1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-23 11:18:54 +00:00
Commit Graph

15367 Commits

Author SHA1 Message Date
Sergey Kandaurov
bedc59de87 OpenBSD 5.4 added. 2013-11-01 18:55:56 +00:00
Mikolaj Golub
b24e24eb7d Add myself as a ports committer
Approved by:	bdrewery (mentor)
2013-10-31 19:55:36 +00:00
Baptiste Daroussin
c92d635ad3 After around 20 years of duty it is time for pkg_install to retire 2013-10-31 13:00:35 +00:00
Neel Natu
a1a4cbea58 Make the virtual ioapic available unconditionally in a bhyve virtual machine.
This is in preparation for moving the ioapic device model from userspace to
vmm.ko.

Reviewed by:	grehan
2013-10-31 05:44:45 +00:00
Kevin Lo
5ed33b90ea Add manpage for urtwnfw, the Realtek RTL8188CU/RTL8192CU firmware
module.  Also fix a few nits in urtwn.4.

Reviewed by:	rpaulo
2013-10-31 01:57:05 +00:00
Joel Dahl
457a378f05 mdoc: document title should be all caps. 2013-10-30 21:52:31 +00:00
Bryan Drewery
8d20be1e22 Move /etc/keys to /usr/share/keys where users are less likely to modify them.
Requested by:	secteam (cperciva, des)
Approved by:	bapt
2013-10-29 15:07:54 +00:00
Sergey Kandaurov
a0b91aad67 Fixed typo.
Submitted by:	Nikolai Lifanov
Pointyhat:	pluknet
2013-10-29 14:15:09 +00:00
Sergey Kandaurov
f582ba849d OS X 10.9 added. 2013-10-29 13:44:19 +00:00
Neel Natu
ea7f1c8cd2 Add support for PCI-to-ISA LPC bridge emulation. If the LPC bus is attached
to a virtual machine then we implicitly create COM1 and COM2 ISA devices.

Prior to this change the only way of attaching a COM port to the virtual
machine was by presenting it as a PCI device that is mapped at the legacy
I/O address 0x3F8 or 0x2F8.

There were some issues with the original approach:
- It did not work at all with UEFI because UEFI will reprogram the PCI device
  BARs and remap the COM1/COM2 ports at non-legacy addresses.
- OpenBSD GENERIC kernel does not create a /dev/console because it expects
  the uart device at the legacy 0x3F8/0x2F8 address to be an ISA device.
- It was functional with a FreeBSD guest but caused the console to appear
  on /dev/ttyu2 which was not intuitive.

The uart emulation is now independent of the bus on which it resides. Thus it
is possible to have uart devices on the PCI bus in addition to the legacy
COM1/COM2 devices behind the LPC bus.

The command line option to attach ISA COM1/COM2 ports to a virtual machine is
"-s <bus>,lpc -l com1,stdio".

The command line option to create a PCI-attached uart device is:
"-s <bus>,uart[,stdio]"

The command line option to create PCI-attached COM1/COM2 device is:
"-S <bus>,uart[,stdio]". This style of creating COM ports is deprecated.

Discussed with:	grehan
Reviewed by:	grehan
Submitted by:	Tycho Nightingale (tycho.nightingale@pluribusnetworks.com)

M    share/examples/bhyve/vmrun.sh
AM   usr.sbin/bhyve/legacy_irq.c
AM   usr.sbin/bhyve/legacy_irq.h
M    usr.sbin/bhyve/Makefile
AM   usr.sbin/bhyve/uart_emul.c
M    usr.sbin/bhyve/bhyverun.c
AM   usr.sbin/bhyve/uart_emul.h
M    usr.sbin/bhyve/pci_uart.c
M    usr.sbin/bhyve/pci_emul.c
M    usr.sbin/bhyve/inout.c
M    usr.sbin/bhyve/pci_emul.h
M    usr.sbin/bhyve/inout.h
AM   usr.sbin/bhyve/pci_lpc.c
AM   usr.sbin/bhyve/pci_lpc.h
2013-10-29 00:18:11 +00:00
Christian Brueffer
b4e16cf882 New sentence -> new line and some mdoc cleanup.
MFC after:	3 days
2013-10-28 22:54:28 +00:00
Gleb Smirnoff
a7a36fea40 Remove more remnants of ng_fec(4).
The ng_create_one() and ng_mkpeer() functions in network.subr are
now not used anywhere, but I left them, since they can be useful
in future in netgraph scripting.

Submitted by:	pluknet
2013-10-28 16:21:31 +00:00
Gleb Smirnoff
a4adecf56d Remove ng_fec.4
Submitted by:	Dmitry Luhtionov <dmitryluhtionov gmail.com>
2013-10-28 15:38:26 +00:00
Gleb Smirnoff
506658cc1e Axe ng_fec(4). It has never been a real netgraph(4) module, since
it had no hooks. It has abused ifnet's if_afdata slot and actually
abused every subsystem it touched.

lagg(4) is a proper trunking solution at ifnet(9) layer.

ng_one2many(4) is a proper trunking solution in netgraph(4).
2013-10-28 12:47:05 +00:00
Bryan Drewery
4dc4651d73 Document /var/cache/pkg into hier(7) which pkg(8) uses.
Approved by:	bapt
MFC after:	2 days
2013-10-26 03:55:29 +00:00
Bryan Drewery
24a2212906 Add infrastructure for installing pkg(8) keys into /etc/keys/pkg and add
the current test key that packages will be signed with until 10.0-RELEASE.

Approved by:	bapt
Discussed by:	bapt with des
MFC after:	2 days
2013-10-26 03:53:24 +00:00
Brooks Davis
ce068e5a43 Regerate after r257138 swapped the default to WITH_NMTREE.
MFC after:	3 days
Sponsored by:	DARPA/AFRL
2013-10-25 22:47:54 +00:00
Brooks Davis
b9cd6b0a3c Switch the default mtree to nmtree our new NetBSD derived mtree.
Exp-run by:     bdrewery
MFC after:      3 days
Sponsored by:	DARPA/AFRL
2013-10-25 22:45:18 +00:00
Rui Paulo
bc694214ab Disable WITH_TESTS= for now. 2013-10-25 06:37:43 +00:00
Rui Paulo
f56169f4ab Add a tests(7) manual page.
This manual page intends to describe the structure and behavior of
the FreeBSD test suite installed in /usr/tests.  The contents have
been inherited from the NetBSD manual page.

As a side effect, this also updates the hier(7) manual page to
mention /usr/tests and points at tests(7) for more details.

Submitted by:	Julio Merino jmmv google.com
Reviewed by:	sjg
MFC after:	2 weeks
2013-10-25 05:33:04 +00:00
Rui Paulo
6532e7bf5f Add missing plain.test.mk.
Submitted by:	Julio Merino jmmv google.com
MFC after:	2 weeks
2013-10-25 05:31:26 +00:00
Rui Paulo
e2197f8018 Set up the /usr/tests hierarchy.
Populate /usr/tests with the only test programs that currently live
in the tree (those in lib/libcrypt/tests/) and add all the build
machinery to accompany this change.

In particular:

- Add a WITHOUT_TESTS variable that users can define to request that
  no tests be put in /usr/tests.
- Add a top-level Kyuafile for /usr/tests and a way to create similar
  Kyuafiles in top-level subdirectories.
- Add a BSD.tests.dist file to define the directory layout of
  /usr/tests.

Submitted by:	Julio Merino jmmv google.com
Reviewed by:	sjg
MFC after:	2 weeks
2013-10-25 05:25:19 +00:00
Rui Paulo
5e6f3a8ed7 Move the TESTSBASE definition to bsd.own.mk.
We need to be able to reference the value of TESTSBASE without requiring
the inclusion of bsd.test.mk (e.g. in etc/Makefile), so move its definition
to the more generic bsd.own.mk.

Submitted by:	Julio Merino jmmv google.com
Reviewed by:	sjg
MFC after:	2 weeks
2013-10-25 05:12:31 +00:00
Rui Paulo
cb56d4a851 Allow mixing bsd.files.mk with bsd.subdir.mk.
If a single Makefile wants to recurse into subdirectories and also
wants to install files, bsd.files.mk's targets would get ignored in
favor of those defined by bsd.subdir.mk because installfiles would
not get defined in bsd.files.mk.

Prevent this from happening by defining the targets in bsd.files.mk
with auxiliary names and listing them as dependencies of installfiles
instead.

This is required by bsd.test.mk, which needs to install a Kyuafile
in pretty much all cases but may also need to recurse into
subdirectories for build purposes.

Submitted by:	Julio Merino jmmv google.com
Reviewed by:	sjg
MFC after:	2 weeks
2013-10-25 05:11:10 +00:00
Brooks Davis
6495f64998 Regenerate documentation post r256915:
Stop conflating WITHOUT_CLANG with WITHOUT_CLANG_IS_CC.  This allows
bootstrapping a copy of clang without building clang for the base system
which is useful for nanobsd and similar setups.  It's still probably
wrong to conflate what is installed as /usr/bin/cc with the selection
of a bootstrap compiler under WITH*_CLANG_IS_CC, but that's for another
day.
2013-10-24 15:11:30 +00:00
Eitan Adler
2d8b5d8dac Add missing symlinks for the sbuf man page 2013-10-23 03:27:42 +00:00
John Baldwin
fa24b620c0 Add a manpage for the getenv() family of functions in the kernel. 2013-10-22 20:10:38 +00:00
Brooks Davis
f936a2e556 Stop conflating WITHOUT_CLANG with WITHOUT_CLANG_IS_CC. This allows
bootstrapping a copy of clang without building clang for the base system
which is useful for nanobsd and similar setups.  It's still probably
wrong to conflate what is installed as /usr/bin/cc with the selection
of a bootstrap compiler under WITH*_CLANG_IS_CC, but that's for another
day.

