The backend uses the socket API with the PF_NETGRAPH protocol family, which is provided by the ng_socket(4).
To use the new backend, provide the following bhyve option:
-s X:Y:Z,[virtio-net|e1000],netgraph,socket=[ng_socket name],path=[destination node],hook=[our socket src hook],peerhook=[dst node hook]
Reviewed by: vmaffione, lutz_donnerhacke.de
Approved by: vmaffione (mentor)
Sponsored by: vstack.com
Differential Revision: https://reviews.freebsd.org/D24620
r359704 introduced an 'mtu' option for the virtio-net device emulation.
Update the man page to describe the new option.
Reviewed by: bcr
Differential Revision: https://reviews.freebsd.org/D24723
Save and restore (also known as suspend and resume) permits a snapshot
to be taken of a guest's state that can later be resumed. In the
current implementation, bhyve(8) creates a UNIX domain socket that is
used by bhyvectl(8) to send a request to save a snapshot (and
optionally exit after the snapshot has been taken). A snapshot
currently consists of two files: the first holds a copy of guest RAM,
and the second file holds other guest state such as vCPU register
values and device model state.
To resume a guest, bhyve(8) must be started with a matching pair of
command line arguments to instantiate the same set of device models as
well as a pointer to the saved snapshot.
While the current implementation is useful for several uses cases, it
has a few limitations. The file format for saving the guest state is
tied to the ABI of internal bhyve structures and is not
self-describing (in that it does not communicate the set of device
models present in the system). In addition, the state saved for some
device models closely matches the internal data structures which might
prove a challenge for compatibility of snapshot files across a range
of bhyve versions. The file format also does not currently support
versioning of individual chunks of state. As a result, the current
file format is not a fixed binary format and future revisions to save
and restore will break binary compatiblity of snapshot files. The
goal is to move to a more flexible format that adds versioning,
etc. and at that point to commit to providing a reasonable level of
compatibility. As a result, the current implementation is not enabled
by default. It can be enabled via the WITH_BHYVE_SNAPSHOT=yes option
for userland builds, and the kernel option BHYVE_SHAPSHOT.
Submitted by: Mihai Tiganus, Flavius Anton, Darius Mihai
Submitted by: Elena Mihailescu, Mihai Carabas, Sergiu Weisz
Relnotes: yes
Sponsored by: University Politehnica of Bucharest
Sponsored by: Matthew Grooms (student scholarships)
Sponsored by: iXsystems
Differential Revision: https://reviews.freebsd.org/D19495
Now that RISC-V support has landed in qemu-user-static, add to the list
of examples in the binmiscctl(8) manpage.
Reviewed by: kevans
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D24646
Bump CONFIGVERS to 600018 for this support.
Some files may purposely have debug info disabled or are *source files*
that attempt to run ctfconvert on them. Currently ctfconvert ignores
these errors but I have a change to make the errors real so we can
catch real problems like exceeding type limits.
Sponsored by: Dell EMC
Reviewed by: imp, cem, kevans
Differential Revision: https://reviews.freebsd.org/D24535
This behavior is most relevant for ipfw(4) as documented in syslog.conf(5).
The recent addition of property-based regex filters in r359327 is a
fine workaround for this but the behavior was present since 1997 and
documented.
This only fixes local matching of the "kernel program". It does not
change the forwarded format at all. On the remote side it will still
be "kernel: ipfw:" and not be parsed as a kernel message. This matches
old behavior.
MFC after: 2 weeks
Reviewed by: markj
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D24286
bhyve uses cached copies of the MSI capability registers to generate
MSI interrupts for device models. Previously, these cached fields
were only set when the MSI capability control register was updated.
The Linux kernel recently adopted a change to deal with races in MSI
interrupt delivery that writes to the MSI capability address and data
registers to alter the destination of MSI interrupts without writing
to the MSI capability control register. bhyve was not updating its
cached registers for these writes and continued to send interrupts
with the old data value to the old address. Fix this by recomputing
the cached values for every write to any MSI capability register.
Reported by: Jason Tubnor, Ryan Moeller
Reported by: Marc Dionne (bisected the Linux kernel commit)
Reviewed by: grehan
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D24593
While at it use strtol() instead of atoi() to support hexadecimal
numbers aswell as 10-base numbers.
Submitted by: Marc Veldman <marc@bumblingdork.com>
PR: 245899
MFC after: 1 week
Sponsored by: Mellanox Technologies
With the inclusion of caroot bits, we'll need to also rehash on update as we
do in mergemaster/etcupdate.
If certctl's installed on the system, just unconditionally rehash. This
isn't an expensive operation, and we can refine it to compare
INDEX-{OLD,NEW} later if we really want to.
Reviewed by: emaste, allanjude
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D21805
This will advertise support for TRIM to the guest virtio-blk driver and
perform the DIOCGDELETE ioctl on the backing storage if it supports it.
Thanks to Jason King and others at Joyent and illumos for expanding on
my original patch, adding improvements including better error handling
and making sure to following the virtio spec.
