10863 Commits

Author SHA1 Message Date
Jilles Tjoelker
d2c068eaac sh(1),limits(1): Document kqueues (-k) rlimit. 2013-11-01 13:57:30 +00:00
Sergey Kandaurov
deb7ab1d6b Remove the dependency on procfs.
Reviewed by:	kib
MFC after:	1 week
X-MFC with:	r257430
2013-11-01 10:42:32 +00:00
Konstantin Belousov
d2812536e8 Remove the dependency on procfs. Use sysctl KERN_PROC_PATHNAME and
KERN_PROC_PID to obtain the parent process pathname and command, used
to determine the calling shell.

Submitted by:	Stefan Neudorf
PR:	bin/183484
MFC after:	1 week
2013-10-31 09:29:37 +00:00
Konstantin Belousov
4c66d8f978 Fix long line and record proper commit message for r257427:
Add the '-k' option for getopt() call and usage.

Submitted by:	Stefan Neudorf
PR:	bin/183494
MFC after:	1 week
2013-10-31 09:03:42 +00:00
Konstantin Belousov
de111151f5 The limit for the swap space is spelled 'swapsize', at least since
tcsh 6.17.00 import.

Submitted by:	Stefan Neudorf
PR:	bin/183480
MFC after:	1 week
2013-10-31 08:58:32 +00:00
Konstantin Belousov
83bce6073a The limit for the swap space is spelled 'swapsize', at least since
tcsh 6.17.00 import.

Submitted by:	Stefan Neudorf
PR:	bin/183480
MFC after:	1 week
2013-10-31 08:22:29 +00:00
Sean Bruno
c8030037da revert sign changes to buffers used in invocation of digest_update()
Instead, change arguments of internal function digest_update() to accept
signed char arguments.

Remove MAP_FAILED fallback definition and casts of MAP_FAILED.

Thanks to bde@ for looking over this and doing the code analysis.
2013-10-30 18:40:55 +00:00
Edward Tomasz Napierala
630e459e51 Bump .Dd after r257379.
MFC after:	3 days
2013-10-30 11:41:28 +00:00
Edward Tomasz Napierala
abec619325 Rename '-h' option to '-p', and use "portal" instead of "host" or "address",
in order to be consistent with iSCSI terminology.  Besides, calling the
option '-h' was just wrong.

This changes usage for newly added iscsictl(8), and two newly added
subcommands to ctladm(8).  This breaks POLA between CURRENT and 10,
but since 10.0 has not been released yet, it's still ok to do.

MFC after:	3 days
Discussed with:	re (glebius)
Sponsored by:	FreeBSD Foundation
2013-10-30 11:38:46 +00:00
Gleb Smirnoff
82b90729fb 'netstat -i' no longer supports working on a vmcore. 2013-10-30 08:13:42 +00:00
Sean Bruno
450f41e187 Queisce sign errors by using unsigned char * and casting MAP_FAILED as unsigned
char *

Reviewed by:	brooks@
2013-10-29 20:38:00 +00:00
Gleb Smirnoff
3e4d5cd37b Make userland tools honor WITHOUT_PF build option.
Tested by:	dt71@gmx.com
2013-10-29 17:38:13 +00:00
Baptiste Daroussin
2d54fbd541 Setting WARNS=6 is useless, as it is already the default
Reported by:	Sascha Wildner
2013-10-29 08:55:09 +00:00
Baptiste Daroussin
9f6fea6e97 Change warning level to 6 2013-10-29 08:22:38 +00:00
Mark Johnston
7aa2b6928f With r247602, the "c" flag is no longer printed as a file descriptor flag.
Reviewed by:	pjd
MFC after:	3 days
2013-10-28 00:20:30 +00:00
Konstantin Belousov
85a0ddfd0b Add a resource limit for the total number of kqueues available to the
user.  Kqueue now saves the ucred of the allocating thread, to
correctly decrement the counter on close.

Under some specific and not real-world use scenario for kqueue, it is
possible for the kqueues to consume memory proportional to the square
of the number of the filedescriptors available to the process.  Limit
allows administrator to prevent the abuse.

This is kernel-mode side of the change, with the user-mode enabling
commit following.

Reported and tested by:	pho
Discussed with:	jmg
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2013-10-21 16:46:12 +00:00
Jilles Tjoelker
ea6247173f pathchk: Ensure bytes >= 128 are considered non-portable characters.
This was not broken on architectures such as ARM where char is unsigned.

Also, remove the first non-portable character from the output. POSIX does
not require this, and printing the first byte may yield an invalid byte
sequence with UTF-8.

