Commit Graph

309784 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav 0620c99d27 audit: Add poll / select support
It was previously not possible to poll() or select() on the trigger
device, which made implementing proper signal handling in auditd
difficult.

MFC after:	1 week
Sponsored by:	Klara, Inc.
Reviewed by:	kevans, markj
Differential Revision:	https://reviews.freebsd.org/D57457
2026-06-05 23:50:38 +02:00
Mark Johnston 520e0f576f udp: Fix resource leaks in an error path in udp6_send()
Reported by:	Andrew Griffiths <andrew@calif.io>
Fixes:		069a67374e ("ip6: Remove support for RFC2675 (Jumbo Payload Option)")
Reviewed by:	pouria, tuexen, glebius
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D57341
2026-06-05 21:49:11 +00:00
Ed Maste c2631d1623 arch.7: Restore (non-SPE) 32-bit powerpc to MD tables
powerpc is still relevant for lib32.  powerpcspe cannot use lib32 so
remains removed.

Reported by:	Minsoo Choo <minsoo@minsoo.io>
Reviewed by:	Minsoo Choo <minsoo@minsoo.io>
Sponsored by:	The FreeBSD Foundation
Fixes: 2ea49bb595 ("arch.7: Remove 32-bit powerpc from tables")
Differential Revision: https://reviews.freebsd.org/D57473
2026-06-05 16:17:36 -04:00
Jitendra Bhati 670738a175 fts: add fts regression tests
Add ATF regression tests for previously-fixed fts(3) bugs:

- PR 45723: directory with read but no execute is traversed via
  FTS_DONTCHDIR fallback, not silently skipped
  (commit 1e03bff7f2)
- PR 196724: FTS_SLNONE must not be returned for a non-symlink;
  time-bounded race test runs for 1 second with concurrent
  file creation/deletion
  (commit bf4374c54589)
- PR 262038: readdir(2) errors produce FTS_DNR with fts_errno
  set, not silently treated as end-of-directory
  (commit 0cff70ca66)
- SVN r246641: normal traversal works correctly with O_DIRECTORY
  fix in fts_safe_changedir()
  (commit f9928f1705ee)
- SVN r261589: no crash when tree modified during traversal;
  time-bounded race test runs for 1 second with concurrent
  file creation/deletion
  (commit c6d38f088e5c)

Sponsored by:	Google LLC (GSoC 2026)
Reviewed by:	asomers
MFC after:	2 weeks
Pull Request:	https://github.com/freebsd/freebsd-src/pull/2257
2026-06-05 14:03:08 -06:00
Jitendra Bhati b45654c6a4 fts: add misc fts traversal tests
Extend fts_misc_test.c with additional test cases:

- FTS_NOCHDIR with absolute paths allows application chdir freely
- fts_name is always NUL-terminated with correct fts_namelen
- FTS_D/FTS_DP are paired and fts_level increments correctly
- FTSENT fts_errno/fts_dev/fts_ino/fts_nlink are correct
- circular symlink loop under FTS_PHYSICAL terminates
- cycle via symlink under FTS_LOGICAL yields FTS_DC
- fts_close after root deletion must not crash
- fts_close after root rename restores CWD (SVN r77497)
- FTS_NOCHDIR + empty directory does not corrupt path (SVN r49772)
- FTS_NS entry has non-zero fts_errno
- FTS_XDEV and FTS_WHITEOUT stubbed pending mount setup

Sponsored by:	Google LLC (GSoC 2026)
Reviewed by:	asomers, jillest
MFC after:	2 weeks
Pull Request:	https://github.com/freebsd/freebsd-src/pull/2248
2026-06-05 13:57:30 -06:00
Ed Maste 0ae946e722 vt: Avoid integer overflow in CONS_HISTORY ioctl
Reviewed by:	markj, vexeduxr
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57250
2026-06-05 13:56:12 -04:00
Dag-Erling Smørgrav 641e8e3956 Revert "libc: Constify the getcap API"
This broke cross-building on Linux and macOS.

This reverts commit 823d00b2d4.
2026-06-05 19:15:46 +02:00
Mark Johnston 2404d8d741 linux: Drop unneeded PHOLDs
There's no point in acquiring a hold if the proc lock isn't going to be
dropped.

