Commit Graph

828 Commits

Author SHA1 Message Date
sbruno
a82091426b Correct to the stable/10 commit in UPDATING and specify the correct ports/UPDATING
note.
2014-12-15 21:22:42 +00:00
sbruno
743cbe79f3 MFC r271982 and r271990 to support CentOS 6 ports. 2014-12-15 16:14:49 +00:00
ngie
2ceba1b134 MFC r272057,r272083,r272084,r272087,r274016:
r272057:

  Import pjdfstest from ^/vendor/pjdfstest/abf03c3a47745d4521b0e4aa141317553ca48f91

  - Remove tools/regression/pjdfstest
  - Add upgrade directions for contrib/pjdfstest
  - Add a note to UPDATING for the move (the reachover Makefiles are coming
    soon)

  Functional differences:
  - ftruncate testcases are added from upstream (github)

  Non-functional differences:
  - The copyright for the project has been updated to 2012
  - pjd's contact information has been updated

  Discussed with: -testing, jmmv, pjd
  Sponsored by: EMC / Isilon Storage Division

r272083:

  Expect ELOOP on Darwin/Linux with "O_NOFOLLOW was specified and the target is a
  symbolic link" case. Assume EMLINK on the rest of the OSes (FreeBSD, Solaris,
  etc)

  Sponsored by: EMC / Isilon Storage Division

r272084:

  Fix the executed testplan count

  Sponsored by: EMC / Isilon Storage Division

r272087:

  Increase the memory disk size in the following testcases to avoid mount
  failures, which would cause cascade failures in the rest of the test
  run:

  link/15.t, open/19.t, mkdir/11.t, mkfifo/11.t, symlink/11.t

  Fail quickly in all of the testcases if mdconfig, mount, umount, etc
  fails to avoid issues similar to this in the future

  Submitted by: Casey Peel <cpeel@isilon.com>
  Sponsored by: EMC / Isilon Storage Division

r274016:

  Integrate pjdfstest test suite execution into kyua

  pjdfstest execution is opt-in and must be done as root due to some of the
  assumptions made by the test suite and lack of error checking in the non-root
  case

  A description of how to execute pjdfstest with kyua is provided in
  share/pjdfstest/README

  Phabric: D824 (an earlier prototype patch)
  Relnotes: yes
  Sponsored by: EMC / Isilon Storage Division
2014-12-05 11:44:18 +00:00
gjb
19c54c4ced Anticipate when we'll be ready to announce 10.1-RELEASE.
Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2014-11-11 05:49:35 +00:00
ngie
e55bc1f0d7 MFC r267176, r267181, r268445 (ATF-related commits):
Phabric: https://reviews.freebsd.org/D706
Approved by: rpaulo (mentor)
Approved by: re (gjb)
Reviewed by: jmmv
Sponsored by: EMC / Isilon Storage Division

r267176:

 Add the *_TESTS_SH_SED_* functionality to atf.test.mk.

 This exists already in plain.test.mk and tap.test.mk and should have been
 added to atf.test.mk too when the feature was first introduced.

 (It is probably time to address the related TODOs but I will do that
 separately.)

r267181:

 Move atf-sh from /usr/bin/ to /usr/libexec/

 In r266650, we made libatf-c and libatf-c++ private libraries so that no
 components outside of the source tree could unintendedly depend on them.

 This change does the same for the "atf-sh library" by moving the atf-sh
 interpreter from its public location in /usr/bin/ to the private location
 in /usr/libexec/.  Our build system will ensure that our own test programs
 use the right binary, but users won't be able to depend on atf-sh by
 "mistake".

 Committing this now to ride the UPDATING notice added with r267172 today.

r268445:

 Fix atf-sh's integration_test

 With the move of atf-sh into /usr/libexec in r267181, some of the
 tests in the integration_test program broke because they could not
 execute atf-sh from the path any longer.

 This slipped through because I do have a local atf installation in
 my home directory that appears in my path, hence the tests could
 still execute my own version.

