An earlier addition of code to fsck_ffs(8) allowed it to support
snapshots when running with journalled soft updates. Further
functionality has now been added to fsck_ffs(8) to allow it to use
snapshots to run in background on live filesystems running with
journaled soft updates. This commit enables the use of this functionality.
Tested-by: Peter Holm
Sponsored-by: The FreeBSD Foundation
MFC-after: 2 weeks
A new command, quitclean, is added to fsdb(8) to request that the
filesystem not be marked as needing a full fsck(8). This is useful
when creating deliberately bad filesystem images to be used to check
that fsck is properly able to clean them up.
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
Until this update, the fsdb(8) command always marked a filesystem
as needing a full fsck unless it was run with the -n flag which
allowed no changes to be made.
This change tracks modifications to the filesystem. Two types of
changes are tracked. The first type of changes are those that are
not critical to the integrity of the filesystem such as changes to
owner, group, time stamps, access mode, and generation number. The
second type of changes are those that do affect the integrity of
the filesystem including zeroing inodes, changing block pointers,
directory entries, link counts, file lengths, file types, and file
flags.
When quitting having made no changes or only changes to data that
is not critical to filesystem integrity, the clean state of the
filesystem is left unchanged. But if filesystem critical data are
changed then fsdb will set the unclean flag which will require a
full fsck to be run before the filesystem can be mounted.
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
Basic state tracking for SCTP. This means we scan through the packet to
identify the different chunks (so we can identify state changes).
MFC after: 3 weeks
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D40862
The capabilities in if_capabilities2/if_capenable2 are reported in the
second 32b and were not being displayed correctly. v does not need to
be advanced because v[i / 32] is the correct 32b value already.
Sponsored by: Chelsio Communications
Reviewed by: kib@
Differential Revision: https://reviews.freebsd.org/D41107
beadm will recursively promote deep BE datasets. In order to match the
beadm behavior, we need to recursively iterate over child filesystems
and promote them along the way.
This patch further refines the work from D40903, completing the fix for
promotion.
Reviewed by: kevans, rew
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D40972
This matches the beadm behavior; generally, we need to keep promoting
until the BE is no longer a clone from a snapshot. This fixes scenarios
where the dataset associated with a BE's origin is itself a clone,
activating the BE previously would promote it to a clone of the origin's
origin.
We could keep using be_get_dataset_props here, except for two
annoyances:
1.) I couldn't find a clean way to just clear an nvlist rather than
having to re-alloc it, and I didn't want to just remove the one prop
we're inspecting out of it.
2.) That's a lot of overhead when all we want to do is fetch the origin
anyways.
Note that this is not a complete fix, but it does fix the majority of
cases; deep BE subordinates are still notably broken, pending a patch
from Christian.
Reported by: R. Christian McDonald <rcm@rcm.sh>
Reviewed by: rew
Differential Revision: https://reviews.freebsd.org/D40903
Only i386 still uses a 32-bit time_t. I knew this, and I still failed
to compile-test on i386. My bad.
Reported by: cy
Fixes: c210cac00f ("dhclient: fix time parsing for leases...")
Sponsored by: Dell EMC Isilon
Convert lease parsing to timegm to calculate timestamp. For reference, when
writing the lease, we use gmtime to convert the timestamp to struct tm.
Reviewed By: markj, vangyzen
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D40760
This will allow the latter to be removed, reducing the boilerplate
needed for a new libcompat.
Reviewed by: kib, brooks, jhb
Differential Revision: https://reviews.freebsd.org/D40933
In most cases, usage does not return, so mark them as __dead2. For the
cases where they do return, they have not been marked __dead2.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/735
The function that uses nextnum expects to return a u_int32_t, not a mere
int, so let's make nextnum a u_int32_t instead.
Note: retained current u_int32_t style, since the rest of the file uses
it.
Reviewed by: imp, mckusick
Pull Request: https://github.com/freebsd/freebsd-src/pull/734
Because fnmatch has no side effects, we can safely avoid calling fnmatch
if the end result does not matter anyway (the compiler cannot see this,
so it calls fnmatch in the event it has side-effects).
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/747
I have several environments, and at least one of them fails to build
because bool is undefined. Since we use bool, always include stdbool.h
rather than relying on any indirect definitions to pull it in.
Sponsored by: Netflix
Remove a set but never used variable, and use the protocol variable for
its intended purpose.
