git: af1b0aa5b957 - main - rc.subr: improve description for ${name}_offcmd

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=af1b0aa5b957bbfedc929167aa3459ad2d8b6653

commit af1b0aa5b957bbfedc929167aa3459ad2d8b6653
Author: Eugene Grosbein 
AuthorDate: 2024-06-18 09:11:56 +
Commit: Eugene Grosbein 
CommitDate: 2024-06-18 09:13:51 +

rc.subr: improve description for ${name}_offcmd

Clarify that ${name}_offcmd is for method start.

MFC after:  3 days
---
 libexec/rc/rc.subr   | 3 ++-
 share/man/man8/rc.subr.8 | 4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/libexec/rc/rc.subr b/libexec/rc/rc.subr
index e540d8f7d207..f1f6cf6c8c2a 100644
--- a/libexec/rc/rc.subr
+++ b/libexec/rc/rc.subr
@@ -982,7 +982,8 @@ startmsg()
 #
 #  ${name}_limits  n   limits(1) to apply to ${command}.
 #
-#  ${name}_offcmd  n   If set, run if a service is not enabled.
+#  ${name}_offcmd  n   If set, run during start
+#  if a service is not enabled.
 #
 #  ${rc_arg}_cmd   n   If set, use this as the method when invoked;
 #  Otherwise, use default command (see below)
diff --git a/share/man/man8/rc.subr.8 b/share/man/man8/rc.subr.8
index 4e3fa6771bf4..d2c9ce7af5d8 100644
--- a/share/man/man8/rc.subr.8
+++ b/share/man/man8/rc.subr.8
@@ -27,7 +27,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd June 2, 2024
+.Dd June 18, 2024
 .Dt RC.SUBR 8
 .Os
 .Sh NAME
@@ -774,7 +774,7 @@ Login class to use with
 Defaults to
 .Dq Li daemon .
 .It Va ${name}_offcmd
-Shell commands to run if a service is not enabled.
+Shell commands to run during start if a service is not enabled.
 .It Va ${name}_oomprotect
 .Xr protect 1
 .Va command

git: 8132e959099f - main - libalias: fix subtle racy problem in outside-inside forwarding

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=8132e959099f0c533f698d8fbc17386f9144432f

commit 8132e959099f0c533f698d8fbc17386f9144432f
Author: Eugene Grosbein 
AuthorDate: 2024-08-19 03:34:37 +
Commit: Eugene Grosbein 
CommitDate: 2024-08-19 03:34:37 +

libalias: fix subtle racy problem in outside-inside forwarding

sys/netinet/libalias/alias_db.c has internal static function UseLink()
that passes a link to CleanupLink() to verify if the link has expired.
If so, UseLink() may return NULL.

_FindLinkIn()'s usage of UseLink() is not quite correct.

Assume there is "redirect_port udp" configured to forward incoming
traffic for specific port to some internal address.
Such a rule creates partially specified permanent link.

After first such packet libalias creates new fully specifiled
temporary LINK_UDP with default timeout 60 seconds.
Also, in case of low traffic libalias may assign "timestamp"
for this new temporary link way in the past because
LibAliasTime is updated seldom and can keep old value
for tens of seconds, and it will be used for the temporary link.

It may happen that next incoming packet for redirected port
passed to _FindLinkIn() results in a call to UseLink()
that returns NULL due to detected expiration.
Immediate return of NULL results in broken translation:
either a packet is dropped (deny_incoming mode) or delivered to
original destination address instead of internal one.

Fix it with additional check for NULL to proceed with a search
for original partially specified link. In case of UDP,
it also recreates temporary fully specified link
with a call to ReLink().

Practical examples are "redirect_port udp" rules for unidirectional
SYSLOG protocol (port 514) or some low volume VPN encapsulated in UDP.

Thanks to Peter Much for initial analysis and first version of a patch.

Reported by:Peter Much 
PR: 269770
MFC after:  1 week
---
 sys/netinet/libalias/alias_db.c | 11 +--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c
index 167201fa1b8f..d516b6cda96c 100644
--- a/sys/netinet/libalias/alias_db.c
+++ b/sys/netinet/libalias/alias_db.c
@@ -868,8 +868,15 @@ _FindLinkIn(struct libalias *la, struct in_addr dst_addr,
case 0:
LIST_FOREACH(lnk, &grp->full, all.in) {
if (lnk->dst_addr.s_addr == dst_addr.s_addr &&
-   lnk->dst_port == dst_port)
-   return (UseLink(la, lnk));
+   lnk->dst_port == dst_port) {
+   struct alias_link *found;
+
+   found = UseLink(la, lnk);
+   if (found != NULL)
+   return (found);
+   /* link expired */
+   break;
+   }
}
break;
case LINK_UNKNOWN_DEST_PORT:

git: e5b853808363 - main - libalias: add another check to previous change

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=e5b85380836378c9e321a4e6d300591e6faf622a

commit e5b85380836378c9e321a4e6d300591e6faf622a
Author: Eugene Grosbein 
AuthorDate: 2024-08-20 14:00:35 +
Commit: Eugene Grosbein 
CommitDate: 2024-08-20 14:04:13 +

libalias: add another check to previous change

If UseLink() returns NULL, it is possible that Deletelink()
has already freed "grp", so check it out carefully.

PR: 269770
Reported by:Peter Much
X-MFC-With: 8132e959099f0c533f698d8fbc17386f9144432f
---
 sys/netinet/libalias/alias_db.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c
index d516b6cda96c..4bb95549aaaf 100644
--- a/sys/netinet/libalias/alias_db.c
+++ b/sys/netinet/libalias/alias_db.c
@@ -875,6 +875,9 @@ _FindLinkIn(struct libalias *la, struct in_addr dst_addr,
if (found != NULL)
return (found);
/* link expired */
+   grp = StartPointIn(la, alias_addr, alias_port, 
link_type, 0);
+   if (grp == NULL)
+   return (NULL);
break;
}
}

git: 7a6309fdc794 - main - fetch(1): suppress "Not Modified" in quiet mode

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=7a6309fdc79427b0a7a5c3876daba150d946ae22

commit 7a6309fdc79427b0a7a5c3876daba150d946ae22
Author: Eugene Grosbein 
AuthorDate: 2024-09-07 02:14:23 +
Commit: Eugene Grosbein 
CommitDate: 2024-09-07 02:14:23 +

fetch(1): suppress "Not Modified" in quiet mode

"fetch -qi" should skip printing "Not Modified" for successful
http(s) request. Still print it by default (v_level == 1).

MFC after:  1 week
---
 usr.bin/fetch/fetch.c | 11 ++-
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/usr.bin/fetch/fetch.c b/usr.bin/fetch/fetch.c
index 05c0211ead49..8b3ccbd3ab98 100644
--- a/usr.bin/fetch/fetch.c
+++ b/usr.bin/fetch/fetch.c
@@ -582,16 +582,17 @@ again:
if (sigalrm || sigint)
goto signal;
if (f == NULL) {
-   warnx("%s: %s", URL, fetchLastErrString);
-   if (i_flag && (strcmp(url->scheme, SCHEME_HTTP) == 0 ||
-   strcmp(url->scheme, SCHEME_HTTPS) == 0) &&
-   fetchLastErrCode == FETCH_OK &&
+   if (i_flag && *is_http && fetchLastErrCode == FETCH_OK &&
strcmp(fetchLastErrString, "Not Modified") == 0) {
/* HTTP Not Modified Response, return OK. */
+   if (v_level > 0)
+   warnx("%s: %s", URL, fetchLastErrString);
r = 0;
goto done;
-   } else
+   } else {
+   warnx("%s: %s", URL, fetchLastErrString);
goto failure;
+   }
}
if (sigint)
goto signal;

git: becd0079c052 - main - ng_ipfw(4): add missing change after previous commit

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=becd0079c052cb87e7649b78733b99abae8861ee

commit becd0079c052cb87e7649b78733b99abae8861ee
Author: Eugene Grosbein 
AuthorDate: 2024-09-12 19:09:28 +
Commit: Eugene Grosbein 
CommitDate: 2024-09-12 19:09:28 +

ng_ipfw(4): add missing change after previous commit

The function ng_ipfw_input() used to enjoy implicit
32->16 bits truncation of its second argument.
Make it explicit to recover from the breakage.

PR: 281082
Reported by:Ruben van Staveren 
Tested by:  Ruben van Staveren 
MFC after:  3 days
Fixes:  20e1f207cc789a28783344614d6d1d1c639c5797
---
 sys/netgraph/ng_ipfw.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/netgraph/ng_ipfw.c b/sys/netgraph/ng_ipfw.c
index 01592a4bbb7d..9a6bb90412fa 100644
--- a/sys/netgraph/ng_ipfw.c
+++ b/sys/netgraph/ng_ipfw.c
@@ -291,7 +291,7 @@ ng_ipfw_input(struct mbuf **m0, struct ip_fw_args *fwa, 
bool tee)
 * Node must be loaded and corresponding hook must be present.
 */
if (fw_node == NULL || 
-  (hook = ng_ipfw_findhook1(fw_node, fwa->rule.info)) == NULL)
+  (hook = ng_ipfw_findhook1(fw_node, fwa->rule.info & IPFW_INFO_MASK)) 
== NULL)
return (ESRCH); /* no hook associated with this rule */
 
/*

git: 32a579e4fc69 - main - rc.subr(8): introduce ${name}_offcmd

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=32a579e4fc69a65e890ad5f65ec56a97dfab

commit 32a579e4fc69a65e890ad5f65ec56a97dfab
Author: Eugene Grosbein 
AuthorDate: 2024-06-02 19:13:42 +
Commit: Eugene Grosbein 
CommitDate: 2024-06-02 19:29:22 +

rc.subr(8): introduce ${name}_offcmd

New variable ${name}_offcmd may be used to supply commands
executed if named service is not enabled. Previously start_precmd
could be used for such a task but now rc.subr(8) does not call it
if a service is not enabled.

Fix devd startup script to use it instead of start_precmd.

PR: 279198
MFC after:  2 weeks
Reported by:Dmitry S. Lukhtionov
Tested by:  Dmitry S. Lukhtionov
---
 libexec/rc/rc.d/devd |  7 +++
 libexec/rc/rc.subr   | 25 +
 share/man/man8/rc.subr.8 |  4 +++-
 3 files changed, 27 insertions(+), 9 deletions(-)

diff --git a/libexec/rc/rc.d/devd b/libexec/rc/rc.d/devd
index 47326662339c..98f2068c2075 100755
--- a/libexec/rc/rc.d/devd
+++ b/libexec/rc/rc.d/devd
@@ -14,7 +14,8 @@ desc="Device state change daemon"
 rcvar="devd_enable"
 command="/sbin/${name}"
 
-start_precmd=${name}_prestart
+devd_offcmd=devd_off
+start_precmd=find_pidfile
 stop_precmd=find_pidfile
 
 find_pidfile()
@@ -26,10 +27,8 @@ find_pidfile()
fi
 }
 
-devd_prestart()
+devd_off()
 {
-   find_pidfile
-
# If devd is disabled, turn it off in the kernel to avoid unnecessary
# memory usage.
if ! checkyesno ${rcvar}; then
diff --git a/libexec/rc/rc.subr b/libexec/rc/rc.subr
index 2fd4796b569f..9eead30790e2 100644
--- a/libexec/rc/rc.subr
+++ b/libexec/rc/rc.subr
@@ -982,6 +982,8 @@ startmsg()
 #
 #  ${name}_limits  n   limits(1) to apply to ${command}.
 #
+#  ${name}_offcmd  n   If set, run if a service is not enabled.
+#
 #  ${rc_arg}_cmd   n   If set, use this as the method when invoked;
 #  Otherwise, use default command (see below)
 #
@@ -1270,13 +1272,13 @@ run_rc_command()
-a "$rc_arg" != "describe" -a "$rc_arg" != "status" ] ||
[ -n "${rcvar}" -a "$rc_arg" = "stop" -a -z "${rc_pid}" ]; 
then
if ! checkyesno ${rcvar}; then
-   if [ -n "${rc_quiet}" ]; then
-   return 0
-   fi
+   [ "$rc_arg" = "start" ] && _run_rc_offcmd
+   if [ -z "${rc_quiet}" ]; then
echo -n "Cannot '${rc_arg}' $name. Set ${rcvar} 
to "
echo -n "YES in /etc/rc.conf or use 
'one${rc_arg}' "
echo "instead of '${rc_arg}'."
-   return 0
+   fi
+   return 0
fi
fi
 
@@ -1643,11 +1645,26 @@ $_cpusetcmd $command $rc_flags $command_args"
 #
 #  name   R/W
 #  --
+#  _offcmd R
 #  _precmd R
 #  _postcmdR
 #  _return W
 #  _setup  R
 #
+_run_rc_offcmd()
+{
+   eval _offcmd=\$${name}_offcmd
+   if [ -n "$_offcmd" ]; then
+   if [ -n "$_env" ]; then
+   eval "export -- $_env"
+   fi
+   debug "run_rc_command: ${rc_arg}_offcmd: $_offcmd 
$rc_extra_args"
+   eval "$_offcmd $rc_extra_args"
+   _return=$?
+   fi
+   return 0
+}
+
 _run_rc_precmd()
 {
check_required_before "$rc_arg" || return 1
diff --git a/share/man/man8/rc.subr.8 b/share/man/man8/rc.subr.8
index 8f7b72e96dc5..4e3fa6771bf4 100644
--- a/share/man/man8/rc.subr.8
+++ b/share/man/man8/rc.subr.8
@@ -27,7 +27,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 .\" POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd May 28, 2024
+.Dd June 2, 2024
 .Dt RC.SUBR 8
 .Os
 .Sh NAME
@@ -773,6 +773,8 @@ Login class to use with
 .Va ${name}_limits .
 Defaults to
 .Dq Li daemon .
+.It Va ${name}_offcmd
+Shell commands to run if a service is not enabled.
 .It Va ${name}_oomprotect
 .Xr protect 1
 .Va command

git: c2db3a0c7d31 - main - rc.subr(8): fix debugging message after previous commit

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=c2db3a0c7d31116028b38b426a9b139d26cbc7e5

commit c2db3a0c7d31116028b38b426a9b139d26cbc7e5
Author: Eugene Grosbein 
AuthorDate: 2024-06-02 19:41:10 +
Commit: Eugene Grosbein 
CommitDate: 2024-06-02 19:41:10 +

rc.subr(8): fix debugging message after previous commit

Fixes:  32a579e4fc69a65e890ad5f65ec56a97dfab
---
 libexec/rc/rc.subr | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libexec/rc/rc.subr b/libexec/rc/rc.subr
index 9eead30790e2..2380d1aeabc3 100644
--- a/libexec/rc/rc.subr
+++ b/libexec/rc/rc.subr
@@ -1658,7 +1658,7 @@ _run_rc_offcmd()
if [ -n "$_env" ]; then
eval "export -- $_env"
fi
-   debug "run_rc_command: ${rc_arg}_offcmd: $_offcmd 
$rc_extra_args"
+   debug "run_rc_command: ${name}_offcmd: $_offcmd $rc_extra_args"
eval "$_offcmd $rc_extra_args"
_return=$?
fi

git: 81092e92ea51 - main - graid: unbreak Promise RAID1 with 4+ providers

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=81092e92ea5184c4eeedad58044d72cfef72dd24

commit 81092e92ea5184c4eeedad58044d72cfef72dd24
Author: Eugene Grosbein 
AuthorDate: 2024-02-12 07:24:28 +
Commit: Eugene Grosbein 
CommitDate: 2024-02-12 07:33:43 +

graid: unbreak Promise RAID1 with 4+ providers

Fix a problem in graid implementation of Promise RAID1 created with 4+ 
disks.
Such an array generally works fine until reboot only due to a bug
in metadata writing code. Before the fix, next taste erronously created
RAID1E (kind of RAID10) instead of RAID1, hence graid used wrong offsets
for I/O operations.

The bug did not affect Promise RAID1 arrays with 2 or 3 disks only.

Reviewed by:mav
MFC after:  3 days
---
 sys/geom/raid/md_promise.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/sys/geom/raid/md_promise.c b/sys/geom/raid/md_promise.c
index ba7a4d2b1cc4..d0d041e027c2 100644
--- a/sys/geom/raid/md_promise.c
+++ b/sys/geom/raid/md_promise.c
@@ -1762,8 +1762,9 @@ g_raid_md_write_promise(struct g_raid_md_object *md, 
struct g_raid_volume *tvol,
meta->total_disks = vol->v_disks_count;
meta->stripe_shift = ffs(vol->v_strip_size / 1024);
meta->array_width = vol->v_disks_count;
-   if (vol->v_raid_level == G_RAID_VOLUME_RL_RAID1 ||
-   vol->v_raid_level == G_RAID_VOLUME_RL_RAID1E)
+   if (vol->v_raid_level == G_RAID_VOLUME_RL_RAID1)
+   meta->array_width = 1;
+   else if (vol->v_raid_level == G_RAID_VOLUME_RL_RAID1E)
meta->array_width /= 2;
meta->array_number = vol->v_global_id;
meta->total_sectors = vol->v_mediasize / 512;

git: d1797fb5bbae - main - mkimg.1: add new PARTITION SPECIFICATION section

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=d1797fb5bbaeb212501a72b916d647fb2e021d50

commit d1797fb5bbaeb212501a72b916d647fb2e021d50
Author: Eugene Grosbein 
AuthorDate: 2024-02-27 19:53:31 +
Commit: Eugene Grosbein 
CommitDate: 2024-02-27 19:56:26 +

mkimg.1: add new PARTITION SPECIFICATION section

The specification follows a commentary to the function parse_part()
in the source code and the code itself.

MFC after:  3 days
---
 usr.bin/mkimg/mkimg.1 | 39 ++-
 1 file changed, 38 insertions(+), 1 deletion(-)

diff --git a/usr.bin/mkimg/mkimg.1 b/usr.bin/mkimg/mkimg.1
index adf0e2707e22..820fb9ad1d5a 100644
--- a/usr.bin/mkimg/mkimg.1
+++ b/usr.bin/mkimg/mkimg.1
@@ -22,7 +22,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd June 8, 2020
+.Dd February 28, 2024
 .Dt MKIMG 1
 .Os
 .Sh NAME
@@ -287,6 +287,42 @@ is moved accordingly.
 This is typically not part of the conversion process.
 If possible, use an output format specifically for the environment in which
 the file is intended to be used.
+.Sh PARTITION SPECIFICATION
+An option
+.Fl p
+may be used multiple times to specify a list of created partition entries.
+A specification that is a single dash indicates an unused partition entry.
+Otherwise, a partition specification has the following format:
+.Bd -literal -offset indent
+ ':'  
+.Ed
+.Bl -tag -width indent
+.It Cm type
+the partition type alias (f.e.: freebsd-swap)
+that may be optionally followed by a '/' separator
+and a label for partitioning schemes that feature partition labels
+(see the
+.Sx EXAMPLES
+Section below)
+.It Cm kind
+the interpretation of the contents specification:
+.Bl -tag -width indent
+.It Cm ':'
+contents holds the size of an empty partition,
+a number that may be suffixed with one of K, M, G, T, P or E
+(either upper or lower case) following the SI power of two convention
+(see also
+.Xr expand_number 3 )
+.It Cm '='
+contents holds the name of a file to read
+.It Cm '-'
+contents holds a command to run; the output of which is the contents
+of the partition.
+Multi-word strings should be quoted according to the shell rules.
+.El
+.It Cm contents
+the specification of a partition's contents
+.El
 .Sh ENVIRONMENT
 .Bl -tag -width "TMPDIR" -compact
 .It Ev TMPDIR
@@ -358,6 +394,7 @@ In the following example the file system partition is 
labeled as 'backup':
 .Dl % mkimg -s gpt -p freebsd-ufs/backup:=file-system.ufs -o gpt.img
 .Sh SEE ALSO
 .Xr dd 1 ,
+.Xr expand_number 3 ,
 .Xr gpart 8 ,
 .Xr makefs 8 ,
 .Xr mdconfig 8 ,

git: e333110d1de7 - main - diskinfo(8): introduce new option -l

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=e333110d1de748e50051d1305b5438d1bc54eeb4

commit e333110d1de748e50051d1305b5438d1bc54eeb4
Author: Eugene Grosbein 
AuthorDate: 2024-03-05 17:23:41 +
Commit: Eugene Grosbein 
CommitDate: 2024-03-05 17:29:04 +

diskinfo(8): introduce new option -l

In modes -p or -s, add an option -l to start each line
with a device name separated with a tab. Update the manual page.
Add an example to list names with corresponding serial numbers:

diskinfo -ls /dev/da?

