share/man/man[49]: Set PACKAGE=kernel-man
When MANSPLITPKG is disabled (which is now the default), the kernel
manpages in sections 4 and 9 are installed in the -kernel package
instead of the -kernel-man package, because bsd.man.mk doesn't add
the -man suffix.
Since we already have handling for kernel-man in generate-ucl.lua,
set PACKAGE=kernel-man to make sure they're always in the right
package.
To avoid creating -kernel-man-man when WITH_MANSPLITPKG is enabled,
add some logic to bsd.man.mk (suggested by kevans) to avoid adding
the -man suffix if the package already has a -man suffix, and while
here, ensure ${__group}PACKAGE is always defined.
MFC after: 3 seconds
Reviewed by: des, bapt
Differential Revision: https://reviews.freebsd.org/D52525
ifconfig: Enter jail as soon as possible
Some options (in particular, -g) are processed immediately upon being
parsed. This will produce the wrong result in combination with -j since
we only attach to the jail after we're done parsing arguments. Solve
this by attaching to the jail immediately when -j is encountered. The
downside is that e.g. `ifconfig -j foo -j bar` would previously attach
to jail “bar”, whereas now it will attempt to attach to jail “foo”, and
if successful, attempt to attach to jail “bar” within jail “foo”. This
may be considered a feature.
PR: 289134
MFC after: 1 week
Reviewed by: zlei
Differential Revision: https://reviews.freebsd.org/D52501
sound: Honor CHN_F_NBIO
If the device is opened with O_NONBLOCK, even though we check for it in
order to set CHN_F_NBIO, the subsequent chn_reset() calls will clear all
flags, except those set in CHN_F_RESET, which does not include
CHN_F_NBIO.
Add CHN_F_NBIO to CHN_F_RESET. Additionally, because primary channels
can be reused, make sure we do not unintentionally keep CHN_F_NBIO set
if the channel is re-opened, but without O_NONBLOCK.
PR: 289441
MFC after: 2 days
Reviewed by: christos, markj
Differential Revision: https://reviews.freebsd.org/D52493
jail: Optionally allow audit session state to be configured in a jail
Currently it is impossible for a privileged, jailed process to set audit
session state. This can result in suprising audit event misattribution.
For example, suppose a user ssh'es into a jail and restarts a service;
normally, sshd sets audit state such that events generated by the SSH
session are attributed to the newly authenticated user, but in a jail,
the corresponding setaudit(2) call fails, so events are attributed to
the user who had started sshd in the jail (typically the user who had
started the jail itself by some means).
While this behaviour is reasonable, administrators might want to trust
the jailed sshd to reset audit state, such that the authenticated user
appears in audit logs. Add a jail knob to enable this. Add a simple
regression test.
Reviewed by: kevans, jamie
MFC after: 1 week
Sponsored by: Modirum MDPay
[2 lines not shown]
ip6: add SO_BINTIME support
This adds support for obtaining timestamps from IPv6 packets using the
SO_BINTIME socket option, bringing it in parity with IPv4 behavior.
Enable testing the SO_BINTIME option in the relevant (manual) regression
test.
PR: 289423
Reviewed by: markj
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D52504
udbc: Add usb debug host mode driver
xhci offers a debugging interface which uses a special usb 3 cable with the D+,
D- and VBUS pairs disconnected. This interface allows a target device to
configure its xhci controller as a debugging channel which can then be used to
provide a serial link between the target and a debug host.
This change extracts the udbc host mode driver from hrs@'s xhci debug
implementation.
Reviewed by: bcr (man page)
MFC after: Before 15-ALPHA3 builds
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D51299
zfs: Use the correct type for raidz_outlier_check_interval_ms
raidz_outlier_check_interval_ms has type hrtime_t, which is a long long,
which is 64 bits wide on all supported platforms.
qat: enable qat driver for 402xx device
Enabled qat driver support for 402xx device with
ID 0x4944/0x4945. This is an additional device supported
under the existing qat_4xxx driver. Firmwares specific to
the 402xx device are added.
