The existing logic is nice in theory, but in practice freebsd-update will
not preserve the timestamps on these files. When doing a major upgrade, e.g.
from 12.1-RELEASE -> 12.2-RELEASE, pwd.mkdb et al. appear in the INDEX and
we clobber the timestamp several times in the process of packaging up the
existing system into /var/db/freebsd-update/files and extracting for
comparisons. This leads to these files not getting regenerated when they're
most likely to be needed.
Measures could be taken to preserve timestamps, but it's unclear whether
the complexity and overhead of doing so is really outweighed by the marginal
benefit.
I observed this issue when pkg subsequently failed to install a package that
wanted to add a user, claiming that the user was removed in the process.
bapt@ pointed to this pre-existing bug with freebsd-update as the cause.
PR: 234014, 232921
Reviewed by: bapt, emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D27635
This is the final half of splitting r358153 in two, in order to avoid a build
system bugs and being able to merge an earlier change to previous releases.
Add a note to UPDATING to avoid people building from very old systems from
having issues with mergemaster
MFC after: 3 days (only 12-stable)
Differential Revision: https://reviews.freebsd.org/D23621
This is an import of the Google Summer of Code 2018 project completed by
Christian Kramer (and, sadly, ignored by us for two years now). The goals
stated for that project were:
FreeBSD already has support for interrupts implemented in the GPIO
controller drivers of several SoCs, but there are no interfaces to take
advantage of them out of user space yet. The goal of this work is to
implement such an interface by providing descriptors which integrate
with the common I/O system calls and multiplexing mechanisms.
The initial imported code supports the following functionality:
- A kernel driver that provides an interface to the user space; the
existing gpioc(4) driver was enhanced with this functionality.
- Implement support for the most common I/O system calls / multiplexing
mechanisms:
- read() Places the pin number on which the interrupt occurred in the
buffer. Blocking and non-blocking behaviour supported.
- poll()/select()
- kqueue()
- signal driven I/O. Posting SIGIO when the O_ASYNC was set.
- Many-to-many relationship between pins and file descriptors.
- A file descriptor can monitor several GPIO pins.
- A GPIO pin can be monitored by multiple file descriptors.
- Integration with gpioctl and libgpio.
I added some fixes (mostly to locking) and feature enhancements on top of
the original gsoc code. The feature ehancements allow the user to choose
between detailed and summary event reporting. Detailed reporting provides
a record describing each pin change event. Summary reporting provides the
time of the first and last change of each pin, and a count of how many times
it changed state since the last read(2) call. Another enhancement allows
the recording of multiple state change events on multiple pins between each
call to read(2) (the original code would track only a single event at a time).
The phabricator review for these changes timed out without approval, but I
cite it below anyway, because the review contains a series of diffs that
show how I evolved the code from its original state in Christian's github
repo for the gsoc project to what is being commited here. (In effect,
the phab review extends the VC history back to the original code.)
Submitted by: Christian Kramer
Obtained from: https://github.com/ckraemer/freebsd/tree/gsoc2018
Differential Revision: https://reviews.freebsd.org/D27398
Now that bhyve(8) supports UART, bvmconsole and bvmdebug are no longer needed.
Mark the '-b' and '-g' flag as deprecated for bhyve(8).
These will be removed in 13.
Reviewed by: jhb, grehan
Approved by: kevans (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D27519
It can be assumed that the contents of the buffer was still allocated and
valid at the point of the out-of-scope access, so there was no security
issue in practice.
Reported by: Coverity Scan CID 1437697
MFC after: 3 days
This is addressing cases such as fts_read(3) encountering an [EIO]
from fchdir(2) when FTS_NOCHDIR is not set. That would otherwise be
seen as a successful traversal in some of these cases while silently
discarding expected work.
As noted in r264201, fts_read() does not set errno to 0 on a successful
EOF so it needs to be set before calling it. Otherwise we might see
a random error from one of the iterations.
gzip is ignoring most errors and could be improved separately.
Reviewed by: vangyzen
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D27184
While porting over the local changes from CheriBSD for upstreaming, I
accidentally committed a broken version of find_entry_point(): we have to
return NULL if the value is not found instead of a value with
ep->name == NULL, since the checks in main were changed to check ep instead
of ep->name for NULL.