PR:		bin/165988
Reported by:	Nicolas Rachinsky
2013-10-20 20:10:31 +00:00
Peter Wemm
876a7cf40c Add -K (__FreeBSD_version of kernel) and -U (__FreeBSD_version of userland).
Things like Makefile.inc1 resort to parsing /usr/include/osreldate.h with
awk because this isn't easily available by other means.  The separation
of user and kernel versions is important for jail/chroot environments.
2013-10-15 20:57:40 +00:00
Gleb Smirnoff
84c1edcbad Rewrite netstat/if.c to use getifaddrs(3) and getifmaddrs(3) instead of
libkvm digging in kernel memory. This is possible since r231506 made
getifaddrs(3) to supply if_data for each ifaddr.

  The pros of this change is that now netstat(1) doesn't know about kernel
struct ifnet and struct ifaddr. And these structs are about to change
significantly in head soon. New netstat binary will work well with 10.0
and any future kernel.

  The cons is that now it isn't possible to obtain interface statistics
from a vmcore.

  Functions intpr() and sidewaysintpr() were rewritten from scratch.

  The output of netstat(1) has underwent the following changes:

1) The MTU is not printed for protocol addresses, since it has no notion.
   Dash is printed instead. If there would be a strong desire to return
   previous output, it is doable.
2) Output interface queue drops are not printed. Currently this data isn't
   available to userland via any API. We plan to drop 'struct ifqueue' from
   'struct ifnet' very soon, so old kvm(3) access to queue drops is soon
   to be broken, too. The plan is that drivers would handle their queues
   theirselves and a new field in if_data would be updated in case of drops.
3) In-kernel reference count for multicast addresses isn't printed. I doubt
   that anyone used it. Anyway, netstat(1) is sysadmin tool, not kernel
   debugger.

Sponsored by:	Netflix
Sponsored by:	Nginx, Inc.
2013-10-15 09:55:07 +00:00
Gleb Smirnoff
d35acb5099 Remove obtained, but never used data.
Found by:	gcc
2013-10-15 09:21:05 +00:00
Kevin Lo
482d883100 Use INADDR_NONE instead of -1 to check inet_addr() result.
Reviewed by:	glebius
2013-10-15 07:37:30 +00:00
Rui Paulo
ec0e2ac611 Remove most of the ATF tools and the _atf user.
This is necessary because ATF is deprecated and it will be replaced by Kyua.

Submitted by:	jmmv@netbsd.org
Reviewed by:	Garrett Cooper
Approved by:	re
2013-10-12 06:06:53 +00:00
Dag-Erling Smørgrav
56f0ad0dcc When displaying a struct stat, if the -r option was not specified,
display the numeric rather than symbolic representation of st_mode.

Approved by:	re (glebius)
MFC after:	1 week
2013-10-07 11:23:01 +00:00
Nathan Whitehorn
d25d7b7d6e Disable use of compiler atomic builtins. For APR, this is limited to
architectures where they are known not to work. For SVN itself, use
the least common denominator and disable them across the board. This
allows svnlite to build and run on all FreeBSD architectures.

Approved by:	re (gjb)
2013-10-04 18:27:02 +00:00
Joel Dahl
89898f63c2 mdoc: remove EOL whitespace.
Approved by:	re (blanket)
2013-10-04 16:44:24 +00:00
Dag-Erling Smørgrav
e9f6fa6e61 Odds and ends left over from BIND and unnoticed because they didn't
affect 'make universe'.

Approved by:	re (gjb)
2013-10-01 07:19:23 +00:00
Rene Ladan
f06c2e37fd Update the Dutch calendar entries:
- prince Johan Friso passed away in 2013
- correct status of queen Maxima and crown princess Catharina-Amalia
- language fixes

Approved by:	remko (mentor)
Approved by:	re (gjb)
MFC after:	3 days
2013-09-30 20:49:10 +00:00
Dag-Erling Smørgrav
56b72efe82 Remove BIND.
Approved by:	re (gjb)
2013-09-30 17:23:45 +00:00
Xin LI
e11cd3bc59 Improve bsdpatch usability:
- Ask only once for "Apply anyway". [1]
 - Tell user what file have failed patch rather than just how
   many hunks failed.

Reported by:	jmg via pfg [1]
Tested by:	pfg [1]
Approved by:	re (gjb)
2013-09-26 18:00:45 +00:00
Danilo Egea Gondolfo
de16bcc52d - Add myself as port commiter and my mentors relationship.
- Add myself to calendar.freebsd.

