Commit Graph

18899 Commits

Author SHA1 Message Date
Kyle Evans
ebebc41e4c freebsd-update: unconditionally regenerate passwd/login.conf files
The existing logic is nice in theory, but in practice freebsd-update will
not preserve the timestamps on these files. When doing a major upgrade, e.g.
from 12.1-RELEASE -> 12.2-RELEASE, pwd.mkdb et al. appear in the INDEX and
we clobber the timestamp several times in the process of packaging up the
existing system into /var/db/freebsd-update/files and extracting for
comparisons. This leads to these files not getting regenerated when they're
most likely to be needed.

Measures could be taken to preserve timestamps, but it's unclear whether
the complexity and overhead of doing so is really outweighed by the marginal
benefit.

I observed this issue when pkg subsequently failed to install a package that
wanted to add a user, claiming that the user was removed in the process.
bapt@ pointed to this pre-existing bug with freebsd-update as the cause.

PR:		234014, 232921
Reviewed by:	bapt, emaste
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D27635
2020-12-17 03:42:54 +00:00
Pedro F. Giffuni
228e2087a3 /etc/services: attempt to bring the database to this century 2/2.
This is the final half of splitting r358153 in two, in order to avoid a build
system bugs and being able to merge an earlier change to previous releases.

Add a note to UPDATING to avoid people building from very old systems from
having issues with mergemaster

MFC after:	3 days (only 12-stable)

Differential Revision:	https://reviews.freebsd.org/D23621
2020-12-17 02:54:32 +00:00
Jamie Gritton
3050aced42 Bugfix to not hide jailparam flags, which for example changes the output
"vnet=2" to the less opaque "vnet=inherit"

Reported by:	kevans
MFC after:	5 days
2020-12-15 20:56:35 +00:00
Ian Lepore
ff3468ac94 Provide userland notification of gpio pin changes ("userland gpio interrupts").
This is an import of the Google Summer of Code 2018 project completed by
Christian Kramer (and, sadly, ignored by us for two years now).  The goals
stated for that project were:

    FreeBSD already has support for interrupts implemented in the GPIO
    controller drivers of several SoCs, but there are no interfaces to take
    advantage of them out of user space yet. The goal of this work is to
    implement such an interface by providing descriptors which integrate
    with the common I/O system calls and multiplexing mechanisms.

The initial imported code supports the following functionality:

 -  A kernel driver that provides an interface to the user space; the
    existing gpioc(4) driver was enhanced with this functionality.
 -  Implement support for the most common I/O system calls / multiplexing
    mechanisms:
     -  read() Places the pin number on which the interrupt occurred in the
        buffer. Blocking and non-blocking behaviour supported.
     -	poll()/select()
     -	kqueue()
     -	signal driven I/O. Posting SIGIO when the O_ASYNC was set.
 -  Many-to-many relationship between pins and file descriptors.
     -  A file descriptor can monitor several GPIO pins.
     -  A GPIO pin can be monitored by multiple file descriptors.
 -  Integration with gpioctl and libgpio.

I added some fixes (mostly to locking) and feature enhancements on top of
the original gsoc code.  The feature ehancements allow the user to choose
between detailed and summary event reporting.  Detailed reporting provides
a record describing each pin change event.  Summary reporting provides the
time of the first and last change of each pin, and a count of how many times
it changed state since the last read(2) call.  Another enhancement allows
the recording of multiple state change events on multiple pins between each
call to read(2) (the original code would track only a single event at a time).

The phabricator review for these changes timed out without approval, but I
cite it below anyway, because the review contains a series of diffs that
show how I evolved the code from its original state in Christian's github
repo for the gsoc project to what is being commited here.  (In effect,
the phab review extends the VC history back to the original code.)

Submitted by:	Christian Kramer
Obtained from:	https://github.com/ckraemer/freebsd/tree/gsoc2018
Differential Revision:	https://reviews.freebsd.org/D27398
2020-12-12 18:34:15 +00:00
John-Mark Gurney
37d8e9a326 fix up documentation/comments: processname is not defined, but programname
is..

a couple other minor documentation fixes that igor caught...

MFC after:	1 week
2020-12-10 23:23:42 +00:00
Robert Wing
92f7309929 Add deprecation notice for bvmconsole and bvmdebug
Now that bhyve(8) supports UART, bvmconsole and bvmdebug are no longer needed.

Mark the '-b' and '-g' flag as deprecated for bhyve(8).

These will be removed in 13.

Reviewed by:    jhb, grehan
Approved by:    kevans (mentor)
MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D27519
2020-12-10 18:07:25 +00:00
Edward Tomasz Napierala
b7a4380dd4 Make "diskinfo -i" also test 1MB reads. 2020-12-10 10:23:18 +00:00
Stefan Eßer
7483b9e4dc Lift scope of buf[] to make it extend to a potential access via *basename
It can be assumed that the contents of the buffer was still allocated and
valid at the point of the out-of-scope access, so there was no security
issue in practice.

Reported by:	Coverity Scan CID 1437697
MFC after:	3 days
2020-12-10 09:31:05 +00:00
Bryan Drewery
2dfa4b66b3 fts_read: Handle error from a NULL return better.
This is addressing cases such as fts_read(3) encountering an [EIO]
from fchdir(2) when FTS_NOCHDIR is not set.  That would otherwise be
seen as a successful traversal in some of these cases while silently
discarding expected work.

As noted in r264201, fts_read() does not set errno to 0 on a successful
EOF so it needs to be set before calling it.  Otherwise we might see
a random error from one of the iterations.

gzip is ignoring most errors and could be improved separately.

Reviewed by:	vangyzen
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D27184
2020-12-08 23:38:26 +00:00
Alex Richardson
f7ff7baaf6 crunchgen: fix NULL-deref bug introduced in r364647
While porting over the local changes from CheriBSD for upstreaming, I
accidentally committed a broken version of find_entry_point(): we have to
return NULL if the value is not found instead of a value with
ep->name == NULL, since the checks in main were changed to check ep instead
of ep->name for NULL.

This only matters if the crunched tool cannot be found using normal lookup
and one of the fallback paths is used, so it's unlikely to be triggered
in rescue. However, I noticed that one of our CheriBSD test scripts was
failing to run commands under `su` on minimal disk images where all
binaries are hardlinks to a `cheribsdbox` tool generated with crunchgen.

This also updates the bootstrapping check in Makefile.inc1 to bootstrap
crunchgen up to the next version bump.

Reviewed By:	kevans
Differential Revision: https://reviews.freebsd.org/D27474
2020-12-04 15:53:37 +00:00
Ed Maste
55e6cbc4d0 crashinfo: Add references to the gdb port/package
We intend to remove the obsolete GDB 6.1.1 from FreeBSD before FreeBSD 13.

Reviewed by	jhb
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D27447
2020-12-02 19:58:50 +00:00
Mark Johnston
ecce515d54 rtsold: Fix bugs reported by Coverity
- Avoid leaking a socket if llflags_get() fails.
- Avoid leaking a file handle if rtsold_init_dumpfile() fails.
- Tighten the check in if_nametosdl() which determines whether we failed
  to find the specified interface.
- Fix errno handling in an error path in rtsock_open().

MFC after:	1 week
2020-12-02 16:46:45 +00:00
Mark Johnston
f2fb8af155 rtsold: Fix multiple buffer overflows
Approved by:	so
Security:	CVE-2020-25577
MFC after:	now
2020-12-01 19:34:44 +00:00
Mitchell Horne
2e085395e1 efibootmgr: fix an incorrect error handling check
efivar_device_path_to_unix_path() returns standard error codes on
failure and zero on success. Checking for a return value less than zero
means that the actual failure cases won't be handled. This could
manifest as a segfault during the subsequent call to printf().

