Revision tags: vendor/device-tree/4.17, vendor/acpica/20180531, vendor/ck/20180524 |
|
#
bb8f1623 |
| 24-May-2018 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
Try to be consistent and spell "vnet" lower case like all the other options (and as we do on command line).
Sponsored by: iXsystems, Inc.
|
#
36b41cc3 |
| 24-May-2018 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
Improve the KASSERT to also have the prison pointer. Helpful when debugging from ddb.
Sponsored by: iXsystems, Inc.
|
Revision tags: vendor/Juniper/libxo/0.9.0, vendor/file/5.33, vendor/NetBSD/bmake/20180512, vendor/xz/5.2.4, vendor/ck/20180517, vendor/unbound/1.7.1, vendor/unbound/1.7.0, vendor/unbound/1.6.8, vendor/unbound/1.6.7, vendor/unbound/1.6.6, vendor/unbound/1.6.5, vendor/unbound/1.6.4, vendor/unbound/1.6.3, vendor/unbound/1.6.2, vendor/unbound/1.6.1, vendor/ena-com/1.1.4.5, vendor/acpica/20180508, vendor/sqlite3/sqlite-3230100, vendor/subversion/subversion-1.10.0, vendor/openssh/7.7p1, vendor/openssh/7.6p1 |
|
#
0e5c6bd4 |
| 04-May-2018 |
Jamie Gritton <jamie@FreeBSD.org> |
Make it easier for filesystems to count themselves as jail-enabled, by doing most of the work in a new function prison_add_vfs in kern_jail.c Now a jail-enabled filesystem need only mark itself with
Make it easier for filesystems to count themselves as jail-enabled, by doing most of the work in a new function prison_add_vfs in kern_jail.c Now a jail-enabled filesystem need only mark itself with VFCF_JAIL, and the rest is taken care of. This includes adding a jail parameter like allow.mount.foofs, and a sysctl like security.jail.mount_foofs_allowed. Both of these used to be a static list of known filesystems, with predefined permission bits.
Reviewed by: kib Differential Revision: D14681
show more ...
|
Revision tags: vendor/tzdata/tzdata2018e, vendor/acpica/20180427, vendor/elftoolchain/elftoolchain-r3614, vendor/device-tree/4.16 |
|
#
f87beb93 |
| 20-Apr-2018 |
Andriy Gapon <avg@FreeBSD.org> |
call racct_proc_ucred_changed() under the proc lock
The lock is required to ensure that the switch to the new credentials and the transfer of the process's accounting data from the old credentials t
call racct_proc_ucred_changed() under the proc lock
The lock is required to ensure that the switch to the new credentials and the transfer of the process's accounting data from the old credentials to the new ones is done atomically. Otherwise, some updates may be applied to the new credentials and then additionally transferred from the old credentials if the updates happen after proc_set_cred() and before racct_proc_ucred_changed().
The problem is especially pronounced for RACCT_RSS because - there is a strict accounting for this resource (it's reclaimable) - it's updated asynchronously by the vm daemon - it's updated by setting an absolute value instead of applying a delta
I had to remove a call to rctl_proc_ucred_changed() from racct_proc_ucred_changed() and make all callers of latter call the former as well. The reason is that rctl_proc_ucred_changed, as it is implemented now, cannot be called while holding the proc lock, so the lock is dropped after calling racct_proc_ucred_changed. Additionally, I've added calls to crhold / crfree around the rctl call, because without the proc lock there is no gurantee that the new credentials, owned by the process, will stay stable. That does not eliminate a possibility that the credentials passed to the rctl will get stale. Ideally, rctl_proc_ucred_changed should be able to work under the proc lock.
Many thanks to kib for pointing out the above problems.
PR: 222027 Discussed with: kib No comment: trasz MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D15048
show more ...
|
#
6469bdcd |
| 06-Apr-2018 |
Brooks Davis <brooks@FreeBSD.org> |
Move most of the contents of opt_compat.h to opt_global.h.
opt_compat.h is mentioned in nearly 180 files. In-progress network driver compabibility improvements may add over 100 more so this is close
Move most of the contents of opt_compat.h to opt_global.h.
opt_compat.h is mentioned in nearly 180 files. In-progress network driver compabibility improvements may add over 100 more so this is closer to "just about everywhere" than "only some files" per the guidance in sys/conf/options.
Keep COMPAT_LINUX32 in opt_compat.h as it is confined to a subset of sys/compat/linux/*.c. A fake _COMPAT_LINUX option ensure opt_compat.h is created on all architectures.
Move COMPAT_LINUXKPI to opt_dontuse.h as it is only used to control the set of compiled files.
Reviewed by: kib, cem, jhb, jtl Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D14941
show more ...
|
Revision tags: vendor/opencsd/900407e9d6400f6541138d6c2e483a9fc2d699a4, vendor/heimdal/7.5.0, vendor/krb5/1.16, vendor/ck/20180304, vendor/openssl/1.0.2o, vendor/tzdata/tzdata2018d |
|
#
672756aa |
| 20-Mar-2018 |
Jamie Gritton <jamie@FreeBSD.org> |
Represent boolean jail options as an array of structures containing the flag and both the regular and "no" names, instead of two different string arrays whose indices need to match the flag's bit pos
Represent boolean jail options as an array of structures containing the flag and both the regular and "no" names, instead of two different string arrays whose indices need to match the flag's bit position. This makes them similar to the say "jailsys" options are represented.
