Recent commits to head have added support for NFS over TLS
to the FreeBSD kernel.
To enable use of this for an NFS mount, the "tls" mount_nfs
option has been added.
Once the IETF has assigned an RFC number, I will replace "NNNN"
with the number.
This is a content change.
Reviewed by: gbe
Differential Revision: https://reviews.freebsd.org/D26262
kernel during dump time.
A real life scenario is that cores are compressed to reduce
size of dumpon partition, but we either don't care about space
in the /var/crash or we have a filesystem level compression of
/var/crash. And we want cores to be uncompressed in /var/crash
because we'd like to instantily read them with kgdb. In this
case we want kernel to write cores compressed, but savecore(1)
write them uncompressed.
Reviewed by: markj, gallatin
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D27245
local software base directory, as committed in SVN rev. 367813.
The pkg and mailwrapper programs used the LOCALBASE environment variable
for this purpose and this functionality is preserved by getlocalbase().
After this change, the value of the user.localbase sysctl variable is used
if present (and not overridden in the environment).
The nvmecontrol program gains support of a dynamic path to its plugin
directory with this update.
Differential Revision: https://reviews.freebsd.org/D27237
This fixes a type signedness comparison warning-to-error on
gcc-6.4. The ternary operation casts it right but the actual
assignment doesn't.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D26791
This constant depends on MAXPHYS and does not respect device capabilities.
Use proper dynamic ioctl(NVME_GET_MAX_XFER_SIZE) instead.
MFC after: 1 month
"mandoc -Tlint" complained about the Xr to vnconfig, which was removed in
r238202. I am not sure but maybe it's time to do the same to vn(4).
MFC after: 2 weeks
This permits setting a node's value to a string longer than BUFSIZ.
Reported by: Sony Arpita Das @ Chelsio
Reviewed by: freqlabs
MFC after: 1 week
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D27027
Flag -o for destroy subcommand is missing in the help message,
but present in the man page. Fix it.
PR: 249325
Approved by: kevans
Differential Revision: https://reviews.freebsd.org/D26429
This adds the help messages for camcontrol(8) in-binary help.
Man page will follow in the separate change.
Reviewed by: bz
Approved by: imp (mentor)
Differential Revision: https://reviews.freebsd.org/D25963
- Add a new send tag type for a send tag that supports both rate
limiting (packet pacing) and TLS offload (mostly similar to D22669
but adds a separate structure when allocating the new tag type).
- When allocating a send tag for TLS offload, check to see if the
connection already has a pacing rate. If so, allocate a tag that
supports both rate limiting and TLS offload rather than a plain TLS
offload tag.
- When setting an initial rate on an existing ifnet KTLS connection,
set the rate in the TCP control block inp and then reset the TLS
send tag (via ktls_output_eagain) to reallocate a TLS + ratelimit
send tag. This allocates the TLS send tag asynchronously from a
task queue, so the TLS rate limit tag alloc is always sleepable.
- When modifying a rate on a connection using KTLS, look for a TLS
send tag. If the send tag is only a plain TLS send tag, assume we
failed to allocate a TLS ratelimit tag (either during the
TCP_TXTLS_ENABLE socket option, or during the send tag reset
triggered by ktls_output_eagain) and ignore the new rate. If the
send tag is a ratelimit TLS send tag, change the rate on the TLS tag
and leave the inp tag alone.
- Lock the inp lock when setting sb_tls_info for a socket send buffer
so that the routines in tcp_ratelimit can safely dereference the
pointer without needing to grab the socket buffer lock.
- Add an IFCAP_TXTLS_RTLMT capability flag and associated
administrative controls in ifconfig(8). TLS rate limit tags are
only allocated if this capability is enabled. Note that TLS offload
(whether unlimited or rate limited) always requires IFCAP_TXTLS[46].
Reviewed by: gallatin, hselasky
Relnotes: yes
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D26691
It seems *-passthru commands were broken from the day one, since the
device path is fetched into opt.dev variable and not left in argv[optind].
The other three wrong argv[optind] instances are just in error messages.
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Foundation copyrights, approved by emaste@. It does not include
files which carry other people's copyrights; if you're one
of those people, feel free to make similar change.
Reviewed by: emaste, imp, gbe (manpages)
Differential Revision: https://reviews.freebsd.org/D26980
Literal references to /usr/local exist in a large number of files in
the FreeBSD base system. Many are in contributed software, in configuration
files, or in the documentation, but 19 uses have been identified in C
source files or headers outside the contrib and sys/contrib directories.
This commit makes it possible to set _PATH_LOCALBASE in paths.h to use
a different prefix for locally installed software.
In order to avoid changes to openssh source files, LOCALBASE is passed to
the build via Makefiles under src/secure. While _PATH_LOCALBASE could have
been used here, there is precedent in the construction of the path used to
a xauth program which depends on the LOCALBASE value passed on the compiler
command line to select a non-default directory.
This could be changed in a later commit to make the openssh build
consistently use _PATH_LOCALBASE. It is considered out-of-scope for this
commit.
Reviewed by: imp
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D26942
in the Pass 5 checks. The manifestation was fsck_ffs exiting with this error:
** Phase 5 - Check Cyl groups
fsck_ffs: inoinfo: inumber 18446744071562087424 out of range
The error only manifests itself for filesystems bigger than about 100Tb.
Reported by: Nikita Grechikhin <ngrechikhin at yandex.ru>
MFC after: 2 weeks
Sponsored by: Netflix
Correct misuse of commas/parentheses in an enumeration that makes the
number of actual parameters more important than expected.
