kevans [Sat, 11 Aug 2018 01:02:27 +0000 (01:02 +0000)]
libbe(3)/bectl(8): Kill off the 'add' functionality for now
The mostly-undocumented 'add' functionality, from initial read-through, is
intended for construction of deep ("bdrewery style") boot environments.
However, it's mostly broken at this point. `#if SOON` it out on both sides
so that we're not exposing a broken API/feature.
kevans [Fri, 10 Aug 2018 21:23:56 +0000 (21:23 +0000)]
libbe(3): More error handling bits
be_add_child functionality gets split out into separate places as a bonus.
A lot of places here we'll gloss over libzfs errors, because they shouldn't
be happening given the conditions that we're operating under. "Unknown
error" is what I'm intending to use for the moment to indicate an
exceptional circumstance- exceptional enough that we can't tell the consumer
did because we're not so certain that they did anything.
kevans [Tue, 7 Aug 2018 13:46:06 +0000 (13:46 +0000)]
libbe(3)/bectl(8): Standardize copyright headers
- File names don't necessarily need to be repeated
- Add SPDX tags
- Add a missing copyright for Kyle Kneitinger in bectl.8, originally written
by him in GSoC 2017; his standard copyright notice has been copied from
other files within the same directory to remain consistent with how he
clearly wished to portray it
kevans [Tue, 7 Aug 2018 03:07:54 +0000 (03:07 +0000)]
libbe(3): Check that dataset is to be mounted at / for be_exists
This makes the be_exists behavior match the comments that assert that we've
already checked that the dataset derived from the BE name is set to mount at
/.
Other changes of note:
- bectl_list sees another change; changing mountpoint based on mount status
turns out to be a bad idea, so instead make the mounted property of the
returned nvlist the path that it's mounted at
- Always return the "mountpoint" property in "mountpoint" if it's ste
kevans [Tue, 7 Aug 2018 03:01:04 +0000 (03:01 +0000)]
bectl(8): Only show mountpoint if the dataset is actually mounted
This is to accomodate a later change in libbe(3) that will always return the
mountpoint, whether it be the directory the dataset is actively mounted at
or the "mountpoint" property.
kevans [Tue, 7 Aug 2018 01:56:37 +0000 (01:56 +0000)]
libbe(3): Rewrite activate temp bits to rely less on loader
Loader is still relied upon at the beginning of libbe to specify the be
root, but we can derive from that the primary zpool and any vdevs that we
need to set nextboot bits on.
This lets me successfully `bectl activate -t test`, but UEFI loader doesn't
quite yet understand so it's effectively defunct.
kevans [Mon, 6 Aug 2018 03:32:25 +0000 (03:32 +0000)]
bectl(8): bectl jail improvements
- Support passing arbitrary jail arguments via -o
- Split the related (and rewritten since the GSoC) jail bits out into a new
bectl_jail.c file, to reduce clutter in bectl.c
- Don't use RFC 1918 IP space [0]; we'll instead set no default IPv4 and let
the user pass in any address options they wish via -o
kevans [Sun, 5 Aug 2018 19:38:56 +0000 (19:38 +0000)]
bectl(8): Implement `bectl list -s`
be_get_dataset_snapshots has been added to libbe(3), effectively returning
the same information as be_get_bootenv_props but for snapshots of the given
dataset. The assumption is that one will have the BE dataset name before
wanting to grab snapshots.
kevans [Sun, 5 Aug 2018 04:16:00 +0000 (04:16 +0000)]
bectl(8): Take -H parameter to list into account
-H is for a scripted format, where all fields are tab-delimited and the
headers go away. We accomplish this by splitting out pad printing to a
separate function that'll take into account whether we're supposed to be
scripted or not.
This has the nice side effect of maintaining positive column sizes again.
kevans [Sat, 4 Aug 2018 06:29:46 +0000 (06:29 +0000)]
bectl(8): Sort BEs lightly by active (now or later) BE, then others
While it could be preferred to do this at insert in libbe(3), there's no
convenient way to insert at the head of an nvlist. Instead, we'll make two
passes over- once to print anything active either now or at nextboot, and
another to print everything else.
This doesn't actually impact performance in a significant way here, so we'll
worry about further optimizations if the need actually arises.
kevans [Sat, 4 Aug 2018 06:14:54 +0000 (06:14 +0000)]
bectl(8): Add some relevant `bectl list -a` information
bectl list -a should show the boot environment, its relevant dataset, and
the snapshot it was created from. The header also changes to indicate the
rough order in which these things will show.
While here, start doing a little bit of spring cleaning and splitting
different bits out.