Submitted by: Jason King <jason.king@joyent.com> (improvements)
Reviewed by: jhb
Obtained from: illumos-joyent (improvements)
MFC after: 1 month
Relnotes: yes
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D21707
This patch is about sorting the arguments and using proper mdoc(7) macros
to stylize arguments and command modifiers for much better readability.
Further style fixes in other sections within the bhyve manual page are
going to be worked on in upcoming patches.
Reviewed by: rgrimes
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D24526
Refer to bluetooth core v5.2 specifications Vol4. Part E. 7.8.27.
PR: 245763
Submitted by: Marc Veldman <marc@bumblingdork.com>
MFC after: 1 week
Sponsored by: Mellanox Technologies
The list of possible features in hccontrol/features2str() is incomplete.
Refer to "Bluetooth Core Specification 5.2 Vol. 2 Part C. 3.3 Feature Mask Definition".
Submitted by: Marc Veldman <marc@bumblingdork.com>
PR: 245354
MFC after: 1 week
Sponsored by: Mellanox Technologies
description for "jail -e" mode to show that it does not take
additional jail name argument.
Reported by: David Marec <david.marec@davenulle.org>
MFC after: 3 days
Print the failed instruction stream as a contiguous stream of hex. This
is closer to something you could throw at a disassembler than 0xHH 0xHH
0xHH.
Also, use the debug.h 'raw' stdio-aware printf helper to avoid the
cascading
line
effect.
Add an implementatation of the 'Virtual Machine Generation ID' spec to
Bhyve. The spec provides a randomly generated GUID (at bhyve start) in
device memory, along with an ACPI device with _CID VM_Gen_Counter and ADDR
evaluating to a Package pointing at that GUID.
A GPE is defined which Notifies the ACPI Device when the generation changes
(such as when a snapshot is rolled back). At this time, Bhyve does not
support snapshotting, so the GPE is never actually raised.
Suggested by: rpokala
Discussed with: grehan
Differential Revision: https://reviews.freebsd.org/D23165
To allow more general use of the bootrom region, separate initialization from
allocation, and allocation from loading a file.
The bootrom segment is the high 16MB of the low 4GB region.
Each allocation in the segment creates a new mapping with specified protection.
By default, allocation begins at the low end of the range. However, the
BOOTROM_ALLOC_TOP flag is provided to locate a provided bootrom in the high
region it is expected to be in.
The existing ROM-file loading code is refactored to use the new interface.
Reviewed by: grehan (earlier version)
Differential Revision: https://reviews.freebsd.org/D24422
GPIO drivers who supports interrupts report them in the caps
(obtain via the getcaps method) but gpioctl doesn't know
how to interpret this and print "UNKNOWN" for each one of them.
Even if we don't have userland gpio interrupts support for now
let gpioctl print the supported caps.
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D24133
This uses DES and the kernel no longer supports DES for in-kernel GSS.
Reviewed by: kp
Relnotes: yes
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D24345
The flag can be enabled using the new 'mtu' option:
bhyve -s X:Y:Z,virtio-net,[tapN|valeX:N],mtu=9000
Reported by: vmaffione, jhb
Approved by: vmaffione (mentor)
Differential Revision: https://reviews.freebsd.org/D23971
Recently added/changed lines in various kernel configs have caused some
buffer overflows that went undetected. These were detected with a config
built using -fno-common as these line buffers smashed one of our arrays,
then further triaged with ASAN.
Double the sizes; this is really not a great fix, but addresses the
immediate need until someone rewrites config. While here, add some bounds
checking so that we don't need to detect this by random bus errors or other
weird failures.
MFC after: 3 days
instead of sprinkling them out over many disjoint files. This is a follow-up
to achieve the same goal in an incomplete rev.348521.
Approved by: imp
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D20520
This is mostly two problems spread out far and wide:
- ypldap_process should be declared properly
- debug is defined differently in many programs
For the latter, just extern it and define it everywhere that actually needs
it. This mostly works out nicely for ^/libexec/ypxfr, which can remove the
assignment at the beginning of main in favor of defining it properly.
-fno-common will become the default in GCC10/LLVM11.
MFC after: 3 days
Notably, the default IFS contains space/tab, thus any leading/trailing
whitespace characters tend to be removed.
Set IFS= for just the read lines to mitigate this, allowing the user to be
less surprised when their leading/trailing spaces weren't actually captured
in the password as they are with other means of setting a user's password.
PR: 245342
Submitted by: dereks_lifeofadishwasher.com
Reviewed by: jilles
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D24292
jail(8) would try to use strcpy to remove the interface from the start of
an IP address. This is undefined, and on arm64 will result in unexpected
IPv6 addresses.
Fix this by using memmove top move the string.
PR: 245102
Reported by: sbruno
MFC after: 2 weeks
Sponsored by: Innovate UK
According to the SMBIOS specification (revision 2.7 or newer), the
extended module size field should only be used for sizes that can't
fit in the older size field.
Reviewed by: rgrimes, grehan, jhb
Differential Revision: https://reviews.freebsd.org/D24107
As a followup to the use of login.conf environment vars (other than PATH) in
cron, this patch adds PATH (and HOME) to the list of login.conf settings
respected.
The new logic is as follows:
1. SHELL is always _PATH_BSHELL unless explicitly overridden in the crontab
file itself; no other settings are respected. This is unchanged.
