Commit Graph

14352 Commits

Author SHA1 Message Date
Mikolaj Golub
9da0ef1316 1. Properly clean pid files in the case of the error.
2. Write the supervisor pid before the restart loop, so we don't
   uselessly rewrite it after every child restart.
3. Remove duplicate ppfh and pfh initialization.

Approved by:	re (glebius)
MFC after:	2 weeks
2013-09-19 18:00:05 +00:00
Peter Grehan
aa8cb5f311 Implement support for the interrupt-on-terminal-count and
s/w-strobe timer modes. These are commonly used by non-FreeBSD
o/s's.

Approved by:	re@ (blanket)
2013-09-19 04:59:44 +00:00
Peter Grehan
151dba4a87 Add simplistic periodic timer support to mevent using kqueue's
timer support. This should be enough for the emulation of
h/w periodic timers (and no more) e.g. some of the 8254's
more esoteric modes that happen to be used by non-FreeBSD o/s's.

Approved by:	re@ (blanket)
2013-09-19 04:48:26 +00:00
Peter Grehan
4458253e97 Allow the alarm hours/mins/seconds registers to be read/written,
though without any action. This avoids a hypervisor exit when
o/s's access these regs (Linux).

Reviewed by:	neel
Approved by:	re@ (blanket)
2013-09-19 04:29:03 +00:00
Peter Grehan
c20d3f633a Use correct offset for the high byte of high memory written to
RTC NVRAM.

Submitted by:	Bela Lubkin   bela dot lubkin at tidalscale dot com
Approved by:	re@ (blanket)
2013-09-19 04:20:18 +00:00
Edward Tomasz Napierala
7843bd031a Fix several problems in the new iSCSI stack; this includes interoperability
fix for LIO (Linux target), removing possibility for the target to avoid mutual
CHAP by choosing to skip authentication altogether, and fixing truncated error
messages in iscsictl(8) output.  This also fixes several of the problems found
with Coverity.

Note that this change requires world rebuild.

Coverity CID:	1088038, 1087998, 1087990, 1088004, 1088044, 1088041, 1088040
Approved by:	re (blanket)
Sponsored by:	FreeBSD Foundation
2013-09-18 21:15:21 +00:00
Edward Tomasz Napierala
c76e8a9aa0 Make iscsictl(8) automatically try to load the iscsi module. While here,
improve module loading in iscsid(8) and ctld(8).

Approved by:	re (delphij)
2013-09-18 08:37:14 +00:00
Peter Grehan
aaa3016924 Pass the number of supported vectors to pci_emul_add_msicap() and
not the actual PCI BAR number.

Reviewed by:	neel
Approved by:	re@ (blanket)
2013-09-17 18:42:13 +00:00
Edward Tomasz Napierala
1f90f28221 Improve iSCSI address resolution, fixing "InitiatorAddress" handling,
and error reporting.

Approved by:	re (kib)
2013-09-17 14:23:15 +00:00
Sean Bruno
22e3858c24 Assume that the -f argument is /dev/gpioc0 if it is not passed.
hrs@ provided this verison of the patch and showed me where all the needed
changes were to be made outside of gpioctl.c

Approved by:	re (hrs)
MFC after:	2 weeks
2013-09-17 11:48:47 +00:00
Dag-Erling Smørgrav
5a92968ca6 Set NO_WERROR for unbound until I can figure out how to unbreak the
non-clang build.

Approved by:	re (blanket)
2013-09-15 16:27:25 +00:00
Dag-Erling Smørgrav
8f8790cdf4 Build and install the Unbound caching DNS resolver daemon.
Approved by:	re (blanket)
2013-09-15 14:51:23 +00:00
Joel Dahl
33e1779ab8 Minor mdoc fixes.
Approved by:	re (blanket)
2013-09-14 21:43:18 +00:00
Edward Tomasz Napierala
009ea47eb2 Bring in the new iSCSI target and initiator.
Reviewed by:	ken (parts)
Approved by:	re (delphij)
Sponsored by:	FreeBSD Foundation
2013-09-14 15:29:06 +00:00
Sean Bruno
dbcb0e960a Add gpio(4) man page to attempt to document the current hints based setup of
pin outputs, functions and setup.

Add cross reference in gpioctl(8) for people to find.

This is by no means complete and really only covers gpioled(4) and the
Atheros based systems who expose a few extra hints at boot time.

This should be updated by developers who know more about this system than
I and viewed as the beginning of documentation, not the end.

