giving access to functionality that is not available in capability mode
sandbox. The functionality can be precisely restricted.
Start with the following services:
- system.dns - provides API compatible to:
- gethostbyname(3),
- gethostbyname2(3),
- gethostbyaddr(3),
- getaddrinfo(3),
- getnameinfo(3),
- system.grp - provides getgrent(3)-compatible API,
- system.pwd - provides getpwent(3)-compatible API,
- system.random - allows to obtain entropy from /dev/random,
- system.sysctl - provides sysctlbyname(3-compatible API.
Sponsored by: The FreeBSD Foundation
only being able to create 1TB partitions:
o) Use an unsigned 32-bit quantity to store the number of disk sectors.
o) Detect overflow of said 32-bit quantity and clamp to 2^32.
o) Rather than returning the disk sector count from get_params, return 0 on
success, since its return value is only ever compared to -1 to detect
failure. This would cause returning 2^32 sectors to be interpreted as an
error.
Reviewed by: bde ("good for a quick fix")
Print warning for IPv4 address strings which are valid in
inet_aton() but not valid in inet_pton(). (1)
Found by: Özkan KIRIK <ozkan.kirik@gmail.com>
Submitted by: Ian Smith <smithi@nimnet.asn.au> (1)
MFC after: 2 weeks
Sponsored by: Yandex LLC
Now it is easy to expand the size of the mirror when all its components
are replaced. Also add g_resize method to geom_mirror class. It will write
updated metadata to new last sector, when parent provider is resized.
Silence from: geom@
MFC after: 1 month
signifying that a reboot is required to complete activation
of the requested firmware image.
Reported by: Joe Golio <joseph.golio@emc.com>
Sponsored by: Intel
MFC after: 3 days
manual page:
There is no need to call arc4random_stir() before using
arc4random() functions family, since they automatically
initialize themselves.
No objection: des
MFC after: 2 weeks
Original log:
pfctl -ss printed state levels for ICMPv6. Disable this the same
way it has already been done for ICMPv4.
Difference with OpenBSD:
- WITHOUT_INET6 safe
Obtained from: OpenBSD
when -u is specified it is not...
update the docs to say that you can use full device names w/ -u, and
update the examples...
Submitted by: #vbsdcon
MFC after: 3 days
This is believed to fix hastd crashes, which might occur during
synchronization, triggered by the failed assertion:
Assertion failed: (amp->am_memtab[ext] > 0),
function activemap_write_complete, file activemap.c, line 351.
MFC after: 1 week
1. "-u N" specified, no -f, and mdN found,
2. no -u, "-f /pathname" specified, and mdN associated with /pathname found,
3. "-u N" specified, "-f /pathname" specified, and both of them found,
4. "-l" specified and no -f,
5. "-l" specified, "-f /pathname" specified, and /pathname found.
otherwise return -1.
Spotted by: Julian H. Stacey
di_extsize is the EA size and as such it should be unsigned.
Adjust related types for consistency.
Reviewed by: mckusick (previous version)
MFC after: 3 weeks
Always validate the return of find_geomcfg(). It could be NULL, for
example when the geom is withering.
Approved by: ken (mentor)
Sponsored by: Spectra Logic Corporation
MFC after: 3 weeks
with CARP.
Currently, we've got a problem that interface isn't IFF_UP at the time
we assign it a redundant address, and the latter gets stuck in INIT state.
Additional SIOCSIFFLAGS from ifconfig(8) kicks it to a working state.
A proper fix is kernel side and appeared to be non-trivial, not to be
checked in before 10.0-RELEASE.
Submitted by: Ole Myhre <ole.myhre dataoppdrag.no>
already belongs or removing it from a group to which it does not
belong. This makes it possible to include group memberships in
ifconfig_foo0 in rc.conf without fear of breaking "service netif
restart foo0".
MFC after: 3 days
that it's being used by both initiators, and change the title to make
it more easily searchable.
Approved by: re (glebius)
Sponsored by: FreeBSD Foundation
when calculating stats in nvmecontrol perftest.
Sponsored by: Intel
Reported by: Joe Golio <joseph.golio@emc.com>
Reviewed by: carl
Approved by: re (hrs)
MFC after: 1 week
kept dirty to reduce the number of on-disk metadata updates. The
sequence of operations is:
1) acquire the activemap lock;
2) update in-memory map;
3) if the list of keepdirty extents is changed, update on-disk metadata;
4) release the lock.
On-disk updates are not frequent in comparison with in-memory updates,
while require much more time. So situations are possible when one
thread is updating on-disk metadata and another one is waiting for the
activemap lock just to update the in-memory map.
Improve this by introducing additional, on-disk map lock: when
in-memory map is updated and it is detected that the on-disk map needs
update too, the on-disk map lock is acquired and the on-memory lock is
released before flushing the map.
Reported by: Yamagi Burmeister yamagi.org
Tested by: Yamagi Burmeister yamagi.org
Reviewed by: pjd
Approved by: re (marius)
MFC after: 2 weeks