Loop through either kind of option array with a structure pointer rather then an integer index.
show more ...
|
Revision tags: vendor/processor-trace/24982c1a6fce48f1e416461d42899805f74fbb26, vendor/acpica/20180313, vendor/lld/lld-release_600-r326565, vendor/clang/clang-release_600-r326565, vendor/llvm/llvm-release_600-r326565, vendor/NetBSD/bmake/20180222, vendor/ntp/4.2.8p11, vendor/lldb/lldb-release_60-r325932, vendor/lldb/lldb-release_600-r326565, vendor/lld/lld-release_60-r325932, vendor/clang/clang-release_60-r325932, vendor/llvm/llvm-release_60-r325932, vendor/less/v530, vendor/lldb/lldb-release_60-r325330, vendor/lld/lld-release_60-r325330, vendor/libc++/libc++-release_60-r325330, vendor/libc++/libc++-release_60-r325932, vendor/libc++/libc++-release_600-r326565, vendor/compiler-rt/compiler-rt-release_60-r325330, vendor/compiler-rt/compiler-rt-release_60-r325932, vendor/compiler-rt/compiler-rt-release_600-r326565, vendor/clang/clang-release_60-r325330, vendor/llvm/llvm-release_60-r325330, vendor/device-tree/4.15, vendor/acpica/20180209, vendor/lld/lld-release_60-r324090, vendor/clang/clang-release_60-r324090, vendor/llvm/llvm-release_60-r324090, vendor/lld/lld-release_60-r323948, vendor/compiler-rt/compiler-rt-release_60-r323948, vendor/compiler-rt/compiler-rt-release_60-r324090, vendor/clang/clang-release_60-r323948, vendor/llvm/llvm-release_60-r323948, vendor/lldb/lldb-release_60-r323338, vendor/lldb/lldb-release_60-r323948, vendor/lldb/lldb-release_60-r324090, vendor/lld/lld-release_60-r323338, vendor/libc++/libc++-release_60-r323338, vendor/libc++/libc++-release_60-r323948, vendor/libc++/libc++-release_60-r324090, vendor/compiler-rt/compiler-rt-release_60-r323338, vendor/clang/clang-release_60-r323338, vendor/llvm/llvm-release_60-r323338, vendor/tzdata/tzdata2018c, vendor/libfdt/1.4.6, vendor/tzdata/tzdata2018a, vendor/dtc/1.4.6, vendor/lldb/lldb-release_60-r321788, vendor/lld/lld-release_60-r321788, vendor/libc++/libc++-release_60-r321788, vendor/compiler-rt/compiler-rt-release_60-r321788, vendor/clang/clang-release_60-r321788, vendor/llvm/llvm-release_60-r321788, vendor/acpica/20180105, vendor/compiler-rt/compiler-rt-trunk-r321545, vendor/llvm/llvm-trunk-r321545, vendor/lldb/lldb-trunk-r321530, vendor/lldb/lldb-trunk-r321545, vendor/lld/lld-trunk-r321530, vendor/lld/lld-trunk-r321545, vendor/libc++/libc++-trunk-r321530, vendor/libc++/libc++-trunk-r321545, vendor/compiler-rt/compiler-rt-trunk-r321530, vendor/clang/clang-trunk-r321530, vendor/clang/clang-trunk-r321545, vendor/llvm/llvm-trunk-r321530, vendor/lld/lld-trunk-r321426, vendor/clang/clang-trunk-r321426, vendor/llvm/llvm-trunk-r321426, vendor/lldb/lldb-trunk-r321414, vendor/lldb/lldb-trunk-r321426, vendor/lld/lld-trunk-r321414, vendor/libc++/libc++-trunk-r321414, vendor/libc++/libc++-trunk-r321426, vendor/compiler-rt/compiler-rt-trunk-r321414, vendor/compiler-rt/compiler-rt-trunk-r321426, vendor/clang/clang-trunk-r321414, vendor/llvm/llvm-trunk-r321414, vendor/lldb/lldb-trunk-r321017, vendor/lld/lld-trunk-r321017, vendor/libc++/libc++-trunk-r321017, vendor/compiler-rt/compiler-rt-trunk-r321017, vendor/clang/clang-trunk-r321017, vendor/llvm/llvm-trunk-r321017, vendor/lld/lld-release_501-r320880, vendor/clang/clang-release_501-r320880, vendor/llvm/llvm-release_501-r320880, vendor/acpica/20171214, vendor/openssl/1.0.2n, vendor/lldb/lldb-release_50-r319231, vendor/lldb/lldb-release_501-r320880, vendor/lld/lld-release_50-r319231, vendor/libc++/libc++-release_50-r319231, vendor/libc++/libc++-release_501-r320880, vendor/clang/clang-release_50-r319231, vendor/llvm/llvm-release_50-r319231, vendor/lua/5.3.4, vendor/NetBSD/libc-vis/20171127 |
|
#
8a36da99 |
| 27-Nov-2017 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
sys/kern: adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I was using misidentified many licenses so this was mostly a manual - error prone
sys/kern: adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I was using misidentified many licenses so this was mostly a manual - error prone - task.
The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts.
show more ...
