Sandbox tcpdump(8) using Capsicum's capability mode and capabilities.
For now, sandboxing is done only if -n option was specified and neither -z nor
-V options were given. Because it is very common to run tcpdump(8) with the -n
option for speed, I decided to commit sandboxing now. To also support
sandboxing when -n option wasn't specified, we need Casper daemon and its
services that are not available in FreeBSD yet.
- Limit file descriptors of a file specified by -r option or files specified
via -V option to CAP_READ only.
- If neither -r nor -V options were specified, we operate on /dev/bpf.
Limit its descriptor to CAP_READ and CAP_IOCTL plus limit allowed ioctls to
BIOCGSTATS only.
- Limit file descriptor of a file specified by -w option to CAP_SEEK and
CAP_WRITE.
- If either -C or -G options were specified, we open directory containing
destination file and we limit directory descriptor to CAP_CREATE, CAP_FCNTL,
CAP_FTRUNCATE, CAP_LOOKUP, CAP_SEEK and CAP_WRITE. Newly opened/created
files are limited to CAP_SEEK and CAP_WRITE only.
- Enter capability mode if -n option was specified and neither -z nor -V
options were specified.
Approved by: delphij, wxs
Sponsored by: The FreeBSD Foundation
Warner Losh [Sun, 7 Jul 2013 16:12:22 +0000 (16:12 +0000)]
Remove all the NOPs after SYNC. They aren't needed.
They originated in the original Octeon port. They weren't present, as
far as I can tell, on the projects/mips branch until after this
point. They were in the original Octeon port in code picked up from
the vendor, who I've been able to find out trolling old email put them
there to get around an SMP problem that most likely was fixed in other
ways.
NetBSD and Linux don't have these, except for some specific uses of
SYNC on the alchemy parts (which we don't support, but even if we did
it is only a specific case and would be specifically coded
anyway). This is true of the current Linux code, as well as one old
version I polled.
I looked back at the old R12000, R8000, R6000, R4000, R4400 errata
that I have, and could find no mention of SYNC needing NOPs for
silicon bugs (although plenty of other cases where NOPs and other
contortions were needed).
An Google search turned up no old mailing list discussions on this on
Linux, NetBSD or FreeBSD (except the disussion that kicked off these
studies).
I've test booted this on my Octeon Plus eval board and survived a
buildworld. Adrian Chadd reports that this patch has no ill effects on
the Ahteros platforms he tested it on.
I conclude it is safe to just remove the NOPs. But added
__MIPS_PLATFORM_SYNC_NOPS as a failsafe in case we find some platform
where these are, in fact, required.
- Move videodev headers from compat/linux to contrib/v4l (cp from vendor and
apply diff to compat/linux versions).
- The cp implies an update of videodev2.h to the linux kernel 2.6.34.14 one.
The update makes video in skype v4 work on FreeBSD.
Tested by: Artyom Mirgorodskiy <artyom.mirgorodsky@gmail.com>
(update of header only)
Initial implementation of the HTree directory index.
This is a port of NetBSD's GSoC 2012 Ext3 HTree directory indexing
by Vyacheslav Matyushin. It was cleaned up and enhanced for FreeBSD
by Zheng Liu (lz@).
This is an excellent example of work shared among different projects:
Vyacheslav was able to look at an early prototype from Zheng Liu who
was also able to check the code from Haiku (with permission).
As in linux, the feature is not available by default and must be
enabled explicitly with tune2fs. We still do not support the
workarounds required in readdir for NFS.
Submitted by: Zheng Liu
Tested by: Mike Ma
Sponsored by: Google Inc.
MFC after: 1 week
Rui Paulo [Sat, 6 Jul 2013 04:18:34 +0000 (04:18 +0000)]
Don't clear the SYSCONFIG register on boot.
This follows section 18.4.2.2 SD Soft Reset Flow in the TI AM335x Technical
Reference Manual and seems to fix the "ti_mmchs0: Error: current cmd NULL,
already done?" messages.
Take the training-wheels off, after nearly 30 months of development. MFC to
stable/9 planned after MFC 3-day period. The MFC to stable/9 is desired for
the next release to get some much-needed time:
+ Living side-by-side with sysinstall for compare/contrast/transition
+ Living side-by-side with bsdinstall for integration/transition
+ Additional feedback/testing before eventual 10.0-R to make it even better
Make the comments a little more clear about PRIV_KMEM_*, explicitly
referring to /dev/[k]mem and noting it's about opening the files rather
than actually reading and writing.
Don't prevent the user from hanging their system by changing network
settings while NFS mounts are active; but DO warn them and make the
default action to do nothing. (thanks julian)
Xin LI [Fri, 5 Jul 2013 23:13:54 +0000 (23:13 +0000)]
Update hpt27xx(4) driver to address a problem reported by FreeNAS
user, where when more than one hpt27xx adapters are being used,
the "unit number" stays at 0.