MFC after:	1 week
Sponsored by:	DARPA/AFRL
2013-10-22 15:53:29 +00:00
Alexander Motin
fdee5abcee Update ahci(4), respecting recent driver changes. 2013-10-22 11:56:46 +00:00
Alexander Motin
1a29adad30 Remove Giant-locked drivers support (DISKFLAG_NEEDSGIANT flag) from disk(9).
Since at least FreeBSD 7 we had only four of them in the base tree, and
in head branch, thanks to jhb@, we have no any for more then a year.
2013-10-22 10:21:20 +00:00
Brooks Davis
a33ce322b6 Remove the isf(4) driver. It was created by accident and is subset of
the cfi(4) driver.  It remained in the tree longer than would be ideal
due to the time required to bring cfi(4) to feature parity.

Sponsored by:	DARPA/AFRL
MFC after:	3 days
2013-10-21 22:43:38 +00:00
Colin Percival
cabad26453 Add support for "first boot" rc.d scripts. [1]
These scripts, containing
# KEYWORD: firstboot
will only be run if a sentinel file (default: /firstboot, configurable
via the rc.conf ${firstboot_sentinel} variable) exists; this sentinel
file will be deleted at the end of the boot process.

Scripts can request that the system reboot after the first boot by
creating the file ${firstboot_sentinel}-reboot.

This functionality is expected to be useful for embedded systems and
virtual machine images, where it may be desirable to
(a) download and install updates which became available between when
the image was created and when it was "turned on";
(b) download and install packages which may be newer than those
which were available when the image was created;
(c) install packages which run binaries during their install process,
bypassing the problem of cross-architecture installs;
(d) resize filesystems to match the disk onto which a VM image was
installed;
(e) perform initialization tasks relevant to cloud systems (e.g.,
Amazon's Elastic Compute Cloud);
and likely to perform many other one-time initialization functions.

Document this new functionality in rc.conf(5) and rc(8). [2]

Reviewed by:	freebsd-current, freebsd-rc [1]
Reviewed by:	Warren Block [2]
MFC after:	3 days
2013-10-19 21:37:06 +00:00
John-Mark Gurney
ff14d523bb Enable the automatic creation of a certificate (if one does not exists)
and enable the usage by sendmail if sendmail is enabled.  Include and
document knobs to disable this feature and also set the Common Name of
the certificate created.

As the certificate is signed w/ a discarded key, it only helps prevent
Eve, but not Malory from knowing the contents of the emails.

This means that new installs (and people that use the updated freebsd.mc
file) will automaticly have STARTTLS enabled allowing incoming email to
be encrypted in most cases.

Reviewed by:	gshapiro
MFC after:	3 days
Security:	Yes, please.
2013-10-19 18:51:06 +00:00
Rui Paulo
7bb2d4b324 Plug kyua into the 'test' target.
If kyua exists in KYUA_PREFIX, the test target is automatically
defined to use it for the execution of test programs.

Submitted by:	Julio Merino jmmv google.com
MFC after:	2 weeks
2013-10-19 06:52:06 +00:00
Rui Paulo
30cc088dc0 Plug atf-run into the 'test' target.
If atf-run exists in ATF_PREFIX and if ALLOW_DEPRECATED_ATF_TOOLS has
been set to yes, the test target is automatically defined to use it
for the execution of test programs.

Submitted by:	Julio Merino jmmv google.com
MFC after:	2 weeks
2013-10-19 06:51:34 +00:00
Rui Paulo
25b6a535fa Add the automatic generation of Kyuafile files.
These files are generated from bsd.test.mk because kyua is able to run
test programs implemented using different libraries/frameworks.  In
order to make this possible, this change also extends the various
*.test.mk file to explicitly indicate the interface of every test
program.

Submitted by:	Julio Merino jmmv google.com
MFC after:	2 weeks
2013-10-19 06:50:56 +00:00
Rui Paulo
26ea29af54 Add the automatic generation of Atffile files.
These are only used by the deprecated atf-run and atf-report tools.
Generating them is easy and provides a mechanism for people to
experiment with these tools if they wish.

But, because these tools and files are deprecated, doing this only
happens if the user has explicitly set ALLOW_DEPRECATED_ATF_TOOLS
to yes.

Submitted by:	Julio Merino jmmv google.com
MFC after:	2 weeks
2013-10-19 06:50:17 +00:00
Rui Paulo
d4a14c8563 Clearly split the logic to build ATF and plain tests apart.
This change introduces a new plain.test.mk file that provides the build
infrastructure to build test programs that don't use any framework.
Most of the code previously in bsd.test.mk moves to plain.test.mk and
atf.test.mk is extended with the missing pieces.

In doing so, this change pushes all test program building logic to the
various *.test.mk files instead of trying to reuse some tiny bits.
In fact, this attempt to reuse some definitions makes the code harder
to read and harder to extend.

The clear benefit of this is that the interface of bsd.test.mk is now
clearly delimited.

Submitted by:	Julio Merino jmmv google.com
MFC after:	2 weeks
2013-10-19 06:48:49 +00:00
Brooks Davis
f570e9e145 MFP4: 221483, 221567, 221568, 221670, 221677, 221678, 221800, 221801,
221804, 221805, 222004, 222006, 222055, 222820, 1135077, 1135118, 1136259

Add atse(4), a driver for the Altera Triple Speed Ethernet MegaCore.

The current driver support gigabit Ethernet speeds only and works with
the MegaCore only in the internal FIFO configuration in the soon to be
open sourced BERI CPU configuration.

Submitted by:	bz
MFC after:	3 days
Sponsored by:	DARPA/AFRL
2013-10-18 20:44:19 +00:00
Neel Natu
b6afa84b8c Add an option to bhyveload(8) that allows setting a loader environment variable
from the command line.

The option syntax is "-e <name=value>". It may be used multiple times to set
multiple environment variables.

Reviewed by:	grehan
Requested by:	alfred
2013-10-17 00:28:35 +00:00
Alexander V. Chernikov
716151ab18 Reflect r248070 (RTM_PINNED) changes in documentation.
Pointed by:	pluknet
MFC after:	2 weeks
2013-10-16 10:36:42 +00:00
Bryan Drewery
e3ededfa24 Rename libbsdyml to libyaml, make private, and bump
SHLIB_MAJOR to 1.0

Suggested by:	des
Approved by:	bapt
MFC after:	1 week
2013-10-14 18:31:15 +00:00
Hiroki Sato
fbd868c9d8 - Add mount.fdescfs parameter to jail(8). This is similar to
mount.devfs but mounts fdescfs.  The mount happens just after
  mount.devfs.

- rc.d/jail now displays whole error message from jail(8) when a jail
  fails to start.

Approved by:	re (gjb)
2013-10-12 17:27:59 +00:00
Mark Murray
cc4d059c03 Merge from project branch. Uninteresting commits are trimmed.
Refactor of /dev/random device. Main points include:

* Userland seeding is no longer used. This auto-seeds at boot time
on PC/Desktop setups; this may need some tweeking and intelligence
from those folks setting up embedded boxes, but the work is believed
to be minimal.

* An entropy cache is written to /entropy (even during installation)
and the kernel uses this at next boot.

* An entropy file written to /boot/entropy can be loaded by loader(8)

* Hardware sources such as rdrand are fed into Yarrow, and are no
longer available raw.

------------------------------------------------------------------------
r256240 | des | 2013-10-09 21:14:16 +0100 (Wed, 09 Oct 2013) | 4 lines

Add a RANDOM_RWFILE option and hide the entropy cache code behind it.
Rename YARROW_RNG and FORTUNA_RNG to RANDOM_YARROW and RANDOM_FORTUNA.
Add the RANDOM_* options to LINT.

------------------------------------------------------------------------
r256239 | des | 2013-10-09 21:12:59 +0100 (Wed, 09 Oct 2013) | 2 lines

Define RANDOM_PURE_RNDTEST for rndtest(4).

------------------------------------------------------------------------
r256204 | des | 2013-10-09 18:51:38 +0100 (Wed, 09 Oct 2013) | 2 lines

staticize struct random_hardware_source

------------------------------------------------------------------------
r256203 | markm | 2013-10-09 18:50:36 +0100 (Wed, 09 Oct 2013) | 2 lines

Wrap some policy-rich code in 'if NOTYET' until we can thresh out
what it really needs to do.

------------------------------------------------------------------------
r256184 | des | 2013-10-09 10:13:12 +0100 (Wed, 09 Oct 2013) | 2 lines

Re-add /dev/urandom for compatibility purposes.

------------------------------------------------------------------------
r256182 | des | 2013-10-09 10:11:14 +0100 (Wed, 09 Oct 2013) | 3 lines

Add missing include guards and move the existing ones out of the
implementation namespace.