 Fix this by forcing /usr/libexec to appear at the beginning of the
 path when attempting to execute atf-sh.

 To make upgrading easy (and to avoid an unnecessary entry in UPDATING),
 make integration_test depend on the Makefile so that a rebuild of the
 shell script is triggered.  This requires a hack in the *.test.mk files
 to ensure the Makefile is not treated as a source to the generated
 program.  Ugly, I know, but I don't have a better way of doing this at
 the moment.  Will think of one once I address the TODO in the *.test.mk
 files that suggests generalizing the file generation functionality.

 PR:		191052
 Reviewed by:	Garrett Cooper
2014-09-09 04:00:30 +00:00
emaste
38e6a286e9 Add UPDATING entry for r271116
Noticed by:	nwhitehorn
2014-09-04 21:10:24 +00:00
ngie
b7b1b100cc MFC r266650, r267172 (both by jmmv):
r266650:

  Change libatf-c and libatf-c++ to be private libraries.

  We should not be leaking these interfaces to the outside world given
  that it's much easier for third-party components to use the devel/atf
  package from ports.

  As a side-effect, we can also drop the ATF pkgconfig and aclocal files
  from the base system.  Nothing in the base system needs these, and it
  was quite ugly to have to get them installed only so that a few ports
  could build.  The offending ports have been fixed to depend on
  devel/atf explicitly.

  Reviewed by:  bapt

r267172:

  Homogenize libatf-* version numbers with upstream.

  The libatf-* major version numbers in FreeBSD were one version ahead of
  upstream because, when atf was first imported into FreeBSD, the upstream
  numbers were not respected.  This is just confusing and bound to cause
  problems down the road.

  Fix this by taking advantage of the fact that libatf-* are now private
  and that atf is not yet built by default.  However, and unfortunately, a
  clean build is needed for tests to continue working once "make
  delete-old-libs" has been run; hence the note in UPDATING.

Phabric: D701
Approved by: jmmv (maintainer, mentor)
2014-08-31 23:09:23 +00:00
des
d5f0139918 MFH (r268864): document local_unbound changes (forgotten in r269257) 2014-08-23 11:46:26 +00:00
smh
5c82afaaa3 Make the ixgbe tunables now match their sysctl counterparts.
Previously the tunables and sysctls had different names for example:
hw.ixgbe.enable_aim => hw.ix.enable_aim

Anyone using ixgbe tunables should ensure they update /boot/loader.conf.

This is a direct commit to stable as the changes to sysctls in head
already fix this issue in a different way.

Sponsored by:	Multiplay
2014-08-14 14:07:05 +00:00
rmacklem
c9ba10fd16 Add an UPDATING entry for the __FreeBSD_version bump related
to r269398.
2014-08-01 21:28:58 +00:00
imp
07bb5d08f3 MFC r263749,267146:
>r267146 | imp | 2014-06-05 22:08:55 -0600 (Thu, 05 Jun 2014) | 4 lines
>Restore comments accidentally removed.

>r263749 | imp | 2014-03-25 16:08:31 -0600 (Tue, 25 Mar 2014) | 18 lines
>Rather than require a makeoptions DEBUG to get debug correct,
>add it in kern.mk, but only if we're using clang. While this
>option is supported by both clang and gcc, in the future there
>may be changes to clang which change the defaults that require
>a tweak to build our kernel such that other tools in our tree
>will work. Set a good example by forcing -gdwarf-2 only for
>clang builds, and only if the user hasn't specified another
>dwarf level already. Update UPDATING to reflect the changed
>state of affairs. This also keeps us from having to update
>all the ARM kernels to add this, and also keeps us from
>in the future having to update all the MIPS kernels and is
>one less place the user will have to know to do something
>special for clang and one less thing developers will need
>to do when moving an architecture to clang.
2014-07-17 22:31:46 +00:00
mav
a96d167707 Document CTL and iSCSI ABI breakages. 2014-07-15 18:41:30 +00:00
emaste
a2e24081b1 MFC r268022: Rename the WITHOUT_VT_SUPPORT knob to WITHOUT_VT
The _SUPPORT knobs have a consistent meaning which differs from the
  behaviour controlled by this knob.  As the knob is opt-out and has not
  appeared in a release the impact should be low.
2014-07-08 14:04:36 +00:00
nwhitehorn
dc45432cd4 MFC r260913,266895:
Add a new flag to /etc/ttys: onifconsole. This is equivalent to "on" if the
device is an active kernel console and "off" otherwise. This is designed to
allow serial-booting x86 systems to provide a login prompt on the serial line
by default without providing one on all systems by default. Set this flag
on x86 systems for ttyu0.

