1
0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-19 15:33:56 +00:00
Commit Graph

818 Commits

Author SHA1 Message Date
Alexander Motin
ea9ed3d85b Disable libwrap (TCP wrappers) support in rpcbind by default, introducing
new command line options -W, to enable it when needed.

On my tests this change by almost ten times improves rpcbind performance.

No objections:	many, net@
2014-03-06 17:33:27 +00:00
Xin LI
5e4b8b0d91 Document the fact that OpenSSH default configuration requires Capsicum
capability mode support in kernel, which have been worked around later
but it's still recommended to have it enabled.
2014-03-03 23:26:48 +00:00
Warner Losh
a9fd22187a Add note about dtc switch. 2014-03-03 16:34:42 +00:00
John-Mark Gurney
059400366e since -F is safe, and an update from 10-HEAD to 10-STABLE is sooo bloody
anoying w/o it..  recommend people use -F too...
2014-02-28 19:51:47 +00:00
Dimitry Andric
f785676f2a Upgrade our copy of llvm/clang to 3.4 release. This version supports
all of the features in the current working draft of the upcoming C++
standard, provisionally named C++1y.

The code generator's performance is greatly increased, and the loop
auto-vectorizer is now enabled at -Os and -O2 in addition to -O3.  The
PowerPC backend has made several major improvements to code generation
quality and compile time, and the X86, SPARC, ARM32, Aarch64 and SystemZ
backends have all seen major feature work.

Release notes for llvm and clang can be found here:
<http://llvm.org/releases/3.4/docs/ReleaseNotes.html>
<http://llvm.org/releases/3.4/tools/clang/docs/ReleaseNotes.html>

MFC after:	1 month
2014-02-16 19:44:07 +00:00
Christian Brueffer
8de08345ab Add an UPDATING entry about the nve(4) driver removal. 2014-02-16 19:33:34 +00:00
Dimitry Andric
9f23d19a5e Add a note to UPDATING about the ABI compatibility fix done in r261801. 2014-02-12 18:16:56 +00:00
Kai Wang
d1166b824b Change date again. 2014-01-28 19:07:28 +00:00
Kai Wang
2e503d34bd Document libelf/libdwarf update in UPDATING. 2014-01-25 12:07:44 +00:00
Julio Merino
d7efee230d Allow tests to provide a Kyuafile when they relied on auto-generation.
When generating a Kyuafile in the KYUAFILE=auto case, use a filename
that is unlikely to clash with the filename used by explicitly-provided
Kyuafiles.

This allows a Makefile to set KYUAFILE=yes and provide a Kyuafile in
the same directory when such Makefile was previously relying on
KYUAFILE=auto.

Fixes issues with new Kyuafiles not being picked up in NO_CLEAN builds
(although manual intervention is required once, unfortunately, as
described in UPDATING).

Reviewed by:	sjg
MFC after:	1 week
2014-01-10 10:36:14 +00:00
John-Mark Gurney
af34024a21 document how to install when src is newer than the world.. This allows
people to build -current systems from older systems...

Thanks to:      Thomas Mueller
2013-12-20 23:34:10 +00:00
Benjamin Kaduk
2773bfa99a Add an UPDATING entry for the gss_pseudo_random behavior change
Approved by:	hrs (mentor, src committer)
2013-12-15 19:18:18 +00:00
Craig Rodrigues
edc144a12b Also mention that drill(1) can be used, now that nslookup and dig are no
longer in the base system.

Suggested by: peter
2013-11-29 08:22:48 +00:00
Craig Rodrigues
8a65c0b93a Add some text to clarify that nslookup and dig are no longer in the base system
after the removal of BIND.
2013-11-28 19:13:05 +00:00
Peter Wemm
17e27327de Revert r258672. We clearly don't compile libraries enough times. 2013-11-27 19:51:50 +00:00
Peter Wemm
ff678e6c81 At great personal risk, change the default for LIB32 from yes to no. As
mentioned in UPDATING, you can even do it as an as-needed operation after
doing a buildworld/installworld.  You can set WITH_LIB32=yes in make.conf
or src.conf.
2013-11-27 04:54:23 +00:00
Julio Merino
e01d128a42 Subsume the functionality of MK_ATF into MK_TESTS.
There is no reason to keep the two knobs separate: if tests are
enabled, the ATF libraries are required; and if tests are disabled,
the ATF libraries are not necessary.  Keeping the two just serves
to complicate the build.