Many thanks to HighPoint for providing this driver update.
Xin LI [Fri, 5 Jul 2013 23:10:02 +0000 (23:10 +0000)]
Add PCI IDs for HighPoint RocketRAID 4521, 3620, 3622 and 3640
controllers. Update the hptiop(4) manual page to reflect this
as well as mentioning that some cards are already end-of-life.
Many thanks to Highpoint for providing this driver update.
- Add SRC_FORCE_CHECKOUT configuration option to force svn to checkout
the src/ tree into a directory that contains files/directories, such
as a case where a custom kernel configuration file is specified.
- Allow specification of multiple KERNCONFs to pass to 'make release'.
- Move evaluation of NODOCS/NOPORTS earlier, and set based on how the
release process expects these options to be evaluated.
- Wrap KERNCONF specification in double quotes, and use 'eval' so multiple
kernel configurations do not cause the build to fail in strange ways.
- Set WITHOUT_X11 for the port build flags for the documentation toolchain
build. Also run 'clean distclean' targets during port build.
Add the necessary code to reinstall packages. Both scripted access
(packageReinstall) and UI access have been tested successfully with a
variation of different situations including:
+ Reinstall a package for which no other packages depend
+ Purposefully do thinks like reinstall a package that is not installed
+ Try to reinstall a package which other installed packages still depend
NOTE: There is no "force" used; if a package is required by other packages,
it will not be uninstalled (and therefore no reinstall is done).
Add new privileges, PRIV_KMEM_READ and PRIV_KMEM_WRITE, used in opening
/dev/kmem and /dev/mem (in addition to traditional file permission checks).
PRIV_KMEM_READ is different from other PRIV_* checks in that it's allowed
by default.
Martin Matuska [Fri, 5 Jul 2013 21:29:59 +0000 (21:29 +0000)]
MFV r252839:
Quoting illumos issue #3836:
Currently zio_free() always puts the zio on a list for subsequent
processing by zio_free_sync(). This is only necessary for frees that
might need to issue reads (gang and dedup blocks).
By processing the majority of the frees as we encounter them, we reduce
the amount of time that the spa_sync() thread spends burning CPU and
not doing any i/o, thus increasing the overall write throughput of the
system.
Illumos ZFS issues:
3836 zio_free() can be processed immediately in the common case
mktemp(3): Add standards section. Prefer standard header.
mktemp(), mkstemp() and mkdtemp() are available in standard <stdlib.h> and
also in <unistd.h>. Encourage use of the former by listing it in the
synopsis.
Andrew Turner [Fri, 5 Jul 2013 20:21:59 +0000 (20:21 +0000)]
Fix the build with gcc.
Gcc outputs pre-UAL asm and expects the ldcl instruction with a condition
in the form ldc<c>l, where the code produces the instruction in the UAL
form ldcl<c>. Work around this by checking if we are using clang or gcc and
adjusting the instruction.
While here correct the cmp instruction's value to include the # before the
immediate value.
Add support for processing add-on modules from /usr/local/libexec/bsdconfig
(this is designed to allow new modules to be installed via ports/packages).
To prevent conflict with itself (sysutils/bsdconfig) as a port (which
installs its base modules to the above directory, it was long-ago decided
that so-called `base' modules would look different than now-defined `add-on'
modules. The structure of the contents for each is the same, but the naming
convention for the module directory must be different.
Base modules are named `[0-9][0-9][0-9].*' to allow SysV-style organization
while add-on modules must avoid this naming style and are simply listed in
alphabetical order by their module directory.
For example, a hypothetical port named `bsdconfig-jails' could install
/usr/local/libexec/bsdconfig/jails and provide `bsdconfig jails' as well as
a new menu entry in the main-menu.
Add-on modules are listed in the main-menu (when bsdconfig is executed with-
out arguments) below a separator after the last base-module.
In `bsdconfig -h' output, add-on modules are listed right alongside base
modules (sorted alphabetically in columnar fashion; left-to-right).
If a base module declares a keyword used by an add-on module, the base
module will always win when given `bsdconfig keyword' syntax.
Add-on modules should avoid declaring any keyword found in `script.subr' as
a reserved-word (`Resword') since bsdconfig also supports `bsdconfig resword'
as a fall-back if no keyword is found to be declared by any module.
Document remaining undocumented modules (and remove my silly place-holder
thing at the top, which I was using as a way to make sure I didn't forget
to document any modules).
Since r251908, bsdconfig(8) has no direct ties to sade(8) (instead uses
`bsdinstall partedit'). Update references (s/sade/bsdinstall/) and change
the BUGS section to be based on reality.