|
Revision tags: vendor/less/v529, vendor/device-tree/4.14, vendor/acpica/20171110, vendor/zstd/1.3.2, vendor/ena-com/1.1.4.4, vendor/openssl/1.0.2m, vendor/NetBSD/bmake/20171028, vendor/ena-com/1.1.4.3, vendor/tzdata/tzdata2017c, vendor/device-tree/4.13, vendor/wpa/2.6, vendor/mandoc/1.14.3, vendor/acpica/20170929, release/10.4.0, upstream/10.4.0, vendor/tcpdump/4.9.2, vendor/file/5.32, vendor/NetBSD/libedit/2017-09-05, vendor/clang/clang-release_500-r312559, vendor/llvm/llvm-release_500-r312559, vendor/lldb/lldb-release_50-r312293, vendor/lldb/lldb-release_500-r312559, vendor/lld/lld-release_50-r312293, vendor/lld/lld-release_500-r312559, vendor/libc++/libc++-release_50-r312293, vendor/libc++/libc++-release_500-r312559, vendor/compiler-rt/compiler-rt-release_50-r312293, vendor/compiler-rt/compiler-rt-release_50-r319231, vendor/compiler-rt/compiler-rt-release_500-r312559, vendor/compiler-rt/compiler-rt-release_501-r320880, vendor/clang/clang-release_50-r312293, vendor/llvm/llvm-release_50-r312293, vendor/ctfdump/20170831, vendor/acpica/20170831, vendor/lldb/lldb-release_50-r311606, vendor/compiler-rt/compiler-rt-release_50-r311606, vendor/clang/clang-release_50-r311606, vendor/llvm/llvm-release_50-r311606, vendor/zstd/1.3.1, vendor/lld/lld-release_50-r311219, vendor/lld/lld-release_50-r311606, vendor/libc++/libc++-release_50-r311219, vendor/libc++/libc++-release_50-r311606, vendor/clang/clang-release_50-r311219, vendor/llvm/llvm-release_50-r311219, vendor/sqlite3/sqlite-3200000, vendor/subversion/subversion-1.9.7, vendor/libc++/libc++-release_50-r310316, vendor/clang/clang-release_50-r310316, vendor/llvm/llvm-release_50-r310316, vendor/Juniper/libxo/0.8.4, vendor/openssh/7.5p1, vendor/ena-com/1.1.4.2, vendor/mandoc/1.14.2, vendor/lldb/lldb-release_50-r309439, vendor/lldb/lldb-release_50-r310316, vendor/lldb/lldb-release_50-r311219, vendor/lld/lld-release_50-r309439, vendor/lld/lld-release_50-r310316, vendor/libc++/libc++-release_50-r309439, vendor/clang/clang-release_50-r309439, vendor/llvm/llvm-release_50-r309439, vendor/acpica/20170728, zfs-0.7.0, vendor/NetBSD/bmake/20170720, release/11.1.0, upstream/11.1.0, vendor/lldb/lldb-trunk-r308421, vendor/lld/lld-trunk-r308421, vendor/libc++/libc++-trunk-r308421, vendor/compiler-rt/compiler-rt-release_50-r309439, vendor/compiler-rt/compiler-rt-release_50-r310316, vendor/compiler-rt/compiler-rt-release_50-r311219, vendor/compiler-rt/compiler-rt-trunk-r308421, vendor/clang/clang-trunk-r308421, vendor/llvm/llvm-trunk-r308421, vendor/NetBSD/bmake/20170711, vendor/zstd/1.3.0, vendor/lldb/lldb-trunk-r307894, vendor/lld/lld-trunk-r307894, vendor/libc++/libc++-trunk-r307894, vendor/compiler-rt/compiler-rt-trunk-r307894, vendor/clang/clang-trunk-r307894, vendor/llvm/llvm-trunk-r307894, zfs-0.7.0-rc5, vendor/libarchive/3.3.2, vendor/device-tree/4.12, vendor/krb5/1.15.1, vendor/lldb/lldb-trunk-r306956, vendor/lld/lld-trunk-r306956, vendor/libc++/libc++-trunk-r306956, vendor/compiler-rt/compiler-rt-trunk-r306956, vendor/clang/clang-trunk-r306956, vendor/llvm/llvm-trunk-r306956, vendor/acpica/20170629, vendor/pjdfstest/0.1, vendor/lldb/lldb-trunk-r306325, vendor/lld/lld-trunk-r306325, vendor/libc++/libc++-trunk-r306325, vendor/compiler-rt/compiler-rt-trunk-r306325, vendor/clang/clang-trunk-r306325, vendor/llvm/llvm-trunk-r306325, vendor/elftoolchain/elftoolchain-r3561, vendor/device-tree/4.11, vendor/lldb/lldb-trunk-r305575, vendor/lld/lld-trunk-r305575, vendor/libc++/libc++-trunk-r305575, vendor/compiler-rt/compiler-rt-trunk-r305575, vendor/clang/clang-trunk-r305575, vendor/llvm/llvm-trunk-r305575, vendor/Juniper/libxo/0.8.2, vendor/lldb/lldb-trunk-r305145, vendor/lld/lld-trunk-r305145, vendor/libc++/libc++-trunk-r305145, vendor/compiler-rt/compiler-rt-trunk-r305145, vendor/clang/clang-trunk-r305145, vendor/llvm/llvm-trunk-r305145, vendor/Juniper/libxo/0.8.1, vendor/mandoc/20170608, vendor/Juniper/libxo/0.8.0 |
|
#
e28f9b7d |
| 06-Jun-2017 |
Allan Jude <allanjude@FreeBSD.org> |
Jails: Optionally prevent jailed root from binding to privileged ports
You may now optionally specify allow.noreserved_ports to prevent root inside a jail from using privileged ports (less than 1024
Jails: Optionally prevent jailed root from binding to privileged ports
You may now optionally specify allow.noreserved_ports to prevent root inside a jail from using privileged ports (less than 1024)
PR: 217728 Submitted by: Matt Miller <mattm916@pulsar.neomailbox.ch> Reviewed by: jamie, cem, smh Relnotes: yes Differential Revision: https://reviews.freebsd.org/D10202
show more ...