2. PATH is taken from the first of: crontab file, login.conf, _PATH_DEFPATH
3. HOME is taken from the first of: crontab file, login.conf, passwd entry,
unset
4. The current directory for invoking the command is taken from the crontab
file's value of HOME (existing behavior), or the passwd entry, but not
anywhere else (so it might not equal HOME if that was set in login.conf).
Submitted by: Andrew Gierth <andrew_tao173.riddles.org.uk>
Reviewed by: sigsys_gmail.com
Differential Revision: https://reviews.freebsd.org/D23597
Move this handful of definitions into main.c, properly declare these as
extern in config.h. This fixes the config(8) build with -fno-common.
Unexplained in my previous commit to gas, -fno-common will become the
default in GCC10 and LLVM11, so it's worth addressing these in advance.
MFC after: 3 days
The SQHD field of a Completion Queue entry indicates the current
Submission Queue head pointer value. The head pointer represents the
next entry to be consumed and is updated after consuming the current
entry.
In the Admin queue processing, the current code updates the head pointer
after reporting the value to the host via the SQHD. This gives the
impression that the Controller is perpetually one command behind in its
processing of the Admin SQ. And while this doesn't appear to bother some
initiators, it is wrong.
Fix is to update the SQ head pointer prior to writing the SQHD value in
the completion.
While here, fix missed update of dword 0 (cdw0) in the completion
message.
Reported by: khng300
Reviewed by: jhb, imp
Approved by: jhb (maintainer)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D24083
The bhyve NVMe emulation has a race in the logic which generates command
completion interrupts. On FreeBSD guests, this manifests as kernel log
messages similar to:
nvme0: Missing interrupt
The NVMe emulation code sets a per-submission queue "busy" flag while
processing the submission queue, and only generates an interrupt when
the submission queue is not busy.
Aside from being counter to the NVMe design (i.e. interrupt properties
are tied to the completion queue) and adding complexity (e.g. exceptions
to not generating an interrupt when "busy"), it causes a race condition
under the following conditions:
- guest OS has no outstanding interrupts
- guest OS submits a single NVMe IO command
- bhyve emulation processes the SQ and sets the "busy" flag
- bhyve emulation submits the asynchronous IO to the backing storage
- IO request to the backing storage completes before the SQ processing
loop exits and doesn't generate an interrupt because the SQ is "busy"
- bhyve emulation finishes processing the SQ and clears the "busy" flag
Fix is to remove the "busy" flag and generate an interrupt when the CQ
head and tail pointers do not match.
Reported by: khng300
Reviewed by: jhb, imp
Approved by: jhb (maintainer)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D24082
This adds support for the Dataset Management (DSM) command to the NVMe
emulation in general, and more specifically, for the deallocate
attribute (a.k.a. trim in the ATA protocol). If the backing storage for
the namespace supports delete (i.e. deallocate), setting the deallocate
attribute in a DSM will trim/delete the requested LBA ranges in the
underlying storage.
Reviewed by: jhb, araujo, imp
Approved by: jhb (maintainer)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D21839
Pass the struct pci_nvme_blockstore pointer for this namespace to the
namespace initialization function instead of only the desired eui64
value.
Minor functional change in that the code updates the eui64 value in the
blockstore.
Reviewed by: jhb, araujo
Approved by: jhb (maintainer)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D21838
Add a "copy direction" parameter to nvme_prp_memcpy such that data can
be copied to the memory specified by the PRP entries (current behavior)
or copied from the PRP entries (new behavior). The upcoming deallocate
functionality will use the copy from capability.
Reviewed by: jhb, araujo
Approved by: jhb (maintainer)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D21837
Property-based filters allow substring and regular expressions
(see re_format(7)) matching against various message attributes.
Filter specification starts with '#:' or ':' followed by three
comma-separated fields property, operator, "value". Value must be
double-quoted. A double quote and backslash must be escaped by a
blackslash.
Following properties are supported as test value:
o msg - body of the message received;
o programname - program name sent the message;
o hostname - hostname of message's originator;
o source - an alias for hostname.
Supported operators:
o contains - true if filter value is found as a substring of property;
o isequal - true if filter value is equal to property;
o startswith - true if property starts with filter value;
o regex - true if property matches basic regular expression defined
in filter value;
o ereregex - true if property matches extended regular expression
defined in filter value;
Operator may be prefixed by '!' to invert compare logic or by
'icase_' to make comparison function case insensitive.
Submitted by: Boris N. Lytochkin <lytboris at gmail com>
MFC after: 2 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D23468
We need a valid st_dev, st_ino and st_mtime
to correctly track which files have been verified
and to update our notion of time.
ve_utc_set(): ignore utc if it would jump our current time
by more than VE_UTC_MAX_JUMP (20 years).
Allow testing of install command via userboot.
Need to fix its stat implementation too.
bhyveload also needs stat fixed - due to change to userboot.h
Call ve_error_get() from vectx_close() when hash is wrong.
Track the names of files we have hashed into pcr
For the purposes of measured boot, it is important
to be able to reproduce the hash reflected in
loader.ve.pcr
so loader.ve.hashed provides a list of names in the order they
were added.