Reviewed by:	adrian
Approved by:	re (joel)
MFC after:	2 weeks
2013-09-13 19:55:40 +00:00
Joel Dahl
40e463f4d9 mdoc: remove EOL whitespace.
Approved by:	re (blanket)
2013-09-13 19:19:21 +00:00
John-Mark Gurney
32b17786bd add support for writing the pid of the daemon program to a pid file so
that daemon can be used w/ rc.subr and ports can use the additional
functionality, such as keeping the ldap daemon up and running, and have
the proper program to signal to exit..

PR:		bin/181341
Submitted by:	feld
Approved by:	re (glebius)
2013-09-13 16:57:28 +00:00
Xin LI
fb9e5c2167 Do not emit size for non-regular files. There is nothing that
mtree(1) can do in this situation and would cause confusion.

MFC candidate.

Approved by:	re (hrs)
2013-09-12 00:14:25 +00:00
Baptiste Daroussin
ad59bd68ad Cleanup elf macros
Only define EF_MIPS_ABI when not already supplied
Remove old now unused ARM macros

Reported by:	imp
Approved by:	re (kib)
2013-09-11 06:42:55 +00:00
Baptiste Daroussin
40274a2d65 Add support to detect arm vs armv6
There are two different versions of the ARM ABI depending on the
TARGET_ARCH. As these are sligntly different a package built for
one may not work on another. We need to detect which one we are on
by parsing the .ARM.attributes section.

This will only work on the ARM EABI as this section is part of the
ABI definition. As armv6 only supports the ARM EABI this is not a
problem for the oabi.

Older versions of libelf in FreeBSD fail to read the
.ARM.attributes section needed. As armv6 is unsupported on these
versions we can assume we are running on arm.

Submitted by:	andrew
Approved by:	re (delphij)
Obtained from:	pkgng git
2013-09-10 20:56:01 +00:00
Peter Grehan
8d39ed16c2 Go way past 11 and bump bhyve's max vCPUs to 16.
This should be sufficient for 10.0 and will do
until forthcoming work to avoid limitations
in this area is complete.

Thanks to Bela Lubkin at tidalscale for the
headsup on the apic/cpu id/io apic ASL parameters
that are actually hex values and broke when
written as decimal when 11 vCPUs were configured.

Approved by:	re@
2013-09-10 03:48:18 +00:00
Xin LI
b10eed4081 Pass -n (do not emit comments) when saving mtree information for future
mergemaster(8) runs.

MFC after:	3 days
Approved by:	re (kib)
2013-09-09 20:36:28 +00:00
Dag-Erling Smørgrav
452262c8ea Tweak wording. 2013-09-07 20:25:22 +00:00
Devin Teske
05f7eb31a2 Remove unnecessary mediaClose (FTP operations are done with either ftp(1)
or fetch(1), neither of which are stateful, compared to how sysinstall(8)
did FTP operations, maintaining an open session until mediaClose).
2013-09-07 03:27:13 +00:00
Devin Teske
7e9ed73522 Long URLs don't always appear even with autosizing and other tricks. So,
add some whitespace to put the URL on a line by itself, maximizing view.
2013-09-07 03:24:22 +00:00
Peter Grehan
fa48032049 Fix spelling. 2013-09-06 05:58:10 +00:00
Peter Grehan
841caa4090 Allow level-triggered interrupt sources. While this isn't
precisely emulated, it is good enough for the single consumer
i.e. irq4, the serial port on Linux.
2013-09-06 05:55:43 +00:00
Jilles Tjoelker
79e6a2c01e watch: Do not mess up the tty modes on early error.
Record the initial state earlier, so it is always safe to restore it.

One way this happens is if watch(8) is started by a user that does not have
access to /dev/snp. The result is "staircase effect" during later commands.

PR:		bin/153052
MFC after:	1 week
2013-09-05 19:02:03 +00:00
Pawel Jakub Dawidek
2057b58b17 Remove fallback to fork(2) if pdfork(2) is not available. If the parent
process dies, the process descriptor will be closed and pdfork(2)ed child
will be killed, which is not the case when regular fork(2) is used.

The PROCDESC option is now part of the GENERIC kernel configuration, so we
can start depending on it.

Add UPDATING entry to inform that this option is now required and log
detailed instruction to syslog if pdfork(2) is not available:

	The pdfork(2) system call is not available; recompile the kernel with options PROCDESC

Submitted by:	Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by:	Google Summer of Code 2013
2013-09-05 01:05:48 +00:00
Pawel Jakub Dawidek
7008be5bd7 Change the cap_rights_t type from uint64_t to a structure that we can extend
in the future in a backward compatible (API and ABI) way.

