Due to the amount of code removed by this, it seems that allowing unmatched
quotes was a deliberate imitation of System V sh and real ksh. Most other
shells do not allow unmatched quotes (e.g. bash, zsh, pdksh, NetBSD /bin/sh,
dash).
PR: bin/137657
The most important test is the mapping fixed at address 0 depending on the
new sysctl.
Things will be updated and possibly converted to m4/.t style once the
details about the kernel patch will be shaken out.
Submitted by: simon (initial version)
handler to make it more clear why we are 'suddenly' running df,
umount, and mdconfig.
- Remove trap handler again after we have unconfigured the memory
device etc. Before we could end up running the trap handler if a
later stage failed, which was a bit confusing and not really useful.
MFC after: 2 weeks
"The escape sequence '\n' shall match a <newline> embedded in
the pattern space."
It is unclear whether this also applies to a \n embedded in a
character class. Disable the existing handling of \n in a character
class following Mac OS X, GNU sed version 4.1.5 with --posix, and
SunOS 5.10 /usr/bin/sed.
Pointed by: Marius Strobl
Obtained from: Mac OS X
of the y (translate) command.
"If a backslash character is immediately followed by a backslash
character in string1 or string2, the two backslash characters shall
be counted as a single literal backslash character"
Pointed by: Marius Strobl
Obtained from: Mac OS X
Empty pairs of braces are represented by a NULL node pointer, just like
empty lines at the top level.
Support for empty pairs of braces may be removed later. They make the code
more complex, have inconsistent behaviour (may or may not change $?), are
not specified by POSIX and are not allowed by some other shells like bash,
dash and ksh93.
Reported by: kan
- Add linprocfs and linsysfs to the linuxulator dox.
- Take the generated includes from the .m files from a subdirectory
instead of putting everything into $(.OBJDIR). This imporves the
human readbility of the source directory contents a lot, if you do not
create a separate OBJDIR.
- Assume UTF-8 encoding for every input file.
- Strip the source and dest path from the output, we are not interested
in the absolute location on the machine where the docs are created,
relative the the root of the FreeBSD source is what interests us.
- Exclude .svn directories.
- Switch to alphabetic index.
- Use one line per INCLUDE_PATH member in the common dox-config.
- Bump the __FreeBSD__ version to 9. [MFC: to 8]
- Switch from hardcoded .m files to an run-time generated one. Takes
a little bit more time to get started with actual work, but at least
is more future-proof. If you generate dox for all subsystems, the
time to find all .m files in the source is magnitutes lower than
producing the docs.
- Make the *DEST_PATH overidable from the environment. This allows to
produce the output directly in the docroot of a webserver.
- Fix the path when telling the user where he can find the API docs.
MFC after: 1 month (after 8.0)
Add a reference count to function definitions.
Memory may leak if multiple SIGINTs arrive in interactive mode,
this will be fixed later by changing SIGINT handling.
PR: bin/137640
reported as failures, even if the actual library / system call
would succeed, because error message would be reported if the return
value from jail_setv() call was >= 0, and if not, then if that same
value was < 0, i.e. always. The correct behavior is to abort (only)
if jail_setv() returns < 0.
Approved by: re (rwatson), julian (mentor)
network stack instances, which is provided for compatibility with
older applications. This change brings it back to life in a followup
to the initial conversion of vimage to use the new jail(4)
userland-kernel API:
- when creating vimages via "vimage -c", by default turn on a few
options expected by legacy applications, such as allow operations on
raw sockets, FS mounts etc, and allow jail-related parameters to be
optionally configured.
- introduce the "-m" modifier which allows for configuring jail
parameters of existing vimages / vnet-jails.
- make "vimage name command ..." actually work.
- when reassigning ifnets to vnets using "vimage -i", attempt to rename
the ifnet as "ethXXX" on arrival in the target vnet. Several legacy
applications are known to depend heavily on such behavior.
- vimage -l lists only jails associated with vnets. The output is
sorted using vimage / jail names as keys.
- vimage -l by default searches only the current level in the jail
hierarchy. Recursive listing can be requested via -r switch.