Reviewed by:	imp
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D27424
2020-11-30 22:16:11 +00:00
John Baldwin
1b9c78611d Suspend I/O on ahci-cd devices during a snapshot.
Submitted by:	Vitaliy Gusev <gusev.vitaliy@gmail.com>
2020-11-28 04:21:22 +00:00
John Baldwin
bb481f6718 bhyve: Add snapshot support for virtio-rnd.
This uses the same snapshot routine as other VirtIO devices.

Submitted by:	Vitaliy Gusev <gusev.vitaliy@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D26265
2020-11-28 04:06:09 +00:00
John Baldwin
57b0a3aaca bhyve: 'xhci,tablet' snapshot fixes
Permit suspend/resume of a XHCI device model that has not been
attached to by a driver in a guest OS.

Submitted by:	Vitaliy Gusev <gusev.vitaliy@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D26264
2020-11-28 03:54:48 +00:00
Hajimu UMEMOTO
1def0a6257 fix casper initialization for setting scripts.
MFC after:	1 week
2020-11-27 18:40:51 +00:00
Rebecca Cran
866db2fef0 Fix bhyve SMBIOS type 19 handling to avoid misreporting total RAM amount
This fixes the amount of memory displayed in the EDK2 UiApp to be the same
as passed on the bhyve command line. Otherwise, 8GB is displayed as 4GB,
32GB as 28GB etc.

Reviewed by:	jhb, kib, rgrimes
Differential Revision:	https://reviews.freebsd.org/D27348
2020-11-27 08:00:32 +00:00
Rebecca Cran
5285d5e8e1 bhyve: fix smbiostbl.c style issues and add comment about date format
Fix a couple of style issues introduced in my previous commit.
Add a comment explaining that the SMBIOS specification defines the date
format to be mm/dd/yyyy, which is why we don't use ISO 8601.
2020-11-27 07:53:15 +00:00
Alan Somers
01f3f35447 ping: fix some man pages and tests after r368045
MFC-with:	r368045
2020-11-26 04:55:02 +00:00
John Baldwin
1925586e03 Honor the disabled setting for MSI-X interrupts for passthrough devices.
Add a new ioctl to disable all MSI-X interrupts for a PCI passthrough
device and invoke it if a write to the MSI-X capability registers
disables MSI-X.  This avoids leaving MSI-X interrupts enabled on the
host if a guest device driver has disabled them (e.g. as part of
detaching a guest device driver).

This was found by Chelsio QA when testing that a Linux guest could
switch from MSI-X to MSI interrupts when using the cxgb4vf driver.

While here, explicitly fail requests to enable MSI on a passthrough
device if MSI-X is enabled and vice versa.

Reported by:	Sony Arpita Das @ Chelsio
Reviewed by:	grehan, markj
MFC after:	2 weeks
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D27212
2020-11-24 23:18:52 +00:00
Edward Tomasz Napierala
64cecc7a75 Replace paths in ctladm(8) examples with something sensible.
PR:		251181
Reviewed by:	0mp, rm, ygy
MFC after:	2 weeks
Sponsored by:	EPSRC
Differential Revision:	https://reviews.freebsd.org/D27249
2020-11-23 14:30:27 +00:00
Vincenzo Maffione
9fd3f663da netmap: valectl: switch to libnetmap
Use the newer libnetmap (included in base) rather than the older
nm_open()/nm_close() defined in netmap_user.h

MFC after:      3 days
2020-11-22 10:02:56 +00:00
Rick Macklem
9acc400b6e Update man page for new TLS export options.
NFS over TLS uses three new export options, added by r364979.
This patch updates the exports.5 man page for these new options.
Once assigned by IETF, "NNNN" will be replaced with the RFC number.

This is a content change.

Reviewed by:	gbe
Differential Revision:	https://review.freebsd.org/D26241
2020-11-20 22:14:51 +00:00
Gordon Bergling
d84134ba1c hostapd.conf(5): Add missing 'l'
In r367901 I accidentally deleted the 'l' while fixing a few
mandoc erros.

Spotted by: Yuri Pankov
2020-11-20 17:13:13 +00:00
Gordon Bergling
35a521b6bc moused(8): Fix a few mandoc warnings
- new sentence, new line
2020-11-20 17:04:49 +00:00
Gordon Bergling
26762c66e4 crashinfo(8): Fix a few mandoc warnings
- new sentence, new line
2020-11-20 16:59:51 +00:00
Gordon Bergling
7424766d75 hostapd.conf(5): Fix a mandoc warning
- new sentence, new line
2020-11-20 16:57:06 +00:00
Gordon Bergling
cbf541311c syslog.conf(5): Fix a few mandoc warnings
- new sentence, new line
- skipping paragraph macro: Pp at the end of Sh
2020-11-20 16:50:52 +00:00
Gordon Bergling
dbac569b41 snmp_wlan(3): Fix mandoc warnings
- new sentence, new line
2020-11-20 16:46:51 +00:00
Peter Grehan
887d46ef5b Advance RIP after userspace instruction decode
Add update to RIP after a userspace instruction decode (as is done for
the in-kernel counterpart of this case).

Submitted by:	adam_fenn.io
Reviewed by:	cem, markj
Approved by:	grehan (bhyve)
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D27243
2020-11-19 07:23:39 +00:00
Mariusz Zaborski
05e1e482c7 jail: introduce per jail suser_enabled setting
The suser_enable sysctl allows to remove a privileged rights from uid 0.
This change introduce per jail setting which allow to make root a
normal user.

Reviewed by:	jamie
Previous version reviewed by:	kevans, emaste, markj, me_igalic.co
Discussed with:	pjd
Differential Revision:	https://reviews.freebsd.org/D27128
2020-11-18 21:07:08 +00:00
Stefan Eßer
56d11d4a37 Make use of the getlocalbase() function for run-time adjustment of the
local software base directory, as committed in SVN rev. 367813.

The pkg and mailwrapper programs used the LOCALBASE environment variable
for this purpose and this functionality is preserved by getlocalbase().

After this change, the value of the user.localbase sysctl variable is used
if present (and not overridden in the environment).

The nvmecontrol program gains support of a dynamic path to its plugin
directory with this update.

Differential Revision:	https://reviews.freebsd.org/D27237
2020-11-18 20:00:55 +00:00
Warner Losh
30a56f9ef7 mergemaster: handle symbolic links during update.
/etc/os-release is now a symbolic link to a generated file. Make
mergemaster cope with symbolic links generically. I'm no longer
a big mergemaster user, so this has only been lightly tested
by me, though Kimura-san has ran it through its paces.

Submitted by: Yasushiro KIMURA-san
PR: 242212
MFC After: 2 weeks
2020-11-18 19:22:24 +00:00
Peter Grehan
2f40fc6ff3 Add legacy debug/test interfaces for kvm unit tests.
Implement the legacy debug/test interfaces expected by KVM-unit-tests'
realmode, emulator, and ioapic tests.

Submitted by:	adam_fenn.io
Reviewed by:	markj, grehan
Approved by:	grehan (bhyve)
MFC after:	3 weeks
Relnotes:	Yes
Differential Revision:	https://reviews.freebsd.org/D27130
2020-11-17 13:14:04 +00:00
Brooks Davis
73734d6eb1 Add missing includes of src.opts.mk
Without this "SUBDIR.${MK_TESTS}=tests" would always expand to
"SUBDIR.=tests" resulting in the tests not being built.