This only matters if the crunched tool cannot be found using normal lookup
and one of the fallback paths is used, so it's unlikely to be triggered
in rescue. However, I noticed that one of our CheriBSD test scripts was
failing to run commands under `su` on minimal disk images where all
binaries are hardlinks to a `cheribsdbox` tool generated with crunchgen.
This also updates the bootstrapping check in Makefile.inc1 to bootstrap
crunchgen up to the next version bump.
Reviewed By: kevans
Differential Revision: https://reviews.freebsd.org/D27474
We intend to remove the obsolete GDB 6.1.1 from FreeBSD before FreeBSD 13.
Reviewed by jhb
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D27447
- Avoid leaking a socket if llflags_get() fails.
- Avoid leaking a file handle if rtsold_init_dumpfile() fails.
- Tighten the check in if_nametosdl() which determines whether we failed
to find the specified interface.
- Fix errno handling in an error path in rtsock_open().
MFC after: 1 week
efivar_device_path_to_unix_path() returns standard error codes on
failure and zero on success. Checking for a return value less than zero
means that the actual failure cases won't be handled. This could
manifest as a segfault during the subsequent call to printf().
Reviewed by: imp
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D27424
This uses the same snapshot routine as other VirtIO devices.
Submitted by: Vitaliy Gusev <gusev.vitaliy@gmail.com>
Differential Revision: https://reviews.freebsd.org/D26265
Permit suspend/resume of a XHCI device model that has not been
attached to by a driver in a guest OS.
Submitted by: Vitaliy Gusev <gusev.vitaliy@gmail.com>
Differential Revision: https://reviews.freebsd.org/D26264
This fixes the amount of memory displayed in the EDK2 UiApp to be the same
as passed on the bhyve command line. Otherwise, 8GB is displayed as 4GB,
32GB as 28GB etc.
Reviewed by: jhb, kib, rgrimes
Differential Revision: https://reviews.freebsd.org/D27348
Fix a couple of style issues introduced in my previous commit.
Add a comment explaining that the SMBIOS specification defines the date
format to be mm/dd/yyyy, which is why we don't use ISO 8601.
Add a new ioctl to disable all MSI-X interrupts for a PCI passthrough
device and invoke it if a write to the MSI-X capability registers
disables MSI-X. This avoids leaving MSI-X interrupts enabled on the
host if a guest device driver has disabled them (e.g. as part of
detaching a guest device driver).
This was found by Chelsio QA when testing that a Linux guest could
switch from MSI-X to MSI interrupts when using the cxgb4vf driver.
While here, explicitly fail requests to enable MSI on a passthrough
device if MSI-X is enabled and vice versa.
Reported by: Sony Arpita Das @ Chelsio
Reviewed by: grehan, markj
MFC after: 2 weeks
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D27212
NFS over TLS uses three new export options, added by r364979.
This patch updates the exports.5 man page for these new options.
Once assigned by IETF, "NNNN" will be replaced with the RFC number.
This is a content change.
Reviewed by: gbe
Differential Revision: https://review.freebsd.org/D26241
Add update to RIP after a userspace instruction decode (as is done for
the in-kernel counterpart of this case).
Submitted by: adam_fenn.io
Reviewed by: cem, markj
Approved by: grehan (bhyve)
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D27243
The suser_enable sysctl allows to remove a privileged rights from uid 0.
This change introduce per jail setting which allow to make root a
normal user.
Reviewed by: jamie
Previous version reviewed by: kevans, emaste, markj, me_igalic.co
Discussed with: pjd
Differential Revision: https://reviews.freebsd.org/D27128
local software base directory, as committed in SVN rev. 367813.
The pkg and mailwrapper programs used the LOCALBASE environment variable
for this purpose and this functionality is preserved by getlocalbase().
After this change, the value of the user.localbase sysctl variable is used
if present (and not overridden in the environment).
The nvmecontrol program gains support of a dynamic path to its plugin
directory with this update.
Differential Revision: https://reviews.freebsd.org/D27237
/etc/os-release is now a symbolic link to a generated file. Make
mergemaster cope with symbolic links generically. I'm no longer
a big mergemaster user, so this has only been lightly tested
by me, though Kimura-san has ran it through its paces.