- vimage -l by default prints only jail names on each line, making
such output suitable for pipelining to other commands. More verbose
output can be obtained via -v switch, and even more jail specific
information will be displayed if -j switch is turned on.
- there's no need to build vimage as statically linked, so update the
Makefile accordingly.
- update the vimage.8 man page.
Approved by: re (rwatson), julian (mentor)
MFC after: immediately
Make regression/priv compile again after the multi-IP jail
changes. Note that we are still using the legacy jail(2)
rather than the jail_set(2)/jail(3) syscall.
Add an IPv4, and an IPv6 loopback address in case we compile
with INET6 enabled.
Make the priv_vfs_extattr_system compile on amd64 as well using the
proper length modifier to printf(3) for ssize_t.
Reviewed by: rwatson
Approved by: re (kib)
o do not force monitor mode; the wlanX ifnet must be an ahdemo mode vap
o move channel change work before marking ifnet up to avoid churning
the state machine
o change default ifnet name to "wlan0"
Approved by: re (kensmith)
net80211 wireless stack. This work is based on the March 2009 D3.0 draft
standard. This standard is expected to become final next year.
This includes two main net80211 modules, ieee80211_mesh.c
which deals with peer link management, link metric calculation,
routing table control and mesh configuration and ieee80211_hwmp.c
which deals with the actually routing process on the mesh network.
HWMP is the mandatory routing protocol on by the mesh standard, but
others, such as RA-OLSR, can be implemented.
Authentication and encryption are not implemented.
There are several scripts under tools/tools/net80211/scripts that can be
used to test different mesh network topologies and they also teach you
how to setup a mesh vap (for the impatient: ifconfig wlan0 create
wlandev ... wlanmode mesh).
A new build option is available: IEEE80211_SUPPORT_MESH and it's enabled
by default on GENERIC kernels for i386, amd64, sparc64 and pc98.
Drivers that support mesh networks right now are: ath, ral and mwl.
More information at: http://wiki.freebsd.org/WifiMesh
Please note that this work is experimental. Also, please note that
bridging a mesh vap with another network interface is not yet supported.
Many thanks to the FreeBSD Foundation for sponsoring this project and to
Sam Leffler for his support.
Also, I would like to thank Gateworks Corporation for sending me a
Cambria board which was used during the development of this project.
Reviewed by: sam
Approved by: re (kensmith)
Obtained from: projects/mesh11s
display '+' on them. Taken from kern/125613, with cosmetic
changes.
PR: kern/125613
Submitted by: Jaakko Heinonen <jh at saunalahti dot fi>
Approved by: re (kib)
- creation of sparse files to speed up the build process. This was
discussed with phk 2 years ago and he disagreed with this change.
- handling of negative data partition sizes.
Can I have the ... green pointy hat, please?
- buildworld and buildkernel are built into MAKEOBJDIRPREFIX
- installworld and installkernel are performed on NANO_OBJ.
No change of functionality if MAKEOBJDIRPREFIX is not set. If it is sea,t
clean_world deletes NANO_OBJ instead of NANO_WORLDDIR. By starting nanobsd.sh
with the -b option the existing world can be reused to build a new world
reducing time and disk space considerably.
While there:
- Fix two cases where (in comments) MAKEOBJDIRPREFIX should have been
NANO_DISKIMGDIR.
- Simplify an 'if (not wrong); then true; else action; fi' into
'if wrong; then action; fi'. 'if ! false; then echo hello; fi' produces hello.
Note: Make sure you use NANO_OBJ were you use MAKEOBJDIRPREFIX now in your
nanobsd.conf files if you want to split out.
number.
It is possible to ask nanobsd.sh to create a 'data' partition,
separate from the system or configuration partitions, and
furthermore, by specifying a negative value for its size
to request that it use all space unused by those partitions
for its own size.
Because the two lines of code that calculate how much space
is available for this data partition are written in perl-like
syntax, the awk code that does the processing performs the
calculation incorrectly.
[note - this was already fixed by r174936]
Furthermore, a comparison later down fails to newfs the
partition when the size is negative.