The cap_rights_t represents capability rights. We used to use one bit to
represent one right, but we are running out of spare bits. Currently the new
structure provides place for 114 rights (so 50 more than the previous
cap_rights_t), but it is possible to grow the structure to hold at least 285
rights, although we can make it even larger if 285 rights won't be enough.

The structure definition looks like this:

	struct cap_rights {
		uint64_t	cr_rights[CAP_RIGHTS_VERSION + 2];
	};

The initial CAP_RIGHTS_VERSION is 0.

The top two bits in the first element of the cr_rights[] array contain total
number of elements in the array - 2. This means if those two bits are equal to
0, we have 2 array elements.

The top two bits in all remaining array elements should be 0.
The next five bits in all array elements contain array index. Only one bit is
used and bit position in this five-bits range defines array index. This means
there can be at most five array elements in the future.

To define new right the CAPRIGHT() macro must be used. The macro takes two
arguments - an array index and a bit to set, eg.

	#define	CAP_PDKILL	CAPRIGHT(1, 0x0000000000000800ULL)

We still support aliases that combine few rights, but the rights have to belong
to the same array element, eg:

	#define	CAP_LOOKUP	CAPRIGHT(0, 0x0000000000000400ULL)
	#define	CAP_FCHMOD	CAPRIGHT(0, 0x0000000000002000ULL)

	#define	CAP_FCHMODAT	(CAP_FCHMOD | CAP_LOOKUP)

There is new API to manage the new cap_rights_t structure:

	cap_rights_t *cap_rights_init(cap_rights_t *rights, ...);
	void cap_rights_set(cap_rights_t *rights, ...);
	void cap_rights_clear(cap_rights_t *rights, ...);
	bool cap_rights_is_set(const cap_rights_t *rights, ...);

	bool cap_rights_is_valid(const cap_rights_t *rights);
	void cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src);
	void cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src);
	bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little);

Capability rights to the cap_rights_init(), cap_rights_set(),
cap_rights_clear() and cap_rights_is_set() functions are provided by
separating them with commas, eg:

	cap_rights_t rights;

	cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT);

There is no need to terminate the list of rights, as those functions are
actually macros that take care of the termination, eg:

	#define	cap_rights_set(rights, ...)				\
		__cap_rights_set((rights), __VA_ARGS__, 0ULL)
	void __cap_rights_set(cap_rights_t *rights, ...);

Thanks to using one bit as an array index we can assert in those functions that
there are no two rights belonging to different array elements provided
together. For example this is illegal and will be detected, because CAP_LOOKUP
belongs to element 0 and CAP_PDKILL to element 1:

	cap_rights_init(&rights, CAP_LOOKUP | CAP_PDKILL);

Providing several rights that belongs to the same array's element this way is
correct, but is not advised. It should only be used for aliases definition.

This commit also breaks compatibility with some existing Capsicum system calls,
but I see no other way to do that. This should be fine as Capsicum is still
experimental and this change is not going to 9.x.

Sponsored by:	The FreeBSD Foundation
2013-09-05 00:09:56 +00:00
Jeremie Le Hen
94582faa19 Include the calling context in the mail subject, if any.
More concretely, periodic security scripts defaults to being
called from daily ones -- daily context -- so the mail subject
will now be "${HOST} daily security run output" instead of
"{HOST} security run output".

If you switch the period of some security checks to weekly, you
will receive another email "${HOST} weekly security run output".
2013-09-03 13:40:24 +00:00
Hiroki Sato
42f725eefb Ignore if the interface is not IPv6-capable.
Spotted by:	rpaulo
2013-09-02 20:44:19 +00:00
Neel Natu
6a52209f9c Allow single byte reads of the emulated MSI-X tables. This is not required
by the PCI specification but needed to dump MMIO space from "ddb" in the
guest.
2013-08-27 16:50:48 +00:00
Gavin Atkinson
2710901380 Allow more space for interface names.
MFC after:	1 week
2013-08-27 15:06:39 +00:00
Hiroki Sato
6ce540f397 Fix a crash when reloading the configuration file.
Spotted by:	des
2013-08-27 11:50:33 +00:00
Peter Grehan
000f0835b2 Fix off-by-1 error in assert.
Submitted by:	Tycho Nightingale (tycho.nightingale@pluribusnetworks.com)
2013-08-27 03:49:47 +00:00
Sean Bruno
7c2ad1ee5c Add support to reconfigure a drive as SYSPD (real JBOD in LSI
terminology).