PR: 250526
Submitted by: Samy Mahmoudi <samy.mahmoudi__gmail_com>
MFC after: 1 week
and fsirand(8)) should check the filesystem status and require that
fsck(8) be run if it is unclean. This requirement is not imposed on
fsdb(8) or clri(8) since they may be used to clean up a filesystem.
MFC after: 2 weeks
Sponsored by: Netflix
over various major releases. Superblock check hashes were added for
the 12 release and cylinder-group and inode check hashes will appear
in the 13 release.
When a disk with a UFS filesystem is writably mounted, the kernel
clears the feature flags for anything that it does not support. For
example, if a UFS disk from a 12-stable kernel is mounted on an
11-stable system, the 11-stable kernel will clear the flag in the
filesystem superblock that indicates that superblock check-hashs
are being maintained. Thus if the disk is later moved back to a
12-stable system, the 12-stable system will know to ignore its
incorrect check-hash.
If the only filesystem modification done on the earlier kernel is
to run a utility such as growfs(8) that modifies the superblock but
neither updates the check-hash nor clears the feature flag indicating
that it does not support the check-hash, the disk will fail to mount
if it is moved back to its original newer kernel.
This patch moves the code that clears the filesystem feature flags
from the mount code (ffs_mountfs()) to the code that reads the
superblock (ffs_sbget()). As ffs_sbget() is used by the kernel mount
code and is imported into libufs(3), all the filesystem utilities
will now also clear these flags when they make modifications to the
filesystem.
As suggested by John Baldwin, fsck_ffs(8) has been changed to accept
and repair bad superblock check-hashes rather than refusing to run.
This change allows fsck to recover filesystems that have been impacted
by utilities older than those created after this change and is a
sensible thing to do in any event.
Reported by: John Baldwin (jhb@)
MFC after: 2 weeks
Sponsored by: Netflix
In order to validate the proper marking and use of a different
ethernet priority class, add the new session-specific PCP
feature to the ping/ping6 utilities.
Reviewed by: mav, bcr
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D26627
Ensure we also skip descendants of SKIP nodes when iterating through children
of an explicitly specified node.
Reported by: np
Reviewed by: np
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D26833
* Use defined SYS_SYSCTL names
* Use memcmp instead of explicit loop
* Use NULL instead of 0 for pointer value
* Use __FBSDID
* Reformat, improve comments in parse()
No functional changes.
Reviewed by: imp
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D26832
the failover protocol is supported due to limitations in the IPoIB
architecture. Refer to the lagg(4) manual page for how to configure
and use this new feature. A new network interface type,
IFT_INFINIBANDLAG, has been added, similar to the existing
IFT_IEEE8023ADLAG .
ifconfig(8) has been updated to accept a new laggtype argument when
creating lagg(4) network interfaces. This new argument is used to
distinguish between ethernet and infiniband type of lagg(4) network
interface. The laggtype argument is optional and defaults to
ethernet. The lagg(4) command line syntax is backwards compatible.
Differential Revision: https://reviews.freebsd.org/D26254
Reviewed by: melifaro@
MFC after: 1 week
Sponsored by: Mellanox Technologies // NVIDIA Networking
802.1ad interfaces are created with ifconfig using the "vlanproto" parameter.
Eg., the following creates a 802.1Q VLAN (id #42) over a 802.1ad S-VLAN
(id #5) over a physical Ethernet interface (em0).
ifconfig vlan5 create vlandev em0 vlan 5 vlanproto 802.1ad up
ifconfig vlan42 create vlandev vlan5 vlan 42 inet 10.5.42.1/24
VLAN_MTU, VLAN_HWCSUM and VLAN_TSO capabilities should be properly
supported. VLAN_HWTAGGING is only partially supported, as there is
currently no IFCAP_VLAN_* denoting the possibility to set the VLAN
EtherType to anything else than 0x8100 (802.1ad uses 0x88A8).
Submitted by: Olivier Piras
Sponsored by: RG Nets
Differential Revision: https://reviews.freebsd.org/D26436
Move list_cloners() from ifconfig(8) to libifconfig(3) where it can be
reused by other consumers.
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D26858
Implement two macros IEEE80211_VHTCAP_SUPP_CHAN_WIDTH_IS_160MHZ()
and its 80+80 counter part to check in vhtcaps for appropriate
levels of support and use the macros throughout the code.
Add vht160_chan_ranges/is_vht160_valid_freq and handle analogue
to vht80 in various parts of the code.
Add ieee80211_add_channel_cbw() which also takes the CBW flag
fields and make the former ieee80211_add_channel() a wrapper to it.
With the CBW flags we can add HT/VHT channels passing them to
getflags() for the 2/5ghz functions.
In ifconfig(8) add the regdomain_addchans() support for VHT160
and VHT80P80.
With this (+ regdoain.xml updates) VHT160 channels can be
configured, listed, and pass regdomain where appropriate.
Tested with: iwlwifi
Reviewed by: adrian
MFC after: 10 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D26712
Our gcc-6.4 flags require non-empty function declarations.
Fix this to match the rest of the codebase.
Tested:
* compiled on gcc-6.4 for amd64
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D26795
The new C test takes 25 seconds on QEMU-RISC-V, wheras the shell version
takes 332 seconds.
Even with the latest optimizations to atf-sh this test still takes a few
seconds to startup in QEMU. Re-writing it in C reduces the runtime for a
single test from about 2-3 seconds to less than .5 seconds. Since there
are ~80 tests, this adds up to about 3-4 minutes.