|
Revision tags: vendor/lldb/lldb-trunk-r304659, vendor/lld/lld-trunk-r304659, vendor/libc++/libc++-trunk-r304659, vendor/compiler-rt/compiler-rt-trunk-r304659, vendor/clang/clang-trunk-r304659, vendor/llvm/llvm-trunk-r304659, vendor/lldb/lldb-trunk-r304460, vendor/lld/lld-trunk-r304460, vendor/libc++/libc++-trunk-r304460, vendor/compiler-rt/compiler-rt-trunk-r304460, vendor/clang/clang-trunk-r304460, vendor/llvm/llvm-trunk-r304460, vendor/acpica/20170531, vendor/byacc/20170430, vendor/lldb/lldb-trunk-r304222, vendor/lld/lld-trunk-r304222, vendor/libc++/libc++-trunk-r304222, vendor/clang/clang-trunk-r304222, vendor/llvm/llvm-trunk-r304222, vendor/lldb/lldb-trunk-r304149, vendor/lld/lld-trunk-r304149, vendor/libc++/libc++-trunk-r304149, vendor/compiler-rt/compiler-rt-trunk-r304149, vendor/compiler-rt/compiler-rt-trunk-r304222, vendor/clang/clang-trunk-r304149, vendor/llvm/llvm-trunk-r304149, vendor/openssl/1.0.2l, vendor/lldb/lldb-trunk-r303571, vendor/lld/lld-trunk-r303571, vendor/libc++/libc++-trunk-r303571, vendor/compiler-rt/compiler-rt-trunk-r303571, vendor/clang/clang-trunk-r303571, vendor/llvm/llvm-trunk-r303571, vendor/lldb/lldb-trunk-r303291, vendor/lld/lld-trunk-r303291, vendor/libc++/libc++-trunk-r303291, vendor/compiler-rt/compiler-rt-trunk-r303291, vendor/clang/clang-trunk-r303291, vendor/llvm/llvm-trunk-r303291, vendor/lldb/lldb-trunk-r303197, vendor/lld/lld-trunk-r303197, vendor/libc++/libc++-trunk-r303197, vendor/compiler-rt/compiler-rt-trunk-r303197, vendor/clang/clang-trunk-r303197, vendor/llvm/llvm-trunk-r303197, vendor/Juniper/libxo/0.7.2, vendor/lldb/lldb-trunk-r302418, vendor/lld/lld-trunk-r302418, vendor/libc++/libc++-trunk-r302418, vendor/compiler-rt/compiler-rt-trunk-r302418, vendor/clang/clang-trunk-r302418, vendor/llvm/llvm-trunk-r302418, vendor/zstd/1.2.0, zfs-0.7.0-rc4, vendor/lldb/lldb-trunk-r302069, vendor/lld/lld-trunk-r302069, vendor/compiler-rt/compiler-rt-trunk-r302069, vendor/clang/clang-trunk-r302069, vendor/llvm/llvm-trunk-r302069, vendor/NetBSD/blacklist/20170503, vendor/lldb/lldb-trunk-r301939, vendor/lld/lld-trunk-r301939, vendor/compiler-rt/compiler-rt-trunk-r301939, vendor/clang/clang-trunk-r301939, vendor/llvm/llvm-trunk-r301939, vendor/openpam/RESEDACEA, vendor/less/v491, vendor/ena-com/1.1.4.1, vendor/llvm/llvm-trunk-r301441, vendor/lldb/lldb-trunk-r301441, vendor/lld/lld-trunk-r301441, vendor/libc++/libc++-trunk-r301441, vendor/libc++/libc++-trunk-r301939, vendor/libc++/libc++-trunk-r302069, vendor/compiler-rt/compiler-rt-trunk-r301441, vendor/clang/clang-trunk-r301441, vendor/less/v487, vendor/NetBSD/bmake/20170420, vendor/lldb/lldb-trunk-r300890, vendor/lld/lld-trunk-r300890, vendor/libc++/libc++-trunk-r300890, vendor/compiler-rt/compiler-rt-trunk-r300890, vendor/clang/clang-trunk-r300890, vendor/llvm/llvm-trunk-r300890, vendor/elftoolchain/elftoolchain-r3520, vendor/lldb/lldb-trunk-r300422, vendor/lld/lld-trunk-r300422, vendor/libc++/libc++-trunk-r300422, vendor/compiler-rt/compiler-rt-trunk-r300422, vendor/clang/clang-trunk-r300422, vendor/llvm/llvm-trunk-r300422, vendor/zstd/1.1.4, vendor/NetBSD/bmake/20170413, vendor/ck/20170407, vendor/tzdata/tzdata2017b, vendor/libcxxrt/2017-03-22-8a853717e61d5d55cbdf74d9d0a7545da5d5ff92, vendor/ntp/4.2.8p10, vendor/tcsh/6.20.00, vendor/dtc/1.4.3, vendor/lld/lld-release_400-r297347, vendor/libc++/libc++-release_400-r297347, vendor/clang/clang-release_400-r297347, vendor/llvm/llvm-release_400-r297347, vendor/edk2/7babb4372e6a34cbbc54249b25056272a5a9924c, vendor/device-tree/4.10, vendor/NetBSD/bmake/20170301, vendor/acpica/20170303, vendor/libarchive/3.3.1, vendor/dma/20170210, vendor/ck/20170228, vendor/llvm/llvm-release_40-r296509, vendor/acpica/20170224, vendor/lld/lld-release_40-r296202, vendor/lld/lld-release_40-r296509, vendor/clang/clang-release_40-r296202, vendor/clang/clang-release_40-r296509, vendor/llvm/llvm-release_40-r296202, vendor/clang/clang-release_40-r296002, vendor/llvm/llvm-release_40-r296002, vendor/clang/clang-release_40-r295910, vendor/llvm/llvm-release_40-r295910, vendor/mandoc/1.4.1, vendor/openpam/RADULA, vendor/mandoc/1.4.1rc2, vendor/libucl/20170219, vendor/libc++/libc++-release_40-r295380, vendor/libc++/libc++-release_40-r295910, vendor/libc++/libc++-release_40-r296002, vendor/libc++/libc++-release_40-r296202, vendor/libc++/libc++-release_40-r296509, vendor/compiler-rt/compiler-rt-release_40-r295380, vendor/compiler-rt/compiler-rt-release_40-r295910, vendor/compiler-rt/compiler-rt-release_40-r296002, vendor/compiler-rt/compiler-rt-release_40-r296202, vendor/compiler-rt/compiler-rt-release_40-r296509, vendor/compiler-rt/compiler-rt-release_400-r297347, vendor/clang/clang-release_40-r295380, vendor/llvm/llvm-release_40-r295380 |
|
#
8144690a |
| 16-Feb-2017 |
Eric van Gyzen <vangyzen@FreeBSD.org> |
Use inet_ntoa_r() instead of inet_ntoa() throughout the kernel
inet_ntoa() cannot be used safely in a multithreaded environment because it uses a static local buffer. Instead, use inet_ntoa_r() with
Use inet_ntoa_r() instead of inet_ntoa() throughout the kernel
inet_ntoa() cannot be used safely in a multithreaded environment because it uses a static local buffer. Instead, use inet_ntoa_r() with a buffer on the caller's stack.
