aboutsummaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/acpi/acpidump/acpi.c9
-rw-r--r--usr.sbin/bsdinstall/bsdinstall.84
-rw-r--r--usr.sbin/ctld/ctld.cc5
-rw-r--r--usr.sbin/ctld/ctld.hh1
-rw-r--r--usr.sbin/ctld/nvmf.cc77
-rw-r--r--usr.sbin/ctld/nvmf.hh16
-rw-r--r--usr.sbin/iovctl/iovctl.82
-rw-r--r--usr.sbin/jail/jail.813
-rw-r--r--usr.sbin/nfsuserd/nfsuserd.c16
-rw-r--r--usr.sbin/pw/pwupd.c2
-rwxr-xr-xusr.sbin/unbound/setup/local-unbound-setup.sh1
11 files changed, 76 insertions, 70 deletions
diff --git a/usr.sbin/acpi/acpidump/acpi.c b/usr.sbin/acpi/acpidump/acpi.c
index 63613d5a4707..026795118832 100644
--- a/usr.sbin/acpi/acpidump/acpi.c
+++ b/usr.sbin/acpi/acpidump/acpi.c
@@ -1913,16 +1913,19 @@ acpi_handle_ivrs_ivmd_type(ACPI_IVRS_MEMORY *addr)
static void
acpi_handle_ivrs_ivmd(ACPI_IVRS_MEMORY *addr)
{
+ UINT16 x16;
+
printf("\tMem Type=%#x(%s) ",
addr->Header.Type, acpi_handle_ivrs_ivmd_type(addr));
switch (addr->Header.Type) {
case ACPI_IVRS_TYPE_MEMORY2:
- printf("Id=%#06x PCISeg=%#x ", addr->Header.DeviceId,
- *(UINT16 *)&addr->Reserved);
+ memcpy(&x16, &addr->Reserved, sizeof(x16));
+ printf("Id=%#06x PCISeg=%#x ", addr->Header.DeviceId, x16);
break;
case ACPI_IVRS_TYPE_MEMORY3:
+ memcpy(&x16, &addr->Reserved, sizeof(x16));
printf("Id=%#06x-%#06x PCISeg=%#x", addr->Header.DeviceId,
- addr->AuxData, *(UINT16 *)&addr->Reserved);
+ addr->AuxData, x16);
break;
}
printf("Start=%#18jx Length=%#jx Flags=",
diff --git a/usr.sbin/bsdinstall/bsdinstall.8 b/usr.sbin/bsdinstall/bsdinstall.8
index 6175d26b4fd3..ee141e1d4296 100644
--- a/usr.sbin/bsdinstall/bsdinstall.8
+++ b/usr.sbin/bsdinstall/bsdinstall.8
@@ -247,7 +247,7 @@ Extracts the distributions listed in
.Ev DISTRIBUTIONS
into
.Ev BSDINSTALL_CHROOT .
-.It Cm pkgbase Op Fl --jail
+.It Cm pkgbase Op Fl -jail
Fetch and install base system packages to
.Ev BSDINSTALL_CHROOT .
Packages are fetched according to repository configuration in
@@ -256,7 +256,7 @@ if set, or
.Lk pkg.freebsd.org
otherwise.
If the
-.Fl --jail
+.Fl -jail
option is passed, no kernel is installed, and the
.Dq jail
variant of each package set will be selected where applicable.