MFC after:  2 weeks
---
 usr.sbin/diskinfo/diskinfo.8 | 23 ---
 usr.sbin/diskinfo/diskinfo.c | 15 ---
 2 files changed, 32 insertions(+), 6 deletions(-)

diff --git a/usr.sbin/diskinfo/diskinfo.8 b/usr.sbin/diskinfo/diskinfo.8
index 72fd1df4eb08..970bafd4f8e5 100644
--- a/usr.sbin/diskinfo/diskinfo.8
+++ b/usr.sbin/diskinfo/diskinfo.8
@@ -27,7 +27,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd July 4, 2017
+.Dd March 5, 2024
 .Dt DISKINFO 8
 .Os
 .Sh NAME
@@ -38,10 +38,12 @@
 .Op Fl citSvw
 .Ar disk ...
 .Nm
-.Op Fl p
+.Op Fl l
+.Fl p
 .Ar disk ...
 .Nm
-.Op Fl s
+.Op Fl l
+.Fl s
 .Ar disk ...
 .Sh DESCRIPTION
 The
@@ -57,6 +59,13 @@ Print fields one per line with a descriptive comment.
 Perform a simple measurement of the I/O read command overhead.
 .It Fl i
 Perform a simple IOPS benchmark.
+.It Fl l
+In case of
+.Fl p
+or
+.Fl s
+modes prepend each line of an output with a device name using a tab
+character as a separator.
 .It Fl p
 Return the physical path of the disk.
 This is a string that identifies the physical path to the disk in the
@@ -80,6 +89,14 @@ with the following fields: device name, sectorsize, media 
size in bytes,
 media size in sectors, stripe size, stripe offset, firmware cylinders,
 firmware heads, and firmware sectors.
 The last three fields are only present if the information is available.
+.Sh EXAMPLES
+List first ten (at most)
+.Xr da 4
+devices with corresponding serial numbers:
+.Pp
+.Dl diskinfo -ls /dev/da?
+.Sh SEE ALSO
+.Xr da 4
 .Sh HISTORY
 The
 .Nm
diff --git a/usr.sbin/diskinfo/diskinfo.c b/usr.sbin/diskinfo/diskinfo.c
index 4cc4517a1f26..f091d0ccfbea 100644
--- a/usr.sbin/diskinfo/diskinfo.c
+++ b/usr.sbin/diskinfo/diskinfo.c
@@ -58,11 +58,14 @@
 static void
 usage(void)
 {
-   fprintf(stderr, "usage: diskinfo [-cipsStvw] disk ...\n");
+   fprintf(stderr, "usage: diskinfo [-ciStvw] disk ...\n"
+   "   diskinfo [-l] -p disk ...\n"
+   "   diskinfo [-l] -s disk ...\n"
+   );
exit (1);
 }
 
-static int opt_c, opt_i, opt_p, opt_s, opt_S, opt_t, opt_v, opt_w;
+static int opt_c, opt_i, opt_l, opt_p, opt_s, opt_S, opt_t, opt_v, opt_w;
 
 static bool candelete(int fd);
 static void speeddisk(int fd, off_t mediasize, u_int sectorsize);
@@ -88,7 +91,7 @@ main(int argc, char **argv)
u_int   sectorsize, fwsectors, fwheads, zoned = 0, isreg;
uint32_t zone_mode;
 
-   while ((ch = getopt(argc, argv, "cipsStvw")) != -1) {
+   while ((ch = getopt(argc, argv, "cilpsStvw")) != -1) {
switch (ch) {
case 'c':
opt_c = 1;
@@ -98,6 +101,9 @@ main(int argc, char **argv)
opt_i = 1;
opt_v = 1;
break;
+   case 'l':
+   opt_l = 1;
+   break;
case 'p':
opt_p = 1;
break;
@@ -169,6 +175,9 @@ main(int argc, char **argv)
goto out;
}
} else {
+   if (opt_l && (opt_p || opt_s)) {
+   printf("%s\t", argv[i]);
+   }
if (opt_p) {
if (ioctl(fd, DIOCGPHYSPATH, physpath) == 0) {
printf("%s\n", physpath);

git: 7f0dc6e2cdfa - main - mkimg(1): process non-seekable output gracefully

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=7f0dc6e2cdfa0317c9917dd46e9da9d3897a8fbb

commit 7f0dc6e2cdfa0317c9917dd46e9da9d3897a8fbb
Author: Eugene Grosbein 
AuthorDate: 2024-03-12 15:55:42 +
Commit: Eugene Grosbein 
CommitDate: 2024-03-12 16:00:21 +

mkimg(1): process non-seekable output gracefully

mkimg may make severe load only to fail in the end
if output is non-seekable pipe, socket or FIFO
unless output format is raw disk image.

Check it out and fail early. Make it clear in the manual.

MFC after:  1 week
---
 usr.bin/mkimg/mkimg.1 |  3 ++-
 usr.bin/mkimg/mkimg.c | 14 +-
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/usr.bin/mkimg/mkimg.1 b/usr.bin/mkimg/mkimg.1
index 820fb9ad1d5a..82bbee53a267 100644
--- a/usr.bin/mkimg/mkimg.1
+++ b/usr.bin/mkimg/mkimg.1
@@ -22,7 +22,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd February 28, 2024
+.Dd March 12, 2024
 .Dt MKIMG 1
 .Os
 .Sh NAME
@@ -64,6 +64,7 @@ The image file is a raw disk image by default, but the format 
of the
 image file can be specified with the
 .Ar format
 argument.
+Most formats require seekable output, except of raw disk image.
 .Pp
 The disk image can be made bootable by specifying the scheme-specific boot
 block contents with the
diff --git a/usr.bin/mkimg/mkimg.c b/usr.bin/mkimg/mkimg.c
index 541d534f967f..3cd9b03c06e9 100644
--- a/usr.bin/mkimg/mkimg.c
+++ b/usr.bin/mkimg/mkimg.c
@@ -555,6 +555,7 @@ mkimg(void)
 int
 main(int argc, char *argv[])
 {
+   const char *format_name;
int bcfd, outfd;
int c, error;
 
@@ -699,6 +700,7 @@ main(int argc, char *argv[])
errc(EX_DATAERR, error, "boot code");
}
 
+   format_name = format_selected()->name;
if (verbose) {
fprintf(stderr, "Logical sector size: %u\n", secsz);
fprintf(stderr, "Physical block size: %u\n", blksz);
@@ -709,10 +711,20 @@ main(int argc, char *argv[])
fprintf(stderr, "Partitioning scheme: %s\n",
scheme_selected()->name);
fprintf(stderr, "Output file format:  %s\n",
-   format_selected()->name);
+   format_name);
fputc('\n', stderr);
}
 
+#if defined(SPARSE_WRITE)
+   /*
+* sparse_write() fails if output is not seekable so fail early
+* not wasting some load unless output format is raw
+*/
+   if (strcmp("raw", format_name) &&
+   lseek(outfd, (off_t)0, SEEK_CUR) == -1 && errno == ESPIPE)
+   errx(EX_USAGE, "%s: output must be seekable", format_name);
+#endif
+
error = image_init();
if (error)
errc(EX_OSERR, error, "cannot initialize");

Re: git: 7f0dc6e2cdfa - main - mkimg(1): process non-seekable output gracefully

[Eugene Grosbein]

12.03.2024 23:58, Brooks Davis wrote:

[skip]

> It seems weird to cache a single member.  For that matter, caching
> anyting seems like overkill given than format_selected() just returns a
> global variable's value.

It is a habit. Why not? :-)
I do not like calling a method multiple times after an object settled.

[skip]

>> +#if defined(SPARSE_WRITE)
>> +/*
>> + * sparse_write() fails if output is not seekable so fail early
>> + * not wasting some load unless output format is raw
>> + */
>> +if (strcmp("raw", format_name) &&
>> +lseek(outfd, (off_t)0, SEEK_CUR) == -1 && errno == ESPIPE)
>> +errx(EX_USAGE, "%s: output must be seekable", format_name);
>> +#endif
> 
> Maybe add a flag for non-seeking formats rather than hardcoding a
> strcmp?

I thought about it. A change would be much more invasive without real benefits.
I believe there will not be any more non-sparse formats other than raw.
If there will, we can improve the code later.

For now, I prefer keeping the code and the change as simple as possible.

Eugene

git: 319a5d086b50 - main - if_bridge: use IF_MINMTU

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=319a5d086b50f38618b62c78e83b12931f00b508

commit 319a5d086b50f38618b62c78e83b12931f00b508
Author: Eugene Grosbein 
AuthorDate: 2024-04-01 03:31:51 +
Commit: Eugene Grosbein 
CommitDate: 2024-04-01 03:35:59 +

if_bridge: use IF_MINMTU

Replace incorrect constant 576 with IF_MINMTU to check for minumum MTU.
This unbreaks bridging tap interfaces with small mtu.

MFC after:  1 week
---
 sys/net/if_bridge.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c
index fe5de468bf28..31758733adb1 100644
--- a/sys/net/if_bridge.c
+++ b/sys/net/if_bridge.c
@@ -960,7 +960,7 @@ bridge_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
case SIOCSIFMTU:
oldmtu = sc->sc_ifp->if_mtu;
 
-   if (ifr->ifr_mtu < 576) {
+   if (ifr->ifr_mtu < IF_MINMTU) {
error = EINVAL;
break;
}

git: adbf7727b3a2 - main - virtio_random(8): avoid deadlock at shutdown time

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=adbf7727b3a2aad3c2faa6e543ee7fa7a6c9a3d5

commit adbf7727b3a2aad3c2faa6e543ee7fa7a6c9a3d5
Author: Eugene Grosbein 
AuthorDate: 2022-03-16 04:41:51 +
Commit: Eugene Grosbein 
CommitDate: 2022-03-16 04:41:51 +

virtio_random(8): avoid deadlock at shutdown time

FreeBSD 13+ running as virtual guest may load virtio_random(8) driver
by means of devd(8) unless the driver is blacklisted or disabled
via device.hints(5). Currently, the driver may prevent
the system from rebooting or shutting down correctly.

This change deactivates virtio_random at very late stage
during system shutdown sequence to avoid deadlock
that results in kernel hang.

PR: 253175
Tested by:  tom
MFC after:  3 days
---
 sys/dev/virtio/random/virtio_random.c | 35 +++
 1 file changed, 35 insertions(+)

diff --git a/sys/dev/virtio/random/virtio_random.c 
b/sys/dev/virtio/random/virtio_random.c
index a8553ecab287..a95dcadcddcd 100644
--- a/sys/dev/virtio/random/virtio_random.c
+++ b/sys/dev/virtio/random/virtio_random.c
@@ -32,6 +32,8 @@
 __FBSDID("$FreeBSD$");
 
 #include 
+#include 
+#include 
 #include 
 #include 
 #include 
@@ -52,6 +54,8 @@ struct vtrnd_softc {
device_t vtrnd_dev;
uint64_t vtrnd_features;
struct virtqueue*vtrnd_vq;
+   eventhandler_tag eh;
+   bool inactive;
 };
 
 static int vtrnd_modevent(module_t, int, void *);
@@ -59,6 +63,7 @@ static intvtrnd_modevent(module_t, int, void *);
 static int vtrnd_probe(device_t);
 static int vtrnd_attach(device_t);
 static int vtrnd_detach(device_t);
+static int vtrnd_shutdown(device_t);
 
 static int vtrnd_negotiate_features(struct vtrnd_softc *);
 static int vtrnd_setup_features(struct vtrnd_softc *);
@@ -86,6 +91,7 @@ static device_method_t vtrnd_methods[] = {
DEVMETHOD(device_probe, vtrnd_probe),
DEVMETHOD(device_attach,vtrnd_attach),
DEVMETHOD(device_detach,vtrnd_detach),
+   DEVMETHOD(device_shutdown,  vtrnd_shutdown),
 
DEVMETHOD_END
 };
@@ -160,6 +166,16 @@ vtrnd_attach(device_t dev)
error = EEXIST;
goto fail;
}
+
+   sc->eh = EVENTHANDLER_REGISTER(shutdown_post_sync,
+   vtrnd_shutdown, dev, SHUTDOWN_PRI_LAST + 1); /* ??? */
+   if (sc->eh == NULL) {
+   device_printf(dev, "Shutdown event registration failed\n");
+   error = ENXIO;
+   goto fail;
+   }
+
+   sc->inactive = false;
random_source_register(&random_vtrnd);
 
 fail:
@@ -179,11 +195,27 @@ vtrnd_detach(device_t dev)
atomic_load_explicit(&g_vtrnd_softc, memory_order_acquire) == sc,
("only one global instance at a time"));
 
+   sc->inactive = true;
+   if (sc->eh != NULL) {
+   EVENTHANDLER_DEREGISTER(shutdown_post_sync, sc->eh);
+   sc->eh = NULL;
+   }
random_source_deregister(&random_vtrnd);
atomic_store_explicit(&g_vtrnd_softc, NULL, memory_order_release);
return (0);
 }
 
+static int
+vtrnd_shutdown(device_t dev)
+{
+   struct vtrnd_softc *sc;
+
+   sc = device_get_softc(dev);
+   sc->inactive = true;
+
+   return(0);
+}
+
 static int
 vtrnd_negotiate_features(struct vtrnd_softc *sc)
 {
@@ -235,6 +267,9 @@ vtrnd_harvest(struct vtrnd_softc *sc, void *buf, size_t *sz)
 
_Static_assert(sizeof(value) < PAGE_SIZE, "sglist assumption");
 
+   if (sc->inactive)
+   return (EDEADLK);
+
sglist_init(&sg, 1, segs);
error = sglist_append(&sg, value, *sz);
if (error != 0)

git: 2e547442ab38 - main - ng_pppoe: introduce new sysctl net.graph.pppoe.lcp_pcp

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=2e547442ab3822d3d7c46a68f152032ef5fe337c

commit 2e547442ab3822d3d7c46a68f152032ef5fe337c
Author: Eugene Grosbein 
AuthorDate: 2022-05-01 16:34:08 +
Commit: Eugene Grosbein 
CommitDate: 2022-05-01 16:34:08 +

ng_pppoe: introduce new sysctl net.graph.pppoe.lcp_pcp

New sysctl allows to mark transmitted PPPoE LCP Control
ethernet frames with needed 3-bit Priority Code Point (PCP) value.
Confirming driver like if_vlan(4) uses the value to fill
IEEE 802.1p class of service field.

This is similar to Cisco IOS "control-packets vlan cos priority"
command.

It helps to avoid premature disconnection of user sessions
due to control frame drops (LCP Echo etc.)
if network infrastructure has a botteleck at a switch
or the xdsl DSLAM.

See also:
https://sourceforge.net/p/mpd/discussion/44692/thread/c7abe70e3a/

Tested by:  Klaus Fokuhl at SourceForge
MFC after:  2 weeks
---
 share/man/man4/ng_pppoe.4 | 17 +++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/share/man/man4/ng_pppoe.4 b/share/man/man4/ng_pppoe.4
index d4ca53e68714..d9853a746512 100644
--- a/share/man/man4/ng_pppoe.4
+++ b/share/man/man4/ng_pppoe.4
@@ -35,7 +35,7 @@
 .\" $FreeBSD$
 .\" $Whistle: ng_pppoe.8,v 1.1 1999/01/25 23:46:27 archie Exp $
 .\"
-.Dd February 14, 2018
+.Dd May 1, 2022
 .Dt NG_PPPOE 4
 .Os
 .Sh NAME
@@ -320,6 +320,18 @@ This node shuts down upon receipt of a
 control message, when all session have been disconnected or when the
 .Dv ethernet
 hook is disconnected.
+.Sh SYSCTL VARIABLES
+The node can mark transmitted LCP Ethernet packets (protocol 0xc021)
+with 3-bit Priority code point (PCP) referring to IEEE 802.1p
+class of service with following
+.Xr sysctl 8
+variable.
+.Bl -tag -width indent
+.It Va net.graph.pppoe.lcp_pcp: 0..7 (default: 0)
+Set it to non-zero value to be used by parent network interface driver
+like
+.Xr vlan 4
+.El
 .Sh EXAMPLES
 The following code uses
 .Dv libnetgraph
@@ -556,7 +568,8 @@ setup(char *ethername, char *service, char *sessname,
 .Xr ng_ppp 4 ,
 .Xr ng_socket 4 ,
 .Xr ngctl 8 ,
-.Xr ppp 8
+.Xr ppp 8 ,
+.Xr vlan 4
 .Rs
 .%A L. Mamakos
 .%A K. Lidl

git: 28903f396af4 - main - ng_pppoe: introduce new sysctl net.graph.pppoe.lcp_pcp

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=28903f396af4b151e16ea606cda66a9244fb179f

commit 28903f396af4b151e16ea606cda66a9244fb179f
Author: Eugene Grosbein 
AuthorDate: 2022-05-02 14:55:24 +
Commit: Eugene Grosbein 
CommitDate: 2022-05-02 14:57:12 +

ng_pppoe: introduce new sysctl net.graph.pppoe.lcp_pcp

This fixes incomplete commit 2e547442ab3822d3d7c46a68f152032ef5fe337c

New sysctl allows to mark transmitted PPPoE LCP Control
ethernet frames with needed 3-bit Priority Code Point (PCP) value.
Confirming driver like if_vlan(4) uses the value to fill
IEEE 802.1p class of service field.

This is similar to Cisco IOS "control-packets vlan cos priority"
command.

It helps to avoid premature disconnection of user sessions
due to control frame drops (LCP Echo etc.)
if network infrastructure has a botteleck at a switch
or the xdsl DSLAM.

See also:
https://sourceforge.net/p/mpd/discussion/44692/thread/c7abe70e3a/

Tested by:  Klaus Fokuhl at SourceForge
MFC after:  2 weeks
---
 share/man/man4/ng_pppoe.4 |  2 +-
 sys/netgraph/ng_pppoe.c   | 22 ++
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/share/man/man4/ng_pppoe.4 b/share/man/man4/ng_pppoe.4
index d9853a746512..ff53d4ef3a95 100644
--- a/share/man/man4/ng_pppoe.4
+++ b/share/man/man4/ng_pppoe.4
@@ -322,7 +322,7 @@ control message, when all session have been disconnected or 
when the
 hook is disconnected.
 .Sh SYSCTL VARIABLES
 The node can mark transmitted LCP Ethernet packets (protocol 0xc021)
-with 3-bit Priority code point (PCP) referring to IEEE 802.1p
+with 3-bit Priority Code Point (PCP) referring to IEEE 802.1p
 class of service with following
 .Xr sysctl 8
 variable.
diff --git a/sys/netgraph/ng_pppoe.c b/sys/netgraph/ng_pppoe.c
index 8bc44e160044..5a327f95b930 100644
--- a/sys/netgraph/ng_pppoe.c
+++ b/sys/netgraph/ng_pppoe.c
@@ -49,8 +49,13 @@
 #include 
 #include 
 #include 
+#include 
+#include 
 #include 
 #include 
+#include 
+#include 
+#include 
 
 #include 
 #include 
@@ -64,8 +69,19 @@ static MALLOC_DEFINE(M_NETGRAPH_PPPOE, "netgraph_pppoe", 
"netgraph pppoe node");
 #define M_NETGRAPH_PPPOE M_NETGRAPH
 #endif
 
+/* Some PPP protocol numbers we're interested in */
+#define PROT_LCP   0xc021
+
 #define SIGNOFF "session closed"
 
+VNET_DEFINE_STATIC(u_int32_t, ng_pppoe_lcp_pcp) = 0;
+#define V_ng_pppoe_lcp_pcp VNET(ng_pppoe_lcp_pcp)
+
+SYSCTL_NODE(_net_graph, OID_AUTO, pppoe, CTLFLAG_RW, 0, "PPPoE");
+SYSCTL_UINT(_net_graph_pppoe, OID_AUTO, lcp_pcp,
+   CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ng_pppoe_lcp_pcp), 0,
+   "Set PCP for LCP");
+
 /*
  * This section contains the netgraph method declarations for the
  * pppoe node. These methods define the netgraph pppoe 'type'.
@@ -1438,6 +1454,12 @@ ng_pppoe_rcvdata(hook_p hook, item_p item)
mtod(m, u_char *)[1] == 0x03)
m_adj(m, 2);
}
+
+   if (V_ng_pppoe_lcp_pcp && m->m_pkthdr.len >= 2 &&
+   m->m_len >= 2 && (m = m_pullup(m, 2)) &&
+   mtod(m, uint16_t *)[0] == htons(PROT_LCP))
+   EVL_APPLY_PRI(m, (uint8_t)(V_ng_pppoe_lcp_pcp & 0x7));
+
/*
 * Bang in a pre-made header, and set the length up
 * to be correct. Then send it to the ethernet driver.

Re: git: 28903f396af4 - main - ng_pppoe: introduce new sysctl net.graph.pppoe.lcp_pcp

[Eugene Grosbein]

03.05.2022 3:53, Gleb Smirnoff wrote:

> So some packets sent by ng_ppp(4) need to be specially tagged so that vlan(4)
> understands them. Why do we make this tagging in ng_pppoe(4) rather than in
> ng_ppp(4)?

This is limited to PPPoE intentionally because of troubles that may happen
in case of unintentional reorder of PPP frames due to different Class of 
Service.

It was tested for PPPoE case and believed to be safe in case of controlled 
transport network.
It was not tested in general case of PPP over GRE (pptp) or other PPP-in-IP 
incapsulations,
so I decided it's better to be safe than sorry.

OTOH, I doubt it may be really useful for cases other than PPPoE.

git: 0aef8628458a - main - If setkey(8) is used without ipsec.ko loaded beforehand, its attempt to install SA/SPD into the kernel results in cryptic EINVAL error code.

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=0aef8628458a7d03e3c7e63ae05e228191167eec

commit 0aef8628458a7d03e3c7e63ae05e228191167eec
Author: Eugene Grosbein 
AuthorDate: 2022-05-05 12:02:29 +
Commit: Eugene Grosbein 
CommitDate: 2022-05-05 12:02:29 +

If setkey(8) is used without ipsec.ko loaded beforehand,
its attempt to install SA/SPD into the kernel results in cryptic
EINVAL error code.

Let it be a bit more user-friendly and try to load ipsec.ko
automatically if it is not loaded, just like ifconfig(8) does it
for modules it needs.