Suggested by: glebius, emaste Reviewed by: gnn MFC after: 2 weeks Sponsored by: Dell EMC Differential Revision: https://reviews.freebsd.org/D9625
show more ...
|
Revision tags: vendor/libpcap/1.8.1, vendor/lld/lld-release_40-r294803, vendor/lld/lld-release_40-r295380, vendor/lld/lld-release_40-r295910, vendor/lld/lld-release_40-r296002, vendor/libc++/libc++-release_40-r294803, vendor/clang/clang-release_40-r294803, vendor/llvm/llvm-release_40-r294803, vendor/lld/lld-release_40-r294123, vendor/libc++/libc++-release_40-r294123, vendor/compiler-rt/compiler-rt-release_40-r294123, vendor/compiler-rt/compiler-rt-release_40-r294803, vendor/clang/clang-release_40-r294123, vendor/llvm/llvm-release_40-r294123, vendor/NetBSD/tests/02.04.2017_10.12, vendor/unbound/1.6.0, vendor/ldns/1.7.0, vendor/byacc/20170201, vendor/lld/lld-release_40-r293807, vendor/libc++/libc++-release_40-r293807, vendor/clang/clang-release_40-r293807, vendor/llvm/llvm-release_40-r293807, vendor/tcpdump/4.9.0, vendor/openssh/7.4p1, vendor/openssh/7.3p1, vendor/NetBSD/libedit/2016-03-21, vendor/openresolv/3.9.0, vendor/lld/lld-release_40-r293443, vendor/libc++/libc++-release_40-r293443, vendor/compiler-rt/compiler-rt-release_40-r293443, vendor/compiler-rt/compiler-rt-release_40-r293807, vendor/clang/clang-release_40-r293443, vendor/llvm/llvm-release_40-r293443, vendor/openssl/1.0.2k, vendor/libc++/libc++-release_40-r292951, vendor/clang/clang-release_40-r292951, vendor/llvm/llvm-release_40-r292951, vendor/lld/lld-release_40-r292732, vendor/lld/lld-release_40-r292951, vendor/libc++/libc++-release_40-r292732, vendor/clang/clang-release_40-r292732, vendor/llvm/llvm-release_40-r292732, vendor/mandoc/20170121, zfs-0.7.0-rc3, vendor/acpica/20170119, vendor/NetBSD/tests/01.17.2017_21.34, vendor/zlib/1.2.11, vendor/lldb/lldb-release_40-r292009, vendor/lldb/lldb-release_40-r292732, vendor/lldb/lldb-release_40-r292951, vendor/lldb/lldb-release_40-r293443, vendor/lldb/lldb-release_40-r293807, vendor/lldb/lldb-release_40-r294123, vendor/lldb/lldb-release_40-r294803, vendor/lldb/lldb-release_40-r295380, vendor/lldb/lldb-release_40-r295910, vendor/lldb/lldb-release_40-r296002, vendor/lldb/lldb-release_40-r296202, vendor/lldb/lldb-release_40-r296509, vendor/lldb/lldb-release_400-r297347, vendor/lld/lld-release_40-r292009, vendor/libc++/libc++-release_40-r292009, vendor/compiler-rt/compiler-rt-release_40-r292009, vendor/compiler-rt/compiler-rt-release_40-r292732, vendor/compiler-rt/compiler-rt-release_40-r292951, vendor/clang/clang-release_40-r292009, vendor/llvm/llvm-release_40-r292009, vendor/NetBSD/tests/01.11.2017_23.20, vendor/lldb/lldb-trunk-r291476, vendor/lld/lld-trunk-r291476, vendor/libc++/libc++-trunk-r291476, vendor/compiler-rt/compiler-rt-trunk-r291476, vendor/clang/clang-trunk-r291476, vendor/llvm/llvm-trunk-r291476, vendor/lldb/lldb-trunk-r291274, vendor/lld/lld-trunk-r291274, vendor/libc++/libc++-trunk-r291274, vendor/compiler-rt/compiler-rt-trunk-r291274, vendor/clang/clang-trunk-r291274, vendor/llvm/llvm-trunk-r291274, vendor/xz/5.2.3, vendor/clang/clang-trunk-r291015, vendor/llvm/llvm-trunk-r291015, vendor/lldb/lldb-trunk-r291012, vendor/lldb/lldb-trunk-r291015, vendor/lld/lld-trunk-r291012, vendor/lld/lld-trunk-r291015, vendor/libc++/libc++-trunk-r291012, vendor/libc++/libc++-trunk-r291015, vendor/compiler-rt/compiler-rt-trunk-r291012, vendor/compiler-rt/compiler-rt-trunk-r291015, vendor/clang/clang-trunk-r291012, vendor/llvm/llvm-trunk-r291012, vendor/zlib/1.2.10, vendor/zlib/1.2.8-full, vendor/lldb/lldb-trunk-r290819, vendor/lld/lld-trunk-r290819, vendor/libc++/libc++-trunk-r290819, vendor/compiler-rt/compiler-rt-trunk-r290819, vendor/clang/clang-trunk-r290819, vendor/llvm/llvm-trunk-r290819, vendor/ck/20161230, vendor/heirloom-doctools/20161106, vendor/acpica/20161222, vendor/NetBSD/bmake/20161212, vendor/clang/clang-release_391-r289601, vendor/llvm/llvm-release_39-r288847, vendor/llvm/llvm-release_391-r289601, vendor/openbsm/1.2-ALPHA-5, vendor/byacc/20161202, vendor/tzdata/tzdata2016j, vendor/lld/lld-release_39-r288513, vendor/lld/lld-release_39-r288847, vendor/lld/lld-release_391-r289601, vendor/compiler-rt/compiler-rt-release_39-r288513, vendor/compiler-rt/compiler-rt-release_39-r288847, vendor/compiler-rt/compiler-rt-release_391-r289601, vendor/clang/clang-release_39-r288513, vendor/clang/clang-release_39-r288847, vendor/llvm/llvm-release_39-r288513, vendor/subversion/subversion-1.9.5, vendor/ck/20161128, vendor/lldb/lldb-release_39-r287912, vendor/lldb/lldb-release_39-r288513, vendor/lldb/lldb-release_39