only preallocates a small number of inodes. The dump program tries
to scan through all the allocated inodes on a filesystem which
causes bad behavior if they have never been allocated. Thus dump
must calculate the set of inodes that have actually been allocated
and scan only those inodes.
Sponsored by: DARPA & NAI Labs.
other partitiosns. This is necessary when migrating conventional
partitions to Vinum and was broken by recent more stringent overlap
checks. This is arguably the wrong way to do it. A better method
would be to have the loader understand a subset of Vinum partitioning
and allow an install directly to Vinum, but until then, this is the
best we have.
Reviewed by: jhb
Approved by: re (rwatson)
so that fsck does not complain with `SUMMARY BLK COUNT(S) WRONG IN
SUPERBLK' the first time it is run on a new filesystem.
Reported by: Poul-Henning Kamp <phk@freebsd.org>
Sponsored by: DARPA & NAI Labs.
trying to use them. Set a minimum value for numdirs when using an
alternate superblock to avoid spurious numdirs == 0 error. Calculate
new fields when using an alternate superblock from a UFS1 filesystem
to avoid segment faulting.
Sponsored by: DARPA & NAI Labs.
a PMBR. Make sure the create command creates a PMBR as well
(if not already present).
o When parsing the MBR, explicitly check for a PMBR and create
a PMBR map node if one is found.
o When parsing the MBR, recurse to handle extended partitions.
This allows us to flatten nested MBRs when migrating to a
GPT.
o Have the migrate command bail out if it encounters a partition
it doesn't know how to migrate. This avoids data loss.
o Change the output of the show command so that the UUIDs of the
GPT partitions fit on the same line.
o Show when partitions are extended partitions and add the PMBR
type.
Approved by: re (blanket)
of an argument name collision with -O, use -v, and default to whatever
the newfs default is for the platform (generally, UFS1). This is
required to support diskless workstations that use UFS2 for their
mdmfs file systems.
Reviewed by: dd, bmah
Approved by: re (bmah)
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
UUIDs can then be limited to those cases when an alias doesn't exist.
This greatly increases the likelyhood that a sysadmin finishes the
partitioning without intermittent mental breakdowns. Current aliases
are "efi", "swap" and "ufs".
While here, staticize global variables and expand the usage message.
Approved by: re (blanket)
that the kernel will refuse to mount. Specifically it now enforces
the MAXBSIZE blocksize limit. This update also fixes a problem where
newfs could segment fault if the selected fragment size was too large.
PR: bin/30959
Submitted by: Ceri Davies <setantae@submonkey.net>
Sponsored by: DARPA & NAI Labs.
the old 8-bit fs_old_flags to the new location the first time that the
filesystem is mounted by a new kernel. One of the unused flags in
fs_old_flags is used to indicate that the flags have been moved.
Leave the fs_old_flags word intact so that it will work properly if
used on an old kernel.
Change the fs_sblockloc superblock location field to be in units
of bytes instead of in units of filesystem fragments. The old units
did not work properly when the fragment size exceeeded the superblock
size (8192). Update old fs_sblockloc values at the same time that
the flags are moved.
Suggested by: BOUWSMA Barry <freebsd-misuser@netscum.dyndns.dk>
Sponsored by: DARPA & NAI Labs.
prob 0.5 pipe NN ....
due to the generation of an invalid ipfw instruction sequence.
No ABI change, but you need to upgrade /sbin/ipfw to generate the
correct code.
Approved by: re
to net.inet.ip.fw.one_pass.
Add to notes to explain the exact behaviour of "prob xxx" and "log"
options.
Virtually approved by: re (mentioned in rev.1.19 of ip_fw2.c)
It seems a common corruption to have them -ve (I've seen it several times)
and if fsck doesn't fix it, it leads to a kernel pagefault.
Reviewd by: kirk
Submitted by: Eric Jacobs <eaja@erols.com> and me independently.
MFC in: 2 days
PR: bin/40967
Approved by: re
the error "quotacheck: bad inode number 1 to nextinode".
Sponsored by: DARPA & NAI Labs.
Reported-by: Franky <franky@jasna.tarnow.pl> and Matthew Kolb <muk@msu.edu>
take unsigned values.
his allows one to label disk with the number of blocks > 31 bits
(though less then 32 bits)
e.g.
# size offset fstype [fsize bsize bps/cpg]
c: 3125755904 0 unused 0 0 # (Cyl. 0 - 194569*)
d: 3125755840 64 unused 0 0 # (Cyl. 0*- 194569*)
which is needd to test UFS2
<sys/gpt.h>. This avoids having to include both <sys/uuid.h> and
<uuid.h>, which is considered by your friendly committer to be
aestheticly displeasing (= ballyhoo barf barf :-)
Replace ARC4 with SHA2-512.