Submitted by: Yasushiro KIMURA-san
PR: 242212
MFC After: 2 weeks
When the AHCI code was reworked to use FreeBSD struct
definitions, the valid element was mis-transcribed resulting
in the UMDA capability being hidden. This prevented Illumos
from using AHCI disk/cdrom drives.
Fix by using definitions that match the code pre-rework.
PR: 250924
Submitted by: Rolf Stalder
Reported by: Rolf Stalder
MFC after: 3 days
Sometimes users want to use freebsd-update(8) in a non-interactive way and
what they often miss is that they have to set PAGER to cat(1) in order to
avoid interactive prompts from less(1).
MFC after: 4 weeks
Since lots of work has been done on bhyve since 2014, increase the version
to 13.0 to match 13-CURRENT, and update the release date.
Reviewed by: grehan
Differential Revision: https://reviews.freebsd.org/D27147
In standards such as LoPAPR, property names in excess of the usual 31
characters exist.
This breaks property traversal.
While in IEEE 1275-1994, nextprop is defined explicitly to work with a
32-byte region of memory, using a larger buffer should be fine. There is
actually no way to pass a buffer length to the nextprop call in the OF
client interface, so SLOF actually just blindly overflows the buffer.
So we have to defensively make the buffer larger, to avoid memory
corruption when reading out long properties on live OF systems.
Note also that on real-mode OF, things are pretty tight because we are
allocating against a static bounce buffer in low memory, so we can't just
use a huge buffer to work around this without it being wasteful of our
limited amount of 32-bit physical memory.
This allows a patched ofwdump to operate properly on SLOF (i.e. pseries)
systems, as well as any other PowerPC systems with overlength properties.
Reviewed by: jhibbits
MFC after: 2 weeks
Sponsored by: Tag1 Consulting, Inc.
Differential Revision: https://reviews.freebsd.org/D26669
Read CPUID leaf 0x8000008 to determine max supported phys address and
create BAR region right below it, reserving 1/4 of the supported guest
physical address space to the 64bit BARs mappings.
PR: 250802 (although the issue from PR is not fixed by the change)
Noted and reviewed by: grehan
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D27095
Specifically this was causing the /dev/klog fd and the signal pipe
handling fd to get a sendmsg(2) called on them and always returned
[ENOTSOCK].
r310350 combined these sockets into the main socket list and properly
skipped AF_UNSPEC at the sendmsg(2) call but later in r344739 it was
broken such that these special sockets were no longer excluded since
the AF_UNSPEC check specifically excluded these special sockets. Only
these special sockets have sl_sa = NULL. The sl_family checks should
be redundant now but are left in case of future changes so the intent
is clearer.
MFC after: 2 weeks
- Bad whitespace in Makefile.
- Reordered headers, sys/ first.
- Annotated fatal/usage __dead2 to help `make analyze` out a little bit.
- Spell a couple of sizeof constructs as "nitems" and "howmany" instead.
MFC after: 1 week
If bhyve is used to emulate 512e access in guest OS, then discard addresses should be properly aligned.
Otherwise ioctl DIOCGDELETE fails for 512b requires on devices with 4K sector size.
see g_dev_ioctl() in sys/geom/geom_dev.c
Submitted by: Vitaliy Gusev <gusev.vitaliy@gmail.com>
MFC after: 1 week
Sponsored by: vStack.com
Differential Revision: https://reviews.freebsd.org/D27075
The existing format string for the empty case was trying to read varargs
values that weren't passed to xo_emit. This appears to work on x86 (since
the next argument is probably a pointer an empty string), but for CHERI
we can bound variadic arguments and detect a read past the end.
While touching these lines also use the libxo 'a' modifier to avoid having to
construct the libxo format string using asprintf.
Found by: CHERI
Reviewed By: allanjude
Differential Revision: https://reviews.freebsd.org/D26885
"smbios.system.family" as " ".
This presents challenges for both humans and tools when trying to parse output
that uses those results.
The new values reported are now:
smbios.system.family="Virtual Machine"
smbios.system.maker="FreeBSD"
PR: 250728
Approved by: grehan@FreeBSD.org
Sponsored by: Netflix
Foundation copyrights, approved by emaste@. It does not include
files which carry other people's copyrights; if you're one
of those people, feel free to make similar change.