This may not seem like a big speedup, but before the recent optimizations
to avoid atf_get_srcdir, each test took almost 100 seconds on QEMU RISC-V
instead of 3. This also significantly reduces the time it takes to list
the available test cases, which speeds up running the tests via kyua:
```
root@qemu-riscv64-alex:~ # /usr/bin/time kyua test -k /usr/tests/sbin/pfctl/Kyuafile pfctl_test_old
...
158/158 passed (0 failed)
332.08 real 42.58 user 286.17 sys
root@qemu-riscv64-alex:~ # /usr/bin/time kyua test -k /usr/tests/sbin/pfctl/Kyuafile pfctl_test
158/158 passed (0 failed)
24.96 real 9.75 user 14.26 sys
root@qemu-riscv64-alex:/usr/tests/sbin/pfctl # /usr/bin/time ./pfctl_test pf1001
pfctl_test: WARNING: Running test cases outside of kyua(1) is unsupported
pfctl_test: WARNING: No isolation nor timeout control is being applied; you may get unexpected failures; see atf-test-case(4)
Running pfctl -o none -nvf /usr/tests/sbin/pfctl/./files/pf1001.in
---
binat on em0 inet6 from fc00::/64 to any -> fc00:0:0:1::/64
binat on em0 inet6 from any to fc00:0:0:1::/64 -> fc00::/64
---
passed
0.17 real 0.06 user 0.08 sys
root@qemu-riscv64-alex:/usr/tests/sbin/pfctl # /usr/bin/time ./pfctl_test_old pf1001
pfctl_test_old: WARNING: Running test cases outside of kyua(1) is unsupported
pfctl_test_old: WARNING: No isolation nor timeout control is being applied; you may get unexpected failures; see atf-test-case(4)
Id Refs Name
141 1 pf
Executing command [ pfctl -o none -nvf - ]
passed
1.73 real 0.25 user 1.41 sys
root@qemu-riscv64-alex:/usr/tests/sbin/pfctl # /usr/bin/time ./pfctl_test_old -l > /dev/null
24.36 real 2.26 user 21.86 sys
root@qemu-riscv64-alex:/usr/tests/sbin/pfctl # /usr/bin/time ./pfctl_test -l > /dev/null
0.04 real 0.02 user 0.01 sys
```
The speedups are even more noticeable on CHERI-RISC-V (since QEMU runs
slower when emulating CHERI instructions):
```
root@qemu-cheri-alex:/usr/tests/sbin/pfctl # /usr/bin/time ./pfctl_test_new -l > /dev/null
0.51 real 0.49 user 0.00 sys
root@qemu-cheri-alex:/usr/tests/sbin/pfctl # /usr/bin/time ./pfctl_test -l > /dev/null
34.20 real 32.69 user 0.16 sys
root@qemu-cheri-alex:/usr/tests/sbin/pfctl # /usr/bin/time ./pfctl_test pf1001
pfctl_test: WARNING: Running test cases outside of kyua(1) is unsupported
pfctl_test: WARNING: No isolation nor timeout control is being applied; you may get unexpected failures; see atf-test-case(4)
Id Refs Name
147 1 pf
Executing command [ pfctl -o none -nvf - ]
passed
5.74 real 5.41 user 0.03 sys
root@qemu-cheri-alex:/usr/tests/sbin/pfctl # /usr/bin/time ./pfctl_test_new pf1001
pfctl_test_new: WARNING: Running test cases outside of kyua(1) is unsupported
pfctl_test_new: WARNING: No isolation nor timeout control is being applied; you may get unexpected failures; see atf-test-case(4)
Running pfctl -o none -nvf /usr/tests/sbin/pfctl/./files/pf1001.in
---
binat on em0 inet6 from fc00::/64 to any -> fc00:0:0:1::/64
binat on em0 inet6 from any to fc00:0:0:1::/64 -> fc00::/64
---
passed
0.68 real 0.66 user 0.00 sys
root@qemu-cheri-alex:/usr/tests/sbin/pfctl #
```
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D26779
To prevent issues with odd shell characters appearing in, a surprising
shell feature is used. Document it and a workaround for it.
Differential Revision: https://reviews.freebsd.org/D26723
the /boot/nextboot.conf file or its contents which is 1) not the most user-
friendly way of working with custom configurations, and 2) simply not true
for both Forth and Lua implementations: they would not delete it, but just
change the setting to "NO", that is, disable it.
While at it, add one missing serial (Oxford) comma and fix some bogus line
wraps along the way.
Approved by: bcr (manpages)
Differential Revision: https://reviews.freebsd.org/D25971
Single quotes interfere with the workaround put in with r335753 and
aren't necessary in this case. I believe that all the underling issues
with r335753 have been corrected, but need to do more extensive
followup before reverting it as a bad idea.
PR: 240411
MFC After: 2 days (to give it time to get into 12.2)
- no blank before trailing delimiter
- whitespace at end of input line
- sections out of conventional order
- normalizing date format
- AUTHORS section without An macro
As we did in the kernel in r366112 replace the MS() macro with the version(s)
added to the kernel: _IEEE80211_MASKSHIFT(). Also provide its counter part.
This will later allow use to use other macros defined in net80211 headers
here in ifconfig.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Sort a few VHT160 and 80+80 lines, update some comments, and remove
a superfluous ','.
No functional changes intended.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Update the to log fetch operation for latest WDC NVMe products.