diff --git a/usr.sbin/ctld/ctld.cc b/usr.sbin/ctld/ctld.cc
index 10c12f25068e..331c029e282e 100644
--- a/usr.sbin/ctld/ctld.cc
+++ b/usr.sbin/ctld/ctld.cc
@@ -814,6 +814,11 @@ portal_group::open_sockets(struct conf &oldconf)
}
for (portal_up &portal : pg_portals) {
+ if (!portal->prepare()) {
+ cumulated_error++;
+ continue;
+ }
+
/*
* Try to find already open portal and reuse the
* listening socket. We don't care about what portal
diff --git a/usr.sbin/ctld/ctld.hh b/usr.sbin/ctld/ctld.hh
index cc88e6eb590e..3bf18f6a32c0 100644
--- a/usr.sbin/ctld/ctld.hh
+++ b/usr.sbin/ctld/ctld.hh
@@ -151,6 +151,7 @@ struct portal {
p_protocol(protocol) {}
virtual ~portal() = default;
+ virtual bool prepare() { return true; }
bool reuse_socket(portal &oldp);
bool init_socket();
virtual bool init_socket_options(int s __unused) { return true; }
diff --git a/usr.sbin/ctld/nvmf.cc b/usr.sbin/ctld/nvmf.cc
index d1240bfa4f6c..eb116903f5c1 100644
--- a/usr.sbin/ctld/nvmf.cc
+++ b/usr.sbin/ctld/nvmf.cc
@@ -34,11 +34,8 @@
struct nvmf_io_portal final : public nvmf_portal {
nvmf_io_portal(struct portal_group *pg, const char *listen,
- portal_protocol protocol, freebsd::addrinfo_up ai,
- const struct nvmf_association_params &aparams,
- nvmf_association_up na) :
- nvmf_portal(pg, listen, protocol, std::move(ai), aparams,
- std::move(na)) {}
+ portal_protocol protocol, freebsd::addrinfo_up ai) :
+ nvmf_portal(pg, listen, protocol, std::move(ai)) {}
void handle_connection(freebsd::fd_up fd, const char *host,
const struct sockaddr *client_sa) override;
@@ -63,8 +60,6 @@ struct nvmf_transport_group final : public portal_group {
override;
private:
- struct nvmf_association_params init_aparams(portal_protocol protocol);
-
static uint16_t last_port_id;
};
@@ -143,48 +138,55 @@ parse_number(const nvlist_t *nvl, const char *key, uint64_t def, uint64_t minv,
return def;
}
-struct nvmf_association_params
-nvmf_transport_group::init_aparams(portal_protocol protocol)
+bool
+nvmf_portal::prepare()
{
- struct nvmf_association_params params;
- memset(&params, 0, sizeof(params));
+ memset(&p_aparams, 0, sizeof(p_aparams));
/* Options shared between discovery and I/O associations. */
- const nvlist_t *nvl = pg_options.get();
- params.tcp.header_digests = parse_bool(nvl, "HDGST", false);
- params.tcp.data_digests = parse_bool(nvl, "DDGST", false);
- uint64_t value = parse_number(nvl, "MAXH2CDATA", DEFAULT_MAXH2CDATA,
- 4096, UINT32_MAX);
+ freebsd::nvlist_up nvl = portal_group()->options();
+ p_aparams.tcp.header_digests = parse_bool(nvl.get(), "HDGST", false);
+ p_aparams.tcp.data_digests = parse_bool(nvl.get(), "DDGST", false);
+ uint64_t value = parse_number(nvl.get(), "MAXH2CDATA",
+ DEFAULT_MAXH2CDATA, 4096, UINT32_MAX);
if (value % 4 != 0) {
log_warnx("Invalid value \"%ju\" for option MAXH2CDATA",
(uintmax_t)value);
value = DEFAULT_MAXH2CDATA;
}
- params.tcp.maxh2cdata = value;
+ p_aparams.tcp.maxh2cdata = value;
- switch (protocol) {
+ switch (protocol()) {
case portal_protocol::NVME_TCP:
- params.sq_flow_control = parse_bool(nvl, "SQFC", false);
- params.dynamic_controller_model = true;
- params.max_admin_qsize = parse_number(nvl, "max_admin_qsize",
- NVME_MAX_ADMIN_ENTRIES, NVME_MIN_ADMIN_ENTRIES,
- NVME_MAX_ADMIN_ENTRIES);
- params.max_io_qsize = parse_number(nvl, "max_io_qsize",
+ p_aparams.sq_flow_control = parse_bool(nvl.get(), "SQFC",
+ false);
+ p_aparams.dynamic_controller_model = true;
+ p_aparams.max_admin_qsize = parse_number(nvl.get(),
+ "max_admin_qsize", NVME_MAX_ADMIN_ENTRIES,
+ NVME_MIN_ADMIN_ENTRIES, NVME_MAX_ADMIN_ENTRIES);
+ p_aparams.max_io_qsize = parse_number(nvl.get(), "max_io_qsize",
NVME_MAX_IO_ENTRIES, NVME_MIN_IO_ENTRIES,
NVME_MAX_IO_ENTRIES);
- params.tcp.pda = 0;
+ p_aparams.tcp.pda = 0;
break;
case portal_protocol::NVME_DISCOVERY_TCP:
- params.sq_flow_control = false;
- params.dynamic_controller_model = true;
- params.max_admin_qsize = NVME_MAX_ADMIN_ENTRIES;
- params.tcp.pda = 0;
+ p_aparams.sq_flow_control = false;
+ p_aparams.dynamic_controller_model = true;
+ p_aparams.max_admin_qsize = NVME_MAX_ADMIN_ENTRIES;
+ p_aparams.tcp.pda = 0;
break;
default:
__assert_unreachable();
}
- return params;
+ p_association.reset(nvmf_allocate_association(NVMF_TRTYPE_TCP, true,
+ &p_aparams));
+ if (!p_association) {
+ log_warn("Failed to create NVMe controller association");
+ return false;
+ }
+
+ return true;
}
portal_group_up
@@ -209,15 +211,12 @@ bool
nvmf_transport_group::add_portal(const char *value, portal_protocol protocol)
{
freebsd::addrinfo_up ai;
- enum nvmf_trtype trtype;
switch (protocol) {
case portal_protocol::NVME_TCP:
- trtype = NVMF_TRTYPE_TCP;
ai = parse_addr_port(value, "4420");
break;
case portal_protocol::NVME_DISCOVERY_TCP:
- trtype = NVMF_TRTYPE_TCP;
ai = parse_addr_port(value, "8009");
break;
default:
@@ -230,14 +229,6 @@ nvmf_transport_group::add_portal(const char *value, portal_protocol protocol)
return false;
}
- struct nvmf_association_params aparams = init_aparams(protocol);
- nvmf_association_up association(nvmf_allocate_association(trtype, true,
- &aparams));
- if (!association) {
- log_warn("Failed to create NVMe controller association");
- return false;
- }
-
/*
* XXX: getaddrinfo(3) may return multiple addresses; we should turn
* those into multiple portals.