Comments and suggestions by:	grehan, dteske, jilles
2014-06-08 17:50:07 +00:00
dim
a3e27ae6a9 MFC r265925:
Upgrade our copy of llvm/clang to 3.4.1 release.  This release contains
mostly fixes, for the following upstream bugs:

http://llvm.org/PR16365 http://llvm.org/PR17473 http://llvm.org/PR18000
http://llvm.org/PR18068 http://llvm.org/PR18102 http://llvm.org/PR18165
http://llvm.org/PR18260 http://llvm.org/PR18290 http://llvm.org/PR18316
http://llvm.org/PR18460 http://llvm.org/PR18473 http://llvm.org/PR18515
http://llvm.org/PR18526 http://llvm.org/PR18600 http://llvm.org/PR18762
http://llvm.org/PR18773 http://llvm.org/PR18860 http://llvm.org/PR18994
http://llvm.org/PR19007 http://llvm.org/PR19010 http://llvm.org/PR19033
http://llvm.org/PR19059 http://llvm.org/PR19144 http://llvm.org/PR19326
2014-05-26 20:45:44 +00:00
dim
7c6a94336a MFC r264345:
Amend r263891, by making clang default to DWARF2 debug info format for
all FreeBSD versions, not just 10.x and earlier.  Apparently too many
people seem to have trouble with post-1993 formats.

Also remove the related notes about messing with kernel configuration
files from UPDATING, which are now superfluous.

Requested by:	many
2014-04-14 17:54:01 +00:00
dim
33566a94ae MFC r263692:
Add a note to UPDATING about customized kernel configuration files now
requiring -gdwarf-2 for debug info, when using clang 3.4.

Suggested by:	adrian
2014-03-27 20:32:58 +00:00
dim
9cedb8bb69 MFC 261991:
Upgrade our copy of llvm/clang to 3.4 release.  This version supports
all of the features in the current working draft of the upcoming C++
standard, provisionally named C++1y.

The code generator's performance is greatly increased, and the loop
auto-vectorizer is now enabled at -Os and -O2 in addition to -O3.  The
PowerPC backend has made several major improvements to code generation
quality and compile time, and the X86, SPARC, ARM32, Aarch64 and SystemZ
backends have all seen major feature work.

Release notes for llvm and clang can be found here:
<http://llvm.org/releases/3.4/docs/ReleaseNotes.html>
<http://llvm.org/releases/3.4/tools/clang/docs/ReleaseNotes.html>

MFC 262121 (by emaste):

Update lldb for clang/llvm 3.4 import

This commit largely restores the lldb source to the upstream r196259
snapshot with the addition of threaded inferior support and a few bug
fixes.

Specific upstream lldb revisions restored include:
   SVN      git
  181387  779e6ac
  181703  7bef4e2
  182099  b31044e
  182650  f2dcf35
  182683  0d91b80
  183862  15c1774
  183929  99447a6
  184177  0b2934b
  184948  4dc3761
  184954  007e7bc
  186990  eebd175

Sponsored by:	DARPA, AFRL

MFC 262186 (by emaste):

Fix mismerge in r262121

A break statement was lost in the merge.  The error had no functional
impact, but restore it to reduce the diff against upstream.

