makes for difficulty with hidden Samba shares; shares with $ at the end
of their name. This enables the use of ${DOLLAR} to work around this.
Reviewed by: bcr (man page)
Approved by: trasz
Differential Revision: https://reviews.freebsd.org/D7048
is specified by its number (index), starting with zero. Previously,
sometimes users would try to literally invoke `acpiconf -i batt' in
their console and become confused as to why this did not work.
Approved by: bcr (manpages)
Differential Revision: https://reviews.freebsd.org/D18659
Quick follow-up to r342362: options can appear multiple times now, so
clean up all of them as needed. For non-OPTIONS options, this has no effect
since they're already de-duplicated.
MFC after: 1 week
X-MFC-With: r342362
config(8)'s option handling has been written to allow duplicate options; if
the value changes, then the latest value is used and an informative message
is printed to stderr like so:
/usr/src/sys/amd64/conf/TEST: option "VERBOSE_SYSINIT" redefined from 0 to 1
Currently, this is only a possibility for cpu types, MAXUSERS, and
MACHINE_ARCH. Anything else duplicated in a config file will use the first
value set and error about duplicated options on subsequent appearances,
which is arguably unfriendly since one could specify:
include GENERIC
nooptions VERBOSE_SYSINIT
options VERBOSE_SYSINIT
to redefine the value later anyways.
Reported by: mmacy
MFC after: 1 week
Currently, the installer uses pre-created 800KB FAT12 filesystems that
it dd's onto the ESP partition.
This changeset improves that by having the installer generate a FAT32
filesystem directly onto the ESP using newfs_msdos and then copying
loader.efi into /EFI/freebsd.
For live installs it then runs efibootmgr to add a FreeBSD boot entry
in the BIOS.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D17947
iBCS2 was disconnected from the build in 2015 (see r291419)
bsdconfig parts submitted by dteske.
Reviewed by: kib (previous version)
Sponsored by: The FreeBSD Foundation
on bsdinstall(8) and may be non-functional
for system built WITHOUT_BSDINSTALL. (*)
Also, add a check for jails sharing whole tree with host (path=/)
and do not skip it.
Reported by: Andre.Albsmeier@siemens.com (*)
MFC after: 1 week
The removal (and creation of a port) has been pre-announced in UPDATING
1 month ago. Packages are available for all supported FreeBSD vesions.
I did not think that another entry in UPDATING is required to note the
actual removal.
No MFC is planned - CTM shall be kept in base for all releases up to 12.x.
Reviewed by: rgrimes
Approved by: imp, bcr (manpages)
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D17935
The pwm subsystem consist of API for PWM controllers, pwmbus to register them
and a pwm(8) utility to talk to them from userland.
Reviewed by: oshgobo (capsicum), bcr (manpage), 0mp (manpage)
Differential Revision: https://reviews.freebsd.org/D17938
There was a large refactoring done in CTL to allow multiple ioctl frontend
ports (and respective devices) to be created, particularly for bhyve.
Unfortunately, respective part of bhyve functionality got lost somehow from
the original virtio-scsi commit. This change allows wanted device path to
be specified in either of two ways:
-s 6,virtio-scsi,/dev/cam/ctl1.1
-s 6,virtio-scsi,dev=/dev/cam/ctl2.3
If neither is specified, the default /dev/cam/ctl device is used.
While there, remove per-queue CTL device opening, which makes no sense at
this point.
Reported by: wg
Reviewed by: araujo
MFC after: 3 days
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D18504
- buf_to_iov() does not use buflen parameter, allowing out of bound read.
- buf_to_iov() leaks memory if seek argument > 0.
- iov_to_buf() doesn't need to reallocate buffer for every segment.
- there is no point to use size_t for iov counts, int is more then enough.
- some iov function arguments can be constified.
- pci_vtscsi_request_handle() used truncate_iov() incorrectly, allowing
getting out of buffer and possibly corrupting data.
- pci_vtscsi_controlq_notify() written returned status at wrong offset.
- pci_vtscsi_controlq_notify() leaked one buffer per event.
Reported by: wg
Reviewed by: araujo
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D18465
Unfortunately ctl_scsi_zero_io() wipes that field, so it was always zero.
While there, targ_port is set by kernel, so user-space should not fill it.
MFC after: 1 week
As reported by a FreeNAS user (see https://redmine.ixsystems.com/issues/55728),
mountd does more calls to getnameinfo() than it needs to; this changes it to
only call it for the RPC calls it needs the name information for.
Reported by: Dave Flowers
Reviewed by: imp, mav
Approved by: mav (mentor)
MFC after: 2 weeks
Sponsored by: iXsystems Inc
Differential Revision: https://reviews.freebsd.org/D18430
superblock has a check-hash error, an error message noting the
superblock check-hash failure is printed and the mount fails. The
administrator then runs fsck to repair the filesystem and when
successful, the filesystem can once again be mounted.
