for layer2 frames it a bit limited.
PR: 59835
Reviewed by: yuripv
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D17719
The buffer is already zeroed in compile_rule() function, and also it
may contain configured F_NOT flag in o.len field. This fixes the filling
for "not icmp6types" opcode.
PR: 232939
MFC after: 3 days
tcpdump can capture packet traces from the usb bus. usbus[0-9] are
registered as ifnet devices so this can work. When these devices come
up, devd was trying to run pccard_ether on those interfaces, which
didn't exist and generated an error.
program to use the libufs library interface. No functional change
(as for now the libufs library does not do inode check-hashes).
Reviewed by: kib
Sponsored by: Netflix
This change defines the RA "6" (IPv6-Only) flag which routers
may advertise, kernel logic to check if all routers on a link
have the flag set and accordingly update a per-interface flag.
If all routers agree that it is an IPv6-only link, ether_output_frame(),
based on the interface flag, will filter out all ETHERTYPE_IP/ARP
frames, drop them, and return EAFNOSUPPORT to upper layers.
The change also updates ndp to show the "6" flag, ifconfig to
display the IPV6_ONLY nd6 flag if set, and rtadvd to allow
announcing the flag.
Further changes to tcpdump (contrib code) are availble and will
be upstreamed.
Tested the code (slightly earlier version) with 2 FreeBSD
IPv6 routers, a FreeBSD laptop on ethernet as well as wifi,
and with Win10 and OSX clients (which did not fall over with
the "6" flag set but not understood).
We may also want to (a) implement and RX filter, and (b) over
time enahnce user space to, say, stop dhclient from running
when the interface flag is set. Also we might want to start
IPv6 before IPv4 in the future.
All the code is hidden under the EXPERIMENTAL option and not
compiled by default as the draft is a work-in-progress and
we cannot rely on the fact that IANA will assign the bits
as requested by the draft and hence they may change.
Dear 6man, you have running code.
Discussed with: Bob Hinden, Brian E Carpenter
When users mark an interface to not use aliases they likely also don't
want to use the link-local v6 address there.
PR: 201695
Submitted by: Russell Yount <Russell.Yount AT gmail.com>
Differential Revision: https://reviews.freebsd.org/D17633
and runs scripts containing "KEYWORD: resume" with single "resume" argument.
Working example is the port sysutils/cpupdate that defines
extra_commands="resume" to reload CPU microcode cleared
by suspend/resume sequence.
This change does nothing for a system having no scripts with KEYWORD: resume.
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D15247
that is already present in a kernel statically.
For example, the command "mount_msdosfs -L ru_RU.KOI8-R" fails with error
"mount_msdosfs: msdosfs_iconv: File exists" for a kernel having
options LIBICONV and MSDOSFS_ICONV. After this change, it mounts successfully.
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D16951
Previously, route returned 1 in case of error properly signalling failure
but "route -q" it returned 0 for same case. Fix it.
PR: 186333
MFC after: 1 month
Start with a short summary and cover the options in a standard list style.
Organize sections by common focus and prioritize more useful information
closer to the top.
Flesh out authors, history, caveats, and security considerations sections.
Reviewed by: markj, eadler (previous version)
Differential Revision: https://reviews.freebsd.org/D17679
The premise of dumpon -k foo.pem is that dump contents will be confidential
except to anyone holding the corresponding RSA private key.
This guarantee breaks down when weak RSA keys are used. Small RSA keys
(e.g. 512 bits) can be broken on a single personal computer in tractible
time. Marginal RSA keys (768 bits) can be broken by EC2 and a few dollars.
Even 1024 bit keys can probably be broken by sophisticated and wealthy
attackers.
NIST SP800-57 (2016) recommends a minimum of 2048 bit RSA keys, and
estimates this provides 112 bits of security.
It would also be good to protect users from weak values of 'e' (i.e., 3) and
perhaps sanity check that their public key .pem does not accidentally
contain their private key as well. These considerations are left as future
work.
Reviewed by: markj, darius AT dons.net.au (previous version)
Discussed with: bjk
Differential Revision: https://reviews.freebsd.org/D17678
check hash to the superblock. If a check hash fails when an attempt
is made to mount a filesystem, the mount fails with EINVAL (Invalid
argument). This avoids a class of filesystem panics related to
corrupted superblocks. The hash is done using crc32c.
Check hases are added only to UFS2 and not to UFS1 as UFS1 is primarily
used in embedded systems with small memories and low-powered processors
which need as light-weight a filesystem as possible.
Reviewed by: kib
Tested by: Peter Holm
Sponsored by: Netflix
to switch the output method in run-time. Also document some sysctl
variables that can by changed for NAT64 module.
NAT64 had compile time option IPFIREWALL_NAT64_DIRECT_OUTPUT to use
if_output directly from nat64 module. By default is used netisr based
output method. Now both methods can be used, but they require different
handling by rules.
Obtained from: Yandex LLC
MFC after: 3 weeks
Sponsored by: Yandex LLC
Differential Revision: https://reviews.freebsd.org/D16647
that was added using "new rule format". And then, when the kernel
returns rule with this flag, ipfw(8) can correctly show it.
Reported by: lev
MFC after: 3 weeks
Sponsored by: Yandex LLC
Differential Revision: https://reviews.freebsd.org/D17373
for already existing interface.
It appeared, that ifconfig(8) assumes `create` keyword as hostname and
tries to resolve it, when `ifconfig ifname create` invoked for already
existing interface. This can produce some unexpected results, when hostname
resolving has successfully happened. This patch adds check for such case.
When an interface is already exists, and create is only one argument,
return error message. But when there are some other arguments, just remove
create keyword from the arguments list.
Obtained from: Yandex LLC
MFC after: 3 weeks
Sponsored by: Yandex LLC
Differential Revision: https://reviews.freebsd.org/D17171
Exiting with a signal should not be treated the same as successful exit with
zero status.
Return signal exit information to the callers via negative integers, to
enable distinction from normal exit statuses. (All consumers that check for
errors don't care what the exact non-zero exit value is -- in such a case
they print a diagnostic message and either continue or bail.)
Additionally, check for unexpected sources of waitpid() wakeup and bail if
we encounter them.
Reported by: lev@
Reviewed by: kib, lev, markj (earlier version)
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D17035
When we set the ifname we have to copy the string, rather than just keep
the pointer.
PR: 231323
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D17507
The reasons for this are forward looking to pkgbase:
* /sbin/init is a special binary; try not to replace it with
every package update because an rc script was touched.
(a follow-up commit will make init its own package)
* having rc in its own place will allow more easy replacement
of the rc framework with alternatives, such as openrc.
Discussed with: brd (during BSDCam), kmoore
Requested by: cem, bz
PR: 231522
Approved by: re (gjb)
mips64 supports COMPAT_FREEBSD32 (for o32 binaries), so run the 32-bit
compat ldconfig on it as well.