PR: misc/127759
Submitted by: Cyrus Rahman <crahman@gmail.com>
MFC after: 1 week
This patch against RELENG_6 adds two more entries to
src/tools/tools/nanobsd/FlashDevice.sub - one for a 256MB
Hitachi CF card and one for a 256MB Silicon Systems CF card.
Both entries have been verified to work with a Soekris net4801.
PR: kern/101228
Submitted by: Henrik Brix Andersen <henrik@brixandersen.dk>
MFC after: 1 week
any open file descriptors >= 'lowfd'. It is largely identical to the same
function on other operating systems such as Solaris, DFly, NetBSD, and
OpenBSD. One difference from other *BSD is that this closefrom() does not
fail with any errors. In practice, while the manpages for NetBSD and
OpenBSD claim that they return EINTR, they ignore internal errors from
close() and never return EINTR. DFly does return EINTR, but for the common
use case (closing fd's prior to execve()), the caller really wants all
fd's closed and returning EINTR just forces callers to call closefrom() in
a loop until it stops failing.
Note that this implementation of closefrom(2) does not make any effort to
resolve userland races with open(2) in other threads. As such, it is not
multithread safe.
Submitted by: rwatson (initial version)
Reviewed by: rwatson
MFC after: 2 weeks
also be able to print information about...
- length of the terminal capabilties
- dump of one terminal definition
- relationship overview for a terminal definition
I found out that the input format of the Boemler list was different
than what the code expected: The last two fields were interpreted
as one. Checking the csv version of the list it showed that there
was sometimes a chipset number in the column before the card
description.
This is a rewrite to use the CSV format of the Boemler list. The
output is differently formatted: Instead of the "chip description",
it is now "description (chip)"
o add (required) cmd line args to specify the set of ifnet's to monitor
for WDS discovery msgs; "any" is a wildcard
o change the default script run on wds vap create to the "null script"
o auto-daemonize; add -f option to force foreground operation
o add -P option for integration with rc.d (implementation missing, tba)
o use syslog; default to log up to LOG_INFO, -t (terse) gives you up to
LOG_ERR, and -v (verbose) gives you up to LOG_DEBUG
o scan for existing vaps on startup to recover existing state
o correct some types
because it means getdelim() returns -1 for both error and EOF, and
never returns 0. However, this is what the original GNU implementation
does, and POSIX inherited the bug.
Reported by: marcus@
Not only did these two drivers depend on IFF_NEEDSGIANT, they were
broken 7 months ago during the MPSAFE TTY import. if_ppp(4) has been
replaced by ppp(8). There is no replacement for if_sl(4).
If we see regressions in for example the ports tree, we should just use
__FreeBSD_version 800045 to check whether if_ppp(4) and if_sl(4) are
present. Version 800045 is used to denote the import of MPSAFE TTY.
Discussed with: rwatson, but also rwatson's IFF_NEEDSGIANT emails on the
lists.
driver in Linux 2.6. uscanner was just a simple wrapper around a fifo and
contained no logic, the default interface is now libusb (supported by sane).
Reviewed by: HPS
This tool creates large numbers of TCP connections, each of which will
transmit a fixed amount of data, between client and server hosts. tcpp can
use multiple workers (typically up to the number of hardware cores), and can
use multiple source IPs in order to use an expanded port/IP 4-tuple space to
avoid problems from reusing 4-tuples too quickly. Aggregate bandwidth use
will be reported after a client run.
While by no means a perfect tool, it has proven quite useful in generating
and optimizing TCP stack lock contention by easily generating high-intensity
workloads. It also proves surprisingly good at finding device driver bugs.
colliding upper case letters as the lower case letter with a '_' in
front.
MFC after: 3 days
Discussed with: ed
Spotted by: Michael David Crawford <mdc at prgmr.com>
o turn off a bunch of stuff that's unlikely to be used
o add flash support
o use mii instead of miibus to save space
o enable tdma support
o configure legacy usb as usb2 works only on 2348 w/ 64M configs
The function pow() in libmp(3) clashes with pow(3) in libm. We could
rename this single function, but we can just take the same approach as
the Solaris folks did, which is to prefix all function names with mp_.
libmp(3) isn't really popular nowadays. I suspect not a single
application in ports depends on it. There's still a chance, so I've
increased the SHLIB_MAJOR and __FreeBSD_version.