------------------------------------------------------------------------
r256168 | markm | 2013-10-08 23:14:07 +0100 (Tue, 08 Oct 2013) | 10 lines

Fix some just-noticed problems:

o Allow this to work with "nodevice random" by fixing where the
MALLOC pool is defined.

o Fix the explicit reseed code. This was correct as submitted, but
in the project branch doesn't need to set the "seeded" bit as this
is done correctly in the "unblock" function.

o Remove some debug ifdeffing.

o Adjust comments.

------------------------------------------------------------------------
r256159 | markm | 2013-10-08 19:48:11 +0100 (Tue, 08 Oct 2013) | 6 lines

Time to eat crow for me.

I replaced the sx_* locks that Arthur used with regular mutexes;
this turned out the be the wrong thing to do as the locks need to
be sleepable. Revert this folly.

# Submitted by:	Arthur Mesh <arthurmesh@gmail.com> (In original diff)

------------------------------------------------------------------------
r256138 | des | 2013-10-08 12:05:26 +0100 (Tue, 08 Oct 2013) | 10 lines

Add YARROW_RNG and FORTUNA_RNG to sys/conf/options.

Add a SYSINIT that forces a reseed during proc0 setup, which happens
fairly late in the boot process.

Add a RANDOM_DEBUG option which enables some debugging printf()s.

Add a new RANDOM_ATTACH entropy source which harvests entropy from the
get_cyclecount() delta across each call to a device attach method.

------------------------------------------------------------------------
r256135 | markm | 2013-10-08 07:54:52 +0100 (Tue, 08 Oct 2013) | 8 lines

Debugging. My attempt at EVENTHANDLER(multiuser) was a failure; use
EVENTHANDLER(mountroot) instead.

This means we can't count on /var being present, so something will
need to be done about harvesting /var/db/entropy/... .

Some policy now needs to be sorted out, and a pre-sync cache needs
to be written, but apart from that we are now ready to go.

Over to review.

------------------------------------------------------------------------
r256094 | markm | 2013-10-06 23:45:02 +0100 (Sun, 06 Oct 2013) | 8 lines

Snapshot.

Looking pretty good; this mostly works now. New code includes:

* Read cached entropy at startup, both from files and from loader(8)
preloaded entropy. Failures are soft, but announced. Untested.

* Use EVENTHANDLER to do above just before we go multiuser. Untested.

------------------------------------------------------------------------
r256088 | markm | 2013-10-06 14:01:42 +0100 (Sun, 06 Oct 2013) | 2 lines

Fix up the man page for random(4). This mainly removes no-longer-relevant
details about HW RNGs, reseeding explicitly and user-supplied
entropy.

------------------------------------------------------------------------
r256087 | markm | 2013-10-06 13:43:42 +0100 (Sun, 06 Oct 2013) | 6 lines

As userland writing to /dev/random is no more, remove the "better
than nothing" bootstrap mode.

Add SWI harvesting to the mix.

My box seeds Yarrow by itself in a few seconds! YMMV; more to follow.

------------------------------------------------------------------------
r256086 | markm | 2013-10-06 13:40:32 +0100 (Sun, 06 Oct 2013) | 11 lines

Debug run. This now works, except that the "live" sources haven't
been tested. With all sources turned on, this unlocks itself in
a couple of seconds! That is no my box, and there is no guarantee
that this will be the case everywhere.

* Cut debug prints.

* Use the same locks/mutexes all the way through.

* Be a tad more conservative about entropy estimates.

------------------------------------------------------------------------
r256084 | markm | 2013-10-06 13:35:29 +0100 (Sun, 06 Oct 2013) | 5 lines

Don't use the "real" assembler mnemonics; older compilers may not
understand them (like when building CURRENT on 9.x).

# Submitted by:	Konstantin Belousov <kostikbel@gmail.com>

------------------------------------------------------------------------
r256081 | markm | 2013-10-06 10:55:28 +0100 (Sun, 06 Oct 2013) | 12 lines

SNAPSHOT.

Simplify the malloc pools; We only need one for this device.

Simplify the harvest queue.

Marginally improve the entropy pool hashing, making it a bit faster
in the process.

Connect up the hardware "live" source harvesting. This is simplistic
for now, and will need to be made rate-adaptive.

All of the above passes a compile test but needs to be debugged.

------------------------------------------------------------------------
r256042 | markm | 2013-10-04 07:55:06 +0100 (Fri, 04 Oct 2013) | 25 lines

Snapshot. This passes the build test, but has not yet been finished or debugged.

Contains:

* Refactor the hardware RNG CPU instruction sources to feed into
the software mixer. This is unfinished. The actual harvesting needs
to be sorted out. Modified by me (see below).

* Remove 'frac' parameter from random_harvest(). This was never
used and adds extra code for no good reason.

* Remove device write entropy harvesting. This provided a weak
attack vector, was not very good at bootstrapping the device. To
follow will be a replacement explicit reseed knob.

* Separate out all the RANDOM_PURE sources into separate harvest
entities. This adds some secuity in the case where more than one
is present.

* Review all the code and fix anything obviously messy or inconsistent.
Address som review concerns while I'm here, like rename the pseudo-rng
to 'dummy'.

# Submitted by:	Arthur Mesh <arthurmesh@gmail.com> (the first item)

------------------------------------------------------------------------
r255319 | markm | 2013-09-06 18:51:52 +0100 (Fri, 06 Sep 2013) | 4 lines

Yarrow wants entropy estimations to be conservative; the usual idea
is that if you are certain you have N bits of entropy, you declare
N/2.

------------------------------------------------------------------------
r255075 | markm | 2013-08-30 18:47:53 +0100 (Fri, 30 Aug 2013) | 4 lines

Remove short-lived idea; thread to harvest (eg) RDRAND enropy into the
usual harvest queues. It was a nifty idea, but too heavyweight.

# Submitted by:	Arthur Mesh <arthurmesh@gmail.com>

------------------------------------------------------------------------
r255071 | markm | 2013-08-30 12:42:57 +0100 (Fri, 30 Aug 2013) | 4 lines

Separate out the Software RNG entropy harvesting queue and thread
into its own files.

# Submitted by:	 Arthur Mesh <arthurmesh@gmail.com>

------------------------------------------------------------------------
r254934 | markm | 2013-08-26 20:07:03 +0100 (Mon, 26 Aug 2013) | 2 lines

Remove the short-lived namei experiment.

------------------------------------------------------------------------
r254928 | markm | 2013-08-26 19:35:21 +0100 (Mon, 26 Aug 2013) | 2 lines

Snapshot; Do some running repairs on entropy harvesting. More needs
to follow.

------------------------------------------------------------------------
r254927 | markm | 2013-08-26 19:29:51 +0100 (Mon, 26 Aug 2013) | 15 lines

Snapshot of current work;

1) Clean up namespace; only use "Yarrow" where it is Yarrow-specific
or close enough to the Yarrow algorithm. For the rest use a neutral
name.

2) Tidy up headers; put private stuff in private places. More could
be done here.

3) Streamline the hashing/encryption; no need for a 256-bit counter;
128 bits will last for long enough.

There are bits of debug code lying around; these will be removed
at a later stage.

------------------------------------------------------------------------
r254784 | markm | 2013-08-24 14:54:56 +0100 (Sat, 24 Aug 2013) | 39 lines

1) example (partially humorous random_adaptor, that I call "EXAMPLE")
 * It's not meant to be used in a real system, it's there to show how
   the basics of how to create interfaces for random_adaptors. Perhaps
   it should belong in a manual page

2) Move probe.c's functionality in to random_adaptors.c
 * rename random_ident_hardware() to random_adaptor_choose()

3) Introduce a new way to choose (or select) random_adaptors via tunable
"rngs_want" It's a list of comma separated names of adaptors, ordered
by preferences. I.e.:
rngs_want="yarrow,rdrand"

Such setting would cause yarrow to be preferred to rdrand. If neither of
them are available (or registered), then system will default to
something reasonable (currently yarrow). If yarrow is not present, then
we fall back to the adaptor that's first on the list of registered
adaptors.

4) Introduce a way where RNGs can play a role of entropy source. This is
mostly useful for HW rngs.

The way I envision this is that every HW RNG will use this
functionality by default. Functionality to disable this is also present.
I have an example of how to use this in random_adaptor_example.c (see
modload event, and init function)

5) fix kern.random.adaptors from
kern.random.adaptors: yarrowpanicblock
to
kern.random.adaptors: yarrow,panic,block

6) add kern.random.active_adaptor to indicate currently selected
adaptor:
root@freebsd04:~ # sysctl kern.random.active_adaptor
kern.random.active_adaptor: yarrow

# Submitted by:	Arthur Mesh <arthurmesh@gmail.com>

Submitted by:	Dag-Erling Smørgrav <des@FreeBSD.org>, Arthur Mesh <arthurmesh@gmail.com>
Reviewed by:	des@FreeBSD.org
Approved by:	re (delphij)
Approved by:	secteam (des,delphij)
2013-10-12 12:57:57 +00:00
Eitan Adler
eae00e207b Fix the formatting for the danish keymap.
Reported by:	dteske
Approved by:	re (glebius)
2013-10-12 07:00:51 +00:00
Rui Paulo
ec0e2ac611 Remove most of the ATF tools and the _atf user.
This is necessary because ATF is deprecated and it will be replaced by Kyua.

