- Update OpenSSL to version 1.1.1.
- Update Kerberos/Heimdal API for OpenSSL 1.1.1 compatibility.
- Bump __FreeBSD_version.
Approved by: re (kib)
Sponsored by: The FreeBSD Foundation
For OpenSSL 1.1.1 compatibility.
In Makefile.inc1 add (to the existing similar cases) a hack to handle
dependencies across the migration.
Reviewed by: jhb
Approved by: re (gjb)
Sponsored by: The FreeBSD Foundation.
Differential Revision: https://reviews.freebsd.org/D17481
the snapshots directory, not releases.
Reported by: David Marec david.marec _at_ davenulle _dot_ org
Approved by: re (rgrimes)
Sponsored by: The FreeBSD Foundation
r339213 was cherry-picked back to head from the project branch, which
caused a conflict. This commit properly records the mergeinfo from
head.
r339205 was missed, and r339214 is required for reintegration.
Sponsored by: The FreeBSD Foundation
Reported by: Jose Luis Duran
Reviewed by: bcr
Approved by: re (gjb), krion (mentor, implicit), mat (mentor, implicit)
Differential Revision: https://reviews.freebsd.org/D17409
- Extend the bsdinstall(8) man page with ZFS installation scripting
details. [1]
- Extend the bsdinstall(8) man page with the description of all the ZFS
variables involved in a scripted installation of ZFS-based systems. [1]
- Extend the SCRIPTING section with an example for a ZFS-based scripted
installation. [1]
- Create a new section explaining how ZFS datasets must be written into
a variable to get them set on the final system. [1]
While here:
- Add Roberto to the copyrights for recognition as changes to the manual
page are huge.
- Use "Dq" for default values.
- Use sysrc(8) instead of echo in examples.
Submitted by: Roberto Fernandez Cueto <roberfern@gmail.com> [1]
Reviewed by: dteske
Approved by: re (gjb), krion (mentor, implicit), mat (mentor, implicit)
Differential Revision: https://reviews.freebsd.org/D14169
GCC 8.1 failed to build LLVM's libc++ when -Wshadow is set,
so lower down WARNS flag to 3.
This is similar to dtc(1) which uses libc++ and sets WARNS to 3.
Approved by: re (gjb)
Sponsored by: DARPA, AFRL
The original spec for the strings describing the PNP info didn't allow
spaces. Several times now people have broken the install by including
them. Relax the syntax to allow them after the ; which is where
people's muscle memory tends to put them.
Approved by: re@ (gjb)
chown incorrectly allows a uid or gid greater than UID_MAX/GID_MAX respectively.
Using such an argument rolls over to accounts such as root, operator, etc.
Approved by: re (gjb)
Relnotes: yes
Reviewed by: cem, kib
Submitted by: Don Morris <dgmorris@earthlink.net>
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D15119
When I updated counter definition handling for x86 I broke
'pmccontrol -L' listing counter names. This just changes
pmccontrol to call the library function on x86.
PR: 230984
Approved by: re (kib@)
This leverages CONFS to handle the install of the config file.
Approved by: re (gjb), will (mentor)
Differential Revision: https://reviews.freebsd.org/D17159
I had disabled building of the aforementioned targets due to warnings breaking
tinderbox. This silences the warning and restores them to the build.
Reported by: jhibbits
Reviewed by: jhibbits
Approved by: re (gjb)
use of u3g(4) dongles, and in many cases can work out of the box.
Reviewed by: hselasky
Approved by: re (gjb)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D16974
Ths prevents etcupdate and mergemaster from deleting it for now.
Approved by: re (rgrimes), will (mentor)
Differential Revision: https://reviews.freebsd.org/D16975
The switch to lualoader creates a problem with userboot: the host is
inclined to build userboot with Lua, but the host userboot's interpreter
must match what's available on the guest. For almost all FreeBSD guests in
the wild, Lua is not yet available and a Lua-based userboot will fail.
This revision updates userboot protocol to version 5, which adds a
swap_interpreter callback to request a different interpreter, and tries to
determine the proper interpreter to be used based on how the guest
/boot/loader is compiled. This is still a bit of a guess, but it's likely
the best possible guess we can make in order to get it right. The
interpreter is now embedded in the resulting executable, so we can open
/boot/loader on the guest and hunt that down to derive the interpreter it
was built with.
Using -l with bhyveload will not allow an intepreter swap, even if the
loader specified happens to be a userboot with the wrong interpreter. We'll
simply complain about the mismatch and bail out.
For legacy guests without the interpreter marker, we assume they're 4th.
For new guests with the interpreter marker, we'll read it and swap over
to the proper interpreter if it doesn't match what the userboot we're using
was compiled with.
Both flavors of userboot are installed by default, userboot_4th.so and
userboot_lua.so. This fixes the build WITHOUT_FORTH as a coincidence, which
was broken by userboot being forced to 4th.
Reviewed by: imp, jhb, araujo (earlier version)
Approved by: re (gjb)
Differential Revision: https://reviews.freebsd.org/D16945
After r336252 it is no longer necessary to have a separate bootpool when
booting from an encrypted disk with UEFI.
