This is the infrastructure to allow scheduler implementation to be
selected on boot, supported by ifuncs.
The DEFINE_SHIM() macros and their usage provided by jrtc27@.
Reviewed by: olce
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D54831
It is not used since c72188d85a.
Noted by: jrtc27
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D54831
There is no harm in having unused prototypes.
Reviewed by: olce
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D54831
Adopt the POSIX standard text to our implementation.
PR: 206284
Reviewed by: des, jilles, ziaee
Differential Revision: https://reviews.freebsd.org/D49895
We always use NO_ROOT for release artifact builds, so remove the
alternate code paths.
For the first step we set NO_ROOT unconditionally in cases that invoke
submakes, and turn NO_ROOT being unset into an error in lover-level
targets so that we can catch potential out-of-tree build scripts (or
missed in-tree cases) that expect to run not-NO_ROOT builds. The second
step will be to remove those entirely.
Reviewed by: cperciva
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54179
Previously connect() or sendto() to INADDR_ANY or IN6ADDR_ANY reached
some socket bound to some host interface address. Although this was
intentional it was an artifact of a different era, and is not desirable
now.
In 417b35a97b markj added support to disallow connect() to INADDR_ANY
and IN6ADDR_ANY. Connections to INADDR_ANY were disabled by default in
cd240957d7. Follow suit with IN6ADDR_ANY.
Reviewed by: glebius, markj, zlei
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54306
On some environement a VM can be connected to multiple ifaces but only
one will respond to dhcp and able to fetch the metadata.
Launch the early dhclient on all available ifaces and as soon as one
dhcp has successfully configured an iface, proceed with fetching the
metadata.
MFC After: 1 week
Reported by: mateusz.klejn@ovhcloud.com
Tested by: mateusz.klejn@ovhcloud.com
Sponsored by: OVHcloud
This prevents 'service -e' from emitting (/var/log/messages):
/usr/sbin/service: WARNING: $virtual_oss_enable is not set properly - see rc.conf(5)
Pull Request: https://github.com/freebsd/freebsd-src/pull/1987
Reviewed by: christos
Signed-off-by: eborisch@gmail.com
MFC after: 1 week
Clang's -Wmissing-variable-declarations flags this as an issue since the
flag is only used in `gtest.cc`. Declare the flag beforehand to ensure
that the variable scope is properly limited to `gtest.cc`.
MFC after: 1 week
MFC with: 46333229c6
Ref: https://github.com/google/googletest/pull/4898
The changes between the two versions can be found in this diff of the
two release tags:
https://github.com/google/googletest/compare/v1.15.2...v1.17.0
One notable change is that GoogleTest 1.17.0 now requires C++-17 to
build.
MFC after: 1 week
Merge commit '3a4c29b5bed4ea20266ad9371fbfdc6bca088f92'
Previously it was enabled for all architectures except but RISC-V.
Upstream made significant progress on RISC-V support over the last
year[1], and although there's still some FreeBSD-specific work to do we
can start building it now.
[1] https://jonasdevlieghere.com/post/lldb-2025/
Sponsored by: The FreeBSD Foundation
The tag is used to perform lookup in a different way.
New functions were introduced:
* to set, check and clear a tag
* to walk through a radix tree based on a given tag
Furthermore, the `radix_tree_delete()` function was modified to clear
tags on deletion.
The amdgpu DRM driver started to use this in Linux 6.10.
While here, the `radix_tree_gang_lookup()` function was added because it
is very close to `radix_tree_gang_lookup_tag()`, but it is not used by
the DRM drivers as of this commit.
Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54503
Summary:
Doing so will let the upper layer know how to deal with software hash,
with benefits like inp_flowid can be set and m_pkthdr.flowid can be set
in output path.
Reviewed by: tuexen
Differential Revision: https://reviews.freebsd.org/D54929
Google developed the Capsicum unit test suite[1] as part of the
Capsicum-Linux[2] project, based on unit tests that existed in FreeBSD
and unit tests developed as part of the initial Capsicum-Linux port.