Submitted by:	jmmv@netbsd.org
Reviewed by:	Garrett Cooper
Approved by:	re
2013-10-12 06:06:53 +00:00
Eitan Adler
92aece216f Fix NetBSD release number
Submitted by:	pluknet
Approved by:	re (glebius)
2013-10-11 18:51:37 +00:00
Eric Davis
783bfbc5a1 New committer info.
Approved by:	re@ (gjb)
Approved by:	davidch (mentor)
2013-10-10 17:41:41 +00:00
Hiroki Sato
84b354cb9a - Update rc.d/jail to use a jail(8) configuration file instead of
command line options.  The "jail_<jname>_*" rc.conf(5) variables for
  per-jail configuration are automatically converted to
  /var/run/jail.<jname>.conf before the jail(8) utility is invoked.
  This is transparently backward compatible.

- Fix a minor bug in jail(8) which prevented it from returning false
  when jail -r failed.

Approved by:	re (glebius)
2013-10-10 09:32:27 +00:00
Mark Murray
371cbaafa8 MFC - tracking commit 2013-10-09 17:41:47 +00:00
Glen Barber
c9fc60beee Revert r256095, r256120 (partial), r256121:
r256095:
 - Add gnu/usr.bin/rcs back to the base system.

r256120:
 - Add WITHOUT_RCS back to src.conf.5.

r256121:
 - Remove UPDATING entry regarding gnu/usr.bin/rcs removal.

Requested by:	many
Approved by:	re (marius)
Discussed with:	core
2013-10-09 17:07:20 +00:00
Mark Murray
a332c3c798 MFC - tracking commit 2013-10-09 07:55:21 +00:00
Neel Natu
200758f114 Parse the memory size parameter using expand_number() to allow specifying
the memory size more intuitively (e.g. 512M, 4G etc).

Submitted by:	rodrigc
Reviewed by:	grehan
Approved by:	re (blanket)
2013-10-09 03:56:07 +00:00
Mark Murray
842d654ca7 MFC - tracking commit. 2013-10-08 07:02:23 +00:00
John Baldwin
ea41f49fc5 Add manpages for VOP_ADVISE() and VOP_ALLOCATE().
Approved by:	re (gjb)
2013-10-07 20:30:05 +00:00
John Baldwin
80adee135a Remove a stale comment.
Approved by:	re (gjb)
2013-10-07 20:29:31 +00:00
Eitan Adler
3bad2eaa98 Add the latest NetBSD and FreeBSD releases.
Approved by:	re (glebius)
2013-10-07 19:27:54 +00:00
Eitan Adler
18bb1b08e5 This regenerates src.conf.5 for both the RCS removal as well as r255784.
Approved by:	re (glebius)
2013-10-07 19:22:53 +00:00
John-Mark Gurney
2a6b4327c2 add missing sections, de-Xr non-existent page, properly space
punctuation..

Approved by:	re (joel)
MFC after:	3 days
2013-10-07 16:49:53 +00:00
Mark Murray
1bd2ddb93a MFC - tracking commit 2013-10-07 07:36:21 +00:00
Hiren Panchasara
854a107199 With r253139, firmware for urtwn(4) is in base system. Correct the man page to
reflect that.

Approved by:	re (blackend)
2013-10-07 06:50:00 +00:00
Eitan Adler
258c9eb906 Good bye RCS. You will be missed.
(devel/rcs and devel/rcs57 are available as alternatives)

Approved by:	core
Approved by:	re (hrs)
2013-10-07 02:23:00 +00:00
Mark Murray
d94d943e0b MFC - tracking commit. 2013-10-06 18:56:13 +00:00
Konstantin Belousov
5dc5cbb274 Document LK_TRYUPGRADE.
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Approved by:	re (marius)
2013-10-06 15:59:06 +00:00
Mark Murray
1f25c4ec6d Fix up the man page for random(4). This mainly removes no-longer-relevant details about HW RNGs, reseeding explicitly and user-supplied entropy. 2013-10-06 13:01:42 +00:00
Mark Murray
586f9f8f2e MFC- tracking commit. 2013-10-05 15:27:08 +00:00
Joel Dahl
89898f63c2 mdoc: remove EOL whitespace.
Approved by:	re (blanket)
2013-10-04 16:44:24 +00:00
Mark Murray
f02e47dc1e Snapshot. This passes the build test, but has not yet been finished or debugged.
Contains:

* Refactor the hardware RNG CPU instruction sources to feed into
the software mixer. This is unfinished. The actual harvesting needs
to be sorted out. Modified by me (see below).

* Remove 'frac' parameter from random_harvest(). This was never
used and adds extra code for no good reason.

* Remove device write entropy harvesting. This provided a weak
attack vector, was not very good at bootstrapping the device. To
follow will be a replacement explicit reseed knob.

* Separate out all the RANDOM_PURE sources into separate harvest
entities. This adds some secuity in the case where more than one
is present.

* Review all the code and fix anything obviously messy or inconsistent.
Address som review concerns while I'm here, like rename the pseudo-rng
to 'dummy'.

Submitted by:	Arthur Mesh <arthurmesh@gmail.com> (the first item)
2013-10-04 06:55:06 +00:00
Glen Barber
5bbecb65b8 Add FreeBSD 9.2-RELEASE to the BSD Family Tree
Approved by:	re (hrs)
Sponsored by:	The FreeBSD Foundation
2013-10-02 04:40:46 +00:00
Sergey Kandaurov
05d98029e9 Sweep man pages replacing ad -> ada.
Approved by:	re (blackend)
MFC after:	1 week
X-MFC note:	stable/9 only
2013-10-01 18:41:53 +00:00
Ed Maste
2e845e0d0a Regen.
Approved by:	re (implicit)
2013-10-01 17:46:04 +00:00
Dag-Erling Smørgrav
744f86ec15 Regenerate.
Approved by:	re (gjb)
2013-09-30 17:40:39 +00:00
Dag-Erling Smørgrav
56b72efe82 Remove BIND.
Approved by:	re (gjb)
2013-09-30 17:23:45 +00:00
Robert Watson
8cdb4d8967 Update ddb(9) to show how to print 64-bit values with "examine".
MFC after:	3 days
Approved by:	re (gjb)
2013-09-30 09:21:17 +00:00
Eitan Adler
426ab28269 Add the newest NetBSD releases.
Approved by:	re (gjb)
2013-09-29 23:38:53 +00:00
Joel Dahl
f9c8a14ba2 Minor mdoc fixes.
Approved by:	re (blanket)
2013-09-24 20:14:59 +00:00
Dag-Erling Smørgrav
e7145502e1 Regenerate.
Approved by:	re (blanket)
2013-09-24 14:46:10 +00:00
Dag-Erling Smørgrav
70aeafb4fc Flip the switch: disable BIND and enable LDNS_UTILS.
Approved by:	re (blanket)
2013-09-24 14:33:31 +00:00
Danilo Egea Gondolfo
de16bcc52d - Add myself as port commiter and my mentors relationship.
- Add myself to calendar.freebsd.

Approved by:	re (gjb), wg (mentor)
2013-09-24 04:00:49 +00:00
Hiren Panchasara
d83a410e24 Correcting EXAMPLES section.
Approved by:	re (gjb)
2013-09-23 20:30:25 +00:00
Dag-Erling Smørgrav
49cede74ee Add a setup script for unbound(8) called local-unbound-setup. It
generates a configuration suitable for running unbound as a caching
forwarding resolver, and configures resolvconf(8) to update unbound's
list of forwarders in addition to /etc/resolv.conf.  The initial list
is taken from the existing resolv.conf, which is rewritten to point to
localhost.  Alternatively, a list of forwarders can be provided on the
command line.

To assist this script, add an rc.subr command called "enabled" which
does nothing except return 0 if the service is enabled and 1 if it is
not, without going through the usual checks.  We should consider doing
the same for "status", which is currently pointless.

Add an rc script for unbound, called local_unbound.  If there is no
configuration file, the rc script runs local-unbound-setup to generate
one.

Note that these scripts place the unbound configuration files in
/var/unbound rather than /etc/unbound.  This is necessary so that
unbound can reload its configuration while chrooted.  We should
probably provide symlinks in /etc.

Approved by:	re (blanket)
2013-09-23 04:36:51 +00:00
Dag-Erling Smørgrav
8182b3bee1 Make the directory mapping functionality, which was previously only
available in 32-bit compatibility mode, unconditional.

Overhaul the man page, which had evolved more by accretion than by design.

Approved by:	re (gjb)
MFC after:	3 weeks
2013-09-21 21:03:52 +00:00
David Christensen
4e4007688c Substantial rewrite of bxe(4) to add support for the BCM57712 and
BCM578XX controllers.

Approved by:	re
MFC after:	4 weeks
2013-09-20 20:18:49 +00:00
Ed Maste
2789c11117 Regenerate after addition of WITH_LLDB
Approved by: re (blanket)
2013-09-20 01:55:37 +00:00
Ed Maste
e8f1392d95 Add LLDB bmake infrastructure
This connects LLDB to the build, but it is disabled by default.  Add
WITH_LLDB= to src.conf to build it.