Reviewed by:	kib
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D57468
2026-06-05 16:54:59 +00:00
Dag-Erling Smørgrav 77fdeba18c fts: Correct description of fts_set
MFC after:	1 week
Sponsored by:	Klara, Inc.
Fixes:	e030e4e73f ("lib/libc/gen/fts.3: use 'options' consistently in fts_set() description")
Differential Revision:	https://reviews.freebsd.org/D57326
2026-06-05 18:47:14 +02:00
Ed Maste 2ea49bb595 arch.7: Remove 32-bit powerpc from tables
Most 32-bit architecture support has been deprecated for FreeBSD 16.

Reviewed by:	des
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57472
2026-06-05 12:35:25 -04:00
Ed Maste 5805fadd0d arch.7: arch.7: Add wchar_t signedness
Most architectures have the same signedness for char and wchar_t, but
powerpc has the unusual combination of unsigned char and signed wchar_t.

Reviewed by:	des, jhb, markj
Sponsored by:	The FreeBSD Foundation
2026-06-05 12:25:43 -04:00
Alex Arslan 0b862a795a arm64: Expose ESR in mcontext
At present, the exception syndrome register (ESR) is not accessible via
the user context on FreeBSD AArch64, which makes it difficult to
determine the cause of an exception. For example, a signal handler might
get a `SIGSEGV` with `SEGV_ACCERR`, but it can't know whether that
occurred due to a bad read or write. The change implemented here
includes ESR in `struct __mcontext`, thereby allowing access via
`ucontext_t` for use by signal handlers, sanitizers, debuggers, etc.

Note that this addition consumes one of the seven spare 64-bit slots in
`struct __mcontext`.

Signed-off-by: Alex Arslan <ararslan@comcast.net>
Reviewed by:	andrew
Pull Request:	https://github.com/freebsd/freebsd-src/pull/2053
2026-06-05 17:15:36 +01:00
Alex Arslan 5cc3fa0988 arm64: Add exception flag for ksiginfo_t and set in trapsignal
The `ksiginfo_t` flag `KSI_TRAP` is set both for exceptions and when
copying between userspace and the kernel fails. In the latter case, the
exception syndrome register as captured in `struct trapframe` won't be
valid. That means we can't use `KSI_TRAP` to determine whether `tf_esr`
is valid. This motivates the addition of a new flag, here called
`KSI_EXCEPT`, for specifically identifying signals caused by exceptions.
It is added to `ksi_flags` via `trapsignal`.

Signed-off-by: Alex Arslan <ararslan@comcast.net>
Reported by:	andrew
Pull Request:	https://github.com/freebsd/freebsd-src/pull/2053
2026-06-05 17:15:36 +01:00
Antranig Vartanian 8f6c577c9f bhyve(8): allow cpu pinning using N-M:X-Y ranges
bhyve's -p allows to pin guest's virtual CPU vcpu to hostcpu, however
this becomes very tedious work when you have to pin more than a single
CPU.

This allows to pass a range to -p, e.g. -p 0-3:4-7 which will pin the
cpus 0:4, 1:5, 2:6, 3:7. The ranges must be equal and the CPU numbers
must be ascending.

Sponsored by: Armenian Bioinformatics Institute
Reviewed by:	corvink, markj
Tested by:	bnovkov
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D54937
2026-06-05 18:07:49 +02:00
Dag-Erling Smørgrav b5a96894f6 rc: Bail if /dev/null is not a device
On startup, check that /dev/null exists and is a character device.
Otherwise, one of two things will happen: either /dev is a writable
directory and we will immediately create /dev/null as a regular file
and dump garbage into it, or it does not and we will spit out a stream
of error messages about failing to create /dev/null.

PR:		295782
MFC after:	1 week
Reviewed by:	jhb, emaste
Differential Revision:	https://reviews.freebsd.org/D57447
2026-06-05 17:53:29 +02:00
Dag-Erling Smørgrav ddf6fad029 etcupdate: Make nobuild the default
The common case for etcupdate is to run it after building and installing
the world, in which case we already have an object directory to draw on.
Add a -b option to turn nobuild off (opposite of -B), and turn nobuild
on by default.