Reviewed by: deischen, rdivacky
It is only really necessary for open(2)'s third argument, which is optional and
obtained through stdarg(3). open(2)'s third argument is 32bit and we pass 64
bits. On little endian it works, because we take lower 32 bits, but on big
endian platforms we take upper 32 bits, so we end up with 0.
Reported by: Milan Čermák <Milan.Cermak@Sun.COM>
allocated in a fork(2)-inheritable way at the beginning or end of an
accept(2) system call. This test creates a test thread and blocks it
in accept(2), then forks a child process which tests to see if the
next available file descriptor is defined or not (EBADF vs EINVAL for
ftruncate(2)).
This detects a regression introduced during the network stack locking
work, in which a very narrow race during which fork(2) from one
thread during accept(2) in a second thread lead to an extra inherited
file descriptor turned into a very wide race ensuring that a
descriptor was leaked into the child even though it hadn't been
returned.
PR: kern/130348
- Print human readable time as a float with two digits of precision. Use
ns now as well since clock periods are well into the hundreds of
picoseconds now.
- Show the average duration in the stats frame. This is often more useful
than total duration.
about invalid timestamps. Nehalem CPUs seem to be synchronized but only
within a fraction of a microsecond.
- Make the Counter code more flexible to poor timestamps. In general we
now complain a lot but render as much as we can.
- Change the scaler behavior so it works better with very long and very
short traces. We now set the maximum scale such that it properly
displays the entire file by default and doesn't permit zooming out
beyond the file. This improves other awkward navigation behavior.
The interval is now set very small which can't be achieved by simply
dragging the mouse. Clicking to the left of or right of the scaler bar
will produce increments of a single, very small, interval now.
Sponsored by: Nokia
printing it to the terminal. Now only parse errors go to the terminal.
- Speedup drawing by raising and lowering tags only once everything has
been drawn. Surprisingly, it now takes a little longer to parse than
it does to draw.
- Parameterize the layout with X_ and Y_ defines that determine the sizes
of various things.
- Remove unnecessary tags.
optimized single pass function for each. This reduces the number of
tkinter calls required to the minimum.
- Add a right-click context menu for sources. Supported commands hide
the source, hide the whole group the source is in, and bring up a stat
window.
- Add a source stat frame that gives an event frequency table as well as
the total duration for each event type that has a duration. This can
be used to see, for example, the total time a thread spent running or
blocked by a wchan or lock.
quoth the README:
I have been running -current on my laptop since before FreeBSD 2.0 was
released and along the way developed this little trick to making the
task easier.
sysbuild.sh is a way to build a new FreeBSD system on a computer from
a specification, while leaving the current installation intact.
sysbuild.sh assume you have two partitions that can hold your rootfs
and can be booted, and roughly speaking, all it does is build a new
system into the one you don't use, from the one you do use.
A partition named /freebsd is assumed to be part of your layout, and
that is where the sources and ports will be found.
If you know how nanobsd works, you will find a lot of similarity.
displaying sources.
- Add functions to the main SchedGraph to facilitate source hiding. The
source is simply moved off screen and all other sources are moved to
compensate.
This no longer requires any custom classes or parsers to support new
event types.
- Add an optional command line argument for specifying the clock frequency
in ghz. This is useful for traces that do not include KTR_SCHED.
Sponsored by: Nokia
- Add support for sorting rows by clicking and dragging them to their new
position.
- Add support for configuring the cpu background colors.
- Improve the scaling so a better center is maintained as you zoom. This
is not perfect due to precision loss with floats used in the window
views.
- Add new colors and a random assignment for unknown event types. A table
is used for known event types. This is the only event specific
information.
The jot(1) regression tests directory contained two tests named `wx' and
`wX', which doesn't work on case insensitive filesystems. Rename `wX' to
`wX1'.