Note that LLDB requires a C++11 compiler so is disabled on platforms
using GCC.

Approved by:	re (gjb)
Sponsored by:	DARPA, AFRL
2013-09-20 01:52:02 +00:00
Bryan Drewery
643fe75c7a cap_new(2) and cap_getrights2) were replaced with cap_rights_limit(2)
and cap_rights_get(2) in r247602

Reviewed by:	pjd
Approved by:	gjb
Approved by:	re (rodrigc)
2013-09-19 10:56:36 +00:00
Joel Dahl
79ce8a649b mdoc: sort SEE ALSO.
Approved by:	re (blanket)
2013-09-18 04:44:54 +00:00
Hiroki Sato
9d52c5eaec Add EXAMPLES section to explain the format of fstab(5).
Approved by:	re (marius)
Reviewed by:	wblock
2013-09-17 20:25:29 +00:00
Hiroki Sato
4e62a1443a Remove description "ifconfig_IF_aliasN is deprecated". While this
sentence was added in 2005, many users still need it.

Approved by:	re (gjb)
PR:		docs/162354
2013-09-17 20:20:04 +00:00
Jilles Tjoelker
f7044509cb share/i18n: Fix installworld with read-only obj.
Since iconv was enabled (r254273, August 13), it has been impossible to
installworld using a read-only obj tree. This is common with NFS. Parts of
share/i18n unconditionally rebuild files like mapper.dir during
installation.

This patch ensures the files like mapper.dir are not rewritten with the same
contents.

Tested by:	joel
Approved by:	re (hrs)
2013-09-17 20:09:25 +00:00
Jean-Sébastien Pédron
23916a0385 psm: Update "struct synapticshw" in psm(4) man page
This structure was updated in r255153 and r255154.

PR:		kern/170834
Approved by:	re (hrs)
2013-09-17 18:41:32 +00:00
Dag-Erling Smørgrav
66c2c71f16 Set the correct path for LIBUNBOUND.
Approved by:	re (blanket)
2013-09-17 07:41:08 +00:00
Dag-Erling Smørgrav
75e60c005a Regnerate.
Approved by:	re (blanket)
2013-09-15 15:23:50 +00:00
Dag-Erling Smørgrav
8f8790cdf4 Build and install the Unbound caching DNS resolver daemon.
Approved by:	re (blanket)
2013-09-15 14:51:23 +00:00
Edward Tomasz Napierala
009ea47eb2 Bring in the new iSCSI target and initiator.
Reviewed by:	ken (parts)
Approved by:	re (delphij)
Sponsored by:	FreeBSD Foundation
2013-09-14 15:29:06 +00:00
Sean Bruno
ff8b950507 Correct my inability to do math and provide a GOOD example.
Approved by:	re (implicit)
2013-09-13 21:23:04 +00:00
Sean Bruno
dbcb0e960a Add gpio(4) man page to attempt to document the current hints based setup of
pin outputs, functions and setup.

Add cross reference in gpioctl(8) for people to find.

This is by no means complete and really only covers gpioled(4) and the
Atheros based systems who expose a few extra hints at boot time.

This should be updated by developers who know more about this system than
I and viewed as the beginning of documentation, not the end.

Reviewed by:	adrian
Approved by:	re (joel)
MFC after:	2 weeks
2013-09-13 19:55:40 +00:00
Joel Dahl
0e75d62e8b mdoc: fix list width.
Approved by:	re (blanket)
2013-09-13 19:08:10 +00:00
Glen Barber
b11797ad2f Do not install freebsd-update.conf.5 manual if WITHOUT_FREEBSD_UPDATE is
set.

MFC after:	3 days
Approved by:	re (delphij)
Sponsored by:	The FreeBSD Foundation
2013-09-13 03:39:19 +00:00
John Baldwin
60a774426c - Document the UQUAD sysctl variants.
- Clarify that exactly one of the "access" flags is required and
  list the optional flags in a separate list.  Prefer bundling
  CTLFLAG_TUN into the access flag by not documenting it as an
  optional flag to set.

Approved by:	re (glebius)
MFC after:	1 week
2013-09-12 20:49:20 +00:00
John Baldwin
83506d1a4f Document several recent changes to vm_map_find(9):
- Document the max_addr parameter that restricts mappings to a subset of
  the map's address space.
- Document VMFS_ALIGNED_SPACE and update for the rename of VMFS_SUPER_SPACE.
  In addition, use a table that describes the different find space
  strategies in more detail.

Reviewed by:	alc
Approved by:	re (kib)
2013-09-12 19:51:40 +00:00
Colin Percival
27789e56b2 Remove documentation describing functionality which geom(4) does not,
in fact, provide.

Reviewed by:	phk
MFC after:	3 days
Approved by:	re (gjb)
2013-09-10 21:16:18 +00:00
Dag-Erling Smørgrav
0d410def34 Clean up the Kerberos build by turning libheimipcc and libheimipcs into
private shared libraries, instead of hacked-together archives of PIC
objects.  This makes it possible to build a static libkrb5 that works.

Reviewed by:	stas
Approved by:	re (gjb)
2013-09-10 18:40:43 +00:00
Dag-Erling Smørgrav
30d663c74e Emit the correct standard library dependency line for C++ programs. In
the CLANG_IS_CC case, the default is now libc++.  Only use libstdc++ if
!CLANG_IS_CC or it was explicitly requested in CXXFLAGS.

Submitted by:	theraven
Approved by:	re (gjb)
2013-09-09 21:18:16 +00:00
Dag-Erling Smørgrav
0b2766bd4e Make libldns and libssh private.
Approved by:	re (blanket)
2013-09-08 10:04:26 +00:00
Dag-Erling Smørgrav
2442cc585a Create a private library directory (LIBPRIVATEDIR) for libraries which
we don't want to expose but which can't or shouldn't be static.

To mark a library as private, define PRIVATELIB in its Makefile.  It
will be installed in LIBPRIVATEDIR, which is normally /usr/lib/private
(or /usr/lib32/private for 32-bit libraries on 64-bit platforms).

To indicate that a program or library depends on a private library,
define USEPRIVATELIB in its Makefile.  The correct version of
LIBPRIVATEDIR will be added to its run-time library search path.

Approved by:	re (blanket)
2013-09-08 09:40:23 +00:00
Mark Murray
9d32fc31c7 MFC 2013-09-07 07:58:29 +00:00
Niclas Zeising
26c4cc026d Regenerate after unhooking gcc/g++ from the default build for some arches. 2013-09-06 20:51:15 +00:00
David Chisnall
1a29bd50ff Only set -Wno-c++11-extensions if we're building with clang, so bootstrapping
clang with gcc doesn't fail.
2013-09-06 20:42:14 +00:00
David Chisnall
60ee5dc5d7 Fix use of MACHINE_ARCH where MACHINE was intended for pc98 detection.
Reported by:	nwhitehorn
2013-09-06 20:23:15 +00:00
David Chisnall
52b42bace1 On platforms where clang is the default compiler, don't build gcc or libstdc++.
To enable them, set WITH_GCC and WITH_GNUCXX in src.conf.
Make clang default to using libc++ on FreeBSD 10.
Bumped __FreeBSD_version for the change.

GCC is still enabled on PC98, because the PC98 bootloader requires GCC to build
(or, at least, hard-codes the use of gcc into its build).

Thanks to everyone who helped make the ports tree ready for this (and bapt
for coordinating them all).  Also to imp for reviewing this and working on the
forward-porting of the changes in our gcc so that we're getting to a much
better place with regard to external toolchains.

Sorry to all of the people who helped who I forgot to mention by name.

Reviewed by:	bapt, imp, dim, ...
2013-09-06 20:08:03 +00:00
Mark Murray
0fbf163e60 MFC 2013-09-06 17:42:12 +00:00
Carl Delsey
d58a14820f Fix a typo.
Approved by:	jimharris
Sponsored by:	Intel
2013-09-05 22:55:08 +00:00
Alexander Motin
3d94c26efb Add more references.
Submitted by:	Dmitry Luhtionov <dmitryluhtionov@gmail.com>
MFC after:	1 week
2013-09-05 07:13:08 +00:00
Pawel Jakub Dawidek
04ba6e5086 Add missing '2'. 2013-09-05 00:41:07 +00:00
Pawel Jakub Dawidek
f6474d7fdd Remove trailing comma. 2013-09-05 00:38:53 +00:00
Zbigniew Bodek
dbbd7a968b Add myself as a new committer and cognet as my mentor.
Approved by:	cognet (mentor)
2013-09-04 20:49:32 +00:00
George V. Neville-Neil
a9e5c5a364 Add myself to the list of ports committers.
Approved by: skreuzer (mentor)
2013-09-04 20:12:33 +00:00
John-Mark Gurney
7f3bdd0831 add links for the various vmem functions... 2013-09-04 17:48:41 +00:00
Ruslan Bukin
908ea20751 - Add myself as a src committer
- Note cognet is my mentor

Approved by:	cognet (mentor)
2013-09-04 11:28:47 +00:00
Ed Maste
4b1fb8ff16 Connect libexecinfo to the build
Sponsored by:	DARPA, AFRL
2013-09-03 15:22:04 +00:00
Jeremie Le Hen
f1ed02fabd Since r254974, periodic scripts' period can be configured
independently.  There is no reason to leave their options
with the daily ones, so move them to their own section.
2013-09-03 07:51:06 +00:00
Mark Murray
b881742f2e MFC 2013-09-01 13:33:05 +00:00
Alexander Motin
1d64933fe2 Bring legacy CAM target implementation back into API/KPI-coherent and even
functional state.  While CTL is much more superior target from all points,
there is no reason why this code should not work.