Reviewed by: emaste, imp, gbe (manpages)
Differential Revision: https://reviews.freebsd.org/D26980
Literal references to /usr/local exist in a large number of files in
the FreeBSD base system. Many are in contributed software, in configuration
files, or in the documentation, but 19 uses have been identified in C
source files or headers outside the contrib and sys/contrib directories.
This commit makes it possible to set _PATH_LOCALBASE in paths.h to use
a different prefix for locally installed software.
In order to avoid changes to openssh source files, LOCALBASE is passed to
the build via Makefiles under src/secure. While _PATH_LOCALBASE could have
been used here, there is precedent in the construction of the path used to
a xauth program which depends on the LOCALBASE value passed on the compiler
command line to select a non-default directory.
This could be changed in a later commit to make the openssh build
consistently use _PATH_LOCALBASE. It is considered out-of-scope for this
commit.
Reviewed by: imp
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D26942
Describe "diff installed new" as "Displaying differences between
installed and new." Previously mergemaster described them in the
opposite order.
PR: 249214
Reported by: Yuri Victorovich
MFC after: 2 weeks
rpcbind is now considered a security risk for some sites.
Since an NFSv4 only NFS server does not need rpcbind,
it makes sense to have an option that implements this.
This patch adds a "-R" option that disables the Mount
protocol (not used by NFSv4) and does not register
with rpcbind.
Changes are required to /etc/rc.d/mountd and /etc/rc.d/nfsd.
Those will be in a separate commit.
Reviewed by: freqlabs, asomers
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D26746
Mak the Ethernet PCP codepoint configurable
for L2 local traffic, to allow lower latency for
iSCSI block IO. This addresses the target
side only.
Reviewed by: mav, trasz, bcr
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D26740
Make the Ethernet PCP codepoint configurable
for L2 local traffic, to allow lower latency for
iSCSI block IO. This addresses the initiator
side only.
Reviewed by: mav, trasz, bcr
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D26739
It does not change anything immediately, but allows further support of
Command Priority, Status Qualifier and new task management functions.
MFC after: 1 month
Sponsored by: iXsystems, Inc.
efivar_unix_path_to_device_path returns the error code, it does not set errno.
Reviewed by: imp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26852
bhyve sometimes segfaults when using an e1000 NIC with a Windows guest.
We are only updating our tdba and cached host mapping when the low address
register is written and when tx is set enabled, but not when the high address
or length registers are written. It is observed that Windows 10 is occasionally
enabling tx first then writing the registers in the order low, high, len. This
leaves us with a bogus base address and mapping, which causes a segfault later
when we try to copy from a descriptor that has unpredictable garbage in a
pointer.
Updating the address and mapping when any of those registers change seems to fix
that particular issue.
Reviewed by: mav, grehan (bhyve)
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D26798
We convert a string like "W32:vendor/device" into "I:vendor;I:device",
where the output is longer than the input, but only allocate space equal
to the length of the input, leading to a buffer overflow.
Instead use open_memstream so we get a safe dynamically-grown buffer.
Found by: CHERI
Reviewed by: imp, jhb (mentor)
Approved by: imp, jhb (mentor)
Obtained from: CheriBSD
Differential Revision: https://reviews.freebsd.org/D26637
This with the previous patch I committed makes traceroute6/traceroute
compile fine when libcasper isn't enabled.
This complains strongly with unused variables and such when compiled
with gcc-6 on mips32.
Tested:
* compiled/run on mips32 hardware (AR9344)
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D26773
Remove quotes around size in the LUN section and change the suffix to 'GB'. The
UCL format does recognize 'G' on its own, which uses a base 10 multiplier where
'GB' uses a 2 power multiplier.
Document the difference between valid suffixes when using ctl.conf(5) in the
general syntax form or in UCL format.
Reviewed by: kevans, mav
Approved by: kevans (mentor)
Differential Revision: https://reviews.freebsd.org/D26716
r362163 upgraded mountd so that it could handle MAX_NGROUPS
groups for the anonymous user credentials (the ones provided by
-maproot and -mapall exports options).
