- Use counter(9) for rt_pksent (former rt_rmx.rmx_pksent). This
removes another cache trashing ++ from packet forwarding path.
- Create zini/fini methods for the rtentry UMA zone. Via initialize
mutex and counter in them.
- Fix reporting of rmx_pksent to routing socket.
- Fix netstat(1) to report "Use" both in kvm(3) and sysctl(3) mode.
The change is mostly targeted for stable/10 merge. For head,
rt_pksent is expected to just disappear.
Discussed with: melifaro
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
In certain situations when creating an authorized_key file on a Linux machine
restorecon(1) may need to be called. Therefore, attempt to run it if it exists.
MFC After: 1 week
Idea from: https://bugzilla.redhat.com/show_bug.cgi?id=739989
To help avoid confusion: when attempting to send a key file check to see if a
file of the same name exists with a '.pub' suffix and send that instead. This
mimics the behavior of other ssh-copy-id scripts.
Add -v passthrough.
Reported by: dweimer <dweimer@dweimer.net>
Reported by: feld
MFC After: 1 week
Highlights include (upstream revs in parens):
- Improvements to the remote GDB protocol client
(r196610, r197579, r197857, r200072, and others)
- Bug fixes for big-endian targets
(r196808)
- Initial support for libdispatch (GCD) queues in the debuggee
(r197190)
- Add "step-avoid-libraries" setting
(r199943)
- IO subsystem improvements (including initial work on a curses gui)
(r200263)
- Support hardware watchpoints on FreeBSD
(r201706)
- Improved unwinding through hand-written assembly functions
(r201839)
- Handle DW_TAG_unspecified_parameters for variadic functions
(r202061)
- Fix Ctrl+C interrupting a running inferior process
(r202086, r202154)
- Various bug fixes for memory leaks, LLDB segfaults, the C++ demangler,
ELF core files, DWARF debug info, and others.
Sponsored by: DARPA, AFRL
is no iSER support in ctld and/or kernel; should the user make that mistake,
the output from "iscsictl -L" is enough to determine what the problem is.
Sponsored by: The FreeBSD Foundation
items), so it is more obvious that we aren't going to indirect through
a NULL pointer.
PR: 144723
Submitted by: Garrett Cooper <yaneurabeya at gmail.com>
Obtained from: NetBSD r1.19
MFC after: 2 weeks
Highlights:
* Security fix for apache server plugin that we don't build or use
* sqlite performance improvements.
* bug fixes for edge cases and some other less common operations.
This commit largely restores the lldb source to the upstream r196259
snapshot with the addition of threaded inferior support and a few bug
fixes.
Specific upstream lldb revisions restored include:
SVN git
181387 779e6ac
181703 7bef4e2
182099 b31044e
182650 f2dcf35
182683 0d91b80
183862 15c1774
183929 99447a6
184177 0b2934b
184948 4dc3761
184954 007e7bc
186990 eebd175
Sponsored by: DARPA, AFRL
When the user supplies an invalid number of days provide a useful error message
instead of segfaulting.
PR: bin/186697
Reported by: kaltheat <kaltheat@gmail.com>
Submitted by: oliver <oliver@beefrankly.org> (older version)
all of the features in the current working draft of the upcoming C++
standard, provisionally named C++1y.
The code generator's performance is greatly increased, and the loop
auto-vectorizer is now enabled at -Os and -O2 in addition to -O3. The
PowerPC backend has made several major improvements to code generation
quality and compile time, and the X86, SPARC, ARM32, Aarch64 and SystemZ
backends have all seen major feature work.