PR: 263379
MFC after:  2 weeks
---
 sbin/setkey/setkey.c | 15 +++
 1 file changed, 15 insertions(+)

diff --git a/sbin/setkey/setkey.c b/sbin/setkey/setkey.c
index d556a842f048..faf6373b312e 100644
--- a/sbin/setkey/setkey.c
+++ b/sbin/setkey/setkey.c
@@ -34,6 +34,8 @@
 
 #include 
 #include 
+#include 
+#include 
 #include 
 #include 
 #include 
@@ -67,6 +69,7 @@ void shortdump_hdr(void);
 void shortdump(struct sadb_msg *);
 static void printdate(void);
 static int32_t gmt2local(time_t);
+static int modload(const char *name);
 
 #define MODE_SCRIPT1
 #define MODE_CMDDUMP   2
@@ -102,6 +105,17 @@ usage(void)
exit(1);
 }
 
+static int
+modload(const char *name)
+{
+   if (modfind(name) < 0)
+   if (kldload(name) < 0 || modfind(name) < 0) {
+   warn("%s: module not found", name);
+   return 0;
+   }
+   return 1;
+}
+
 int
 main(int ac, char **av)
 {
@@ -165,6 +179,7 @@ main(int ac, char **av)
}
}
 
+   modload("ipsec");
so = pfkey_open();
if (so < 0) {
perror("pfkey_open");

git: 9d7cefc27802 - main - ipfw.8: spell "layer2" consistently throughout the manual page

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=9d7cefc278027a2e52fa56c38536712c6a309629

commit 9d7cefc278027a2e52fa56c38536712c6a309629
Author: Eugene Grosbein 
AuthorDate: 2022-05-13 21:30:29 +
Commit: Eugene Grosbein 
CommitDate: 2022-05-13 21:30:29 +

ipfw.8: spell "layer2" consistently throughout the manual page

MFC after:  1 week
---
 sbin/ipfw/ipfw.8 | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8
index cb22bee44a1e..0e663fa44bdf 100644
--- a/sbin/ipfw/ipfw.8
+++ b/sbin/ipfw/ipfw.8
@@ -593,7 +593,7 @@ where the body of the rule specifies which information is 
used
 for filtering packets, among the following:
 .Pp
 .Bl -tag -width "Source and dest. addresses and ports" -offset XXX -compact
-.It Layer-2 header fields
+.It Layer2 header fields
 When available
 .It IPv4 and IPv6 Protocol
 SCTP, TCP, UDP, ICMP, etc.
@@ -911,7 +911,7 @@ the local routing table for that IP.
 .br
 A
 .Ar fwd
-rule will not match layer-2 packets (those received
+rule will not match layer2 packets (those received
 on ether_input, ether_output, or bridged).
 .br
 The
@@ -4088,7 +4088,7 @@ Limits the number of messages produced by a verbose 
firewall.
 .It Va net.inet6.ip6.fw.deny_unknown_exthdrs : No 1
 If enabled packets with unknown IPv6 Extension Headers will be denied.
 .It Va net.link.ether.ipfw : No 0
-Controls whether layer-2 packets are passed to
+Controls whether layer2 packets are passed to
 .Nm .
 Default is no.
 .It Va net.link.bridge.ipfw : No 0

Re: git: 866c8b8d5ddb - main - kldload(8): Add note about using kld_list in rc.conf(5)

[Eugene Grosbein]

08.02.2021 14:12, Warner Losh wrote:
> 
> 
> On Mon, Feb 8, 2021, 12:05 AM Daniel Ebdrup Jensen  > wrote:
> 
> The branch main has been updated by debdrup (doc committer):
> 
> URL: 
> https://cgit.FreeBSD.org/src/commit/?id=866c8b8d5ddb982c2b8139153a4ddfdb2aac3364
> 
> commit 866c8b8d5ddb982c2b8139153a4ddfdb2aac3364
> Author: Daniel Ebdrup Jensen 
> AuthorDate: 2021-02-08 06:49:32 +
> Commit: Daniel Ebdrup Jensen 
> CommitDate: 2021-02-08 06:57:36 +
> 
> kldload(8): Add note about using kld_list in rc.conf(5)
> 
> While here, also recommend that loader.conf(5) should only be used in
> order to get to mountroot, as rc(8) is less fragile, faster, and is
> easier to fix by booting to single-user mode instead of having to
> blacklist modules in the loader.
> 
> 
> I'm not sure this is good advice. The only modules that are fragile are 3rd 
> party things like drm. It's no less hard to fix by unloading in the loader or 
> fixing in single user. The speed difference is true, but unless the modules 
> are huge, it isn't much.

+1

Plus, Daniel missed two other points: nextboot(8) facility that works with 
modules
loaded with the loader; and possibility to point to alternative location of 
kernel module
with *_name variable documented in the loader.conf(5) manual page.

The latter makes it possible to load alternative version of same driver,
real example is if_em.ko from base system vs. one from ports that has different 
code base
and set of bugs/features.

kld_list cannot do that.

___
dev-commits-src-main@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-main
To unsubscribe, send any mail to "dev-commits-src-main-unsubscr...@freebsd.org"

Re: git: 866c8b8d5ddb - main - kldload(8): Add note about using kld_list in rc.conf(5)

[Eugene Grosbein]

08.02.2021 21:08, Kyle Evans wrote:

>> kld_list cannot do that.
>>
> 
> Huh? kld_list accepts a full pathname, which is the same kind of
> specification you'd need to do with one from port in loader with
> *_name.

Good, but seems to be undocumented.


___
dev-commits-src-main@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-main
To unsubscribe, send any mail to "dev-commits-src-main-unsubscr...@freebsd.org"

Re: git: 866c8b8d5ddb - main - kldload(8): Add note about using kld_list in rc.conf(5)

[Eugene Grosbein]

08.02.2021 21:58, Kyle Evans wrote:

 kld_list cannot do that.
>>>
>>> Huh? kld_list accepts a full pathname, which is the same kind of
>>> specification you'd need to do with one from port in loader with
>>> *_name.
>>
>> Good, but seems to be undocumented.
>>
> 
> In what sense? Is there some other place that kld_list is even
> documented than kldload(8)?

Naturally: rc.conf(5), also in /etc/defaults/rc.conf

 

___
dev-commits-src-main@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-main
To unsubscribe, send any mail to "dev-commits-src-main-unsubscr...@freebsd.org"

Re: git: 866c8b8d5ddb - main - kldload(8): Add note about using kld_list in rc.conf(5)

[Eugene Grosbein]

08.02.2021 22:22, Kyle Evans wrote:

> It's OK to call out the more
> common case for folks, but this feels a lot more absolute than it
> needs to be.

Also, the loader is capable of loading compressed .ko files that may be 
important
for space-constrained ("embedded") systems. AFAIR, kldload cannot do that.

___
dev-commits-src-main@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-main
To unsubscribe, send any mail to "dev-commits-src-main-unsubscr...@freebsd.org"

git: 3b4cc56e524a - main - syslogd: undo regression after r326573

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=3b4cc56e524ac947ba0e6571e2c455139c2839ec

commit 3b4cc56e524ac947ba0e6571e2c455139c2839ec
Author: Eugene Grosbein 
AuthorDate: 2021-09-27 07:25:21 +
Commit: Eugene Grosbein 
CommitDate: 2021-09-27 07:25:21 +

syslogd: undo regression after r326573

Restore ability for our syslogd to collect pre-RFC3164 formatted
messages from remote hosts that was broken with r326573.

For example, the line from Cisco SCE8000 splitted for readability:

1130: 03:37:57: %USER-6-PORT_OPERSTATUS_CHANGE_TRAP: CPU#000 trap:link
down EntityAdminState: 4  EntityAlarmStatus: 32

Such line was collected and stored before mentioned change
but silently dropped after that. Now syslogd saves it again.

Note that parsing of RFC5424 format not changed.

MFC after:  1 month
---
 usr.sbin/syslogd/syslogd.c | 41 +
 1 file changed, 17 insertions(+), 24 deletions(-)

diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c
index 1837c41c4e8b..dc07d4781553 100644
--- a/usr.sbin/syslogd/syslogd.c
+++ b/usr.sbin/syslogd/syslogd.c
@@ -1357,31 +1357,25 @@ parsemsg(const char *from, char *msg)
size_t i;
int pri;
 
+   i = -1;
+   pri = DEFUPRI;
+
/* Parse PRI. */
-   if (msg[0] != '<' || !isdigit(msg[1])) {
-   dprintf("Invalid PRI from %s\n", from);
-   return;
-   }
-   for (i = 2; i <= 4; i++) {
-   if (msg[i] == '>')
-   break;
-   if (!isdigit(msg[i])) {
-   dprintf("Invalid PRI header from %s\n", from);
-   return;
+   if (msg[0] == '<' && isdigit(msg[1])) {
+   for (i = 2; i <= 4; i++) {
+   if (msg[i] == '>') {
+   errno = 0;
+   n = strtol(msg + 1, &q, 10);
+   if (errno == 0 && *q == msg[i] && n >= 0 && n <= INT_MAX) {
+   pri = n;
+   msg += i + 1;
+   i = 0;
+   }
+   break;
}
+   }
}
-   if (msg[i] != '>') {
-   dprintf("Invalid PRI header from %s\n", from);
-   return;
-   }
-   errno = 0;
-   n = strtol(msg + 1, &q, 10);
-   if (errno != 0 || *q != msg[i] || n < 0 || n >= INT_MAX) {
-   dprintf("Invalid PRI %ld from %s: %s\n",
-   n, from, strerror(errno));
-   return;
-   }
-   pri = n;
+
if (pri &~ (LOG_FACMASK|LOG_PRIMASK))
pri = DEFUPRI;
 
@@ -1394,8 +1388,7 @@ parsemsg(const char *from, char *msg)
pri = LOG_MAKEPRI(LOG_USER, LOG_PRI(pri));
 
/* Parse VERSION. */
-   msg += i + 1;
-   if (msg[0] == '1' && msg[1] == ' ')
+   if (i == 0 && msg[0] == '1' && msg[1] == ' ')
parsemsg_rfc5424(from, pri, msg + 2);
else
parsemsg_rfc3164(from, pri, msg);
___
dev-commits-src-main@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-main
To unsubscribe, send any mail to "dev-commits-src-main-unsubscr...@freebsd.org"

git: f5b5de1a3210 - main - ipfw: reload sysctl.conf variables if needed

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=f5b5de1a3210234f3a6864c88a2d3e11ac2dbf04

commit f5b5de1a3210234f3a6864c88a2d3e11ac2dbf04
Author: Eugene Grosbein 
AuthorDate: 2021-05-17 21:03:15 +
Commit: Eugene Grosbein 
CommitDate: 2021-05-17 21:03:15 +

ipfw: reload sysctl.conf variables if needed

Currently ipfw has multiple components that are not parts
of GENERIC kernel like dummynet etc. They can bring in important
sysctls if enabled with rc.conf(5) and loaded with ipfw startup script
by means of "required_modules" after initial consult
with /etc/sysctl.conf at boot time. Here is an example of one
increasing limit for dummynet hold queues that defaults to 100:

net.inet.ip.dummynet.pipe_slot_limit=1000

This makes it possible to use ipfw/dummynet rules such as:

ipfw pipe 1 config bw 50Mbit/s queue 1000

Such rule is rejected unless above sysctl is applied.
Another example is a group of net.inet.ip.alias.* sysctls
created after libalias.ko loaded as dependency of ipfw_nat.

This is not a problem if corresponding code compiled in custom kernel
so sysctls exist when sysctl.conf is read early or kernel modules
loaded with a loader. This change makes it work also for GENERIC
and modules loaded by means of rc.conf(5) settings.

MFC after:  1 month
---
 libexec/rc/rc.d/ipfw | 15 ++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/libexec/rc/rc.d/ipfw b/libexec/rc/rc.d/ipfw
index fd1c97671d70..22b65d2908cb 100755
--- a/libexec/rc/rc.d/ipfw
+++ b/libexec/rc/rc.d/ipfw
@@ -47,7 +47,7 @@ ipfw_prestart()
 
 ipfw_start()
 {
-   local   _firewall_type
+   local   _firewall_type _module _sysctl_reload
 
if [ -n "${1}" ]; then
_firewall_type=$1
@@ -55,6 +55,19 @@ ipfw_start()
_firewall_type=${firewall_type}
fi
 
+   _sysctl_reload=no
+   for _module in ${required_modules}
+   do
+   if kldstat -qn ${_module}; then
+   _sysctl_reload=yes
+   break
+   fi
+   done
+
+   if [ ${_sysctl_reload} = yes ]; then
+   /etc/rc.d/sysctl reload
+   fi
+
# set the firewall rules script if none was specified
[ -z "${firewall_script}" ] && firewall_script=/etc/rc.firewall
 
___
dev-commits-src-main@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-main
To unsubscribe, send any mail to "dev-commits-src-main-unsubscr...@freebsd.org"

git: f4b38c360e63 - main - rc.d: unbreak sysctl lastload

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=f4b38c360e63a6e66245efedbd6c070f9c0aee55

commit f4b38c360e63a6e66245efedbd6c070f9c0aee55
Author: Eugene Grosbein 
AuthorDate: 2021-05-19 13:02:31 +
Commit: Eugene Grosbein 
CommitDate: 2021-05-19 13:02:31 +

rc.d: unbreak sysctl lastload

/etc/rc.d/securelevel is supposed to run /etc/rc.d/sysctl lastload
late at boot time to apply /etc/sysctl.conf settings that fail
to apply early. However, this does not work in default configuration
because of kern_securelevel_enable="NO" by default.

Add new script /etc/rc.d/sysctl lastload that starts unconditionally.

Reported by:Marek Zarychta
MFC after:  1 month
---
 libexec/rc/rc.d/securelevel |  6 +-
 libexec/rc/rc.d/sysctl_lastload | 18 ++
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/libexec/rc/rc.d/securelevel b/libexec/rc/rc.d/securelevel
index 24dbf269df3f..8bb09dd920bd 100755
--- a/libexec/rc/rc.d/securelevel
+++ b/libexec/rc/rc.d/securelevel
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: securelevel
-# REQUIRE: adjkerntz ipfw pf
+# REQUIRE: adjkerntz ipfw pf sysctl_lastload
 
 . /etc/rc.subr
 
@@ -14,10 +14,6 @@ rcvar='kern_securelevel_enable'
 start_cmd="securelevel_start"
 stop_cmd=":"
 
-# Last chance to set sysctl variables that failed the first time.
-#
-/etc/rc.d/sysctl lastload
-
 securelevel_start()
 {
if [ ${kern_securelevel} -ge 0 ]; then
diff --git a/libexec/rc/rc.d/sysctl_lastload b/libexec/rc/rc.d/sysctl_lastload
new file mode 100755
index ..22aafd96d051
--- /dev/null
+++ b/libexec/rc/rc.d/sysctl_lastload
@@ -0,0 +1,18 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: sysctl_lastload
+# REQUIRE: LOGIN
+# BEFORE:  jail
+
+. /etc/rc.subr
+
+name="sysctl_lastload"
+desc="Last chance to set sysctl variables that failed the first time."
+start_cmd="/etc/rc.d/sysctl lastload"
+stop_cmd=":"
+
+load_rc_config $name
+run_rc_command "$1"
___
dev-commits-src-main@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-main
To unsubscribe, send any mail to "dev-commits-src-main-unsubscr...@freebsd.org"

git: 20eb96979392 - main - rc.d: connect sysctl_lastload

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=20eb969793921dce9e524d19fc02b84cabd98f74

commit 20eb969793921dce9e524d19fc02b84cabd98f74
Author: Eugene Grosbein 
AuthorDate: 2021-05-20 04:51:31 +
Commit: Eugene Grosbein 
CommitDate: 2021-05-20 04:51:31 +

rc.d: connect sysctl_lastload

Add recently added sysctl_lastload.
---
 libexec/rc/rc.d/Makefile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libexec/rc/rc.d/Makefile b/libexec/rc/rc.d/Makefile
index 63dc17eceeaf..0834d8c4c2a0 100644
--- a/libexec/rc/rc.d/Makefile
+++ b/libexec/rc/rc.d/Makefile
@@ -104,6 +104,7 @@ CONFS=  DAEMON \
swap \
swaplate \
sysctl \
+   sysctl_lastload \
syslogd \
sysvipc \
tmp \
___
dev-commits-src-main@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-main
To unsubscribe, send any mail to "dev-commits-src-main-unsubscr...@freebsd.org"

git: 3bca93e04275 - main - rc.d/random: add support for zero harvest_mask

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=3bca93e04275045c3d868d09a57f920108f0

commit 3bca93e04275045c3d868d09a57f920108f0
Author: Eugene Grosbein 
AuthorDate: 2021-05-26 11:30:24 +
Commit: Eugene Grosbein 
CommitDate: 2021-05-26 11:30:24 +

rc.d/random: add support for zero harvest_mask

Replace the check for zero harvest_mask with new check for empty string.
This allows one to specify harvest_mask="0" that disables harversting
entropy from all but "pure" sources. Exact bit values for "pure" sources
differ for stable/12 and later branches, so it is handy to use zero.
The check for zero pre-dates introduction of "pure" non-maskable sources
Use empty string to disable altering sysctl kern.random.harvest.mask.

Note that notion of "pure" random sources is not documented in user level
manual pages yet. Still, it helps to extend battery life for hardware
with embedded "Intel Secure Key RNG" by disabling all other sources.

Note that no defaults changed and default behaviour is not affected.

Reported by:Dmitry Luhtionov
---
 libexec/rc/rc.d/random | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libexec/rc/rc.d/random b/libexec/rc/rc.d/random
index d275284e13d6..fda3c8a71fae 100755
--- a/libexec/rc/rc.d/random
+++ b/libexec/rc/rc.d/random
@@ -47,7 +47,7 @@ feed_dev_random()
 random_start()
 {
 
-   if [ ${harvest_mask} -gt 0 ]; then
+   if [ -n "${harvest_mask}" ]; then
echo -n 'Setting up harvesting: '
${SYSCTL} kern.random.harvest.mask=${harvest_mask} > /dev/null
${SYSCTL_N} kern.random.harvest.mask_symbolic
___
dev-commits-src-main@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-main
To unsubscribe, send any mail to "dev-commits-src-main-unsubscr...@freebsd.org"

Re: git: 4c0bc591466f - main - man9: add hz(9) and hardclock(9)

[Eugene Grosbein]

18.06.2021 22:18, John Baldwin wrote:

> OTOH, it's
> also true that there's no real reason for anything outside of the actual timer
> code to use stathz (or even profhz) unlike 'hz' which is still used to set
> timeout tick values.

Not agreed: how do I get reliable per-CPU load stats in userland without sysctl 
kern.cp_times
that exports incrementing raw "stathz-tick" counters? I need them to draw 
per-CPU graphs.



___
dev-commits-src-main@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/dev-commits-src-main
To unsubscribe, send any mail to "dev-commits-src-main-unsubscr...@freebsd.org"

git: 0c54fe172ad3 - main - rc.d/rctl: unbreak for distinct /usr filesystem

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=0c54fe172ad365e7e60d6249484a7579c18b7d2d

commit 0c54fe172ad365e7e60d6249484a7579c18b7d2d
Author: Eugene Grosbein 
AuthorDate: 2021-11-20 08:54:39 +
Commit: Eugene Grosbein 
CommitDate: 2021-11-20 08:56:43 +

rc.d/rctl: unbreak for distinct /usr filesystem

Both rctl and used xargs utility live in /usr/bin
so add REQUIRE: FILESYSTEMS

Reported by:Peter 
MFC after:  3 days
---
 libexec/rc/rc.d/rctl | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libexec/rc/rc.d/rctl b/libexec/rc/rc.d/rctl
index ed5665454dde..f1b001a6ad79 100755
--- a/libexec/rc/rc.d/rctl
+++ b/libexec/rc/rc.d/rctl
@@ -4,6 +4,7 @@
 #
 
 # PROVIDE: rctl
+# REQUIRE: FILESYSTEMS
 # BEFORE: LOGIN
 # KEYWORD: nojail
 

git: 7a382e744b0b - main - if_epair: fix module build outside of kernel build environment

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=7a382e744b0b0ba9b51dc34bfa0cd1515f744f25

commit 7a382e744b0b0ba9b51dc34bfa0cd1515f744f25
Author: Eugene Grosbein 
AuthorDate: 2021-12-11 04:07:50 +
Commit: Eugene Grosbein 
CommitDate: 2021-12-11 04:07:50 +

if_epair: fix module build outside of kernel build environment

MFC after:  3 days
---
 sys/modules/if_epair/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/modules/if_epair/Makefile b/sys/modules/if_epair/Makefile
index ee0757577c4f..3e102413bfe2 100644
--- a/sys/modules/if_epair/Makefile
+++ b/sys/modules/if_epair/Makefile
@@ -3,6 +3,6 @@
 .PATH: ${SRCTOP}/sys/net
 
 KMOD=  if_epair
-SRCS=  if_epair.c
+SRCS=  bus_if.h device_if.h if_epair.c
 
 .include 

git: 37f4cb29bdaf - main - imgact_binmisc: unbreak module build outside of kernel build environment

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=37f4cb29bdafa33ec46f505fb5b769bafddcac74

commit 37f4cb29bdafa33ec46f505fb5b769bafddcac74
Author: Eugene Grosbein 
AuthorDate: 2023-04-11 10:31:34 +
Commit: Eugene Grosbein 
CommitDate: 2023-04-11 10:32:29 +

imgact_binmisc: unbreak module build outside of kernel build environment

MFC after:  3 days
---
 sys/modules/imgact_binmisc/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/modules/imgact_binmisc/Makefile 
b/sys/modules/imgact_binmisc/Makefile
index 6d8f64530db3..e7b7155258cb 100644
--- a/sys/modules/imgact_binmisc/Makefile
+++ b/sys/modules/imgact_binmisc/Makefile
@@ -3,6 +3,6 @@
 .PATH: ${SRCTOP}/sys/kern
 
 KMOD=  imgact_binmisc
-SRCS=  imgact_binmisc.c
+SRCS=  vnode_if.h imgact_binmisc.c
 
 .include 

git: 5ee1c90e50ce - main - tmpfs: unbreak module build outside of kernel build environment

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=5ee1c90e50ce8832c79aa61c8c2bbb71bd097799

commit 5ee1c90e50ce8832c79aa61c8c2bbb71bd097799
Author: Eugene Grosbein 
AuthorDate: 2023-04-15 04:00:03 +
Commit: Eugene Grosbein 
CommitDate: 2023-04-15 04:00:03 +

tmpfs: unbreak module build outside of kernel build environment

MFC after:  3 days
---
 sys/modules/tmpfs/Makefile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sys/modules/tmpfs/Makefile b/sys/modules/tmpfs/Makefile
index 231c1d55fd88..de4921408805 100644
--- a/sys/modules/tmpfs/Makefile
+++ b/sys/modules/tmpfs/Makefile
@@ -4,6 +4,7 @@
 
 KMOD=  tmpfs
 SRCS=  vnode_if.h \
-   tmpfs_vnops.c tmpfs_fifoops.c tmpfs_vfsops.c tmpfs_subr.c opt_tmpfs.h
+   tmpfs_vnops.c tmpfs_fifoops.c tmpfs_vfsops.c tmpfs_subr.c \
+   opt_tmpfs.h opt_ddb.h
 
 .include 

git: 9f5dc374d0da - main - ipfw.8: improve description for interface matching

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=9f5dc374d0dadb6947a9bd9ff8ff44931e1b6422

commit 9f5dc374d0dadb6947a9bd9ff8ff44931e1b6422
Author: Eugene Grosbein 
AuthorDate: 2023-04-25 11:12:11 +
Commit: Eugene Grosbein 
CommitDate: 2023-04-25 11:16:22 +

ipfw.8: improve description for interface matching

The manual describes "if*" form only while kernel uses fnmatch(3)
and allows use for more versatile shell-like patterns.
Note that explicitly and provide an example.