Signed-off-by: Hareshx Sankar Raj <hareshx.sankar.raj at intel.com>
Relnotes: yes
Sponsored by: Intel Corporation
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D52488
arm64: Fix the FEAT_WFxT check
The check was always true so would incorrectly enable the feature when
it wasn't supported.
Due to another bug this was harmless.
Sponsored by: Arm Ltd
ng_hci: Cast NG_HCI_BDADDR_ANY to const bdaddr_t *
This is needed to address some compiler errors cleanly, where consumer
functions want this address to be a const pointer.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D52310
libsamplerate: Define as PRIVATELIB
Fixes the following warnings:
ld: error: relocation R_X86_64_32S cannot be used against local symbol; recompile with -fPIC
>>> defined in /usr/obj/usr/src/amd64.amd64/lib/libsamplerate/libsamplerate.a(samplerate.o)
>>> referenced by samplerate.c:498 (/usr/src/contrib/libsamplerate/samplerate.c:498)
>>>
>>> samplerate.o:(src_new) in archive /usr/obj/usr/src/amd64.amd64/lib/libsamplerate/libsamplerate.a
Related discussion: https://reviews.freebsd.org/D52306
Sponsored by: The FreeBSD Foundation
Reviewed by: fuz
Differential Revision: https://reviews.freebsd.org/D52307
pfctl: ctime(3) and ctime_r(3) can fail when timestamps are way off.
Add missing error checks
Input kettenis, millert
OK millert
Obtained from: OpenBSD, florian <florian at openbsd.org>, a7b9eedcb4
Sponsored by: Rubicon Communications, LLC ("Netgate")
pf.conf.5: hint how to set tcp timeout collectively
Hint that the tcp timeout values can be adjusted collectively via "set
optimization".
from jesper wallin
ok bluhm
Obtained from: OpenBSD, jmc <jmc at openbsd.org>, df80715c2d
Sponsored by: Rubicon Communications, LLC ("Netgate")
pf: Show pf fragment reassembly counters.
Framgent count and statistics are stored in struct pf_status. From
there pfctl(8) and systat(1) collect and show them. Note that pfctl
-s info needs the -v switch to show fragments.
input claudio@; OK henning@
Obtained from: OpenBSD, bluhm <bluhm at openbsd.org>, 19e99d0613
Sponsored by: Rubicon Communications, LLC ("Netgate")
pfctl: fix anchortypes bounds test
found by "buffer overflow 'anchortypes' 10 <= 12" smatch error
feedback and ok sashan@, ok miod@ on an earlier version
Obtained from: OpenBSD, jsg <jsg at openbsd.org>, 730c5d0121
Sponsored by: Rubicon Communications, LLC ("Netgate")
acpi: Fix build when `ACPI_DEBUG_OUTPUT` defined
Reviewed by: olce
Fixes: ce5e22b28ef6 ("acpi: Use sleep types defined in sys/power.h")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52545
jail.2: Mention EPERM is returned on open directories
The manual page does not directly mention this reason for getting EPERM,
instead referring the reader to chroot(2). We have had some questions
about it recently, in part due to a bug (fixed), and this case is not an
obvious permission/problem, so let's be more explicit.
PR: 280809
Reviewed by: jamie
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52319
jaildesc: remove desc from the sysctl parameter list
Like lastjid, desc should count as a pseudo-parameter. The difference
lies entirely in the security.jail.param sysctls, which list all of
the jail parameters. Since desc opens and returns a file descriptor,
it has no place in such uses as "jls all." Like lastjid, it's still
recognized by the kernel if passed in/out, and hard-coded into libjail
so it can be recognized there.
(cherry picked from commit e75dda31c1eead9ad40580bd8fec17f2bbf55a21)