This approach fails if the filesystem in question is a root filesystem
from which you are trying to boot. Here, the loader fails when trying
to access the filesystem to get the kernel to boot. So it is necessary
to allow the loader to ignore the superblock check-hash error and make
a best effort to read the kernel. The filesystem may be suffiently
corrupted that the read attempt fails, but there is no harm in trying
since the loader makes no attempt to write to the filesystem.
Once the kernel is loaded and starts to run, it attempts to mount its
root filesystem. Once again, failure means that it breaks to its prompt
to ask where to get its root filesystem. Unless you have an alternate
root filesystem, you are stuck.
Since the root filesystem is initially mounted read-only, it is
safe to make an attempt to mount the root filesystem with the failed
superblock check-hash. Thus, when asked to mount a root filesystem
with a failed superblock check-hash, the kernel prints a warning
message that the root filesystem superblock check-hash needs repair,
but notes that it is ignoring the error and proceeding. It does
mark the filesystem as needing an fsck which prevents it from being
enabled for writing until fsck has been run on it. The net effect
is that the reboot fails to single user, but at least at that point
the administrator has the tools at hand to fix the problem.
Reported by: Rick Macklem (rmacklem@)
Discussed with: Warner Losh (imp@)
Sponsored by: Netflix
This fixes an incomplete bounds check on the guest-supplied request
size where a very large request size could be interpreted as a negative
value and not be caught by the bounds check.
Submitted by: jhb
Reported by: Reno Robert
Approved by: so
Security: FreeBSD-SA-18:14.bhyve
Security: CVE-2018-17160
We can no longer use sizeof() to get the path buffer's size. Apply
a straightforward fix for now with the aim of MFCing soon.
PR: 233633
Submitted by: Katsuyuki Miyoshi <katsu@miyoshi.matsuyama.ehime.jp>
MFC after: 3 days
node is set, allow setting security.bsd.unprivileged_proc_debug per-jail.
In part, this is needed to create jails in which the Address Sanitizer
(ASAN) fully works as ASAN utilizes libkvm to inspect the virtual address
space. Instead of having to allow unprivileged process debugging for the
entire system, allow setting it on a per-jail basis.
The sysctl node is still security.bsd.unprivileged_proc_debug and the
jail(8) param is allow.unprivileged_proc_debug. The sysctl code is now a
sysctl proc rather than a sysctl int. This allows us to determine setting
the flag for the corresponding jail (or prison0).
As part of the change, the dynamic allow.* API needed to be modified to
take into account pr_allow flags which may now be disabled in prison0.
This prevents conflicts with new pr_allow flags (like that of vmm(4)) that
are added (and removed) dynamically.
Also teach the jail creation KPI to allow differences for certain pr_allow
flags between the parent and child jail. This can happen when unprivileged
process debugging is disabled in the parent prison, but enabled in the
child.
Submitted by: Shawn Webb <lattera at gmail.com>
Obtained from: HardenedBSD (45b3625edba0f73b3e3890b1ec3d0d1e95fd47e1, deba0b5078cef0faae43cbdafed3035b16587afc, ab21eeb3b4c72f2500987c96ff603ccf3b6e7de8)
Relnotes: yes
Sponsored by: HardenedBSD and G2, Inc
Differential Revision: https://reviews.freebsd.org/D18319
from setting the volume serial number. This unbreaks older boot blocks
that don't support serial numbers, and allows boot0cfg to set the serial
number itself if requested by the user.
Submitted by: lev@, yuripv@
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D17386
to avoid buffer accessed out of bounds, also switch to snprintf(3).
PR: 200859
Submitted by: Caglar <caglar@10ur.org>
Obtained from: https://github.com/mist64/xhyve/pull/24
MFC after: 4 weeks
Sponsored by: iXsystems Inc.
option, we pass -1 down to listen, which causes it to use the
kern.ipc.soacceptqueue sysctl.
Approved by: mav
MFC after: 2 weeks
Sponsored by: iXsystems Inc
- Adding a note to UPDATING
- Adding a note to the history section of the manpage ctm.1
- Adding a message printed to STDERR to the ctm program
This version is meant for release in FreeBSD-12.0 and should remain in
FreeBSD-12 over its life-time.
A follow-up commit will remove ctm from -CURRENT after the MFC to 12
has happened.
Approved by: imp, rgrimes, bcr (man-page)
MFC after: 3 days
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D17969
Every µcode-updater must open the cpucontrol devfs node RDWR, open a
firmware file, validate the FW file has a positive length, mmap it, etc.
De-duplicate that identical logic between every individual platform.
Also, constify references to the readonly-mapped firmware files while here.
Sponsored by: Dell EMC Isilon
Exit with a zero status when Postfix reports "Mail queue is empty" so this
section won't appear in the report at all when daily_show_success="NO".
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
of jails. Jails have their own user/group databases and this script
can produce multiple false warnings, not to mention significant extra
load in case of large jailed subtrees. Leave this check for jailed
invocations of the same script.
MFC after: 1 month