@@ -246,10 +237,10 @@ nvmf_transport_group::add_portal(const char *value, portal_protocol protocol)
portal_up portal;
if (protocol == portal_protocol::NVME_DISCOVERY_TCP) {
portal = std::make_unique<nvmf_discovery_portal>(this, value,
- protocol, std::move(ai), aparams, std::move(association));
+ protocol, std::move(ai));
} else {
portal = std::make_unique<nvmf_io_portal>(this, value,
- protocol, std::move(ai), aparams, std::move(association));
+ protocol, std::move(ai));
need_tcp_transport = true;
}
diff --git a/usr.sbin/ctld/nvmf.hh b/usr.sbin/ctld/nvmf.hh
index 0b4f8d45adfd..6f34a2858ef9 100644
--- a/usr.sbin/ctld/nvmf.hh
+++ b/usr.sbin/ctld/nvmf.hh
@@ -38,13 +38,12 @@ using nvmf_qpair_up = std::unique_ptr<nvmf_qpair, nvmf_qpair_deleter>;
struct nvmf_portal : public portal {
nvmf_portal(struct portal_group *pg, const char *listen,
- portal_protocol protocol, freebsd::addrinfo_up ai,
- const struct nvmf_association_params &aparams,
- nvmf_association_up na) :
- portal(pg, listen, protocol, std::move(ai)),
- p_aparams(aparams), p_association(std::move(na)) {}
+ portal_protocol protocol, freebsd::addrinfo_up ai) :
+ portal(pg, listen, protocol, std::move(ai)) {}
virtual ~nvmf_portal() override = default;
+ virtual bool prepare() override;
+
const struct nvmf_association_params *aparams() const
{ return &p_aparams; }
@@ -58,11 +57,8 @@ private:
struct nvmf_discovery_portal final : public nvmf_portal {
nvmf_discovery_portal(struct portal_group *pg, const char *listen,
- portal_protocol protocol, freebsd::addrinfo_up ai,
- const struct nvmf_association_params &aparams,
- nvmf_association_up na) :
- nvmf_portal(pg, listen, protocol, std::move(ai), aparams,
- std::move(na)) {}
+ portal_protocol protocol, freebsd::addrinfo_up ai) :
+ nvmf_portal(pg, listen, protocol, std::move(ai)) {}
void handle_connection(freebsd::fd_up fd, const char *host,
const struct sockaddr *client_sa) override;
diff --git a/usr.sbin/iovctl/iovctl.8 b/usr.sbin/iovctl/iovctl.8
index 5c7b01c249a0..2574503e5ae7 100644
--- a/usr.sbin/iovctl/iovctl.8
+++ b/usr.sbin/iovctl/iovctl.8
@@ -95,7 +95,7 @@ and
options, this file will only be used to specify the name of the PF device.
.Pp
See
-.Xr iovctl.conf
+.Xr iovctl.conf 5
for a description of the config file format and documentation of the
configuration parameters that apply to all PF drivers.
See the PF driver manual page for configuration parameters specific to
diff --git a/usr.sbin/jail/jail.8 b/usr.sbin/jail/jail.8
index d44b7f66a64e..9aed9b671b9e 100644
--- a/usr.sbin/jail/jail.8
+++ b/usr.sbin/jail/jail.8
@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd September 15, 2025
+.Dd October 8, 2025
.Dt JAIL 8
.Os
.Sh NAME
@@ -705,8 +705,8 @@ The super-user is enabled by default.