Sponsored by:	DARPA
2020-11-16 17:20:35 +00:00
Scott Long
8e1031086d Revert the whole getlocalbase() set of changes while a different design is
hashed out.
2020-11-15 20:24:59 +00:00
Peter Grehan
cd5b6d16ca Fix regression in AHCI controller settings.
When the AHCI code was reworked to use FreeBSD struct
definitions, the valid element was mis-transcribed resulting
in the UMDA capability being hidden. This prevented Illumos
from using AHCI disk/cdrom drives.

Fix by using definitions that match the code pre-rework.

PR:	250924
Submitted by:	Rolf Stalder
Reported by:	Rolf Stalder
MFC after:	3 days
2020-11-15 12:59:24 +00:00
Scott Long
1b249101df Fix the previous revision, it suffered from an incomplete change to the
getlocalbase API.  Also don't erroneously subtract the lenth from the
buffer a second time.
2020-11-15 07:50:29 +00:00
Scott Long
7ca0d5403e Replace hardcoded references to _PATH_LOCALBASE with calls to getlocalbase.3
Reviewed by:	imp, se
2020-11-14 18:01:14 +00:00
Mateusz Piotrowski
32f4592764 Document the PAGER environment variable
Sometimes users want to use freebsd-update(8) in a non-interactive way and
what they often miss is that they have to set PAGER to cat(1) in order to
avoid interactive prompts from less(1).

MFC after:	4 weeks
2020-11-14 13:07:41 +00:00
Rebecca Cran
a2fe464c81 bhyve: update smbiostbl.c to bump the version and release date
Since lots of work has been done on bhyve since 2014, increase the version
to 13.0 to match 13-CURRENT, and update the release date.

Reviewed by:	grehan
Differential Revision:	https://reviews.freebsd.org/D27147
2020-11-13 19:47:16 +00:00
Brandon Bergren
26869ad14c [PowerPC] Allow traversal of oversize OF properties.
In standards such as LoPAPR, property names in excess of the usual 31
characters exist.

This breaks property traversal.

While in IEEE 1275-1994, nextprop is defined explicitly to work with a
32-byte region of memory, using a larger buffer should be fine. There is
actually no way to pass a buffer length to the nextprop call in the OF
client interface, so SLOF actually just blindly overflows the buffer.

So we have to defensively make the buffer larger, to avoid memory
corruption when reading out long properties on live OF systems.

Note also that on real-mode OF, things are pretty tight because we are
allocating against a static bounce buffer in low memory, so we can't just
use a huge buffer to work around this without it being wasteful of our
limited amount of 32-bit physical memory.

This allows a patched ofwdump to operate properly on SLOF (i.e. pseries)
systems, as well as any other PowerPC systems with overlength properties.

Reviewed by:	jhibbits
MFC after:	2 weeks
Sponsored by:	Tag1 Consulting, Inc.
Differential Revision:	https://reviews.freebsd.org/D26669
2020-11-13 16:49:41 +00:00
Konstantin Belousov
038f5c7bfe bhyve: remove a hack to map all 8G BARs 1:1
Suggested and reviewed by:	grehan
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D27186
2020-11-12 02:52:01 +00:00
Konstantin Belousov
670b364b76 bhyve: increase allowed size for 64bit BAR allocation below 4G from 32 to 128 MB.
Reviewed by:	grehan
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D27095
2020-11-12 00:51:53 +00:00
Konstantin Belousov
9922872ba2 bhyve: avoid allocating BARs above the end of supported physical addresses.
Read CPUID leaf 0x8000008 to determine max supported phys address and
create BAR region right below it, reserving 1/4 of the supported guest
physical address space to the 64bit BARs mappings.

PR:    250802 (although the issue from PR is not fixed by the change)
Noted and reviewed by:	grehan
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D27095
2020-11-12 00:46:53 +00:00
Olivier Cochard
c4fd0cc9ee Return the same value for smbios.chassis.maker as smbios.system.maker (and prevents returning a space character).
Reviewed by:	grehan
Approved by:	grehan
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D27123
2020-11-08 07:49:39 +00:00
Cy Schubert
ce558a3f33 Fix build post-r367455.
MFC after:	2 weeks
X-MFC with:	r367455
2020-11-07 19:17:37 +00:00
Bryan Drewery
9470af395f syslogd: Stop trying to send remote messages through special sockets
Specifically this was causing the /dev/klog fd and the signal pipe
handling fd to get a sendmsg(2) called on them and always returned
[ENOTSOCK].

r310350 combined these sockets into the main socket list and properly
skipped AF_UNSPEC at the sendmsg(2) call but later in r344739 it was
broken such that these special sockets were no longer excluded since
the AF_UNSPEC check specifically excluded these special sockets. Only
these special sockets have sl_sa = NULL. The sl_family checks should
be redundant now but are left in case of future changes so the intent
is clearer.

MFC after:	2 weeks
2020-11-07 17:18:44 +00:00
Robert Wing
3701068b5d Add a periodic script to backup output generated from gmirror list.
Disabled by default.

PR:             86388
Submitted by:   Miroslav Lachman <000.fbsd@quip.cz>
Reviewed by:    allanjude, gbe
Approved by:    allanjude (mentor)
MFC after:      4 weeks
Event:          July 2020 Bugathon
Differential Revision:  https://reviews.freebsd.org/D25631
2020-11-07 04:15:24 +00:00
Kyle Evans
2c5e865059 binmiscctl(8): miscellaneous cleanup
- Bad whitespace in Makefile.
- Reordered headers, sys/ first.
- Annotated fatal/usage __dead2 to help `make analyze` out a little bit.
- Spell a couple of sizeof constructs as "nitems" and "howmany" instead.

MFC after:	1 week
2020-11-07 03:43:45 +00:00
Robert Wing
eefe831eaf Add a periodic script to backup output generated from zfs list, zfs get,
`zpool list`, and `zpool get` commands.

Disabled by default.

PR:             86388
Submitted by:   Miroslav Lachman <000.fbsd@quip.cz>
Reviewed by:    allanjude, 0mp
Approved by:    allanjude (mentor)
MFC after:      4 weeks
Event:          July 2020 Bugathon
Differential Revision:  https://reviews.freebsd.org/D25638
2020-11-06 22:58:31 +00:00
John-Mark Gurney
e771d59074 fix up docs, if signature checking is enabled, the file MUST exist... 2020-11-06 22:11:05 +00:00
Allan Jude
cc3568c1d0 VirtIO: Make sure the guest knows the TRIM alignment requirements
If bhyve is used to emulate 512e access in guest OS, then discard addresses should be properly aligned.
Otherwise ioctl DIOCGDELETE fails for 512b requires on devices with 4K sector size.
see g_dev_ioctl() in sys/geom/geom_dev.c

Submitted by:	Vitaliy Gusev <gusev.vitaliy@gmail.com>
MFC after:	1 week
Sponsored by:	vStack.com
Differential Revision:	https://reviews.freebsd.org/D27075
2020-11-05 17:10:14 +00:00
Mateusz Piotrowski
d3231fbdd2 pmcstat: Fix a typo in the usage message
Reviewed by:	emaste
Approved by:	emaste
Differential Revision:	https://reviews.freebsd.org/D26082
2020-11-04 15:44:59 +00:00
Alex Richardson
d24f17df96 Fix bad libbxo format strings in jls
The existing format string for the empty case was trying to read varargs
values that weren't passed to xo_emit. This appears to work on x86 (since
the next argument is probably a pointer an empty string), but for CHERI
we can bound variadic arguments and detect a read past the end.

While touching these lines also use the libxo 'a' modifier to avoid having to
construct the libxo format string using asprintf.