Capsicum-Linux was archived as of October 31, 2022 and is no longer
being maintained. FreeBSD is currently the only consumer of and
contributor to the test suite. Move the src into tests/sys/capsicum to
simplify ongoing maintenance.
The makefiles were deleted as we (continue to) use the existing bespoke
FreeBSD Makefile, and CONTRIBUTING.md was removed as the Google CLA is
no longer applicable.
[1] https://github.com/google/capsicum-test
[2] https://github.com/google/capsicum-linux
Reviewed by: asomers, oshogbo
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54917
Avoid truncating 32-bit values. This would have saved me a bit of time
when I was looking at a cpuid leaf on my system and typed 0x80000001f
instead of 0x8000001f.
Reviewed by: kib
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D54919
Previously, setting an interface FIB to some invalid value would result
in a warning being printed, but the ifconfig command would exit with
status 0, but this is wrong.
Add a little regression test.
Reviewed by: pouria, zlei, melifaro
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54918
lposix is the last holdout of modules built into flua until we can fix
the module design to have the right parts require()able. Address a
valid bug in lua_read() found at a higher WARNS and drop the override
entirely. Some of the modules could possibly be re-evaluated.
Fixes: c2caf3b331 ("flua: lposix: add more useful functions [...]")
Reported by: des
Reviewed by: des
Sponsored by: Klara, Inc.
Sponsored by: NetApp, Inc.
Previously, we would first call AcpiEvaluateObject() to execute \_Sx
before calling AcpiGetSleepTypeData(). This was unnecessary, as
AcpiGetSleepTypeData() performs the same call itself. While doing so,
the latter function logs any other error than AE_NOT_FOUND (which
indicates that a particular sleep state is not supported), which most
probably is an added benefit of this change.
Reviewed by: obiwac
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54624
Do not allocate or switch to the custom stack on non-x86.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D54898
Instructions in /etc/pkg/FreeBSD.conf and elsewhere recommend putting
changes in /usr/local/etc/pkg/repos/FreeBSD.conf so bring OCI containers
into line as well.
Reviewed by: dfr, ivy
Differential Revision: https://reviews.freebsd.org/D54090
MFC after: 5 days
Sponsored by: SkunkWerks, GmbH
If net is all-zero, the loop to extract all leading non-zero octets will
iterate zero times and leave nn with the value 4, which the following
switch statement to initialise qbuf does not handle. As a result,
_dns_getnetbyaddr will look up the PTR record for this uninitialised
string, which will leak the pre-existing contents of that stack memory
to the DNS resolver and, if remote and not otherwise protected, network.
Note that _dns_getnetbyaddr is only used if nsswitch.conf is configured
to enable the "dns" source for the "networks" database, which is not the
default configuration in FreeBSD.
For glibc this same bug, in code also derived from BIND's, was issued
CVE-2026-0915. This commit adopts the same behaviour as glibc's fix,
which is to regard a net of 0 as being for 0.0.0.0. Apparently NetBSD
will return NS_UNAVAIL instead, which may or may not make more sense,
but in general glibc compatibility tends to cause less friction when
there's not a good reason to avoid it.
Reviewed by: markj (secteam)
Fixes: 1363f04ce1 ("get* rework and new bind code")
MFC after: 1 day
Security: Same bug as glibc's CVE-2026-0915
First problem is a trivial race that the client thread doesn't see updated
c.sbytes. Second problem applies only to the truncate test. On a machine
with huge default buffer sizes, there is a chance that sendfile(2) will
fill both buffers with amount of data that is larger than the size we plan
to truncate. To minimise chances for this scenario, increase file size
and truncate it less aggressively, also try to decrease buffer sizes.
The test sometimes crashes with ASLR enabled. This seems to happen when
regcomp() grows the process stack and happens to run into the virtual
memory limit set at the beginning of the test. ASLR triggers the
problem since it introduces a bit of fragmentation and thus introduces
cases where stack allocation can be the trigger of virtual memory
exhaustion, rather than dynamic memory allocation in regcomp().
Make the test stable by priming the stack before doing anything else.
This effectively reserves 16MB of virtual memory for the stack, which in
practice is enough to make the test stable on amd64.
PR: 259971
Reviewed by: ngie, emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D54880