Commit Graph

309429 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav 22fa41b4e8 unbound: Update to 1.24.2
Merge commit 'ec5b94f552d7cb2a9d456c67e9941bcf5e3698bf'

This is purely cosmetic as we already had the functional changes.

MFC after:	1 week
2026-05-22 20:16:26 +00:00
Dag-Erling Smørgrav 290190b26c unbound: Regenerate for 1.24.1
No functional changes intended.

Fixes:		8b29c373e6 ("unbound: Vendor import 1.24.1")
2026-05-22 20:14:47 +00:00
Dag-Erling Smørgrav cd69bc03cf unbound: Tweak freebsd-configure script
Regenerating the configure script is optional and can introduce noise
if the installed versions of autoconf, automake, and libtool do not
match those used upstream.  Tweak our script slightly so it will skip
this step if libtoolize is not found.
2026-05-22 21:55:22 +02:00
Dag-Erling Smørgrav dd64155367 ldns: Fix unused variable on big-endian
MFC after:	1 week
Fixes:		9ed998a81b ("ldns: Update to 1.9.0")
2026-05-22 21:38:34 +02:00
Ed Maste eff5f220c3 netlink: Fix interface type match
Reviewed by: bz, glebius, pouria
Fixes: 7e5bf68495 ("netlink: add netlink support")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57167
2026-05-22 14:34:13 -04:00
Andrew Gallatin fd9af1e708 sendfile: Fix bug when using headers with SW KTLS offload
When using SW KTLS, we must account for the headers in sf_iodone()
in terms of either freeing or enqueuing them for TLS work.
Not doing so can lead to a situation where we enqueue only
the payload, and not the header, for encryption. Rather than
leaking the header, the socket is left "hung" with the header marked
M_NOTREADY.

Sponsored by: Netflix
Reviewed by: glebius, kib
Differential Revision: https://reviews.freebsd.org/D57134
MFC After: 14 days
2026-05-22 14:33:41 -04:00
Alexander Ziaee 4e2bf6e90a mdoc.7: Revert upstream changes to Lb/LIBRARY
Since this manual describes the mdoc syntax throughout the ecosystem,
I had to blend what we had before with what upstream is doing now.

Thanks:		adrian
MFC after:	3 days (we shipped this doc in 15.0/14.4)
Reviewed by:	ivy, mhorne, des, adrian
Discussed with:	arch@
Differential Revision:	https://reviews.freebsd.org/D56153
2026-05-22 14:31:54 -04:00
Dag-Erling Smørgrav 70739f3499 ldns: Regenerate configuration after update
MFC after:	1 week
Fixes:		d44c9549ef ("ldns: Update to 1.8.4")
Fixes:		9ed998a81b ("ldns: Update to 1.9.0")
2026-05-22 20:12:26 +02:00
Dag-Erling Smørgrav 76c3387024 tftpd: Simplify packet drop macro
The first argument is always the function name, for which we can simply
use __func__.  This leaves only the optional return value, so we can use
a single variadic macro instead of two nearly-identical copies.

MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57076
2026-05-22 19:57:35 +02:00
Dag-Erling Smørgrav 9338937713 tftpd: Add missing bounds checks
In send_[rw]rq(), we were using strlcpy() to avoid overflowing our
packet buffer, then failing to check the result and blithely advancing
our pointer by the full length.

Luckily, this code is only ever used by tftp(1), not tftpd(8).

MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57075
2026-05-22 19:57:31 +02:00
Dag-Erling Smørgrav b94689d036 tftp: Add test case with over-long URL
This adds a test case that passes a very long URL on the command line,
which would previously have resulted in a benign buffer overflow in
urihandling(), detectable only by compiling tftp with ASAN enabled.

MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57074
2026-05-22 19:57:27 +02:00
Dag-Erling Smørgrav 29aaaa5e66 tftp: Style cleanup
MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57073
2026-05-22 19:57:23 +02:00
Dag-Erling Smørgrav 5fd928cf1c tftp: Replace fgets with getline
MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57072
2026-05-22 19:57:20 +02:00
Dag-Erling Smørgrav 47e4571df1 tftp: Fix handling of port name or number
MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57105
2026-05-22 19:57:16 +02:00
Dag-Erling Smørgrav 2935133570 tftp: Close files when we're done with them
Also, delete the file we created if receiving it failed.

MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57071
2026-05-22 19:57:12 +02:00
Dag-Erling Smørgrav a4b1759418 tftp: Simplify URI handling
* No need to copy our argument into a new buffer; it is writeable and
  will not be reused after we return.

* Instead of constructing the string "get path" and then splitting it
  into an argument vector, just construct the vector directly.  This
  avoid potentially overrunning the buffer.

* Call settftpmode() just once, with either the default mode or the
  user-provided value we already validated.

* Use errx() instead of fprintf(stderr) + exit().

Reported by:	Moyao, Minghao Fu
MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57070
2026-05-22 19:57:08 +02:00
Dag-Erling Smørgrav 9ed998a81b ldns: Update to 1.9.0
Merge commit '5eb18e8576462f5bb33fbd60fcbd752fe5791f33'

MFC after:	1 week
Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D57170
2026-05-22 19:54:58 +02:00
Dag-Erling Smørgrav d44c9549ef ldns: Update to 1.8.4
Merge commit '3dcfa5af412125cd1bad1d383ff7c18c5effbd77'

MFC after:	1 week
Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D57169
2026-05-22 19:54:09 +02:00
Dag-Erling Smørgrav f103898935 Revert "import ldns 1.8.3"
Pre-push rebase bungled the metadata

This reverts commit 2bc6aa3c41.
2026-05-22 19:53:26 +02:00
Dag-Erling Smørgrav 399f9ca49b Revert "import ldns 1.9.0"
Pre-push rebase bungled the metadata