Tested on HGST SN100 (a few years old) and WDC SN720 (more recent).
Submitted by: Akhilesh Rn <Akhilesh.RN@wdc.com> (minor style tweak by me)
Github PR: 435
Add an "nextnoskip" sysctl that allows for listing of sysctls intended to be
normally skipped for cost reasons.
This makes it so the names/descriptions of those sysctls can be discovered with
sysctl -aN/sysctl -ad/sysctl -at.
It also makes it so children are visited when a node flagged with CTLFLAG_SKIP
is explicitly requested.
The intended use case is to mark the root "kstat" node with CTLFLAG_SKIP so that
the extensive and expensive stats are skipped by default but may still be easily
obtained without having to know them all (which may not even be possible) and
request each one-by-one.
Reviewed by: jhb
MFC after: 2 weeks
Relnotes: yes
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D26560
/dev/pf is usable in vnet jails, so don't hide the node there.
We shouldn't expose /dev/pf in regular jails, as that gives them control over
the host (or parent vnet jail) firewall.
Reviewed by: bz
Differential Revision: https://reviews.freebsd.org/D26537
Repeating the default WARNS here makes it slightly more difficult to
experiment with default WARNS changes, e.g. if we did something absolutely
bananas and introduced a WARNS=7 and wanted to try lifting the default to
that.
Drop most of them; there is one in the blake2 kernel module, but I suspect
it should be dropped -- the default WARNS in the rest of the build doesn't
currently apply to kernel modules, and I haven't put too much thought into
whether it makes sense to make it so.
Add EXAMPLES section to the man page showing the use of all flags except for
-S.
While here, clarify -f description. It not only suppresses diagnostic messages
but it also affects the exit status of the command itself. This is shown in two
of the examples.
Approved by: bcr@
Differential Revision: https://reviews.freebsd.org/D26588
Fix unquoted test for an empty value, which broke nextboot(8) on non-ZFS /boot
systems after r365938.
Discussed with: allanjude, tsoome
X-MFC-With: r365938
The purpose of checksize() is to verify that the referenced cluster
chain size matches the recorded file size (up to 2^32 - 1) in the
directory entry. We follow the cluster chain, then multiple the
cluster count by bytes per cluster to get the physical size, then
check it against the recorded size.
When a file is close to 4 GiB (between 4GiB - cluster size and 4GiB,
both non-inclusive), the product of cluster count and bytes per
cluster would be exactly 4 GiB. On 32-bit systems, because size_t
is 32-bit, this would wrap back to 0, which will cause the file be
truncated to 0.
Fix this by using 64-bit physicalSize instead.
This fix is inspired by an Android change request at
https://android-review.googlesource.com/c/platform/external/fsck_msdos/+/1428461
PR: 249533
Reviewed by: kevlo
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D26524
This fixes a compile issue under gcc6 which complains about
legacy style C function declarations.
Differential Revision: https://reviews.freebsd.org/D26504
nvmecontrol tries to upload firmware in chunks as large as it thinks
the device permits. It fails to take into account the FWUG value used
by some drives to advertise the size and alignment limits for firmware
chunks.
- Use the firwmare update granularity value from the
- If the granularity is not reported or not restricted, fall back to
the previously existing logic that calculates the max transfer
size based on MDTS.
- Add firmware update granularity to the identify-controller output.
Reviewed by: imp (previous version), chuck
Obtained from: Dell EMC Isilon
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D26390
bootonce feature is temporary, one time boot, activated by
"bectl activate -t BE", "bectl activate -T BE" will reset the bootonce flag.
By default, the bootonce setting is reset on attempt to boot and the next
boot will use previously active BE.
By setting zfs_bootonce_activate="YES" in rc.conf, the bootonce BE will
be set permanently active.
bootonce dataset name is recorded in boot pool labels, bootenv area.
in case of nextboot, the nextboot_enable boolean variable is recorded in
freebsd:nvstore nvlist, also stored in boot pool label bootenv area.
On boot, the loader will process /boot/nextboot.conf if nextboot_enable
is "YES", and will set nextboot_enable to "NO", preventing /boot/nextboot.conf
processing on next boot.
bootonce and nextboot features are usable in both UEFI and BIOS boot.
To use bootonce/nextboot features, the boot loader needs to be updated on disk;
if loader.efi is stored on ESP, then ESP needs to be updated and
for BIOS boot, stage2 (zfsboot or gptzfsboot) needs to be updated
(gpart or other tools).
At this time, only lua loader is updated.
Sponsored by: Netflix, Klara Inc.
Differential Revision: https://reviews.freebsd.org/D25512
API to the sbget() and sbput() interfaces. Specifically they take
a file descriptor pointer rather than the struct uufsd *disk pointer
used by the libufs cgread() and cgwrite() interfaces. Update fsck_ffs
to use these revised interfaces.
No functional changes intended.
Sponsored by: Netflix
The current default is provided in various Makefile.inc in some top-level
directories and covers a good portion of the tree, but doesn't cover parts
of the build a little deeper (e.g. libcasper).
Provide a default in src.sys.mk and set WARNS to it in bsd.sys.mk if that
variable is defined. This lets us relatively cleanly provide a default WARNS
no matter where you're building in the src tree without breaking things
outside of the tree.
Crunchgen has been updated as a bootstrap tool to work on this change
because it needs r365605 at a minimum to succeed. The cleanup necessary to
successfully walk over this change on WITHOUT_CLEAN builds has been added.