Reviewed by: imp
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org//D24027
While here do a bit of cleanup:
- declare local variables as such,
- make tmpdir_create() clean up logfile directories, to handle a
previously interrupt test run more gracefully.
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
This happens when compressing a previously uncompressed already-rotated
file, as happens when handling the 'p' flag in newsyslog.conf. The file
name is stored in a flexible array member, so these structures cannot be
stack allocated.
Also make sure that we call change_attrs() and do_zipwork() in dry-run
mode; they handle this properly, contrary to the commit log message for
r327451.
CID: 1008168
Github PR: https://github.com/freebsd/freebsd/pull/427
MFC after: 2 weeks
Submitted by: Radek Brich (original version)
When deleting a user, if its home directory does not belong to it, it should
not be removed. This is the promise that the manpage makes, the tool should
ensure that it respects that promise.
Add a regression test about it
PR: 244967
Submitted by: Eric Hanneken <eric@erichanneken.com>
MFC after: 3 days
headers. Device documentation often times give offsets relative to the
start of the entire VSEC, not just the post-header data area, so this
change makes it easier to correlate offsets.
Modules from ports/pkg are commonly installed to /boot/modules rather than to
the same directory the kernel resides in. Look there if a module is not found
next to the kernel.
Submitted by: mmacy
Reported by: Nick Principe <nap@iXsystems.com>
Approved by: mmacy (mentor)
MFC after: 2 weeks
Sponsored by: iXsystems, Inc.
autofs was introduced with FreeBSD 10.1 and is the supported method for
automounting filesystems. As of r296194 the amd man page claimed that it
is deprecated. Remove it from base now; the sysutils/am-utils port is
still available if necessary.
Discussed with: cy
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
- Sort options.
- Do not use macros (like .Ar) to specify width for Bl (macros within that
string are not expanded).
- Use Cm instead of Ar for mode names.
- Fix some typos reported by mandoc.
- Move the documentation of the PID file from the -P flag description to
the FILES section.
Approved by: bcr (mentor)
Differential Revision: https://reviews.freebsd.org/D23941
It does extremely useful things like execute sendmail and spew dubiously
accurate factoids.
From the feedback, it seems like it is an essential utility in a modern unix
and not at all a useless bikeshed. How do those Linux people live without it?
Reverts r358561.
With powerd_flags="-N", this makes powerd(8) exclude "nice" time when
computing the CPU utilization. This makes it possible to prevent
CPU-intensive "background" processes from spinning up the CPU.
Note that only *userland* CPU usage belonging to "nice" processes is
excluded; we do not track whether time spent in the kernel is on behalf
of nice or non-nice processes, so kernel-intensive nice processes can
still result in the CPU being sped up.
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D23868
This is the result of splitting r358153 in two, in order to avoid a build
system bug and being able to merge the change to previous releases..
Document better this file, updating the URL to the IANA registry and closely
match the official services.
For system ports (0 to 1023) we now try to follow the registry closely, noting
some historical differences where applicable.
As a side effect: drop references to unofficial Kerberos IV which was EOL'ed
on Oct 2006[1]. While it is conceivable some people may still use it in some
very old FreeBSD machines that can't be replaced easily, the use of it is
considered a security risk. Also drop the unofficial netatalk, which we
supported long ago in the kernel but was dropped long ago.
Leave for now smtps, even though it conflicts with IANA's submissions.
The change should have very little visibility, if any, but should be a
step closer to the current IANA database.
[1] https://web.mit.edu/kerberos/krb4-end-of-life.html
MFC after: 2 weeks
read() can return a short read, whereas stream_read() waits until the
full version string is read.
Submitted by: Ka Ho Ng <khng300_gmail.com>
Reviewed by: grehan
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D23591
Give up the battle to keep extra files in $MACHINE/compile to keep the file in
the tree. Instead, create CDIR (usually ../compile) if it doesn't exist when
we're using a default build location (eg, not using -d). If it does, we do
nothing. This only affects people that do old-school builds, but it's bit me a
dozen times since last summer so time to fix the bug.
This change reflects the ability to change machine_arch in a config file. This
is useful for including one config in another and changing the machine_arch
in the second one.
Currently, you can have multiple machine directives if they are otherwise
identical. Relax this so that only the machinename part is the same. This allows
one to change the machine arch in a different config file you've included easily.
Currently, the size of the swap device is unconditionally reported using
blocks, even if -h has been used.
- While here, switch to CONVERT_BLOCKS() instead of CONVERT() which will
avoid overflowing size counters (in human readable form see: r196244)
- Update the column headers to reflect that a size is being reported instead
of the block size units being used
Before:
$ swapinfo
Device 1K-blocks Used Avail Capacity
/dev/gpt/swapfs 1048576 0 1048576 0%
$
After:
$ swapinfo -h
Device Size Used Avail Capacity
/dev/gpt/swapfs 1.0G 0B 1.0G 0%
$
Differential Revision: https://reviews.freebsd.org/D23758
Reviewed by: kevans
MFC after: 3 weeks
This patch adds a new netbe_peek_recvlen() function to the net
backend API. The new function allows the virtio-net receive code
to know in advance how many virtio descriptors chains will be
needed to receive the next packet. As a result, the implementation
of the virtio-net mergeable rx buffers feature becomes efficient,
so that we can enable it also with the tap(4) backend. For the
tap(4) backend, a bounce buffer is introduced to implement the
peeck_recvlen() callback, which implies an additional packet copy
on the receive datapath. In the future, it should be possible to
remove the bounce buffer (and so the additional copy), by
obtaining the length of the next packet from kevent data.