Reported by: brooks
Reviewed by: brooks, kib
Approved by: re (gjb)
Differential Revision: https://reviews.freebsd.org/D17342
Since r154114 which introduced ldconfig_local32_dirs, ldconfig -32 was
called with -m. This means that ld-elf32.so.hints paths set is not
cleared for compat32 on boot, unlike ld,so,hints. Same -m was used in
r294295 for ld-elf-soft.so.hints on arm. The patch fixes the
asymmetry.
Noted by: Andreas Longwitz <longwitz@incore.de>
Reviewed by: brooks, emaste, imp
Discussed with: bdrewery
Sponsored by: The FreeBSD Foundation
Approved by: re (gjb)
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D17331
when `ifconfig ipsec create reqid N` command invoked without interface
unit number. The "name" global variable is updated after interface
cloning in the ifclonecreate() and contains actual interface name.
Reported by: lev
Approved by: re (kib)
MFC after: 1 week
Don't add it. This should fix when we do regepx matches against
variables we've set and fix wifi bring up.
PR: 231441
Approved by: re@ (kib)
Differential Revision: https://reviews.freebsd.org/D17267
This leverages CONFS to handle the install.
Approved by: re (blanket, pkgbase), will (mentor)
Differential Revision: https://reviews.freebsd.org/D17217
This is being done a separate step to ease importing into other VCSes.
Approved by: re (gjb), will (mentor)
Differential Revision: https://reviews.freebsd.org/D17160
fasthalt has behaved like reboot, instead of like halt, since r228408
(2011, 10.0-RELEASE). Fix it. One wonders if anyone will notice.
Approved by: re (kib)
MFC after: 3 days
Sponsored by: Dell EMC Isilon
Sample output:
% geom -t
Geom Class Provider
da0 DISK da0
da0 PART da0s1
da0s1 PART da0s1a
ffs.da0s1a VFS
da0s1a DEV
da0s1 DEV
da0 DEV
da1 DISK da1
swap SWAP
da1 DEV
cd0 DISK cd0
cd0 DEV
Reviewed by: oshogbo
Approved by: re (kib)
MFC after: 2 weeks
Relnotes: yes
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D17151
It completely unnecessarily iterates over all filesystems and happens
to be executed a lot e.g. by synth.
Reviewed by: kib
Approved by: re (gjb)
Differential Revision: https://reviews.freebsd.org/D17143
dhclient and ping normally use libcasper services. These are not
available in statically-linked binaries, so when WITHOUT_DYNAMICROOT is
set disable libcasper use, as with rescue builds. Also emit a warning
as it's undesirable to build this way.
Reported by: Michael Dexter
Reviewed by: rgrimes
Tested by: Michael Dexter
Approved by: re (kib)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D17074
Use nitems(), do not assume EFI_MD_TYPE_ contiguous allocation, in
particular, switch to use designated array initializers.
Reviewed by: jhb (previous version)
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Approved by: re (gjb)
Add PersistentMemory to the list of sysctl's known memory types
when decoding an EFI memory map.
Submitted by: D Scott Phillips <d.scott.phillips@intel.com>
MFC after: 1 week
Approved by: re (rgrimes)
And simplify this a little by flattening the directory structure.
Approved by: re (gjb), will (mentor)
Differential Revision: https://reviews.freebsd.org/D16955
In the conversion, the newline got stripped. It worked fine when there
was only one module, but not when there are many. Add back the missing
newline.
Approved by: re@ (kib)
PR: 230868
Differential Revision: https://reviews.freebsd.org/D16895
vermaden (maintainer of beadm) points out the following inconsistencies:
- "missing command" is not printed prior to usage if the error is simply a
missing command; this should be obvious from the context
- "bectl rename" isn't using the "don't unmount" flag (zfs rename -u), so
the active BE can't be renamed. It doesn't make sense in our context to
*not* use -u, so use it.
Documentation updates reflect the above and note an inconsistency with the
'destroy' command that is consistent with other parts of the base system.
A fix for libbe(3) not properly being installed to /lib is included.
SHLIBDIR should have been added when it was moved in r337995.
Approved by: re (kib)
In order to build on a Linux host we need to bootstrap md5 since the Linux
md5sum command produces output in a different format.
Reviewed By: emaste
Approved By: brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D16846
higher bandwidth interfaces. The new value is used above 2.5 Gbps,
which is the highest standard rate that could be used prior to
r338209, so the default behavior for all existing systems should
remain the same.
The value of 128 chosen is a balance between being big enough to
reduce potential precision/quantization effects stemming from frequent
bucket refills over small time intervals and being small enough to
prevent a greedy driver from burst dequeuing more packets than it has
available hardware ring slots for whenever altq transitions from idle
to backlogged.
Reviewed by: jmallett, kp
MFC after: 2 weeks
Sponsored by: RG Nets
Differential Revision: https://reviews.freebsd.org/D16852
devmatch_blacklist is a space separated list of modules (w/o the .ko
or full path) to exclude from devmatch's processing.
Differential Revision: https://reviews.freebsd.org/D16735
up the device described by the nomatch event in the device tree. If we
find it, then if the device is marked as have already attached to a
device once, then ignore the device.
This keeps us from reloading the device driver when it has just been
manually unloaded. All devies that have had a driver attach to them at
least once no longer participate in pnp-based autoloading.
Differential Revision: https://reviews.freebsd.org/D16735
This flag is set once the device has been successfully attached. When
set, it inhibits devmatch from trying to match the device. This in
turn allows kldunload to work as expected. Prior to the change, the
driver would immediately reload because devmatch had no notion that
the driver had once been attached, and therefore shouldn't participate
in further matching.
Differential Revision: https://reviews.freebsd.org/D16735
This backs out the hack we added in r329458. Now that we can freeze /
thaw probing, this is a much better solution to that problem. Revert
to simply printing the results as we find them, and relying on an
external sort | uniq to clean up the list.
Differential Revision: https://reviews.freebsd.org/D16735
Use devctl freeze / thaw to allow us to laod multiple modules before
doing the probe/attach so they all get a bite at the apple.
Differential Revision: https://reviews.freebsd.org/D16735
- Some overly-long lines
- Consistently using .Brq ({})
- Consistently using .Cm
- Not using .Ao/.Ac around .Ar
PR: 230576
Submitted by: Yuri Pankov (with a fair amount of rebasing pre-commit)
Add a -U flag to get back the old behavior. The new behavior is a little
more friendly to the common use cases, jail the BE and execute a script.
Having the jail torn down automatically when the script is finished, or when
you exit the shell, is a little more friendly than having to remember to
`bectl ujail`.
Batch mode (-b) will continue to leave the jail up, as it's assumed the
caller has other intentions.