MFC after: 1 month
- Callwheels traced via KTR_CALLOUT. Each CPU is assigned a callwheel
source. The events on this source are the execution of individual callout
routines. Each routine shows up as a green rectangle while it is executed
and the event details include the function pointer and argument.
- Locks traced via KTR_LOCK. Currently, each lock name is assigned an event
source (since the existing KTR_LOCK traces only include lock names and
not pointers). This does mean that if multiple locks of the same name are
manipulated, the source line for that name may be confusing. However, for
many cases this can be useful. Locks are blue when they are held and
purple when contested. The contention support is a bit weak due to
limitations in the rw_rlock() and mtx_lock_spin() logging messages
currently. I also have not added support for contention on lockmgr,
sx, or rmlocks yet. What is there now can be profitably used to examine
activity on Giant however.
- Expand the width of the event source names column a bit to allow for some
of the longer names of these new source types.
(threads, CPU load counters, etc.). Each source is tagged with a group
and an order similar to the SYSINIT SI_SUB_* and SI_ORDER_*. After
the file is parsed, all the sources are then sorted. Currently, the only
affects of this are that the CPU loads are now sorted by CPU ID (so
CPU 0 is always first). However, this makes it easier to add new types
of event sources in the future and have them all clustered together
instead of intertwined with threads.
- Python lists perform insertions at the tail much faster than insertions
at the head. For a trace that had a lot of events for a single event
source, the constant insertions of new events to the head of the
per-source event list caused a noticable slow down. To compensate,
append new events to the end of the list during parsing and then
reverse the list prior to drawing.
- Somewhere in the tkinter internals the coordinates of a canvas are
stored in a signed 32-bit integer. As a result, if an the box for
an event spans 2^31, it would actually end up having a negative
X offset at one end. The result was a single box that covered the
entire event source. Kris worked around this for some traces by
bumping up the initial ticks/pixel ratio from 1 to 10. However, a
divisor of 10 can still be too small for large tracefiles (e.g.
with 4 million entries). Instead of hardcoding the initial scaling
ratio, calculate it from the time span of the trace file.
- Add support for using the mouse wheel to scroll the graph window
up and down.
o add net80211 support for a tdma vap that is built on top of the
existing adhoc-demo support
o add tdma scheduling of frame transmission to the ath driver; it's
conceivable other devices might be capable of this too in which case
they can make use of the 802.11 protocol additions etc.
o add minor bits to user tools that need to know: ifconfig to setup and
configure, new statistics in athstats, and new debug mask bits
While the architecture can support >2 slots in a TDMA BSS the current
design is intended (and tested) for only 2 slots.
Sponsored by: Intel
This bring huge amount of changes, I'll enumerate only user-visible changes:
- Delegated Administration
Allows regular users to perform ZFS operations, like file system
creation, snapshot creation, etc.
- L2ARC
Level 2 cache for ZFS - allows to use additional disks for cache.
Huge performance improvements mostly for random read of mostly
static content.
- slog
Allow to use additional disks for ZFS Intent Log to speed up
operations like fsync(2).
- vfs.zfs.super_owner
Allows regular users to perform privileged operations on files stored
on ZFS file systems owned by him. Very careful with this one.
- chflags(2)
Not all the flags are supported. This still needs work.
- ZFSBoot
Support to boot off of ZFS pool. Not finished, AFAIK.
Submitted by: dfr
- Snapshot properties
- New failure modes
Before if write requested failed, system paniced. Now one
can select from one of three failure modes:
- panic - panic on write error
- wait - wait for disk to reappear
- continue - serve read requests if possible, block write requests
- Refquota, refreservation properties
Just quota and reservation properties, but don't count space consumed
by children file systems, clones and snapshots.
- Sparse volumes
ZVOLs that don't reserve space in the pool.
- External attributes
Compatible with extattr(2).
- NFSv4-ACLs
Not sure about the status, might not be complete yet.
Submitted by: trasz
- Creation-time properties
- Regression tests for zpool(8) command.
Obtained from: OpenSolaris
"A function can be preceded by one or more '!' characters, in which
case the function shall be applied if the addresses do not select
the pattern space."
from one parent directory to another, in addition to the usual access checks
one also needs write access to the subdirectory being moved.