There is a supplemental project to this to list all of the warnings that are
encountered when the environment has WARNS=6 NO_WERROR=yes:
https://warns.kevans.dev -- this project will hopefully eventually go away
in favor of CI doing a much better job than it.
Reviewed by: emaste, brooks, ngie (all earlier version)
Reviewed by: emaste, arichardson (depend-cleanup.sh change)
Differential Revision: https://reviews.freebsd.org/D26455
These are similar to the existing VLAN capabilities.
Reviewed by: kib@
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D25873
I have been trying to reduce the time that testsuite runs take for CheriBSD
on QEMU (currently about 22 hours). One of the slowest tests is pfctl_test:
Just listing the available test cases currently takes 98 seconds on a
CheriBSD RISC-V system due to all the processes being spawned. This trivial
patch reduces the time to 92 seconds. The better solution would be to
rewrite the test in C/C++ which I may do as a follow-up change.
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D26417
This would allow interested parties to do experimental runs with an
environment set appropriately to raise all the warnings throughout the
build; e.g. env WARNS=6 NO_WERROR=yes buildworld.
Not currently touching the numerous instances in ^/tools.
MFC after: 1 week
Properly handle the case, when some opcode keywords follow after
the `frag` opcode without additional options.
Reported by: Evgeniy Khramtsov <evgeniy at khramtsov org>
ping has the option to add the (deprecated) TOS byte
using the -z option. Adding the same option, with the
same (deprecated) Traffic Class Byte (nowadays actually
DSCP and ECN fields) to ping6 to validate proper QoS
processing in network switches.
Reviewed by: tuexen
MFC after: 2 weeks
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D26384
The request offset and length are always unsigned, so print them as
such.
Submitted by: Yoshihiro Ota <ota@j.email.ne.jp>
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D21388
o Enhance dependency loop logging: print full chain instead of the
last link competing the loop;
o Add -g option to generate dependency graph suitable for GraphViz
visualization, loops and other graph generation issues are highlighted
automatically;
o Add -p option that enables grouping items that can be processed in
parallel.
Submitted by: Boris Lytochkin <lytboris at gmail>
Reviewed by: melifaro
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D25389
The badsys() handler for SIGSYS was added as a transtion aid for kernels
lacking sysctl() in 1993. It is unsafe and unsound so remove it rather
than running the risk of a privilege-dropping system call being silently
omitted.
This partially reverts SCCSID 6.12 (Berkeley) 03/03/93 "add code to
change the system security level".
Reviewed by: mckusick, imp, kevans
Obtained from: CheriBSD
MFC after: 1 week
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D26289
- Change the type of hw.pagesizes to OPAQUE, since it returns an array.
- Modify the handler to only truncate the returned length if the caller
supplied an output buffer. This allows use of the trick of passing a
NULL output buffer to fetch the output size, while preserving
compatibility if MAXPAGESIZES is increased.
- Add a "S,pagesize" formatter to sysctl(8).
Reviewed by: alc, kib
MFC after: 2 weeks
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D26239
The only output from fsck that should go to stderr is the usage message.
if setup() fails then exit with EEXIT rather than 0.
Reviewed by: mckusick
Sponsored by: Netflix
This is a follow up change to r364321 after a discussion about the style.
All near by places use extra blanks in format strings, and while use of the
format string to provide the extra blank may need more cycles than adding 1
to twidth, it generates shorter code and is clearer in the opinion of some
reviewers of the previous change.
Not objected to by: emaste
MFC after: 3 days
- Initialize the disk device fd field in connection_new().
- Close the disk device after handing the connection over
to a child worker.
- Avoid re-opening a disk device for each connection from
the same client, avoiding an fd leak.
PR: 132845
Submitted by: Yoshihiro Ota <ota@j.email.ne.jp>
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26168
The macOS assert.h header does not define static_assert when compiling in
C99 mode. To fix this compile with -std=c11.
Reviewed By: emaste
Differential Revision: https://reviews.freebsd.org/D25928
The primary benefit is maintaining a completely shared
code base with the community allowing FreeBSD to receive
new features sooner and with less effort.
I would advise against doing 'zpool upgrade'
or creating indispensable pools using new
features until this change has had a month+
to soak.
Work on merging FreeBSD support in to what was
at the time "ZFS on Linux" began in August 2018.
I first publicly proposed transitioning FreeBSD
to (new) OpenZFS on December 18th, 2018. FreeBSD
support in OpenZFS was finally completed in December
2019. A CFT for downstreaming OpenZFS support in
to FreeBSD was first issued on July 8th. All issues
that were reported have been addressed or, for
a couple of less critical matters there are
pull requests in progress with OpenZFS. iXsystems
has tested and dogfooded extensively internally.
The TrueNAS 12 release is based on OpenZFS with
some additional features that have not yet made
it upstream.
Improvements include:
project quotas, encrypted datasets,
allocation classes, vectorized raidz,
vectorized checksums, various command line
improvements, zstd compression.
Thanks to those who have helped along the way:
Ryan Moeller, Allan Jude, Zack Welch, and many
others.
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D25872
We have both a system of 'kern' and of 'kernel'. Prefer the latter and
convert this notification to use 'kernel' instead of 'kern'. As a
transition period, continue to also generate the 'kern' notification
until sometime after FreeBSD 13 is branched.
MFC After: 3 days
-n omits the name of the variable regardless of the type of information that is
requested. Rephrase to clarify this point.