Allow privileged processes in the jail to manipulate filesystem extended
attributes in the system namespace.
.It Va allow.adjtime
-Allow privileged processes in the jail to slowly adjusting global operating system
-time.
+Allow privileged processes in the jail to slowly adjusting global operating
+system time.
For example through utilities like
.Xr ntpd 8 .
.It Va allow.settime
@@ -1009,7 +1009,7 @@ jail is removed.
.It Va ip4.addr
In addition to the IP addresses that are passed to the kernel, an
interface, netmask and additional parameters (as supported by
-.Xr ifconfig 8 Ns )
+.Xr ifconfig 8 )
may also be specified, in the form
.Dq Ar interface Ns | Ns Ar ip-address Ns / Ns Ar netmask param ... .
If an interface is given before the IP address, an alias for the address
@@ -1023,11 +1023,12 @@ adding the IP alias.
.It Va ip6.addr
In addition to the IP addresses that are passed to the kernel,
an interface, prefix and additional parameters (as supported by
-.Xr ifconfig 8 Ns )
+.Xr ifconfig 8 )
may also be specified, in the form
.Dq Ar interface Ns | Ns Ar ip-address Ns / Ns Ar prefix param ... .
.It Va vnet.interface
-A list of network interfaces to give to a vnet-enabled jail after is it created.
+A comma separated list of network interfaces to give to a vnet-enabled jail
+after is it created.
The interfaces will automatically be released when the jail is removed.
.It Va zfs.dataset
A list of ZFS datasets to be attached to the jail.
diff --git a/usr.sbin/nfsuserd/nfsuserd.c b/usr.sbin/nfsuserd/nfsuserd.c
index 29d816934600..058253beaf95 100644
--- a/usr.sbin/nfsuserd/nfsuserd.c
+++ b/usr.sbin/nfsuserd/nfsuserd.c
@@ -421,8 +421,12 @@ main(int argc, char *argv[])
/* Get the group list for this user. */
ngroup = NGROUPS;
if (getgrouplist(pwd->pw_name, pwd->pw_gid, grps,
- &ngroup) < 0)
- syslog(LOG_ERR, "Group list too small");
+ &ngroup) < 0) {
+ syslog(LOG_ERR,
+ "Group list of user '%s' too big",
+ pwd->pw_name);
+ ngroup = NGROUPS;
+ }
nid.nid_ngroup = ngroup;
nid.nid_grps = grps;
} else {
@@ -621,8 +625,12 @@ nfsuserdsrv(struct svc_req *rqstp, SVCXPRT *transp)
/* Get the group list for this user. */
ngroup = NGROUPS;
if (getgrouplist(pwd->pw_name, pwd->pw_gid,
- grps, &ngroup) < 0)
- syslog(LOG_ERR, "Group list too small");
+ grps, &ngroup) < 0) {
+ syslog(LOG_ERR,
+ "Group list of user '%s' too big",
+ pwd->pw_name);
+ ngroup = NGROUPS;
+ }
nid.nid_ngroup = ngroup;
nid.nid_grps = grps;
} else {
diff --git a/usr.sbin/pw/pwupd.c b/usr.sbin/pw/pwupd.c
index 89c1553c8c92..845a607ab1cb 100644
--- a/usr.sbin/pw/pwupd.c
+++ b/usr.sbin/pw/pwupd.c
@@ -119,7 +119,7 @@ pw_update(struct passwd * pwd, char const * user)
*/
if (pw_mkdb(pw != NULL ? pw->pw_name : NULL) == -1) {
pw_fini();
- err(1, "pw_mkdb()");
+ errx(1, "pw_mkdb()");
}
free(pw);
pw_fini();
diff --git a/usr.sbin/unbound/setup/local-unbound-setup.sh b/usr.sbin/unbound/setup/local-unbound-setup.sh
index d57d74952fc7..25cfef48b6f0 100755
--- a/usr.sbin/unbound/setup/local-unbound-setup.sh
+++ b/usr.sbin/unbound/setup/local-unbound-setup.sh
@@ -261,6 +261,7 @@ gen_unbound_conf() {
if [ "${use_tls}" = "yes" ] ; then
echo " tls-cert-bundle: /etc/ssl/cert.pem"
fi
+ echo " so-sndbuf: 0"
echo ""
if [ -f "${forward_conf}" ] ; then
echo "include: ${forward_conf}"
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-10 18:35:17 +0000