Change lock-structure encoding to use random ordering rather for obscurity.
Encrypt lock-structure with AES/256 instead of AES/128.
Change kkey derivation to be MD5 hash based.
Watch for malloc(M_NOWAIT) failures and ditch our cache when they happen.
Remove clause 3 of the license with NAI Labs consent.
Many thanks to "Lucky Green" <shamrock@cypherpunks.to> and "David
Wagner" <daw@cs.berkeley.edu>, for code reading, inputs and
suggestions.
This code has still not been stared at for 10 years by a gang of
hard-core cryptographers. Discretion advised.
NB: These changes result in the on-disk format changing: dump/restore needed.
Sponsored by: DARPA & NAI Labs.
getdiskinfo(). For the fixed-disk case, bpb->hid probably isn't
handled correctly, but I'm not sure if this is a serious problem since
the primary use of this program is to format floppy disks.
Reviewed by: phk
o Use DCE compliant UUID functions and provide local
implementations if they don't exist,
o Move dumping of the map to show.c and print the
partition type,
o Some cleanups and rearrangements.
The default GPT partition type is UFS. When no starting block
or size are specified, the tool will create a partition in the
first free space it find (or that fits, depending on the size).
code is directly copied from migrate.c. The intend is to express
migrate in terms of create and add. The functionality to add
partitions is not yet there.
Quoting luigi:
In order to make the userland code fully 64-bit clean it may
be necessary to commit other changes that may or may not cause
a minor change in the ABI.
Reviewed by: luigi
regarding 802.1 MAC and Mandatory Access Control (MAC). Some
potential for confusion remains further in other areas of the
system regarding Message Authentication Codes (MAC).
Requested by: wollman
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
interfaces using the 'mac' argument. Without MAC support in the
kernel, this does not change the behavior of ifconfig.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
result of an incomplete migration. An incomplete migration is
one where the MBR is not turned into a PMBR after creating the
GPT. This early in the game it's more convenient to allow the
inconsistency, because that avoids that we have to destroy the
MBR partitioning for now.
arbitrary commands when devices come and go in the device tree (which is
different than the /dev directory).
This is an initial version. Much of the planned power isn't here.
Instead of doing the full matching, we always run /etc/devd-generic.
/etc/devd.generic will go away at some point, I think.
I'm committing it in this early state so I can start getting feedback
from early adapters.
Approved by: re
o Fix some punctuation and wording
o Wording consistency in command-line option documentation
o Make use of mdoc's markup a bit more (quoting and the like)
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
command, permitting it to set FS_ACLS and FS_MULTILABEL administrative
flags on UFS file systems.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
when using '-p' with reboot, and the power down action failds, reboot
the system normally. The behaviour of 'halt -p' and of shutdown(8) is
unchanged.
Approved by: roberto
'-p' is used on the reboot(8) command line.
This is intended for use when you want to attempt a power down
action, but you want the system to reboot (not halt) if the
power down action fails.
This is typically useful when the power-off action performed by
the kernel consists in signalling an uninterrupted power supply
that it should shut down its inverter if mains power has not returned.
The behaviour of shutdown(8) and init(8) is not modified;
only the behaviour of invoking 'reboot -p' manually is
modified, and then only in the case when a power-down action
fails.
Sounded reasonable to: phk
Approved by: roberto (mentor)
rules don't apply to tokens that are supposed to represent single args.
This was only fixed in the man page.
Fixed other differences between the man page and the usage message (1
formatting bug and 1 syntax bug).
Peter had repocopied sys/disklabel.h to sys/diskpc98.h and sys/diskmbr.h.
These two new copies are still intact copies of disklabel.h and
therefore protected by #ifndef _SYS_DISKLABEL_H_ so #including them
in programs which already include <sys.disklabel.h> is currently a
no-op.
This commit adds a number of such #includes.
Once I have verified that I have fixed all the places which need fixing,
I will commit the updated versions of the three #include files.
Sponsored by: DARPA & NAI Labs.
Setting this flag on an ethernet interface blocks transmission of packets
and discards incoming packets after BPF processing.
This is useful if you want to monitor network trafic but not interact
with the network in question.
Sponsored by: http://www.babeltech.dk
under way to move the remnants of the a.out toolchain to ports. As the
comment in src/Makefile said, this stuff is deprecated and one should not
expect this to remain beyond 4.0-REL. It has already lasted WAY beyond
that.
Notable exceptions:
gcc - I have not touched the a.out generation stuff there.
ldd/ldconfig - still have some code to interface with a.out rtld.
old as/ld/etc - I have not removed these yet, pending their move to ports.
some includes - necessary for ldd/ldconfig for now.