Sponsored by: Netflix
Reviewed by: mav
Differential Revision: https://reviews.freebsd.org/D40528
camcontrol(8) says that -S to start at a different offset implies that
we're using the 12 byte command. But really, we're using the 10-byte
command. Fix this by setting use_12byte for -S.
Sponsored by: Netflix
Reviewed by: mav
Differential Revision: https://reviews.freebsd.org/D40526
We don't need to count the number of lists requested. Instead, use the
more general form of checking to see if any of the non-defect format
bits are set. Also, check summary boolean to control summary reporting
behavior.
Sponsored by: Netflix
Reviewed by: mav
Differential Revision: https://reviews.freebsd.org/D40524
We can or in the the list_format bits directly if we or in the
list_format when we look it up the first time. Free up CAM_ARG_[PG]LIST
from the CAM_ARG_xxx enum.
Sponsored by: Netflix
Reviewed by: mav (I made his suggested change)
Differential Revision: https://reviews.freebsd.org/D40523
We always start out using the 10-byte version of READ DEFECT DATA, and
then switch to 12-byte when necessary due to errors or data length
requirements. We always need to get the length again when we do this,
and we're always going to be using 12-byte commands from that point
forward. Simplify the logic a bit based on this observation.
Sponsored by: Netflix
Reviewed by: mav
Differential Revision: https://reviews.freebsd.org/D40522
Remove CAM_ARG_FORMAT_{BLOCK,BLI,PHYS} since they are not used. Label
all the unused CAM_ARG_ bits as unused in comments to make them stand
out.
Sponsored by: Netflix
Reviewed by: mav
Differential Revision: https://reviews.freebsd.org/D40520
Both ic_flags values are unsigned (uint32_t), so cast them to a signed
int to generate a signed result. Both ic_req values are also
unsigned, but since they are uint16_t, they are implicitly promited to
int before the subtraction.
Reported by: GCC -Wsign-compare
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D40610
The if_flags and if_cap fields hold a bitmask of flags. If a flag is
the MSB of the field, then the logic in setifflags and setifcap which
uses a < 0 check does the wrong thing (it tries to clear the flag
rather than setting it). Also, trying to use -<FOO> doesn't actually
work as the result is a nop. To fix, stop overloading setifcap and
setifflags and instead add new dedicated action functions clearifcap
and clearifflags for clearing a flag. The value passed in the
argument to the command is now always the raw flag.
This was reported by a GCC warning after raising WARNS:
sbin/ifconfig/ifconfig.c:2061:33: error: integer overflow in expression '-2147483648' of type 'int' results in '-2147483648' [-Werror=overflow]
2061 | DEF_CMD("-txtlsrtlmt", -IFCAP_TXTLS_RTLMT, setifcap),
| ^
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D40608
The "nconnect" NFS mount option will not work
correctly for servers where the TCP connections
might connect to different NFS clusters that do not
share NFSv4.1/4.2 state information, such as file locks.
This patch adds a sentence to the "nconnect" section
of mount_nfs.8 noting this case.
This is a content change.
Reviewed by: karels, pauamma_gundo.com (manpages)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D40547
rc.suspend has gained an rcorder keyword recently. Document it alongside
the existing resume keyword.
Reviewed By: mhorne, Pau Amma <pauamma@gundo.com>
Differential Revision: https://reviews.freebsd.org/D40484
This change exports interface capabilities using the standard
Netlink attribute type, bitset, and switches `ifconfig(8)` to use
it when displaying interface data.
Bitset comes in two representations. The first one is "compact",
where the bits are exported via two arrays - "mask" listing the
"valid" bits and "values, providing the values for those bits.
The second one is more verbose, listing each bit as a separate item,
with its name, id and value. The latter option is handy when submitting
update requests.
The support for setting capabilities will be added in the upcoming diffs.
Differential Revision: https://reviews.freebsd.org/D40331
It is hard to reason about the contents of 'ifr' at any given time
as nearly every function sets random fields or pointers in this
structure.
Use local on-stack clean 'struct ifreq' for each function instead.
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D40534
MFC after: 2 weeks
Remove "goto charg" from the action parser.
This is a prerequisite for the further split of the gigantic
compile_rule().
Differential Revision: https://reviews.freebsd.org/D40490
MFC after: 2 weeks
This variable was temporarily introduced in the beginning of the
code cleanup. Use on-stack instance in main() instead.