Reviewed by: grehan, aleksandr.fedorov@itglobal.com
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D23472
Document better this file, updating the URL to the IANA registry and closely
match the official services.
For system ports (0 to 1023) we now try to follow the registry closely, noting
some historical differences where applicable.
For the User ports (1024 - 49151) we try to keep some sensible balance only
of services that are likely to be found on FreeBSD/UNIX systems. This attempts
to strike a balance between complexity and usefulness.
As a side effect: drop references to unofficial Kerberos IV which was EOL'ed
on Oct 2006[1]. While it is conceivable some people may still use it in some
very old FreeBSD machines that can't be replaced easily, the use of it is
considered a security risk. Also drop the unofficial netatalk, which we
supported long ago in the kernel but was dropped long ago.
[1] https://web.mit.edu/kerberos/krb4-end-of-life.html
MFC after: 3 weeks (likely to 12-stable only)
Differential Revision: https://reviews.freebsd.org/D23621
environ(7) was in AT&T Version 7
ac(8): Add a HISTORY section
sa(8): Add a HISTORY section
sqrt(3): Add the actual sqrt function to the HISTORY section
Obtained from: OpenBSD
Submitted by: gbergling@gmail.com
Approved by: bcr@(mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D23693
ACPI Control Method Batteries have a _BIF and/or _BIX object which
provide static properties of the battery. FreeBSD acpi_cmbat module
supported _BIF object only, which was deprecated as of ACPI 4.0.
_BIX is an extended version of _BIF defined in ACPI 4.0 or later.
As of writing, _BIX has two revisions. One is in ACPI 4.0 (rev.0) and
another is in ACPI 6.0 (rev.1). It seems that hardware vendors still
stick to _BIF only or _BIX rev.0 + _BIF for the maximum compatibility.
Microsoft requires _BIX rev.0 for Windows machines, so there are some
laptop machines with _BIX rev.0 only. In this case, FreeBSD does not
recognize the battery information.
After this change, the acpi_cmbat module gets battery information from
_BIX or _BIF object and internally uses _BIX rev.1 data structure as
the primary information store in the kernel. ACPIIO_BATT_GET_BI[FX]
returns an acpi_bi[fx] structure built by using information obtained
from a _BIF or a _BIX object found on the system. The revision number
field can be used to check which field is available. The acpiconf(8)
utility will show additional information if _BIX is available.
Although ABIs of ACPIIO_BATT_* were changed, the existing APIs for
userland utilities are not changed and the backward-compatible ABIs
are provided. This means that older versions of acpiconf(8) can also
work with the new kernel. The (union acpi_battery_ioctl_arg) was
padded to 256 byte long to avoid another ABI change in the future.
A _BIX object with its revision number >1 will be treated as
compatible with the rev.1 _BIX format.
Reviewed by: takawata
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D23728
"Oops" - ln(1) is fine and dandy, but when you're using DESTDIR...it's not-
the path will almost certainly be invalid once the root you've just
installed to is relocated, perhaps to /.
Switch to install(1) using `-l rs` to calculate the relative symlink between
the two, which should work just fine in all cases.
MFC after: 1 week
Some ids are redundand because the list_ecaps() function decodes them
by explicit switch case. But listing them all makes it easier to not
miss ecaps, while not changing the functionality.
Initial submission by: Dmitry Luhtionov <dmitryluhtionov@gmail.com>
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
services: Add PROFInet and EtherCAT.
Both are admitedly very niche features and no known users exist currently.
I am doing a further review/update of the services file (see D23621) and
both of these are not likely to be considered.
This patch cleans up the API between the net frontends (e1000,
virtio-net) and the net backends (tap and netmap).
We move the virtio-net header stripping/prepending to the
virtio-net code, where this functionality belongs.
In this way, the netbe_send() and netbe_recv() signatures
can have const struct iov * rather than struct iov *.
Reviewed by: grehan, bcr, aleksandr.fedorov@itglobal.com
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D23342
For historical reasons the "remote magtape protocol module" rmt gets
invoked as /etc/rmt, which is a symlink to /usr/sbin/rmt. Put it in the
utilities package, as /usr/sbin/rmt is.
Sponsored by: The FreeBSD Foundation
The previous expression borked if a username had a plus or hyphen in it.
This is needlessly restrictive- at leSt a hyphen in the middle is valid.
Instead of playing this game, let's just assume the username can't contain a
colon and mask out the second field.
Submitted by: sigsys gmail com
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D23548
This command was only ever for sparc64, so remove it. Remove
usr.sbin/Makeiile.sparc64 as well since it only references ofwdump
(cross platform) and eeprom.