PR: 242191
Submitted by: stilezy@gmail.com
Approved by: emaste@
Differential Revision: https://reviews.freebsd.org/D26149
MOUNT notifies when a filesystem is mounted
REMOUNT notifies when a filesystem is mounted again
UNMOUNT notifies when a filesystem is unmounted
These events are asynchronous to the actual state of the event (though the data
is recorded at a time when it is stable). The mount event is reported after the
filesystem is mounted. However, in the interim it may be unmounted by another
agent. Likewise, umount is called just before the mountpoint is finished tearing
down. It may be remounted (or maybe if the process scheduling is wonky and devd
gets to run before the last few steps are complete).
Sponsored by: Netflix
Diffential Revision: https://reviews.freebsd.org/D25969
Amiga is a proper noun
Condition is traditionally spelled starting with 'c'
Some, but not all, of the over/under-voltage instances were hyphenated.
Since they are all adverb phrases, they all need to be hyphenated.
Pointy hat: imp
Currently, the output of `bectl list` doesn't align the 'Mountpoint' column
correctly when the 'mounted' property of a boot environment dataset is longer
than the default column width.
Set the 'Mountpoint' column width to the boot environment dataset with the
longest 'mounted' property or to the default width, whichever is greater.
PR: 241064
Reported by: vermaden@interia.pl
Reviewed by: kevans (mentor)
Approved by: kevans (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D26048
The pmu(4) and adb(4) drivers on powerpc generate PMU events. Document them.
The allwinner power modules also generate these events. Document those as well.
MFC After: 3 days
Sort system type alphabetically.
Remove some commas that aren't in the devd notification messages.
MFC After: 3 days
Reviewed by: 0mp (earlier versions), jhb (useful feedback on earlier versions)
Differential Revision: https://reviews.freebsd.org/D26105
Remove PC Card specific information. It's of little value these days and on
the way out after most of its drivers have been removed.
Use iwn instead of wi device.
From the PR:
When I run `ipfw -t list` on release/12 or current, I get misaligned
output between lines that do and do not have a last match timestamp,
like so:
00100 Tue Aug 11 03:03:26 2020 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
(specifically, the "allow" and "deny" strings do not line up)
PR: 248608
Submitted by: Taylor Stearns
MFC after: 3 days
For flags and checks the order goes VHT160 and then VHT80P80 unless
checks are in reverse order ("more comes first") in which case we
deal with VHT80P80 first.
The one reverse order to pick out is where we check channel
prefernences. While it may seem that VHT160 is better, finding
two "free" channels (VHT 80+80) is more likely so we do prefer that.
While dealing with VHT160 and VHT80P80 add extra clauses previously
missing or marked TODO in a few places.
Reviewed by: adrian, gnn
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC (d/b/a "Netgate")
Differential Revision: https://reviews.freebsd.org/D26002
The standard uses 80+80 and 80p80 but nowhere 80_80.
Switch the latter to 80P80 for all the macros and comments refering
to #defined flags which I could find.
The only place we leave as 80p80 is the ifconfig command line arguments
as we spell them all in lower case.
Ideally we would use 80+80 for any interactions with the user and
80P80 for anything internal but let us not confuse parsers and
hence avoid the '+' in either case.
Reviewed by: adrian, gnn
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC (d/b/a "Netgate")
Differential Revision: https://reviews.freebsd.org/D26001
Rather then using magic numbers duplicate IEEE80211_FVHT_VHT* in
ifconfig (cleanup of these and other flags used and not exposed by
net80211 should happen later) and use those.
In the kernel this simplifies one ioctl path (the other one currently
relies on individual bit flags being passed in).
We also re-order the 80P80 and 160 flag for 160 to come before 80+80
and more clearly leave the flags as TODO in one of the 160/80+80 cases.
Reviewed by: adrian
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC (d/b/a "Netgate")
Differential Revision: https://reviews.freebsd.org/D26000
"df", "rf" and "offset". This allows to match on specific
bits of ip_off field.
For compatibility reasons lack of keyword means "offset".
Reviewed by: ae
Differential Revision: https://reviews.freebsd.org/D26021
libifconfig_sfp.h provides an API in libifconfig for querying SFP module
properties, operational status, and vendor strings, as well as descriptions
of the various fields, string conversions, and other useful helpers for
implementing user interfaces.
SFP module status is obtained by reading registers via an I2C interface.
Descriptions of these registers and the values therein have been collected
in a Lua table which is used to generate all the boilerplace C headers and
source files for accessing these values, their names, and descriptions.
The generated code is fully commented and readable.
This is the first use of libifconfig in ifconfig itself. For now, the
scope remains very limited. Over time, more of ifconfig will be replaced
with libifconfig.
Some minor changes to the formatting of ifconfig output have been made:
- Module memory hex dumps are indented one extra space as a result of using
hexdump(3) instead of a bespoke hex dump function.
- Media descriptions have an added two-character short-name in parenthesis.
- QSFP modules were incorrectly displaying TX bias current as power. Now
TX channels display bias current, and this change has been made for both
SFP and QSFP modules for consistency.
A Lua binding for libifconfig including this functionality is implemented
but has not been included in this commit. The plan is for it to be
committed after dynamic module loading has been enabled in flua.
Reviewed by: kp, melifaro
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D25494
Add IEEE80211_IOC_IC_NAME to query the ic_name field and in ifconfig
to print the parent interface again. This functionality was lost
around r287197. It helps in case of multiple wlan interfaces and
multiple underlying hardware devices to keep track which wlan
interface belongs to which physical device.
