- Defer spa_config_load() until root is mounted.
- Restore the config path to "/etc/zfs/zpool.cache".
- Module "zfs" is type MODULE_CLASS_VFS and no longer depends on "rootvnode".
- Module "solaris" no longer depends on "mp_online".
- Fix rump component registration to not detach "/dev/zfs" if
it didn't attach it.
Solaris upstream. FreeBSD already replaced it with a glue to their
taskqueue API.
Replace it with a glue component that queues Solaris taskq requests to
threadpool jobs.
* DHCP: Ensure dhcp is running on the interface received from
* BSD: Link handling has been simplified, however it is expected
that if an interface supports SIOCGIFMEDIA then it reports
the correct link status via route(4) for reliable operations
* BPF: ARP filter is more robust
* BSD: Validate RTM message lengths
This security issue has been addressed:
* DHCPv6: Fix a potential read overflow with D6_OPTION_PD_EXCLUDE
Many thanks to Maxime Villard <max@m00nbsd.net> for discovering this issue.
Changes:
- always perform polling on inferior_ptid, never -1
-1 can cause catching fork/vfork events in random order
polling on pid will guarantee to report events in expected order
- assume availability of KERN_PROC_PATHNAME
- drop dead code for KERN_PROC_AUXV (FreeBSD-specific sysctl)
AUXV on NetBSD is handled with PIOD_READ_AUXV
- drop unused nbsd_fetch_kinfo_proc
- drop unneeded hacks for fork/vfork code
- drop support for FreeBSD specific flags returned for PT_LWPINFO
NetBSD uses PT_GET_SIGINFO / PT_GET_PROCESS_STATE for most pieces of
information
- port nbsd_thread_name to NetBSD
- enable LWP and FORK events in nbsd_enable_proc_events
- use NetBSD new batteries for distinguishing event type in to_wait
map most events into GDB types
breakpoint, single step, hw breakpoint/watchpoint ones are still not
used with the full power here
- add support for EXEC events
- clean up
This change makes GDB functional with threaded code and it is good enough
to pass t_regress / threads test.
It's possible to execute and step processes with multiple threads, use
scheduler-lock, follow-fork etc features.
What does not work:
- the LWP EXIT event and wait() are not synchronized and can deadlock
this has been observed with exiting go applications
- GDB VFORK code is still disabled and awaits kernel fixing
Short term goal is to correct LWP EXIT and follow up with VFORK fixes.
Long term goal is to rewrite NetBSD GDB support and write new support in
the remote process plugin (gdb-server) framework.
PR kern/53120
PR port-arm/51677
PR bin/54060
PR bin/49662
PR kern/52548
Add various corrections mostly sourced from upstream's cvs.texinfo,
e.g., note NetBSD's local change to log admin commands in history
(subsequently added on upstream's HEAD, since it was noted in
r. 1.689), add some references to rannotate and rlog (from r. 1.686),
some amendments concerning rdiff (from r. 1.687), and miscellaneous
typo fixes.
"rtag" commands. This is taken mostly from the upstream project's
cvs.texinfo revisions 1.686 and 1.687. Additionally, I've reflected
NetBSD's local changes to log "tag" as well as "rtag" in history, and
to require admin privileges for destructive tagging commands. This
addresses PR bin/33877.
5201. [bug] Fix a possible deadlock in RPZ update code. [GL #973]
5200. [security] tcp-clients settings could be exceeded in some cases,
which could lead to exhaustion of file descriptors.
(CVE-2018-5743) [GL #615]
5199. [security] In certain configurations, named could crash
if nxdomain-redirect was in use and a redirected
query resulted in an NXDOMAIN from the cache.
(CVE-2019-6467) [GL #880]
5198. [bug] If a fetch context was being shut down and, at the same
time, we returned from qname minimization, an INSIST
could be hit. [GL #966]
5197. [bug] dig could die in best effort mode on multiple SIG(0)
records. Similarly on multiple OPT and multiple TSIG
records. [GL #920]
5196. [bug] make install failed with --with-dlopen=no. [GL #955]
5195. [bug] "allow-update" and "allow-update-forwarding" were
treated as configuration errors if used at the
options or view level. [GL #913]
5194. [bug] Enforce non empty ZOMEMD hash. [GL #899]
5193. [bug] EID and NIMLOC failed to do multi-line output
correctly. [GL #899]
5189. [cleanup] Remove revoked root DNSKEY from bind.keys. [GL #945]
5187. [test] Set time zone before running any tests in dnstap_test.
[GL #940]
5186. [cleanup] More dnssec-keygen manual tidying. [GL !1678]
5184. [bug] Missing unlocks in sdlz.c. [GL #936]
5183. [bug] Reinitialize ECS data before reusing client
structures. [GL #881]
--- 9.14.0 released ---
--- 9.14.0rc3 released ---
5182. [bug] Fix a high-load race/crash in handling of
isc_socket_close() in resolver. [GL #834]
5180. [bug] delv now honors the operating system's preferred
ephemeral port range. [GL #925]
5179. [cleanup] Replace some vague type declarations with the more
specific dns_secalg_t and dns_dsdigest_t.
