MFH

Sponsored by:	The FreeBSD Foundation

Makefile

@@ -468,7 +468,8 @@ _THINNER=cat
 _THINNER=xargs grep -L "^.NO_UNIVERSE" || true
 .endif
 KERNCONFS!=	cd ${KERNSRCDIR}/${TARGET}/conf && \
-		find [A-Z0-9]*[A-Z0-9] -type f -maxdepth 0 \
+		find [[:upper:][:digit:]]*[[:upper:][:digit:]] \
+		-type f -maxdepth 0 \
 		! -name DEFAULTS ! -name NOTES | \
 		${_THINNER}
 universe_kernconfs:

bin/dd/args.c

@@ -360,10 +360,10 @@ c_conv(const void *a, const void *b)
 	    ((const struct conv *)b)->name));
 }
 
-static uintmax_t
+static intmax_t
 postfix_to_mult(const char expr)
 {
-	uintmax_t mult;
+	intmax_t mult;
 
 	mult = 0;
 	switch (expr) {
@@ -407,8 +407,10 @@ postfix_to_mult(const char expr)
  *	3) A positive decimal number followed by a 'k' or 'K' (mult by 1 << 10).
  *	4) A positive decimal number followed by a 'm' or 'M' (mult by 1 << 20).
  *	5) A positive decimal number followed by a 'g' or 'G' (mult by 1 << 30).
- *	5) A positive decimal number followed by a 'w' or 'W' (mult by sizeof int).
- *	6) Two or more positive decimal numbers (with/without [BbKkMmGgWw])
+ *	6) A positive decimal number followed by a 't' or 'T' (mult by 1 << 40).
+ *	7) A positive decimal number followed by a 'p' or 'P' (mult by 1 << 50).
+ *	8) A positive decimal number followed by a 'w' or 'W' (mult by sizeof int).
+ *	9) Two or more positive decimal numbers (with/without [BbKkMmGgWw])
  *	   separated by 'x' or 'X' (also '*' for backwards compatibility),
  *	   specifying the product of the indicated values.
  */
@@ -419,7 +421,7 @@ get_num(const char *val)
 	char *expr;
 
 	errno = 0;
-	num = strtouq(val, &expr, 0);
+	num = strtoumax(val, &expr, 0);
 	if (errno != 0)				/* Overflow or underflow. */
 		err(1, "%s", oper);
 
@@ -469,7 +471,7 @@ get_off_t(const char *val)
 	char *expr;
 
 	errno = 0;
-	num = strtoq(val, &expr, 0);
+	num = strtoimax(val, &expr, 0);
 	if (errno != 0)				/* Overflow or underflow. */
 		err(1, "%s", oper);
 

bin/pkill/pkill.c

@@ -71,7 +71,7 @@ __FBSDID("$FreeBSD$");
 
 /* Ignore system-processes (if '-S' flag is not specified) and myself. */
 #define	PSKIP(kp)	((kp)->ki_pid == mypid ||			\
-			 (!kthreads && ((kp)->ki_flag & P_KTHREAD) != 0))
+			 (!kthreads && ((kp)->ki_flag & P_KPROC) != 0))
 
 enum listtype {
 	LT_GENERIC,

bin/ps/ps.1

@@ -318,7 +318,7 @@ the include file
 .Bl -column P_SINGLE_BOUNDARY 0x40000000
 .It Dv "P_ADVLOCK" Ta No "0x00001" Ta "Process may hold a POSIX advisory lock"
 .It Dv "P_CONTROLT" Ta No "0x00002" Ta "Has a controlling terminal"
-.It Dv "P_KTHREAD" Ta No "0x00004" Ta "Kernel thread"
+.It Dv "P_KPROC" Ta No "0x00004" Ta "Kernel process"
 .It Dv "P_FOLLOWFORK" Ta No "0x00008" Ta "Attach debugger to new children"
 .It Dv "P_PPWAIT" Ta No "0x00010" Ta "Parent is waiting for child to exec/exit"
 .It Dv "P_PROFIL" Ta No "0x00020" Ta "Has started profiling"

etc/periodic/security/520.pfdenied

@@ -44,7 +44,7 @@ rc=0
 if check_yesno_period security_status_pfdenied_enable
 then
 	TMP=`mktemp -t security`
-	if pfctl -sr -v 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then
+	if pfctl -sr -v -z 2>/dev/null | nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' > ${TMP}; then
 	  check_diff new_only pf ${TMP} "${host} pf denied packets:"
 	fi
 	rc=$?