Submitted by: Shawn Webb (partially)
2^32 bps or greater to be used. Prior to this, bandwidth parameters
would simply wrap at the 2^32 boundary. The computations in the HFSC
scheduler and token bucket regulator have been modified to operate
correctly up to at least 100 Gbps. No other algorithms have been
examined or modified for correct operation above 2^32 bps (some may
have existing computation resolution or overflow issues at rates below
that threshold). pfctl(8) will now limit non-HFSC bandwidth
parameters to 2^32 - 1 before passing them to the kernel.
The extensions to the pf(4) ioctl interface have been made in a
backwards-compatible way by versioning affected data structures,
supporting all versions in the kernel, and implementing macros that
will cause existing code that consumes that interface to use version 0
without source modifications. If version 0 consumers of the interface
are used against a new kernel that has had bandwidth parameters of
2^32 or greater configured by updated tools, such bandwidth parameters
will be reported as 2^32 - 1 bps by those old consumers.
All in-tree consumers of the pf(4) interface have been updated. To
update out-of-tree consumers to the latest version of the interface,
define PFIOC_USE_LATEST ahead of any includes and use the code of
pfctl(8) as a guide for the ioctls of interest.
PR: 211730
Reviewed by: jmallett, kp, loos
MFC after: 2 weeks
Relnotes: yes
Sponsored by: RG Nets
Differential Revision: https://reviews.freebsd.org/D16782
This is related to pkgbase as it uses CONFS to properly tag these as config
files.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16785
Rely on the kernel to appropriately mark group members as skipped.
Once a group is skipped we can clear the update flag on all the members.
PR: 229241
Submitted by: Andreas Longwitz <longwitz AT incore.de>
MFC after: 1 week
The original NVMe API used bit-fields to represent fields in data
structures defined by the specification (e.g. the op-code in the command
data structure). The implementation targeted x86_64 processors and
defined the bit fields for little endian dwords (i.e. 32 bits).
This approach does not work as-is for big endian architectures and was
changed to use a combination of bit shifts and masks to support PowerPC.
Unfortunately, this changed the NVMe API and forces #ifdef's based on
the OS revision level in user space code.
This change reverts to something that looks like the original API, but
it uses bytes instead of bit-fields inside the packed command structure.
As a bonus, this works as-is for both big and little endian CPU
architectures.
Bump __FreeBSD_version to 1200081 due to API change
Reviewed by: imp, kbowling, smh, mav
Approved by: imp (mentor)
Differential Revision: https://reviews.freebsd.org/D16404
This helps with pkgbase as it switches these to using CONFS so they are
properly tagged as config files.
Approved by: will (mentor), imp
Differential Revision: https://reviews.freebsd.org/D16781
Instead of always running /bin/sh, allow the user to specify the command
to run. The jail is not removed when the command finishes. Meaning,
`bectl unjail` will still need to be run.
For example:
```
bectl jail newBE pkg upgrade
bectl ujail newBE
```
Submitted by: Shawn Webb
Obtained from: HardenedBSD (8b451014ab)
Adding batch mode to the jail `bectl(8)` subcommand enables jailing of
ZFS Boot Environments in a scriptable fashion.
Submitted by: Shawn Webb
Obtained from: HardenedBSD (9e72d1c59a and ef7b6d9e1c with minor edit)
Previous iteration of this assumed that these won't fail because we've
already setup the jail param to this point, but the allocations could still
fail in pretty bad conditions.
Admit that it's possible and return (ENOENT, EINVAL, ENOMEM, or 0) when
deleting arguments. EINVAL shouldn't happen since we're passing optarg;
which may satisfy *optarg == '\0' but never optarg == NULL.
CID: 1394885, 1394901
after opening the console, replacing init as PID 1.
From the user point of view, it makes it possible to run eg the
shell as PID 1, using 'set init_exec=/bin/sh' at the loader(8)
prompt.
Reviewed by: kib
MFC after: 2 weeks
Relnotes: yes
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D16625
These were previously necessary because the libnvpair and libzfs_core
includes were not installed into the SYSROOT, being a part of the copies
target in include/Makefile rather than being installed with the library.
This was fixed in r337696 and the headers are now installed properly, so we
may let go of the cruft.
Deleting the temp snapshot isn't immediately possible because it's the
origin of the newly imported boot environment. However, this is trivially
solved by opening the new boot environment and promoting it. The roles are
now reversed and the temp snapshot/dataset may be completely destroyed.
Remove the BUGS from libbe(3) and bectl(8).
bectl(8) is an administrative interface for working with ZFS boot
environments, intended to provide a superset of the functionality provided
by sysutils/beadm.
libbe(3) is the back-end library that the required functionality has been
pulled out into for later reuse.
These were originally written for GSoC 2017 under the mentorship of
allanjude@.
bectl(8) has proven pretty stable in my testing, with the known bug
documented in the man page.
Relnotes: yes
- Missing include path
- Fully specify libzfs's dependencies (except for deps pulled in by other
deps) in Makefile.inc1
- Drop WARNS back down to 2 for libbe(3). I do this with much hesitation,
but the libzfs headers are apparently a hot warning-filled mess as far as
GCC 4.2 is concerned.
Fix bug introduced in r98542: previously to this revision the byte-swapped
value was compared at this place. The current check is in a conditional
section where the non-byte-swapped value was already checked to be not
the value which is checked again. As byte-swapping is activated afterwards,
it only makes sense if the byte-swapped value is checked.
Submitted by: Keith White <kwhite@site.uottawa.ca>
PR: 200059
MFC after: 1 month
Sponsored by: Essen Hackathon
This helps with pkgbase to tag this config file as a config file.
Approved by: allanjude (mentor), will (mentor)
Differential Revision: https://reviews.freebsd.org/D16559
This helps pkgbase as this config file will now be tagged as a config file.
Approved by: allanjude (mentor)
Differential Revision: https://reviews.freebsd.org/D16675
Regardless if a verbose scan is required or not, we'd still want to display the
full SSID name by default so use the IEE80211_NWID_LEN constant to set the
value to use instead.
Tested on rene@'s laptop.
Reviewed by: kp
Sponsored by: Essen Hackathon
Differential Revision: https://reviews.freebsd.org/D16566
It's useful for how to mount an iso file via loopback.
Reviewed by: jilles
Approved by: bcr (mentor)
Differential Revision: https://reviews.freebsd.org/D16067
The mostly-undocumented 'add' functionality, from initial read-through, is
intended for construction of deep ("bdrewery style") boot environments.
However, it's mostly broken at this point. `#if SOON` it out on both sides
so that we're not exposing a broken API/feature.
Work will resume on it in due time.
returns error.
Now -q option only makes it quiet. And when -f flag is specified, the
command will ignore errors and continue executing with next batched
command.
MFC after: 2 weeks
nonexistent NAT instance or nonexistent rule.
This allows execute batched `delete` commands and do not fail when
found nonexistent rule.
