2b5691ee eugen Jan. 17, 2019, 6:07 p.m. 
on devices using wear-leveling algorithms as a few weeks passed
after review and discussion of trim(8) ceased and
we still have no utility to perform the job.

Reviewed by:	hackers@
MFC after:	2 weeks
cgit ViewVC
e6de40fa markj Jan. 17, 2019, 5:36 p.m. 
- Limit rights on stdio before opening input files.  Otherwise, open()
  may return one of the standard descriptors and we end up limiting
  rights such that we cannot read from one of the input files.
- Use caph_limit_stdio(), which suppresses EBADF, to ensure that
  we don't emit an error if one of the stdio streams is closed.
- Don't bother further limiting rights on stdin when stdin isn't going
  to be used.  Doing so correctly requires checking for a number of
  edge cases, and it doesn't provide any significant benefit.

PR:		234885
Reviewed by:	oshogbo
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D18860
cgit ViewVC
c9cf7cb8 des Jan. 17, 2019, 4:50 p.m.
adb8eabc mckusick Jan. 17, 2019, 4:26 p.m. 
Pointy-hat-to: mckusick
cgit ViewVC
cc50e5a1 mckusick Jan. 17, 2019, 3:42 p.m. 
Reported by: Oliver Pinter <oliver.pinter@hardenedbsd.org>
cgit ViewVC
cbb97f8d mckusick Jan. 17, 2019, 3:35 p.m. 
Pointy-hat-to: mckusick
cgit ViewVC
bd24e861 eugen Jan. 17, 2019, 2:09 p.m. 
while processing not entirely correct jail.conf(5) file
having something like "ip4.addr = 127.0.0.1;" and no "ip4 = ...;"
so extrap variable stays NULL.

Reported by:	marck
MFC after:	1 month
cgit ViewVC
88640c0e mckusick Jan. 17, 2019, 6:35 a.m. 
An integrity check such as a check-hash or a cross-correlation failed.
The integrity error falls between EINVAL that identifies errors in
parameters to a system call and EIO that identifies errors with the
underlying storage media. EINTEGRITY is typically raised by intermediate
kernel layers such as a filesystem or an in-kernel GEOM subsystem when
they detect inconsistencies. Uses include allowing the mount(8) command
to return a different exit value to automate the running of fsck(8)
during a system boot.

These changes make no use of the new error, they just add it. Later
commits will be made for the use of the new error number and it will
be added to additional manual pages as appropriate.

Reviewed by:    gnn, dim, brueffer, imp
Discussed with: kib, cem, emaste, ed, jilles
Differential Revision: https://reviews.freebsd.org/D18765
cgit ViewVC
0a34fc88 gonzo Jan. 17, 2019, 6:34 a.m. 
Add all the files under /usr/share/examples to the MK_EXAMPLES
section. OLD_DIRS entries are not removed if they're not empty so
prior to this change WITHOUT_EXAMPLES didn't have significant effect
on the updated system.

PR:		228484
Submitted by:	Dmitry Wagin <dmitry.wagin@ya.ru> (original patch)
MFC after:	1 week
cgit ViewVC
aca16d28 gonzo Jan. 17, 2019, 6:22 a.m. 
Add two more entries for WITHOUT_SENDMAIL install. The /var/spool/clientmqueue
entry would be deleted only if there are no files/dirs in it, so the
content generated during previous lifecycle of the system is safe

PR:		228484
Submitted by:	Dmitry Wagin <dmitry.wagin@ya.ru>
MFC after:	1 week
cgit ViewVC
f1dc49f3 kib Jan. 17, 2019, 5:15 a.m. 
PR:  235004
Submitted by:	Jose Luis Duran <jlduran@gmail.com>
MFC after:	3 days
cgit ViewVC
be8dd142 kib Jan. 17, 2019, 4:51 a.m. 
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
cgit ViewVC
419ba591 behlendorf1 Jan. 16, 2019, 11:06 p.m. 
Since the new spacemap encoding was ported to ZoL that's no longer 
a limitation. This patch updates vdev_is_spacemap_addressable() 
that was performing that check.

It also updates the appropriate test to ensure that the same 
functionality is tested.  The test does so by creating pools that 
don't have the new spacemap encoding enabled - just the checkpoint
feature. This patch also reorganizes that same tests in order to 
cut in half its memory consumption.

Reviewed by: Matt Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Serapheim Dimitropoulos <serapheim@delphix.com>
Closes #8286
cgit
284a8f6f gonzo Jan. 16, 2019, 10:29 p.m. 
PR:		167001
Submitted by:	Daan Vreeken [PA4DAN] <Daan@vitsch.nl>
MFC after:	1 week
cgit ViewVC
64bdf63f noreply Jan. 16, 2019, 10:10 p.m. 
Increase the default allowed number of reconstruction attempts.
There's not an exact right number for this setting.  It needs
to be set large enough to cover any realistic failure scenarios
and small enough to avoid stalling the IO pipeline and invoking
the dead man detection.

The current value of 256 was empirically determined to be too
low based on multi-day runs of ztest.  The fault injection code
would inject more damage than could be reconstructed given the
relatively small number of attempts.  However, in all observed
cases the block could be reconstructed using a slightly higher
limit.

Based on local testing increasing the default value to 4096 was
determined to strike the best balance.  Checking all combinations
takes less than 10s in the worst case, and has so far eliminated
the vast majority of false positives detected by ztest.  This
delay is roughly on par with how long retries may be performed
to a misbehaving HDD and was deemed to be reasonable.  Better to
err on the side of a brief delay rather than fail to reconstruct
the data.

Lastly, the -Y flag has been added to zdb to make it easy to try all
possible combinations when performing split block reconstruction.
For badly damaged blocks with 18 splits, they can be fully enumerated
within a few minutes.  This has been done to ensure permanent errors
are never incorrectly reported when ztest verifies the pool with zdb.

Reviewed by: Tom Caputi <tcaputi@datto.com>
Reviewed by: Matt Ahrens <mahrens@delphix.com>
Reviewed by: Serapheim Dimitropoulos <serapheim@delphix.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #8271
cgit