Approved by: rwatson (mentor), pjd
and server. This replaces the RPC implementation of the NFS client and
server with the newer RPC implementation originally developed
(actually ported from the userland sunrpc code) to support the NFS
Lock Manager. I have tested this code extensively and I believe it is
stable and that performance is at least equal to the legacy RPC
implementation.
The NFS code currently contains support for both the new RPC
implementation and the older legacy implementation inherited from the
original NFS codebase. The default is to use the new implementation -
add the NFS_LEGACYRPC option to fall back to the old code. When I
merge this support back to RELENG_7, I will probably change this so
that users have to 'opt in' to get the new code.
To use RPCSEC_GSS on either client or server, you must build a kernel
which includes the KGSSAPI option and the crypto device. On the
userland side, you must build at least a new libc, mountd, mount_nfs
and gssd. You must install new versions of /etc/rc.d/gssd and
/etc/rc.d/nfsd and add 'gssd_enable=YES' to /etc/rc.conf.
As long as gssd is running, you should be able to mount an NFS
filesystem from a server that requires RPCSEC_GSS authentication. The
mount itself can happen without any kerberos credentials but all
access to the filesystem will be denied unless the accessing user has
a valid ticket file in the standard place (/tmp/krb5cc_<uid>). There
is currently no support for situations where the ticket file is in a
different place, such as when the user logged in via SSH and has
delegated credentials from that login. This restriction is also
present in Solaris and Linux. In theory, we could improve this in
future, possibly using Brooks Davis' implementation of variant
symlinks.
Supporting RPCSEC_GSS on a server is nearly as simple. You must create
service creds for the server in the form 'nfs/<fqdn>@<REALM>' and
install them in /etc/krb5.keytab. The standard heimdal utility ktutil
makes this fairly easy. After the service creds have been created, you
can add a '-sec=krb5' option to /etc/exports and restart both mountd
and nfsd.
The only other difference an administrator should notice is that nfsd
doesn't fork to create service threads any more. In normal operation,
there will be two nfsd processes, one in userland waiting for TCP
connections and one in the kernel handling requests. The latter
process will create as many kthreads as required - these should be
visible via 'top -H'. The code has some support for varying the number
of service threads according to load but initially at least, nfsd uses
a fixed number of threads according to the value supplied to its '-n'
option.
Sponsored by: Isilon Systems
MFC after: 1 month
it relies on non-portable flock(2) semantics. Not only is flock(2) not
portable, but on some OSes that do have it, it is implemented in terms
of fcntl(2) locks, which are per-process rather than per-descriptor.
will cause it to return 0, not EAGAIN.
Add UNIX domain socket support to udpzerobyte, which suggests this
regression test should be moved to the general sockets test area rather
than netinet.
possible to make NanoBSD output more quite or verbose. The default
output should remain mostly unchanged. [1]
- Add missing shift for -i.
- Clean up usage() so it's now (mostly) sorted alphabetically.
- Make command line argument handling more consistent in the code and
remove redundant semicolons.
Reviwed by: phk [1]
* Allow the image name to be renamed via NANO_IMGNAME.
* Propagate TARGET_ARCH into src top level make targets
explicitly to support cross-building.
* Increase the default size of NanoBSD media from 488MB to
584MB to accomodate a -CURRENT world.
Reviewed by: phk
control over the result of buildworld and installworld; this especially
helps packaging systems such as nanobsd
Reviewed by: various (posted to arch)
MFC after: 1 month
once it is lost, all data is gone.
Option '-B none' can by used to prevent backup. Option '-B path' can be
used to backup metadata to a different file than the default, which is
/var/backups/<prov>.eli.
The 'geli init' command also prints backup file location and gives short
procedure how to restore metadata.
The 'geli setkey' command now warns that even after passphrase change or keys
update there could be version of the master key encrypted with old
keys/passphrase in the backup file.
Add regression tests to verify that new functionality works as expected.
Update other regression tests so they don't create backup files.