MFC 262303:

Pull in r197521 from upstream clang trunk (by rdivacky):

  Use the integrated assembler by default on FreeBSD/ppc and ppc64.

Requested by:	jhibbits

MFC 262611:

Pull in r196874 from upstream llvm trunk:

  Fix a crash that occurs when PWD is invalid.

  MCJIT needs to be able to run in hostile environments, even when PWD
  is invalid. There's no need to crash MCJIT in this case.

  The obvious fix is to simply leave MCContext's CompilationDir empty
  when PWD can't be determined. This way, MCJIT clients,
  and other clients that link with LLVM don't need a valid working directory.

  If we do want to guarantee valid CompilationDir, that should be done
  only for clients of getCompilationDir(). This is as simple as checking
  for an empty string.

  The only current use of getCompilationDir is EmitGenDwarfInfo, which
  won't conceivably run with an invalid working dir. However, in the
  purely hypothetically and untestable case that this happens, the
  AT_comp_dir will be omitted from the compilation_unit DIE.

This should help fix assertions occurring with ports-mgmt/tinderbox,
when it is using jails, and sometimes invalidates clang's current
working directory.

Reported by:	decke

MFC 262809:

Pull in r203007 from upstream clang trunk:

  Don't produce an alias between destructors with different calling conventions.

  Fixes pr19007.

(Please note that is an LLVM PR identifier, not a FreeBSD one.)

This should fix Firefox and/or libxul crashes (due to problems with
regparm/stdcall calling conventions) on i386.

Reported by:	multiple users on freebsd-current
PR:		bin/187103

MFC 263048:

Repair recognition of "CC" as an alias for the C++ compiler, since it
was silently broken by upstream for a Windows-specific use-case.

Apparently some versions of CMake still rely on this archaic feature...

Reported by:	rakuco

MFC 263049:

Garbage collect the old way of adding the libstdc++ include directories
in clang's InitHeaderSearch.cpp.  This has been superseded by David
Chisnall's commit in r255321.

Moreover, if libc++ is used, the libstdc++ include directories should
not be in the search path at all.  These directories are now only used
if you pass -stdlib=libstdc++.
2014-03-21 17:53:59 +00:00
jmmv
16411e2c80 MFC various fixes for the ATF tests.
- r260505 Allow tests to provide a Kyuafile when they relied on auto-generation.
- r260525 Respect the original layout of the atf-{c,c++} tests.
- r260526 Fix path to the process_helpers for the libatf-c++ tests.
- r260576 Generate and install pkg-config files for atf.
- r260577 Add atf pkg-config files from the vendor branch.
- r260584 Prevent misc_helpers from running as a test.
2014-03-06 13:20:38 +00:00
delphij
0ac98a52fd (not quite, due to date difference) MFC r262719:
Document the fact that OpenSSH default configuration requires Capsicum
capability mode support in kernel, which have been worked around later
but it's still recommended to have it enabled.

Reported by:	many
2014-03-03 23:30:54 +00:00
brueffer
9940d9e0d8 Direct commit to stable/10 to note that the nve(4) driver has been
deprecated.
2014-02-16 19:38:17 +00:00
gjb
2a273a2a5a Add UPDATING entry for 10.0-RELEASE.
Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2014-01-20 22:32:23 +00:00
jmmv
b8ce141a40 Set up the /usr/tests hierarchy.
This is a MFC of the following into stable/10:
- r257097 Set up the /usr/tests hierarchy.
- r257098 Add missing WITHOUTTESTS file.
- r257100 Add a tests(7) manual page.
- r257105 Disable WITHTESTS= for now.
- r257848 Fix buildworld when WITHTESTS is enabled.
- r257850 Subsume the functionality of MKATF into MKTESTS.
- r257851 Handle the removal of the test suite when WITHOUTTESTS=yes.
- r257852 Install category Kyuafiles from their category directories.
- r258232 Install BSD.tests.mtree when MKTESTS is yes.