Found by:	CHERI
Reviewed By:	allanjude
Differential Revision: https://reviews.freebsd.org/D26885
2020-11-04 14:31:52 +00:00
Adrian Chadd
e72a100b79 [ctld] Fix compilation under gcc-6.4
* remove dup yylex symbol; already defined in a header file
* uint64_t is always >= 0

Reviewed by:	cem, imp
Differential Revision:	https://reviews.freebsd.org/D27046
2020-11-01 21:18:21 +00:00
Olivier Cochard
ac8f506b85 bhyve currently reports each of "smbios.system.maker" and
"smbios.system.family" as " ".
This presents challenges for both humans and tools when trying to parse output
that uses those results.
The new values reported are now:
smbios.system.family="Virtual Machine"
smbios.system.maker="FreeBSD"

PR:		250728
Approved by:	grehan@FreeBSD.org
Sponsored by:	Netflix
2020-10-30 00:03:59 +00:00
Edward Tomasz Napierala
bce7ee9d41 Drop "All rights reserved" from all my stuff. This includes
Foundation copyrights, approved by emaste@.  It does not include
files which carry other people's copyrights; if you're one
of those people, feel free to make similar change.

Reviewed by:	emaste, imp, gbe (manpages)
Differential Revision:	https://reviews.freebsd.org/D26980
2020-10-28 13:46:11 +00:00
Cy Schubert
c0caa2e24e MFV r367082:
Update unbound 1.11.0 --> 1.12.0.

MFC after:	1 month.
2020-10-27 23:03:15 +00:00
Stefan Eßer
1f474190fc Replace literal uses of /usr/local in C sources with _PATH_LOCALBASE
Literal references to /usr/local exist in a large number of files in
the FreeBSD base system. Many are in contributed software, in configuration
files, or in the documentation, but 19 uses have been identified in C
source files or headers outside the contrib and sys/contrib directories.

This commit makes it possible to set _PATH_LOCALBASE in paths.h to use
a different prefix for locally installed software.

In order to avoid changes to openssh source files, LOCALBASE is passed to
the build via Makefiles under src/secure. While _PATH_LOCALBASE could have
been used here, there is precedent in the construction of the path used to
a xauth program which depends on the LOCALBASE value passed on the compiler
command line to select a non-default directory.

This could be changed in a later commit to make the openssh build
consistently use _PATH_LOCALBASE. It is considered out-of-scope for this
commit.

Reviewed by:	imp
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D26942
2020-10-27 11:29:11 +00:00
Ed Maste
f98cf03166 mergemaster: Clarify installed and updated versions
Describe "diff installed new" as "Displaying differences between
installed and new."  Previously mergemaster described them in the
opposite order.

PR:		249214
Reported by:	Yuri Victorovich
MFC after:	2 weeks
2020-10-25 18:06:45 +00:00
Rick Macklem
f93c028ac9 Update man page for -R option added by r376026.
This is a content change.

Reviewed by:	bcr
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D26746
2020-10-24 22:52:29 +00:00
Rick Macklem
bde6f938bf Add "-R" option to tell mountd to not register with rpcbind.
rpcbind is now considered a security risk for some sites.
Since an NFSv4 only NFS server does not need rpcbind,
it makes sense to have an option that implements this.

This patch adds a "-R" option that disables the Mount
protocol (not used by NFSv4) and does not register
with rpcbind.

Changes are required to /etc/rc.d/mountd and /etc/rc.d/nfsd.
Those will be in a separate commit.

Reviewed by:	freqlabs, asomers
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D26746
2020-10-24 22:48:28 +00:00
Richard Scheffenegger
ea8f1280a2 Add network QoS support for PCP to iscsi target.
Mak the Ethernet PCP codepoint configurable
for L2 local traffic, to allow lower latency for
iSCSI block IO. This addresses the target
side only.

Reviewed by:	mav, trasz, bcr
Sponsored by:	NetApp, Inc.
Differential Revision:	https://reviews.freebsd.org/D26740
2020-10-24 21:10:53 +00:00
Richard Scheffenegger
4dfbcffbb9 Add network QoS support for PCP to iscsi initiator.
Make the Ethernet PCP codepoint configurable
for L2 local traffic, to allow lower latency for
iSCSI block IO. This addresses the initiator
side only.

Reviewed by:	mav, trasz, bcr
Sponsored by:	NetApp, Inc.
Differential Revision:	https://reviews.freebsd.org/D26739
2020-10-24 21:07:13 +00:00
Mark Johnston
a792802f2b rtsold: Remove an incorrect __unused annotation
MFC after:	1 week
2020-10-23 14:56:17 +00:00
Alexander Motin
7dbbd1aeae Negotiate iSCSIProtocolLevel of 2 (RFC 7144) in initiator.
It does not change anything immediately, but allows further support of
Command Priority, Status Qualifier and new task management functions.

MFC after:	1 month
Sponsored by:	iXsystems, Inc.
2020-10-22 20:26:27 +00:00
Gordon Bergling
ad5e10ec0c stablerestart(5): Fix some issues reported by mandoc
- New sentence, new line
2020-10-22 19:25:01 +00:00
Gordon Bergling
1f57220934 pnfsserver(4): Fix some issues reported by mandoc
- new sentence, new line
2020-10-22 19:19:42 +00:00
Ryan Moeller
b8adbe1c15 efibootmgr: Use returned error code for error message, not errno
efivar_unix_path_to_device_path returns the error code, it does not set errno.

Reviewed by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D26852
2020-10-19 10:38:40 +00:00
Baptiste Daroussin
ae659caa0a Use asprintf instead of sbuf 2020-10-19 07:26:42 +00:00
Ryan Moeller
60dc6bee1f bhyve: Update TX descriptor base address and host mapping on change
bhyve sometimes segfaults when using an e1000 NIC with a Windows guest.

We are only updating our tdba and cached host mapping when the low address
register is written and when tx is set enabled, but not when the high address
or length registers are written. It is observed that Windows 10 is occasionally
enabling tx first then writing the registers in the order low, high, len. This
leaves us with a bogus base address and mapping, which causes a segfault later
when we try to copy from a descriptor that has unpredictable garbage in a
pointer.

Updating the address and mapping when any of those registers change seems to fix
that particular issue.

Reviewed by:	mav, grehan (bhyve)
MFC after:	1 week
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D26798
2020-10-16 20:27:20 +00:00
Jessica Clarke
a98fa52ec6 kldxref: Avoid buffer overflows in parse_pnp_list
We convert a string like "W32:vendor/device" into "I:vendor;I:device",
where the output is longer than the input, but only allocate space equal
to the length of the input, leading to a buffer overflow.

Instead use open_memstream so we get a safe dynamically-grown buffer.

Found by:	CHERI
Reviewed by:	imp, jhb (mentor)
Approved by:	imp, jhb (mentor)
Obtained from:	CheriBSD
Differential Revision:	https://reviews.freebsd.org/D26637
2020-10-15 18:03:14 +00:00
Adrian Chadd
5c3bf25fee [traceroute6] Don't do the casper bits when we're not doing casper
This with the previous patch I committed makes traceroute6/traceroute
compile fine when libcasper isn't enabled.

This complains strongly with unused variables and such when compiled
with gcc-6 on mips32.

Tested:

* compiled/run on mips32 hardware (AR9344)

Reviewed by:	emaste
Differential Revision: https://reviews.freebsd.org/D26773
2020-10-14 00:01:17 +00:00
Robert Wing
915dcdb7ac ctl.conf(5): fix LUN size in UCL format example.
Remove quotes around size in the LUN section and change the suffix to 'GB'. The
UCL format does recognize 'G' on its own, which uses a base 10 multiplier where
'GB' uses a 2 power multiplier.

Document the difference between valid suffixes when using ctl.conf(5) in the
general syntax form or in UCL format.