The problem is that this resulted in every export structure growing by
about 4Kbytes, because the cr_groups field went from 16->MAX_NGROUPS.
This patch fixes this by only including a small 32 element cr_groups in the
structure and then malloc()'ng cr_groups when a larger one is needed.
The value of SMALLNGROUPS is arbitrarily set to 32, assuming most users
used by -maproot or -mapall will be in <= 32 groups.
Reviewed by: kib, freqlabs
Differential Revision: https://reviews.freebsd.org/D26521
Allow the DSCP codepoint also to be configurable
for the traffic in the direction from the initiator
to the target, such that writes and any requests
are also treated in the appropriate QoS class.
Reviewed by: mav
MFC after: 2 weeks
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D26714
- no blank before trailing delimiter
- whitespace at end of input line
- sections out of conventional order
- normalizing date format
- AUTHORS section without An macro
Too many version of UEFI firmware (so far only confirmed on amd64)
don't really support efibootmgr selection of boot. That's the most
reliable, when it works, since there's no guesswork. However, many do
not save, unmolested, the variables that efibootmgr sets, so as a
fallback we also install loader.efi as bootXXX.efi (where XXX is
either aa64 or x64) if it doesn't already exist in /efi/boot on the
ESP. The standard only defines this for removable devices, but it's
almost ubiquitously used as a fallback. Many BIOSes implement a drive
selection feature that takes over the efibootmgr protocol, rendinering
it useless (either generally, or for those vendors not on the short
list). bootxxx.efi works around this. However, we don't install it
unconditionally there, as that breaks some popular multi-boot setups.
MFC After: 1 week
Differential Revision: https://reviews.freebsd.org/D26428
The method was optional prior to r365938, which made it mandatory but did add
any test that an implementation provides the method nor implement it for
bhyveload. The code path might not be hit unless the user's loader was
configured to write to a file on disk, such as with nextboot(8).
Reviewed by: grehan, tsoome
Approved by: bhyve
X-MFC-With: r365938
Differential Revision: https://reviews.freebsd.org/D26710
r364166 converted echo -n `/bin/pwd` to a raw pwd invocation, leaving a
trailing newline at the end of path. This caused a later stat() of it to
erroneously fail and the fallback to MK_AUTO_OBJ=no logic proceeded as
unexpected.
Harry Schmalzbauer bissected the resulting build failure he experienced
(stable/12 host, -HEAD build) down to r365887. This change is mostly
unrelated, except it switches the build to bootstrapped crunchgen - clue!
I then bissected recent crunchgen changes going back a bit since we wouldn't
observe the failure immediately with -CURRENT in most configurations, which
landed me on r364166. After many intense head-scratching minutes and printf
debugging, I realized that the newline was the difference. This is where our
tale ends.
Reported by: Harry Schmalzbauer, O. Hartmann, Mike Tancsa, kevans
MFC after: 3 days
The output of "ngctl dot" is suitable for small netgraph networks. Even
moderate complex netgraph setups (about a dozen nodes) are hard to
understand from the .dot output, because each node and each hook are shown
as a full blown structure.
This patch allows to generate much more compact output and graphs by
omitting the extra structures for the individual hooks. Instead the names of
the hooks are labels to the edges.
Submitted by: Lutz Donnerhacke <lutz_donnerhacke.de>
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D21965
VirtFS allows sharing an arbitrary directory tree between bhyve virtual
machine and the host. Current implementation has a fairly complete support
for 9P2000.L protocol, except for the extended attribute support. It has
been verified to work with the qemu-kvm hypervisor.
Reviewed by: rgrimes, emaste, jhb, trasz
Approved by: trasz (mentor)
MFC after: 1 month
Relnotes: yes
Sponsored by: Conclusive Engineering (development), vStack.com (funding)
Differential Revision: https://reviews.freebsd.org/D10335
'ident' was replaced with 'ata_ident' in revision r363596.
Submitted by: Vitaliy Gusev <gusev.vitaliy_gmail.com>
Reviewed by: Darius Mihai
Differential Revision: https://reviews.freebsd.org/D26263
running kernel instead of the stats of the crashed kernel. The current
version uses sysctls to query the stats and does not work at all (anymore)
on crash dumps.