Note that building with WITH_TESTS is still broken at this point (and
hence why WITHOUT_TESTS is the set as the default).  Subsequent pullups
will fix the remaining issues.
2013-12-28 20:05:31 +00:00
bjk
638d19cdfc MFC r259286,259424,259425:
Apply patch from upstream Heimdal for encoding fix

  RFC 4402 specifies the implementation of the gss_pseudo_random()
  function for the krb5 mechanism (and the C bindings therein).
  The implementation uses a PRF+ function that concatenates the output
  of individual krb5 pseudo-random operations produced with a counter
  and seed.  The original implementation of this function in Heimdal
  incorrectly encoded the counter as a little-endian integer, but the
  RFC specifies the counter encoding as big-endian.  The implementation
  initializes the counter to zero, so the first block of output (16 octets,
  for the modern AES enctypes 17 and 18) is unchanged.  (RFC 4402 specifies
  that the counter should begin at 1, but both existing implementations
  begin with zero and it looks like the standard will be re-issued, with
  test vectors, to begin at zero.)

  This is upstream's commit f85652af868e64811f2b32b815d4198e7f9017f6,
  from 13 October, 2013:
  % Fix krb5's gss_pseudo_random() (n is big-endian)
  %
  % The first enctype RFC3961 prf output length's bytes are correct because
  % the little- and big-endian representations of unsigned zero are the
  % same.  The second block of output was wrong because the counter was not
  % being encoded as big-endian.
  %
  % This change could break applications.  But those applications would not
  % have been interoperating with other implementations anyways (in
  % particular: MIT's).

Bump __FreeBSD_version accordingly and add a note in UPDATING.

Approved by:	hrs (mentor, src committer)
2013-12-16 02:04:28 +00:00
rodrigc
9dd37e2e68 MFC r258738
Also mention that drill(1) can be used, now that nslookup and dig are no
longer in the base system.

Suggested by: peter
Approved by: re (gjb)
2013-12-04 07:45:08 +00:00
rodrigc
e512c0ce2e MFC r258714
Add some text to clarify that nslookup and dig are no longer in the
  base system after the removal of BIND.

Approved by: re (delphij)
2013-11-29 07:12:10 +00:00
brooks
ec13d5fe2b MFC r257138:
Switch the default mtree to nmtree our new NetBSD derived mtree.

Exp-runs by:	bdrewery (ports/182438)
Sponsored by:	DARPA/AFRL
Approved by:	re (gjb)
2013-10-31 18:06:32 +00:00
bdrewery
817f3323c4 MFC r256450:
Rename libbsdyml to libyaml, make private, and bump
  SHLIB_MAJOR to 1.0

Approved by:	bapt
Approved by:	re (glebius)
2013-10-23 18:07:07 +00:00
gjb
cfff9c715e - Remove debugging from GENERIC* kernel configurations
- Enable MALLOC_PRODUCTION
- Default dumpdev=NO
- Remove UPDATING entry regarding debugging features
- Bump __FreeBSD_version to 1000500

Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2013-10-10 17:59:44 +00:00
hrs
f8b617128e - Update rc.d/jail to use a jail(8) configuration file instead of
command line options.  The "jail_<jname>_*" rc.conf(5) variables for
  per-jail configuration are automatically converted to
  /var/run/jail.<jname>.conf before the jail(8) utility is invoked.
  This is transparently backward compatible.

- Fix a minor bug in jail(8) which prevented it from returning false
  when jail -r failed.

Approved by:	re (glebius)
2013-10-10 09:32:27 +00:00
gjb
c5342bffee Revert r256095, r256120 (partial), r256121:
r256095:
 - Add gnu/usr.bin/rcs back to the base system.

r256120:
 - Add WITHOUT_RCS back to src.conf.5.

r256121:
 - Remove UPDATING entry regarding gnu/usr.bin/rcs removal.