Tested with ahc(4) as target side HBA.

MFC after:	2 weeks
2013-09-01 13:01:59 +00:00
Bryan Venteicher
8f3600b108 Import multiqueue VirtIO net driver from my user/bryanv/vtnetmq branch
This is a significant rewrite of much of the previous driver; lots of
misc. cleanup was also performed, and support for a few other minor
features was also added.
2013-09-01 04:33:47 +00:00
Mark Murray
f43c467a4f MFC 2013-08-31 13:41:20 +00:00
Joel Dahl
a648be6a4a mdoc: add missing El. 2013-08-30 20:20:06 +00:00
Mark Murray
7737ec4198 Remove short-lived idea; thread to harvest (eg) RDRAND enropy into the usual harvest queues. It was a nifty idea, but too heavyweight.
Submitted by:	Arthur Mesh <arthurmesh@gmail.com>
2013-08-30 17:47:53 +00:00
Mark Murray
f27c28dc6e MFC 2013-08-30 11:38:34 +00:00
Bryan Venteicher
3c5dfe892d Few more minor if_vmx tweaks
- Allow the Rx/Tx queue sizes to be configured by tunables
 - Bail out earlier if the Tx queue unlikely has enough free
   descriptors to hold the frame
 - Cleanup some of the offloading capabilities handling
2013-08-30 05:53:00 +00:00
Antoine Brodin
b9aa88b0c1 Fix after r255014 2013-08-29 15:58:20 +00:00
Pedro F. Giffuni
4b97b38825 Drop build option switch for the older GNU patch.
As promised, drop the option to make the older GNU patch
the default.

GNU patch is still being built but something drastic may
happen to it to it before Release.
2013-08-29 00:38:24 +00:00
Robert Watson
5ea1c4a2df Add a simple procdesc(4) man page describing "options PROCDESC" and the
high-level facility, supplementing pdfork(2) and friends.  Update capsicum.4
to xref.

Suggested by:	sbruno
MFC after:	3 days
2013-08-28 19:49:32 +00:00
Joel Dahl
99e27a7806 mdoc fix 2013-08-28 05:12:29 +00:00
Niclas Zeising
969fe8f052 Really regen after r254962.
This removes the WITH_BSDCONFIG description alltogether, since this option
is removed.
At the same time, fix the WITHOUT_LIBCPLUSPLUS option that had gotten
inverted.
2013-08-27 23:30:02 +00:00
Simon J. Gerraty
a0f1aa8316 Use .SHELL to tell bmake to use 'set -e' when running scripts
since most FreeBSD makefiles it is in effect.

Move the other bmake compatability knobs out of the POSIX block.

Reviewed by: obrien
2013-08-27 23:09:34 +00:00
Jeremie Le Hen
69b55c23cb Make the period of each periodic security script configurable.
There are now six additional variables
  weekly_status_security_enable
  weekly_status_security_inline
  weekly_status_security_output
  monthly_status_security_enable
  monthly_status_security_inline
  monthly_status_security_output
alongside their existing daily counterparts.  They all have the same
default values.

All other "daily_status_security_${scriptname}_${whatever}"
variables have been renamed to "security_status_${name}_${whatever}".
A compatibility shim has been introduced for the old variable names,
which we will be able to remove in 11.0-RELEASE.

"security_status_${name}_enable" is still a boolean but a new
"security_status_${name}_period" allows to define the period of
each script.  The value is one of "daily" (the default for backward
compatibility), "weekly", "monthly" and "NO".

Note that when the security periodic scripts are run directly from
crontab(5) (as opposed to being called by daily or weekly periodic
scripts), they will run unless the test is explicitely disabled with a
"NO", either for in the "_enable" or the "_period" variable.

When the security output is not inlined, the mail subject has been
changed from "$host $arg run output" to "$host $arg $period run output".
For instance:
  myfbsd security run output ->  myfbsd security daily run output
I don't think this is considered as a stable API, but feel free to
correct me if I'm wrong.

Finally, I will rearrange periodic.conf(5) and default/periodic.conf
to put the security options in their own section.  I left them in
place for this commit to make reviewing easier.

Reviewed by:	hackers@
2013-08-27 21:20:28 +00:00
Devin Teske
a5aa00fbae Formally remove WITH_BSDCONFIG build option and re-generate src.conf.5
NOTE: Should have been inline with revisions 252862 and 254958.
2013-08-27 16:30:50 +00:00
Devin Teske
88f6b1e401 It was brought to my attention that SVN r252862 was incomplete. It needed
to also make this change, to completely deprecate WITH_BSDCONFIG.
2013-08-27 14:48:01 +00:00
John-Mark Gurney
7455cb5e18 fix up my copyright.. 2013-08-26 18:50:40 +00:00
John-Mark Gurney
2af90ee542 none of the drivers in the tree support CDIOCCAPABILITY or CDIOCPITCH..
remove the documentation so people won't get confused and think they
are supported...
2013-08-26 18:47:10 +00:00
Mark Murray
a8343c86d2 MFC 2013-08-26 18:21:04 +00:00
John-Mark Gurney
976a220f2c Joerg was my mentor way back when... 2013-08-26 17:36:55 +00:00
Antoine Brodin
8aad3f600b Regenerate src.conf.5 2013-08-26 17:18:21 +00:00
Antoine Brodin
0c4367400d Hook vm_page_busy.9 to the build 2013-08-26 16:38:40 +00:00
Mark Murray
6871a82d32 MFC 2013-08-25 10:08:58 +00:00
Joel Dahl
ec76d29f81 Remove EOL whitespace. 2013-08-25 06:59:30 +00:00
Joel Dahl
082dbcbf5e mdoc fixes. 2013-08-25 06:58:51 +00:00
Andre Oppermann
6e3e14fe44 Fix BUGS section after botched modify in r254772.
Reported by:	bjk
2013-08-24 21:30:35 +00:00
Mark Johnston
29f4e216f2 Rename the kld_unload event handler to kld_unload_try, and add a new
kld_unload event handler which gets invoked after a linker file has been
successfully unloaded. The kld_unload and kld_load event handlers are now
invoked with the shared linker lock held, while kld_unload_try is invoked
with the lock exclusively held.

Convert hwpmc(4) to use these event handlers instead of having
kern_kldload() and kern_kldunload() invoke hwpmc(4) hooks whenever files are
loaded or unloaded. This has no functional effect, but simplifes the linker
code somewhat.

Reviewed by:	jhb
2013-08-24 21:13:38 +00:00
Mark Murray
ddbfa6b19e 1) example (partially humorous random_adaptor, that I call "EXAMPLE")
* It's not meant to be used in a real system, it's there to show how
   the basics of how to create interfaces for random_adaptors. Perhaps
   it should belong in a manual page

2) Move probe.c's functionality in to random_adaptors.c
 * rename random_ident_hardware() to random_adaptor_choose()

3) Introduce a new way to choose (or select) random_adaptors via tunable
"rngs_want" It's a list of comma separated names of adaptors, ordered
by preferences. I.e.:
rngs_want="yarrow,rdrand"

Such setting would cause yarrow to be preferred to rdrand. If neither of
them are available (or registered), then system will default to
something reasonable (currently yarrow). If yarrow is not present, then
we fall back to the adaptor that's first on the list of registered
adaptors.

4) Introduce a way where RNGs can play a role of entropy source. This is
mostly useful for HW rngs.

The way I envision this is that every HW RNG will use this
functionality by default. Functionality to disable this is also present.
I have an example of how to use this in random_adaptor_example.c (see
modload event, and init function)

5) fix kern.random.adaptors from
kern.random.adaptors: yarrowpanicblock
to
kern.random.adaptors: yarrow,panic,block

6) add kern.random.active_adaptor to indicate currently selected
adaptor:
root@freebsd04:~ # sysctl kern.random.active_adaptor
kern.random.active_adaptor: yarrow

Submitted by:	Arthur Mesh <arthurmesh@gmail.com>
2013-08-24 13:54:56 +00:00
Andre Oppermann
2c4e923de2 Adjust for the pfil_func_t typedef added in r254769. 2013-08-24 11:57:02 +00:00
Andre Oppermann
bacda5aaa9 pfil_hook_get() has been internalized in r254771 and is no longer
part of the API.  It wasn't safe for external use in any case.
2013-08-24 10:38:02 +00:00
Kenneth D. Merry
93729c1796 Add support to physio(9) for devices that don't want I/O split and
configure sa(4) to request no I/O splitting by default.

For tape devices, the user needs to be able to clearly understand
what blocksize is actually being used when writing to a tape
device.  The previous behavior of physio(9) was that it would split
up any I/O that was too large for the device, or too large to fit
into MAXPHYS.  This means that if, for instance, the user wrote a
1MB block to a tape device, and MAXPHYS was 128KB, the 1MB write
would be split into 8 128K chunks.  This would be done without
informing the user.