Obtained from: Yandex LLC
MFC after: 2 weeks
Sponsored by: Yandex LLC
getfsstat(2) system call using the MNT_NOWAIT flag to indicate that
it wants to use the statfs information cached in the mount structure.
When the -v (verbose) flag is specified, we need to use the MNT_WAIT
flag to getfsstat(2) so that kernel will call VFS_STATFS to get the
current statfs statistics from each filesystem.
Sponsored by: Netflix
The _Noreturn is a function-specifier (like inline) which must preceed
the declarator.
Submitted by: Sebastian Huber <sebastian.huber@embedded-brains.de>
MFC after: 1 week
This is needed to be able to chroot in the fallback case where
Capsicum is not available.
Reported by: Daniel Braniss <danny@cs.huji.ac.il>
X-MFC with: r337382
Sponsored by: The FreeBSD Foundation
- File names don't necessarily need to be repeated
- Add SPDX tags
- Add a missing copyright for Kyle Kneitinger in bectl.8, originally written
by him in GSoC 2017; his standard copyright notice has been copied from
other files within the same directory to remain consistent with how he
clearly wished to portray it
This makes the be_exists behavior match the comments that assert that we've
already checked that the dataset derived from the BE name is set to mount at
/.
Other changes of note:
- bectl_list sees another change; changing mountpoint based on mount status
turns out to be a bad idea, so instead make the mounted property of the
returned nvlist the path that it's mounted at
- Always return the "mountpoint" property in "mountpoint" if it's ste
This is to accomodate a later change in libbe(3) that will always return the
mountpoint, whether it be the directory the dataset is actively mounted at
or the "mountpoint" property.
The main dhclient process is Capsicumized but also chroots to
restrict filesystem access. With r322369, pidfile(3) maintains a
directory descriptor for the pidfile, which can cause the chroot
to fail in certain cases. To minimize the problem, only chroot
if we fail to enter capability mode, and store dhclient pidfiles
in a subdirectory of /var/run, thus restricting access via
pidfile(3)'s directory descriptor.
PR: 223327
Reviewed by: cem, oshogbo
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D16584
While here:
- Remove deprecated ".Tn" macros.
- Improve formatting and fix typos in the description of
the -t option.
Reviewed by: bcr
Approved by: mat (mentor)
Differential Revision: https://reviews.freebsd.org/D16541
- Support passing arbitrary jail arguments via -o
- Split the related (and rewritten since the GSoC) jail bits out into a new
bectl_jail.c file, to reduce clutter in bectl.c
- Don't use RFC 1918 IP space [0]; we'll instead set no default IPv4 and let
the user pass in any address options they wish via -o
Reported by: rgrimes [0], Shawn Webb [0]
be_get_dataset_snapshots has been added to libbe(3), effectively returning
the same information as be_get_bootenv_props but for snapshots of the given
dataset. The assumption is that one will have the BE dataset name before
wanting to grab snapshots.
This also accomplishes the following:
- Proxy through zfs_nicenum as be_nicenum, because it looks better than
humanize_number and would presumably be useful to other libbe consumers.
- Rename be_get_snapshot_props to be_get_dataset_props, make it more useful
-H is for a scripted format, where all fields are tab-delimited and the
headers go away. We accomplish this by splitting out pad printing to a
separate function that'll take into account whether we're supposed to be
scripted or not.
This has the nice side effect of maintaining positive column sizes again.
scripts. This means one should be able to eg rewrite their /etc/rc
in Python.
Reviewed by: kib
MFC after: 2 weeks
Relnotes: yes
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D16565
While it could be preferred to do this at insert in libbe(3), there's no
convenient way to insert at the head of an nvlist. Instead, we'll make two
passes over- once to print anything active either now or at nextboot, and
another to print everything else.
This doesn't actually impact performance in a significant way here, so we'll
worry about further optimizations if the need actually arises.
bectl list -a should show the boot environment, its relevant dataset, and
the snapshot it was created from. The header also changes to indicate the
rough order in which these things will show.
While here, start doing a little bit of spring cleaning and splitting
different bits out.
The timespecadd(3) family of macros were imported from NetBSD back in
r35029. However, they were initially guarded by #ifdef _KERNEL. In the
meantime, we have grown at least 28 syscalls that use timespecs in some
way, leading many programs both inside and outside of the base system to
redefine those macros. It's better just to make the definitions public.
Our kernel currently defines two-argument versions of timespecadd and
timespecsub. NetBSD, OpenBSD, and FreeDesktop.org's libbsd, however, define
three-argument versions. Solaris also defines a three-argument version, but
only in its kernel. This revision changes our definition to match the
common three-argument version.
Bump _FreeBSD_version due to the breaking KPI change.
Discussed with: cem, jilles, ian, bde
Differential Revision: https://reviews.freebsd.org/D14725
from being installed in the correct directory.
Resurrect a few rc.d scripts that were prematurely deleted from the
Makefile by r336845.
Reviewed by: brd
This keeps most startup scripts as CONFS per discussion on src-committers from
back during BSDCan.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16466
target.
Also update the pfctl tests Makefile to work with this change.
Approved by: bapt (mentor)
Differential Revision: https://reviews.freebsd.org/D16430
The jail is created with allow.mount, allow.mount.devfs, and
enforce_statfs=1. Upon creation, we immediately attach, chdir to "/", and
drop the user into a shell inside the jail.
The default IP for this is arbitrarily 10.20.30.40.
The given parameter may either be a jid, jail name, or a BE name. In all
cases, the parameter will be resolved to a jid and bectl(8) will
sanity-check that there's actually a BE mounted at the requested jail root
before invoking jail_remove(2).
Based on the idea that we shouldn't have all-new library and utility going
into base that need WARNS=1...
- Decent amount of constification
- Lots of parentheses
- Minor other nits
For the moment, this is a primitive nvlist dump of what we get back from
be_get_bootenv_props as a proof-of-concept and to make sure that we're
getting back the kind of information we want to see from list.
This check eliminates infinite loop of MTU change / link flap / lease verification / MTU change / link flap etc.
in case of some NIC drivers like em(4) or igb(4).
N.B.: obsolete u_int16_t is used in consistency with the rest of the file.
PR: 229432
Approved by: mav (mentor)
MFC after: 1 week
"record-state" is similar to "keep-state", but it doesn't produce implicit
O_PROBE_STATE opcode in a rule. "set-limit" is like "limit", but it has the
same feature as "record-state", it is single opcode without implicit
O_PROBE_STATE opcode. "defer-action" is targeted to be used with dynamic
states. When rule with this opcode is matched, the rule's action will
not be executed, instead dynamic state will be created. And when this
state will be matched by "check-state", then rule action will be executed.
This allows create a more complicated rulesets.
Submitted by: lev
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D1776
The double compilation of the kernel sources in libmd and libcrypt is
baffling, but add yet another define hack to prevent duplicate symbols.