Adds command "mfiutil syspd <drive#>" to change a drive to SYSPD.  Drive
will then be scanned/reported immediately as /dev/mfisyspdX by the host.

"mfiutil good <drive#>" clears SYSPD mode, remove /dev/mfisyspdX and
sets disk into UNCONFIGURED mode.

Tested on Dell H310 SAS/SATA RAID controller.

MFC after:	2 weeks
Sponsored by:	Yahoo! Inc.
2013-08-26 12:05:38 +00:00
Jeremie Le Hen
195cf868e2 Export a PERIODIC environment variable from periodic(8). This will
allow periodic security scripts to know if they have been called in
a daily or a weekly context.
2013-08-25 08:56:09 +00:00
Xin LI
2454886e05 Allow tmpfs be mounted inside jail. 2013-08-23 22:52:20 +00:00
Dag-Erling Smørgrav
be22116353 Set the back pointer from the prefix to the interface before adding
the prefix to the interface's prefix list.  This shouldn't make a
difference, since rtadvd(8) is single-threaded, but I've seen it crash
in delete_prefix() with pfx_rainfo == NULL, and this is the only place
where a prefix can be added to the list with a NULL pfx_rainfo.

MFC after:	3 days
2013-08-23 10:57:05 +00:00
Erwin Lansing
08e6ea976b Update Bind to 9.9.3-P2
Notable new features:

*  Elliptic Curve Digital Signature Algorithm keys and signatures in
   DNSSEC are now supported per RFC 6605. [RT #21918]

*  Introduces a new tool "dnssec-verify" that validates a signed zone,
   checking for the correctness of signatures and NSEC/NSEC3 chains.
   [RT #23673]

*  BIND now recognizes the TLSA resource record type, created to
   support IETF DANE (DNS-based Authentication of Named Entities)
   [RT #28989]

*  The new "inline-signing" option, in combination with the
   "auto-dnssec" option that was introduced in BIND 9.7, allows
   named to sign zones completely transparently.

Approved by:	delphij (mentor)
MFC after:	3 days
Sponsored by:	DK Hostmaster A/S
2013-08-22 08:15:03 +00:00
Glen Barber
88ffe87afe Add entry for packages-9.2-release directory.
Approved by:	re (implicit)
2013-08-19 14:04:35 +00:00
Pawel Jakub Dawidek
d92167993d Cast argument of is*() ctype functions to unsigned char.
Without the cast there is ambiguity between 0xFF and -1 (EOF).

Suggested by:	jilles
Submitted by:	Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by:	Google Summer of Code 2013
2013-08-18 11:25:42 +00:00
Hiroki Sato
afe41db1ab Use sysctl(ICMPV6CTL_ND6_DRLIST) instead of SIOCGDRLST_IN6 ioctl. 2013-08-17 22:13:26 +00:00
Hiroki Sato
a678ca234f - Remove struct ifinfo *iflist. It is no longer used.
- Suppress warnings about increase of alignment requirement.
2013-08-17 19:23:35 +00:00
Hiroki Sato
10966d45e9 Unbreak rwhod(8):
- It did not work with GENERIC kernel after r250603 because
  options PROCDESC was required for pdfork(2).  It now just uses fork(2)
  instead when this syscall is not available.

- Fix verify().  This function was broken in r250602 because the outermost
  "()" was removed from the condition !(isalnum() || ispunct()).
  It prevented hostnames including "-", for example.
2013-08-17 07:12:52 +00:00
Glen Barber
9ab90e8a58 Mark the makefs(8) '-p' flag as deprecated in preference for
the '-Z' flag for compatibility with NetBSD.

Submitted by:	Eric van Gyzen (via stable@)
MFC after:	3 days
2013-08-16 05:30:13 +00:00
Peter Grehan
50dc0db3f0 Fix ordering of legacy IRQ reservations.
Submitted by:	Jeremiah Lott   jlott at averesystems dot com
2013-08-16 00:35:20 +00:00
Glen Barber
c77936e7e5 Make sure bootonly.iso for -BETAs and -RCs use the releases/
directory on the FTP mirrors to fetch distributions, since
these are always pushed to releases/ during the release cycle.

MFC after:	3 days
X-MFC-To:	stable/9, releng/9.2
2013-08-13 02:31:46 +00:00
Alfred Perlstein
907745a810 Fix bug in r253719: fix command line watchdog disable.
r253719 disallowed watchdog(8) from disabling the watchdog
by breaking the ability to pass 0 as a timeout arg.  Fix this.
2013-08-10 01:48:15 +00:00