Reviewed by:	freebsd-testing
Approved by:	rpaulo (mentor)
2013-11-08 14:24:47 +00:00
Brooks Davis
b9cd6b0a3c Switch the default mtree to nmtree our new NetBSD derived mtree.
Exp-run by:     bdrewery
MFC after:      3 days
Sponsored by:	DARPA/AFRL
2013-10-25 22:45:18 +00:00
Bryan Drewery
e3ededfa24 Rename libbsdyml to libyaml, make private, and bump
SHLIB_MAJOR to 1.0

Suggested by:	des
Approved by:	bapt
MFC after:	1 week
2013-10-14 18:31:15 +00:00
Glen Barber
006a42a9cb Turn it all the way up to 11:
- Update FreeBSD version in:
  - UPDATING
  - sys/conf/newvers.sh

- Add 11.0 FreeBSD version for manual pages

- Bump __FreeBSD_version to 1100000

Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2013-10-10 18:05:13 +00:00
Hiroki Sato
84b354cb9a - Update rc.d/jail to use a jail(8) configuration file instead of
command line options.  The "jail_<jname>_*" rc.conf(5) variables for
  per-jail configuration are automatically converted to
  /var/run/jail.<jname>.conf before the jail(8) utility is invoked.
  This is transparently backward compatible.

- Fix a minor bug in jail(8) which prevented it from returning false
  when jail -r failed.

Approved by:	re (glebius)
2013-10-10 09:32:27 +00:00
Glen Barber
c9fc60beee Revert r256095, r256120 (partial), r256121:
r256095:
 - Add gnu/usr.bin/rcs back to the base system.

r256120:
 - Add WITHOUT_RCS back to src.conf.5.

r256121:
 - Remove UPDATING entry regarding gnu/usr.bin/rcs removal.

Requested by:	many
Approved by:	re (marius)
Discussed with:	core
2013-10-09 17:07:20 +00:00
Devin Teske
b85baffde3 Remove mention of [fixed] known issue not-specific to updating.
Vendor update to [c]dialog-1.2-20130925 has fixed known problems.
Vendor update SVN revisions: 255917-255917, 255852, and 255958.

Reviewed by:	gjb
Approved by:	re (gjb)
2013-10-08 20:39:38 +00:00
Eitan Adler
3adb4d6fe5 Add an UPDATING entry for the RCS removal.
Requested by:	kargl
Approved by:	re (glebius)
2013-10-07 19:23:43 +00:00
Dag-Erling Smørgrav
2d69252a1b Note the removal of BIND, where to find it, and how to use
local_unbound instead.

Approved by:	re (gjb)
2013-09-30 18:06:43 +00:00
Glen Barber
0312d1cab6 - Reword the 20121201 entry.
- Clean up minor whitespace nit.

Approved by:	re (hrs)
Sponsored by:	The FreeBSD Foundation
2013-09-17 04:24:34 +00:00
Glen Barber
665751ec78 Document that the 'unbound' user is required for installworld since
the import of ldns/unbound.

Approved by:	re (delphij)
Sponsored by:	The FreeBSD Foundation
2013-09-17 00:13:42 +00:00
Dag-Erling Smørgrav
bd8277b4b2 Note about the OpenSSH change.
Approved by:	re (gjb)
2013-09-13 10:37:24 +00:00
John-Mark Gurney
c8a84c2aa6 add note about gcc and aesni...
Approved by:	re (gjb, kib)
2013-09-10 17:26:09 +00:00
David Chisnall
d6d3e03e1e Add note in UPDATING about the no-gcc-by-default switch. 2013-09-07 07:26:51 +00:00
Pawel Jakub Dawidek
2057b58b17 Remove fallback to fork(2) if pdfork(2) is not available. If the parent
process dies, the process descriptor will be closed and pdfork(2)ed child
will be killed, which is not the case when regular fork(2) is used.

The PROCDESC option is now part of the GENERIC kernel configuration, so we
can start depending on it.