Thanks to Tony Finch. [GL !1498]
5178. [bug] Handle EDQUOT (disk quota) and ENOSPC (disk full)
errors when writing files. [GL #902]
5177. [func] Add the ability to specify in named.conf whether a
response-policy zone's SOA record should be added
to the additional section (add-soa yes/no). [GL #865]
5167. [bug] nxdomain-redirect could sometimes lookup the wrong
redirect name. [GL #892]
--- 9.14.0rc2 released ---
5176. [tests] Remove a dependency on libxml in statschannel system
test. [GL #926]
5175. [bug] Fixed a problem with file input in dnssec-keymgr,
dnssec-coverage and dnssec-checkds when using
python3. [GL #882]
5174. [doc] Tidy dnssec-keygen manual. [GL !1557]
5173. [bug] Fixed a race in socket code that could occur when
accept, send, or recv were called from an event
loop but the socket had been closed by another
thread. [RT #874]
5172. [bug] nsupdate now honors the operating system's preferred
ephemeral port range. [GL #905]
5171. [func] named plugins are now installed into a separate
directory. Supplying a filename (a string without path
separators) in a "plugin" configuration stanza now
causes named to look for that plugin in that directory.
[GL #878]
5170. [test] Added --with-dlz-filesystem to feature-test. [GL !1587]
5169. [bug] The presence of certain types in an otherwise
empty node could cause a crash while processing a
type ANY query. [GL #901]
--- 9.14.0rc1 released ---
5168. [bug] Do not crash on shutdown when RPZ fails to load. Also,
keep previous version of the database if RPZ fails to
load. [GL #813]
5165. [contrib] Removed SDB drivers from contrib; they're obsolete.
[GL #428]
5164. [bug] Correct errno to result translation in dlz filesystem
modules. [GL #884]
5163. [cleanup] Out-of-tree builds failed --enable-dnstap. [GL #836]
5162. [cleanup] Improve dnssec-keymgr manual. Thanks to Tony Finch.
[GL !1518]
5161. [bug] Do not require the SEP bit to be set for mirror zone
trust anchors. [GL #873]
5160. [contrib] Added DNAME support to the DLZ LDAP schema. Also
fixed a compilation bug affecting several DLZ
modules. [GL #872]
5159. [bug] dnssec-coverage was incorrectly ignoring
names specified on the command line without
trailing dots. [GL !1478]
5158. [protocol] Add support for AMTRELAY and ZONEMD. [GL #867]
5157. [bug] Nslookup now errors out if there are extra command
line arguments. [GL #207]
5141. [security] Zone transfer controls for writable DLZ zones were
not effective as the allowzonexfr method was not being
called for such zones. (CVE-2019-6465) [GL #790]
5118. [security] Named could crash if it is managing a key with
`managed-keys` and the authoritative zone is rolling
the key to an unsupported algorithm. (CVE-2018-5745)
[GL #780]
5110. [security] Named leaked memory if there were multiple Key Tag
EDNS options present. (CVE-2018-5744) [GL #772]
Backport fixups for syscall()/__syscall() routines from LLVM compiler-rt
dated October 1st 2018. The commit beffore switching LLVM compiler-rt
sycall calls to libc calls for NetBSD.
GCC8 will get part of these changes from upstream and GCC9 will operate on
libc calls directly for the NetBSD port.
This is intended to correct misuse of parameters of syscall()/__syscall()
that could break !x86 ports in UBSan.
messages.
Between ASLR and stack clash random-sized padding, we can't make small
stacks reliably. Not doing so isn't a problem, so don't warn users about
it on every boot.
PR bin/51118
libstdc++ and enable it for now only for the random archives but not for the
shared object (although it does not break anything that I've tested to enable
it for the shared object too). Fixes static linking, which does not handle
multiple versioned symbols properly.
- for riscv64-*netbsd* hosts and 32 bit target, set LIB_PATH
- build the other target emulations for riscv32 on riscv64
- regen riscv64 mknative for ld updates
- make LINK_SPEC more like other multi-line string defines
- update multilib stuff for GCC 7 riscv -- -m32/-m64 gone, -mabi and
-march now decide between several options
* BSD: PF_LINK sockets now closed when no longer needed
* BSD: Fix detecting interface for scoped routes
* script: Allow "" to mean /dev/null
* script: Add static routers and routes to env
* DHCP: outbound interface is no longer dictated with IP_PKTINFO
* DHCP: BPF sockets now closed when no longer needed
* DHCPv6: Allow nooption dhcp6_unicast to work
* DHCPv6: Don't spam syslog if we always get the same error
* route: Log pid which deleted routes of interest
This release fixes PR bin/53705.
- define *intptr_t in terms of 'long int' always
- move fixtfdi.c, fixunstfdi.c, floatditf.c, and floatunditf.c into t-netbsd64
- remove duplicated riscv case in config.gcc, reducing upstream diff as well
- regen riscv64 mknative
for x86 and evbarm:
- install headers and libEGL
- install xorg-server glamoregl component
- link xorg drivers against gbm/egl
bonus fix:
- fix some wrongly marked compatx11file files
build tested on shark, sgimips, evbarm64-el, amd64 and i386.
run tested on radeon, intel and nvidia on amd64, including
'modesetting' driver on amd64. however, my systems disable
it due to llvmpipe so i'm not sure what is happening.
for x86 and evbarm:
- install headers and libEGL
- install xorg-server glamoregl component
- link xorg drivers against gbm/egl
bonus fix:
- fix some wrongly marked compatx11file files
build tested on shark, sgimips, evbarm64-el, amd64 and i386.
run tested on radeon, intel and nvidia on amd64, including
'modesetting' driver on amd64. however, my systems disable
it due to llvmpipe so i'm not sure what is happening.
we've been building dp-bit.c and fp-bit.c backwards, but as they
use the same input source, they just had opposite objects and
the right total was provided. oops.
hannken