Release notes for llvm and clang can be found here:
<http://llvm.org/releases/3.4/docs/ReleaseNotes.html>
<http://llvm.org/releases/3.4/tools/clang/docs/ReleaseNotes.html>
MFC after: 1 month
- Note that kernel options are required
- Shift parameters around in SYNOPSIS to make it more clear that there are
different modes
- For all literal symbols such as 'process' or 'loginclass' or 'wallclock',
etc, make them into bold symbols with .Sy
- For each subject:subject-id:etc: use .Em to underline to make it more clear
they relate to the rule syntax
- Document how devd(8) support works
- Move RSS warning to BUGS and replace RSS with 'memoryuse' since 'RSS' is not
defined in the manpage
- Add more examples around listing existing rules
- Make rule syntax into a list to improve readability
- Add a list of subjects and their corresponding subject-id same as
RESOURCES/ACTIONS have lists
- Note that rctl(8) takes affect on all current and future processes
- Note that amount can take human numbers
- Add reference to login.conf(5) in few places login class is mentioned
Reviewed by: trasz
Approved by: bapt (mentor)
MFC after: 1 week
patch supplied by Allan Jude <freebsd@allanjude.com>. Add xref to
pam_passwdqc(8), where that testing is now done.
PR: docs/184482
Submitted by: Ryan Gerstenkorn <ryan_gerstenkorn@fastmail.fm>
Reviewed by: jilles, eadler
MFC after: 3 days
insert flow entry. During the route lookup the critical section is
exited. It may happen, that after route lookup we will be executed
on an other CPU that already has such flowentry. Before this change
we simply freed the flowentry and returned to ip_output() with
failure.
Actually there is nothing wrong with using previously allocated
flow entry, updating it properly. Thus, make flowentry_insert()
return the new either old fle, and make use of it.
Count reuses as "collisions" and real inserts as "inserts".
Reviewed by: adrian
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
Some of the collisions that are occuring are due to flowtable lookups
that succeed but have an invalid lle - typically because the L2 adjacency
lookup hasn't completed. This would lead to a follow-up insert which
would then fail (ie, collision) and the code would fall through to doing
a slow-path L2/L3 lookup in the netinet/netinet6 code.
This patch simply aborts storing a new flowtable entry if the lle isn't
yet valid.
Whilst I'm here, add a new pcpu counter for the item so the number of
failures can be tracked separately from generic "collisions."
Reviewed by: glebius
MFC after: 10 days
Sponsored by: Netflix, Inc.
- ip_output() and ip_output6() simply call flowtable_lookup(),
passing mbuf and address family. That's the only code under
#ifdef FLOWTABLE in the protocols code now.
o Revamp statistics gathering and export.
- Remove hand made pcpu stats, and utilize counter(9).
- Snapshot of statistics is available via 'netstat -rs'.
- All sysctls are moved into net.flowtable namespace, since
spreading them over net.inet isn't correct.
o Properly separate at compile time INET and INET6 parts.
o General cleanup.
- Remove chain of multiple flowtables. We simply have one for
IPv4 and one for IPv6.
- Flowtables are allocated in flowtable.c, symbols are static.
- With proper argument to SYSINIT() we no longer need flowtable_ready.
- Hash salt doesn't need to be per-VNET.
- Removed rudimentary debugging, which use quite useless in dtrace era.
The runtime behavior of flowtable shouldn't be changed by this commit.
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
report the actual number of RPCs issued, not the theoretical number
that would be issued if all caching was disabled.
Reviewed by: rmacklem
MFC after: 2 weeks
commit c1acf022c533c5ae27e0cd556977eafe3f5959eb
Author: Brooks Davis <brooks@one-eyed-alien.net>
Date: Fri Jan 17 21:46:44 2014 +0000
Add an option WITHOUT_NCURSESW to suppress building and linking to
libncursesw. While wide character support it useful we'd like to
only need one ncurses library on embedded systems.
MFC after: 4 weeks
Sponsored by: DARPA, AFRL
propagate the buffer size to libc, which uses a 1 kB buffer by default,
negating any hypothetical benefit of increasing fetch(1)'s buffer size.
MFC after: 3 days
This avoids leaving stale entries in utmpx after the connection is closed on
an open login session. It also allows a clean way (SIGTERM) to forcibly
terminate a user's terminal session.
This does not affect the situation for "hung" processes after the connection
is closed. The foreground process group receives SIGHUP and the tty becomes
inaccessible.
Also replace all use of the obsolete signal() function with sigaction() (not
only the part where it is actually required: SIGHUP and SIGTERM must mask
the other as well when caught).
PR: misc/183495
Reviewed by: ed