Requested by:	many
Approved by:	re (marius)
Discussed with:	core
2013-10-09 17:07:20 +00:00
dteske
5989c8e805 Remove mention of [fixed] known issue not-specific to updating.
Vendor update to [c]dialog-1.2-20130925 has fixed known problems.
Vendor update SVN revisions: 255917-255917, 255852, and 255958.

Reviewed by:	gjb
Approved by:	re (gjb)
2013-10-08 20:39:38 +00:00
eadler
942ac9469e Add an UPDATING entry for the RCS removal.
Requested by:	kargl
Approved by:	re (glebius)
2013-10-07 19:23:43 +00:00
des
befd6ea0ad Note the removal of BIND, where to find it, and how to use
local_unbound instead.

Approved by:	re (gjb)
2013-09-30 18:06:43 +00:00
gjb
e6335b03d3 - Reword the 20121201 entry.
- Clean up minor whitespace nit.

Approved by:	re (hrs)
Sponsored by:	The FreeBSD Foundation
2013-09-17 04:24:34 +00:00
gjb
1a0d889239 Document that the 'unbound' user is required for installworld since
the import of ldns/unbound.

Approved by:	re (delphij)
Sponsored by:	The FreeBSD Foundation
2013-09-17 00:13:42 +00:00
des
33a03d15e5 Note about the OpenSSH change.
Approved by:	re (gjb)
2013-09-13 10:37:24 +00:00
jmg
62e12363af add note about gcc and aesni...
Approved by:	re (gjb, kib)
2013-09-10 17:26:09 +00:00
theraven
cd54db1de6 Add note in UPDATING about the no-gcc-by-default switch. 2013-09-07 07:26:51 +00:00
pjd
3c622b2c1f Remove fallback to fork(2) if pdfork(2) is not available. If the parent
process dies, the process descriptor will be closed and pdfork(2)ed child
will be killed, which is not the case when regular fork(2) is used.

The PROCDESC option is now part of the GENERIC kernel configuration, so we
can start depending on it.

Add UPDATING entry to inform that this option is now required and log
detailed instruction to syslog if pdfork(2) is not available:

	The pdfork(2) system call is not available; recompile the kernel with options PROCDESC

Submitted by:	Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by:	Google Summer of Code 2013
2013-09-05 01:05:48 +00:00
pjd
15d287f52f Advise a full buildworld, because of the recent Capsicum changes.
Sponsored by:	The FreeBSD Foundation
2013-09-05 00:52:16 +00:00
dteske
c4075658e3 Add note/reminder about dialog(1) regression in HEAD/10.0-C so that we don't
forget about it in the multi-month run of things to fix prior to 10.0-R.
2013-08-27 16:10:44 +00:00
obrien
b450ec770a The PADLOCK_RNG and RDRAND_RNG kernel options are now devices.
Thus "device padlock_rng" and "device rdrand_rng" should be
used instead of "options PADLOCK_RNG" & "options RDRAND_RNG".

Requested by:	so@ (des)
Submitted by:	obrien, arthurmesh@gmail.com
Obtained from:	Juniper Networks
2013-08-21 22:43:29 +00:00
peter
9b26a41643 Add a note that if you were WITH_ICONV before, you should turn on
WITH_LIBICONV_COMPAT.
2013-08-13 07:31:27 +00:00
peter
995e1f0063 The iconv in libc did two things - implement the standard APIs, the GNU
extensions and also tried to be link time compatible with ports libiconv.
This splits that functionality and enables the parts that shouldn't
interfere with the port by default.

WITH_ICONV (now on by default) - adds iconv.h, iconv_open(3) etc.
WITH_LIBICONV_COMPAT (off by default) adds the libiconv_open etc API, linker
symbols and even a stub libiconv.so.3 that are good enough to be able
to 'pkg delete -f libiconv' on a running system and reasonably expect it
to work.