This has suboptimal effects, especially when trying to communicate
status to the user.  In the event of an error writing to a tape
(e.g. physical end of tape) in the middle of a 1MB block that has
been split into 8 pieces, the user could have the first two 128K
pieces written successfully, the third returned with an error, and
the last 5 returned with 0 bytes written.  If the user is using
a standard write(2) system call, all he will see is the ENOSPC
error.  He won't have a clue how much actually got written.  (With
a writev(2) system call, he should be able to determine how much
got written in addition to the error.)

The solution is to prevent physio(9) from splitting the I/O.  The
new cdev flag, SI_NOSPLIT, tells physio that the driver does not
want I/O to be split beforehand.

Although the sa(4) driver now enables SI_NOSPLIT by default,
that can be disabled by two loader tunables for now.  It will not
be configurable starting in FreeBSD 11.0.  kern.cam.sa.allow_io_split
allows the user to configure I/O splitting for all sa(4) driver
instances.  kern.cam.sa.%d.allow_io_split allows the user to
configure I/O splitting for a specific sa(4) instance.

There are also now three sa(4) driver sysctl variables that let the
users see some sa(4) driver values.  kern.cam.sa.%d.allow_io_split
shows whether I/O splitting is turned on.  kern.cam.sa.%d.maxio shows
the maximum I/O size allowed by kernel configuration parameters
(e.g. MAXPHYS, DFLTPHYS) and the capabilities of the controller.
kern.cam.sa.%d.cpi_maxio shows the maximum I/O size supported by
the controller.

Note that a better long term solution would be to implement support
for chaining buffers, so that that MAXPHYS is no longer a limiting
factor for I/O size to tape and disk devices.  At that point, the
controller and the tape drive would become the limiting factors.

sys/conf.h:	Add a new cdev flag, SI_NOSPLIT, that allows a
		driver to tell physio not to split up I/O.

sys/param.h:	Bump __FreeBSD_version to 1000049 for the addition
		of the SI_NOSPLIT cdev flag.

kern_physio.c:	If the SI_NOSPLIT flag is set on the cdev, return
		any I/O that is larger than si_iosize_max or
		MAXPHYS, has more than one segment, or would have
		to be split because of misalignment with EFBIG.
		(File too large).

		In the event of an error, print a console message to
		give the user a clue about what happened.

scsi_sa.c:	Set the SI_NOSPLIT cdev flag on the devices created
		for the sa(4) driver by default.

		Add tunables to control whether we allow I/O splitting
		in physio(9).

		Explain in the comments that allowing I/O splitting
		will be deprecated for the sa(4) driver in FreeBSD
		11.0.

		Add sysctl variables to display the maximum I/O
		size we can do (which could be further limited by
		read block limits) and the maximum I/O size that
		the controller can do.

		Limit our maximum I/O size (recorded in the cdev's
		si_iosize_max) by MAXPHYS.  This isn't strictly
		necessary, because physio(9) will limit it to
		MAXPHYS, but it will provide some clarity for the
		application.

		Record the controller's maximum I/O size reported
		in the Path Inquiry CCB.

sa.4:		Document the block size behavior, and explain that
		the option of allowing physio(9) to split the I/O
		will disappear in FreeBSD 11.0.

Sponsored by:	Spectra Logic
2013-08-24 04:52:22 +00:00
Bryan Venteicher
c7e7c22e16 Remove duplicate copy of the man page
Pointed out by:	jmallett
2013-08-23 20:56:17 +00:00
Bryan Venteicher
e3c97c2cc2 Add vmx(4), a VMware VMXNET3 ethernet driver ported from OpenBSD 2013-08-23 20:47:16 +00:00
Davide Italiano
ad0947c3a4 - Bump date.
- Small mdoc fix.

Submitted by:	pluknet
2013-08-23 14:33:56 +00:00
Davide Italiano
246fb6b232 Introduce callout_init_rm() so that callouts can be used in conjunction
with rmlocks. This works only with non-sleepable rm because handlers run
in SWI context. While here, document the new KPI in the timeout(9)
manpage.

Requested by:	adrian, scottl
Reviewed by:	mav, remko(manpage)
2013-08-23 14:12:39 +00:00
Konstantin Belousov
00cf6892bb Update the manual page for vm_page_grab(9).
Reviewed and edited by:	alc
Sponsored by:	The FreeBSD Foundation
2013-08-22 22:01:56 +00:00
Joel Dahl
0678b9b1d6 Minor mdoc nit. 2013-08-22 16:00:09 +00:00
Andrey V. Elsukov
27eaacc76c Really disconnect pkg_install from the build.
Reported by:	Mikhail Timofeyev
2013-08-22 12:49:28 +00:00
Erwin Lansing
08e6ea976b Update Bind to 9.9.3-P2
Notable new features:

*  Elliptic Curve Digital Signature Algorithm keys and signatures in
   DNSSEC are now supported per RFC 6605. [RT #21918]

*  Introduces a new tool "dnssec-verify" that validates a signed zone,
   checking for the correctness of signatures and NSEC/NSEC3 chains.
   [RT #23673]

*  BIND now recognizes the TLSA resource record type, created to
   support IETF DANE (DNS-based Authentication of Named Entities)
   [RT #28989]

*  The new "inline-signing" option, in combination with the
   "auto-dnssec" option that was introduced in BIND 9.7, allows
   named to sign zones completely transparently.

Approved by:	delphij (mentor)
MFC after:	3 days
Sponsored by:	DK Hostmaster A/S
2013-08-22 08:15:03 +00:00
Jung-uk Kim
8a1ee2d346 Implement atomic_swap() and atomic_testandset().
Reviewed by:	arch, bde, jilles, kib
2013-08-21 22:03:06 +00:00
Mark Johnston
c6cb04a463 Update the SDT(9) man page with the macros added in 254468. Also change the
existing examples to not pass an mbuf as a probe argument. There's no
obvious reason to have it there, and it doesn't really jibe with the example
added in this revision.

MFC after:	1 week
2013-08-17 22:06:30 +00:00
Matt Jacob
193ecaecfa Correct sentence syntax too. 2013-08-17 01:17:51 +00:00
David E. O'Brien
d1834020c6 Correct spelling. 2013-08-17 01:02:04 +00:00
Kevin Lo
612cf1ca01 Bring datasheet URL up to date. 2013-08-16 07:42:06 +00:00
Rusmir Dusko
d1c64a6d1d - Add myself in committers-ports.dot
Approved by:	miwi/wxs/wg (mentors)
2013-08-15 16:03:09 +00:00
Mark Johnston
f0e6364ef8 Fix a typo.
MFC after:	3 days
2013-08-15 04:10:15 +00:00
Glen Barber
bda5988364 Remove the {SRC,DOC,PORT}REVISION variables from release(7), and
update the default {SRC,DOC,PORT}BRANCH defaults.

Submitted by:	nwhitehorn
X-MFC-With:	r254224, r254294
X-MFC-To:	stable/9, releng/9.2
2013-08-14 14:45:47 +00:00
Mark Johnston
12ede07ab8 Use kld_{load,unload} instead of mod_{load,unload} for the linker file load
and unload event handlers added in r254266.

Reported by:	jhb
X-MFC with:	r254266
2013-08-14 00:42:21 +00:00
Glen Barber
bc1af85cfe - Remove the defaults for TARGET/TARGET_ARCH.
- Note that WORLD_FLAGS and KERNEL_FLAGS set the number of
  make(1) jobs only on SMP-capable systems.

MFC after:	3 days
X-MFC-With:	r254224
X-MFC-To:	stable/9, releng/9.2
2013-08-13 20:22:57 +00:00
Peter Wemm
0ff204bbd1 The iconv in libc did two things - implement the standard APIs, the GNU
extensions and also tried to be link time compatible with ports libiconv.
This splits that functionality and enables the parts that shouldn't
interfere with the port by default.

WITH_ICONV (now on by default) - adds iconv.h, iconv_open(3) etc.
WITH_LIBICONV_COMPAT (off by default) adds the libiconv_open etc API, linker
symbols and even a stub libiconv.so.3 that are good enough to be able
to 'pkg delete -f libiconv' on a running system and reasonably expect it
to work.

I have tortured many machines over the last few days to try and reduce
the possibilities of foot-shooting as much as I can.  I've successfully
recompiled to enable and disable the libiconv_compat modes, ports that use
libiconv alongside system iconv etc.  If you don't enable the
WITH_LIBICONV_COMPAT switch, they don't share symbol space.

This is an extension of behavior on other system.  iconv(3) is a standard
libc interface and libiconv port expects to be able to run alongside it on
systems that have it.

Bumped osreldate.
2013-08-13 07:15:01 +00:00
Mark Johnston
c9b645b50b Add event handlers for module load and unload events. The load handlers are
called after the module has been loaded, and the unload handlers are called
before the module is unloaded. Moreover, the module unload handlers may
return an error to prevent the unload from proceeding.

Reviewed by:	avg
MFC after:	2 weeks
2013-08-13 03:07:49 +00:00
Glen Barber
ebe2785690 - Update the wrapper script to 'release.sh', as used by the FreeBSD
Release Engineering Team as of 9.2-RELEASE.