The jail is created with allow.mount, allow.mount.devfs, and
enforce_statfs=1. Upon creation, we immediately attach, chdir to "/", and
drop the user into a shell inside the jail.
The default IP for this is arbitrarily 10.20.30.40.
The given parameter may either be a jid, jail name, or a BE name. In all
cases, the parameter will be resolved to a jid and bectl(8) will
sanity-check that there's actually a BE mounted at the requested jail root
before invoking jail_remove(2).
libbe(3): Add be_mounted_at to check a mount point
At a bare minimum, this function will return 0 if a BE is mounted at the
given path or non-zero otherwise. If the optional 'details' nvlist is
supplied, it is filled with an nvpair containing just the information about
the BE mounted at the path. This nvpair is structured just as it is for
be_get_bootenv_props, except limited to just the single mount point.
bectl(8): Start dumping out BE information with `bectl list`
For the moment, this is a primitive nvlist dump of what we get back from
be_get_bootenv_props as a proof-of-concept and to make sure that we're
getting back the kind of information we want to see from list.
libbe(3): Find rootfs instead by enumerating child datasets of BE root
This makes us more resilient to a rename of the bootfs, but still wouldn't
withstand pool renames or guid renames. More importantly, this allows `bectl
create <foo>` work out of the box to create a boot environment based on the
currently booted one.
libbe(3): Disambiguate 'active' a little bit, add 'bootfs'
- Rename 'active' to 'rootfs', which is used in other places to describe the
currently booted (or about to be booted) BE.
- Add 'bootfs', which indicates the next boot environment to be booted. This
is pulled from the BOOTFS zpool property.
- Go ahead and keep an open handle to the active zpool. We might need to
enumerate datasets, get properties, and set properties (e.g. bootfs)
throughout other libbe bits, and a single handle isn't overly expensive.
src.libnames.mk: Make libbe entry consistent with others
Perhaps using libbe.a from "${DESTDIR}${LIBDIR}" might have been the
prevailing technique at one point, but nowadays it appears to be to
preferred to spell this as "${OBJTOP}/lib" -- make it so.
In C remquol() and thus also in C remainderl(), don't clobber the sign bit
of NaNs before possible returning a NaN.
The remquo*() and remainder*() functions should now give bitwise identical
results across arches and implementations, and bitwise consistent results
(with lower precisions having truncated mantissas) across precisions. x86
already had consistency across amd64 and i386 and precisions by using the
i387 consistently and normally not using the C versions. Inconsistencies
for C reqmquol() were first detected on sparc64.
Remove double second clearing of the sign bit and extra blank lines.
Fix the conversion to use nan_mix() in r336362. fmod*(x, y),
remainder*(x, y) and remquo*(x, y, quo) were broken for y = 0 by changing
multiplication by y to addition of y. (When y is 0, the result should be
NaN but became 1 for finite x.)
Use a new macro nan_mix_op() to give more control over the mixing, and
expand comments.
Recent re-testing missed finding this bug since I only tested the macro
version on amd64 and i386 and these arches don't use the C versions (they
use either asm versions or builtins).
Deprecate jedec_ts(4) and point users to jedec_dimm(4) instead
jedec_dimm(4) is a superset of the functionality of jedec_ts(4). Mark
jedec_ts(4) as removed in FreeBSD 12, and include a pointer to the migration
instructions in the jedec_dimm(4) manpage, in both the jedec_ts(4) code and
the jedec_ts(4) manpage. Add a note to the jedec_dimm(4) manpage about the
fact that it is a superset of jedec_ts(4).
This change will be MFCed to stable/11 and stable/10; the followup change
to actually remove jedec_ts(4) from -HEAD will not.
Finalize the boot manager protocol support for next-stage boot
loading.
If we are booting in a conforming UEFI Boot Manager Environment, then
use the BootCurrent variable to find the BootXXXX we're using. Once we
find that, then if it contains more than one EFI_DEVICE_PATH in its
what to boot section, try to use the last one as the kernel to
load. This will also set the default root partition as well. If
there's only one path, or if there's an error along the way, assume
that nothing specific was specified and revert to the old
algorithm. If something was specified, but not found, then fail the
boot. Otherwise you that, specific thing. On FreeBSD, this can be set
using efibootmgr -l <loader> -k <kernel>. We try a few variations of
kernel to cope with the fact that UEFI comes from a DOS world where
paths might be upper case and/or contain back-slashes.
Note: In an ideal world, we'd work out where we are in chain loading
by looking at the passed-in image handle and doing name
matching. However, that's unreliable since at least boot1.efi booted
images don't have that, hence the assumption that loader.efi needs to
load the last thing on the list, if possible.