This change also switches the EFI System Partition contents from
the 800 KB boot1.efifat to a new 200 MB filesystem created with newfs_msdos
and uses loader.efi directly, instead of boot1.efi.
PR: 228916
Reviewed by: dteske
MFC after: 1 month
Relnotes: yes
Sponsored by: Klara Systems
Differential Revision: https://reviews.freebsd.org/D12315
* Constify rtpref_str declaration
* Remove unused h_errno declaration
* Use time_t type for expire
* Use strlcpy to set static "?" value to ifname
* Rename local variable 's' to stop shadowing global definition
* Close socket used in pfx_flush()
* Use local variables for sock() in setdefif() and getdefif()
* Increase WARNS to 3
Reviewed by: allanjude, kevans
Approved by: allanjude
Sponsored by: Rubicon Communications, LLC (Netgate)
Differential Revision: https://reviews.freebsd.org/D11118
This adds it to devctl, libdevctl, defines the two IOCTLs and
implements the kernel bits. causes any new drivers that are added via
kldload to be deferred until a 'thaw' comes in. These do not stack: it
is an error to freeze while frozen, or thaw while thawed.
Differential Revision: https://reviews.freebsd.org/D16735
This is pkgbase related as it switches to CONFS to properly tag this as a
config file.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16848
For tools that uses bhyve such like libvirt, it is important to be able to
probe what features are supported by the given bhyve binary.
To give more context, libvirt probes bhyve's capabilities in a not very
effective way:
- Running 'bhyve -h' and parsing output.
- To detect devices, it runs 'bhyve -s 0,dev' for every each device and
parses error output to identify if the device is supported or not.
PR: 2101111
Submitted by: novel
MFC after: 2 weeks
Relnotes: yes
Sponsored by: iXsystems Inc.
2^32 bps or greater to be used. Prior to this, bandwidth parameters
would simply wrap at the 2^32 boundary. The computations in the HFSC
scheduler and token bucket regulator have been modified to operate
correctly up to at least 100 Gbps. No other algorithms have been
examined or modified for correct operation above 2^32 bps (some may
have existing computation resolution or overflow issues at rates below
that threshold). pfctl(8) will now limit non-HFSC bandwidth
parameters to 2^32 - 1 before passing them to the kernel.
The extensions to the pf(4) ioctl interface have been made in a
backwards-compatible way by versioning affected data structures,
supporting all versions in the kernel, and implementing macros that
will cause existing code that consumes that interface to use version 0
without source modifications. If version 0 consumers of the interface
are used against a new kernel that has had bandwidth parameters of
2^32 or greater configured by updated tools, such bandwidth parameters
will be reported as 2^32 - 1 bps by those old consumers.
All in-tree consumers of the pf(4) interface have been updated. To
update out-of-tree consumers to the latest version of the interface,
define PFIOC_USE_LATEST ahead of any includes and use the code of
pfctl(8) as a guide for the ioctls of interest.
PR: 211730
Reviewed by: jmallett, kp, loos
MFC after: 2 weeks
Relnotes: yes
Sponsored by: RG Nets
Differential Revision: https://reviews.freebsd.org/D16782
PR#230752 shows a panic where an nfsd thread tries to do soconnect() on
the AF_LOCAL socket used by the nfsuserd while already holding an
exclusive lock on it. I am not 100% sure how this happens, but since an
AF_LOCAL socket is in the file system namespace it is conceivable that it
could lock it and then attempt an upcall to the nfsuserd.
However, reverting r320757 stops the nfsuserd from using an AF_LOCAL
socket, so it should avoid any such panic().
r320757 did fix a problem with running the nfsuserd when jails were
enabled, but that can be dealt with less elegantly by allowing the
use of an alternate address instead of 127.0.0.1.
The gssd daemon also uses an AF_LOCAL socket, but it will do upcalls
before the nfsd thread processes the RPC, so I think it should not
be suseptible to this problem.
PR: 230752
This way the target fails if unifdef doesn't exist or doesn't modify the
file instead of just generating an empty .c file.
I found this while building without inherited $PATH (D16815)
Approved By: jhb (mentor)
The original NVMe API used bit-fields to represent fields in data
structures defined by the specification (e.g. the op-code in the command
data structure). The implementation targeted x86_64 processors and
defined the bit fields for little endian dwords (i.e. 32 bits).
This approach does not work as-is for big endian architectures and was
changed to use a combination of bit shifts and masks to support PowerPC.
Unfortunately, this changed the NVMe API and forces #ifdef's based on
the OS revision level in user space code.
This change reverts to something that looks like the original API, but
it uses bytes instead of bit-fields inside the packed command structure.
As a bonus, this works as-is for both big and little endian CPU
architectures.
Bump __FreeBSD_version to 1200081 due to API change
Reviewed by: imp, kbowling, smh, mav
Approved by: imp (mentor)
Differential Revision: https://reviews.freebsd.org/D16404