Reivewed by: cy@, bcr@
Differential Revision: https://reviews.freebsd.org/D23593
Now we default to setting the hardware clock to UTC
everywhere. sparc64 was the old odd-man out before.
Reivewed by: cy@, bcr@
Differential Revision: https://reviews.freebsd.org/D23593
vfork() is error-prone, and the usage here definitely grew to not be
clearly OK given vfork-semantics; e.g. setusercontext(3) within the child.
Rip out vfork() and the rest of the references to it. fork is heavier, but
it's unclear that the difference will be all that obvious.
Reported by: Andrew Gierth and sigsys@gmail.com
in the sysctl block for the driver. mpsutil/mprutil needs this so it can
know how big of a buffer to allocate when requesting the IOCFacts from the
controller. This eliminates the kernel console messages about wrong
allocation sizes.
Reported by: imp
- Mention bootconfig target in TARGETS section.
- Document PARTITIONS variable, which is only mentioned in the examples,
but doesn't have its own point.
Submitted by: arrowd@
Reviewed by: bcr
Approved by: bcr (mentor)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D22927
The set_empty_value test has a cleanup function, but is not called.
Fix it
Reviewed by: 0mp
Approved by: kp
Differential Revision: https://reviews.freebsd.org/D23498
Prior to processing environment variable set in the crontab file as those
should be of higher precedent, pull in the user or login class environment.
This is another supporting feature for allowing one to configure system-wide
settings that may affect both regular cron jobs as well as services.
This is the final part of D21481.
Submitted by: Andrew Gierth <andrew_tao173.riddles.org.uk>
As mentioned in r357562, this gives the user a single place to configure
environment variables that need to be used for various services -- the
"daemon" class -- for, e.g., configuring a system-wide HTTP proxy.
This is a part of D21481.
Submitted by: Andrew Gierth <andrew_tao173.riddles.org.uk>
simple_httpd was granted a reprieve from the picobsd removal based on having
some reported user; it turns out this user isn't actually using the version
in base and merging their changes would be difficult at this point, so the
version in base will simply continue to rot. Retire it now, it may make a
comeback to ports with the improved version.
No notice issued because its current visibility has only been for ~3
months, and a notice has been previously issued about picobsd removal.
Fix the following -Werror warning from clang 10.0.0 in bsnmpd:
usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c:1661:4: error: misleading indentation; statement is not part of the previous 'else' [-Werror,-Wmisleading-indentation]
return (-1);
^
usr.sbin/bsnmpd/modules/snmp_pf/pf_snmp.c:1658:5: note: previous statement is here
} else
^
The intent was to group the return statement with the previous syslog()
call.
MFC after: 3 days
Fix the following -Werror warning from clang 10.0.0 in bsnmpd:
usr.sbin/bsnmpd/modules/snmp_bridge/bridge_port.c:1235:43: error: overlapping comparisons always evaluate to true [-Werror,-Wtautological-overlap-compare]
begemotBridgeStpPortEnable_enabled ||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~
Work around it by casting the enum values to the type of val->v.integer.
MFC after: 3 days
In this path, we used va_start() without pairing it with va_end(). Add the
va_end(). (va_start() without paired va_end() is undefined behavior per the C
standard.)
"In many implementations, [va_end] is a do-nothing operation; but those
implementations that need it probably need it badly." - Rationale for the ANSI
C Programming Language, § 4.8.1.3.
Reported by: Coverity
CID: 1340539
Includes commentary of when ZFS works well by default (>= 8GB RAM),
and where to go for information on ZFS tuning if required.
Also hoist the options text to the top of script as variables
(will help with future international translations).
Reviewed by: philip, dteske, karels, imp, emaste
Approved by: rgrimes
Differential Revision: https://reviews.freebsd.org/D23224
In order to do so we need to install the msdosfs headers to the bootstrap
sysroot and avoid includes of kernel headers that may not exist on every
host (e.g. sys/lockmgr.h). This change should allow bootstrapping of makefs
on FreeBSD 11+ as well as Linux and macOS.
We also have to avoid using the IO_SYNC macro since that may not be
available. In makefs it is only used to switch between calling
bwrite() and bdwrite() which both call the same function. Therefore we
can simply always call bwrite().
For our CheriBSD builds we always bootstrap makefs by setting
LOCAL_XTOOL_DIRS='lib/libnetbsd usr.sbin/makefs' and use the makefs binary
from the build tree to create a bootable disk image.
Reviewed By: brooks
Differential Revision: https://reviews.freebsd.org/D23201
Most of ntpd still handles MK_OPENSSL ok, but the libevent import brought
in the SSL bufferevent routines without checking MK_OPENSSL.
This doesn't completely fix WITHOUT_CRYPTO=YES building, but hey, it's one
less broken thing.
The build failure was discoved by Michael Dexter's recent Build Options
Survey run, at https://callfortesting.org/results/bos-2020-01-16/\
WITHOUT_WPA_SUPPLICANT_EAPOL-small.txt.
Reported by: Michael Dexter <editor@callfortesting.org> via emaste
MFC after: 2 weeks
This resulted in the partitioning step failing if either of the
"Auto (UFS)" or "Manual" options were selected.