The reason we fail for something specific is so that we can fully
participate in the UEFI Boot Manager Protocol and fail over to the
next item in the list of BootOrder choices when something goes wrong
at this stage.
This implements was was talked about in freebsd-arch@ last year
https://docs.freebsd.org/cgi/getmsg.cgi?fetch=3576+0+archive/2017/freebsd-arch/20171022.freebsd-arch
and documented in full (after changed resulting from the discussion) in
https://docs.google.com/document/d/1aK9IqF-60JPEbUeSAUAkYjF2W_8EnmczFs6RqCT90Jg/edit#
although one or two minor details may have been modified in this
implementation to make it work, and the ZFS MEDIA PATH extension isn't
implemented. This does not yet move things to ESP:\efi\freebsd\loader.efi.
Lookup a block device by it's device path. We use a 'loose' lookup
whereby we scan forward to the first Media Path portion of the device
path, then look at all our handles for one whose first Media Path
matches. This will also work if the device path pointed to has a
following file path (or paths) as that's ignored. It assumes that
there's only one media path node that describes the entire device,
which is true as of the latest UEFI spec (2.7 Errata A) as far as I've
been able to determine.
Returns true if the first node pointed to by devpath1 is identical to
the first node pointed to by devpath2, with care taken to not read
past the end of the valid parts of either devpath1 or
devpath2. Otherwise, returns false.
Store the number of handles we get back in efipart_nhandles rather
than the number of bytes. Don't divide by the element size every time
we have to iterate. Eliminate now-unused variables.
Takes a generic device path as its input. Scans through it to find the
first media_path node in it and returns a pointer to it. If none is
found, NULL is returned.
Compilers may define multiple variants of architecture-specific macros
(for example, both __x86_64 and __x86_64__). Add a note that the macros
documented in arch.7 are the preferred ones for FreeBSD.
Temporarily decompress a copy of a crash dump compressed with either
gzip or zstd and run various tools against the decompressed copy while
generating the crash information. The uncompressed copy is deleted when
the script exits.
Note that crashinfo is enabled by default, so this will attempt to
decompress the most recent compressed crash dump after a crash that
generates a compressed crash dump. Users who wish to only do offline
analysis of compressed crash dumps can disable crashinfo in rc.conf.
change interrupt event's list of handlers from TAILQ to CK_SLIST
The primary reason for this commit is to separate mechanical and nearly
mechanical code changes from an upcoming fix for unsafe teardown of
shared interrupt handlers that have only filters (see D15905).
The technical rationale is that SLIST is sufficient. The only operation
that gets worse performance -- O(n) instead of O(1) is a removal of a
handler, but it is not a critical operation and the list is expected to
be rather short.
Additionally, it is easier to reason about SLIST when considering the
concurrent lock-free access to the list from the interrupt context and
the interrupt thread.
CK_SLIST is used because the upcoming change depends on the memory order
provided by CK_SLIST insert and the fact that CL_SLIST remove does not
trash the linkage in a removed element.
While here, I also fixed a couple of whitespace issues, made code under
ifdef notyet compilable, added a lock assertion to ithread_update() and
made intr_event_execute_handlers() static as it had no external callers.
Fix the attempt to see if we're overriding the console in the command
line args. I had thought console would be NULL, but it's efi. Set it
to efi (as a clue) before we initialize the console, then test it to
see if it changed on the command line to do the automatic
override. This gets my serial console back.
Older zfs boot blocks don't support symlinks. install the link to
zfsloader as a hard link. While newer ones do, the whole point of the
link was to transition to the new world order smoothly. A hard link is
less flexible, but it works and will result in fewer bumps. Adjust
UPDATING entry to match.
ian [Sun, 22 Jul 2018 23:41:40 +0000 (23:41 +0000)]
Make pw(8) showuser work the same with or without -R <path> for non-root
users. Without -R, pw(8) uses getpwnam(3), which will open master.passwd
for the root user or passwd for non-root users. With -R <path> pw(8) was
always opening <path>/master.passwd, which would fail for a non-root user,
then falsely claim the userid you're trying to show doesn't exist.
Now for a non-root user it opens <path>/passwd and zeroes out the 3 fields
that aren't available in the passwd file, which duplicates the behavior of
getpwnam(3). The net effect is that the showuser output is identical
whether using -R or not.
The change made in r336593 assumes that the build is happening in a
svn checkout resulting in misleading debug output. Check that we're
actually working in an svn checkout before proceeding to call svn.
ian [Sun, 22 Jul 2018 22:34:20 +0000 (22:34 +0000)]
Set the pw_class field to NULL when scanning the non-master passwd file.
This avoids a null pointer deref in pw_dup(), which assumes that all
pointers are either NULL or valid.