Add documentation and SHA2-224 test cases to libmd.
Integrate with the md5(1) command, document, and add more test cases;
self-tests pass.
sockstat(1), ugidfw(8)
These are the last of the jail-aware userland utilities that didn't work
with names.
PR: 229266
MFC after: 3 days
Differential Revision: D16047
The issue was caused by header pollution brought by GCC 8.1.
We now have to remove include-fixed headers in the GCC installation
directory.
Sponsored by: DARPA, AFRL
Pointed out by: jhb
o Also move printf.h to go after it since it does require declaration
of va_list.
This fixes build with latest RISC-V GNU Toolchain with GCC 8.1
Sponsored by: DARPA, AFRL
If '-n' is set we don't use the list of skip interfaces, so don't retrieve it.
This fixes issues if 'pfctl -n' is used before the pf module is loaded. This
was broken by r333181.
Reported by: Jakub Chromy <hicks AT cgi.cz>
MFC after: 1 week
Currently ifconfig(8) only prints the hex representation of ssid names
with non-ASCII characters. Many modern terminals are able to properly render
non-ASCII characters. This change checks if the terminal charmap is UTF-8,
and if so, will render the characters, rather than the hex value.
This behavior is circumvented by running ifconfig(8) in a non-UTF8 locale;
e.g. C or POSIX.
It was pointed out by kp@ during the review that APs have the option to
broadcast whether their SSIDs may be interpreted as UTF-8. Ideally, we would
honor this and only attempt this behavior if it's so-broadcasted by the AP.
However, a sample survey showed that hostapd will advertise this if
indicated in config but it doesn't seem to be so common in the AP market, so
this would be effectively useless as we'll rarely know if the SSID should be
renderable as UTF-8.
Despite this, it was decided to be OK with this anyways- there's a
straightforward path to doing it the right way based on advertisement by AP
if we need to go that route, and one can revert to old behavior easily
enough at runtime if we get it wrong.
Submitted by: Farhan Khan <khanzf@gmail.com>
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D15922
When expanding a variable set by a message from the kernel, safely
quote all arguments expanded when creating a command line for the
shell.
Reviewd by: Shawn Webb, Oliver Pinter, brd@
Sponsored by: Netflix
While useful as an example, veriexecctl, as it is, has very little practical
use, since there is nothing ensuring the integrity of the manifest of hashes.
A more appropriate set of utilities will replace it.
Rather then combining hardlink creation for the geom(8) binary with
shared library build, move libraries to src/lib/geom so they are
built and installed normally. Create a common Makefile.classes
which is included by both lib/geom/Makefile and sbin/geom/Makefile
so the symlink and libraries stay in sync.
The relocation of libraries allows libraries to be build for 32-bit
compat. This also reduces the number of non-standard builds in
the system.
This commit is not sufficent to run a 32-bit /sbin/geom on a 64-bit
system out of the box as it will look in the wrong place for libraries
unless GEOM_LIBRARY_PATH is set appropriatly in the environment.
Reviewed by: bdrewery
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D15360
A more correct way to modernize code that uses __progname is to just
replace each occurance of it with a call to getprogname(3)
Reported by: ian
Reviewed by: imp
be executed in the if() conditional. If its not supposed to be printed
inside the conditional, then the braces should be removed and the extra
tabs on the fprintf() should be removed.
Noted by cross compilation with gcc-mips.
- add static in a number of places
- initialize __progname rather than rely on magical extern values
- use nitems() instead of manually spelling it out
- unshadow 'idi'
- teach 'error' that it is '__dead2'
- add missing 'break'
- remove param: unused since r95357.
- correct definition of usage
- add explicit fallthrough notice. The existing one doesn't work with
our selection of "implicit-fallthrough" strictness.
This results in WARNS=6 building on amd64, but not other arches
Normally pf rules are expected to do one of two things: pass the traffic or
block it. Blocking can be silent - "drop", or loud - "return", "return-rst",
"return-icmp". Yet there is a 3rd category of traffic passing through pf:
Packets matching a "pass" rule but when applying the rule fails. This happens
when redirection table is empty or when src node or state creation fails. Such
rules always fail silently without notifying the sender.
Allow users to configure this behaviour too, so that pf returns an error packet
in these cases.
PR: 226850
Submitted by: Kajetan Staszkiewicz <vegeta tuxpowered.net>
MFC after: 1 week
Sponsored by: InnoGames GmbH
We do not have code to fix this situation, and the mismatch does not
prevent the kernel driver from consuming the file system, and some factory
formatted SD cards seem to have a garbage backup block.
This makes the code match to its comments (replacing pfatal with pwarn).
Inspired by: NetBSD r1.13
Inspired by: b47b16353f
MFC after: 2 weeks
containing paths, fingerprints, and optional option flags which in turn
get pushed into the MAC/veriexec meta-data store via the veriexec device.
The format of the fingerprints file is as follows:
path type fingerprint options
The type of fingerprint supported depends on what MAC/veriexec fingerprint
modules have been loaded into the system. The veriexecctl application is
able to determine which ones are available by consulting the
security.mac.veriexec.algorithms sysctl.
The following options are currently supported in MAC/veriexec and by the
veriexecctl application:
indirect
If this option is set then the executable cannot be invoked directly, it
can only be used as an interpreter in shell scripts.
file
Indicates that the fingerprint is associated with a file, not an
executable. Files have their fingerprints verified during open(2) and are
automatically made read only. This option may be used to verify shared
libraries have not been tampered with.
no_ptrace
If this option is set then the executable cannot be traced with the
ptrace(2) process tracing and debugging call.
trusted
If this option is set then the executable is allowed to write to the
mem(4) devices. By default, when verified execution is enforced, no
process is allowed to write to the mem(4) devices.
The options are not case sensitive.
Reviewed by: jtl, wblock
Obtained from: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D8575
Continuing with a NULL hints variable just triggers a segfault later on.
The other error cases in this function all exit for an error rather than
warning.
Reviewed by: imp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D15579
Implement MK_NVME now that the expression for where NVMe is
complicated. Default it to "yes" for x86 and powerpc64 and
no everywhere else. Use it in camcontrol to define WITH_NVME
for those platforms where we support nvme.
This should fix the newly introduced nvme files to camcontrol
which were building everywhere.
Pointy Hat To: imp
Sponsored by: Netflix
Both ATA and NVME have an identify command. They are completely
different, but to the user they are the same. Leverage nvmecontrol's
print_controller code to provide that functionality to camcontrol
identify. Query the path to see what kind of protocol it supports, and
send the most appropriate command down. Refactor nvme_print_dev a
little to make it easy to get the nvme cdata.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D15371
Rename print_controller to nvme_print_controller. Put it in its
own file for easy inclusion. Move util.c to be nc_util.c to not
conflict with camcontrol. add nvecontrol_ext.h to define shared
interfaces.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D15371
The size limits came from a flawed understanding of dump records.