Reviewed by:    kevans, mav
Approved by:    kevans (mentor)
Differential Revision: https://reviews.freebsd.org/D26716
2020-10-13 18:00:23 +00:00
Gordon Bergling
7f78912159 pnfsdsfile(8): Remove dublicate word 'the'
MFC after:	1 week
2020-10-10 14:38:01 +00:00
Gordon Bergling
2911dc6cea cxgbetool(8): Remove dublicate word 'whether'
MFC after:	1 week
2020-10-10 14:36:16 +00:00
Rick Macklem
2ffad162f3 Modify mountd.c so that it does not always malloc 4K for the map credentials.
r362163 upgraded mountd so that it could handle MAX_NGROUPS
groups for the anonymous user credentials (the ones provided by
-maproot and -mapall exports options).
The problem is that this resulted in every export structure growing by
about 4Kbytes, because the cr_groups field went from 16->MAX_NGROUPS.

This patch fixes this by only including a small 32 element cr_groups in the
structure and then malloc()'ng cr_groups when a larger one is needed.
The value of SMALLNGROUPS is arbitrarily set to 32, assuming most users
used by -maproot or -mapall will be in <= 32 groups.

Reviewed by:	kib, freqlabs
Differential Revision:	https://reviews.freebsd.org/D26521
2020-10-10 00:01:40 +00:00
Gordon Bergling
3d265fce43 Fix a few mandoc issues
- skipping paragraph macro: Pp after Sh
- sections out of conventional order: Sh EXAMPLES
- whitespace at end of input line
- normalizing date format
2020-10-09 19:12:44 +00:00
Mark Johnston
b0eefff78b syslogd: Avoid trimming host names in RFC 5424 mode
RFC 5424 says that implementations should log hostnames in FQDN
format.  Only trim host names in RFC 3164 mode.

PR:		250014
Submitted by:	Dmitry Wagin <dmitry.wagin@ya.ru>
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D26644
2020-10-09 15:19:29 +00:00
Richard Scheffenegger
bfabdade5c Add DSCP support for network QoS to iscsi initiator.
Allow the DSCP codepoint also to be configurable
for the traffic in the direction from the initiator
to the target, such that writes and any requests
are also treated in the appropriate QoS class.

Reviewed by:	mav
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Differential Revision:	https://reviews.freebsd.org/D26714
2020-10-09 14:33:09 +00:00
Gordon Bergling
6d6d6c3603 Fix a few mandoc issues
- no blank before trailing delimiter
- whitespace at end of input line
- sections out of conventional order
- normalizing date format
- AUTHORS section without An macro
2020-10-09 14:03:45 +00:00
Warner Losh
c6d56081c9 Initial support for implementing the bootXXX.efi workaround
Too many version of UEFI firmware (so far only confirmed on amd64)
don't really support efibootmgr selection of boot. That's the most
reliable, when it works, since there's no guesswork. However, many do
not save, unmolested, the variables that efibootmgr sets, so as a
fallback we also install loader.efi as bootXXX.efi (where XXX is
either aa64 or x64) if it doesn't already exist in /efi/boot on the
ESP. The standard only defines this for removable devices, but it's
almost ubiquitously used as a fallback. Many BIOSes implement a drive
selection feature that takes over the efibootmgr protocol, rendinering
it useless (either generally, or for those vendors not on the short
list). bootxxx.efi works around this. However, we don't install it
unconditionally there, as that breaks some popular multi-boot setups.

MFC After: 1 week
Differential Revision: https://reviews.freebsd.org/D26428
2020-10-09 00:16:26 +00:00
Conrad Meyer
cc71ff7234 bhyveload(8): Implement loader_callbacks::diskwrite
The method was optional prior to r365938, which made it mandatory but did add
any test that an implementation provides the method nor implement it for
bhyveload.  The code path might not be hit unless the user's loader was
configured to write to a file on disk, such as with nextboot(8).

Reviewed by:	grehan, tsoome
Approved by:	bhyve
X-MFC-With:	r365938
Differential Revision:	https://reviews.freebsd.org/D26710
2020-10-07 20:31:13 +00:00
Kyle Evans
9c7bd4f198 crunchgen: fix MK_AUTO_OBJ logic after r364166
r364166 converted echo -n `/bin/pwd` to a raw pwd invocation, leaving a
trailing newline at the end of path.  This caused a later stat() of it to
erroneously fail and the fallback to MK_AUTO_OBJ=no logic proceeded as
unexpected.

Harry Schmalzbauer bissected the resulting build failure he experienced
(stable/12 host, -HEAD build) down to r365887. This change is mostly
unrelated, except it switches the build to bootstrapped crunchgen - clue!

I then bissected recent crunchgen changes going back a bit since we wouldn't
observe the failure immediately with -CURRENT in most configurations, which
landed me on r364166. After many intense head-scratching minutes and printf
debugging, I realized that the newline was the difference. This is where our
tale ends.

Reported by:	Harry Schmalzbauer, O. Hartmann, Mike Tancsa, kevans
MFC after:	3 days
2020-10-05 20:57:44 +00:00
Kyle Evans
8073c947c7 ngctl: add -c (compact output) for the dot command
The output of "ngctl dot" is suitable for small netgraph networks. Even
moderate complex netgraph setups (about a dozen nodes) are hard to
understand from the .dot output, because each node and each hook are shown
as a full blown structure.

This patch allows to generate much more compact output and graphs by
omitting the extra structures for the individual hooks. Instead the names of
the hooks are labels to the edges.

Submitted by:	Lutz Donnerhacke <lutz_donnerhacke.de>
Reviewed by:	markj
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D21965
2020-10-04 17:07:13 +00:00
Jakub Wojciech Klama
100353cfbf Add virtio-9p (aka VirtFS) filesystem sharing to bhyve.
VirtFS allows sharing an arbitrary directory tree between bhyve virtual
machine and the host. Current implementation has a fairly complete support
for 9P2000.L protocol, except for the extended attribute support. It has
been verified to work with the qemu-kvm hypervisor.

Reviewed by:	rgrimes, emaste, jhb, trasz
Approved by:	trasz (mentor)
MFC after:	1 month
Relnotes:	yes
Sponsored by:	Conclusive Engineering (development), vStack.com (funding)
Differential Revision:	https://reviews.freebsd.org/D10335
2020-10-03 19:05:13 +00:00
Edward Tomasz Napierala
ba2548b7bf Don't ignore the return value from gethostname(3). It probably
cannot happen, but it silences Coverity.

Reviewed by:	mav
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D26606
2020-10-01 18:56:44 +00:00
John Baldwin
6f64e4f361 bhyve: Fix build with option BHYVE_SNAPSHOT
'ident' was replaced with 'ata_ident' in revision r363596.

Submitted by:	Vitaliy Gusev <gusev.vitaliy_gmail.com>
Reviewed by:	Darius Mihai
Differential Revision:	 https://reviews.freebsd.org/D26263
2020-10-01 17:16:05 +00:00
Alexander Leidinger
32fd57a8e1 Remove nfsstat. Running nfsstat in crashinfo will give the stats of the
running kernel instead of the stats of the crashed kernel. The current
version uses sysctls to query the stats and does not work at all (anymore)
on crash dumps.
2020-10-01 08:57:36 +00:00
Kyle Evans
7cc42f6d25 Do a sweep and remove most WARNS=6 settings
Repeating the default WARNS here makes it slightly more difficult to
experiment with default WARNS changes, e.g. if we did something absolutely
bananas and introduced a WARNS=7 and wanted to try lifting the default to
that.