Sponsored by: Rubicon Communications, LLC (d/b/a "Netgate")
Reviewed by: adrian, Idwer Vollering
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D25832
Enhance camcontrol(8) so that it's possible to manually set frequency for SD/MMC cards.
While here, display more information about the current controller, such as
supported operating modes and VCCQ voltages, as well as current VCCQ voltage.
Reviewed by: manu
Approved by: imp (mentor)
Differential Revision: https://reviews.freebsd.org/D25795
Add tests to cover "add", "change" and "delete" functionality of /sbin/route
for ipv4 and ipv6. These tests for the existing route tool are the first step
towards creating libroute.
Submitted by: Ahsan Barkati
Sponsored by: Google, Inc. (GSoC 2020)
Reviewed by: kp, thj
Approved by: bz (mentor)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D25220
Those rules have been broken at least since 8-STABLE, when the port
providing the ezdownload binary was removed (misc/ezload).
Reviewed by: kevans, imp
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D25686
This is mostly an exercise to set variables to NULL/0 when declared, but
one was ensuring a string variable was set before printing it.
We should never see "<unknown>" in a printed rule; if we do then this code
definitely has some bugs that need addressing.
struct _ipfw_dyn_rule is defined as packed, and as a result, its
uint64_t fields are misaligned on some 32-bit platforms. Since
pr_u64() is explicitly supposed to handle this case, avoid using a
uint64_t * for the input pointer to make sure that the compiler won't
(correctly) warn about the misalignment.
Reported by: jenkins
MFC with: r363164
Provide hints to direct people towards gptzfsboot, zfsbootcfg, efibootmgr, etc
PR: 199103
MFC after: 2 weeks
Sponsored by: Klara Inc.
Event: July 2020 Bugathon
sectors.
On my SanDisk Cruzer Blade 16GB USB stick this made formatting much faster:
x before
+ after
+--------------------------------------------------------------------------+
|+ |
|+ x |
|+ x x|
|A MA||
+--------------------------------------------------------------------------+
N Min Max Median Avg Stddev
x 3 15.89 16.38 16 16.09 0.2570992
+ 3 0.32 0.37 0.35 0.34666667 0.025166115
Difference at 95.0% confidence
-15.7433 +/- 0.414029
-97.8455% +/- 0.25668%
(Student's t, pooled s = 0.182665)
Reviewed by: emaste
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D24508
The new function operates similarly to ifconfig_lagg_get_lagg_status and
likewise is accompanied by a function to free the bridge status data structure.
I have included in this patch the relocation of some strings describing STP
parameters and the PV2ID macro from ifconfig into net/if_bridgevar.h as they
are useful for consumers of libifconfig.
Reviewed by: kp, melifaro, mmacy
Approved by: mmacy (mentor)
MFC after: 1 week
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D25460
dumpon has accepted device names without the prefix ever since r291207.
Since dumpon and savecore are always paired, they ought to accept the same
arguments. Prior to this change, specifying 'dumpdev="da3"' in
/etc/rc.conf, for example, would result in dumpon working just fine but
savecore complaining that "Dump device does not exist".
PR: 247618
Reviewed by: cem, bcr
MFC after: 2 weeks
Sponsored by: Axcient
Differential Revision: https://reviews.freebsd.org/D25500
Switch to the simplified while loop suggest by Aaron LI
Post commit review via: https://reviews.freebsd.org/rS301185#inline-232
Submitted by: Aaron LI <aly@aaronly.me>
Sponsored by: Klara Inc.
The change from "slave" processes to "minion" processes to "worker"
processes left some less-than-coherent names:
1. "enslave" turned into the ungrammatical "enworker".
2. "slp" (SLave Pointer) turned into "mlp" (Minion [L] Pointer?).
Convert "enworker" to "create_workers" (the function in question forks
off 3 worker processes), and replace "mlp" with "wp" (Worker Pointer)
and "tmlp" with "twp" (Temporary Worker Pointer).
Reviewed by: imp, cem, danfe
Differential Revision: https://reviews.freebsd.org/D25403
- Fix formatting issues such as:
- Use Ql instead of Dq Li as Li is deprecated
- Address some mandoc warnings
- Add arguments missing from the list of options (i.e., document "-k keep"
instead of just "-k").
- Document that -k and -s can be specified multiple times
- Use sshd instead of named for the example in the BUGS section, as named
is not in the base system. Also, use Nm instead of Xr there as it is not
the sshd binary that is required to be running, but the service.
- Use Sy instead of Cm for KEYWORDS. Cm is reserved for command-line
modifiers of the CLI.
- Add an EXAMPLES section
- Cross-reference service(8).
MFC after: 2 weeks
Previously, the -p and -c flags were ignored when reading from stdin
Additionally, -s and -c can be used together now.
PR: 247295
Reviewed by: kevans
MFC after: 2 weeks
Relnotes: yes
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D25362
fs_summary_info structure. This change was originally done
by the CheriBSD project as they need larger pointers that
do not fit in the existing superblock.
This cleanup of the superblock eases the task of the commit
that immediately follows this one.
Suggested by: brooks
Reviewed by: kib
PR: 246983
Sponsored by: Netflix
r286700 added the "lacp_fast_timeout" option to `ifconfig', but we forgot to
include the new option in the string used to decode the option bits. Add
"LACP_FAST_TIMO" to LAGG_OPT_BITS.
Also, s/LAGG_OPT_LACP_TIMEOUT/LAGG_OPT_LACP_FAST_TIMO/g , to be clearer that
the flag indicates "Fast Timeout" mode.