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D40439
MFC after: 2 weeks
Consistenly use newly-added 'ctx->ifname' as the name of the current
target interface.
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D40438
MFC after: 2 weeks
This is a pre-requisite for the global 'name' variable removal.
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D40432
MFC after: 2 weeks
This variable was used to print the created interface name in the
atexit(3) handler. The interface name was calculated in the
ifclonecreate() by matching old & new names.
This change alter the implementation the following way:
1) the function responsible for the interface creation (ifcreate_ioctl)
updates all necessary state internally. This removes the need for the
name manipulation hack in wlan_create().
2) As atexit(3) handler does not accept any parameters, explicitly store
the name to print in the ifname_to_print variable read by the atexit(3)
handler.
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D40431
MFC after: 2 weeks
This is the continuation of the ifconfig cleanup work. This change is
a pre-requsite for the next changes removing some of the global variables.
It will also help in implementing functionality via Netlink instead of ioctl.
No functional changes intended.
* vxlan_cb() was removed as it contained no code
* ioctl_ifcreate() was renamed to ifcreate_ioctl() to follow the other
netlink/ioctl function naming. Netlink and ioctl provide _different_
interfaces and it's not possible to have a unified interface object
that can be filled by either netlink or ioctl implementations. With that
in mind, I'm leaning more to the function_<nl|ioctl> postfix pattern,
than doing ioctl_ or netlink_ prefix.
Reviewed By: kp
Differential Revision: https://reviews.freebsd.org/D40426
MFC after: 2 weeks
Add -j <jail> flag to route(8) to allow route to perform actions in
a Jail.
Differential Revision: https://reviews.freebsd.org/D40377
MFC after: 2 weeks
OPENSSL_API_COMPAT can be used to specify the OpenSSL API version in
use for the purpose of hiding deprecated interfaces and enabling
the appropriate deprecation notices.
This change is a NFC while we're still using OpenSSL 1.1.1 but will
avoid deprecation warnings upon the switch to OpenSSL 3.0.
A future update may migrate to use the OpenSSL 3.0 APIs.
PR: 271615
Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
OPENSSL_API_COMPAT can be used to specify the OpenSSL API version in
use for the purpose of hiding deprecated interfaces and enabling
the appropriate deprecation notices.
This change is a NFC while we're still using OpenSSL 1.1.1 but will
avoid deprecation warnings upon the switch to OpenSSL 3.0.
A future update may migrate to use the OpenSSL 3.0 APIs.
PR: 271615
Pull request: https://github.com/freebsd/freebsd-src/pull/757
Sponsored by: The FreeBSD Foundation
ERR_load_crypto_strings() was deprecated in OpenSSL 1.1.0, and explicit
initialization is generally not reqiured. In the case of dumpon however
we initialize prior to entering capability mode, so replace with an
OPENSSL_init_crypto call.
Reviewed by: def, Pierre Pronchery
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40353
ERR_load_crypto_strings is deprecated in OpenSSL 1.1, and OpenSSL 1.1
generally does not require explicit initialization. However, we do need
to ensure that initialization is done before entering capability mode so
call OPENSSL_init_crypto instead. Also include header needed for
ERR_error_string.
Reviewed by: vangyzen
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40343
Make struct pfsync_state contents configurable by sending out new
versions of the structure in separate subheader actions. Both old and
new version of struct pfsync_state can be understood, so replication of
states from a system running an older kernel is possible. The version
being sent out is configured using ifconfig pfsync0 … version XXXX. The
version is an user-friendly string - 1301 stands for FreeBSD 13.1 (I
have checked synchronization against a host running 13.1), 1400 stands
for 14.0.
A host running an older kernel will just ignore the messages and count
them as "packets discarded for bad action".
Reviewed by: kp
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D39392
The previous change to CGSIZE had the unintended side-effect of allowing
newfs and makefs to create file systems that would fail validation when
examined by older commands and kernels, by allowing newfs/makefs to pack
slightly more blocks into a CG than those older binaries think is valid.
Fix this by having newfs/makefs artificially restrict the number of blocks
in a CG to the slightly smaller value that those older binaries will accept.
The validation code will continue to accept the slightly larger value
that the current newfs/makefs (before this change) could create.