Drop most of them; there is one in the blake2 kernel module, but I suspect
it should be dropped -- the default WARNS in the rest of the build doesn't
currently apply to kernel modules, and I haven't put too much thought into
whether it makes sense to make it so.
2020-10-01 01:10:51 +00:00
Konstantin Belousov
96128185f6 pciconf: print PCIe CTL max read request.
To not complicate existing parsers, the value is printed on a new
output line.

Sponsored by:	Mellanox Technologies/NVIDIA Networking
MFC after:	1 week
2020-09-30 21:12:14 +00:00
Richard Scheffenegger
64ffe6d440 Add DSCP support for network QoS to iscsi target.
In order to prioritize iSCSI traffic across a network,
DSCP can be used. In order not to rely on "ipfw setdscp"
or in-network reclassification, this adds the dscp value
directly to the portal group (where TCP sessions are accepted).

The incoming iSCSI session is first handled by ctld for any
CHAP authentication and the socket is then handed off to the
in-kernel iscsi driver without modification of the socket
parameters. Simply setting up the socket in ctld is sufficient
to keep sending outgoing iSCSI related traffic with the
configured DSCP value.

Reviewed by:	mav, trasz
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Differential Revision:	https://reviews.freebsd.org/D26385
2020-09-27 21:43:19 +00:00
Niclas Zeising
ce5ab9661f bsdconfig, bsdinstall: Prune dead mirrors
Prune dead mirrors from the list of mirrors in bsdconfig and bsdinstall.
All these return NXDOMAIN when trying to resolve them.

Reviewed by:	emaste
Approved by:	emaste
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D26535
2020-09-26 16:27:09 +00:00
Warner Losh
f9f298a2f4 Comment out bogus command line entry
Linux implements -d to mean --print-decimal. We don't implement that
and use -d for --device-path. Note that.
2020-09-25 18:20:45 +00:00
Warner Losh
66c613905f Tweak output of the loader variable
When the DEVICE_PATH is <= 4 that means it's effectively empty. I have
a laptop that has a BIOS that likes to generate these:

8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot2001
0000: 01 00 00 00 04 00 45 00 46 00 49 00 20 00 55 00
0010: 53 00 42 00 20 00 44 00 65 00 76 00 69 00 63 00
0020: 65 00 00 00 7f ff 04 00 52 43

which now decodes as
8be4df61-93ca-11d2-aa0d-00e098032b8c-Boot2001
* EFI USB Device
Empty path
Option:
0000: 52 43

which matches my hand-decode.

Add an extra newline after Option: to make it look nice.

I suspect that these entries really should be VenHw entries instead,
but my ability to change that is NIL, so cope with them as best we can.

efibootmgr(8)'s output is fine and doesn't need adjusting.
2020-09-25 18:20:41 +00:00
Andriy Gapon
a4f28d4296 pwm(8): fix potential duty overflow, use unsigneds for period and duty
For a long period value and the duty specified as a percentage,
there could be an overflow.
Using unsigned integers aligns the code with struct pwm_state and allows
to safely use periods up to 4 seconds where supported by drivers.

MFC after:	2 weeks
2020-09-25 07:55:08 +00:00
Andriy Gapon
31b0753da3 pwm(8): do not exit with failure after successfully reading configuration
MFC after:	1 week
2020-09-25 07:54:38 +00:00
Maxim Sobolev
dffc6929bf Fix a typo in the 366098.
Reported by:	0mp
MFC after:	2 weeks
		(along with 366098)
2020-09-24 19:12:03 +00:00
Maxim Sobolev
4cd407ec93 dd a new option (-H) to daemon(8) to catch SIGHUP and re-open output_file file when
received.

The default system log rotation mechanism (newsyslog(8)) requires ability to send
signal to a daemon in order to properly complete rotation of the logs in an "atomic"
manner without having to making a copy and truncating original file. Unfortunately
our built-in mechanism to convert "dumb" programs into daemons has no way to handle
this rotation properly. This change adds this ability, to be enabled by supplying -H
option in addition to the -o option.

Reviewed by:	markj, rpokala (manpages)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D26526
2020-09-24 02:44:58 +00:00
Brandon Bergren
ab2032371e [PowerPC] Fix multiple ntp configuration issues
* powerpc time_t is 64 bit, not 32 bit.

* Add definition for powerpc64le.

With this, powerpc64le ntpd and ntpdate operate correctly instead of
corrupting the clock and exiting.

Tested on powerpc64, powerpc64le, and powerpc.

No feedback from cy@.

I am a bit confused as to how SIZEOF_TIME_T being wrong ever worked on
powerpc, it being big endian and all.

Sponsored by:	Tag1 Consulting, Inc.
Differential Revision:	https://reviews.freebsd.org/D26379
2020-09-23 02:37:27 +00:00
Adrian Chadd
0dcdda0984 [rcorder] [crunch] Fix C function declarations to include void
This fixes a compile issue under gcc6 which complains about
legacy style C function declarations.

Differential Revision:	https://reviews.freebsd.org/D26504
2020-09-21 17:59:45 +00:00
Colin Percival
9a63bbc93e Move finalize_components_config from get_params to cmd_*.
This allows us to redirect its output in cmd_cron, so that the
"src component not installed, skipped" message will be treated
the same way as other output from freebsd-update cron: Sent
in an email to root (or other address specified) if there are
updates to install, and silenced otherwise.

PR:		202492
MFC After:	1 week
Differential Revision:	https://reviews.freebsd.org/D26432
2020-09-19 02:15:56 +00:00
Kyle Evans
fe815331bb build: provide a default WARNS for all in-tree builds
The current default is provided in various Makefile.inc in some top-level
directories and covers a good portion of the tree, but doesn't cover parts
of the build a little deeper (e.g. libcasper).

Provide a default in src.sys.mk and set WARNS to it in bsd.sys.mk if that
variable is defined. This lets us relatively cleanly provide a default WARNS
no matter where you're building in the src tree without breaking things
outside of the tree.

Crunchgen has been updated as a bootstrap tool to work on this change
because it needs r365605 at a minimum to succeed. The cleanup necessary to
successfully walk over this change on WITHOUT_CLEAN builds has been added.

There is a supplemental project to this to list all of the warnings that are
encountered when the environment has WARNS=6 NO_WERROR=yes:
https://warns.kevans.dev -- this project will hopefully eventually go away
in favor of CI doing a much better job than it.

Reviewed by:	emaste, brooks, ngie (all earlier version)
Reviewed by:	emaste, arichardson (depend-cleanup.sh change)
Differential Revision:	https://reviews.freebsd.org/D26455
2020-09-18 17:17:46 +00:00
Peter Grehan
285e35e6f1 Fix byte-reversal of language ID in string descriptor.
The language id of String Descriptors in usb mouse is
0x0904, while the spec require 0x0409 (English - United States)

Submitted by:	Wanpeng Qian
Reviewed by:	grehan
Approved by:	grehan (#bhyve)
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D26472
2020-09-18 05:54:59 +00:00
Kyle Evans
9ed054096d Revert r361257: bsdinstall: do a certctl rehash upon installation [...]
As of r365829, any given base distribution set will now include the /etc/ssl
symlinks that this rehash would've otherwise installed. This extra step is
no longer required.

MFC after:	1 week
X-MFC-With:	r365837
2020-09-17 20:35:45 +00:00
Ed Maste
53d8e037b1 makefs: connect cd9660 El Torito EFI boot image system type
Sponsored by:	The FreeBSD Foundation
2020-09-17 19:41:10 +00:00
John Baldwin
edd1bf93b3 Remove no longer used variable.
Pointy hat to:	jhb
Reported by:	kevans
MFC after:	1 week
2020-09-17 18:06:57 +00:00
John Baldwin
ff2cf94674 Remove support for setting some obscure fields.
Don't permit setting the exception bitmap or VMCS entry interrupt
information.  These are not generally useful to set.  If it is needed
in the future, dedicated pseudo registers can be added for these that
would be used with vm_set_register().