Reported by: Greg Foster <gfoster at panasas dot com>
Reviewed by: jpaetzel
MFC after: 1 week
Sponsored by: Panasas
Differential Revision: https://reviews.freebsd.org/D25239
x86 boot uses loader(8) and the boot2-direct-to-kernel process is not
supported. Remove the documentation, which doesn't document a working
process and leads to confusion.
PR: 247074
Reported by: Alex K.
vfs.zfs.boot.primary_pool is only set on BIOS boot, use vfs.root.mountfrom
instead and update all vdevs on pool.
Reviewed by: allanjude
Sponsored by: Netflix, Klara Inc.
Differential Revision: https://reviews.freebsd.org/D25103
At this point, AES is the more common name for Rijndael128. setkey(8)
will still accept the old name, and old constants remain for
compatiblity.
Reviewed by: cem, bcr (manpages)
MFC after: 2 weeks
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D24964
A logic bug in remove_protocol() meant that it would remove (leak) all
structures in the list preceding the one intended for removal.
PR: 245971
Submitted by: joost@jodocus.org (original version)
MFC after: 1 week
Now options -g/-G allow to select/unselect interfaces by groups
in the "ifconfig -a" output just like already existing -d/-u.
Examples:
to exclude loopback from the list: ifconfig -a -G lo
to show vlan interfaces only: ifconfig -a -g vlan
to show tap interfaces that are up: ifconfig -aug tap
Arguments to -g/-G may be shell patterns and both may be specified.
Later options -g/-G override previous ones.
MFC after: 2 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D25029
Some capability descriptions under list scan actually described flags.
Some capability descriptions were missing.
Some flag descriptions under list sta actually described capabilites.
Reviewed by: adrian
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D25014
Comparing fsid_t objects requires internal knowledge of the fsid structure
and yet this is duplicated across a number of places in the code.
Simplify by creating a fsidcmp function (macro).
Reviewed by: mjg, rmacklem
Approved by: mav (mentor)
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D24749
Before this change, swapon(8) implied that -F works as a standalone option,
which is not the case and would produce a usage message. This change extends
the description of the -F option to mention that -a is required with it.
PR: 238551
Submitted by: Christian Baltini
MFC after: 5 days
Examples of depecrated algorithms in manual pages and sample configs
are updated where relevant. I removed the one example of combining
ESP and AH (vs using a cipher and auth in ESP) as RFC 8221 says this
combination is NOT RECOMMENDED.
Specifically, this removes support for the following ciphers:
- des-cbc
- 3des-cbc
- blowfish-cbc
- cast128-cbc
- des-deriv
- des-32iv
- camellia-cbc
This also removes support for the following authentication algorithms:
- hmac-md5
- keyed-md5
- keyed-sha1
- hmac-ripemd160
Reviewed by: cem, gnn (older verisons)
Relnotes: yes
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D24342
o Be consistent about device-id and namespace-id
o Use consistent arg markup for these
o document you can use disk names too
o document nsid command better
o document the idenntify command
o add a couple of examples.
Differential Revision: https://reviews.freebsd.org/D24638
Reported by: Hyeongseok Kim <hyeongseok kim lge com>
Reviewed by: cem, Hyeongseok Kim
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D24603
r356313 broke handling of dirty file system because we have restricted
the correction of "odd" byte sequences to checkfat(), and as a result
the dirty bit is never cleared. The old fsck_msdosfs code would write
FAT twice to fix the dirty bit, which is also not ideal.
Fix this by introducing a new rountine, cleardirty() which will perform
the set of clean bit only, and use it in checkfilesys() if we thought
the file system was dirty.
Reviewed by: cem, emaste
MFC after: 3 day
Differential Revision: https://reviews.freebsd.org/D24581
dumpon(8) has not accepted 1024-bit RSA keys since prior to r339784 (2018-10).
The manual page language was not updated at that time (oops). The minimum
accepted is 2048 bits, which is also a good default choice.
Sponsored by: Dell EMC Isilon
Preload OpenSSL ERR string data so that the formatted error messages are
vaguely meaningful. Add OpenSSL error information to the RSA_public_encrypt()
operation failure case in one-time key generation.
For obsolescent OpenSSL versions (*cough* FIPS *cough*), pre-seed the PRNG
before entering Cap mode, as old versions of OpenSSL are unaware of kernel
RNG interfaces aside from /dev/random (such as the long-supported kern.arnd, or
the slightly more recent getentropy(3) or getrandom(2)). (RSA_public_encrypt()
wants a seeded PRNG to randomize the "PS" portion of PKCS 1.5 padding or the
"MGF" pseudo-random function in OAEP padding.)
Switch dumpon to encrypt the one-time key with OAEP padding (recommended since
1998; RFC2437) rather than the obsolescent PKCS 1.5 padding (1993; RFC2313).
Switch decryptcore to attempt OAEP decryption first, and try PKCS 1.5
decryption on failure. This is intended only for transition convenience, and
we should obsolete support for non-OAEP padding in a release or two.
Reviewed by: markj
MFC After: 2 weeks
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D24534
It makes tool more convenient to not require user to explicitly convert
namespace device name into controller device name. There should be no
changes to already existing syntaxes.
MFC after: 1 week
ifa_grouplookup() uses the data loaded in ifa_load() (through is_a_group()), so
we must call ifa_load() before we can rely on any of the data it populates.
Submitted by: Nick Rogers
MFC after: 1 week
Sponsored by: RG Nets