lib/libmemstat/memstat_uma.c

@@ -29,7 +29,6 @@
 #include <sys/param.h>
 #include <sys/cpuset.h>
 #include <sys/sysctl.h>
-#include <sys/_task.h>
 
 #include <vm/vm.h>
 #include <vm/vm_page.h>

share/examples/jails/README

@@ -1,5 +1,49 @@
 # $FreeBSD$
 
-See under share/examples/netgraph for some examples of
+Sample 1: jail.conf(5)
+
+	$ cp jib jng /usr/sbin/
+	$ cat jail.xxx.conf >> /etc/jail.conf
+	$ vi /etc/jail.conf
+	# NB: Customize root directory and bridge interface
+	$ sysrc jail_enable=YES
+	# NB: Assumes jail_list="" (meaning ``all jails in jail.conf'')
+	# NB: Assumes rc_conf_files="" (``below rc.conf(5) samples not used'')
+	$ service jail start
+
+Sample 2: rc.conf(5)
+
+	$ cp jib jng /usr/sbin/
+	$ cp rc.conf.jails /etc/
+	$ vi /etc/rc.conf.jails
+	# NB: Customize root directory and bridge interface
+	$ sysrc rc_conf_files+=/etc/rc.conf.jails
+	# NB: Assumes /etc/jail.conf does not exist and jail_list=""
+	$ service jail start
+
+Sample 3: Per-jail jail.conf(5)
+
+	$ cp jib jng /usr/sbin/
+	$ cp jail.xxx.conf /etc/
+	$ vi /etc/jail.xxx.conf
+	# NB: Customize root directory and bridge interface
+	$ sysrc jail_enable=YES
+	$ sysrc jail_list+=xxx
+	# NB: Assumes rc_conf_files=""
+	$ service jail start
+
+Sample 4: Per-jail rc.conf(5)
+
+	$ cp jib jng /usr/sbin/
+	$ cp rcjail.xxx.conf /etc/
+	$ vi /etc/rcjail.xxx.conf
+	# NB: Customize root directory and bridge interface
+	$ sysrc jail_enable=YES
+	$ sysrc jail_list+=xxx
+	$ sysrc rc_conf_files+=/etc/rcjail.xxx.conf
+	# NB: Assumes neither /etc/jail.conf nor /etc/jail.xxx.conf exist
+	$ service jail start
+
+For additional recipes, see share/examples/netgraph for
 making and hooking together jails using netgraph as the
 virtual networking fabric.

share/examples/jails/jail.xxx.conf

@@ -0,0 +1,35 @@
+# $FreeBSD$
+
+xxx {
+	host.hostname = "xxx.yyy";	# hostname
+	path = "/vm/xxx";		# root directory
+
+	exec.clean;
+	exec.system_user = "root";
+	exec.jail_user = "root";
+
+	#
+	# NB: Below 4-lines required
+	#
+	vnet;
+	# netgraph
+	vnet.interface = "ng0_xxx";		# vnet interface(s)
+	exec.prestart += "jng bridge xxx em0";	# bridge interface(s)
+	exec.poststop += "jng shutdown xxx";	# destroy interface(s)
+	# if_bridge
+	#vnet.interface = "e0b_xxx";		# vnet interface(s)
+	#exec.prestart += "jib addm xxx em0";	# bridge interface(s)
+	#exec.poststop += "jib destroy xxx";	# destroy interface(s)
+
+	# Standard recipe
+	exec.start += "/bin/sh /etc/rc";
+	exec.stop = "/bin/sh /etc/rc.shutdown";
+	exec.consolelog = "/var/log/jail_xxx_console.log";
+	mount.devfs;	# mount devfs
+
+	# Optional (default off)
+	#devfs_ruleset = "11";		# rule to unhide bpf for DHCP
+	#allow.mount;			# mount /etc/fstab.xxx
+	#allow.set_hostname = 1;	# Allow hostname to change
+	#allow.sysvipc = 1;		# Allow SysV Interprocess Comm.
+}

share/examples/jails/jib

@@ -122,7 +122,7 @@
 # 	add include $devfsrules_hide_all
 # 	add include $devfsrules_unhide_basic
 # 	add include $devfsrules_unhide_login
-# 	add include $devfsrules_unhide_bpf
+# 	add path 'bpf*' unhide
 #
 # And set ether devfs.ruleset="11" (jail.conf(5)) or
 # jail_{name}_devfs_ruleset="11" (rc.conf(5)).
@@ -198,7 +198,8 @@ jib_addm()
 
 	mustberoot_to_continue
 
-	local iface iface_devid eiface_devid_a eiface_devid_b
+	local iface iface_devid eiface_devid
+	local eiface_devid_a eiface_devid_b
 	local new num quad i=0
 	for iface in $*; do
 