MFC after:  3 days
---
 sbin/ipfw/ipfw.8 | 26 ++
 1 file changed, 22 insertions(+), 4 deletions(-)

diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8
index ef66f89a4d89..884797304b78 100644
--- a/sbin/ipfw/ipfw.8
+++ b/sbin/ipfw/ipfw.8
@@ -1,7 +1,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd January 25, 2023
+.Dd April 25, 2023
 .Dt IPFW 8
 .Os
 .Sh NAME
@@ -1918,13 +1918,24 @@ However, this option doesn't imply an implicit
 .Cm check-state
 in contrast to
 .Cm keep-state .
-.It Cm recv | xmit | via Brq Ar ifX | Ar if Ns Cm * | Ar table Ns Po Ar name 
Ns Oo , Ns Ar value Oc Pc | Ar ipno | Ar any
+.It Cm recv | xmit | via Brq Ar ifX | Ar ifmask | Ar table Ns Po Ar name Ns Oo 
, Ns Ar value Oc Pc | Ar ipno | Ar any
 Matches packets received, transmitted or going through,
 respectively, the interface specified by exact name
 .Po Ar ifX Pc ,
-by device name
-.Po Ar if* Pc ,
+by device mask
+.Po Ar ifmask Pc ,
 by IP address, or through some interface.
+.Pp
+Interface
+name may be matched against
+.Ar ifmask
+with
+.Xr fnmatch 3
+according to the rules used by the shell (f.e. tun*).
+See also the
+.Sx EXAMPLES
+section.
+.Pp
 Table
 .Ar name
 may be used to match interface by its kernel ifindex.
@@ -4223,6 +4234,12 @@ of clients, as below:
 .Dl "ipfw add deny ip from ${badguys} to any"
 .Dl "... normal policies ..."
 .Pp
+Allow any transit packets coming from single vlan 10 and
+going out to vlans 100-1000:
+.Pp
+.Dl "ipfw add 10 allow out recv vlan10 \e"
+.Dl "{ xmit vlan1000 or xmit \*qvlan[1-9]??\*q }"
+.Pp
 The
 .Cm verrevpath
 option could be used to do automated anti-spoofing by adding the
@@ -4746,6 +4763,7 @@ can be changed in a similar way as for
 .Sh SEE ALSO
 .Xr cpp 1 ,
 .Xr m4 1 ,
+.Xr fnmatch 3 ,
 .Xr altq 4 ,
 .Xr divert 4 ,
 .Xr dummynet 4 ,

git: 83fd35b3f3fa - main - logger(1): fix timestamps in case of long run

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=83fd35b3f3fa580d2b99874abd1f67ee61dcb659

commit 83fd35b3f3fa580d2b99874abd1f67ee61dcb659
Author: Eugene Grosbein 
AuthorDate: 2023-04-27 16:43:16 +
Commit: Eugene Grosbein 
CommitDate: 2023-04-27 16:43:16 +

logger(1): fix timestamps in case of long run

An example:

( echo test; sleep 2; echo test2 ) | logger -h /var/run/log

Before fix, logger assigned same timestamp to both records.

Fixes:  65547fb33db901a9f352aacb0ed45ce68b0bd275
Reported by:Vadim Goncharov
MFC after:  1 week
---
 usr.bin/logger/logger.c | 18 --
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/usr.bin/logger/logger.c b/usr.bin/logger/logger.c
index 1ce8d81db6f6..32fda60717d6 100644
--- a/usr.bin/logger/logger.c
+++ b/usr.bin/logger/logger.c
@@ -198,22 +198,23 @@ main(int argc, char *argv[])
if (host == NULL)
cap_openlog(capsyslog, tag, logflags, 0);
 
-   (void )time(&now);
-   (void )ctime_r(&now, tbuf);
-   tbuf[19] = '\0';
-   timestamp = tbuf + 4;
-
if (hostname == NULL) {
hostname = hbuf;
(void )gethostname(hbuf, MAXHOSTNAMELEN);
*strchrnul(hostname, '.') = '\0';
}
 
+   timestamp = tbuf + 4;
+
/* log input line if appropriate */
if (argc > 0) {
char *p, *endp;
size_t len;
 
+   (void )time(&now);
+   (void )ctime_r(&now, tbuf);
+   tbuf[19] = '\0';
+
for (p = buf, endp = buf + sizeof(buf) - 2; *argv;) {
len = strlen(*argv);
if (p + len > endp && p > buf) {
@@ -235,9 +236,14 @@ main(int argc, char *argv[])
logmessage(pri, timestamp, hostname, tag, socks, nsock,
buf);
} else
-   while (fgets(buf, sizeof(buf), stdin) != NULL)
+   while (fgets(buf, sizeof(buf), stdin) != NULL) {
+   (void )time(&now);
+   (void )ctime_r(&now, tbuf);
+   tbuf[19] = '\0';
+
logmessage(pri, timestamp, hostname, tag, socks, nsock,
buf);
+   }
exit(0);
 }
 

Re: git: e0e5bf4d6283 - main - freebsd-update: Mention 13.2-RELEASE in usage.

[Eugene Grosbein]

30.04.2023 12:07, Poul-Henning Kamp wrote:
> The branch main has been updated by phk:
> 
> URL: 
> https://cgit.FreeBSD.org/src/commit/?id=e0e5bf4d62831090a23dd0e0ac374baa0a00ef98
> 
> commit e0e5bf4d62831090a23dd0e0ac374baa0a00ef98
> Author: Poul-Henning Kamp 
> AuthorDate: 2023-04-30 05:06:56 +
> Commit: Poul-Henning Kamp 
> CommitDate: 2023-04-30 05:06:56 +
> 
> freebsd-update:  Mention 13.2-RELEASE in usage.
> ---
>  usr.sbin/freebsd-update/freebsd-update.sh | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/usr.sbin/freebsd-update/freebsd-update.sh 
> b/usr.sbin/freebsd-update/freebsd-update.sh
> index 4ef44d1ad000..03eefee75bbd 100644
> --- a/usr.sbin/freebsd-update/freebsd-update.sh
> +++ b/usr.sbin/freebsd-update/freebsd-update.sh
> @@ -49,7 +49,7 @@ Options:
>case of an unfinished upgrade
>-j jail  -- Operate on the given jail specified by jid or name
>-k KEY   -- Trust an RSA key with SHA256 hash of KEY
> -  -r release   -- Target for upgrade (e.g., 11.1-RELEASE)
> +  -r release   -- Target for upgrade (e.g., 13.2-RELEASE)
>-s server-- Server from which to fetch updates
>(default: update.FreeBSD.org)
>-t address   -- Mail output of cron command, if any, to address

I took some historic data from https://www.freebsd.org/releases/ to make a 
table of release years:

9.2  2013 
10.2 2015
11.2 2018
12.2 2020
13.2 2023

Note that formula (int)((year-1990)*2/5) gives exact major release number for 
.2 release
and it uses integer arithmetic only. Given freebsd-update.sh is a shell script
with $(( )) for integer arithmetic, we could automate the usage message for the 
future.

git: 4824d7887259 - main - listen(2): improve administrator control over logging

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=4824d788725987bccff53dec8c103cbac455b3ed

commit 4824d788725987bccff53dec8c103cbac455b3ed
Author: Eugene Grosbein 
AuthorDate: 2023-04-30 20:14:30 +
Commit: Eugene Grosbein 
CommitDate: 2023-04-30 20:26:44 +

listen(2): improve administrator control over logging

As documented in listen.2 manual page, the kernel emits a LOG_DEBUG
syslog message if a socket listen queue overflows. For some appliances,
it may be desirable to change the priority to some higher value
like LOG_INFO while keeping other debugging suppressed.

OTOH there are cases when such overflows are normal and expected.
Then it may be desirable to suppress overflow logging altogether,
so that dmesg buffer is not flooded over long run.

In addition to existing sysctl kern.ipc.sooverinterval,
introduce new sysctl kern.ipc.sooverprio that defaults to 7 (LOG_DEBUG)
to preserve current behavior. It may be changed to any value
in a range of 0..7 for corresponding priority or to -1 to suppress logging.
Document it in the listen.2 manual page.

MFC after:  1 month
---
 lib/libc/sys/listen.2  | 15 +--
 sys/kern/uipc_socket.c | 13 ++---
 2 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/lib/libc/sys/listen.2 b/lib/libc/sys/listen.2
index 4d0962fd412c..076163548b72 100644
--- a/lib/libc/sys/listen.2
+++ b/lib/libc/sys/listen.2
@@ -28,7 +28,7 @@
 .\"From: @(#)listen.2  8.2 (Berkeley) 12/11/93
 .\" $FreeBSD$
 .\"
-.Dd April 14, 2020
+.Dd April 30, 2023
 .Dt LISTEN 2
 .Os
 .Sh NAME
@@ -111,10 +111,20 @@ or less than zero is specified,
 is silently forced to
 .Va kern.ipc.soacceptqueue .
 .Pp
-If the listen queue overflows, the kernel will emit a LOG_DEBUG syslog message.
+If the listen queue overflows, the kernel will emit a syslog message
+using default priority LOG_DEBUG (7).
 The
 .Xr sysctl 3
 MIB variable
+.Va kern.ipc.sooverprio
+may be used to change this priority to any value in a range of 0..7
+(LOG_EMERG..LOG_DEBUG).
+See
+.Xr syslog 3
+for details.
+It may be set to -1 to disable these messages.
+.Pp
+The variable
 .Va kern.ipc.sooverinterval
 specifies a per-socket limit on how often the kernel will emit these messages.
 .Sh INTERACTION WITH ACCEPT FILTERS
@@ -164,6 +174,7 @@ The socket is not of a type that supports the operation
 .Xr connect 2 ,
 .Xr socket 2 ,
 .Xr sysctl 3 ,
+.Xr syslog 3 ,
 .Xr sysctl 8 ,
 .Xr accept_filter 9
 .Sh HISTORY
diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c
index f529f885d17c..eaff57d50d78 100644
--- a/sys/kern/uipc_socket.c
+++ b/sys/kern/uipc_socket.c
@@ -578,6 +578,10 @@ SYSCTL_INT(_regression, OID_AUTO, sonewconn_earlytest, 
CTLFLAG_RW,
 ®ression_sonewconn_earlytest, 0, "Perform early sonewconn limit test");
 #endif
 
+static int sooverprio = LOG_DEBUG;
+SYSCTL_INT(_kern_ipc, OID_AUTO, sooverprio, CTLFLAG_RW,
+&sooverprio, 0, "Log priority for listen socket overflows: 0..7 or -1 to 
disable");
+
 static struct timeval overinterval = { 60, 0 };
 SYSCTL_TIMEVAL_SEC(_kern_ipc, OID_AUTO, sooverinterval, CTLFLAG_RW,
 &overinterval,
@@ -617,7 +621,8 @@ solisten_clone(struct socket *head)
if (over) {
 #endif
head->sol_overcount++;
-   dolog = !!ratecheck(&head->sol_lastover, &overinterval);
+   dolog = (sooverprio >= 0) &&
+   !!ratecheck(&head->sol_lastover, &overinterval);
 
/*
 * If we're going to log, copy the overflow count and queue
@@ -706,14 +711,16 @@ solisten_clone(struct socket *head)
 * sys/kern/sonewconn_overflow checks for it.
 */
if (head->so_cred == 0) {
-   log(LOG_DEBUG, "sonewconn: pcb %p (%s): "
+   log(LOG_PRI(sooverprio),
+   "sonewconn: pcb %p (%s): "
"Listen queue overflow: %i already in "
"queue awaiting acceptance (%d "
"occurrences)\n", head->so_pcb,
sbuf_data(&descrsb),
qlen, overcount);
} else {
-   log(LOG_DEBUG, "sonewconn: pcb %p (%s): "
+   log(LOG_PRI(sooverprio),
+   "sonewconn: pcb %p (%s): "
"Listen queue overflow: "
"%i already in queue awaiting acceptance "
"(%d occurrences), euid %d, rgid %d, jail 
%s\n",

git: e9ae9fa93745 - main - syslog(3): unbreak log generation using fabricated PID

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=e9ae9fa93745669b7dd0341d333257ad6cfe8e37

commit e9ae9fa93745669b7dd0341d333257ad6cfe8e37
Author: Eugene Grosbein 
AuthorDate: 2022-08-08 22:21:02 +
Commit: Eugene Grosbein 
CommitDate: 2022-08-08 22:21:02 +

syslog(3): unbreak log generation using fabricated PID

Recover application ability to supply fabricated PID
embedded into ident that was lost when libc switched
to generation of RFC 5424 log messages, for example:

logger -t "ident[$$]" -p user.notice "test"

It is essential for long running scripts.
Also, this change unbreaks matching resulted entries
by ident in syslog.conf:

!ident
*.* /var/log/ident.log

Without the fix, the log (and matching) was broken:

Aug  1 07:36:58 hostname ident[123][86483]: test

Now it works as expected and worked before breakage:

Aug  1 07:39:40 hostname ident[123]: test

Differential:   https://reviews.freebsd.org/D36005
MFC after:  2 weeks
---
 lib/libc/gen/syslog.c | 54 ---
 1 file changed, 51 insertions(+), 3 deletions(-)

diff --git a/lib/libc/gen/syslog.c b/lib/libc/gen/syslog.c
index a466b4cbc49e..8d48f7f32836 100644
--- a/lib/libc/gen/syslog.c
+++ b/lib/libc/gen/syslog.c
@@ -65,7 +65,9 @@ static intLogFile = -1;   /* fd for log */
 static boolconnected;  /* have done connect */
 static int opened; /* have done openlog() */
 static int LogStat = 0;/* status bits, set by openlog() */
+static pid_t   LogPid = -1;/* process id to tag the entry with */
 static const char *LogTag = NULL;  /* string to tag the entry with */
+static int LogTagLength = -1;  /* usable part of LogTag */
 static int LogFacility = LOG_USER; /* default facility code */
 static int LogMask = 0xff; /* mask of priorities to be logged */
 static pthread_mutex_t syslog_mutex = PTHREAD_MUTEX_INITIALIZER;
@@ -85,6 +87,7 @@ static pthread_mutex_tsyslog_mutex = 
PTHREAD_MUTEX_INITIALIZER;
 static voiddisconnectlog(void); /* disconnect from syslogd */
 static voidconnectlog(void);   /* (re)connect to syslogd */
 static voidopenlog_unlocked(const char *, int, int);
+static voidparse_tag(void);/* parse ident[NNN] if needed */
 
 /*
  * Format of the magic cookie passed through the stdio hook
@@ -204,13 +207,20 @@ vsyslog1(int pri, const char *fmt, va_list ap)
/* Application name. */
if (LogTag == NULL)
LogTag = _getprogname();
-   (void)fprintf(fp, "%s ", LogTag == NULL ? NILVALUE : LogTag);
+   else if (LogTagLength == -1)
+   parse_tag();
+   if (LogTagLength > 0)
+   (void)fprintf(fp, "%.*s ", LogTagLength, LogTag);
+   else
+   (void)fprintf(fp, "%s ", LogTag == NULL ? NILVALUE : LogTag);
/*
 * Provide the process ID regardless of whether LOG_PID has been
 * specified, as it provides valuable information. Many
 * applications tend not to use this, even though they should.
 */
-   (void)fprintf(fp, "%d ", getpid());
+   if (LogPid == -1)
+   LogPid = getpid();
+   (void)fprintf(fp, "%d ", (int)LogPid);
/* Message ID. */
(void)fputs(NILVALUE " ", fp);
/* Structured data. */
@@ -398,9 +408,12 @@ connectlog(void)
 static void
 openlog_unlocked(const char *ident, int logstat, int logfac)
 {
-   if (ident != NULL)
+   if (ident != NULL) {
LogTag = ident;
+   LogTagLength = -1;
+   }
LogStat = logstat;
+   parse_tag();
if (logfac != 0 && (logfac &~ LOG_FACMASK) == 0)
LogFacility = logfac;
 
@@ -430,6 +443,7 @@ closelog(void)
LogFile = -1;
}
LogTag = NULL;
+   LogTagLength = -1;
connected = false;
THREAD_UNLOCK();
 }
@@ -447,3 +461,37 @@ setlogmask(int pmask)
THREAD_UNLOCK();
return (omask);
 }
+
+/*
+ * Obtain LogPid from LogTag formatted as following: ident[NNN]
+ */
+static void
+parse_tag(void)
+{
+   char *begin, *end, *p;
+   pid_t pid;
+
+   if (LogTag == NULL || (LogStat & LOG_PID) != 0)
+   return;
+   /*
+* LogTagLength is -1 if LogTag was not parsed yet.
+* Avoid multiple passes over same LogTag.
+*/
+   LogTagLength = 0;
+
+   /* Check for presence of opening [ and non-empty ident. */
+   if ((begin = strchr(LogTag, '[')) == NULL || begin == LogTag)
+   return;
+   /* Check for presence of closing ] at the very end and non-empty pid. */
+   if ((end = strchr(begin + 1, ']')) == NULL || 

Re: git: 39fdad34e220 - main - stand: impose 510,000 byte limit for /boot/loader and /boot/pxeldr

[Eugene Grosbein]

11.08.2022 10:31, Warner Losh wrote:

> At this late date, it likely isn't worth the efforts to move parts of
> the loader into high memory. There's a number of assumptions about where
> the stack is, where buffers reside, etc that are fulfilled when it lives
> in the first 640k that would need bounce buffers and/or other counter
> measures if we were to split it up. All BIOS calls are done in 16-bit
> mode with SEG:OFF addresses, requiring them to be in the first 640k of
> RAM. And nearly all machines in the last decade can boot with UEFI
> (though there's some exceptions, so it isn't worth killing outright
> yet).

Also, there is still working hardware (32bit-only even) that pre-dates 10 years 
margin
like some PC104 platforms with BIOS-only boot  and great FreeBSD support.
For example, based on AMD Geode that runs FreeBSD 12.3-STABLE/i386 just fine.

git: 160a2f2cdda8 - main - rc.conf(5): add _umask to run the service using this value

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=160a2f2cdda806e104c0d3194bfb84b208ad1ae8

commit 160a2f2cdda806e104c0d3194bfb84b208ad1ae8
Author: Eugene Grosbein 
AuthorDate: 2022-08-28 05:45:23 +
Commit: Eugene Grosbein 
CommitDate: 2022-08-28 05:48:58 +

rc.conf(5): add _umask to run the service using this value

None of tools working with login classes change umask(1)
and we had no ways to specify non-default umask for a service
not touching its startup script. This change makes in possible.

Some file-sharing services that create new files may benefit from it.

Differential:   https://reviews.freebsd.org/D36309
MFC-after:  3 days
---
 libexec/rc/rc.subr   | 10 +-
 share/man/man5/rc.conf.5 |  8 +++-
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/libexec/rc/rc.subr b/libexec/rc/rc.subr
index 9ae93dc391a2..81bef4f05fe0 100644
--- a/libexec/rc/rc.subr
+++ b/libexec/rc/rc.subr
@@ -791,6 +791,8 @@ startmsg()
 #
 #  ${name}_oomprotect nDon't kill ${command} when swap space is 
exhausted.
 #
+#  ${name}_umask   n   The file creation mask to run ${command} with.
+#
 #  ${name}_usern   User to run ${command} as, using su(1) if not
 #  using ${name}_chroot.
 #  Requires /usr to be mounted.
@@ -996,7 +998,8 @@ run_rc_command()
_fib=\$${name}_fib  _env=\$${name}_env \
_prepend=\$${name}_prepend  
_login_class=\${${name}_login_class:-daemon} \
_limits=\$${name}_limits_oomprotect=\$${name}_oomprotect \
-   _setup=\$${name}_setup  _env_file=\$${name}_env_file
+   _setup=\$${name}_setup  _env_file=\$${name}_env_file \
+   _umask=\$${name}_umask
 
if [ -n "$_env_file" ] && [ -r "${_env_file}" ]; then   # load env from 
file
set -a
@@ -1357,9 +1360,14 @@ _run_rc_postcmd()
 
 _run_rc_doit()
 {
+   local _m
+
debug "run_rc_command: doit: $*"
+   _m=$(umask)
+   ${_umask:+umask ${_umask}}
eval "$@"
_return=$?
+   umask ${_m}
 
# If command failed and force isn't set, request exit.
if [ $_return -ne 0 ] && [ -z "$rc_force" ]; then
diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5
index d86af5a0f224..8592739ccb49 100644
--- a/share/man/man5/rc.conf.5
+++ b/share/man/man5/rc.conf.5
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd July 7, 2022
+.Dd August 28, 2022
 .Dt RC.CONF 5
 .Os
 .Sh NAME
@@ -239,6 +239,11 @@ such as PostgreSQL will not inherit the OOM killer 
protection.
 .Pp
 This variable has no effect on services running within a
 .Xr jail 8 .
+.It Ao Ar name Ac Ns Va _umask
+.Pq Vt int
+Run the service using this
+.Xr umask 1
+value.
 .It Ao Ar name Ac Ns Va _user
 .Pq Vt str
 Run the service under this user account.
@@ -4691,6 +4696,7 @@ The default is 10.
 .Xr limits 1 ,
 .Xr protect 1 ,
 .Xr sh 1 ,
+.Xr umask 1 ,
 .Xr vi 1 ,
 .Xr vidcontrol 1 ,
 .Xr bridge 4 ,

Re: git: 24e1824e4646 - main - Deprecate telnet daemon

[Eugene Grosbein]

22.09.2022 4:45, Shawn Webb wrote:

>> On Wed, Sep 21, 2022 at 01:02:17PM -0500, Mike Karels wrote:
>> M> I have no problem with deprecating (or removing) telnetd in base.  I
>> M> think the client should remain, though.  I use it frequently, although
>> M> not on the telnet port.  ftp* are another issue; anonymous FTP is a
>> M> perfectly reasonable usage.  I use it to download FreeBSD images often.
>>
>> Is there any service where telnet to a port would be preferred over nc(1)?
> 
> I wonder if it would be worthwhile to hardlink telnet(1) to nc(1).