Add UPDATING entry to inform that this option is now required and log
detailed instruction to syslog if pdfork(2) is not available:

	The pdfork(2) system call is not available; recompile the kernel with options PROCDESC

Submitted by:	Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by:	Google Summer of Code 2013
2013-09-05 01:05:48 +00:00
Pawel Jakub Dawidek
4877522e76 Advise a full buildworld, because of the recent Capsicum changes.
Sponsored by:	The FreeBSD Foundation
2013-09-05 00:52:16 +00:00
Devin Teske
6b2f5f7958 Add note/reminder about dialog(1) regression in HEAD/10.0-C so that we don't
forget about it in the multi-month run of things to fix prior to 10.0-R.
2013-08-27 16:10:44 +00:00
David E. O'Brien
46be218dce The PADLOCK_RNG and RDRAND_RNG kernel options are now devices.
Thus "device padlock_rng" and "device rdrand_rng" should be
used instead of "options PADLOCK_RNG" & "options RDRAND_RNG".

Requested by:	so@ (des)
Submitted by:	obrien, arthurmesh@gmail.com
Obtained from:	Juniper Networks
2013-08-21 22:43:29 +00:00
Peter Wemm
0dc59c0fac Add a note that if you were WITH_ICONV before, you should turn on
WITH_LIBICONV_COMPAT.
2013-08-13 07:31:27 +00:00
Peter Wemm
0ff204bbd1 The iconv in libc did two things - implement the standard APIs, the GNU
extensions and also tried to be link time compatible with ports libiconv.
This splits that functionality and enables the parts that shouldn't
interfere with the port by default.

WITH_ICONV (now on by default) - adds iconv.h, iconv_open(3) etc.
WITH_LIBICONV_COMPAT (off by default) adds the libiconv_open etc API, linker
symbols and even a stub libiconv.so.3 that are good enough to be able
to 'pkg delete -f libiconv' on a running system and reasonably expect it
to work.

I have tortured many machines over the last few days to try and reduce
the possibilities of foot-shooting as much as I can.  I've successfully
recompiled to enable and disable the libiconv_compat modes, ports that use
libiconv alongside system iconv etc.  If you don't enable the
WITH_LIBICONV_COMPAT switch, they don't share symbol space.

This is an extension of behavior on other system.  iconv(3) is a standard
libc interface and libiconv port expects to be able to run alongside it on
systems that have it.

Bumped osreldate.
2013-08-13 07:15:01 +00:00
Andriy Gapon
c319ea15f4 opensolaris code: translate INVARIANTS to DEBUG and ZFS_DEBUG
Do this by forcing inclusion of
sys/cddl/compat/opensolaris/sys/debug_compat.h
via -include option into all source files from OpenSolaris.
Note that this -include option must always be after -include opt_global.h.

Additionally, remove forced definition of DEBUG for some modules and fix
their build without DEBUG.

Also, meaning of DEBUG was overloaded to enable WITNESS support for some
OpenSolaris (primarily ZFS) locks.  Now this overloading is removed and
that use of DEBUG is replaced with a new option OPENSOLARIS_WITNESS.

MFC after:	17 days
2013-08-06 15:51:56 +00:00
Hiroki Sato
ccc88f7b62 Document IPv6 timer value change in r253970. 2013-08-05 20:30:15 +00:00
Jilles Tjoelker
9d6d5a7131 find: Allow -delete to delete files given as arguments.
Formerly, a command like find dir1/dir2 -delete would delete everything
under dir1/dir2 but not dir1/dir2 itself.

When -L is not specified and "." can be opened, the fts(3) code underlying
find(1) is careful to avoid following symlinks or being dropped in different
locations by moving the directory fts is currently traversing. If a
problematic concurrent modification is detected, fts will not enter the
directory or abort. Files found in the search are returned via the current
working directory and a pathname not containing a slash.

For paranoia, find(1) verifies this when -delete is used. However, it is too
paranoid about the root of the traversal. It is already assumed that the
initial pathname does not refer to directories or symlinks that might be
replaced by untrusted users; otherwise, the whole traversal would be unsafe.
Therefore, it is not necessary to do the check for fts_level ==
FTS_ROOTLEVEL.

Deleting the pathnames given as arguments can be prevented without error
messages using -mindepth 1 or by changing directory and passing "." as
argument to find. This works in the old as well as the new version of find.

Tested by:	Kurt Lidl
Reviewed by:	jhb
2013-08-02 14:14:23 +00:00
David E. O'Brien
0e6a0799a9 Back out r253779 & r253786. 2013-07-31 17:21:18 +00:00
David E. O'Brien
99ff83da74 Decouple yarrow from random(4) device.
* Make Yarrow an optional kernel component -- enabled by "YARROW_RNG" option.
  The files sha2.c, hash.c, randomdev_soft.c and yarrow.c comprise yarrow.