Discussed with:	grehan
MFC after:	1 week
2020-09-17 17:07:04 +00:00
Kyle Evans
9e9d3e134b certctl: fix unprivileged mode
The first issue was lack of quoting around INSTALLFLAGS, which set it
incorrectly and produced an error on -M.

The second issue was that we weren't actually doing the install in
unprivileged mode, making it effectively useless. This was designed to pass
through the proper metalog/unpriv flags to install(1), so just let it
happen.

MFC after:	3 days
2020-09-15 17:13:29 +00:00
Michael Tuexen
c70906519a Add a -t option to traceroute6 to control the traffic class used when
sending probe packets.

Reviewed by:		rscheff
MFC after:		1 week
Sponsored by:		Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D26410
2020-09-13 09:00:00 +00:00
Michael Tuexen
3303e9bc22 Fix the length of probe packets when using UDP.
Since https://svnweb.freebsd.org/changeset/base/365378 a raw socket is
used for sending UDP probe packets instead of a UDP socket. So don't
compensate for the UDP header anymore.
2020-09-12 11:24:36 +00:00
Michael Tuexen
2d0fb1b3c1 Simplify code, no functional change.
Since https://svnweb.freebsd.org/base?view=revision&revision=365378
UDP is handled the same way as SCTP and TCP (using a raw socket).
Therefore use the same code path.
2020-09-12 11:19:54 +00:00
Kyle Evans
ecebb3cc1d Only set WARNS if not defined
This would allow interested parties to do experimental runs with an
environment set appropriately to raise all the warnings throughout the
build; e.g. env WARNS=6 NO_WERROR=yes buildworld.

Not currently touching the numerous instances in ^/tools.

MFC after:	1 week
2020-09-11 13:28:37 +00:00
Kyle Evans
fc90521002 crunchgen(8): fix crunched application build with WARNS=6
This was revealed by the rescue build with a patch I'm working on to default
WARNS=6 everywhere. The issues resolved were:

- Missing prototype for _crunched_${ident}_stub in the *_stub.c generated
  bits
- Missing prototype for crunched_main
- Incomplete prototype for _crunched_${ident}_stub in the generated parts of
  crunched_main
- Literal strings in the stub table must drop const qualifier, unless we
  const'ify name
- f field in struct stub didn't have a proper prototype

Most of these issues are minor formalities and easily addressed.

I note that if my patch to eventually raise WARNS for the rescue build
lands, we'll need to bump the __FreeBSD_version requirement for
bootstrapping crunchgen and wipe out the rescue .OBJDIR if it's stale, which
we should be able to detect pretty easily from a couple of the issues that
have been fixed here.

Reviewed by:	arichardson
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D26363
2020-09-10 18:19:45 +00:00
Robert Wing
37d72a9177 periodic.conf(5): don't truncate interface names reported by 420.status-network.
The daily periodic script, 420.status-network uses netstat(1) to report
interface status. By default, netstat(1) truncates interface names.

Add the '-W' flag (avoid truncating interface names) as the default for
'daily_status_network_netstat_flags' in periodic.conf(5).

The default 420.status-network command is now 'netstat -i -d -W -n'.

PR:     163572
Reported by: kes-kes@yandex.ru
Reviewed by: allanjude (mentor) bcr (manpages)
Approved by: allanjude (mentor)
MFC after:  1 week
Differential Revision:  https://reviews.freebsd.org/D26023
2020-09-09 19:07:34 +00:00
Kyle Evans
05a16147fb certctl: fix hashed link generation with duplicate subjects
Currently, certctl rehash will just keep clobbering .0 rather than
incrementing the suffix upon encountering a duplicate. Do this, and do it
for blacklisted certs as well.

This also improves the situation with the blacklist to be a little less
flakey, comparing cert fingerprints for all certs with a matching subject
hash in the blacklist to determine if the cert we're looking at can be
installed.

Future work needs to completely revamp the blacklist to align more with how
it's described in PR 246614. In particular, /etc/ssl/blacklisted should go
away to avoid potential confusion -- OpenSSL will not read it, it's
basically certctl internal.

PR:		246614
Reviewed by:	Michael Osipov <michael.osipov siemens com>
Tested by:	Michael Osipov
With suggestions from:	Michael Osipov
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D26167
2020-09-09 09:08:09 +00:00
Kyle Evans
6703731d6e phttpget: move out of portsnap
Currently, WITHOUT_PORTSNAP forces WITHOUT_FREEBSD_UPDATE because the
latter relies on phttpget, which lives inside the portsnap build bits.

Remove the dependency between these two options by moving phttpget out into
^/libexec and building/installing it if either WITH_PORTSNAP or
WITH_FREEBSD_UPDATE.

Future work could remove the conditional if it's decided that users will use
it independently of either the current in-base consumers.

Reported by:	swills
Reviewed by:	jilles, emaste
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D26255
2020-09-09 00:39:47 +00:00
Ed Maste
7cccb910b2 ntp: whitespace and typo fix in conf file
PR:		248942
Submitted by:	Jose Luis Duran (whitespace), igor (typo)
MFC after:	1 week
2020-09-07 17:19:31 +00:00
Mariusz Zaborski
35f8045f55 Remove duplicated line.
Reported by:	lwhsu
2020-09-06 15:44:09 +00:00
Mariusz Zaborski
cc432e237c traceroute6: capsicumize it
Submitted by:	Shubh Gupta <shubh@freebsd.org>
Sponsored by: Google (GSOC 2020)
Differential Revision:	https://reviews.freebsd.org/D25604
2020-09-06 14:04:02 +00:00
Stephen J. Kiernan
291124e3c0 Avoid collisions with function names in openssl headers.
Just using MD5, SHA1, RMD160 and SHA256 for defines collides with
functions of the same name in OpenSSL. This can cause compilation
issues in downstream consumers if they use OpenSSL for the hash
functions instead of libmd.

Reviewed by:	sjg
Obtained from:	Juniper Networks, Inc.
Differential Revision:	https://reviews.freebsd.org/D26321
2020-09-04 04:31:56 +00:00
Eric van Gyzen
2e47aedf86 pmc: Fix freed internal location read
Coverity detected this error.  The fix duplicates the assignment on line 171.

Submitted by:	bret_ketchum@dell.com
Reported by:	Coverity
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D26227
2020-09-01 15:52:18 +00:00
Mark Johnston
645c2851e2 pw: Handle errors from ftell() when removing records from /etc/opiekeys.
Reported by:	Coverity
MFC after:	1 week
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
2020-09-01 15:15:09 +00:00
Mark Johnston
7a82cf511d pw: Fix a resource leak.
Reported by:	Coverity
MFC after:	1 week
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
2020-09-01 15:14:51 +00:00
Mark Johnston
45bfd3158c pw: Remove unnecessary errp checks.
The caller-supplied pointer is unconditionally dereferenced at the
beginning of the function, so there is no point in comparing it with
NULL thereafter.

Reported by:	Coverity
MFC after:	1 week
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
2020-09-01 15:14:26 +00:00
Mark Johnston
79c8ad8368 pw: Fix terminal handling when setting a group password.
Reported by:	Coverity
MFC after:	1 week
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
2020-09-01 15:14:13 +00:00
Edward Tomasz Napierala
e352957180 Make sure not to pass NULL to strtoul(3). The values come
from the kernel, but let's try to be on the safe side.