Reviewed by: keramida, rink
Dedicated to: a friend who lost 400GB of his live by accidentally overwritting geli metadata
MFC after: 2 weeks
This fixes potential out-of-bound accesses when testing ciphers with block size
greater than 8 bytes (e.g. AES).
Submitted by: Bartlomiej Sieka tur ! semihalf dot com
Discussed with: pjd, sam
larger than 2GB to prevent an overflow [1].
Make case-insensitive comparison work for siliconsystems, soekris and
transcend devices.
PR: conf/126386 [1]
Submitted by: Mark A [1]
MFC after: 1 month
the first value (environ[0]) to NULL. This is in addition to the
current detection of environ being replaced, which includes being set to
NULL. Without this fix, the environment is not truly wiped, but appears
to be by getenv() until an *env() call is made to alter the enviroment.
This change is necessary to support those applications that use this
method for clearing environ such as Dovecot and Postfix. Applications
such as Sendmail and the base system's env replace environ (already
detected). While neither of these methods are defined by SUSv3, it is
best to support them due to historic reasons and in lieu of a clean,
defined method.
Add extra units tests for clearing environ using four different methods:
1. Set environ to NULL pointer.
2. Set environ[0] to NULL pointer.
3. Set environ to calloc()'d NULL-terminated array.
4. Set environ to static NULL-terminated array.
Noticed by: Timo Sirainen
MFC after: 3 days
the default ICMPv6 filter is pass all, test that we can set it to block
all and restore to pass all. No attempt is made to test that the
filtering works, just that we can get and set it.
is used to grab and hold some number of multicast addresses in order
to test what happens when an interface goes over the number of multicast
addresses it can filter in hardware.
I wrote these to test amd64 asm functions that used
maxss, maxsd, minss, and minsd, but it turns out that
those instructions don't handle NaNs and signed zero
in the same way as fmin() and fmax() are required to,
so we're stuck with the C versions for now.
The first test comes from OpenBSD, and the others are additions or
adaptations.
This is based on OpenBSD's
src/regress/lib/libc/sprintf/sprintf_test.c, v1.3.
I deliberately did not use v1.4 because it's bogus.
semaphores. Specifically, semaphores are now represented as new file
descriptor type that is set to close on exec. This removes the need for
all of the manual process reference counting (and fork, exec, and exit
event handlers) as the normal file descriptor operations handle all of
that for us nicely. It is also suggested as one possible implementation
in the spec and at least one other OS (OS X) uses this approach.
Some bugs that were fixed as a result include:
- References to a named semaphore whose name is removed still work after
the sem_unlink() operation. Prior to this patch, if a semaphore's name
was removed, valid handles from sem_open() would get EINVAL errors from
sem_getvalue(), sem_post(), etc. This fixes that.
- Unnamed semaphores created with sem_init() were not cleaned up when a
process exited or exec'd. They were only cleaned up if the process
did an explicit sem_destroy(). This could result in a leak of semaphore
objects that could never be cleaned up.
- On the other hand, if another process guessed the id (kernel pointer to
'struct ksem' of an unnamed semaphore (created via sem_init)) and had
write access to the semaphore based on UID/GID checks, then that other
process could manipulate the semaphore via sem_destroy(), sem_post(),
sem_wait(), etc.
- As part of the permission check (UID/GID), the umask of the proces
creating the semaphore was not honored. Thus if your umask denied group
read/write access but the explicit mode in the sem_init() call allowed
it, the semaphore would be readable/writable by other users in the
same group, for example. This includes access via the previous bug.
- If the module refused to unload because there were active semaphores,
then it might have deregistered one or more of the semaphore system
calls before it noticed that there was a problem. I'm not sure if
this actually happened as the order that modules are discovered by the
kernel linker depends on how the actual .ko file is linked. One can
make the order deterministic by using a single module with a mod_event
handler that explicitly registers syscalls (and deregisters during
unload after any checks). This also fixes a race where even if the
sem_module unloaded first it would have destroyed locks that the
syscalls might be trying to access if they are still executing when
they are unloaded.
XXX: By the way, deregistering system calls doesn't do any blocking
to drain any threads from the calls.