Reason: partedit was attempting to open a directory (TMPDIR) read/write,
which resulted in errno(2) 21 - EISDIR - Is a directory.
Reported by: Clay Daniels <clay.daniels.jr@gmail.com>
Reviewed by: Ryan Moeller <ryan@freqlabs.com>
Approved by: emaste, bcran
Differential Revision: https://reviews.freebsd.org/D23232
When _a is empty we end up with an invalid invocation of pfctl, and no output.
We must add quotes to make it clear to pfctl that we're passing an empty anchor
name.
PR: 224415
Submitted by: sigsys AT gmail.com
MFC after: 2 weeks
Extended attribute values can potentially be quite large. One test for ZFS
is supposed to set a 200MB xattr. However, the buffer size for reading
values from stdin with setextattr -i is so small that the test times out
waiting for tiny chunks of data to be buffered and appended to an sbuf.
Increasing the buffer size should help alleviate some of the burden of
reallocating larger sbufs when writing large extended attributes.
Submitted by: Ryan Moeller <ryan@freqlabs.com>
MFC after: 2 weeks
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D23211
Use strlcpy to guarantee NUL termination. Due to this, there is
no need for strncmp; simply use strcmp.
Reported by: Coverity
CID: 1412242
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D23159
config.h as a guide. In practice contributed software maintains a copy
of config.h within its build directory tree containing its Makefile.
usr.sbin/unbound is the home for its config.h.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D22983
GCC9 points out that devs may be used initialized after the bailout label;
in-fact, if num_io_opts != 2 then it is. Move the initialization up a little
bit.
Reviewed by: ken
MFC after: 3 days
If inetd is compiled without inet6 support, we need to error out on
rpc+inet6 services rather than attempting to call into rpc bits with an
uninitialized netid.
v4bind is only used with INET6 support, so move it under the proper #ifdefs
with v6bind.
Reported by: Pavel Timofeev <timp87 gmail com>
MFC after: 3 days
Add printf() wrapper to use CR/CRLF terminators depending on whether
stdio is mapped to a tty open in raw mode.
Try to use the wrapper everywhere.
For now we leave the custom DPRINTF/WPRINTF defined by device
models, but we may remove them in the future.
Reviewed by: grehan, jhb
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D22657
After increasing WARNS, building WITHOUT_TCP_WRAPPERS failed because of
some unused variables.
Reported by: Cirrus-CI (against my WIP branch)
MFC with: r356248
Sponsored by: The FreeBSD Foundation
command line option. Thanks to the removal of unnecessary information and
the organization into columns, this helps the output be more legible on
both 80 column displays and non-80 column displays. imp@ provided the
idea on this.
Highlights:
- Use MAX() for maxsock raising; small readability improvement IMO
- malloc(3) + memset(3) -> calloc(3) where appropriate
- stop casting the return value of malloc(3)
- mallloc(3) -> reallocarray(3) where appropriate
A future change may enter capability mode when forking for some of the
built-in handlers.
This change is purely in the name of noise reduction from static analyzers
that want to complain that bzero(3) is obsolete in favor of memset(3).
With this, clang-analyze at least is now noise free. WARNS= 6 also appears
to have been OK for some time now, so drop the current setting and opt for
the default.
Currently, child pids are only tracked if maxchildren is specified. As a
consequence, without a maxchild limit we do not get a notice in syslog on
children aborting abnormally. This turns out to be a great debugging aide at
times.
Children are now tracked in a LIST; the management interface is decidedly
less painful when there's no upper bound on the number of entries we may
have at the cost of one small allocation per connection.
PR: 70335
The main point here is capturing the maxchild > 0 check. A future change to
inetd will start tracking all of the child pids so that it can give proper
and consistent notification of process exit/signalling.
chargen_dg: clang-analyze is convinced that endring could be non-NULL at
entry, and thus wants to assume that rs == NULL. Just independently
initialize rs if it's NULL to appease the analyzer.
getconfigent: policy leaks on return
free_connlist: reorganize the loop to make it clear that we're not going to
access `conn` after it's been freed.
cpmip/hashval: left-shifts performed will result in UB as we take
signed 0xABC3D20F and left shift it by 5.
sep->se_policy gets a strdup'd version of policy, so we don't need it to
stick around afterwards.
While here, remove a couple of NULL checks prior to free(policy).
CID: 1006865
MFC after: 3 days
While the mailer is normally opened/set if the mailto is set, this is not
the case if the grandchild actually didn't produce any output. This change
corrects the situation to only attempt to kill/close the mail process if it
was actually opened in the first place.
The reporter initially stumbled on the -n (suppress mail on success) flag
leading to a SIGKILL of the process group, but simultaneously
discovered/reported the behavior with !-n jobs if MAILTO was set and no
output happened.
All of these places that are checking mailto should actually be checking
whether mail is set, so do that for consistency+correctness.
This set of bugs were introduced by r352668.
Submitted by: sigsys@gmail.com
Reported by: sigsys@gmail.com
This is based on DragonFly's implementation from about 2019-09-13. It
only contains the basic code and header information to identify the
disks.