Fixes: 0a6e34e950
Reviewed by: mckusick
MFC after: 3 days
Sponsored by: Netflix
When loading the root directory ensure that it is a directory
and has a size greater than the minimum directory size. If an
invalid root directory is found, fall back to full fsck.
Reported-by: Robert Morris
PR: 271414
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
When checking an inode ensure that it does not have a negative size.
Stop scaning a directory when an unallocated block is found.
Fully clear an inode when it is first allocated.
Ensure that an inode is marked dirty whenever it is updated and that
it has a correct check hash when it is released.
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
Check for valid block numbers while loading journal entries that
contain block numbers. If an invalid block number is found, fall
back to full fsck.
Reported-by: Robert Morris
PR: 271383
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
Check for valid file size before processing journal entries for it.
Done by extracting the file size check from pass1.c into chkfilesize()
then using it in the journal code in suj.c
Reported-by: Robert Morris
PR: 271378
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
The last valid inode in the filesystem is maxino - 1, not maxino.
Thus validity checks should ino < maxino, not ino <= maxino.
Reported-by: Robert Morris
PR: 271312
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
Always create a directory inode structure when a directory inode is
found in Pass 1 as it is not known whether it will be saved or removed
in later passes. If it is to be saved the directory inode structure
is needed to track its status and fsck_ffs(8) will segment fault if
it does not exist.
Reported-by: Robert Morris
PR: 271310
PR: 271354
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
This change modifies dumpon to print out the last error from OpenSSL
when `PEM_read_RSA_PUBKEY` fails. This allows end-users to diagnose why
reading in RSA pubkey files fails so they can adjust the usage to meet
the needs of the command.
MFC after: 1 week
Commit fe5e6e2 improved FFS directory placement when creating new
directories. It is done by keeping track of the depth of directories
in the filesystem and placing those lower in the tree closer together
while spreading out those higher in the tree.
Fsck_ffs(8) checks these depths and if incorrect adjusts them to
their correct value. When running in background fsck_ffs(8) needs
to be able to make an adjustment to the depth. This commit adds
the sysctl to make such an adjustment and adds the code to fsck_ffs(8)
to use the new sysctl.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Internally, inet and inet6 family handlers store state for
address addition and deletion separately, as, for example,
"ifconfig lo0 inet 127.0.0.2/32" triggers a) deletion of the
first interface address and b) addition of a new one.
The current logic behind handling "-alias" being the last argument
is to copy the address from "addition" state to the "deletion"
state. It is done by the generic ifconfig code, which explicitly
typecasts opaque handler state pointers to "struct ifreq", which
doesn't work in the Netlink case.
Fix this by introducing family-specific "af_copyaddr" handler,
which removes the peeking & typecasting logic from the generic code.
Reported by: otis
Tested by: otis
The default location for home directories is moving from /usr/home
to /home, including the default zfs datasets. Update accordingly.
Add zroot/usr/src as replacement example of nested datasets.
While here, mark zroot/var as "canmount off" as per current setup.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D40206
The default location for home directories is moving from /usr/home
to /home. Update the examples accordingly.
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D40205
The structure consists of all current context - arguments,
open sockets, current family and so on.
Pass this structure as a first argument to most of the af_ menthods.
This allows to propagate and update shared data without using
global variables.
The diff is pretty large, but de-facto mechanical. All changes
except the structure setup in ifconfig[_netlink].c are one-line
mechanical changes.
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D40239
MFC after: 2 weeks
Cleanup compiler warnings in preparation to set Wextra and remove WARNS?=2
Differential Revision: https://reviews.freebsd.org/D40238
MFC after: 2 weeks
Add -j <jail> flag to ifconfig to allow ifconfig to attach and run inside a
jail. This allow parent to configure network interfaces of its children
even if ifconfig is not available in child's tree (e.g. Linux Jails)
Reviewed by: emaste, khng, melifaro
Event: Kitchener-Waterloo Hackathon 202305
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D40213
Currently carp implementation peeks into the opaque 'afp->af_addreq'
buffer, assumes it knows the af-specific layout and assigns vhid
directly.
Simplify the code and remove abstraction leak by introducing per-afp
callback for setting vhid.
This change is a pre-requisite to set addresses via Netlink,
as Netlink implementiation uses different structure layout.
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D40160
MFC after: 2 weeks
getaddrinfo() returns 0 if it succeeded, but it's not guaranteed to
return 1 on error. Check for success rather than for one specific error.