Tested on: i386 (extensively), alpha
has always done.
Technically, this is the wrong format, but it reduces the diffs in
-stable. Someday, when we get rid of ipfw1, I will put the port number
in the proper format both in kernel and userland.
MFC after: 3 days
(with re@ permission)
in /etc/fstab. This isn't a real fix though and I'm still not sure
why it started failing. mount(8) breaks up the nfs args into seperate
repeated '-o option=value' arguments. But, the altflags variable that
we use to track things is incrementally built up each time we see the
next option and shows us the cumulative set of flags, not just the
flag that we are currently looking at. As a result, the strstr hack
for looking up flags in a giant -o opt=val,opt=val, etc string was failing
and causing a segfault. I do not know what changed recently that caused
this to suddenly break, but the code has been rather bogus for some time.
Also, for all interfaces in this mode pass all ethernet frames to upper layer,
even those not addressed to our own MAC, which allows packets encapsulated
in those frames be processed with packet filters (ipfw(8) et al).
Emphatically requested by: Anton Turygin <pa3op@ukr-link.net>
Valuable suggestions by: fenner
following Julian's good suggestion: since you can specify any match
pattern as an option, rules now have the following format:
[<proto> from <src> to <dst>] [options]
i.e. the first part is now entirely optional (and left there just
for compatibility with ipfw1 rulesets).
Add a "-c" flag to show/list rules in the compact form
(i.e. without the "ip from any to any" part) when possible.
The default is to include it so that scripts processing ipfw's
canonical output will still work.
Note that as part of this cleanup (and to remove ambiguity), MAC
fields now can only be specified in the options part.
Update the manpage to reflect the syntax.
Clarify the behaviour when a match is attempted on fields which
are not present in the packet, e.g. port numbers on non TCP/UDP
packets, and the "not" operator is specified. E.g.
ipfw add allow not src-port 80
will match also ICMP packets because they do not have port numbers, so
"src-port 80" will fail and "not src-port 80" will succeed. For such
cases it is advised to insert further options to prevent undesired results
(e.g. in the case above, "ipfw add allow proto tcp not src-port 80").
We definitely need to rewrite the parser using lex and yacc!
render the syntax less ambiguous.
Now rules can be in one of these two forms
<action> <protocol> from <src> to <dst> [options]
<action> MAC dst-mac src-mac mac-type [options]
however you can now specify MAC and IP header fields as options e.g.
ipfw add allow all from any to any mac-type arp
ipfw add allow all from any to any { dst-ip me or src-ip me }
which makes complex expressions a lot easier to write and parse.
The "all from any to any" part is there just for backward compatibility.
Manpage updated accordingly.
noting that the restrictions do not apply if the user invoking the
program is also the owner of the program.
Also, capitalize a section header properly.
PR: misc/41180
Implement the M_SKIP_FIREWALL bit in m_flags to avoid loops
for firewall-generated packets (the constant has to go in sys/mbuf.h).
Better comments on keepalive generation, and enforce dyn_rst_lifetime
and dyn_fin_lifetime to be less than dyn_keepalive_period.
Enforce limits (up to 64k) on the number of dynamic buckets, and
retry allocation with smaller sizes.
Raise default number of dynamic rules to 4096.
Improved handling of set of rules -- now you can atomically
enable/disable multiple sets, move rules from one set to another,
and swap sets.
sbin/ipfw/ipfw2.c:
userland support for "noerror" pipe attribute.
userland support for sets of rules.
minor improvements on rule parsing and printing.
sbin/ipfw/ipfw.8:
more documentation on ipfw2 extensions, differences from ipfw1
(so we can use the same manpage for both), stateful rules,
and some additional examples.
Feedback and more examples needed here.
- Make getvfsbyname() take a struct xvfsconf *.
- Convert several consumers of getvfsbyname() to use struct xvfsconf.
- Correct the getvfsbyname.3 manpage.
- Create a new vfs.conflist sysctl to dump all the struct xvfsconf in the
kernel, and rewrite getvfsbyname() to use this instead of the weird
existing API.
- Convert some {set,get,end}vfsent() consumers to use the new vfs.conflist
sysctl.
- Convert a vfsload() call in nfsiod.c to kldload() and remove the useless
vfsisloadable() and endvfsent() calls.
- Add a warning printf() in vfs_sysctl() to tell people they are using
an old userland.
After these changes, it's possible to modify struct vfsconf without
breaking the binary compatibility. Please note that these changes don't
break this compatibility either.
