ngctl: Fix build without JAIL
Reported by: Michael Dexter
Fixes: 72d01e62b082 netgraph: teach ngctl to attach and run itself in a jail
MFC after: 1 day
nanobsd: Expose do_image_prep on command line
do_image_prep will skip the customizations and other image prep that's
the same each time. It was just set before for -I. Expose it now with -p
which doesn't have the other side effects. Also, fix a bug where early
customization was run in this case. We don't want that run multiple
times when building an image from an existing tree or when skipping
image prep (there's no reason to make it a separate hook). Also change
example small media from Compact Flash to SD Card (though maybe it
should be microSD card, eMMC or similar, but that's getting too
verbose).
Sponsored by: Netflix
freebsd-update: sort options alphabetically
This helps future developers when adding additional options handlers in the
surrounding blocks.
This is effectively a no-op.
MFC after: 1 month
release: Remove a duplicate package listing in oracle.conf
sysutils/panicmail is specified again several lines down.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Sponsored by: Klara, Inc.
syncache.4: add missing information
Add the description for one sysctl-variable and three counters provided
by netstat.
Reviewed by: gbe, rscheff
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D52226
(cherry picked from commit bed2299823b8173fd791c0bbacc75ac224cecc0a)
tcp: improve sending of SYN-cookies
Ensure that when the sysctl-variable net.inet.tcp.syncookies_only is
non zero, SYN-cookies are sent and no SYN-cache entry is added to the
SYN-cache. In particular, this behavior should not depend on the value
of the sysctl-variable net.inet.tcp.syncookies, which controls whether
SYN cookies are used in combination with the SYN-cache to deal with
bucket overflows.
Also ensure that tcps_sc_completed does not include TCP connections
established via a SYN-cookie.
While there, make V_tcp_syncookies and V_tcp_syncookiesonly bool
instead of int, since they are used as boolean variables.
Reviewed by: rscheff, cc, Peter Lei, Nick Banks
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D52225
(cherry picked from commit 7b57f2513361fb98fd5e2262f130989fe65946c6)
jaildesc: replace EBADF with EINVAL
Following fd9e09cb, EBADF is not the suitable error code for a non-
jail descriptor passed to jail_set, jail_get, jail_attach_fd, and
jail_remove_fd.
Reported by: kib
tcp: increase tcps_sc_recvcookie only in the syncache_expand()
The syncookie_expand() is called from syncookie_cmp() in INVARIANTS mode
to confirm that values calculated via syncookies mechanism match those
stored in the syncache entry. This creates a counting bug, that with
INVARIANTS every successful use of syncache also counts as use of a
syncookie.
Reviewed by: tuexen
Differential Revision: https://reviews.freebsd.org/D50897
(cherry picked from commit 3ed8d5645dd42a7c080ba800cf6d25cb7e147d7e)
tcp: refactor debug function syncookie_cmp()
- Don't bzero() the test structure. All fields checked are set by
syncache_expand().
- Don't allocate TCP address logging string if there is nothing to report.
- Mark hash bucket argument as pointer to const.
- Make it void.
Differential Revision: https://reviews.freebsd.org/D50896
(cherry picked from commit e9e6a025b4523c9aa2885e892495601964e03056)
tcp: rename syncookie_lookup() into syncookie_expand() and make it bool
This function always returns the same pointer it was passed. With new
name and return type the code is easier to understand. Mark the hash
bucket argument as pointer to const, since function doesn't modify it,
just uses value as integer. No functional changes.
Reviewed by: tuexen
Differential Revision: https://reviews.freebsd.org/D50895
(cherry picked from commit 6538742c1aaca3ce522ccea95007dfa9686c78dd)
ixgbe: Fix incomplete speed coverage in link status logging
Originally ixgbe_if_update_admin_status() only handled 1G and 10G speeds,
causing any other speeds to display as "1 Gbps" in link status logs.
This issue is fixed by adding link speed to string conversion logic through
the introduction of a helper function, ixgbe_link_speed_to_str(), which
corrects the misleading logs to reflect accurate link speeds.
Signed-off-by: Yogesh Bhosale yogesh.bhosale at intel.com
PR: 288960
Reported by: Mike Belanger - QNX
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D52442
loader/efi: return error from efi_find_framebuffer
Also return actual errno values in other code paths.
(suggested by tsoome)
Reviewed by: tsoome, imp
Differential Revision: https://reviews.freebsd.org/D52432
sockstat: fix the -j option with piped output after libxo integration
The legacy code handling -j in display() was causing xo_finish() to be
skipped. It has also been causing a memory leak since 0726c6574f8
(sockstat: Add automatic column sizing and remove -w option)
Fixes: 7b35b4d1963 (sockstat: add libxo support)
MFC after: 1 week
Reported by: glebius
Reviewed by: glebius
Sponsored by: ConnectWise
Pull Request: https://github.com/freebsd/freebsd-src/pull/1842
'kern.proc.groups' sysctl knob: Restore outputting the effective GID
In particular, fixes 'procstat -s' on a live system (for processes with
more than 16 groups).
Reviewed by: kib, emaste
Fixes: be1f7435ef218b1d ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after: 9 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52261
kvm_proclist(): Restore outputting the effective GID
In particular, fixes 'procstat -s -M' (only if there are less than 16
groups).
Reviewed by: kib, emaste
Fixes: be1f7435ef218b1d ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after: 9 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52260
kinfo_proc: Restore outputting the effective GID
In particular, fixes 'procstat -s' on a live system or a core file (only
if there are less than 16 groups).
Reviewed by: kib
Fixes: be1f7435ef218b1d ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after: 9 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52259
nfscl: Restore sending the effective GID to the server
Fixes: be1f7435ef218b1d ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after: 9 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52256
imgact_elf: procstat groups: Restore sending the effective GID
Fixes 'procstat -s' run on a core file when the number of groups in
effect at the moment of core dump exceeds KI_NGROUPS (16).
Reviewed by: kib
Fixes: be1f7435ef218b1d ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after: 9 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52258
nfs: newnfs_setroot(): Remove an obsolete comment
This comment is obsolete, as:
1. This code is FreeBSD-specific and is not shared with other BSDs.
2. With our recent changes in commit be1f7435ef218b1d ("kern: start
tracking cr_gid outside of cr_groups[]"), all of NetBSD, OpenBSD and
FreeBSD have the effective GID in a separate field (DragonFlyBSD
remains to this day an outlier).
MFC after: 9 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52254
hwpmc: On attach, fix allowing a PMC's owner to attach it to itself
The returned value in this case was wrong, and would basically prevent
some PMC's owner process to attach that PMC to itself although the
security checks underneath would have allowed it.
Now that this early return has been fixed, its block basically becomes
a performance short-circuit which has no effect from a functional
standpoint.
Fixes: ebccf1e3a6b1 ("Bring a working snapshot of hwpmc(4), ...")
MFC after: 9 days
Sponsored by: The FreeBSD Foundation