Reviewed by:	mav
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D26246
2020-09-01 14:58:57 +00:00
Edward Tomasz Napierala
5d9b05ac30 Fix string overflow that could occur during redirection due to passing
the wrong length to strlcpy(3). It looks like it could overflow into
the next field, isc_user, which is properly long to accomodate for it;
I don't think it could cause any harm other than breaking the connection.

Reviewed by:	mav
MFC after:	2 weeks
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D26247
2020-09-01 14:52:35 +00:00
Rick Macklem
813837bade Add support for the NFS over TLS exports to mountd.
Three new export flags are added to mountd that will restrict exported
file system mounts to use TLS.  Without these flags, TLS is allowed, but not
required.

The exports(5) man page will be updated in a future commit.
2020-08-30 21:21:58 +00:00
Jamie Gritton
0eb6603f6b Disregard jails in jail.conf that have bad parameters (parameter/variable
clash, or redefining name/jid).  The current behvaior, of merely warning
and moving on, can lead to unexpected behavior when a jail is created
without the offending parameter defined at all.
2020-08-27 17:04:55 +00:00
Jamie Gritton
bb4ec28922 Don't allow jail.conf variables to have the same names as jail parameters.
It was already not allowed in many cases, but crashed instead of giving an
error.

PR:		248444
2020-08-27 00:17:17 +00:00
Jamie Gritton
48c376a6f1 Back out r364791 to unbreak jails. Lesson learned: "compile and test" means
running the test on the same executable that you just compiled.

PR:		248444
Pointy hat to:	jamie
2020-08-26 18:35:32 +00:00
Toomas Soome
b95807751a efibootmgr: wrong check for opts.order
opts.order && !(opts.order) does not really make sense.

Reported by:	swildner
2020-08-26 14:02:38 +00:00
D Scott Phillips
83c4237258 efibootmgr: Add option to request booting to the firmware user interface
The OsIndications UEFI variable can request the firware to stop at
its UI instead of continuing with boot. Add flags for setting and
clearing this request.

Reviewed by:	manu, bcr (manpages)
Approved by:	scottl (implicit)
MFC after:	1 week
Sponsored by:	Ampere Computing, Inc.
Differential Revision:	https://reviews.freebsd.org/D25839
2020-08-26 02:05:58 +00:00
Jamie Gritton
177b077e57 Handle jail.conf variables that have the same names as parameters.
PR:		248444
Submitted by:	Akos Somfai
Reported by:	Markus Stoff
2020-08-26 00:42:59 +00:00
Ryan Moeller
60403b98b9 bsdinstall: Update loader.conf for new OpenZFS deps
zfs.ko now includes the SPL but relies on cryptodev instead.

Reported by:	D Scott Phillips
Sponsored by:	iXsystems, Inc.
2020-08-25 21:07:27 +00:00
Bjoern A. Zeeb
60e7f66931 rtsol(d): add script for "M bit"
While we do support the "O bit" running a script (usually to start a
dhcpv6 client) we have no options for setups which set the "M bit" for,
e.g., static address assignment as in EC2.

Duplicate most of the "O bit" logic to also start a script for the
"M bit" with the one difference: if the "M bit" is set we will not
start the script for the "O bit" as well (per RFC 4861, Section 4.2).

Reviewed by:	hrs, markj
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D26099
2020-08-25 16:09:23 +00:00
Alex Richardson
6424881cc8 Fix makefs bootstrap on macOS after D25563
The macOS assert.h header does not define static_assert when compiling in
C99 mode. To fix this compile with -std=c11.

Reviewed By:	emaste
Differential Revision: https://reviews.freebsd.org/D25928
2020-08-25 13:30:24 +00:00
Matt Macy
9e5787d228 Merge OpenZFS support in to HEAD.
The primary benefit is maintaining a completely shared
code base with the community allowing FreeBSD to receive
new features sooner and with less effort.

I would advise against doing 'zpool upgrade'
or creating indispensable pools using new
features until this change has had a month+
to soak.

Work on merging FreeBSD support in to what was
at the time "ZFS on Linux" began in August 2018.
I first publicly proposed transitioning FreeBSD
to (new) OpenZFS on December 18th, 2018. FreeBSD
support in OpenZFS was finally completed in December
2019. A CFT for downstreaming OpenZFS support in
to FreeBSD was first issued on July 8th. All issues
that were reported have been addressed or, for
a couple of less critical matters there are
pull requests in progress with OpenZFS. iXsystems
has tested and dogfooded extensively internally.
The TrueNAS 12 release is based on OpenZFS with
some additional features that have not yet made
it upstream.

Improvements include:
  project quotas, encrypted datasets,
  allocation classes, vectorized raidz,
  vectorized checksums, various command line
  improvements, zstd compression.

Thanks to those who have helped along the way:
Ryan Moeller, Allan Jude, Zack Welch, and many
others.

Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D25872
2020-08-25 02:21:27 +00:00
Cy Schubert
d709c07b34 Update unbound version number.
MFC after:	1 month
X-MFC with:	r364721
2020-08-24 18:17:13 +00:00
Maxim Sobolev
d065b3eb9e In the endless batch mode (-B), terminate if and when stdout is closed.
That mode is useful to call gstat from other app, however kinda useless
since gstat won't exit and stay running forever when its parent process
has long gone.

MFC after:	2 weeks
2020-08-24 16:45:23 +00:00
Marc Fonvieille
e0e236ba88 s/redundacy/redundancy
MFC after:	1 week
2020-08-24 14:04:59 +00:00
Marc Fonvieille
633963a352 Add missing Korean doc package entry, remove non-existent Serbian doc
package entry.

Approved by:	re (gjb)
MFC after:	1 week
2020-08-24 14:00:12 +00:00
Alex Richardson
06e20d1bab makefs (msdosfs): Use fprintf instead of debug print for errors
The added print was very helpful for debugging failed disk image creation.

Reviewed By:	emaste
Differential Revision: https://reviews.freebsd.org/D23200
2020-08-24 09:20:27 +00:00
Alex Richardson
50e525e40b Correctly determine the real executable in crunched binaries
This should fix cases like su setting argv[0] to _su for /bin/sh.
Previously cheribsdbox (a crunched tool we use in CheriBSD to reduce the
size of our minimal disk images to allow loading them onto FPGAs without
waiting forever for the transfer) would complain about _su not being
compiled in, but now that we also look at AT_EXECPATH it correctly
invokes the sh tool.

Note: we use use AT_EXECPATH instead of the KERN_PROC_PATHNAME sysctl to get
the crunchgen binary name since it seems like KERN_PROC_PATHNAME just
returns the last cached path for a given hardlink.
When using `su`, instead of invoking /bin/csh this would invoke the last
used hardlink to cheribsdbox. This caused weird test failures when running
tests due to `id` being executed instead of `echo`:

$ id  # id is a hardlink to /bin/cheribsdbox
$ su postgres -c 'echo 1' # su is also a hardlink
uid=1001(postgres) gid=1001(postgres) groups=1001(postgres)

Obtained from: CheriBSD

Reviewed By:	emaste, brooks
Differential Revision: https://reviews.freebsd.org/D25998
2020-08-24 09:20:23 +00:00
Alex Richardson
b0f558df9f Re-indent crunched_main.c in preparation for D25998 2020-08-24 09:20:18 +00:00
Chuck Tuffli
71a51f69a4 bhyve: NVMe queue create must init head/tail
The NVMe emulation code did not explicitly initialize queue head and
tail pointers on queue creation. As these pointers are part of
calloc()'ed memory, this only becomes a problem if the queues are
deleted and then recreated.

This error can manifest with messages about completions not matching a
command.
2020-08-24 01:51:21 +00:00