MFC after:	1 week
Reviewed by:	jhb, emaste
Differential Revision:	https://reviews.freebsd.org/D57306
2026-06-05 17:53:25 +02:00
Jitendra Bhati c606eb3713 fts: address post-merge feedback on fts_children_test.c
- Remove fts_check_debug() which is only needed by test cases
  that use the fts_test() helper; fts_children_test.c does not
  call fts_test()
- Remove fts_lexical_compar where traversal order does not matter
  for the test result
- Drop fts_test.h and copy fts_lexical_compar locally
- Pull up NULL argument onto same line as fts_open

Fixes:		e624417db8 ("lib/libc/tests/gen: add fts_children() tests")
Sponsored by:	Google LLC (GSoC 2026)
Reviewed by:	des, asomers
MFC after:	2 weeks
Pull Request:	https://github.com/freebsd/freebsd-src/pull/2260
2026-06-05 09:16:20 -06:00
Jim Brown f4424a2733 dhclient.conf.5: Correct crossreference
PR:		285614
Reviewed by:	ziaee, michaelo, jrm
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D49489
2026-06-05 15:13:32 +00:00
Jitendra Bhati ee213339f4 fts: address post-merge feedback on fts_set_test.c
Per review by des@:

- Remove fts_check_debug() which has no effect in fts_set_test.c, and
  remove unused #include "fts_test.h"
- Add errno = 0 before fts_read() so errno check is meaningful
- Remove fts_lexical_compar where traversal order does not matter
- Change int boolean flags to bool throughout
- Use !saw_inside instead of saw_inside == false
- Move fts_set_clientptr/fts_get_clientptr test inside fts_read()
  loop so the pointer is exercised during active traversal

Fixes:		940142d610 ("lib/libc/tests/gen: add fts_set() tests")
Sponsored by:	Google LLC (GSoC 2026)
Reviewed by:	des, asomers
MFC after:	2 weeks
Pull Request:	https://github.com/freebsd/freebsd-src/pull/2258
2026-06-05 09:06:33 -06:00
Rick Macklem 3dfbbe8586 nfsd: Add per-MDS fs striping configuration
Commit 72e57bc264 added support for striping to the pNFS
server when using the Flexible File layout.
It is configured globally via the following sysctls:
vfs.nfsd.pnfsstripeunit - Size (in bytes) of a stripe
vfs.nfsd.pnfsstripecnt - # of DSs to stripe across

This patch allows the above settings to be overridden
on a per-MDS exported file system basis.  With this
patch, a stripeunit can optionally be specified for
the MDS file system listed when one is listed after
a '#' in the "-p" nfsd argument.  This is done by
appending "@NNN", where NNN is the stripeunit, in bytes.

The current syntax implies that neither a '#' nor '@'
can be in the MDS mount point's directory path.

This patch does not affect current pNFS server
configurations (of which there appears to be very
few, anyhow).
2026-06-05 07:59:42 -07:00
Yoshihiro Takahashi e3fa020202 protocols: Update with IANA list
- Update /etc/protocols with IANA list updated 2026-03-09.
- Document that 240 (pfsync) is not assigned by IANA.
- Document deprecated protocols.

PR:		295739
Reviewed by:	des
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D57445
2026-06-05 22:14:06 +09:00
Bjoern A. Zeeb cda79e505e LinuxKPI: 802.11: set flag if frame should be part of an A-MPDU
In the output path where we are sending a frame to the driver mark it
if it should be part of an A-MPDU based on its tid, type, and whether
net80211 thinks that we are in the right state for this.

Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2026-06-05 12:09:23 +00:00
Bjoern A. Zeeb 259efa730c LinuxKPI: 802.11: make *addba* work better
Fill in more details for lkpi_ic_addba_request(), lkpi_ic_addba_response(),
and lkpi_ic_addba_response_timeout().

Migrate the ltxq flags seen_dequeue and stopped to a bitfield and add %b
support to log messages.   This seemed the better approach after needing
an additional stop field for BA while we have to hold packets from being
transmitted.

Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2026-06-05 12:09:23 +00:00
Bjoern A. Zeeb 22ac9be92d LinuxKPI: 802.11: adjust tracing for action/ampdu/addba functions
Adjust the pure debug tracing to no longer be under HT and add more
to the other functions we are interested in, so we can follow the
calls more easily.

Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2026-06-05 12:09:22 +00:00
Bjoern A. Zeeb a993d28111 LinuxKPI: 802.11: add note about rate control support under boot -v
We currently do not support rate control in LinuxKPI.  As more drivers
and chipsets gain suppport for higher throughput add a note under
bootverbose if we hit one of these cases (currently only older iwlwifi
chipsets).

Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2026-06-05 12:09:22 +00:00
Bjoern A. Zeeb fb97712a7f LinuxKPI: 802.11: implement ieee80211_start_tx_ba_session()
Implement ieee80211_start_tx_ba_session() as a start for rtw8x (and
select mt76 chipsets) to support more throughput.

Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2026-06-05 12:09:22 +00:00
Bjoern A. Zeeb ba796102fe LinuxKPI: 802.11: add three more driver downcalls
Add (*link_sta_rc_update), (*set_bitrate_mask), and
(*sta_set_decap_offload) mac80211 driver downcalls in preparation
for further work.

Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2026-06-05 12:09:21 +00:00
Baptiste Daroussin d798491238 nuageinit: implement ssh_authkey_fingerprints support
Add support for the 'ssh_authkey_fingerprints' cloud-config key
which logs SSH host key fingerprints to the console via ssh-keygen.
2026-06-05 13:17:55 +02:00
Baptiste Daroussin 58184a301a nuageinit: implement keyboard support 2026-06-05 13:17:22 +02:00
Baptiste Daroussin 4662263c24 nuageinit: implement resolv_conf support
Add support for the 'resolv_conf' cloud-config key which writes
directly to /etc/resolv.conf.
2026-06-05 13:15:37 +02:00
Baptiste Daroussin 797dad91ff nuageinit: implement mounts support
Add support for the 'mounts' cloud-config key which configures
mount points by appending entries to /etc/fstab and creating
the corresponding directories.
2026-06-05 13:15:16 +02:00
Baptiste Daroussin 6e54d00867 nuageinit: add tests for bootcmd, ssh_deletekeys, disable_root, manage_etc_hosts 2026-06-05 08:38:33 +02:00
Baptiste Daroussin ba58e8ad72 nuageinit: implement manage_etc_hosts support
Add support for adding the instance hostname to /etc/hosts on the
127.0.0.1 and ::1 localhost lines, matching cloud-init's default
behaviour (manage_etc_hosts: true).

create a revolve_hostname helper to avoid code duplucation.
2026-06-05 07:49:16 +02:00
Baptiste Daroussin b9be7608cd nuageinit: implement bootcmd support
Add support for the 'bootcmd' cloud-config directive, which allows
running commands very early in the boot process, before the hostname
is set and before the network is configured.

- nuageinit: bootcmd() function follows the same pattern as runcmd(),
  writing commands to /var/cache/nuageinit/bootcmds instead of runcmds.
  It is the first entry in the pre_network_calls table.

- rc.d/nuageinit: execute /var/cache/nuageinit/bootcmds immediately
  after /usr/libexec/nuageinit completes, before unmounting the config
  drive. This ensures bootcmd runs before NETWORKING per cloud-init spec.
2026-06-05 07:00:00 +02:00
Baptiste Daroussin ab478de1f9 pw: fix incorrect metalog path in mkdir_home_parents 2026-06-05 08:01:56 +02:00
Baptiste Daroussin fe1e912d5a pw: fix setmode(NULL) crash when homemode is a boolean value 2026-06-05 08:01:50 +02:00
Baptiste Daroussin 5f9c8f142d pw: fix const qualification in unquote()
The unquote() function took a const char * parameter but modified the
string in-place (removing quote characters). Change the parameter to
char * and update callers that passed const char * to cast explicitly.
2026-06-05 08:01:44 +02:00
Baptiste Daroussin 4fd8a69ec6 pw: fix inverted condition in shell_path error handling 2026-06-05 08:01:35 +02:00
Baptiste Daroussin 13f4a37b53 pw: fix uninitialized name pointer in pw_group_del
The 'name' variable could be left uninitialized if neither the
positional argument nor -n is supplied, leading to undefined
behavior when passed to getgroup().
2026-06-05 08:01:24 +02:00
Baptiste Daroussin 1cc5684b32 pw: remove duplicate pw_user_add declarations 2026-06-05 08:01:09 +02:00
Xin LI f7c0bd206f file: normalize .result files to ensure trailing newline on install
Some upstream result files introduced in file 5.47 (e.g., bgcode.result)
lack a trailing newline, causing the contrib_file_tests ATF test to
fail with "cmp: EOF on bgcode.result".  Generate normalized copies
of the expected results and install those instead.