Telnet is much more feature-rich. For example, I use telnet to connect to 
IP-based remote console server
that uses bunch of RS-232 async ports to setup and/or OOB-control Cisco routers
and telnet has "send break" command to send BREAK signal to enter ROMMON for 
boot-looping device.

git: 1cbe5012cfe1 - main - pw(8): fix combination of modes -N and -w random

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=1cbe5012cfe10226dd365af325a01de5d4c15f5d

commit 1cbe5012cfe10226dd365af325a01de5d4c15f5d
Author: Eugene Grosbein 
AuthorDate: 2022-11-28 14:22:39 +
Commit: Eugene Grosbein 
CommitDate: 2022-11-28 14:22:39 +

pw(8): fix combination of modes -N and -w random

The command "pw usermod nobody -Nw random" (or useradd)
generates random password and prints it in encrypted form
but skips choosen random string that makes not much sense
and contradicts the manual page pw.8

Fix it by showing random password in plain text with -N and
without it equally. Add yet another example of how to generate
pw-style random password.

MFC after:  2 weeks
---
 usr.sbin/pw/pw.8  |  8 +++-
 usr.sbin/pw/pw_user.c | 11 +--
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/usr.sbin/pw/pw.8 b/usr.sbin/pw/pw.8
index 64c22ce49848..5997728b363e 100644
--- a/usr.sbin/pw/pw.8
+++ b/usr.sbin/pw/pw.8
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd July 21, 2022
+.Dd November 28, 2022
 .Dt PW 8
 .Os
 .Sh NAME
@@ -993,6 +993,12 @@ in addition to the other groups jsmith is already a member 
of.
 .Bd -literal -offset indent
 pw groupmod wheel -m jsmith
 .Ed
+.Pp
+Generate random password and show it in both plain text and
+encrypted form not modifying any database.
+.Bd -literal -offset indent
+pw usermod nobody -Nw random
+.Ed
 .Sh EXIT STATUS
 The
 .Nm
diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c
index 7dd84d468f1f..00f290f72c97 100644
--- a/usr.sbin/pw/pw_user.c
+++ b/usr.sbin/pw/pw_user.c
@@ -80,8 +80,7 @@ static uid_t   pw_gidpolicy(struct userconf *cnf, char 
*grname, char *nam,
 static char*pw_homepolicy(struct userconf * cnf, char *homedir,
 const char *user);
 static char*pw_shellpolicy(struct userconf * cnf);
-static char*pw_password(struct userconf * cnf, char const * user,
-bool dryrun);
+static char*pw_password(struct userconf * cnf, char const * user);
 static char*shell_path(char const * path, char *shells[], char *sh);
 static voidrmat(uid_t uid);
 
@@ -510,7 +509,7 @@ pw_pwcrypt(char *password)
 }
 
 static char *
-pw_password(struct userconf * cnf, char const * user, bool dryrun)
+pw_password(struct userconf * cnf, char const * user)
 {
int i, l;
charpwbuf[32];
@@ -527,7 +526,7 @@ pw_password(struct userconf * cnf, char const * user, bool 
dryrun)
/*
 * We give this information back to the user
 */
-   if (conf.fd == -1 && !dryrun) {
+   if (conf.fd == -1) {
if (isatty(STDOUT_FILENO))
printf("Password for '%s' is: ", user);
printf("%s\n", pwbuf);
@@ -1375,7 +1374,7 @@ pw_user_add(int argc, char **argv, char *arg1)
if (lc == NULL || login_setcryptfmt(lc, "sha512", NULL) == NULL)
warn("setting crypt(3) format");
login_close(lc);
-   pwd->pw_passwd = pw_password(cmdcnf, pwd->pw_name, dryrun);
+   pwd->pw_passwd = pw_password(cmdcnf, pwd->pw_name);
if (pwd->pw_uid == 0 && strcmp(pwd->pw_name, "root") != 0)
warnx("WARNING: new account `%s' has a uid of 0 "
"(superuser access!)", pwd->pw_name);
@@ -1724,7 +1723,7 @@ pw_user_mod(int argc, char **argv, char *arg1)
login_close(lc);
cnf->default_password = passwd_val(passwd,
cnf->default_password);
-   pwd->pw_passwd = pw_password(cnf, pwd->pw_name, dryrun);
+   pwd->pw_passwd = pw_password(cnf, pwd->pw_name);
edited = true;
}
 

git: 6ab555cff601 - main - syslog(3): expand a commentary adding a reference to RFC 3164.

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=6ab555cff601e42a514db16f6d9b7fd0a4ef94cd

commit 6ab555cff601e42a514db16f6d9b7fd0a4ef94cd
Author: Eugene Grosbein 
AuthorDate: 2023-01-01 08:26:30 +
Commit: Eugene Grosbein 
CommitDate: 2023-01-01 08:28:42 +

syslog(3): expand a commentary adding a reference to RFC 3164.
---
 lib/libc/gen/syslog.c | 5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/libc/gen/syslog.c b/lib/libc/gen/syslog.c
index 8d48f7f32836..2424cef78dd7 100644
--- a/lib/libc/gen/syslog.c
+++ b/lib/libc/gen/syslog.c
@@ -463,7 +463,10 @@ setlogmask(int pmask)
 }
 
 /*
- * Obtain LogPid from LogTag formatted as following: ident[NNN]
+ * Obtain LogPid from LogTag formatted as per RFC 3164,
+ * Section 5.3 Originating Process Information:
+ *
+ * ident[NNN]
  */
 static void
 parse_tag(void)

git: 2ce3ef550350 - main - syslog: fix PID of forking process

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=2ce3ef55035093cac7839e71e9ff91f5562ebc29

commit 2ce3ef55035093cac7839e71e9ff91f5562ebc29
Author: Eugene Grosbein 
AuthorDate: 2023-01-03 08:53:47 +
Commit: Eugene Grosbein 
CommitDate: 2023-01-03 08:58:36 +

syslog: fix PID of forking process

Do not cache PID for a process that does not fabricate it,
calls openlog() before forking and does not call exec() thereafter.

PR: 268666
Fixes:  e9ae9fa93745669b7dd0341d333257ad6cfe8e37
Tested by:  kp
MFC after:  3 days
---
 lib/libc/gen/syslog.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/libc/gen/syslog.c b/lib/libc/gen/syslog.c
index 2424cef78dd7..08bdfdbeb1e7 100644
--- a/lib/libc/gen/syslog.c
+++ b/lib/libc/gen/syslog.c
@@ -218,7 +218,7 @@ vsyslog1(int pri, const char *fmt, va_list ap)
 * specified, as it provides valuable information. Many
 * applications tend not to use this, even though they should.
 */
-   if (LogPid == -1)
+   if (LogTagLength <= 0)
LogPid = getpid();
(void)fprintf(fp, "%d ", (int)LogPid);
/* Message ID. */

Re: git: 8664e266d6a4 - main - growfs(7): clarify assumptions and limitations

[Eugene Grosbein]

06.01.2023 7:44, Mike Karels wrote:

> The branch main has been updated by karels:
> 
> URL: 
> https://cgit.FreeBSD.org/src/commit/?id=8664e266d6a4573d1875ee8f4ce0cdb091171780
> 
> commit 8664e266d6a4573d1875ee8f4ce0cdb091171780
> Author: Mike Karels 
> AuthorDate: 2023-01-05 13:15:21 +
> Commit: Mike Karels 
> CommitDate: 2023-01-06 00:44:16 +
> 
> growfs(7): clarify assumptions and limitations
> 
> Document that the growfs(7) script works only if the root file system
> is in the last partition and free space immediately follows it.
> Don't imply that /usr can be a separate partition, as that would
> likely mean that root is not last.
> 
> Reported by:marklmi at yahoo dot com

Meantime, growfs(8) binary command living in /sbin successfully growfs root 
file system
being NOT last, if there is following free space immediately after it.

I use that feature occasionally dealing with installworld problem for systems 
installed
long time ago (pre-date introduction of Clang in FreeBSD)
when distinct root and /usr partitions sized 512MB were more than enough.

For example:

swap partition (b) 8GB
root partition (a) 512MB
/usr partition (d) 512MB
others including /usr/local, /home etc...

For major source based upgrade 512MB is not enough to hold new /usr contents,
so I temporary destroy swap partition at the beginning and recreate it 1GB less 
to make hole
that is used to create alternative 1GB sized partition temporary mounted as 
/mnt/usr.
I dump|restore /usr to /mnt/usr, change /etc/fstab to mount new partition as 
/usr
and not mount old one at all, and reboot. After that:

swap partition (b) 7GB
/usr partition (g) 1GB
root partition (a) 512MB
former /usr partition (d) 512MB
others...

Then I destroy partition (d) making free space immediately following root 
partition
that is NOT last one. And growfs(8) works on mounted r/w root just fine.
That worked every time I tried.

I wonder why growfs(7) should have the limitation described in cited commit.

git: ba94a95402f3 - main - gpart(8): add minimal reference to glabel(8) to manual page

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=ba94a95402f335c8e7aa8e28ebdad43361c65909

commit ba94a95402f335c8e7aa8e28ebdad43361c65909
Author: Eugene Grosbein 
AuthorDate: 2022-01-10 15:00:30 +
Commit: Eugene Grosbein 
CommitDate: 2022-01-10 15:07:23 +

gpart(8): add minimal reference to glabel(8) to manual page

MFC after:  1 week
---
 lib/geom/part/gpart.8 | 5 +
 1 file changed, 5 insertions(+)

diff --git a/lib/geom/part/gpart.8 b/lib/geom/part/gpart.8
index d27844f709e9..e71ba0e928a6 100644
--- a/lib/geom/part/gpart.8
+++ b/lib/geom/part/gpart.8
@@ -605,6 +605,10 @@ Requires the
 .Cm GEOM_PART_VTOC8
 kernel option.
 .El
+.Pp
+See
+.Xr glabel 8
+for additional information on labelization of devices and partitions.
 .Sh PARTITION TYPES
 Partition types are identified on disk by particular strings or magic
 values.
@@ -1507,6 +1511,7 @@ and
 .Xr geom 4 ,
 .Xr boot0cfg 8 ,
 .Xr geom 8 ,
+.Xr glabel 8 ,
 .Xr gptboot 8
 .Sh HISTORY
 The

Re: git: ba94a95402f3 - main - gpart(8): add minimal reference to glabel(8) to manual page

[Eugene Grosbein]

If one with better English would improve wording in the change, I will be glad.

The intention is to add a reference to glabel(8) manual page for a beginner 
administrator.

> The branch main has been updated by eugen:
> 
> URL: 
> https://cgit.FreeBSD.org/src/commit/?id=ba94a95402f335c8e7aa8e28ebdad43361c65909
> 
> commit ba94a95402f335c8e7aa8e28ebdad43361c65909
> Author: Eugene Grosbein 
> AuthorDate: 2022-01-10 15:00:30 +0000
> Commit: Eugene Grosbein 
> CommitDate: 2022-01-10 15:07:23 +
> 
> gpart(8): add minimal reference to glabel(8) to manual page
> 
> MFC after:  1 week
> ---
>  lib/geom/part/gpart.8 | 5 +
>  1 file changed, 5 insertions(+)
> 
> diff --git a/lib/geom/part/gpart.8 b/lib/geom/part/gpart.8
> index d27844f709e9..e71ba0e928a6 100644
> --- a/lib/geom/part/gpart.8
> +++ b/lib/geom/part/gpart.8
> @@ -605,6 +605,10 @@ Requires the
>  .Cm GEOM_PART_VTOC8
>  kernel option.
>  .El
> +.Pp
> +See
> +.Xr glabel 8
> +for additional information on labelization of devices and partitions.
>  .Sh PARTITION TYPES
>  Partition types are identified on disk by particular strings or magic
>  values.
> @@ -1507,6 +1511,7 @@ and
>  .Xr geom 4 ,
>  .Xr boot0cfg 8 ,
>  .Xr geom 8 ,
> +.Xr glabel 8 ,
>  .Xr gptboot 8
>  .Sh HISTORY
>  The
> 
> 

git: e3bad5f7aa86 - main - fetch(1): process truncated transfer as soft failure

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=e3bad5f7aa86a0911cf8d28395e7a29395739985

commit e3bad5f7aa86a0911cf8d28395e7a29395739985
Author: Eugene Grosbein 
AuthorDate: 2022-01-24 04:03:42 +
Commit: Eugene Grosbein 
CommitDate: 2022-01-24 04:09:37 +

fetch(1): process truncated transfer as soft failure

Let "fetch -a" resume truncated transfer automatically
perform another attempt if it obtained some new data in previous one
making progress.

This makes it more robust against frequent but transient network failures.
For example:

=> sqlite-src-3370200.zip doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch https://www.sqlite.org/2022/sqlite-src-3370200.zip
sqlite-src-3370200.zip  3% of   12 MB   45 kBps 
04m24s
fetch: sqlite-src-3370200.zip appears to be truncated: 524288/13145234 bytes
sqlite-src-3370200.zip 10% of   12 MB   67 kBps 
02m56s
fetch: sqlite-src-3370200.zip appears to be truncated: 1327104/13145234 
bytes
sqlite-src-3370200.zip 28% of   12 MB  123 kBps 
01m14s
fetch: sqlite-src-3370200.zip appears to be truncated: 3735552/13145234 
bytes
sqlite-src-3370200.zip 54% of   12 MB  253 kBps
24s
fetch: sqlite-src-3370200.zip appears to be truncated: 7176192/13145234 
bytes
sqlite-src-3370200.zip 62% of   12 MB   90 kBps
55s
fetch: sqlite-src-3370200.zip appears to be truncated: 8241152/13145234 
bytes
sqlite-src-3370200.zip 82% of   12 MB  113 kBps
20s
fetch: sqlite-src-3370200.zip appears to be truncated: 10862592/13145234 
bytes
sqlite-src-3370200.zip  12 MB  185 kBps
12s
===> Fetching all distfiles required by sqlite3-3.37.2,1 for building

MFC after:  1 month
---
 usr.bin/fetch/fetch.c | 21 +
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/usr.bin/fetch/fetch.c b/usr.bin/fetch/fetch.c
index 22f7a1d2950b..3526e5d6c5c1 100644
--- a/usr.bin/fetch/fetch.c
+++ b/usr.bin/fetch/fetch.c
@@ -433,11 +433,11 @@ fetch(char *URL, const char *path)
struct xferstat xs;
FILE *f, *of;
size_t size, readcnt, wr;
-   off_t count;
+   off_t count, size_prev;
char flags[8];
const char *slash;
char *tmppath;
-   int r;
+   int r, tries;
unsigned timeout;
char *ptr;
 
@@ -537,6 +537,9 @@ fetch(char *URL, const char *path)
goto success;
}
 
+   tries = 1;
+again:
+   r = 0;
/*
 * If the -r flag was specified, we have to compare the local
 * and remote files, so we should really do a fetchStat()
@@ -553,7 +556,7 @@ fetch(char *URL, const char *path)
sb.st_size = -1;
if (!o_stdout) {
r = stat(path, &sb);
-   if (r == 0 && r_flag && S_ISREG(sb.st_mode)) {
+   if (r == 0 && (r_flag || tries > 1) && S_ISREG(sb.st_mode)) {
url->offset = sb.st_size;
} else if (r == -1 || !S_ISREG(sb.st_mode)) {
/*
@@ -568,6 +571,7 @@ fetch(char *URL, const char *path)
goto failure;
}
}
+   size_prev = sb.st_size;
 
/* start the transfer */
if (timeout)
@@ -629,7 +633,7 @@ fetch(char *URL, const char *path)
of = stdout;
} else if (r_flag && sb.st_size != -1) {
/* resume mode, local file exists */
-   if (!F_flag && us.mtime && sb.st_mtime != us.mtime) {
+   if (!F_flag && us.mtime && sb.st_mtime != us.mtime && tries == 
1) {
/* no match! have to refetch */
fclose(f);
/* if precious, warn the user and give up */
@@ -717,6 +721,8 @@ fetch(char *URL, const char *path)
slash = path;
else
++slash;
+   if(tmppath != NULL)
+   free(tmppath);
asprintf(&tmppath, "%.*s.fetch.XX.%s",
(int)(slash - path), path, slash);
if (tmppath != NULL) {
@@ -829,6 +835,13 @@ fetch(char *URL, const char *path)
if (us.size != -1 && count < us.size) {
warnx("%s appears to be truncated: %jd/%jd bytes",
path, (intmax_t)count, (intmax_t)us.size);
+   if(!o_stdout && a_flag && us.size > size_prev) {
+   fclose(f);
+   if (w_secs)
+   sleep(w_secs);
+   tries++;
+   goto again;
+   }
goto failure_keep;
}
 

git: a4efbe0d6da2 - main - fetch(1): correct progress accounting after previous commit

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=a4efbe0d6da28eea0de4d414af25e7853ab8adfa

commit a4efbe0d6da28eea0de4d414af25e7853ab8adfa
Author: Eugene Grosbein 
AuthorDate: 2022-01-24 04:17:24 +
Commit: Eugene Grosbein 
CommitDate: 2022-01-24 04:17:24 +

fetch(1): correct progress accounting after previous commit

MFC after:  1 month
---
 usr.bin/fetch/fetch.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr.bin/fetch/fetch.c b/usr.bin/fetch/fetch.c
index 3526e5d6c5c1..3e24707d6021 100644
--- a/usr.bin/fetch/fetch.c
+++ b/usr.bin/fetch/fetch.c
@@ -835,7 +835,7 @@ again:
if (us.size != -1 && count < us.size) {
warnx("%s appears to be truncated: %jd/%jd bytes",
path, (intmax_t)count, (intmax_t)us.size);
-   if(!o_stdout && a_flag && us.size > size_prev) {
+   if(!o_stdout && a_flag && count > size_prev) {
fclose(f);
if (w_secs)
sleep(w_secs);

git: bf599c03f09d - main - fetch(1): do not consider HTTP 5XX errors as soft failures

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=bf599c03f09dea0f7e188e002b42d782af6841c3

commit bf599c03f09dea0f7e188e002b42d782af6841c3
Author: Eugene Grosbein 
AuthorDate: 2022-01-24 07:35:49 +
Commit: Eugene Grosbein 
CommitDate: 2022-01-24 07:38:26 +

fetch(1): do not consider HTTP 5XX errors as soft failures

This change fixes "fetch -a" looping forever on "502 Bad gateway"
error and similar.

MFC after:  1 month
---
 usr.bin/fetch/fetch.c | 23 ---
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/usr.bin/fetch/fetch.c b/usr.bin/fetch/fetch.c
index 3e24707d6021..55209538e49b 100644
--- a/usr.bin/fetch/fetch.c
+++ b/usr.bin/fetch/fetch.c
@@ -425,7 +425,7 @@ query_auth(struct url *URL)
  * Fetch a file
  */
 static int
-fetch(char *URL, const char *path)
+fetch(char *URL, const char *path, int *is_http)
 {
struct url *url;
struct url_stat us;
@@ -475,6 +475,9 @@ fetch(char *URL, const char *path)
strcpy(url->scheme, SCHEME_HTTP);
}
 
+   /* for both of http and https */
+   *is_http = strncmp(url->scheme, SCHEME_HTTP, sizeof(SCHEME_HTTP)) == 0;
+
/* common flags */
switch (family) {
case PF_INET:
@@ -911,7 +914,7 @@ main(int argc, char *argv[])
struct sigaction sa;
const char *p, *s;
char *end, *q;
-   int c, e, r;
+   int c, e, is_http, r;
 
 
while ((c = getopt_long(argc, argv,
@@ -1176,16 +1179,16 @@ main(int argc, char *argv[])
 
if (o_flag) {
if (o_stdout) {
-   e = fetch(*argv, "-");
+   e = fetch(*argv, "-", &is_http);
} else if (o_directory) {
asprintf(&q, "%s/%s", o_filename, p);
-   e = fetch(*argv, q);
+   e = fetch(*argv, q, &is_http);
free(q);
} else {
-   e = fetch(*argv, o_filename);
+   e = fetch(*argv, o_filename, &is_http);
}
} else {
-   e = fetch(*argv, p);
+   e = fetch(*argv, p, &is_http);
}
 
if (sigint)
@@ -1201,7 +1204,13 @@ main(int argc, char *argv[])
&& fetchLastErrCode != FETCH_MOVED
&& fetchLastErrCode != FETCH_URL
&& fetchLastErrCode != FETCH_RESOLV
-   && fetchLastErrCode != FETCH_UNKNOWN)) {
+   && fetchLastErrCode != FETCH_UNKNOWN
+   && (is_http
+   && fetchLastErrCode != FETCH_PROTO
+   && fetchLastErrCode != FETCH_SERVER
+   && fetchLastErrCode != FETCH_TEMP
+   && fetchLastErrCode != FETCH_TIMEOUT
+   ))) {
if (w_secs && v_level)
fprintf(stderr, "Waiting %ld seconds "
"before retrying\n", w_secs);

git: 08a2504a207c - main - fetch(1): fix error in previous commit

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=08a2504a207c9302939bc0d1173fe44875e2a2e4

commit 08a2504a207c9302939bc0d1173fe44875e2a2e4
Author: Eugene Grosbein 
AuthorDate: 2022-01-24 08:07:18 +
Commit: Eugene Grosbein 
CommitDate: 2022-01-24 08:07:18 +

fetch(1): fix error in previous commit

strncmp() compares terminating zero and sizeof() includes it.
Un-obsfuscate the code and show what it is indended to do.
---
 usr.bin/fetch/fetch.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr.bin/fetch/fetch.c b/usr.bin/fetch/fetch.c
index 55209538e49b..65ba091e3334 100644
--- a/usr.bin/fetch/fetch.c
+++ b/usr.bin/fetch/fetch.c
@@ -476,7 +476,7 @@ fetch(char *URL, const char *path, int *is_http)
}
 
/* for both of http and https */
-   *is_http = strncmp(url->scheme, SCHEME_HTTP, sizeof(SCHEME_HTTP)) == 0;
+   *is_http = strncmp(url->scheme, "http", 4) == 0;
 
/* common flags */
switch (family) {

git: 85f15576b423 - main - fetch(1): more fixes for soft failure handling

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=85f15576b423b9ad5b8a9e6dab3e71558ebe4335

commit 85f15576b423b9ad5b8a9e6dab3e71558ebe4335
Author: Eugene Grosbein 
AuthorDate: 2022-01-25 05:46:07 +
Commit: Eugene Grosbein 
CommitDate: 2022-01-25 05:48:28 +

fetch(1): more fixes for soft failure handling

Fix logic error introduced in my commit
bf599c03f09dea0f7e188e002b42d782af6841c3

Also, authorization errors should not be considered as soft failures.
---
 usr.bin/fetch/fetch.c | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/usr.bin/fetch/fetch.c b/usr.bin/fetch/fetch.c
index 65ba091e3334..73ee96541859 100644
--- a/usr.bin/fetch/fetch.c
+++ b/usr.bin/fetch/fetch.c
@@ -1200,17 +1200,18 @@ main(int argc, char *argv[])
if (e) {
r = 1;
if ((fetchLastErrCode
+   && fetchLastErrCode != FETCH_AUTH
&& fetchLastErrCode != FETCH_UNAVAIL
&& fetchLastErrCode != FETCH_MOVED
&& fetchLastErrCode != FETCH_URL
&& fetchLastErrCode != FETCH_RESOLV
&& fetchLastErrCode != FETCH_UNKNOWN
-   && (is_http
-   && fetchLastErrCode != FETCH_PROTO
+   && (!is_http || (
+  fetchLastErrCode != FETCH_PROTO
&& fetchLastErrCode != FETCH_SERVER
&& fetchLastErrCode != FETCH_TEMP
&& fetchLastErrCode != FETCH_TIMEOUT
-   ))) {
+    {
if (w_secs && v_level)
fprintf(stderr, "Waiting %ld seconds "
"before retrying\n", w_secs);

Re: git: c068632981eb - main - Add ggated rc script

[Eugene Grosbein]

28.02.2022 23:41, Alan Somers wrote:

> You're right, I don't think it's necessary.  Do you want me to remove it?