Repeating the default WARNS here makes it slightly more difficult to
experiment with default WARNS changes, e.g. if we did something absolutely
bananas and introduced a WARNS=7 and wanted to try lifting the default to
that.
Drop most of them; there is one in the blake2 kernel module, but I suspect
it should be dropped -- the default WARNS in the rest of the build doesn't
currently apply to kernel modules, and I haven't put too much thought into
whether it makes sense to make it so.
In order to prioritize iSCSI traffic across a network,
DSCP can be used. In order not to rely on "ipfw setdscp"
or in-network reclassification, this adds the dscp value
directly to the portal group (where TCP sessions are accepted).
The incoming iSCSI session is first handled by ctld for any
CHAP authentication and the socket is then handed off to the
in-kernel iscsi driver without modification of the socket
parameters. Simply setting up the socket in ctld is sufficient
to keep sending outgoing iSCSI related traffic with the
configured DSCP value.
Reviewed by: mav, trasz
MFC after: 2 weeks
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D26385
Prune dead mirrors from the list of mirrors in bsdconfig and bsdinstall.
All these return NXDOMAIN when trying to resolve them.
Reviewed by: emaste
Approved by: emaste
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D26535
When the DEVICE_PATH is <= 4 that means it's effectively empty. I have
a laptop that has a BIOS that likes to generate these:
8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot2001
0000: 01 00 00 00 04 00 45 00 46 00 49 00 20 00 55 00
0010: 53 00 42 00 20 00 44 00 65 00 76 00 69 00 63 00
0020: 65 00 00 00 7f ff 04 00 52 43
which now decodes as
8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot2001
* EFI USB Device
Empty path
Option:
0000: 52 43
which matches my hand-decode.
Add an extra newline after Option: to make it look nice.
I suspect that these entries really should be VenHw entries instead,
but my ability to change that is NIL, so cope with them as best we can.
efibootmgr(8)'s output is fine and doesn't need adjusting.
For a long period value and the duty specified as a percentage,
there could be an overflow.
Using unsigned integers aligns the code with struct pwm_state and allows
to safely use periods up to 4 seconds where supported by drivers.
MFC after: 2 weeks
received.
The default system log rotation mechanism (newsyslog(8)) requires ability to send
signal to a daemon in order to properly complete rotation of the logs in an "atomic"
manner without having to making a copy and truncating original file. Unfortunately
our built-in mechanism to convert "dumb" programs into daemons has no way to handle
this rotation properly. This change adds this ability, to be enabled by supplying -H
option in addition to the -o option.
Reviewed by: markj, rpokala (manpages)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D26526
* powerpc time_t is 64 bit, not 32 bit.
* Add definition for powerpc64le.
With this, powerpc64le ntpd and ntpdate operate correctly instead of
corrupting the clock and exiting.
Tested on powerpc64, powerpc64le, and powerpc.
No feedback from cy@.
I am a bit confused as to how SIZEOF_TIME_T being wrong ever worked on
powerpc, it being big endian and all.
Sponsored by: Tag1 Consulting, Inc.
Differential Revision: https://reviews.freebsd.org/D26379
This fixes a compile issue under gcc6 which complains about
legacy style C function declarations.
Differential Revision: https://reviews.freebsd.org/D26504
This allows us to redirect its output in cmd_cron, so that the
"src component not installed, skipped" message will be treated
the same way as other output from freebsd-update cron: Sent
in an email to root (or other address specified) if there are
updates to install, and silenced otherwise.
PR: 202492
MFC After: 1 week
Differential Revision: https://reviews.freebsd.org/D26432
The current default is provided in various Makefile.inc in some top-level
directories and covers a good portion of the tree, but doesn't cover parts
of the build a little deeper (e.g. libcasper).
Provide a default in src.sys.mk and set WARNS to it in bsd.sys.mk if that
variable is defined. This lets us relatively cleanly provide a default WARNS
no matter where you're building in the src tree without breaking things
outside of the tree.
Crunchgen has been updated as a bootstrap tool to work on this change
because it needs r365605 at a minimum to succeed. The cleanup necessary to
successfully walk over this change on WITHOUT_CLEAN builds has been added.