Do not inherit $SYSRC_VERBOSE from operating environment. The concern is
that when a user (such as myself) which has SYSRC_VERBOSE=1 in his/her
~/.bash_profile or such that when they are told to execute a command like:
hostname `sysrc -n hostname`
NOTE: To activate a recently configured hostname.
If $SYSRC_VERBOSE is set, then POLA is violated because the output of sysrc
is indirectly influenced (making for an inconsistent experience).
Do not inherit $SYSRC_VERBOSE from operating environment. The concern is
that when a user (such as myself) which has SYSRC_VERBOSE=1 in his/her
~/.bash_profile or such that when they are told to execute a command like:
hostname `sysrc -n hostname`
NOTE: To activate a recently configured hostname.
If $SYSRC_VERBOSE is set, then POLA is violated because the output of sysrc
is indirectly influenced (making for an inconsistent experience).
The former lends itself well to displaying the $msg_* i18n text, prompts,
etc. While the latter is better for text you do not control (error strings
captured as a response from external commands) -- or if you have to control
the hline.
Michael Tuexen [Fri, 5 Jul 2013 10:08:49 +0000 (10:08 +0000)]
Fix a bug were only 2048 streams where usable even though more than
2048 streams were negotiated on the wire. While there, remove the
hard coded limit of 2048 streams.
Add the necessary code to uninstall packages (re-install still pending).
Both scripted access (packageDelete) and UI access have been tested
successfully with a variation of different situations including:
+ Uninstall a package which no other installed package depends
+ Uninstall multiple packages which no other installed packages depend
+ Uninstall multiple packages which depend on each other
+ Similar to above but when ordered removal requires tracing dependencies
+ Purposefully do things like uninstall a package that is not installed
+ Try to uninstall a package which other installed packages still depend
+ Try to uninstall multiple packages which other installed packages depend
+ And many more.
Prevent f_package_add() from re-performing f_package_detect_installed()
even though f_package_config() may have already detected the installed
packages.
Don't deselect a package right after installing it (this went unnoticed
because [currently] we exit after performing requests actions -- if we
ever change this to returning to the package selection screen, this would
have made an impact).
Add the beginnings of the old networking services functionality of
sysinstall(8). The UI for this will come later while this exposes the
functionality to the scripted interface. Tested successfully to first
install the pcnfsd package from the `Latest' repository, and second to
configure mountd_flags="-n" in rc.conf(5).
Add the necessary code to install packages (uninstall and re-install still
pending). Both scripted access (packageAdd) and UI access have been tested
successfully with a variation of different situations including:
+ Install a package with no dependencies
+ Install a package with dependencies that are already installed
+ Install a package with dependencies where some are already installed
+ Repeat each of the above from FTP and local Directory
+ Purposefully do things like try to install a package that does not exist
+ Try to install a package for which a dependency could not be loaded
+ Try to install a package that is in the INDEX bot not on the media
+ And many more.
Add mustberoot.subr to the list of includes for scripts, exposing the helper
function f_mustberoot_init() to make it easy to write scripts that can more
easily transition to the super-user via sudo(8).
Remove separate processing of dependent packages from the "Review" screen
since f_package_add (packageAdd resword) processes dependencies itself.
NOTE: This is in preparation for incoming package management code.
- Make note of interface MTU change if the rx queues exist, and not just
when the interface is up.
- Add a tunable to control the TOE's rx coalesce feature (enabled by
default as it always has been). Consider the interface MTU or the
coalesce size when deciding which cluster zone to use to fill the
offload rx queue's free list. The tunable is:
dev.{t4nex,t5nex}.<N>.toe.rx_coalesce
Adrian Chadd [Thu, 4 Jul 2013 21:16:49 +0000 (21:16 +0000)]
Implement basic 802.11n awareness in the PHY and AMRR rate control code.
* Add 802.11n 2ghz and 5ghz tables, including legacy rates and up to
MCS23 rates (3x3.)
* Populate the rate code -> rate index lookup table with MCS _and_
normal rates, but _not_ the basic rate flag. Since the basic rate flag
is the same as the MCS flag, we can only use one.
* Introduce some accessor inlines that do PLCP and rate table lookup/access
and enforce that it doesn't set the basic rate bit. They're not
designed for MCS rates, so it will panic.
* Start converting drivers that use the rate table stuff to use the
accessor inlines and strip the basic flag.
* Teach AMRR about basic 11n - it's still as crap for MCS as it is
being used by iwn, so it's not a step _backwardS_.
* Convert iwn over to accept 11n MCS rates rather than 'translate' legacy
to MCS rates. It doesn't use a lookup table any longer; instead it's a
function which takes the current node (for HT parameters) and the
rate code, and returns the hardware PLCP code to use.
Tested:
* ath - it's a no-op, and it works that way
* iwn - both 11n and non-11n