Yes, please. We do not want to confuse users.

git: f5a2e7b0e848 - main - linuxkpi: fix module build outside of kernel build environment

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=f5a2e7b0e8483bf51519046fd149a6a31acef6b1

commit f5a2e7b0e8483bf51519046fd149a6a31acef6b1
Author: Eugene Grosbein 
AuthorDate: 2022-03-10 21:31:23 +
Commit: Eugene Grosbein 
CommitDate: 2022-03-10 21:31:23 +

linuxkpi: fix module build outside of kernel build environment

MFC after:  3 days
---
 sys/modules/linuxkpi/Makefile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sys/modules/linuxkpi/Makefile b/sys/modules/linuxkpi/Makefile
index 6a256bf1f8e1..935584e39376 100644
--- a/sys/modules/linuxkpi/Makefile
+++ b/sys/modules/linuxkpi/Makefile
@@ -38,6 +38,7 @@ SRCS= linux_compat.c \
 SRCS+= opt_acpi.h acpi_if.h linux_acpi.c
 .endif
 
+SRCS+= opt_ddb.h
 SRCS+= ${LINUXKPI_GENSRCS}
 
 CFLAGS+= -I${SRCTOP}/sys/compat/linuxkpi/common/include

git: 20634f026179 - main - if_qlxge: fix stand-alone module build

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=20634f026179ac73d4ea780138789195e335f275

commit 20634f026179ac73d4ea780138789195e335f275
Author: Eugene Grosbein 
AuthorDate: 2022-06-05 18:05:02 +
Commit: Eugene Grosbein 
CommitDate: 2022-06-05 18:05:02 +

if_qlxge: fix stand-alone module build

Fix module build outside of kernel build environment.

MFC after:  3 days
---
 sys/modules/qlxge/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/modules/qlxge/Makefile b/sys/modules/qlxge/Makefile
index 54351b68cb3e..8956f6ed93fd 100644
--- a/sys/modules/qlxge/Makefile
+++ b/sys/modules/qlxge/Makefile
@@ -37,7 +37,7 @@
 KMOD=if_qlxge
 SRCS=qls_os.c qls_dbg.c qls_hw.c qls_isr.c qls_dump.c
 SRCS+=qls_ioctl.c
-SRCS+= device_if.h bus_if.h pci_if.h
+SRCS+= device_if.h bus_if.h pci_if.h opt_inet.h
 
 CFLAGS += -DQL_DBG
 

git: 32467e47b7b7 - main - if_glxgbe: fix stand-alone module build

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=32467e47b7b7d224ca51889bbb9233af0462d87f

commit 32467e47b7b7d224ca51889bbb9233af0462d87f
Author: Eugene Grosbein 
AuthorDate: 2022-06-05 17:59:46 +
Commit: Eugene Grosbein 
CommitDate: 2022-06-05 17:59:46 +

if_glxgbe: fix stand-alone module build

Fix module build outside of kernel build environment.

MFC after:  3 days
---
 sys/modules/qlxgbe/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/modules/qlxgbe/Makefile b/sys/modules/qlxgbe/Makefile
index 81402e4f5a82..3a83bd967082 100644
--- a/sys/modules/qlxgbe/Makefile
+++ b/sys/modules/qlxgbe/Makefile
@@ -42,7 +42,7 @@ SRCS+= ql_fw.c
 SRCS+= ql_boot.c
 SRCS+= ql_minidump.c
 
-SRCS+= device_if.h bus_if.h pci_if.h
+SRCS+= device_if.h bus_if.h pci_if.h opt_inet.h
 
 CFLAGS += -DQLA_LOCK_NO_SLEEP=1
 #CFLAGS += -DQL_DBG -g

git: 966e279052f3 - main - if_glxgb: fix stand-alone module build

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=966e279052f33b1665480e0327c177013cb8205a

commit 966e279052f33b1665480e0327c177013cb8205a
Author: Eugene Grosbein 
AuthorDate: 2022-06-05 17:54:50 +
Commit: Eugene Grosbein 
CommitDate: 2022-06-05 17:58:40 +

if_glxgb: fix stand-alone module build

Fix module build outside of kernel build environment.

MFC after:  3 days
---
 sys/modules/qlxgb/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/modules/qlxgb/Makefile b/sys/modules/qlxgb/Makefile
index cb53184d3154..49a7779d9054 100644
--- a/sys/modules/qlxgb/Makefile
+++ b/sys/modules/qlxgb/Makefile
@@ -33,6 +33,6 @@
 
 KMOD=  if_qlxgb
 SRCS=  qla_os.c qla_dbg.c qla_hw.c qla_misc.c qla_isr.c qla_ioctl.c
-SRCS+= device_if.h bus_if.h pci_if.h
+SRCS+= device_if.h bus_if.h pci_if.h opt_inet.h
 
 .include 

git: 796d48ec4168 - main - ftpd(8): do not refer to now unused libxo(3)

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=796d48ec416863ab2826a1205365710635244023

commit 796d48ec416863ab2826a1205365710635244023
Author: Eugene Grosbein 
AuthorDate: 2022-06-10 14:03:07 +
Commit: Eugene Grosbein 
CommitDate: 2022-06-10 14:09:20 +

ftpd(8): do not refer to now unused libxo(3)

In 2018, the commit r328100 (0fdf7fa846b1a1b1679e86812a1b08b8cb623604)
removed libxo(3) support from ls(1), so ftpd has no reasons to link
with libxo since then.

ls(1) does not depend on libxo in both of stable/12 and stable/13.

MFC after:  2 weeks
---
 libexec/ftpd/Makefile| 2 +-
 libexec/ftpd/Makefile.depend | 1 -
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/libexec/ftpd/Makefile b/libexec/ftpd/Makefile
index 4d38261b9318..533022c5a033 100644
--- a/libexec/ftpd/Makefile
+++ b/libexec/ftpd/Makefile
@@ -16,7 +16,7 @@ YFLAGS=
 WARNS?=2
 WFORMAT=0
 
-LIBADD=crypt xo util
+LIBADD=crypt util
 
 # XXX Kluge! Conversation mechanism needs to be fixed.
 LIBADD+=   opie md
diff --git a/libexec/ftpd/Makefile.depend b/libexec/ftpd/Makefile.depend
index 47871a6b9cf7..148254e533cb 100644
--- a/libexec/ftpd/Makefile.depend
+++ b/libexec/ftpd/Makefile.depend
@@ -13,7 +13,6 @@ DIRDEPS = \
lib/libopie \
lib/libthr \
lib/libutil \
-   lib/libxo \
lib/msun \
usr.bin/yacc.host \
 

git: 048ce0876f54 - main - adjkerntz(8): detect extra jailed invokation to keep logs clean

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=048ce0876f5421f70a6d348479bdeacdd8472bed

commit 048ce0876f5421f70a6d348479bdeacdd8472bed
Author: Eugene Grosbein 
AuthorDate: 2022-06-21 18:29:08 +
Commit: Eugene Grosbein 
CommitDate: 2022-06-21 18:32:54 +

adjkerntz(8):   detect extra jailed invokation to keep logs clean

It may happen that "adjkerntz -a" called from jailed root crontab.
In that case it spams logs with a line:

sysctl(set: "machdep.wall_cmos_clock"): Operation not permitted

Be silent in that case.

MFC after:  1 month
---
 sbin/adjkerntz/adjkerntz.c | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/sbin/adjkerntz/adjkerntz.c b/sbin/adjkerntz/adjkerntz.c
index e6cadcf7f189..2fde545ebf32 100644
--- a/sbin/adjkerntz/adjkerntz.c
+++ b/sbin/adjkerntz/adjkerntz.c
@@ -46,6 +46,7 @@ __FBSDID("$FreeBSD$");
  * with Garrett Wollman and Bruce Evans fixes.
  *
  */
+#include 
 #include 
 #include 
 #include 
@@ -159,6 +160,12 @@ again:
 
len = sizeof(kern_offset);
if (sysctlbyname("machdep.adjkerntz", &kern_offset, &len, NULL, 0) == 
-1) {
+   if (errno == EPERM && !init && geteuid() == 0)
+   /*
+* Surplus call from jailed root crontab.
+* Avoid spamming logs.
+*/
+   return 1;
syslog(LOG_ERR, "sysctl(\"machdep.adjkerntz\"): %m");
return 1;
}

git: 95144583f70b - main - adjkerntz(8): revert "detect extra jailed invokation to keep logs clean"

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=95144583f70b91c33270c3eee7d682e39e210cae

commit 95144583f70b91c33270c3eee7d682e39e210cae
Author: Eugene Grosbein 
AuthorDate: 2022-06-23 14:46:08 +
Commit: Eugene Grosbein 
CommitDate: 2022-06-23 14:46:08 +

adjkerntz(8): revert "detect extra jailed invokation to keep logs clean"

This reverts commit 048ce0876f5421f70a6d348479bdeacdd8472bed
due to bugs. Reworked change will be committed later hopefully.
---
 sbin/adjkerntz/adjkerntz.c | 7 ---
 1 file changed, 7 deletions(-)

diff --git a/sbin/adjkerntz/adjkerntz.c b/sbin/adjkerntz/adjkerntz.c
index 2fde545ebf32..e6cadcf7f189 100644
--- a/sbin/adjkerntz/adjkerntz.c
+++ b/sbin/adjkerntz/adjkerntz.c
@@ -46,7 +46,6 @@ __FBSDID("$FreeBSD$");
  * with Garrett Wollman and Bruce Evans fixes.
  *
  */
-#include 
 #include 
 #include 
 #include 
@@ -160,12 +159,6 @@ again:
 
len = sizeof(kern_offset);
if (sysctlbyname("machdep.adjkerntz", &kern_offset, &len, NULL, 0) == 
-1) {
-   if (errno == EPERM && !init && geteuid() == 0)
-   /*
-* Surplus call from jailed root crontab.
-* Avoid spamming logs.
-*/
-   return 1;
syslog(LOG_ERR, "sysctl(\"machdep.adjkerntz\"): %m");
return 1;
}

Re: git: d80d73493767 - main - arp(8): use getifaddrs(3) instead of ioctl(SIOCGIFCONF)

[Eugene Grosbein]

05.07.2022 10:56, Gleb Smirnoff wrote:

> The branch main has been updated by glebius:
> 
> URL: 
> https://cgit.FreeBSD.org/src/commit/?id=d80d73493767111b7569e831a93061014c682274
> 
> commit d80d73493767111b7569e831a93061014c682274
> Author: KUROSAWA Takahiro 
> AuthorDate: 2022-07-05 03:56:29 +
> Commit: Gleb Smirnoff 
> CommitDate: 2022-07-05 03:56:29 +
> 
> arp(8): use getifaddrs(3) instead of ioctl(SIOCGIFCONF)
> 
> The original code had used a fixed-size buffer for ioctl(SIOCGIFCONF),
> that might cause the target ifreq spilled from the buffer.  Use the handy
> getifaddrs(3) to fix the problem.
> 
> Reviewed by:glebius
> Differential revision:  https://reviews.freebsd.org/D35536

I have some production systems that suffered from this problem in the past.
I used local dirty hacks to work-around the problem.

Thank you very much for the fix.
Please consider merge to stable branches.

git: 3c9ad9398fcd - main - ifconfig.8: cleanup reminiscence about long gone ppp(4)

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=3c9ad9398fcdf5f49114fde978b7c837b7ebbc8d

commit 3c9ad9398fcdf5f49114fde978b7c837b7ebbc8d
Author: Eugene Grosbein 
AuthorDate: 2022-07-11 04:53:54 +
Commit: Eugene Grosbein 
CommitDate: 2022-07-11 04:53:54 +

ifconfig.8: cleanup reminiscence about long gone ppp(4)

Replace ppp(4) removed since FreeBSD 8.0-RELEASE with vlan(4).
While here, remove commented out reference to non-existing "egress"
interface group hiding since initial import of interface groups
from OpenBSD in 2006.
---
 sbin/ifconfig/ifconfig.8 | 13 +
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8
index 6cbe30748a13..f95607b77cf2 100644
--- a/sbin/ifconfig/ifconfig.8
+++ b/sbin/ifconfig/ifconfig.8
@@ -28,7 +28,7 @@
 .\" From: @(#)ifconfig.8   8.3 (Berkeley) 1/5/94
 .\" $FreeBSD$
 .\"
-.Dd June 24, 2022
+.Dd July 11, 2022
 .Dt IFCONFIG 8
 .Os
 .Sh NAME
@@ -487,13 +487,10 @@ Assign the interface to a
 Any interface can be in multiple groups.
 .Pp
 Cloned interfaces are members of their interface family group by default.
-For example, a PPP interface such as
-.Em ppp0
-is a member of the PPP interface family group,
-.Em ppp .
-.\" The interface(s) the default route(s) point to are members of the
-.\" .Em egress
-.\" interface group.
+For example, a VLAN interface such as
+.Em vlan10
+is a member of the VLAN interface family group,
+.Em vlan .
 .It Cm -group Ar groupname
 Remove the interface from the given
 .Dq group .

Re: git: 6452fb1e87ed - main - protect.1: Document that protect(1) does not work in jails

[Eugene Grosbein]

12.07.2022 5:49, Mateusz Piotrowski wrote:

> The branch main has been updated by 0mp (doc, ports committer):
> 
> URL: 
> https://cgit.FreeBSD.org/src/commit/?id=6452fb1e87ed9d00b52fa1e63e7c3a7516c9586c
> 
> commit 6452fb1e87ed9d00b52fa1e63e7c3a7516c9586c
> Author: Mateusz Piotrowski <0...@freebsd.org>
> AuthorDate: 2022-07-11 22:43:27 +
> Commit: Mateusz Piotrowski <0...@freebsd.org>
> CommitDate: 2022-07-11 22:47:58 +
> 
> protect.1: Document that protect(1) does not work in jails
> 
> The reason is that in order to protect a process procctl(2) needs
> the PRIV_VM_MADV_PROTECT privilege, which is currently denied in jails
> (see kern_jail.c).
> 
> MFC after:  1 week
> ---
>  usr.bin/protect/protect.1 | 20 +++-
>  1 file changed, 19 insertions(+), 1 deletion(-)
> 
> diff --git a/usr.bin/protect/protect.1 b/usr.bin/protect/protect.1
> index 87a8169b1885..f67a8d9b59ea 100644
> --- a/usr.bin/protect/protect.1
> +++ b/usr.bin/protect/protect.1
> @@ -25,7 +25,7 @@
>  .\"
>  .\" $FreeBSD$
>  .\"
> -.Dd July 7, 2022
> +.Dd July 12, 2022
>  .Dt PROTECT 1
>  .Os
>  .Sh NAME
> @@ -112,6 +112,24 @@ bit is set to 1.
>  All children of this process will also be protected if
>  .Nm PI
>  bit is set to 1.
> +.Sh DIAGNOSTICS
> +.Bl -diag
> +.It "protect: procctl: Operation not permitted"
> +The
> +.Nm
> +command does not have the required permissions to protect selected processes.
> +There are many reasons why this could be the case, e.g.:
> +.Bl -dash
> +.It
> +.Nm
> +is not executed by root.
> +.It
> +.Nm
> +is executed inside a
> +.Xr jail 8 ,
> +which is not supported at the moment.
> +.El
> +.El
>  .Sh SEE ALSO
>  .Xr ps 1 ,
>  .Xr procctl 2 ,
> 
> 

Does it mean that syslogd_oomprotect="YES" in /etc/defaults/rc.conf is 
inappropriate for full-blown jail
and results in failure of syslogd startup in such jail with defaults?

git: 6d9d4b2da822 - main - ipmi(4): spelling fix cyle_wait -> cycle_wait

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=6d9d4b2da822bc1c1c729b79ab3fe30c96c4c094

commit 6d9d4b2da822bc1c1c729b79ab3fe30c96c4c094
Author: Eugene Grosbein 
AuthorDate: 2022-07-20 11:32:24 +
Commit: Eugene Grosbein 
CommitDate: 2022-07-20 11:32:24 +

ipmi(4): spelling fix cyle_wait -> cycle_wait

There are no consumers of hw.ipmi.cyle_wait in our tree.
Also the knob is undocumented, so it should be safe to fix its name.
No MFC planned, though.
---
 sys/dev/ipmi/ipmi.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/dev/ipmi/ipmi.c b/sys/dev/ipmi/ipmi.c
index fd264dfc4c27..d79690d55c68 100644
--- a/sys/dev/ipmi/ipmi.c
+++ b/sys/dev/ipmi/ipmi.c
@@ -110,7 +110,7 @@ SYSCTL_INT(_hw_ipmi, OID_AUTO, wd_startup_countdown, 
CTLFLAG_RDTUN,
 SYSCTL_INT(_hw_ipmi, OID_AUTO, wd_pretimeout_countdown, CTLFLAG_RWTUN,
&wd_pretimeout_countdown, 0,
"IPMI watchdog pre-timeout countdown (seconds)");
-SYSCTL_INT(_hw_ipmi, OID_AUTO, cyle_wait, CTLFLAG_RWTUN,
+SYSCTL_INT(_hw_ipmi, OID_AUTO, cycle_wait, CTLFLAG_RWTUN,
&cycle_wait, 0,
"IPMI power cycle on reboot delay time (seconds)");
 
@@ -794,7 +794,7 @@ ipmi_power_cycle(void *arg, int howto)
}
 
/*
-* BMCs are notoriously slow, give it cyle_wait seconds for the power
+* BMCs are notoriously slow, give it cycle_wait seconds for the power
 * down leg of the power cycle. If that fails, fallback to the next
 * hanlder in the shutdown_final chain and/or the platform failsafe.
 */

git: 26a329f49fb4 - main - find.1: explain why "find -s" may differ from "find | sort"

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=26a329f49fb4537d598e93f16054fd9e16f7e677

commit 26a329f49fb4537d598e93f16054fd9e16f7e677
Author: Eugene Grosbein 
AuthorDate: 2022-07-22 11:39:47 +
Commit: Eugene Grosbein 
CommitDate: 2022-07-22 11:39:47 +

find.1: explain why "find -s" may differ from "find | sort"

In short, that's because a directory name may end
with a character that goes before slash (/).

MFC after:  1 week
---
 usr.bin/find/find.1 | 22 +-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/usr.bin/find/find.1 b/usr.bin/find/find.1
index 72fe3c0bea06..9efb8908ee63 100644
--- a/usr.bin/find/find.1
+++ b/usr.bin/find/find.1
@@ -31,7 +31,7 @@
 .\"@(#)find.1  8.7 (Berkeley) 5/9/95
 .\" $FreeBSD$
 .\"
-.Dd November 8, 2021
+.Dd July 22, 2022
 .Dt FIND 1
 .Os
 .Sh NAME
@@ -158,6 +158,26 @@ Note:
 and
 .Ql "find | sort"
 may give different results.
+.Pp
+For example,
+.Ql find -s
+puts a directory
+.Ql Ar foo
+with all its contents before a directory
+.Ql Ar foo.
+but
+.Ql "find | sort"
+puts the directory name
+.Ql Ar foo.
+before any string like
+.Ql Ar foo/bar
+because
+.Ql .\&
+goes before
+.Ql /
+in ASCII. In locales other than
+.Ar C
+results may vary more due to collate differences.
 .It Fl x
 Prevent
 .Nm

git: d6054ee652a5 - main - find.1: small language fix after previous change

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=d6054ee652a56466277f87bb4bcb757105393c8c

commit d6054ee652a56466277f87bb4bcb757105393c8c
Author: Eugene Grosbein 
AuthorDate: 2022-07-22 11:46:38 +
Commit: Eugene Grosbein 
CommitDate: 2022-07-22 11:46:38 +

find.1: small language fix after previous change

collate -> collation
---
 usr.bin/find/find.1 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr.bin/find/find.1 b/usr.bin/find/find.1
index 9efb8908ee63..892492c7b96b 100644
--- a/usr.bin/find/find.1
+++ b/usr.bin/find/find.1
@@ -177,7 +177,7 @@ goes before
 .Ql /
 in ASCII. In locales other than
 .Ar C
-results may vary more due to collate differences.
+results may vary more due to collation differences.
 .It Fl x
 Prevent
 .Nm

git: 20e1f207cc78 - main - ng_ipfw: allow use of 32 bits wide cookies

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=20e1f207cc789a28783344614d6d1d1c639c5797

commit 20e1f207cc789a28783344614d6d1d1c639c5797
Author: Eugene Grosbein 
AuthorDate: 2023-11-14 09:36:08 +
Commit: Eugene Grosbein 
CommitDate: 2023-11-14 09:36:08 +

ng_ipfw: allow use of 32 bits wide cookies

There is no reason in truncating 32 bits cookie value to 16 bits.