@@ -213,6 +214,7 @@ jib_addm()
 			new=$( ifconfig bridge create ) || return
 			ifconfig $new addm $iface || return
 			ifconfig $new name "$iface$bridge" || return
+			ifconfig "$iface$bridge" up || return
 		fi
 
 		# 4. Create a new interface to the bridge
@@ -222,6 +224,8 @@ jib_addm()
 		# 5. Rename the new interface
 		ifconfig $new name "e${i}a_$name" || return
 		ifconfig ${new%a}b name "e${i}b_$name" || return
+		ifconfig "e${i}a_$name" up || return
+		ifconfig "e${i}b_$name" up || return
 
 		#
 		# 6. Set the MAC address of the new interface using a sensible
@@ -248,46 +252,42 @@ jib_addm()
 		# unique value preventing conflict.
 		#
 		iface_devid=$( ifconfig $iface ether | awk '/ether/,$0=$2' )
-		eiface_devid_a=${iface_devid#??:??:??}
-		eiface_devid_b=${iface_devid#??:??:??}
+		eiface_devid=${iface_devid#??:??:??}
 		num=$( set -- `echo -n $name | sum` && echo $1 )
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
-		eiface_devid_a=$quad$eiface_devid_a
-		eiface_devid_b=$quad$eiface_devid_b
+		eiface_devid=$quad$eiface_devid
 		num=$(( $num >> 4 ))
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
-		eiface_devid_a=$quad$eiface_devid_a
-		eiface_devid_b=$quad$eiface_devid_b
+		eiface_devid=$quad$eiface_devid
 		num=$(( $num >> 4 ))
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
-		eiface_devid_a=$quad:$eiface_devid_a
-		eiface_devid_b=$quad:$eiface_devid_b
+		eiface_devid=$quad:$eiface_devid
 		num=$(( $num >> 4 ))
 		quad=$(( $num & 15 ))
 		case "$quad" in
 		10) quad=a ;; 11) quad=b ;; 12) quad=c ;;
 		13) quad=d ;; 14) quad=e ;; 15) quad=f ;;
 		esac
 		case "$iface_devid" in
-		?2:*|?6:*)
-			eiface_devid_a=a:$quad$eiface_devid_a
-			eiface_devid_b=e:$quad$eiface_devid_b
+		?[Ee]:*)
+			eiface_devid_a=2:$quad$eiface_devid
+			eiface_devid_b=6:$quad$eiface_devid
 			;;
 		*)
-			eiface_devid_a=2:$quad$eiface_devid_a
-			eiface_devid_b=6:$quad$eiface_devid_b
+			eiface_devid_a=2:$quad$eiface_devid
+			eiface_devid_b=e:$quad$eiface_devid
 		esac
 		eval num=\$_${iface}_num
 		if [ "$num" ]; then

share/examples/jails/jng

@@ -122,7 +122,7 @@
 # 	add include $devfsrules_hide_all
 # 	add include $devfsrules_unhide_basic
 # 	add include $devfsrules_unhide_login
-# 	add include $devfsrules_unhide_bpf
+# 	add path 'bpf*' unhide
 #
 # And set ether devfs.ruleset="11" (jail.conf(5)) or
 # jail_{name}_devfs_ruleset="11" (rc.conf(5)).
@@ -255,6 +255,7 @@ jng_bridge()
 			echo $2 ) || return
 		ngctl name "$iface$bridge:link$num" $eiface || return
 		ifconfig $new name $eiface || return
+		ifconfig $eiface up || return
 