Without this fix commands such as `ifconfig bnxt1 inet6 add vhid 1 peer6
2001:db8::1/64` would segfault ifconfig.
Sponsored by: Rubicon Communications, LLC ("Netgate")
When trying to auto-load a module, we trim the interface number off
the end. Currently we stop at the first digit. For interfaces which
have numbers in the driver name this does not work well.
In the current example ifconfig ath10k0 would load ath(4) instead of
ath10k(4). For module/interface names like rtw88[0] we never guess
correctly.
To improve for the case we can, start trimming off digits from the
end rather than the front.
Sponsored by: The FreeBSD Foundation
Reported by: thierry
MFC after: 20 days
Reviewed by: melifaro, thierry
Differential Revision: https://reviews.freebsd.org/D40137
The cylinder group header structure ended with `u_int8_t cg_space[1]'
representing the beginning of the inode bitmap array. Some architectures
like the i386 rounded this up to a 4-byte boundry while other
architectures like the amd64 rounded it up to an 8-byte boundry.
Thus sizeof(struct cg) was four bytes bigger on an amd64 machine
than on an i386 machine. If a filesystem created on an i386 machine
was moved to an amd64 machine, the size of the cylinder group
calculated by the CGSIZE macro would appear to grow by four bytes.
Filesystems whose cylinder groups were exactly equal to the block
size on an i386 machine would appear to have a cylinder group that
was four bytes too big when moved to an amd64 machine. Note that
although the structure appears to be too big, it in fact is fine.
It is just the calaculation of its size that is in error.
The fix is to remove the cg_space element from the cylinder-group
structure so that the calculated size of the structure is the same
size on all architectures.
Reported by: Tijl Coosemans
Tested by: Tijl Coosemans and Peter Holm
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
This change is a prerequisite for netlink conversion.
No functional changes intended.
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D40033
MFC after: 2 weeks
The SPDX folks have obsoleted the BSD-2-Clause-NetBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
Reduce the amount of global variables by creating the dedicated
ifconfig_args structure and use it as a context-passing variable.
Simplify the code by moving all argument preparation code a
separate function.
Reviewed by: kp (previous version)
Differential Revision: https://reviews.freebsd.org/D39932
MFC after: 2 weeks
It is usually provided by <sys/param.h>, but not when bootstrapping.
Fixes: 4849767cb1
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: yuripv, kevans
Differential Revision: https://reviews.freebsd.org/D40018
On an amd64-CURRENT machine with an i-node that refers to a block
number that is one too large will cause a core dump, due to writing
beyond the end of blockmap[] and corrupting the next heap block,
which happens to contain a struct inoinfo in inphash[]. Note that
valgrind catches the blockmap[] access.
Reported by: Robert Morris
PR: 271289
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
* Overhaul the GNU compatibility mode to more closely emulate what the GNU tools do.
* Add a Perl compatibility mode which emulates the shasum tool that ships with Perl. This is currently not installed.
* Overhaul the tests.
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D39446
The previous change involved calling check_cgmagic() twice in a row
for the same CG in order to differentiate when the CG was already ok vs.
when the CG was rebuilt, but that doesn't work because the second call
(which was supposed to rebuild the CG) returns 0 (indicating that
the CG was not rebuilt) due to the prevfailcg check causing an early
failure return. Fix this by moving the rebuild part of check_cgmagic()
out into a separate function which is called by pass1() when it wants to
rebuild a CG.
Fixes: da86e7a20d
Reported by: pho
Discussed with: mckusick
Sponsored by: Netflix
I find it very annoying that there is no FreeBSD infrastructure to
determine failures across architectures other than to check in
changes and then have Jenkins find them.
Suggested by: Jessica Clarke
MFC after: 1 week
A check in the superblock validity code verifies that the computed
size of the filesystem cylinder groups (CGSIZE macro) does not
exceed the filesystem block size (fs_bsize).
A report was received that a filesystem had been flagged as failing
this check. We were unable to determine how the reported filesystem
could have been created. This commit adds a check at the end of the
newfs(8) command to verify that the the cylinder group size is valid.
If an oversize cylinder group is found newfs(8) prints a diagnostic
output and rebuilds the filesystem to make it compiliant.
MFC after: 1 week
Provide an additional line of output for the superblock giving the
computed size of the cylinder group (CGSIZE macro) along with the
details needed to calculate it.
MFC after: 1 week