There is a supplemental project to this to list all of the warnings that are
encountered when the environment has WARNS=6 NO_WERROR=yes:
https://warns.kevans.dev -- this project will hopefully eventually go away
in favor of CI doing a much better job than it.
Reviewed by: emaste, brooks, ngie (all earlier version)
Reviewed by: emaste, arichardson (depend-cleanup.sh change)
Differential Revision: https://reviews.freebsd.org/D26455
The language id of String Descriptors in usb mouse is
0x0904, while the spec require 0x0409 (English - United States)
Submitted by: Wanpeng Qian
Reviewed by: grehan
Approved by: grehan (#bhyve)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D26472
As of r365829, any given base distribution set will now include the /etc/ssl
symlinks that this rehash would've otherwise installed. This extra step is
no longer required.
MFC after: 1 week
X-MFC-With: r365837
Don't permit setting the exception bitmap or VMCS entry interrupt
information. These are not generally useful to set. If it is needed
in the future, dedicated pseudo registers can be added for these that
would be used with vm_set_register().
Discussed with: grehan
MFC after: 1 week
The first issue was lack of quoting around INSTALLFLAGS, which set it
incorrectly and produced an error on -M.
The second issue was that we weren't actually doing the install in
unprivileged mode, making it effectively useless. This was designed to pass
through the proper metalog/unpriv flags to install(1), so just let it
happen.
MFC after: 3 days
This would allow interested parties to do experimental runs with an
environment set appropriately to raise all the warnings throughout the
build; e.g. env WARNS=6 NO_WERROR=yes buildworld.
Not currently touching the numerous instances in ^/tools.
MFC after: 1 week
This was revealed by the rescue build with a patch I'm working on to default
WARNS=6 everywhere. The issues resolved were:
- Missing prototype for _crunched_${ident}_stub in the *_stub.c generated
bits
- Missing prototype for crunched_main
- Incomplete prototype for _crunched_${ident}_stub in the generated parts of
crunched_main
- Literal strings in the stub table must drop const qualifier, unless we
const'ify name
- f field in struct stub didn't have a proper prototype
Most of these issues are minor formalities and easily addressed.
I note that if my patch to eventually raise WARNS for the rescue build
lands, we'll need to bump the __FreeBSD_version requirement for
bootstrapping crunchgen and wipe out the rescue .OBJDIR if it's stale, which
we should be able to detect pretty easily from a couple of the issues that
have been fixed here.
Reviewed by: arichardson
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26363
Currently, certctl rehash will just keep clobbering .0 rather than
incrementing the suffix upon encountering a duplicate. Do this, and do it
for blacklisted certs as well.
This also improves the situation with the blacklist to be a little less
flakey, comparing cert fingerprints for all certs with a matching subject
hash in the blacklist to determine if the cert we're looking at can be
installed.
Future work needs to completely revamp the blacklist to align more with how
it's described in PR 246614. In particular, /etc/ssl/blacklisted should go
away to avoid potential confusion -- OpenSSL will not read it, it's
basically certctl internal.
PR: 246614
Reviewed by: Michael Osipov <michael.osipov siemens com>
Tested by: Michael Osipov
With suggestions from: Michael Osipov
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26167
Currently, WITHOUT_PORTSNAP forces WITHOUT_FREEBSD_UPDATE because the
latter relies on phttpget, which lives inside the portsnap build bits.
Remove the dependency between these two options by moving phttpget out into
^/libexec and building/installing it if either WITH_PORTSNAP or
WITH_FREEBSD_UPDATE.
Future work could remove the conditional if it's decided that users will use
it independently of either the current in-base consumers.
Reported by: swills
Reviewed by: jilles, emaste
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D26255
Just using MD5, SHA1, RMD160 and SHA256 for defines collides with
functions of the same name in OpenSSL. This can cause compilation
issues in downstream consumers if they use OpenSSL for the hash
functions instead of libmd.
Reviewed by: sjg
Obtained from: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D26321
The caller-supplied pointer is unconditionally dereferenced at the
beginning of the function, so there is no point in comparing it with
NULL thereafter.
Reported by: Coverity
MFC after: 1 week
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
from the kernel, but let's try to be on the safe side.