The real issue was that dump was bogusly interpreting c_count
sometimes. r334978 fixes that.
We shouldn't count the bytes set in c_addr for TS_CLRI and TS_BITS
nodes. Those block overload c_count to communicate how many blocks
follow, not now many c_addr spaces are used. Dump would dump core
(now) because memory layout moved around and we'd access elements past
the end to make a count.
Reviewed by: kib@
Add some asserts that prevents the overflows of c_addr. This can't
happen, absent bugs. However, certain large filesystems can cause
problems. These have been prevented by r334968, but a solution
is needed. These asserts will help assure that solution is correct.
PR: 228807
Reviewed by: db
c_addr in spcl. So check before we start dumping otherwise we can
end up with a corrupted dump.
PR: 228807
Submitted by: db
Reviewed by: imp
Approved by: imp
PowerPC has PAGE_SIZE as a long, not an int. This causes the compiler to throw
a format mismatch warning on this print. To work around the difference, print
it as a long instead of an int, and force the argument to a long.
Reviewed By: imp
Differential Revision: https://reviews.freebsd.org/D15653
In the pf rc.d script the output of `/etc/rc.d/pf status` or `/etc/rc.d/pf
onestatus` always provided an exit status of zero. This made it fiddly to
programmatically determine if pf was running or not.
Return a non-zero status if the pf module is not loaded, extend pfctl to have
an option to return an error status if pf is not enabled.
PR: 228632
Submitted by: James Park-Watt <jimmypw AT gmail.com>
MFC after: 1 week
In some cases broken DHCP servers might send invalid MTU value, so allow to
use 'supersede' in dhclient.conf to override this. When superseded value is
0, MTU value is not updated at all.
PR: 206721
Submitted by: novel@
Reported by: <jimp AT pfsense.org>
MFC after: 37 minutes (if you care about 11, please MFC to 11.2)
Relnotes: yes (potentially surprising behavior change w/ broken dhcpd mtu)
Differential Revision: https://reviews.freebsd.org/D15484
This change also makes alignment and spacing an explicit number rather
than a bunch of spaces.
Reviewed by: mmacy
Requested by: Yuri Pankov <yuripv@yuripv.net>
The objdir is temporary, and the current example points to GENERIC.
Instead point to the installed location of the debug symbols that are
supposed to match the kernel you are using.
PR: 223993
Submitted by: Trond.Endrestol@ximalas.info
I'm not quite sure why this wasn't caught before. Most likely due to
some generated file not being properly cleaned.
Fix build by just hiding the warnings that `-i` was supposed to fix.
Tested with clang, gcc9, gcc7
match the name of this capability. It was added recently and is not merged
to stable branch, so I hope it is not too late to change the name.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D15475
Perhaps RB_MUTE could mute user startup (rc) output as well, but right
now it mutes only kernel console output, so make the documentation match
reality.
PR: 228193
Sponsored by: The FreeBSD Foundation
Previously gpart's man page listed some command options in prose, and
some in table form, which made it more difficult to use as a reference.
Reviewed by: bcr
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D15135
Alphabetical order, uppercase before lowercase for each letter and with
no regard to whether an option takes an argument.
Sponsored by: The FreeBSD Foundation
Change uint8_t type of opcode argument to int in the print_opcode()
function. Use negative value to print the rest of opcodes, because
zero value is O_NOP, and it can't be uses for this purpose.
Reported by: lev
MFC after: 1 week
If the 'n' flag is provided the provided key number will be used to
decrypt device. This can be used combined with dryrun to verify if the key
is set correctly. This can be also used to determine which key slot we want to
change on already attached device.
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D15309
'n' is used in other commands to define the key index.
We should be consistent with that.
'C' option is used by patch(1) to perform dryrun so lets use that.
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D15308
Report the NVMe spec, number of lanes (and max) as well as the PCIe
generation we're negotiated at (and max) for the camcontrol rate
command.
Reviewed by: scottl (the output, not the code)
Sponsored by: Netflix
o Modify ipfw(8) to be able set any prefix6 not just Well-Known,
and also show configured prefix6;
o relocate some definitions and macros into proper place;
o convert nat64_debug and nat64_allow_private variables to be
VNET-compatible;
o add struct nat64_config that keeps generic configuration needed
to NAT64 code;
o add nat64_check_prefix6() function to check validness of specified
by user IPv6 prefix according to RFC6052;
o use nat64_check_private_ip4() and nat64_embed_ip4() functions
instead of nat64_get_ip4() and nat64_set_ip4() macros. This allows
to use any configured IPv6 prefixes that are allowed by RFC6052;
o introduce NAT64_WKPFX flag, that is set when IPv6 prefix is
Well-Known IPv6 prefix. It is used to reduce overhead to check this;
o modify nat64lsn_cfg and nat64stl_cfg structures to use nat64_config
structure. And respectivelly modify the rest of code;
o remove now unused ro argument from nat64_output() function;
o remove __FreeBSD_version ifdef, NAT64 was not merged to older versions;
o add commented -DIPFIREWALL_NAT64_DIRECT_OUTPUT flag to module's Makefile
as example.
Obtained from: Yandex LLC
MFC after: 1 month
Sponsored by: Yandex LLC
A new usage is added so that parameters for netdump may be specified.
Specifically, one configures an interface for netdump with:
# dumpon -c <client IP> -s <server IP> [-g <gateway IP>] <iface name>
Reviewed by: bdrewery, cem (earlier versions), sbruno
MFC after: 1 month
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D15254
This allows create/delete/attach/detach namespaces on new NVMe controllers.
This is only a first user-level part of the bigger change set. Kernel part
required to detect and handle the configuration changes without reboot is
completely independent and will be added separately.
Submitted by: Matt Williams <mffbsdw@gmail.com> (original version)
Differential Revision: https://reviews.freebsd.org/D11399
This can happen when the fsinfo signature is invalid, and the
user have choose to fix it, in which case the code would return
FSBOOTMOD (not FSOK but not FSFATAL either).
All other (fatal) cases would return FSFATAL.
Obtained from: Android Open Source Project
Obtained from: d8775a29ea
MFC after: 2 weeks
On reload we used to first flush everything, including the list of skipped
interfaces. This can lead to termination of these connections if they send
packets before the new configuration is applied.
Note that this doesn't currently happen on 12 or 11, because of special EACCES
handling introduced in r315514. This special behaviour in tcp_output() may
change, hence the fix in pfctl.
PR: 214613
This fixes media display for 802.11 wireless devices.
Software outside the base system that uses these media types and
defines should use #ifdef IFM_FDDI or IFM_TOKEN to include or remove
support.