Reviewed by:glebius
MFC after:  2 weeks
---
 sys/netgraph/ng_ipfw.c | 18 +-
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/sys/netgraph/ng_ipfw.c b/sys/netgraph/ng_ipfw.c
index b660a825c814..01592a4bbb7d 100644
--- a/sys/netgraph/ng_ipfw.c
+++ b/sys/netgraph/ng_ipfw.c
@@ -69,7 +69,7 @@ static ng_findhook_t  ng_ipfw_findhook;
 static ng_rcvdata_tng_ipfw_rcvdata;
 static ng_disconnect_t ng_ipfw_disconnect;
 
-static hook_p  ng_ipfw_findhook1(node_p, u_int16_t );
+static hook_p  ng_ipfw_findhook1(node_p, uint32_t );
 static int ng_ipfw_input(struct mbuf **, struct ip_fw_args *, bool);
 
 /* We have only one node */
@@ -94,7 +94,7 @@ MODULE_DEPEND(ng_ipfw, ipfw, 3, 3, 3);
 /* Information we store for each hook */
 struct ng_ipfw_hook_priv {
 hook_p hook;
-   u_int16_t   rulenum;
+   uint32_tcookie;
 };
 typedef struct ng_ipfw_hook_priv *hpriv_p;
 
@@ -152,7 +152,7 @@ static int
 ng_ipfw_newhook(node_p node, hook_p hook, const char *name)
 {
hpriv_p hpriv;
-   u_int16_t rulenum;
+   uint32_t cookie;
const char *cp;
char *endptr;
 
@@ -166,7 +166,7 @@ ng_ipfw_newhook(node_p node, hook_p hook, const char *name)
return (EINVAL);
 
/* Convert it to integer */
-   rulenum = (u_int16_t)strtol(name, &endptr, 10);
+   cookie = (uint32_t)strtoul(name, &endptr, 10);
if (*endptr != '\0')
return (EINVAL);
 
@@ -176,7 +176,7 @@ ng_ipfw_newhook(node_p node, hook_p hook, const char *name)
return (ENOMEM);
 
hpriv->hook = hook;
-   hpriv->rulenum = rulenum;
+   hpriv->cookie = cookie;
 
NG_HOOK_SET_PRIVATE(hook, hpriv);
 
@@ -198,10 +198,10 @@ ng_ipfw_connect(hook_p hook)
 static hook_p
 ng_ipfw_findhook(node_p node, const char *name)
 {
-   u_int16_t n;/* numeric representation of hook */
+   uint32_t n; /* numeric representation of hook */
char *endptr;
 
-   n = (u_int16_t)strtol(name, &endptr, 10);
+   n = (uint32_t)strtoul(name, &endptr, 10);
if (*endptr != '\0')
return NULL;
return ng_ipfw_findhook1(node, n);
@@ -209,14 +209,14 @@ ng_ipfw_findhook(node_p node, const char *name)
 
 /* Look up hook by rule number */
 static hook_p
-ng_ipfw_findhook1(node_p node, u_int16_t rulenum)
+ng_ipfw_findhook1(node_p node, uint32_t cookie)
 {
hook_p  hook;
hpriv_p hpriv;
 
LIST_FOREACH(hook, &node->nd_hooks, hk_hooks) {
hpriv = NG_HOOK_PRIVATE(hook);
-   if (NG_HOOK_IS_VALID(hook) && (hpriv->rulenum == rulenum))
+   if (NG_HOOK_IS_VALID(hook) && (hpriv->cookie == cookie))
 return (hook);
}
 

git: 970d73856b62 - main - usbdevs: add quirk for WD MyPassport Ultra External HDD

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=970d73856b626a68597de19d37b68c376e2c0491

commit 970d73856b626a68597de19d37b68c376e2c0491
Author: Eugene Grosbein 
AuthorDate: 2023-12-03 16:48:34 +
Commit: Eugene Grosbein 
CommitDate: 2023-12-03 16:50:40 +

usbdevs: add quirk for WD MyPassport Ultra External HDD

WD MyPassport Ultra External HDD needs quirk
UQ_MSC_NO_TEST_UNIT_READY to attach.

MFC after:  3 days
---
 sys/dev/usb/quirk/usb_quirk.c | 1 +
 sys/dev/usb/usbdevs   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/sys/dev/usb/quirk/usb_quirk.c b/sys/dev/usb/quirk/usb_quirk.c
index 98515be2a06d..a0a7b3fc75a5 100644
--- a/sys/dev/usb/quirk/usb_quirk.c
+++ b/sys/dev/usb/quirk/usb_quirk.c
@@ -558,6 +558,7 @@ static struct usb_quirk_entry 
usb_quirks[USB_DEV_QUIRKS_MAX] = {
USB_QUIRK(WESTERN, MYPASSPORTES_07, 0x, 0x, 
UQ_MSC_NO_SYNC_CACHE),
USB_QUIRK(WESTERN, MYPASSPORTES_08, 0x, 0x, 
UQ_MSC_NO_SYNC_CACHE),
USB_QUIRK(WESTERN, MYPASSPORTES_09, 0x, 0x, 
UQ_MSC_NO_SYNC_CACHE),
+   USB_QUIRK(WESTERN, MYPASSPORTUL_00, 0x, 0x, 
UQ_MSC_NO_TEST_UNIT_READY),
USB_QUIRK(WINMAXGROUP, FLASH64MC, 0x, 0x, UQ_MSC_FORCE_WIRE_BBB,
UQ_MSC_FORCE_PROTO_SCSI, UQ_MSC_NO_INQUIRY),
USB_QUIRK(YANO, FW800HD, 0x, 0x, UQ_MSC_FORCE_WIRE_BBB,
diff --git a/sys/dev/usb/usbdevs b/sys/dev/usb/usbdevs
index 6543f0cbaa29..221761af4fe7 100644
--- a/sys/dev/usb/usbdevs
+++ b/sys/dev/usb/usbdevs
@@ -4944,6 +4944,7 @@ product WESTERN MYPASSPORTES_06   0x0750  MyPassport 
Essential External HDD
 product WESTERN MYPASSPORTES_070x0752  MyPassport Essential External 
HDD
 product WESTERN MYPASSPORTES_080x07A0  MyPassport Essential External 
HDD
 product WESTERN MYPASSPORTES_090x07A2  MyPassport Essential External 
HDD
+product WESTERN MYPASSPORTUL_000x0743  MyPassport Ultra External HDD
 
 /* WeTelecom products */
 product WETELECOM WM_D200  0x6801  WM-D200

git: 79a96e294c1a - main - motd: unbreak for source upgrade

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=79a96e294c1acb4a2d17447a35f08647a6d09978

commit 79a96e294c1acb4a2d17447a35f08647a6d09978
Author: Eugene Grosbein 
AuthorDate: 2023-06-19 07:49:35 +
Commit: Eugene Grosbein 
CommitDate: 2023-06-19 07:49:35 +

motd: unbreak for source upgrade

In case of source upgrade path from 12.x proper merge of new /etc
installs /etc/motd.template. Becase of that, the system in left
without symlink /etc/motd -> /var/run/motd but with stale /etc/motd 
contents.

Fix it creating symlink despite of presence of /etc/motd.template.

MFC after:  1 week
---
 libexec/rc/rc.d/motd | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/libexec/rc/rc.d/motd b/libexec/rc/rc.d/motd
index e27cf273741d..da050882c367 100755
--- a/libexec/rc/rc.d/motd
+++ b/libexec/rc/rc.d/motd
@@ -38,10 +38,10 @@ motd_start()
# Otherwise, create an empty template file.
install -c -o root -g wheel -m ${PERMS} /dev/null 
"${TEMPLATE}"
fi
-   # Provide compatibility symlink:
-   if [ ! -h "${COMPAT_MOTD}" ]; then
-   ln -sF "${TARGET}" "${COMPAT_MOTD}"
-   fi
+   fi
+   # Provide compatibility symlink:
+   if [ ! -h "${COMPAT_MOTD}" ]; then
+   ln -sF "${TARGET}" "${COMPAT_MOTD}"
fi
 
T=`mktemp -t motd`

git: ccc806a04938 - main - dumpdev: respect kenv for stable branches

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=ccc806a049383e5611b3752e6f384cf03a208039

commit ccc806a049383e5611b3752e6f384cf03a208039
Author: Eugene Grosbein 
AuthorDate: 2023-07-02 07:54:57 +
Commit: Eugene Grosbein 
CommitDate: 2023-07-02 07:54:57 +

dumpdev: respect kenv for stable branches

We have somewhat twisted logic to determine actions for dumpdev
considering three sources of information:

* kenv "dumpdev" tunnable supposed to point to specific device;
* /etc/defaults/rc.conf "dumpdev" variable;
* /etc/rc.conf that may be unset or set to "NO", "AUTO" or device name.

For CURRENT without any setting in kenv or /etc/rc.conf
the default is "AUTO". For STABLE branches the default is "NO".

Current implementation breaks for STABLE branches if kenv points
to specific device but /etc/rc.conf does not set "dumpdev" at all.

Let us fix it commenting out "dumpdev" in /etc/defaults/rc.conf
for STABLE branches and making the code to consult kenv
if "dumpdev" is not set elsewhere.

MFC-after:  1 month
---
 libexec/rc/rc.conf   | 4 +++-
 libexec/rc/rc.d/dumpon   | 9 ++---
 libexec/rc/rc.d/savecore | 4 ++--
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/libexec/rc/rc.conf b/libexec/rc/rc.conf
index 06fda945e86e..8884fab7e016 100644
--- a/libexec/rc/rc.conf
+++ b/libexec/rc/rc.conf
@@ -643,7 +643,9 @@ lpd_flags=""# Flags to lpd (if enabled).
 nscd_enable="NO"   # Run the nsswitch caching daemon.
 chkprintcap_enable="NO"# Run chkprintcap(8) before running lpd.
 chkprintcap_flags="-d" # Create missing directories by default.
-dumpdev="AUTO" # Device to crashdump to (device name, AUTO, or NO).
+dumpdev="AUTO" # Device to crashdump to (device name, AUTO, or NO);
+   # this should be commented out here
+   # for stable branches to respect kenv.
 dumpon_flags=""# Options to pass to dumpon(8), followed by 
dumpdev.
 dumpdir="/var/crash"   # Directory where crash dumps are to be stored
 savecore_enable="YES"  # Extract core from dump devices if any
diff --git a/libexec/rc/rc.d/dumpon b/libexec/rc/rc.d/dumpon
index 6ca335b73842..ed43c4a24762 100755
--- a/libexec/rc/rc.d/dumpon
+++ b/libexec/rc/rc.d/dumpon
@@ -52,15 +52,18 @@ dumpon_start()
# early so a crash early in the boot process can be caught.
#
case ${dumpdev} in
-   [Nn][Oo] | '')
+   [Nn][Oo])
;;
-   [Aa][Uu][Tt][Oo])
+   [Aa][Uu][Tt][Oo] | '')
root_hold_wait
dev=$(/bin/kenv -q dumpdev)
if [ -n "${dev}" ] ; then
dumpon_try "${dev}"
return $?
fi
+   if [ -z ${dumpdev} ] ; then
+   return
+   fi
while read dev mp type more ; do
[ "${type}" = "swap" ] || continue
case ${dev} in
@@ -85,7 +88,7 @@ dumpon_start()
 dumpon_stop()
 {
case ${dumpdev} in
-   [Nn][Oo] | '')
+   [Nn][Oo])
;;
*)
rm -f /dev/dumpdev
diff --git a/libexec/rc/rc.d/savecore b/libexec/rc/rc.d/savecore
index 5d8204a1e805..e7186699a176 100755
--- a/libexec/rc/rc.d/savecore
+++ b/libexec/rc/rc.d/savecore
@@ -20,11 +20,11 @@ savecore_prestart()
 {
# Quit if we have no dump device
case ${dumpdev} in
-   [Nn][Oo] | '')
+   [Nn][Oo])
debug 'No dump device. Quitting.'
return 1
;;
-   [Aa][Uu][Tt][Oo])
+   [Aa][Uu][Tt][Oo] | '')
if [ ! -L /dev/dumpdev ]; then
return 1
fi

git: 5aee3e14d491 - main - syslog.3: document ident[N] format

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=5aee3e14d4914c7c99bce80da17b3100cb1f4490

commit 5aee3e14d4914c7c99bce80da17b3100cb1f4490
Author: Eugene Grosbein 
AuthorDate: 2023-07-03 12:35:37 +
Commit: Eugene Grosbein 
CommitDate: 2023-07-03 12:46:40 +

syslog.3: document ident[N] format

When libc switched to generation of logs as per RFC 5424,
that change broke application ability to insert specific process id
using ident[N] format, the feature existed for decades.
Some processes rely on it (including logger and syslogd).

Later the regression was fixed but the feature remained undocumented.
This change documents it.

MFC after:  1 week
---
 lib/libc/gen/syslog.3   | 7 ++-
 usr.bin/logger/logger.1 | 8 +++-
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/lib/libc/gen/syslog.3 b/lib/libc/gen/syslog.3
index ce7dfdccf55e..1c1905e9 100644
--- a/lib/libc/gen/syslog.3
+++ b/lib/libc/gen/syslog.3
@@ -28,7 +28,7 @@
 .\" @(#)syslog.3   8.1 (Berkeley) 6/4/93
 .\" $FreeBSD$
 .\"
-.Dd May 13, 2021
+.Dd July 3, 2023
 .Dt SYSLOG 3
 .Os
 .Sh NAME
@@ -131,6 +131,11 @@ The
 .Fa ident
 argument
 is a string that will be prepended to every message.
+It may be formatted as
+.Fa ident[N]
+in which case decimal number
+.Fa N
+replaces the process id within messages.
 The
 .Fa logopt
 argument
diff --git a/usr.bin/logger/logger.1 b/usr.bin/logger/logger.1
index 9842ffc0af1c..a2774b9e3500 100644
--- a/usr.bin/logger/logger.1
+++ b/usr.bin/logger/logger.1
@@ -28,7 +28,7 @@
 .\"@(#)logger.18.1 (Berkeley) 6/6/93
 .\" $FreeBSD$
 .\"
-.Dd March 16, 2022
+.Dd July 3, 2023
 .Dt LOGGER 1
 .Os
 .Sh NAME
@@ -74,6 +74,8 @@ tries to send the message to all addresses.
 Log the process id of the logger process
 with each line.
 This flag is ignored and the process id is always logged.
+See also
+.Fl t .
 .It Fl s
 Log the message to standard error, as well as the system log.
 .It Fl f Ar file
@@ -153,6 +155,10 @@ and
 Mark every line in the log with the specified
 .Ar tag
 rather than the default of current login name.
+Use
+.Fl t Ar tag[N]
+to insert specific decimal process id instead of id of
+.Nm .
 .It Ar message
 Write the message to log; if not specified, and the
 .Fl f

git: 273a307d0b80 - main - tftpd: introduce new option -S

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=273a307d0b80743fb08e23237b3f74dc94a8fa2a

commit 273a307d0b80743fb08e23237b3f74dc94a8fa2a
Author: Eugene Grosbein 
AuthorDate: 2023-07-20 20:11:33 +
Commit: Eugene Grosbein 
CommitDate: 2023-07-20 20:23:35 +

tftpd: introduce new option -S

Historically, tftpd disallowed write requests to existing files
that are not publicly writable. Such requirement is questionable at least.
Let us make it possible to run tftpd in chrooted environment
keeping files non-world writable.

New option -S enables write requests to existing files
for chrooted run according to generic file permissions.
It is ignored unless tftpd runs chrooted.

MFC after:  1 month
Requested by:   marck
Differential:   https://reviews.freebsd.org/D41090 (based on)
---
 libexec/tftpd/tftpd.8 | 22 ++
 libexec/tftpd/tftpd.c | 14 +++---
 2 files changed, 29 insertions(+), 7 deletions(-)

diff --git a/libexec/tftpd/tftpd.8 b/libexec/tftpd/tftpd.8
index e4f5ab94a2fe..a984cdc32c94 100644
--- a/libexec/tftpd/tftpd.8
+++ b/libexec/tftpd/tftpd.8
@@ -28,7 +28,7 @@
 .\"@(#)tftpd.8 8.1 (Berkeley) 6/4/93
 .\" $FreeBSD$
 .\"
-.Dd March 2, 2020
+.Dd July 20, 2023
 .Dt TFTPD 8
 .Os
 .Sh NAME
@@ -72,7 +72,11 @@ Files containing the string
 or starting with
 .Dq Li "../"
 are not allowed.
-Files may be written only if they already exist and are publicly writable.
+Files may be written only if they already exist (unless the
+.Fl w
+option is used) and are publicly writable (unless chrooted and the
+.Fl S
+option is used).
 Note that this extends the concept of
 .Dq public
 to include
@@ -191,6 +195,12 @@ to change its root directory to
 After doing that but before accepting commands,
 .Nm
 will switch credentials to an unprivileged user.
+.It Fl S
+If
+.Nm
+runs chrooted, the option allows write requests according to generic
+file permissions, skipping requirement for files to be publicly writable.
+The option is ignored for non-chrooted run.
 .It Fl u Ar user
 Switch credentials to
 .Ar user
@@ -275,12 +285,16 @@ the
 .Fl c
 option was introduced in
 .Fx 4.3 ,
-and the
+the
 .Fl F
 and
 .Fl W
 options were introduced in
-.Fx 7.4 .
+.Fx 7.4 ,
+and the
+.Fl S
+option was introduced in
+.Fx 13.3 .
 .Pp
 Support for Timeout Interval and Transfer Size Options (RFC2349)
 was introduced in
diff --git a/libexec/tftpd/tftpd.c b/libexec/tftpd/tftpd.c
index b25e8b0c762f..9ae7575f3d23 100644
--- a/libexec/tftpd/tftpd.c
+++ b/libexec/tftpd/tftpd.c
@@ -100,6 +100,7 @@ static struct dirlist {
 static int suppress_naks;
 static int logging;
 static int ipchroot;
+static int check_woth = 1;
 static int create_new = 0;
 static const char *newfile_format = "%Y%m%d";
 static int increase_name = 0;
@@ -141,7 +142,7 @@ main(int argc, char *argv[])
acting_as_client = 0;
 
tftp_openlog("tftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
-   while ((ch = getopt(argc, argv, "cCd::F:lnoOp:s:u:U:wW")) != -1) {
+   while ((ch = getopt(argc, argv, "cCd::F:lnoOp:sS:u:U:wW")) != -1) {
switch (ch) {
case 'c':
ipchroot = 1;
@@ -181,6 +182,9 @@ main(int argc, char *argv[])
case 's':
chroot_dir = optarg;
break;
+   case 'S':
+   check_woth = -1;
+   break;
case 'u':
chuser = optarg;
break;
@@ -361,7 +365,11 @@ main(int argc, char *argv[])
tftp_log(LOG_ERR, "setuid failed");
exit(1);
}
+   if (check_woth == -1)
+   check_woth = 0;
}
+   if (check_woth == -1)
+   check_woth = 1;
 
len = sizeof(me_sock);
if (getsockname(0, (struct sockaddr *)&me_sock, &len) == 0) {
@@ -704,7 +712,7 @@ validate_access(int peer, char **filep, int mode)
if ((stbuf.st_mode & S_IROTH) == 0)
return (EACCESS);
} else {
-   if ((stbuf.st_mode & S_IWOTH) == 0)
+   if (check_woth && ((stbuf.st_mode & S_IWOTH) == 0))
return (EACCESS);
}
} else {
@@ -734,7 +742,7 @@ validate_access(int peer, char **filep, int mode)
if ((stbuf.st_mode & S_IROTH) != 0)
break;
} else {
-   if ((stbuf.st_mode & S_IWOTH) !=

git: 03c2616dc530 - main - tftpd: unbreak getopt()

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=03c2616dc530e5b23f06f9aa421012154590e578

commit 03c2616dc530e5b23f06f9aa421012154590e578
Author: Eugene Grosbein 
AuthorDate: 2023-07-20 20:26:32 +
Commit: Eugene Grosbein 
CommitDate: 2023-07-20 20:26:32 +

tftpd: unbreak getopt()

Unbreak getopt() broken by recent commit.

Fixes:  273a307d0b80743fb08e23237b3f74dc94a8fa2a
MFC after:  1 month
---
 libexec/tftpd/tftpd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libexec/tftpd/tftpd.c b/libexec/tftpd/tftpd.c
index 9ae7575f3d23..1c04cd113932 100644
--- a/libexec/tftpd/tftpd.c
+++ b/libexec/tftpd/tftpd.c
@@ -142,7 +142,7 @@ main(int argc, char *argv[])
acting_as_client = 0;
 
tftp_openlog("tftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
-   while ((ch = getopt(argc, argv, "cCd::F:lnoOp:sS:u:U:wW")) != -1) {
+   while ((ch = getopt(argc, argv, "cCd::F:lnoOp:s:Su:U:wW")) != -1) {
switch (ch) {
case 'c':
ipchroot = 1;

git: 872e89405684 - main - unbreak BEGEMOT-LM75-MIB.txt

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=872e89405684eac984e9004bdfeeb540e818ed74

commit 872e89405684eac984e9004bdfeeb540e818ed74
Author: Eugene Grosbein 
AuthorDate: 2023-08-31 02:47:57 +
Commit: Eugene Grosbein 
CommitDate: 2023-08-31 02:47:57 +

unbreak BEGEMOT-LM75-MIB.txt

The MIB has several bugs making it unusable. Fix it.