* random(4) device doesn't really depend on rijndael-*.  Yarrow, however, does.

* Add random_adaptors.[ch] which is basically a store of random_adaptor's.
  random_adaptor is basically an adapter that plugs in to random(4).
  random_adaptor can only be plugged in to random(4) very early in bootup.
  Unplugging random_adaptor from random(4) is not supported, and is probably a
  bad idea anyway, due to potential loss of entropy pools.
  We currently have 3 random_adaptors:
  + yarrow
  + rdrand (ivy.c)
  + nehemeiah

* Remove platform dependent logic from probe.c, and move it into
  corresponding registration routines of each random_adaptor provider.
  probe.c doesn't do anything other than picking a specific random_adaptor
  from a list of registered ones.

* If the kernel doesn't have any random_adaptor adapters present then the
  creation of /dev/random is postponed until next random_adaptor is kldload'ed.

* Fix randomdev_soft.c to refer to its own random_adaptor, instead of a
  system wide one.

Submitted by: arthurmesh@gmail.com, obrien
Obtained from: Juniper Networks
Reviewed by: obrien
2013-07-29 20:26:27 +00:00
Andriy Gapon
663dea3d1b fix UPDATING entry in r253677
MFC after:	3 weeks
X-MFC with:	r253677
2013-07-26 14:43:38 +00:00
Andriy Gapon
8e94193e58 make path matching in devfs rules consistent and sane (and safer)
Before this change path matching had the following features:
- for device nodes the patterns were matched against full path
- in the above case '/' in a path could be matched by a wildcard
- for directories and links only the last component was matched

So, for example, a pattern like 're*' could match the following entries:
- re0 device
- responder/u0 device
- zvol/recpool directory

Although it was possible to work around this behavior (once it was spotted
and understood), it was very confusing and contrary to documentation.

Now we always match a full path for all types of devfs entries (devices,
directories, links) and a '/' has to be matched explicitly.
This behavior follows the shell globbing rules.

This change is originally developed by Jaakko Heinonen.
Many thanks!

PR:		kern/122838
Submitted by:	jh
MFC after:	4 weeks
2013-07-26 14:25:58 +00:00
Andrew Turner
46e95f646c 2 years, 10 months, 22 days after the projects/arm_eabi branch was created
make the ARM EABI the default ABI on arm, armeb, armv6 and armv6eb.

This is intended to be the default ABI from now on with the old ABI to be
retired. Because of this all users are strongly suggested to upgrade to the
ARM EABI.

As the two ABIs are incompatible it is unlikely upgrading in place will
work. Users should perform a full backup and either use an external machine
to upgrade, or install to an alternative location on their media. They
should also reinstall all ports or packages when these are available.

The only known issues are:
 - pkg incorrectly detects the ABI. This is fixed upstream, and will a
   patch will be made to the port.
 - GDB can have issues with executables built with clang.

__FreeBSD_version has been bumped.
2013-07-16 19:15:19 +00:00
Rui Paulo
aa011413db Fix a grammatical error. 2013-07-14 20:22:16 +00:00
Baptiste Daroussin
9b953f2ce4 Disable building of pkg_install by default
If people still want to have pkg_install they can specify WITH_PKGTOOLS when building world
2013-07-12 23:11:17 +00:00
Andrey V. Elsukov
b40e2b6d14 Bump __FreeBSD_version to reflect changes in statistics structures. 2013-07-09 10:20:27 +00:00
Simon J. Gerraty
03630b541e Use && rather than ; when success of previous job matters. 2013-06-30 15:00:07 +00:00
Dag-Erling Smørgrav
5b3e02570a Fix a bug that allowed a tracing process (e.g. gdb) to write
to a memory-mapped file in the traced process's address space
even if neither the traced process nor the tracing process had
write access to that file.

Security:	CVE-2013-2171
Security:	FreeBSD-SA-13:06.mmap
Approved by:	so
2013-06-18 07:02:35 +00:00
Eitan Adler
1cbff2a999 Remove CVS from the base system.
Discussed with:	many
Reviewed by:	peter, zi
Approved by:	core
2013-06-15 20:29:07 +00:00