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D13369
exfat is fundamentally the same design as fat32. The superblock differs
marginally, and there are some additional optional features irrelevant to
fstype(8); the structure of dirents has changed slightly to enable, among
other things, larger files; the directory entries are no longer DOS 8.3
ASCII or local 8-bit encoding, but instead explicitly UCS-2-LE.
(As a result, this change uses iconv to convert a found exfat volume label
to the user's locale.)
Locating the volume label is identical to FAT32: locate the root directory
and walk through dirents until you find a volume label. Like FAT32, follow
the FAT chain between root directory clusters as necessary.
PR: 242225
Reported by: Victor Sudakov <vas AT sibptus.ru>
Update all the references to NFSv4.1, so that they apply to NFSv4.1 and
NFSv4.2. Also, change the MDS->DS mounts to use NFSv4.2, so that both
versions of the protocol can be used against the server with pNFS enabled.
This is a content change.
Include references to NFSv4.2 and Flexible File layout, plus clarify
when vfs.nfsd.flexlinuxhack needs to be set for Linux pNFS clients.
Also update the man page to reflect the addition of SpaceUsed to the
attributes stored in the extended attribute on the MDS (r354158).
This is a content change.
Include references to NFSv4.2 and associated RFCs.
Also clarify when a Linux client needs to set vfs.nfsd.flexlinuxhack if
a pNFS server is in use.
This is a content change.
Parse out the VSEC. If the user invokes a second -c command line option,
do a hex dump of the vendor data.
Reviewed by: imp
MFC after: 3 days
Sponsored by: Intel
Differential Revision: http://reviews.freebsd.org/D22808
- Allow the userland hypervisor to intercept breakpoint exceptions
(BP#) in the guest. A new capability (VM_CAP_BPT_EXIT) is used to
enable this feature. These exceptions are reported to userland via
a new VM_EXITCODE_BPT that includes the length of the original
breakpoint instruction. If userland wishes to pass the exception
through to the guest, it must be explicitly re-injected via
vm_inject_exception().
- Export VMCS_ENTRY_INST_LENGTH as a VM_REG_GUEST_ENTRY_INST_LENGTH
pseudo-register. Injecting a BP# on Intel requires setting this to
the length of the breakpoint instruction. AMD SVM currently ignores
writes to this register (but reports success) and fails to read it.
- Rework the per-vCPU state tracked by the debug server. Rather than
a single 'stepping_vcpu' global, add a structure for each vCPU that
tracks state about that vCPU ('stepping', 'stepped', and
'hit_swbreak'). A global 'stopped_vcpu' tracks which vCPU is
currently reporting an event. Event handlers for MTRAP and
breakpoint exits loop until the associated event is reported to the
debugger.
Breakpoint events are discarded if the breakpoint is not present
when a vCPU resumes in the breakpoint handler to retry submitting
the breakpoint event.
- Maintain a linked-list of active breakpoints in response to the GDB
'Z0' and 'z0' packets.
Reviewed by: markj (earlier version)
MFC after: 2 months
Differential Revision: https://reviews.freebsd.org/D20309
The !USE_OPENSSL_CRYPTO_RAND path uses arc4random_buf() correctly.
In general, we should prefer to avoid things OpenSSL does poorly when a good
alternative exists in libc.
This doesn't appear to have some active upstream (and it's a steaming pile of
bad 90s crypto design). Rip out the completely horrible bits and leave the
only mildly less horrible bits. The whole thing should probably be deleted; to
the extent it purports to provide a security feature: it doesn't.
<sys.mk> defines ECHO=echo when not using make -s, and ECHO=true when using
make -s.
export ECHO for ntp products and use it in the mkver script to echo the
version. This suppresses the output as appropriate. ECHO is given a default
value to make sure things still work as expected for anyone that isn't
redefining ECHO.
Reviewed by: cy
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D22101
VFs return zero for the memory enable bit even if it has been set by a
prior write. After r348779 this caused the annoying behavior that a
guest OS would unintentionally disable memory decoding on a future
read-modify-write operation on the command register. Instead, return
the shadow value of the command register for reads. This ensures that
the guest will only toggle the state of the memory enable bit when it
specifically intends to do so.
MFC after: 2 weeks
Sponsored by: Chelsio Communications
Update a bunch of Makefile.depend files as
a result of adding Makefile.depend.options files
Reviewed by: bdrewery
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D22494
Leaf directories that have dependencies impacted
by options need a Makefile.depend.options file
to avoid churn in Makefile.depend
DIRDEPS for cases such as OPENSSL, TCP_WRAPPERS etc
can be set in local.dirdeps-options.mk
which can add to those set in Makefile.depend.options
See share/mk/dirdeps-options.mk
Reviewed by: bdrewery
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D22469
Previously kbdmap had a localized menu heading ("Choose your keyboard
layout") but not the dialog title ("Keyboard Menu").
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
o Remove All Rights Reserved from my notices
o imp@FreeBSD.org everywhere
o regularize punctiation, eliminate date ranges
o Make sure that it's clear that I don't claim All Rights reserved by listing
All Rights Reserved on same line as other copyright holders (but not
me). Other such holders are also listed last where it's clear.