-r288847, vendor/lldb/lldb-release_391-r289601, vendor/lld/lld-release_39-r287912, vendor/libc++/libc++-release_39-r287912, vendor/libc++/libc++-release_39-r288513, vendor/libc++/libc++-release_39-r288847, vendor/libc++/libc++-release_391-r289601, vendor/compiler-rt/compiler-rt-release_39-r287912, vendor/clang/clang-release_39-r287912, vendor/llvm/llvm-release_39-r287912, vendor/ntp/4.2.8p9, vendor/acpica/20161117, vendor/file/5.29, vendor/tzdata/tzdata2016i, vendor/bind9/9.9.9-P4, zfs-0.7.0-rc2, vendor/heirloom-doctools/20161025, vendor/libarchive/3.2.2, vendor/heirloom-doctools/20161016, vendor/tzdata/tzdata2016h, vendor/tzdata/tzdata2016g, vendor/heirloom-doctools/20161006, vendor/byacc/20160606, vendor/libucl/20160812, vendor/dma/20160929, vendor/acpica/20160930, release/11.0.1, upstream/11.0.1, vendor/bind9/9.9.9-P3, vendor/unbound/1.5.10, vendor/openssl/1.0.2j, release/11.0.0, upstream/11.0.0, vendor/openssl/1.0.1u, vendor/openssl/1.0.2i, vendor/alpine-hal/2.7a, vendor/cortex-strings/linaro-eb80ac, vendor/NetBSD/bmake/20160818, zfs-0.7.0-rc1, vendor/unbound/1.5.9, vendor/clang/clang-release_390-r280324, vendor/acpica/20160831, vendor/elftoolchain/elftoolchain-r3490, vendor/amd/6.2, vendor/llvm/llvm-release_39-r279689, vendor/llvm/llvm-release_390-r280324, vendor/lld/lld-release_39-r279689, vendor/lld/lld-release_390-r280324, vendor/lld/lldb-release_39-r279477, vendor/libc++/libc++-release_39-r279477, vendor/libc++/libc++-release_39-r279689, vendor/libc++/libc++-release_390-r280324, vendor/compiler-rt/compiler-rt-release_39-r279477, vendor/compiler-rt/compiler-rt-release_39-r279689, vendor/compiler-rt/compiler-rt-release_390-r280324, vendor/clang/clang-release_39-r279477, vendor/clang/clang-release_39-r279689, vendor/llvm/llvm-release_39-r279477, vendor/sqlite3/sqlite-3140100, vendor/dma/20160806, vendor/lldb/lldb-release_39-r278877, vendor/lldb/lldb-release_39-r279477, vendor/lldb/lldb-release_39-r279689, vendor/lldb/lldb-release_390-r280324, vendor/lld/lld-release_39-r278877, vendor/libc++/libc++-release_39-r278877, vendor/compiler-rt/compiler-rt-release_39-r278877, vendor/clang/clang-release_39-r278877, vendor/llvm/llvm-release_39-r278877, vendor/NetBSD/tests/08.11.2016_18.01 |
|
#
0ce1624d |
| 09-Aug-2016 |
Stephen J. Kiernan <stevek@FreeBSD.org> |
Move IPv4-specific jail functions to new file netinet/in_jail.c _prison_check_ip4 renamed to prison_check_ip4_locked
Move IPv6-specific jail functions to new file netinet6/in6_jail.c _prison_check_i
Move IPv4-specific jail functions to new file netinet/in_jail.c _prison_check_ip4 renamed to prison_check_ip4_locked
Move IPv6-specific jail functions to new file netinet6/in6_jail.c _prison_check_ip6 renamed to prison_check_ip6_locked
Add appropriate prototypes to sys/sys/jail.h
Adjust kern_jail.c to call prison_check_ip4_locked and prison_check_ip6_locked accordingly.
Add netinet/in_jail.c and netinet6/in6_jail.c to the list of files that need to be built when INET and INET6, respectively, are configured in the kernel configuration file.
Reviewed by: jtl Approved by: sjg (mentor) Sponsored by: Juniper Networks, Inc. Differential Revision: https://reviews.freebsd.org/D6799
show more ...
|
Revision tags: vendor/acpica/20160729, vendor/device-tree/devicetree-965f3718, vendor/libdivsufsort/0.0.2015.10.27, vendor/lldb/lldb-release_39-r276489, vendor/lld/lld-release_39-r276489, vendor/libc++/libc++-release_39-r276489, vendor/compiler-rt/compiler-rt-release_39-r276489, vendor/clang/clang-release_39-r276489, vendor/llvm/llvm-release_39-r276489, vendor/mandoc/1.13.4, vendor/openresolv/3.8.1, vendor/llvm-libunwind/libunwind-r272680, vendor/Juniper/libxo/0.6.3, vendor/expat/2.2.0, vendor/file/5.28, vendor/libarchive/3.2.1, vendor/ldns-host/hg-20160610-170001 |
|
#
932a6e43 |
| 09-Jun-2016 |
Jamie Gritton <jamie@FreeBSD.org> |
Fix a vnode leak when giving a child jail a too-long path when debug.disablefullpath=1.
|
#
cf0313c6 |
| 09-Jun-2016 |
Jamie Gritton <jamie@FreeBSD.org> |
Re-order some jail parameter reading to prevent a vnode leak.
|
#
176ff3a0 |
| 09-Jun-2016 |
Jamie Gritton <jamie@FreeBSD.org> |
Clean up some logic in jail error messages, replacing a missing test and a redundant test with a single correct test.
|
Revision tags: vendor/ldns-host/hg-20160501-114105 |
|
#
ef0ddea3 |
| 09-Jun-2016 |
Jamie Gritton <jamie@FreeBSD.org> |
Make sure the OSD methods for jail set and remove can't run concurrently, by holding allprison_lock exclusively (even if only for a moment before downgrading) on all paths that call PR_METHOD_REMOVE.