Reported-by:Eugene M. Zheganin 
MFC-after:  2 weeks
---
 usr.sbin/bsnmpd/modules/snmp_lm75/BEGEMOT-LM75-MIB.txt | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/usr.sbin/bsnmpd/modules/snmp_lm75/BEGEMOT-LM75-MIB.txt 
b/usr.sbin/bsnmpd/modules/snmp_lm75/BEGEMOT-LM75-MIB.txt
index c4cf536e5043..7966f6535f15 100644
--- a/usr.sbin/bsnmpd/modules/snmp_lm75/BEGEMOT-LM75-MIB.txt
+++ b/usr.sbin/bsnmpd/modules/snmp_lm75/BEGEMOT-LM75-MIB.txt
@@ -35,7 +35,7 @@ IMPORTS
 begemot
FROM BEGEMOT-MIB;
 
-begemotLoos MODULE-IDENTITY
+begemotLm75 MODULE-IDENTITY
 LAST-UPDATED "20140224Z"
 ORGANIZATION "FreeBSD"
 CONTACT-INFO
@@ -59,7 +59,7 @@ begemotLm75ObjectsOBJECT IDENTIFIER ::= { begemotLm75 1 }
 -- Configuration parameters
 -- -- --
 
-lm75Sensor OBJECT IDENTIFIER ::= { begemotlm75Objects 1 }
+lm75Sensor OBJECT IDENTIFIER ::= { begemotLm75Objects 1 }
 
 lm75SensorsOBJECT-TYPE
 SYNTAX Integer32
@@ -67,7 +67,7 @@ lm75Sensors   OBJECT-TYPE
 STATUS current
 DESCRIPTION
"Number of LM75 sensors in the system."
-::= { lm75Sensors 1 }
+::= { lm75Sensor 1 }
 
 -- -- --
 -- TempSensor Table
@@ -80,7 +80,7 @@ lm75SensorTable OBJECT-TYPE
"A table containing information about all temperature sensors."
 ::= { begemotLm75Objects 2 }
 
-loosTempSensorEntry OBJECT-TYPE
+lm75SensorEntry OBJECT-TYPE
 SYNTAX Lm75SensorEntry
 MAX-ACCESS not-accessible
 STATUS current

git: 3523f0677ef5 - main - fdc.4: document fdc sysctls

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=3523f0677ef514fe72710033c73cc58517b9cda8

commit 3523f0677ef514fe72710033c73cc58517b9cda8
Author: Felix Johnson 
AuthorDate: 2023-10-09 11:46:03 +
Commit: Eugene Grosbein 
CommitDate: 2023-10-09 11:48:52 +

fdc.4: document fdc sysctls

PR: 105608
MFC-after:  1 week
---
 share/man/man4/fdc.4 | 57 +++-
 1 file changed, 56 insertions(+), 1 deletion(-)

diff --git a/share/man/man4/fdc.4 b/share/man/man4/fdc.4
index f42a74b3a65c..929baf3a234b 100644
--- a/share/man/man4/fdc.4
+++ b/share/man/man4/fdc.4
@@ -25,7 +25,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd April 7, 2017
+.Dd October 10, 2023
 .Dt FDC 4
 .Os
 .Sh NAME
@@ -311,6 +311,61 @@ Third argument is a pointer to
 This type is the same as being used in the per-drive configuration
 flags, or in the CMOS configuration data or ACPI namespace on IA32 systems.
 .El
+.Sh SYSCTL VARIABLES
+.Bl -tag -width "debug.fdc.debugflags"
+.It Dv debug.fdc.debugflags
+Selectively enable debugging by setting one or more flags.
+.Bl -tag -width "0x40"
+.It Dv 0x01
+Dump device registers on reset.
+.It Dv 0x02
+When an IO operation completes, print the number of retries
+when that number is greater than zero.
+.It Dv 0x04
+Print when the number of retries exceeds
+.Dv debug.fdc.retries
+.Pq Dv EIO .
+Print when the option
+.Dv FDOPT_NOERROR
+is set and an error would have returned from a write operation.
+.It Dv 0x08
+Print detailed IO command information.
+.It Dv 0x10
+Print status registers.
+.It Dv 0x20
+Print detailed status registers when interrupts complete.
+Print the source code line number close to the source of a
+non-zero return from a thread worker operation.
+.It Dv 0x40
+Print when the disk appears to be lost.
+Print cylinder, head, sector, and sector shift information
+after a request to read an ID field.
+Notify whether a disk probe resulted in finding a disk.
+When detecting the density of media present, indicate whether
+the autosensing was successful, and if so, the size of the
+medium in kilobytes.
+Print detailed type information when setting the drive type.
+.It Dv 0x80
+Print when an unknown IOCTL is used.
+.El
+.It Dv debug.fdc.fifo
+For enhanced controllers, allows a non-default FIFO
+threshold setting. The default is 8 bytes.
+.It Dv debug.fdc.retries
+Maximum number of retries to attempt. The default is 10.
+.It Dv debug.fdc.spec1
+Specification byte one (step-rate + head unload).
+The default step rate is 6 ms. The default head unload
+time is 240 ms.
+.It Dv debug.fdc.spec2
+Specification byte two (head load time + no-dma).
+The default head load time is 16 ms, and no-dma is 0
+.Pq disabled .
+.It Dv debug.fdc.settle
+Head settling time in
+.Sy settle
+/ hz seconds. The default value is set during device attach.
+.El
 .Sh FILES
 .Bl -tag -width ".Pa /dev/fd*" -compact
 .It Pa /dev/fd*

git: 93b4a5445658 - main - netgraph: prevent panic with INVARIANTS-enabled kernel

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=93b4a54456589e78dcd37f2db8333baff3f3f0b2

commit 93b4a54456589e78dcd37f2db8333baff3f3f0b2
Author: Eugene Grosbein 
AuthorDate: 2025-02-25 07:18:29 +
Commit: Eugene Grosbein 
CommitDate: 2025-02-25 07:22:53 +

netgraph: prevent panic with INVARIANTS-enabled kernel

This change makes NG_ABI_VERSION depend on INVARIANTS
in addition to NETGRAPH_DEBUG.

PR: 257876
MFC-after:  2 weeks
---
 sys/netgraph/netgraph.h | 19 ++-
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/sys/netgraph/netgraph.h b/sys/netgraph/netgraph.h
index e83f61d3f60b..10db352e0fa2 100644
--- a/sys/netgraph/netgraph.h
+++ b/sys/netgraph/netgraph.h
@@ -69,11 +69,20 @@
  * modules.
  */
 #define _NG_ABI_VERSION 12
-#ifdef NETGRAPH_DEBUG /*--*/
-#define NG_ABI_VERSION (_NG_ABI_VERSION + 0x1)
-#else  /* NETGRAPH_DEBUG */ /*--*/
-#define NG_ABI_VERSION _NG_ABI_VERSION
-#endif /* NETGRAPH_DEBUG */ /*--*/
+
+#ifdef NETGRAPH_DEBUG
+#define_NG_ABI_PREFIX1 0x1
+#else
+#define_NG_ABI_PREFIX1 0
+#endif
+
+#ifdef INVARIANTS
+#define_NG_ABI_PREFIX2 0x2
+#else
+#define_NG_ABI_PREFIX2 0
+#endif
+
+#define NG_ABI_VERSION (_NG_ABI_PREFIX1 + _NG_ABI_PREFIX2 + _NG_ABI_VERSION)
 
 /*
  * Forward references for the basic structures so we can

Re: git: 93b4a5445658 - main - netgraph: prevent panic with INVARIANTS-enabled kernel

[Eugene Grosbein]

25.02.2025 14:59, Zhenlei Huang wrote:

>> commit 93b4a54456589e78dcd37f2db8333baff3f3f0b2
>> Author: Eugene Grosbein 
>> AuthorDate: 2025-02-25 07:18:29 +0000
>> Commit: Eugene Grosbein 
>> CommitDate: 2025-02-25 07:22:53 +
>>
>>netgraph: prevent panic with INVARIANTS-enabled kernel
>>
>>This change makes NG_ABI_VERSION depend on INVARIANTS
>>in addition to NETGRAPH_DEBUG.
>>
>>PR: 257876
> 
> Maybe a wrong PR ?
> 
> The PR 257876 is about port math/deal.ii , I do not see any relationship 
> between it and netgraph(3) or netgraph(4).

Sorry, paste error. Right number is 214624.

git: 5d5848648013 - main - trim(8): minor output correction

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=5d5848648013a189fc766e4ee3a121362905b836

commit 5d5848648013a189fc766e4ee3a121362905b836
Author: Eugene Grosbein 
AuthorDate: 2025-07-20 10:36:33 +
Commit: Eugene Grosbein 
CommitDate: 2025-07-20 10:36:33 +

trim(8): minor output correction

"trim /dev/da*" would print the following line multiple times
when given multiple agruments:

dry run: add -f to actually perform the operation

Print it once before looping over arguments.

Also, note possible suffixes P and E after offset/length
as per expand_number(3).
---
 usr.sbin/trim/trim.8 | 18 ++
 usr.sbin/trim/trim.c | 11 ++-
 2 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/usr.sbin/trim/trim.8 b/usr.sbin/trim/trim.8
index 1ac10d7e3d46..a4874c54c183 100644
--- a/usr.sbin/trim/trim.8
+++ b/usr.sbin/trim/trim.8
@@ -23,7 +23,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd January 18, 2019
+.Dd July 20, 2025
 .Dt TRIM 8
 .Os
 .Sh NAME
@@ -36,7 +36,7 @@
 .Bk -words
 .Sm off
 .Ar offset
-.Op Cm K | k | M | m | G | g | T | t ]
+.Op Cm K | k | M | m | G | g | T | t | P | p | E | e ]
 .Sm on
 .Xc
 .Ek
@@ -68,13 +68,13 @@ Overrides
 .It Fl l Xo
 .Sm off
 .Ar offset
-.Op Cm K | k | M | m | G | g | T | t
+.Op Cm K | k | M | m | G | g | T | t | P | p | E | e
 .Sm on
 .Xc
 .It Fl o Xo
 .Sm off
 .Ar offset
-.Op Cm K | k | M | m | G | g | T | t
+.Op Cm K | k | M | m | G | g | T | t | P | p | E | e
 .Sm on
 .Xc
 Specify the length
@@ -88,12 +88,14 @@ unless one or both of these options are presented.
 The argument may be suffixed with one of
 .Cm K ,
 .Cm M ,
-.Cm G
+.Cm G ,
+.Cm T ,
+.Cm P
 or
-.Cm T
+.Cm E
 (either upper or lower case) to indicate a multiple of
-Kilobytes, Megabytes, Gigabytes or Terabytes
-respectively.
+Kilobytes, Megabytes, Gigabytes, Terabytes, Petabytes or
+Exabytes, respectively.
 .It Fl q
 Do not output anything except of possible error messages (quiet mode).
 Overrides
diff --git a/usr.sbin/trim/trim.c b/usr.sbin/trim/trim.c
index 3e187faa0fb3..582dc095d642 100644
--- a/usr.sbin/trim/trim.c
+++ b/usr.sbin/trim/trim.c
@@ -114,7 +114,7 @@ main(int argc, char **argv)
 *
 *  trim -f -- /dev/da0 -r rfile
 */
-   
+
if (strcmp(argv[optind-1], "--") != 0) {
for (ch = optind; ch < argc; ch++)
if (argv[ch][0] == '-')
@@ -127,6 +127,9 @@ main(int argc, char **argv)
if (argc < 1)
usage(name);
 
+   if (dryrun)
+   printf("dry run: add -f to actually perform the operation\n");
+
while ((fname = *argv++) != NULL)
if (trim(fname, offset, length, dryrun, verbose) < 0)
error++;
@@ -213,10 +216,8 @@ trim(const char *path, off_t offset, off_t length, bool 
dryrun, bool verbose)
printf("trim %s offset %ju length %ju\n",
path, (uintmax_t)offset, (uintmax_t)length);
 
-   if (dryrun) {
-   printf("dry run: add -f to actually perform the operation\n");
+   if (dryrun)
return (0);
-   }
 
fd = opendev(path, O_RDWR | O_DIRECT);
arg[0] = offset;
@@ -237,7 +238,7 @@ static void
 usage(const char *name)
 {
(void)fprintf(stderr,
-   "usage: %s [-[lo] offset[K|k|M|m|G|g|T|t]] [-r rfile] [-Nfqv] 
device ...\n",
+   "usage: %s [-[lo] offset[K|k|M|m|G|g|T|t|Pt|Ee]] [-r rfile] [-Nfqv] 
device ...\n",
name);
exit(EX_USAGE);
 }

git: f1b934c8138c - main - trim(8): fix usage line

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=f1b934c8138cfd98a70e305d54b2b431c842ec21

commit f1b934c8138cfd98a70e305d54b2b431c842ec21
Author: Eugene Grosbein 
AuthorDate: 2025-07-20 10:42:27 +
Commit: Eugene Grosbein 
CommitDate: 2025-07-20 10:42:27 +

trim(8): fix usage line

Fix usage line after previous change.
---
 usr.sbin/trim/trim.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr.sbin/trim/trim.c b/usr.sbin/trim/trim.c
index 582dc095d642..27f57ac2fb72 100644
--- a/usr.sbin/trim/trim.c
+++ b/usr.sbin/trim/trim.c
@@ -238,7 +238,7 @@ static void
 usage(const char *name)
 {
(void)fprintf(stderr,
-   "usage: %s [-[lo] offset[K|k|M|m|G|g|T|t|Pt|Ee]] [-r rfile] [-Nfqv] 
device ...\n",
+   "usage: %s [-[lo] offset[K|k|M|m|G|g|T|t|P|p|E|e]] [-r rfile] 
[-Nfqv] device ...\n",
name);
exit(EX_USAGE);
 }

git: 6d3bc576abbd - main - libexec/rc: improve performance of pccard_ether script

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=6d3bc576abbd84f736d917f5bfec4e3fe7e6c125

commit 6d3bc576abbd84f736d917f5bfec4e3fe7e6c125
Author: Eugene Grosbein 
AuthorDate: 2025-07-01 14:13:10 +
Commit: Eugene Grosbein 
CommitDate: 2025-07-01 14:13:10 +

libexec/rc: improve performance of pccard_ether script

Replace "ifconfig -ul" with "ifconfig -n" because netlink-enabled
/sbin/ifconfig utility has sub-optimal performance for listing.

Combined with the commit b1b17432aa1be670564161232d110461a5dde4ce,
these changes mostly eliminate performance regression of the command
"service devd start" for a system having hundreds of network interfaces
created before devd starts, after FreeBSD 14+ switched
/sbin/ifconfig to netlink(4)

PR: 287872
MFC-after:  2 weeks
---
 libexec/rc/network.subr | 20 
 libexec/rc/pccard_ether | 17 +
 2 files changed, 29 insertions(+), 8 deletions(-)

diff --git a/libexec/rc/network.subr b/libexec/rc/network.subr
index 931fbec19a60..2113a3f66f0f 100644
--- a/libexec/rc/network.subr
+++ b/libexec/rc/network.subr
@@ -653,6 +653,26 @@ ifexists()
${IFCONFIG_CMD} -n $1 > /dev/null 2>&1
 }
 
+# ifisup if
+#  Returns 0 if the interface exists and UP,
+#  returns 1 if the interface exists and not UP,
+#  returns 2 otherwise.
+ifisup()
+{
+   local _if
+
+   [ -z "$1" ] && return 1
+   _if="$1"
+
+   set -- $(${IFCONFIG_CMD} -n ${_if} 2>/dev/null)
+   case "$1$2" in
+   ${_if}:*']*)return 0 ;;
+   ${_if}:*)   return 1 ;;
+   esac
+
+   return 2
+}
+
 # ipv4_up if
 #  add IPv4 addresses to the interface $if
 ipv4_up()
diff --git a/libexec/rc/pccard_ether b/libexec/rc/pccard_ether
index 7ca58f210085..957983e55a8e 100755
--- a/libexec/rc/pccard_ether
+++ b/libexec/rc/pccard_ether
@@ -69,16 +69,17 @@ checkauto()
 
 pccard_ether_start()
 {
-   ifexists $ifn || exit 1
-
-   if [ -z "$rc_force" ]; then
-   for uif in `ifconfig -ul`; do
-   if [ "${uif}" = "${ifn}" ]; then
-   # Interface is already up, so ignore it.
+   ifisup $ifn
+   case $? in
+   0)  # Interface is already up, so ignore it.
+   if [ -z "$rc_force"]; then
exit 0
fi
-   done
-   fi
+   ;;
+   2)  # Interface does not exist.
+   exit 1
+   ;;
+   esac
 
/etc/rc.d/netif quietstart $ifn
 

git: 24e8ed535ff6 - main - network.subr: correct return code in case of bad call to ifisup()

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=24e8ed535ff673b9ea751c3d3b2a68ef0a29b0e2

commit 24e8ed535ff673b9ea751c3d3b2a68ef0a29b0e2
Author: Eugene Grosbein 
AuthorDate: 2025-07-01 14:33:19 +
Commit: Eugene Grosbein 
CommitDate: 2025-07-01 14:33:19 +

network.subr: correct return code in case of bad call to ifisup()

This is rather cosmetic correction.

PR: 287872
MFC-after:  2 weeks
X-MFC-With: 6d3bc576abbd84f736d917f5bfec4e3fe7e6c125
---
 libexec/rc/network.subr | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libexec/rc/network.subr b/libexec/rc/network.subr
index 2113a3f66f0f..5e4f2c1f39a0 100644
--- a/libexec/rc/network.subr
+++ b/libexec/rc/network.subr
@@ -661,7 +661,7 @@ ifisup()
 {
local _if
 
-   [ -z "$1" ] && return 1
+   [ -z "$1" ] && return 2
_if="$1"
 
set -- $(${IFCONFIG_CMD} -n ${_if} 2>/dev/null)

git: b1b17432aa1b - main - ifconfig_netlink.c: optimise non-listing case

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=b1b17432aa1be670564161232d110461a5dde4ce

commit b1b17432aa1be670564161232d110461a5dde4ce
Author: Alexander V. Chernikov 
AuthorDate: 2025-07-01 13:16:57 +
Commit: Eugene Grosbein 
CommitDate: 2025-07-01 13:16:57 +

ifconfig_netlink.c: optimise non-listing case

This change produced by melifaro and the commit is concerted with him
as he is pretty busy IRL these days.

The change restores performance of /sbin/ifconfig utility
for non-listing case after it switched from rtsock to netlink(4) API
in FreeBSD 14+.

PR: 287872
MFC-after:  2 weeks
---
 sbin/ifconfig/ifconfig_netlink.c | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/sbin/ifconfig/ifconfig_netlink.c b/sbin/ifconfig/ifconfig_netlink.c
index c1e6b7be587f..b5badfd585b8 100644
--- a/sbin/ifconfig/ifconfig_netlink.c
+++ b/sbin/ifconfig/ifconfig_netlink.c
@@ -141,7 +141,7 @@ struct ifmap {
  * Memory is allocated using snl temporary buffers
  */
 static struct ifmap *
-prepare_ifmap(struct snl_state *ss)
+prepare_ifmap(struct snl_state *ss, const char *ifname)
 {
struct snl_writer nw = {};
 
@@ -149,6 +149,8 @@ prepare_ifmap(struct snl_state *ss)
struct nlmsghdr *hdr = snl_create_msg_request(&nw, RTM_GETLINK);
hdr->nlmsg_flags |= NLM_F_DUMP;
snl_reserve_msg_object(&nw, struct ifinfomsg);
+   if (ifname != NULL)
+   snl_add_msg_attr_string(&nw, IFLA_IFNAME, ifname);
 
if (! (hdr = snl_finalize_msg(&nw)) || !snl_send_message(ss, hdr))
return (NULL);
@@ -455,7 +457,7 @@ list_interfaces_nl(struct ifconfig_args *args)
 
nl_init_socket(&ss);
 
-   struct ifmap *ifmap = prepare_ifmap(&ss);
+   struct ifmap *ifmap = prepare_ifmap(&ss, args->ifname);
struct iface **sorted_ifaces = snl_allocz(&ss, ifmap->count * 
sizeof(void *));
for (uint32_t i = 0, num = 0; i < ifmap->size; i++) {
if (ifmap->ifaces[i] != NULL) {

git: 044febb24a26 - main - devd(8): correct error logging

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=044febb24a26d92066b2849eb583f57e37acdbfd

commit 044febb24a26d92066b2849eb583f57e37acdbfd
Author: Eugene Grosbein 
AuthorDate: 2025-07-22 09:55:08 +
Commit: Eugene Grosbein 
CommitDate: 2025-07-22 09:55:08 +

devd(8): correct error logging

Fix a mistake in a log message that leaked from my preliminary patch.

PR: 287873
MFC after:  3 days
X-MFC-with: bd4a4e46ceacd8dfc5a5469ec6edd8c92c53605a
---
 sbin/devd/devd.cc | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/sbin/devd/devd.cc b/sbin/devd/devd.cc
index 375ccd817146..6705dcc0158e 100644
--- a/sbin/devd/devd.cc
+++ b/sbin/devd/devd.cc
@@ -1354,8 +1354,7 @@ main(int argc, char **argv)
len = sizeof(vm_guest);
if (sysctlbyname("kern.vm_guest", vm_guest, &len, NULL, 0) < 0) {
devdlog(LOG_ERR,
-   "sysctlnametomib(kern.vm_guest) failed: %d\n",
-   errno);
+   "sysctlbyname(kern.vm_guest) failed: %d\n", errno);
}
 
cfg.parse();

git: d4a0e749cc66 - main - devd.conf(5): call hyperv_vfattach in a Hyper-V guest only

[Eugene Grosbein]

The branch main has been updated by eugen:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=d4a0e749cc66cd5d019d8fb8f43427109aef4c9f

commit d4a0e749cc66cd5d019d8fb8f43427109aef4c9f
Author: Eugene Grosbein 
AuthorDate: 2025-07-22 10:06:24 +
Commit: Eugene Grosbein 
CommitDate: 2025-07-22 10:06:24 +

devd.conf(5): call hyperv_vfattach in a Hyper-V guest only

Limit calls to /usr/libexec/hyperv/hyperv_vfattach to Hyper-V guests.

PR: 287873
MFC after:  3 days
---
 sbin/devd/hyperv.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sbin/devd/hyperv.conf b/sbin/devd/hyperv.conf
index 13695a0c75b6..70108ac36e54 100644
--- a/sbin/devd/hyperv.conf
+++ b/sbin/devd/hyperv.conf
@@ -103,5 +103,6 @@ notify 10 {
 notify 10 {
match "system"  "ETHERNET";
match "type""IFATTACH";
+   match "vm_guest""hv";
action "/usr/libexec/hyperv/hyperv_vfattach $subsystem 0";
 };