 		#
 		# 6. Set the MAC address of the new interface using a sensible

share/examples/jails/rc.conf.jails

@@ -0,0 +1,76 @@
+# $FreeBSD$
+
+###############################################################################
+############################# JAIL CONFIGURATIONS #############################
+###############################################################################
+
+jail_enable="YES"
+jail_list="xxx"
+
+#
+# Global presets for all jails
+#
+jail_devfs_enable="YES"		# mount devfs
+# Optional (default off)
+#jail_sysvipc_allow="YES"	# Allow SysV Interprocess Comm.
+#jail_set_hostname_allow="YES"	# Allow hostname to change
+
+#
+# To allow dhclient(8) to work inside a jail, make sure the following appears
+# in /etc/devfs.rules (which should be created if it doesn't exist):
+#
+# [devfsrules_jail=11]
+# add include $devfsrules_hide_all
+# add include $devfsrules_unhide_basic
+# add include $devfsrules_unhide_login
+# add path 'bpf*' unhide
+#
+
+############################################################ JAILS
+
+# NETGRAPH TEMPLATE (copy/pate; then replace {name} with short name for jail)
+#
+# {name}
+#
+#jail_{name}_hostname="{name}.shxd.cx"		# hostname
+#jail_{name}_rootdir="/vm/{name}"		# root directory
+#jail_{name}_vnet_interfaces="ng0_{name}"	# vnet interface(s)
+#jail_{name}_exec_prestart0="jng bridge {name} em0"	# bridge interface(s)
+#jail_{name}_exec_poststop0="jng shutdown {name}"	# destroy interface(s)
+# Optional (default off)
+#jail_{name}_devfs_ruleset="11"			# rule to unhide bpf for DHCP
+#jail_{name}_mount_enable="YES"			# mount /etc/fstab.{name}
+
+# IF_BRIDGE TEMPLATE (copy/pate; then replace {name} with short name for jail)
+#
+# {name}
+#
+#jail_{name}_hostname="{name}.shxd.cx"		# hostname
+#jail_{name}_rootdir="/vm/{name}"		# root directory
+#jail_{name}_vnet_interfaces="e0b_{name}"	# vnet interface(s)
+#jail_{name}_exec_prestart0="jib addm {name} em0"	# bridge interface(s)
+#jail_{name}_exec_poststop0="jib destroy {name}"	# destroy interface(s)
+# Optional (default off)
+#jail_{name}_devfs_ruleset="11"			# rule to unhide bpf for DHCP
+#jail_{name}_mount_enable="YES"			# mount /etc/fstab.{name}
+
+#
+# XXX
+#
+jail_xxx_hostname="xxx.yyy"			# hostname
+jail_xxx_rootdir="/vm/xxx"			# root directory
+# netgraph
+jail_xxx_vnet_interface="ng0_xxx"		# vnet interface(s)
+jail_xxx_exec_prestart0="jng bridge xxx em0"	# bridge interface(s)
+jail_xxx_exec_poststop0="jng shutdown xxx"	# destroy interface(s)
+# if_bridge
+#jail_xxx_vnet_interface="e0b_xxx"		# vnet interface(s)
+#jail_xxx_exec_prestart0="jib addm xxx em0"	# bridge interface(s)
+#jail_xxx_exec_poststop0="jib destroy xxx"	# destroy interface(s)
+# Optional (default off)
+#jail_xxx_devfs_ruleset="11"			# rule to unhide bpf for DHCP
+#jail_xxx_mount_enable="YES"			# mount /etc/fstab.xxx
+
+################################################################################
+# END
+################################################################################

share/examples/jails/rcjail.xxx.conf

@@ -0,0 +1,25 @@
+# $FreeBSD$
+
+jail_xxx_hostname="xxx.yyy"			# hostname
+jail_xxx_rootdir="/vm/xxx"			# root directory
+
+#
+# NB: Below 3 lines required
+#
+# netgraph
+jail_xxx_vnet_interface="ng0_xxx"		# vnet interface(s)
+jail_xxx_exec_prestart0="jng bridge xxx em0"	# bridge interface(s)
+jail_xxx_exec_poststop0="jng shutdown xxx"	# destroy interface(s)
+# if_bridge
+#jail_xxx_vnet_interface="e0b_xxx"		# vnet interface(s)
+#jail_xxx_exec_prestart0="jib addm xxx em0"	# bridge interface(s)
+#jail_xxx_exec_poststop0="jib destroy xxx"	# destroy interface(s)
+
+# Standard recipe
+jail_xxx_devfs_enable="YES"			# mount devfs
+
+# Optional (default off)
+#jail_xxx_devfs_ruleset="11"			# rule to unhide bpf for DHCP
+#jail_xxx_mount_enable="YES"			# mount /etc/fstab.xxx
+#jail_xxx_set_hostname_allow="YES"		# Allow hostname to change
+#jail_xxx_sysvipc_allow="YES"			# Allow SysV Interprocess Comm.

sys/amd64/amd64/uma_machdep.c

@@ -32,7 +32,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/malloc.h>
 #include <sys/mutex.h>
 #include <sys/systm.h>
-#include <sys/taskqueue.h>
 #include <vm/vm.h>
 #include <vm/vm_page.h>
 #include <vm/vm_pageout.h>