Approved by:	re (gjb), wg (mentor)
2013-09-24 04:00:49 +00:00
Dag-Erling Smørgrav
fdde88bc82 Build and install drill(1).
Approved by:	re (blanket)
2013-09-22 20:30:55 +00:00
John Baldwin
9648f52cb9 Correct stale comments.
Approved by:	re (joel)
2013-09-20 16:05:09 +00:00
Ed Maste
e8f1392d95 Add LLDB bmake infrastructure
This connects LLDB to the build, but it is disabled by default.  Add
WITH_LLDB= to src.conf to build it.

Note that LLDB requires a C++11 compiler so is disabled on platforms
using GCC.

Approved by:	re (gjb)
Sponsored by:	DARPA, AFRL
2013-09-20 01:52:02 +00:00
Diane Bruce
5d32a8713c - calendar uses cpp internally, this diff removes this usage and
substitutes a limited subset cpp processor internally.

PR:		src/178463
Approved by:	re (gjb)
2013-09-19 20:17:50 +00:00
Joel Dahl
828378a6d3 Minor mdoc improvements.
Approved by:	re (blanket)
2013-09-19 19:43:38 +00:00
John Baldwin
55648840de Extend the support for exempting processes from being killed when swap is
exhausted.
- Add a new protect(1) command that can be used to set or revoke protection
  from arbitrary processes.  Similar to ktrace it can apply a change to all
  existing descendants of a process as well as future descendants.
- Add a new procctl(2) system call that provides a generic interface for
  control operations on processes (as opposed to the debugger-specific
  operations provided by ptrace(2)).  procctl(2) uses a combination of
  idtype_t and an id to identify the set of processes on which to operate
  similar to wait6().
- Add a PROC_SPROTECT control operation to manage the protection status
  of a set of processes.  MADV_PROTECT still works for backwards
  compatability.
- Add a p_flag2 to struct proc (and a corresponding ki_flag2 to kinfo_proc)
  the first bit of which is used to track if P_PROTECT should be inherited
  by new child processes.

Reviewed by:	kib, jilles (earlier version)
Approved by:	re (delphij)
MFC after:	1 month
2013-09-19 18:53:42 +00:00
Bryan Drewery
643fe75c7a cap_new(2) and cap_getrights2) were replaced with cap_rights_limit(2)
and cap_rights_get(2) in r247602

Reviewed by:	pjd
Approved by:	gjb
Approved by:	re (rodrigc)
2013-09-19 10:56:36 +00:00
Dimitry Andric
b13d76a0cb Make svnlite (actually libapr) work correctly on big-endian arches.
Otherwise, you would get errors similar to:

$ svn co svn://svn.freebsd.org/base/head test
A    test/lib
A    test/lib/libutil
svn: E200014: Checksum mismatch for
'/home/dim/test/lib/libutil/kinfo_getproc.3':
   expected:  0882097a545210d88edff8f63b328602
     actual:  b378eb08a0f4d4c97c513c4b17207f59

Approved by:	re (gjb, marius)
2013-09-19 06:31:03 +00:00
Edward Tomasz Napierala
c76e8a9aa0 Make iscsictl(8) automatically try to load the iscsi module. While here,
improve module loading in iscsid(8) and ctld(8).

Approved by:	re (delphij)
2013-09-18 08:37:14 +00:00
Joel Dahl
33e1779ab8 Minor mdoc fixes.
Approved by:	re (blanket)
2013-09-14 21:43:18 +00:00
Edward Tomasz Napierala
009ea47eb2 Bring in the new iSCSI target and initiator.
Reviewed by:	ken (parts)
Approved by:	re (delphij)
Sponsored by:	FreeBSD Foundation
2013-09-14 15:29:06 +00:00
John Baldwin
34763d1c9d - Decode the idtype argument passed to wait6() in kdump and truss.
- Don't treat an options argument of 0 to wait4() as an error in
  kdump.
- Decode the wait options passed to wait4() and wait6() in truss
  and decode the returned rusage and exit status.

Approved by:	re (kib)
MFC after:	1 week
2013-09-12 18:08:25 +00:00
Simon J. Gerraty
ed03145ec8 Stick to traditional DEFAULT_SYS_PATH (/usr/share/mk)
Reviewed by:	obrien
Approved by:	re
2013-09-10 23:31:38 +00:00
John Baldwin
edb572a38c Add a mmap flag (MAP_32BIT) on 64-bit platforms to request that a mapping use
an address in the first 2GB of the process's address space.  This flag should
have the same semantics as the same flag on Linux.

To facilitate this, add a new parameter to vm_map_find() that specifies an
optional maximum virtual address.  While here, fix several callers of
vm_map_find() to use a VMFS_* constant for the findspace argument instead of
TRUE and FALSE.