When bp will have updated mount_smbfs(8) with the patch I sent him, there
will be no more consumers of the {set,get,end}vfsent(), vfsisloadable()
and vfsload() API, and I will promptly delete it.
with ipfw2 extensions and give examples of use of the new features.
This is just a preliminary commit, where i simply added the basic
syntax for the extensions, and clean up the page (e.g. by listing
things in alphabetical rather than random order).
I would appreciate feedback and possible corrections/extensions
by interested parties.
Still missing are a more detailed description of stateful rules
(with keepalives), interaction with of stateful rules and natd (don't do
that!), examples of use with the recently introduced rule sets.
There is an issue related to the MFC: RELENG_4 still has ipfw as a
default, and ipfw2 is optional. We have two options here: MFC this
page as ipfw(8) adding a large number of "SORRY NOT IN IPFW" notes,
or create a new ipfw2(8) manpage just for -stable users. I am all
for the first approach, but of course am listening to your comments.
The bugfix (ipfw2.c) makes the handling of port numbers with
a dash in the name, e.g. ftp-data, consistent with old ipfw:
use \\ before the - to consider it as part of the name and not
a range separator.
The new feature (all this description will go in the manpage):
each rule now belongs to one of 32 different sets, which can
be optionally specified in the following form:
ipfw add 100 set 23 allow ip from any to any
If "set N" is not specified, the rule belongs to set 0.
Individual sets can be disabled, enabled, and deleted with the commands:
ipfw disable set N
ipfw enable set N
ipfw delete set N
Enabling/disabling of a set is atomic. Rules belonging to a disabled
set are skipped during packet matching, and they are not listed
unless you use the '-S' flag in the show/list commands.
Note that dynamic rules, once created, are always active until
they expire or their parent rule is deleted.
Set 31 is reserved for the default rule and cannot be disabled.
All sets are enabled by default. The enable/disable status of the sets
can be shown with the command
ipfw show sets
Hopefully, this feature will make life easier to those who want to
have atomic ruleset addition/deletion/tests. Examples:
To add a set of rules atomically:
ipfw disable set 18
ipfw add ... set 18 ... # repeat as needed
ipfw enable set 18
To delete a set of rules atomically
ipfw disable set 18
ipfw delete set 18
ipfw enable set 18
To test a ruleset and disable it and regain control if something
goes wrong:
ipfw disable set 18
ipfw add ... set 18 ... # repeat as needed
ipfw enable set 18 ; echo "done "; sleep 30 && ipfw disable set 18
here if everything goes well, you press control-C before
the "sleep" terminates, and your ruleset will be left
active. Otherwise, e.g. if you cannot access your box,
the ruleset will be disabled after the sleep terminates.
I think there is only one more thing that one might want, namely
a command to assign all rules in set X to set Y, so one can
test a ruleset using the above mechanisms, and once it is
considered acceptable, make it part of an existing ruleset.
gcc memcpy "knows" about types that are supposed to be actually already
aligned and triggers alignment errors doing the memcpy itself.
"Fix" this by changing it to a bcopy(). In this case, we had:
struct timeval *tp;
struct timeval tv1;
memcpy(&tv1,tp,sizeof(tv1));
.. and since gcc *knows* that a pointer to a timeval is longword aligned
and that tv1 is longword aligned, then it can use an inline that assumes
alignment. The following works too:
cp = (char *)tp;
memcpy(&tv1,cp,sizeof(tv1));
Simply casting (char *)tp for the memcpy doesn't work. :-(
This affected different 64 bit platforms in different ways and depends
a lot on gcc as well. I've seen this on alpha and ia64 at least, although
alpha isn't doing it right now.
fsck_ffs did not need it, but quotacheck did include it from fsck_ffs.
A repocopy has now moved the fsck_ffs/preen.c file to quotacheck/preen.c
quotacheck and fsck should probably use the same checkfstab() function
and it should possibly live in libufs.
Trouble is: they have diverged in the meantime.
At least now fsck_ffs is not in the equation anymore.
Sponsored by: DARPA & NAI Labs.
Convert init(8) to use nmount() instead of mount() when
it has to mount devfs. This doesn't happen normally,
since the kernel is supposed to mount devfs itself.
remove all the code which was trying to do so.
This code was nasty in several ways, it was hiding
the kernel bug where the kernel was unable to properly
load a module, and it was quitting if it wasn't able
to load the module. The consequence is that an ABI
breakage of the vfsconf API would have broken *every*
mount utility.
kernel access control.
Teach mount(8) to understand the MNT_MULTILABEL flag, which is used
to determine whether a file system operates with individual per-vnode
labels, or treats the entire file system as a single object with a
single (mount) label. The behavior here will probably evolve some
now that nmount(2) is available and can more flexibly support mount
options.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