Reported by: zeising
Reviewed by: emaste, kib, zeising
Tested by: zeising
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D15170
- Warn, don't exit, when SIOCSLAGGPORT returns an error.
When we exit with an error during lagg creation, a single
failed NIC (which no longer attaches) can prevent lagg
creation and other configuration, such as adding an IPv4
address, and thus leave a machine unreachable.
- Preserve non-EEXISTS errors for exit status from SIOCSLAGGPORT,
in case scripts are looking for it. Hopefully this can be
extended if other parts of ifconfig can allow a "soft" failure.
- Improve the warning message to mention what lagg and what
member are problematic.
Reviewed by: jtl, glebius
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D15046
After r331668 handling of F_NOT flag done in one place by
print_instruction() function. Also remove unused argument from
print_ip[6]() functions.
MFC after: 1 week
Defines in net/if_media.h remain in case code copied from ifconfig is in
use elsewere (supporting non-existant media type is harmless).
Reviewed by: kib, jhb
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D15017
This will allow us to verify if passphrase and key is valid without
decrypting whole device.
Reviewed by: cem@, allanjude@
Differential Revision: https://reviews.freebsd.org/D15000
Introduce show_state structure to keep information about printed opcodes.
Split show_static_rule() function into several smaller functions. Make
parsing and printing opcodes into several passes. Each printed opcode
is marked in show_state structure and will be skipped in next passes.
Now show_static_rule() function is simple, it just prints each part
of rule separately: action, modifiers, proto, src and dst addresses,
options. The main goal of this change is avoiding occurrence of wrong
result of `ifpw show` command, that can not be parsed by ipfw(8).
Also now it is possible to make some simple static optimizations
by reordering of opcodes in the rule.
PR: 222705
Discussed with: melifaro
MFC after: 2 weeks
Sponsored by: Yandex LLC
According to 802.1Q-2014, VLAN tagged packets with VLAN id 0 should be
considered as untagged, and only PCP and DEI values from the VLAN tag
are meaningful. See for instance
https://www.cisco.com/c/en/us/td/docs/switches/connectedgrid/cg-switch-sw-master/software/configuration/guide/vlan0/b_vlan_0.html.
Make it possible to specify PCP value for outgoing packets on an
ethernet interface. When PCP is supplied, the tag is appended, VLAN
id set to 0, and PCP is filled by the supplied value. The code to do
VLAN tag encapsulation is refactored from the if_vlan.c and moved into
if_ethersubr.c.
Drivers might have issues with filtering VID 0 packets on
receive. This bug should be fixed for each driver.
Reviewed by: ae (previous version), hselasky, melifaro
Sponsored by: Mellanox Technologies
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D14702
If the operation is not an update, if neither r/w nor r/o mode is
explicitly requested, if the error code hints at the possibility of the
media being read-only, and if the fallback is allowed, then we can try
to automatically downgrade to the readonly mode.
This is especially useful for auto-mounting of removable media that
sometimes can happen to be write-protected.
The fallback to r/o is not enabled by default. It can be requested on a
per-mount basis with a new mount option, 'autoro'. Or it can be
globally allowed by setting vfs.default_autoro.
Reviewed by: cem, kib
MFC after: 3 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D13361
Followup to r313780. Also prefix ext2's and nandfs's versions with
EXT2_ and NANDFS_.
Reported by: kib
Reviewed by: kib, mckusick
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D9623
It allows to change namespace parameters, such as block size, metadata,
protection information, etc. and/or erase the data.
MFC after: 2 weeks
Sponsored by: iXsystems, Inc.
ip_reass() expects IPv4 packet and will just corrupt any IPv6 packets
that it gets. Until proper IPv6 fragments handling function will be
implemented, pass IPv6 packets to next rule.
PR: 170604
MFC after: 1 week
Most sysctl nodes only return a single value, but some nodes return an
array of values (e.g. kern.cp_time). sysctl(8) understand how to display
the values of a node that returns multiple values (it prints out each
numeric value separated by spaces). However, until now sysctl(8) has
only been able to set sysctl nodes to a single value. This change
allows sysctl to accept a new value for a numeric sysctl node that contains
multiple values separated by either spaces or commas. sysctl(8) parses
this list into an array of values and passes the array as the "new" value
to sysctl(2).
Reviewed by: rpokala
MFC after: 1 week
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D14569
The lookup_host() helper subroutine emits a struct in_addr value in network
byte order via caller passed pointer. However, the table value is expected
to be stored in host byte order. On little-endian machines, this produced a
reversed endian table value for Legacy or IPv4 table types when the value
was a hostname (instead of a plain IP address).
Fix by using ntohl() on the output 32-bit address.
While here, avoid some aliasing violations by storing the lookup_host()
output in an intermediate object of the correct type.
PR: 226429
Reported by: bugs.freebsd.org AT mx.zzux.com (also: Tested by)
Security: ipfw hostname table rules could potentially not act as admin intended
Sponsored by: Dell EMC Isilon
When dhclient first starts, if an old IP address exists in the
dhclient.leases file, dhclient(8) sends early DHCPREQUEST message(s)
in an attempt to re-obtain the old IP address again. These messages
contain the old IP as a requested-IP-address option in the message
body (correct) but also use the old IP address as the packet's source
IP (incorrect).
RFC2131 sec 4.1 states:
DHCP messages broadcast by a client prior to that client obtaining
its IP address must have the source address field in the IP header
set to 0.
The use of the old IP as the packet's source address is incorrect if
(a) the computer is now on a different network or (b) it is on the
same network, but the old IP has been reallocated to another host.
Fix dhclient to use 0.0.0.0 as the source IP in this circumstance
without removing any existing functionality. Any previously-used old
IP is still requested in the body of an early DHCPREQUEST message.
PR: 199378
Submitted by: J.R. Oldroyd <fbsd@opal.com>
Reported by: J.R. Oldroyd <fbsd@opal.com>
Reviewed by: cem, asomers, vangyzen
MFC after: 1 week
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D14527
nothing - it was checking for ENXIO, which, with devfs, is no longer
returned - and was badly placed anyway, and replaces it with similar
one that works, and is done just before starting getty, instead of being
done when rereading ttys(5).
From the practical point of view, this makes init(8) handle disappearing
terminals (eg /dev/ttyU*) gracefully, without unneccessary getty restarts
and resulting error messages.
Reviewed by: imp@
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D14307
Remove bitfields from defined structures as they are not portable.
Instead use shift and mask macros in the driver and nvmecontrol application.
NVMe is now working on powerpc64 host.
Submitted by: Michal Stanek <mst@semihalf.com>
Obtained from: Semihalf
Reviewed by: imp, wma
Sponsored by: IBM, QCM Technologies
Differential revision: https://reviews.freebsd.org/D13916
Mostly const-correctness fixes. There were also some variable-shadowing,
unused variable, and a couple of sockaddr type-correctness changes. I also had
trouble with cast-align warnings. I was able to prove that one of them was a
false positive. But ultimately I had to disable the warning program-wide to
deal with the others.