- Document that a cross-build release is possible by setting the
  TARGET and TARGET_ARCH variables.

- Include an example of using release.sh with and without the
  optional configuration file.

- Document the supported release.sh configuration file variables.

- Update the 'cdrom' target output file to disc1.iso.

- Update the 'memstick' target output file to memstick.img.

- Add attributions for the last major updates to this manual page.

- Fix some mdoc(7) style nits:
  - Sentences should begin on a new line
  - Use .Pq to enclose full lines in parenthesis
2013-08-11 18:57:27 +00:00
Joel Dahl
cfde4db254 mdoc: remove commented out macro, sort SEE ALSO and add missing .El. 2013-08-10 06:48:20 +00:00
Joel Dahl
cbf572d018 Minor mdoc nits. 2013-08-10 06:39:42 +00:00
Joel Dahl
5b63fb798b mdoc: document title should be all caps. 2013-08-10 06:37:53 +00:00
David E. O'Brien
5711939b63 * Add random_adaptors.[ch] which is basically a store of random_adaptor's.
random_adaptor is basically an adapter that plugs in to random(4).
  random_adaptor can only be plugged in to random(4) very early in bootup.
  Unplugging random_adaptor from random(4) is not supported, and is probably a
  bad idea anyway, due to potential loss of entropy pools.
  We currently have 3 random_adaptors:
  + yarrow
  + rdrand (ivy.c)
  + nehemeiah

* Remove platform dependent logic from probe.c, and move it into
  corresponding registration routines of each random_adaptor provider.
  probe.c doesn't do anything other than picking a specific random_adaptor
  from a list of registered ones.

* If the kernel doesn't have any random_adaptor adapters present then the
  creation of /dev/random is postponed until next random_adaptor is kldload'ed.

* Fix randomdev_soft.c to refer to its own random_adaptor, instead of a
  system wide one.

Submitted by: arthurmesh@gmail.com, obrien
Obtained from: Juniper Networks
Reviewed by: so (des)
2013-08-09 15:31:50 +00:00
Attilio Rao
ac6b769be9 Give mutex(9) the ability to recurse on a per-instance basis.
Now the MTX_RECURSE flag can be passed to the mtx_*_flag() calls.
This helps in cases we want to narrow down to specific calls the
possibility to recurse for some locks.

Sponsored by:	EMC / Isilon storage division
Reviewed by:	jeff, alc
Tested by:	pho
2013-08-09 11:24:29 +00:00
Attilio Rao
c7aebda8a1 The soft and hard busy mechanism rely on the vm object lock to work.
Unify the 2 concept into a real, minimal, sxlock where the shared
acquisition represent the soft busy and the exclusive acquisition
represent the hard busy.
The old VPO_WANTED mechanism becames the hard-path for this new lock
and it becomes per-page rather than per-object.
The vm_object lock becames an interlock for this functionality:
it can be held in both read or write mode.
However, if the vm_object lock is held in read mode while acquiring
or releasing the busy state, the thread owner cannot make any
assumption on the busy state unless it is also busying it.

Also:
- Add a new flag to directly shared busy pages while vm_page_alloc
  and vm_page_grab are being executed.  This will be very helpful
  once these functions happen under a read object lock.
- Move the swapping sleep into its own per-object flag

The KPI is heavilly changed this is why the version is bumped.
It is very likely that some VM ports users will need to change
their own code.

Sponsored by:	EMC / Isilon storage division
Discussed with:	alc
Reviewed by:	jeff, kib
Tested by:	gavin, bapt (older version)
Tested by:	pho, scottl
2013-08-09 11:11:11 +00:00
David Malone
2310f718e5 Make section headings for different quirk types consistent. 2013-08-06 11:00:56 +00:00
Sean Bruno
ec5d9810da Update ciss(4) with new models of raid controllers from HP
Submitted by:	scott.benesh@hp.com
MFC after:	2 weeks
Sponsored by:	Hewlett Packard
2013-08-06 03:17:01 +00:00
Hiroki Sato
7dce7544fc - Reimplement $gif_interfaces as a variant of $cloned_interfaces.
Newly-configured systems should use $cloned_interfaces.

- Call clone_{up,down}() and ifnet_rename() in rc.d/netif {start,stop}.
  ifnet_rename() now accepts an interface name list as its argument.

- Add rc.d/netif clear.  The "clear" subcommand is basically equivalent to
  "stop" but it does not call clone_down().

- Add "ifname:sticky" keyword into $cloned_interfaces.  If :sticky is
  specified, the interface will not be destroyed in rc.d/netif stop.

- Add cloned_interfaces_sticky={YES,NO}.  This variable globally sets
  :sticky keyword above for all interfaces.  The default value is NO.
  When cloned_interfaces_sticky=YES, :nosticky keyword can be used to
  override it on per interface basis.
2013-08-04 06:36:17 +00:00
David E. O'Brien
0e6a0799a9 Back out r253779 & r253786. 2013-07-31 17:21:18 +00:00
Hiroki Sato
ca86c84dbf Document net.link.bridge.allow_llz_overlap. 2013-07-31 16:26:41 +00:00
Rui Paulo
31d9867769 Import OpenBSD's rsu(4) WLAN driver.
Support chipsets are the Realtek RTL8188SU, RTL8191SU, and RTL8192SU.

Many thanks to Idwer Vollering for porting/writing the man page and for
testing.

Reviewed by:	adrian, hselasky
Obtained from:	OpenBSD
Tested by:	kevlo, Idwer Vollering <vidwer at gmail.com>
2013-07-30 02:07:57 +00:00
David E. O'Brien
99ff83da74 Decouple yarrow from random(4) device.
* Make Yarrow an optional kernel component -- enabled by "YARROW_RNG" option.
  The files sha2.c, hash.c, randomdev_soft.c and yarrow.c comprise yarrow.

* random(4) device doesn't really depend on rijndael-*.  Yarrow, however, does.

* Add random_adaptors.[ch] which is basically a store of random_adaptor's.
  random_adaptor is basically an adapter that plugs in to random(4).
  random_adaptor can only be plugged in to random(4) very early in bootup.
  Unplugging random_adaptor from random(4) is not supported, and is probably a
  bad idea anyway, due to potential loss of entropy pools.
  We currently have 3 random_adaptors:
  + yarrow
  + rdrand (ivy.c)
  + nehemeiah

* Remove platform dependent logic from probe.c, and move it into
  corresponding registration routines of each random_adaptor provider.
  probe.c doesn't do anything other than picking a specific random_adaptor
  from a list of registered ones.

* If the kernel doesn't have any random_adaptor adapters present then the
  creation of /dev/random is postponed until next random_adaptor is kldload'ed.

* Fix randomdev_soft.c to refer to its own random_adaptor, instead of a
  system wide one.

Submitted by: arthurmesh@gmail.com, obrien
Obtained from: Juniper Networks
Reviewed by: obrien
2013-07-29 20:26:27 +00:00
Andriy Gapon
a29cc9a34b Revert r253748,253749
This WIP should not have been committed yet.

Pointyhat to:	avg
2013-07-28 18:44:17 +00:00
Andriy Gapon
c722ec3a51 remove needless inclusion of machine/cpu.h in userland
MFC after:	21 days
2013-07-28 18:35:43 +00:00
Pedro F. Giffuni
21244d5227 Make the BSD-licensed patch the default.
The BSD-licensed patch(1) command has matured and it's behaviour
can be considered equivalent to the older version of GNU patch
in the tree.

The switch has been extensively tested [1] and only two ports
presented regressions, which have since been fixed.

For convenience a new WITH_GNU_PATCH option is available,
but it will likely be removed in the near future.

PR:		176313
Approved by:	portmgr
2013-07-26 21:25:18 +00:00
Brooks Davis
f1bd660622 Document the sbinuptime() and getsbinuptime() functions introduced in
r247452.

Sponsored by:	DARPA, AFRL
2013-07-25 20:53:15 +00:00
Sergey Kandaurov
84afe24fd0 Add TP-LINK TL-WDN4800.
PR:		docs/180743
Reviewed by:	adrian
2013-07-22 19:32:42 +00:00
Sergey Kandaurov
65f11bd677 Update chipset support list for ath_hal.
This adds "device ath_ar9300".

PR:		docs/180743
Reviewed by:	adrian
2013-07-22 19:21:28 +00:00
Gleb Smirnoff
bab06c29e7 Fix build. 2013-07-22 14:23:46 +00:00
Jim Harris
a073133cdf Add bus_dmamap_load_bio and bus_dmamap_load_ccb to bus_dma(9).
Sponsored by:	Intel
Reviewed by:	kib
MFC after:	3 days
2013-07-17 19:41:16 +00:00
Baptiste Daroussin
d06990ae3d Do not overwrite the new UTF-8 files with the old ISO one 2013-07-17 14:00:51 +00:00
Gleb Smirnoff
60bd643435 Fix typo.
Submitted by:	ae
2013-07-17 13:13:44 +00:00
Gleb Smirnoff
9fd7a1b3dd Improve example, so that it doesn't dump core when example module
isn't loaded.
2013-07-17 12:28:48 +00:00
Baptiste Daroussin
b13ce70710 Change Eu to the proper UTF-8 symbol this was missed in r253414 2013-07-17 11:51:24 +00:00