HBSD: Support applying ASLR state
Set the filesystem extended attributes for the file for the ASLR
feature.
Signed-off-by: Shawn Webb <shawn.webb at hardenedbsd.org>
HBSD: Provide a feature state flag of persisted
The persisted flag denotes that the state has been persisted to storage.
Signed-off-by: Shawn Webb <shawn.webb at hardenedbsd.org>
HBSD: Remove unneeded code
There's no need to keep a file's feature state in the feature object
itself.
Signed-off-by: Shawn Webb <shawn.webb at hardenedbsd.org>
HBSD: Add more APIs and ABIs for libhbsdcontrol
A given file's feature state might be one of:
1. Enabled
2. Disabled
3. System default
4. Unknown
5. Invalid
The vast majority of times, getting the state should return system
default. A state is unknown when a system error occurs (perhaps
filesystem extended attributes aren't available for the underlying
filesystem.) A state of error occurs when an invalid combination of
settings occurs. For example, attempting to set both the enabled and
disabled filesystem extended attributes for a given file.
This also starts the ASLR feature toggle. Provide the implementation for
getting the feature state of a given file.
[2 lines not shown]
loader.4th dictthreshold too small
The dictthreshold in stand/forth/loader.4th is too small
resulting in full dictionary.
Reviewed by: stevek, imp
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D44414
uboot/Makefile move BINDIR
Set BINDIR before we include bsd.init.mk
so we can override it via local.init.mk
Reviewed by: imp
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D44413
nfsd.8: Document ways to minimize Copy operation times
For NFSv4.2, a Copy operation can take a long time to complete.
If there is a concurrent ExchangeID or DelegReturn operation
which requires the exclusive lock on all NFSv4 state, this can
result in a stall of the nfsd server.
This patch documents ways to avoid this problem.
This is a content change.
Reviewed by: karels, wollman, pauamma_gundo.com (manpages)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D44395
kerneldump: add livedump_start_vnode(9)
livedump_start_vnode(9) is introduced such that the live minidump on the
system could take a vnode. This interface could be used to extend support
for the existing framework in downstream.
Bump __FreeBSD_version for introducing livedump_start_vnode(9).
Sponsored by: Juniper Networks, Inc.
Reviewed by: khng
Differential Revision: https://reviews.freebsd.org/D43471
tcp: clear all TCP timers in tcp_timer_stop() when in callout
When a TCP callout decides to disable self, e.g. tcp_timer_2msl() calling
tcp_close(), we must also clear all other possible timers. Otherwise,
upon return, the callout would be scheduled again in tcp_timer_enter().
Revert 57e27ff07aff, which was a temporary partial revert of otherwise
correct 62d47d73b7eb, that exposed the problem being fixed now. Add an
extra assertion in tcp_timer_enter() to check we aren't arming callout for
a closed connection.
Reviewed by: rscheff
lang/gnat1?: force the usage of gettext
It appears that gettext is required even when NLS is disabled (surely
because the compiler used for bootstrap has been built with NLS).
No bump of PORTREVISION needed.
PR: 277508
Reported by: bob (at) vesterman.com
random(9): bump removal to FreeBSD 15.0
It has not yet been removed, and still has some in-tree consumers.
PR: 277655
Sponsored by: The FreeBSD Foundation