- Some minor fixes to errno values on error. For example, sem_init()
isn't documented to return ENFILE or EMFILE if we run out of semaphores
the way that sem_open() can. Instead, it should return ENOSPC in that
case.
Other changes:
- Kernel semaphores now use a hash table to manage the namespace of
named semaphores nearly in a similar fashion to the POSIX shared memory
object file descriptors. Kernel semaphores can now also have names
longer than 14 chars (up to MAXPATHLEN) and can include subdirectories
in their pathname.
- The UID/GID permission checks for access to a named semaphore are now
done via vaccess() rather than a home-rolled set of checks.
- Now that kernel semaphores have an associated file object, the various
MAC checks for POSIX semaphores accept both a file credential and an
active credential. There is also a new posixsem_check_stat() since it
is possible to fstat() a semaphore file descriptor.
- A small set of regression tests (using the ksem API directly) is present
in src/tools/regression/posixsem.
Reported by: kris (1)
Tested by: kris
Reviewed by: rwatson (lightly)
MFC after: 1 month
provides the correct semantics for flock(2) style locks which are used by the
lockf(1) command line tool and the pidfile(3) library. It also implements
recovery from server restarts and ensures that dirty cache blocks are written
to the server before obtaining locks (allowing multiple clients to use file
locking to safely share data).
Sponsored by: Isilon Systems
PR: 94256
MFC after: 2 weeks
- It is opt-out for now so as to give it maximum testing, but it may be
turned opt-in for stable branches depending on the consensus. You
can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
It is harmless to steal the knob as SSP symbols have been provided
by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
(sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
libc will be automatically downgraded to -fstack-protector because it
breaks rtld otherwise.
- This option is unavailable on ia64.
Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
fifos, as this is required by the Single UNIX Specification, although
not currently implemented on FreeBSD.
While here, fix a bug in the directory timestamp checking test by
sleeping after querying the starting timestamp, rather than before.
a. The BSD version will be built and installed unless
WITHOUT_BSD_CPIO is defined.
b. The GNU version will not be built or installed unless
WITH_GNU_CPIO is defined. If this is defined, the symlink
in /usr/bin will be to the GNU version whether the BSD
version is present or not.
When these changes are MFCed the defaults should be flipped.
2. Add a knob to disable the building of GNU grep. This will
make it easier for those that want to test the BSD version in
the ports.
Approved by: kientzle [1]
parts relied on the now removed NET_NEEDS_GIANT.
Most of I4B has been disconnected from the build
since July 2007 in HEAD/RELENG_7.
This is what was removed:
- configuration in /etc/isdn
- examples
- man pages
- kernel configuration
- sys/i4b (drivers, layers, include files)
- user space tools
- i4b support from ppp
- further documentation
Discussed with: rwatson, re
AIO calls.
This small program queues up a controllable number of concurrent AIO
read operations w/ controllable io size against a disk or regular file.
There are a few other things to add (notably optional write support!)
but it works well enough at the present time to stress the AIO code out
relatively harshly in the disk IO case.
fit in a signed char
o change default output to something more useful for sta mode
o futz w/ various field names and widths; need to do full pass over this stuff
post collection. This is too error prone and introduces uncertainty into
the timing. We'll simply have to require synchronized TSCs to run
schedgraph on MP.
Sponsored by: Nokia
transmissions by the number of them running so that they do not
overwhelm the source.
Added a simple shell script to kick off sinks on multiple hosts as
well as a source on the host where the shell script is run. The script
also collects the output of all the sinks and the source into files named
for the host on which the tests are run. A date is appended to each output
file to make it unique per run.
after similar calls related to struct pwd in libutil/pw_util.c:
- gr_equal()
Perform a deep comparison of two struct grp's. It does a thorough, yet
unoptimized comparison of all the members regardless of order.
- gr_make()
Create a string (see group(5)) from a struct grp.
- gr_dup()
Duplicate a struct grp. Returns a value that is a single contiguous
block of memory.
- gr_scan()
Create a struct grp from a string (as produced by gr_make()).
MFC after: 3 weeks