Make sure the OSD methods for jail set and remove can't run concurrently, by holding allprison_lock exclusively (even if only for a moment before downgrading) on all paths that call PR_METHOD_REMOVE. Since they may run on a downgraded lock, it's still possible for them to run concurrently with PR_METHOD_GET, which will need to use the prison lock.
show more ...
|
Revision tags: vendor/NetBSD/libc-vis/20160608, vendor/NetBSD/bmake/20160606, vendor/NetBSD/bmake/20160604, vendor/libucl/20160604, vendor/ntp/4.2.8p8, vendor/NetBSD/blacklist/20160409 |
|
#
ee8d6bd3 |
| 30-May-2016 |
Jamie Gritton <jamie@FreeBSD.org> |
Mark jail(2), and the sysctls that it (and only it) uses as deprecated. jail(8) has long used jail_set(2), and those sysctl only cause confusion.
|
Revision tags: vendor/Juniper/libxo/0.6.2, vendor/acpica/20160527, vendor/skein/1.3, vendor/elftoolchain/elftoolchain-r3477, vendor/NetBSD/bmake/20160512, vendor/elftoolchain/elftoolchain-r3475, vendor/file/5.27, vendor/libarchive/3.2.0, vendor/libcxxrt/2016-03-29-516a65c109eb0a01e5e95fbef455eb3215135cef, vendor/openssl/1.0.1t, vendor/openssl/1.0.2h |
|
#
e3043798 |
| 29-Apr-2016 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
sys/kern: spelling fixes in comments.
No functional change.
|
Revision tags: vendor/subversion/subversion-1.9.4, vendor/ntp/4.2.8p7 |
|
#
73d9e52d |
| 27-Apr-2016 |
Jamie Gritton <jamie@FreeBSD.org> |
Delay revmoing the last jail reference in prison_proc_free, and instead put it off into the pr_task. This is similar to prison_free, and in fact uses the same task even though they do something slig
Delay revmoing the last jail reference in prison_proc_free, and instead put it off into the pr_task. This is similar to prison_free, and in fact uses the same task even though they do something slightly different.
This resolves a LOR between the process lock and allprison_lock, which came about in r298565.
PR: 48471
show more ...
|
#
1fb6767d |
| 26-Apr-2016 |
Jamie Gritton <jamie@FreeBSD.org> |
Use crcopysafe in jail_attach.
|
Revision tags: vendor/acpica/20160422 |
|
#
b6f47c23 |
| 25-Apr-2016 |
Jamie Gritton <jamie@FreeBSD.org> |
Pass the current/new jail to PR_METHOD_CHECK, which pushes the call until after the jail is found or created. This requires unlocking the jail for the call and re-locking it afterward, but that work
Pass the current/new jail to PR_METHOD_CHECK, which pushes the call until after the jail is found or created. This requires unlocking the jail for the call and re-locking it afterward, but that works because nothing in the jail has been changed yet, and other processes won't change the important fields as long as allprison_lock remains held.
Keep better track of name vs namelc in kern_jail_set. Name should always be the hierarchical name (relative to the caller), and namelc the last component.
PR: 48471 MFC after: 5 days
show more ...
|
#
cc5fd8c7 |
| 25-Apr-2016 |
Jamie Gritton <jamie@FreeBSD.org> |
Add a new jail OSD method, PR_METHOD_REMOVE. It's called when a jail is removed from the user perspective, i.e. when the last pr_uref goes away, even though the jail mail still exist in the dying st
Add a new jail OSD method, PR_METHOD_REMOVE. It's called when a jail is removed from the user perspective, i.e. when the last pr_uref goes away, even though the jail mail still exist in the dying state. It will also be called if either PR_METHOD_CREATE or PR_METHOD_SET fail.
PR: 48471 MFC after: 5 days
show more ...
|
#
2a549507 |
| 25-Apr-2016 |
Jamie Gritton <jamie@FreeBSD.org> |
Remove the PR_REMOVE flag, which was meant as a temporary marker for a jail that might be seen mid-removal. It hasn't been doing the right thing since at least the ability to resurrect dying jails,
Remove the PR_REMOVE flag, which was meant as a temporary marker for a jail that might be seen mid-removal. It hasn't been doing the right thing since at least the ability to resurrect dying jails, and such resurrection also makes it unnecessary.
show more ...
|
Revision tags: vendor/netcat/5.9 |
|
#
02abd400 |
| 19-Apr-2016 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
kernel: use our nitems() macro when it is available through param.h.