Reviewed by:	alc
Approved by:	re (kib)
2013-09-09 18:11:59 +00:00
Dag-Erling Smørgrav
9aad2c487e Hook host(1) up to the build in the LDNS case.
Approved by:	re (blanket)
2013-09-08 20:48:23 +00:00
Dag-Erling Smørgrav
3fc9e2c365 Import Magerya Vitaly's ldns-host, and build it instead of the BIND version
in the WITH_LDNS_UTILS case.

Approved by:	re (blanket)
2013-09-08 19:40:32 +00:00
Simon J. Gerraty
1bbe5942b5 Merge bmake-20130904 2013-09-05 15:57:26 +00:00
Stefan Eßer
79d8aaa992 Fix file selection logic for the RCS/SCCS case, as was done for the simple
file case before. Bump version because of the changed behavior, which now
matches the documentation.

Reviewed by:	pfg
2013-09-05 05:51:15 +00:00
Pawel Jakub Dawidek
7008be5bd7 Change the cap_rights_t type from uint64_t to a structure that we can extend
in the future in a backward compatible (API and ABI) way.

The cap_rights_t represents capability rights. We used to use one bit to
represent one right, but we are running out of spare bits. Currently the new
structure provides place for 114 rights (so 50 more than the previous
cap_rights_t), but it is possible to grow the structure to hold at least 285
rights, although we can make it even larger if 285 rights won't be enough.

The structure definition looks like this:

	struct cap_rights {
		uint64_t	cr_rights[CAP_RIGHTS_VERSION + 2];
	};

The initial CAP_RIGHTS_VERSION is 0.

The top two bits in the first element of the cr_rights[] array contain total
number of elements in the array - 2. This means if those two bits are equal to
0, we have 2 array elements.

The top two bits in all remaining array elements should be 0.
The next five bits in all array elements contain array index. Only one bit is
used and bit position in this five-bits range defines array index. This means
there can be at most five array elements in the future.

To define new right the CAPRIGHT() macro must be used. The macro takes two
arguments - an array index and a bit to set, eg.

	#define	CAP_PDKILL	CAPRIGHT(1, 0x0000000000000800ULL)

We still support aliases that combine few rights, but the rights have to belong
to the same array element, eg:

	#define	CAP_LOOKUP	CAPRIGHT(0, 0x0000000000000400ULL)
	#define	CAP_FCHMOD	CAPRIGHT(0, 0x0000000000002000ULL)

	#define	CAP_FCHMODAT	(CAP_FCHMOD | CAP_LOOKUP)

There is new API to manage the new cap_rights_t structure:

	cap_rights_t *cap_rights_init(cap_rights_t *rights, ...);
	void cap_rights_set(cap_rights_t *rights, ...);
	void cap_rights_clear(cap_rights_t *rights, ...);
	bool cap_rights_is_set(const cap_rights_t *rights, ...);

	bool cap_rights_is_valid(const cap_rights_t *rights);
	void cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src);
	void cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src);
	bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little);

Capability rights to the cap_rights_init(), cap_rights_set(),
cap_rights_clear() and cap_rights_is_set() functions are provided by
separating them with commas, eg:

	cap_rights_t rights;

	cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT);

There is no need to terminate the list of rights, as those functions are
actually macros that take care of the termination, eg:

	#define	cap_rights_set(rights, ...)				\
		__cap_rights_set((rights), __VA_ARGS__, 0ULL)
	void __cap_rights_set(cap_rights_t *rights, ...);

Thanks to using one bit as an array index we can assert in those functions that
there are no two rights belonging to different array elements provided
together. For example this is illegal and will be detected, because CAP_LOOKUP
belongs to element 0 and CAP_PDKILL to element 1:

	cap_rights_init(&rights, CAP_LOOKUP | CAP_PDKILL);

Providing several rights that belongs to the same array's element this way is
correct, but is not advised. It should only be used for aliases definition.

This commit also breaks compatibility with some existing Capsicum system calls,
but I see no other way to do that. This should be fine as Capsicum is still
experimental and this change is not going to 9.x.

Sponsored by:	The FreeBSD Foundation
2013-09-05 00:09:56 +00:00
Erwin Lansing
7bae7ac04d Reduce WARNS to 0 for dig, host, and nslookup to make them
compile with the optional WITH_BIND_SIGCHASE.

Submitted by:	Andre Albsmeier <Andre.Albsmeier@siemens.com>
Approved by:	delphij (mentor, implicit)
MFC after:	3 days
Sponsored by:	DK Hostmaster A/S
2013-08-30 06:21:00 +00:00