Reviewed by: cem
MFC after: 3 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D14460
To minimize the time spent scanning all of the directories in pass 2
(Check Pathnames), fsck uses a search order based on the location
of their first block. Zero length directories have no first block,
so the array being used to hold the block numbers of directory
inodes was of zero length. Thus a lookup was done past the end of
the array getting at best a random value and at worst a segment
fault. For zero length directories, this change allocates a one
element block array and initializes it to zero. The effect is that
all zero length directories are handled first in pass 2.
Reviewed by: brooks
Differential Revision: https://reviews.freebsd.org/D14163
The current route(8) manpage shows that "flush" is an argument to
the optional -n flag, rather than a separate subcommand. Correct
this to properly show flush as a route subcommand.
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Reviewed by: rgrimes
Differential Revision: https://reviews.freebsd.org/D14401
Only require a gateway to be specified on a route add request. On
a route change request that does not specify the gateway, the
gateway will remain the same. This allows changing other route
parameters without having to re-specifying the gateway, like in
"route change 10.0.0.0/8 -mtu 9000".
Update the route(8) manpage to explicitly call out this usage
as being supported.
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Reviewed By: eugen (rtsock.c change), rgrimes
Differential Revision: https://reviews.freebsd.org/D14291
Despite best efforts to regularize, there's a few tables in the system
that still report they are for bus usb when they are really for bus
uhub (where usb devices attach). Add a temporary workaround for this
until these places have been eliminated (likely my fault).
Second, when running verbose, describe what we're doing when
searching. This output can be quite long, but says exactly what's
going on (this output is to stdout, so it's useless for scripting).
Multiple drivers can match on the same USB device and the order of loading
decides which driver gets the device. Use the supplied mask value as an
indication of priority, so that vendor specific device drivers are loaded
before more generic ones.
Sponsored by: Mellanox Technologies
In testing, it's often useful to copy a few files into a directory and
kldxref them to ensure that particular cases are handled correctly.
Add --hints (-h) to facilitate this testing and enable future
automated testing.
Sponsored by: Netflix
'I' was omitting 'zero' values. This is not quite correct, and was put
in as a hack but not documented. Remove it. If we find what the hack
was really needed for, we'll either fix the need for it, or invent a
new flagged value type.
Submitted by: hps@
Sponsored by: Netflix
Implement 'T' field matching. This is needed to prevent false
positives. However, it's not general enough. It only handles one field
and there's a ton of edge cases even with that it likely wouldn't
handle. To do it more generally and also eliminate a lot of the
hackiness that's in this program now, we'd need to creating
directories for lookups ala awk, pearl, python, etc. It appears to be
sufficient, though, to get my keyboard loaded on boot.
Sponsored by: Netflix
Rev 244218 removed the requirement that you provide a dump
directory when checking if there is a coredump ready to be written.
That had the side-effect of causing the bounds file to be read
from the current working directory instead of the dump directory.
As the bounds file is irrelevant when just checking, the simplest
fix is to not read the bounds file when checking.
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D14383
select(2) should be declared as restrict. In addition the only fd in
the fdset is open O_RDONLY, and it's not a socket that can provide OOB
notifications,
Reviewed by: ian, imp, vangyzen
This works similarly to the existing gzip compression support, but
zstd is typically faster and gives better compression ratios.
Support for this functionality must be configured by adding ZSTDIO to
one's kernel configuration file. dumpon(8)'s new -Z option is used to
configure zstd compression for kernel dumps. savecore(8) now recognizes
and saves zstd-compressed kernel dumps with a .zst extension.
Submitted by: cem (original version)
Relnotes: yes
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D13101,
https://reviews.freebsd.org/D13633
folks running filesystems created on check-hash enabled kernels
(which I will call "new") on a non-check-hash enabled kernels (which
I will call "old). The idea here is to detect when a filesystem is
run on an old kernel and flag the filesystem so that when it gets
moved back to a new kernel, it will not start getting a slew of
check-hash errors.
Back when the UFS version 2 filesystem was created, it added a file
flag FS_INDEXDIRS that was to be set on any filesystem that kept
some sort of on-disk indexing for directories. The idea was precisely
to solve the issue we have today. Specifically that a newer kernel
that supported indexing would be able to tell that the filesystem
had been run on an older non-indexing kernel and that the indexes
should not be used until they had been rebuilt. Since we have never
implemented on-disk directory indicies, the FS_INDEXDIRS flag is
cleared every time any UFS version 2 filesystem ever created is
mounted for writing.
This commit repurposes the FS_INDEXDIRS flag as the FS_METACKHASH
flag. Thus, the FS_METACKHASH is definitively known to have always
been cleared. The FS_INDEXDIRS flag has been moved to a new block
of flags that will always be cleared starting with this commit
(until they get used to implement some future feature which needs
to detect that the filesystem was mounted on a kernel that predates
the new feature).
If a filesystem with check-hashes enabled is mounted on an old
kernel the FS_METACKHASH flag is cleared. When that filesystem is
mounted on a new kernel it will see that the FS_METACKHASH has been
cleared and clears all of the fs_metackhash flags. To get them
re-enabled the user must run fsck (in interactive mode without the
-y flag) which will ask for each supported check hash whether it
should be rebuilt and enabled. When fsck is run in its default preen
mode, it will just ignore the check hashes so they will remain
disabled.
The kernel has always disabled any check hash functions that it
does not support, so as more types of check hashes are added, we
will get a non-surprising result. Specifically if filesystems get
moved to kernels supporting fewer of the check hashes, those that
are not supported will be disabled. If the filesystem is moved back
to a kernel with more of the check-hashes available and fsck is run
interactively to rebuild them, then their checking will resume.
Otherwise just the smaller subset will be checked.
A side effect of this commit is that filesystems running with
cylinder-group check hashes will stop having them checked until
fsck is run to re-enable them (since none of them currently have
the FS_METACKHASH flag set). So, if you want check hashes enabled
on your filesystems after booting a kernel with these changes, you
need to run fsck to enable them. Any newly created filesystems will
have check hashes enabled. If in doubt as to whether you have check
hashes emabled, run dumpfs and look at the list of enabled flags
at the end of the superblock details.
Most consumers of g_metadata_store were passing in partially unallocated
memory, resulting in stack garbage being written to disk labels. Fix them by
zeroing the memory first.
gvirstor repeated the same mistake, but in the kernel.
Also, glabel's label contained a fixed-size string that wasn't
initialized to zero.
PR: 222077
Reported by: Maxim Khitrov <max@mxcrypt.com>
Reviewed by: cem
MFC after: 3 weeks
X-MFC-With: 323314
X-MFC-With: 323338
Differential Revision: https://reviews.freebsd.org/D14164