MFC after:	3 days
Fixes:		e949ce9dc0
2026-06-04 21:48:19 -07:00
Dag-Erling Smørgrav ad524568f9 limits: Fix pipebuf resource type
* pipebuf is a size but is listed as a count

PR:		295623
MFC after:	1 week
Fixes:		f54f41403d ("usr.bin/limits: support RLIMIT_PIPEBUF")
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D57456
2026-06-05 00:41:41 +02:00
Dag-Erling Smørgrav a85e39030f etcupdate: Make diff -l actually work
While here, remove unnecessary blank lines.

MFC after:	1 week
Fixes:          6d65c91b9a ("etcupdate: fix arguments order of diff command")
Reviewed by:	Boris Lytochkin <lytboris@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D57330
2026-06-05 00:41:27 +02:00
Dag-Erling Smørgrav 823d00b2d4 libc: Constify the getcap API
MFC after:	1 week
Inspired by:	NetBSD
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D57252
2026-06-05 00:41:22 +02:00
Dag-Erling Smørgrav ba0d22eacd libarchive: Fix typo in sed command
MFC after:	1 week
Fixes:		eb3a0a74a0 ("libarchive: Clean up the build configuration")
Reported by:	Shawn Webb <shawn.webb@hardenedbsd.org>
2026-06-05 00:37:23 +02:00
Rick Macklem ea4886f282 nfs_commonkrpc.c: Improve handling of NFSv4.1/4.2 recovery
Commit 4d80d4913e fixed a long standing bug in the recovery
code.  However. glebius@ reported seeing multiple
recovery cycles with this patch during an NFSv4.1/4.2
server reboot.

This commit should minimize the risk of multiple
recovery cycles.

PR:	294925
Reported by:	Jov <amutu@amutu.com>
MFC after:	2 weeks
Fixes:	4d80d4913e ("nfs: Fix argument typo to avoid a crash")
2026-06-04 15:02:48 -07:00
Baptiste Daroussin 22c1f5d0ec nuageinit: complete SSH support with ssh_deletekeys and disable_root
Add missing SSH cloud-config options from cloud-init spec:

- ssh_deletekeys: remove existing SSH host keys on first boot so
  new ones are generated automatically by sshd(8).
  Implemented as delete_ssh_host_keys() in nuage.lua using lfs.dir()
  with a directory existence guard via lfs.attributes().

- disable_root: set PermitRootLogin to 'no' (or a custom value via
  disable_root_opts) in /etc/ssh/sshd_config.

- disable_root_opts: optional string or array to override the
  PermitRootLogin value used when disable_root is true. Only the
  first array element is used.
2026-06-04 22:17:03 +02:00
Baptiste Daroussin ea0932d71a nuageinit: refactor goto abuse in chpasswd()
Replace goto next/list pattern with proper elseif/else control
structure. The goto-based flow was fragile and hard to follow;
the elseif chain makes the validation logic explicit and linear.
2026-06-04 22:02:58 +02:00
Baptiste Daroussin 0ba9b7b7f8 nuageinit: fix update_sshd_config crash when file does not exist
Previously update_sshd_config() would assert-fail if sshd_config did
not exist. Now it creates a new file with the given key/value.

Also replace the fragile simultaneous r+ + temp file approach with
a cleaner read-then-write pattern: read all lines into memory, modify
as needed, then write to a temp file and rename. All assert() calls
replaced with proper error handling via warnmsg().

Add test case for missing file creation.
2026-06-04 21:10:37 +02:00
Baptiste Daroussin cf5722ed60 nuageinit: fix TOCTOU in addsshkey, adddoas, addsudo
Replace check-then-create patterns with direct creation:

- addsshkey: check what exists before creation, use mkdir_p() for
  .ssh directory, handle errors with warnmsg() instead of assert().
  Apply chmod/chown only on newly created files/directories.

- adddoas: same pattern for doas.conf and the etc directory.

- addsudo: same pattern for the sudoers file and sudoers.d directory.

All three functions now use warnmsg() for error handling instead of
returning nil,err or using assert().
2026-06-04 21:06:35 +02:00