No functional change, only trivial cases are done in this sweep,
Discussed in: freebsd-current
|
Revision tags: vendor/file/5.26, vendor/openresolv/3.8.0, vendor/libucl/libucl-0.8.0, vendor/sqlite3/sqlite-3120100, vendor/Juniper/libxo/0.6.1, vendor/Juniper/libxo/0.6.0, vendor/Juniper/libxo/0.4.7, vendor/Juniper/libxo/0.4.6, vendor/byacc/20160324, release/10.3.0, upstream/10.3.0, vendor/acpica/20160318, vendor/NetBSD/bmake/20160315, vendor/Juniper/libxo/0.4.5, vendor/NetBSD/bmake/20160307, vendor/openssh/7.2p2, vendor/openssh/7.2p1, vendor/bind9/9.9.8-P4, vendor/unbound/1.5.8, vendor/clang/clang-release_380-r262564, vendor/llvm/llvm-release_380-r262564, vendor/openssl/1.0.1s, vendor/openssl/1.0.2g, vendor/byacc/20150711, vendor/byacc/20141128, vendor/openresolv/3.7.3, vendor/NetBSD/libedit/2016-02-27, vendor/clang/clang-release_38-r261684, vendor/llvm/llvm-release_38-r261684, vendor/libc++/libc++-release_38-r261369, vendor/libc++/libc++-release_380-r262564, vendor/compiler-rt/compiler-rt-release_38-r261369, vendor/compiler-rt/compiler-rt-release_380-r262564, vendor/clang/clang-release_38-r261369, vendor/llvm/llvm-release_38-r261369, vendor/lldb/lldb-release_38-r260756, vendor/lldb/lldb-release_380-r262564, vendor/libc++/libc++-release_38-r260756, vendor/compiler-rt/compiler-rt-release_38-r260756, vendor/clang/clang-release_38-r260756, vendor/llvm/llvm-release_38-r260756, vendor/acpica/20160212, vendor/elftoolchain/elftoolchain-r3399, vendor/elftoolchain/elftoolchain-r3395, vendor/NetBSD/libedit/2016-01-30, vendor/openresolv/3.7.2, vendor/device-tree/ianc-afaecb70, vendor/openssl/1.0.1r, vendor/openssl/1.0.2f, vendor/lldb/lldb-release_38-r258968, vendor/lld/lld-release_38-r258968, vendor/lld/lld-release_380-r262564, vendor/libc++/libc++-release_38-r258968, vendor/compiler-rt/compiler-rt-release_38-r258968, vendor/clang/clang-release_38-r258968, vendor/llvm/llvm-release_38-r258968, vendor/alpine-hal/2.7, vendor/libc++/libc++-release_38-r258549, vendor/clang/clang-release_38-r258549, vendor/llvm/llvm-release_38-r258549, vendor/ntp/4.2.8p6, vendor/bind9/9.9.8-P3, vendor/openssh/7.1p2, vendor/lldb/lldb-release_38-r257836, vendor/libc++/libc++-release_38-r257836, vendor/clang/clang-release_38-r257836, vendor/llvm/llvm-release_38-r257836, vendor/mandoc/20160116, vendor/lldb/lldb-trunk-r257626, vendor/lld/lld-trunk-r257626, vendor/libc++/r257626, vendor/compiler-rt/compiler-rt-trunk-r257626, vendor/clang/clang-trunk-r257626, vendor/llvm/llvm-trunk-r257626, vendor/acpica/20160108, vendor/ntp/4.2.8p5, vendor/lldb/lldb-trunk-r256945, vendor/lld/lld-trunk-r256945, vendor/libc++/r256945, vendor/compiler-rt/compiler-rt-trunk-r256945, vendor/clang/clang-trunk-r256945, vendor/llvm/llvm-trunk-r256945, vendor/llvm-libunwind/libunwind-r256779, vendor/less/v481, vendor/lldb/lldb-trunk-r256633, vendor/llvm/llvm-trunk-r256633, vendor/lld/lld-trunk-r256633, vendor/libc++/r256633, vendor/compiler-rt/compiler-rt-trunk-r256633, vendor/clang/clang-trunk-r256633, vendor/clang/clang-release_371-r255217, vendor/llvm/llvm-release_371-r255217, vendor/NetBSD/bmake/20151220, vendor/acpica/20151218, vendor/bind9/9.9.8-P2 |
|
#
6ab6058e |
| 15-Dec-2015 |
Jamie Gritton <jamie@FreeBSD.org> |
Fix jail name checking that disallowed anything that starts with '0'. The intention was to just limit leading zeroes on numeric names. That check is now improved to also catch the leading spaces and
Fix jail name checking that disallowed anything that starts with '0'. The intention was to just limit leading zeroes on numeric names. That check is now improved to also catch the leading spaces and '+' that strtoul can pass through.
PR: 204897 MFC after: 3 days
show more ...
|
Revision tags: vendor/unbound/1.5.7, vendor/unbound/1.5.6, vendor/elftoolchain/elftoolchain-r3272, vendor/openbsm/1.2-ALPHA-4, vendor/NetBSD/bmake/20151201, vendor/openssl/0.9.8zh, vendor/openssl/1.0.1q, vendor/openssl/1.0.2e, vendor/acpica/20151124, vendor/xz/5.2.2 |
|
#
15db3c07 |
| 15-Nov-2015 |
Edward Tomasz Napierala <trasz@FreeBSD.org> |
Speed up rctl operation with large rulesets, by holding the lock during iteration instead of relocking it for each traversed rule.
Reviewed by: mjg@ MFC after: 1 month Sponsored by: The FreeBSD Foun
Speed up rctl operation with large rulesets, by holding the lock during iteration instead of relocking it for each traversed rule.
Reviewed by: mjg@ MFC after: 1 month Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D4110
show more ...
|
Revision tags: vendor/tzdata/tzdata2015g, vendor/libucl/20151027, vendor/openssl/1.0.2d, vendor/NetBSD/bmake/20151020, vendor/ntp/4.2.8p4, vendor/wpa/2.5, vendor/subversion/subversion-1.9.2, vendor/dma/0.10, vendor/elftoolchain/elftoolchain-r3250, vendor/unbound/1.5.5, vendor/bind9/9.9.8, vendor/acpica/20150930, vendor/netcat/5.8, vendor/llvm-libunwind/libunwind-r246528, vendor/file/5.25, vendor/unbound/1.5.4, zfs-0.6.5, vendor/libc++/libc++-release_370-r246257, vendor/compiler-rt/compiler-rt-release_370-r246257, vendor/lldb/lldb-release_370-r246257, vendor/clang/clang-release_370-r246257, vendor/llvm/llvm-release_370-r246257, vendor/lldb/lldb-trunk-r242221, vendor/file/5.24, vendor/openssh/7.1p1, vendor/openssh/7.0p1, vendor/acpica/20150818, vendor/pciids/pciids-20150815, vendor/tzdata/tzdata2015f, release/10.2.0, upstream/10.2.0, vendor/sqlite3/sqlite-3081101, vendor/subversion/subversion-1.8.14, vendor/serf/serf-1.3.8, vendor/apr/apr-1.5.2, vendor/clang/clang-trunk-r242221, vendor/llvm/llvm-trunk-r242221, vendor/bind9/9.9.7-P2, vendor/acpica/20150717 |
|
#
f19e47d6 |
| 19-Jul-2015 |
Marcelo Araujo <araujo@FreeBSD.org> |
Add support to the jail framework to be able to mount linsysfs(5) and linprocfs(5).
Differential Revision: D2846 Submitted by: Nikolai Lifanov <lifanov@mail.lifanov.com> Reviewed by: jamie
|