Reviewed by: mav
MFC after: 2 weeks
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D26246
the wrong length to strlcpy(3). It looks like it could overflow into
the next field, isc_user, which is properly long to accomodate for it;
I don't think it could cause any harm other than breaking the connection.
Reviewed by: mav
MFC after: 2 weeks
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D26247
Three new export flags are added to mountd that will restrict exported
file system mounts to use TLS. Without these flags, TLS is allowed, but not
required.
The exports(5) man page will be updated in a future commit.
clash, or redefining name/jid). The current behvaior, of merely warning
and moving on, can lead to unexpected behavior when a jail is created
without the offending parameter defined at all.
The OsIndications UEFI variable can request the firware to stop at
its UI instead of continuing with boot. Add flags for setting and
clearing this request.
Reviewed by: manu, bcr (manpages)
Approved by: scottl (implicit)
MFC after: 1 week
Sponsored by: Ampere Computing, Inc.
Differential Revision: https://reviews.freebsd.org/D25839
While we do support the "O bit" running a script (usually to start a
dhcpv6 client) we have no options for setups which set the "M bit" for,
e.g., static address assignment as in EC2.
Duplicate most of the "O bit" logic to also start a script for the
"M bit" with the one difference: if the "M bit" is set we will not
start the script for the "O bit" as well (per RFC 4861, Section 4.2).
Reviewed by: hrs, markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26099
The macOS assert.h header does not define static_assert when compiling in
C99 mode. To fix this compile with -std=c11.
Reviewed By: emaste
Differential Revision: https://reviews.freebsd.org/D25928
The primary benefit is maintaining a completely shared
code base with the community allowing FreeBSD to receive
new features sooner and with less effort.
I would advise against doing 'zpool upgrade'
or creating indispensable pools using new
features until this change has had a month+
to soak.
Work on merging FreeBSD support in to what was
at the time "ZFS on Linux" began in August 2018.
I first publicly proposed transitioning FreeBSD
to (new) OpenZFS on December 18th, 2018. FreeBSD
support in OpenZFS was finally completed in December
2019. A CFT for downstreaming OpenZFS support in
to FreeBSD was first issued on July 8th. All issues
that were reported have been addressed or, for
a couple of less critical matters there are
pull requests in progress with OpenZFS. iXsystems
has tested and dogfooded extensively internally.
The TrueNAS 12 release is based on OpenZFS with
some additional features that have not yet made
it upstream.
Improvements include:
project quotas, encrypted datasets,
allocation classes, vectorized raidz,
vectorized checksums, various command line
improvements, zstd compression.
Thanks to those who have helped along the way:
Ryan Moeller, Allan Jude, Zack Welch, and many
others.
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D25872
That mode is useful to call gstat from other app, however kinda useless
since gstat won't exit and stay running forever when its parent process
has long gone.
MFC after: 2 weeks
The added print was very helpful for debugging failed disk image creation.
Reviewed By: emaste
Differential Revision: https://reviews.freebsd.org/D23200
This should fix cases like su setting argv[0] to _su for /bin/sh.
Previously cheribsdbox (a crunched tool we use in CheriBSD to reduce the
size of our minimal disk images to allow loading them onto FPGAs without
waiting forever for the transfer) would complain about _su not being
compiled in, but now that we also look at AT_EXECPATH it correctly
invokes the sh tool.
Note: we use use AT_EXECPATH instead of the KERN_PROC_PATHNAME sysctl to get
the crunchgen binary name since it seems like KERN_PROC_PATHNAME just
returns the last cached path for a given hardlink.
When using `su`, instead of invoking /bin/csh this would invoke the last
used hardlink to cheribsdbox. This caused weird test failures when running
tests due to `id` being executed instead of `echo`:
$ id # id is a hardlink to /bin/cheribsdbox
$ su postgres -c 'echo 1' # su is also a hardlink
uid=1001(postgres) gid=1001(postgres) groups=1001(postgres)
Obtained from: CheriBSD
Reviewed By: emaste, brooks
Differential Revision: https://reviews.freebsd.org/D25998
The NVMe emulation code did not explicitly initialize queue head and
tail pointers on queue creation. As these pointers are part of
calloc()'ed memory, this only becomes a problem if the queues are
deleted and then recreated.
This error can manifest with messages about completions not matching a
command.