I have tortured many machines over the last few days to try and reduce
the possibilities of foot-shooting as much as I can.  I've successfully
recompiled to enable and disable the libiconv_compat modes, ports that use
libiconv alongside system iconv etc.  If you don't enable the
WITH_LIBICONV_COMPAT switch, they don't share symbol space.

This is an extension of behavior on other system.  iconv(3) is a standard
libc interface and libiconv port expects to be able to run alongside it on
systems that have it.

Bumped osreldate.
2013-08-13 07:15:01 +00:00
avg
a07c9d34c3 opensolaris code: translate INVARIANTS to DEBUG and ZFS_DEBUG
Do this by forcing inclusion of
sys/cddl/compat/opensolaris/sys/debug_compat.h
via -include option into all source files from OpenSolaris.
Note that this -include option must always be after -include opt_global.h.

Additionally, remove forced definition of DEBUG for some modules and fix
their build without DEBUG.

Also, meaning of DEBUG was overloaded to enable WITNESS support for some
OpenSolaris (primarily ZFS) locks.  Now this overloading is removed and
that use of DEBUG is replaced with a new option OPENSOLARIS_WITNESS.

MFC after:	17 days
2013-08-06 15:51:56 +00:00
hrs
6d5d461dc1 Document IPv6 timer value change in r253970. 2013-08-05 20:30:15 +00:00
jilles
713e53c6b9 find: Allow -delete to delete files given as arguments.
Formerly, a command like find dir1/dir2 -delete would delete everything
under dir1/dir2 but not dir1/dir2 itself.

When -L is not specified and "." can be opened, the fts(3) code underlying
find(1) is careful to avoid following symlinks or being dropped in different
locations by moving the directory fts is currently traversing. If a
problematic concurrent modification is detected, fts will not enter the
directory or abort. Files found in the search are returned via the current
working directory and a pathname not containing a slash.

For paranoia, find(1) verifies this when -delete is used. However, it is too
paranoid about the root of the traversal. It is already assumed that the
initial pathname does not refer to directories or symlinks that might be
replaced by untrusted users; otherwise, the whole traversal would be unsafe.
Therefore, it is not necessary to do the check for fts_level ==
FTS_ROOTLEVEL.

Deleting the pathnames given as arguments can be prevented without error
messages using -mindepth 1 or by changing directory and passing "." as
argument to find. This works in the old as well as the new version of find.

Tested by:	Kurt Lidl
Reviewed by:	jhb
2013-08-02 14:14:23 +00:00
obrien
7999076e3e Back out r253779 & r253786. 2013-07-31 17:21:18 +00:00
obrien
721ce839c7 Decouple yarrow from random(4) device.
* Make Yarrow an optional kernel component -- enabled by "YARROW_RNG" option.
  The files sha2.c, hash.c, randomdev_soft.c and yarrow.c comprise yarrow.

* random(4) device doesn't really depend on rijndael-*.  Yarrow, however, does.

* Add random_adaptors.[ch] which is basically a store of random_adaptor's.
  random_adaptor is basically an adapter that plugs in to random(4).
  random_adaptor can only be plugged in to random(4) very early in bootup.
  Unplugging random_adaptor from random(4) is not supported, and is probably a
  bad idea anyway, due to potential loss of entropy pools.
  We currently have 3 random_adaptors:
  + yarrow
  + rdrand (ivy.c)
  + nehemeiah

* Remove platform dependent logic from probe.c, and move it into
  corresponding registration routines of each random_adaptor provider.
  probe.c doesn't do anything other than picking a specific random_adaptor
  from a list of registered ones.

* If the kernel doesn't have any random_adaptor adapters present then the
  creation of /dev/random is postponed until next random_adaptor is kldload'ed.

* Fix randomdev_soft.c to refer to its own random_adaptor, instead of a
  system wide one.

Submitted by: arthurmesh@gmail.com, obrien
Obtained from: Juniper Networks
Reviewed by: obrien
2013-07-29 20:26:27 +00:00