This reverts commit 597a090ff2.
2026-05-22 19:53:26 +02:00
Jitendra Bhati e624417db8 lib/libc/tests/gen: add fts_children() tests
Add ATF test cases covering fts_children() behaviour:

- before fts_read returns root entry list
- empty directory returns NULL with errno 0
- non-empty directory returns all children in order
- called twice returns equivalent results
- FTS_NAMEONLY fills only fts_name, fts_info is FTS_NSOK
- non-directory node returns NULL with errno 0
- invalid options returns NULL with EINVAL

Sponsored by:	Google LLC (GSoC 2026)
Reviewed by:	asomers
MFC after:	1 week
Pull Request:	https://github.com/freebsd/freebsd-src/pull/2218
2026-05-22 11:40:06 -06:00
Jitendra Bhati 113c262b2a lib/libc/tests/gen: add fts_open() error and edge case tests
Add ATF test cases covering fts_open() error conditions and
edge cases:

- invalid option bits (outside FTS_OPTIONMASK) yield EINVAL
- empty argv yields EINVAL
- empty path string yields FTS_NS with ENOENT
- nonexistent path yields FTS_NS, not open failure
- trailing slash does not crash (SVN r49851 regression)
- unreadable directory yields FTS_D then FTS_DNR, never FTS_DP
- multiple root paths are all visited left to right

Sponsored by: Google LLC (GSoC 2026)
Reviewed by:	asomers
MFC after:	1 week
Pull Request:	https://github.com/freebsd/freebsd-src/pull/2217
2026-05-22 11:38:21 -06:00
Dag-Erling Smørgrav 597a090ff2 import ldns 1.9.0
MFC after:	1 week
Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D57170
2026-05-22 19:23:59 +02:00
Dag-Erling Smørgrav 2bc6aa3c41 import ldns 1.8.3
MFC after:	1 week
Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D57169
2026-05-22 19:23:57 +02:00
Dag-Erling Smørgrav cbe037c970 ldns: Belatedly update for OpenSSL 3.0.0
MFC after:	1 week
Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D57168
2026-05-22 19:23:50 +02:00
Jitendra Bhati e030e4e73f lib/libc/gen/fts.3: use 'options' consistently in fts_set() description
The RETURN VALUES section used "instr" to describe the fts_set()
argument, while the SYNOPSIS and all other references use "options".
Fix the inconsistency.

MFC after:	1 week
Sponsored by:	Google LLC (GSoC 2026)
Reviewed by:	asomers
Pull Request:	https://github.com/freebsd/freebsd-src/pull/2213
2026-05-22 11:18:25 -06:00
Mark Johnston bed77cf7c2 vmm/arm64: Compile vmm_nvhe.c without SSP
This file implements a set of EL2 hypercall handlers and is used to
switch between guests and the host kernel when VHE is not in use.  There
is no SSP runtime available there.

Reported by:	Jenkins
Fixes:		8deebce931 ("kernel: Enable -fstack-protector-strong by default")
2026-05-22 16:10:04 +00:00
Mark Johnston c9546bb619 tests/procdesc: Use a more efficient mechanism to block
Reviewed by:	kib
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D57149
2026-05-22 14:56:47 +00:00
Mark Johnston bc041630fa tcp: Remove a no-op eventhandler
It has done nothing since commit bc7d18ae72.  No functional change
intended.

Reviewed by:	tuexen
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D57101
2026-05-22 14:51:15 +00:00
Mark Johnston 8deebce931 kernel: Enable -fstack-protector-strong by default
This extends stack canary use to all functions which define arrays on
the stack, not just those which operate on byte buffers.  This option
would have made it harder to exploit SA-26:18.setcred and
SA-26:08.rpcsec_gss.

The change bloats the amd64 kernel text by about 350KB and increases the
number of covered functions from ~1500 to ~9000 (within the kernel
itself, i.e., not counting kernel modules).

Reviewed by:	olce, olivier, emaste
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D56870
2026-05-22 14:45:52 +00:00
Mark Johnston 6ab30433a7 tests/net: Run all tests with execenv=jail and enable parallelism
This has been stable in my testing, and enabling parallelism speeds up
test runs considerably.  In particular, with -v parallelism=16 in a
16-vcpu bhyve VM my test runs go from ~50m to ~40m; the exact numbers
depend on the kernel config in use.

Reviewed by:	pouria
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D57094
2026-05-22 14:44:08 +00:00
Ed Maste 1a4ad649cb netlink: Avoid undefined behaviour
Even though it is not dereferenced, it is UB to take the address of an
out of bounds array element.

Reviewed by: pouria, bz, des, adrian
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57158
2026-05-22 10:21:11 -04:00
Dag-Erling Smørgrav ec5b94f552 import unbound 1.24.2 2026-05-22 16:07:12 +02:00
Dag-Erling Smørgrav 5eb18e8576 import ldns 1.9.0 2026-05-22 15:37:52 +02:00
Dag-Erling Smørgrav 3dcfa5af41 import ldns 1.8.3 2026-05-22 15:36:27 +02:00
Aymeric Wibo 0b2df68367 acpi_spmc: Remove useless __DECONSTs
Sponsored by:	The FreeBSD Foundation
2026-05-22 12:27:40 +01:00
Christos Margiolis 3a3b054591 sound: Remove SV_ABI_LINUX ifdef
This ifdef does not do anything, SV_ABI_LINUX is a flag.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Reviewed by:	ivy, brooks
Pull-Request:	https://ron-dev.freebsd.org/FreeBSD/src/pulls/37
2026-05-22 13:03:09 +02:00
Aymeric Wibo f814650aaf power: Fix stype name lengths
When updating the names of the sleep types in 95b4436e98 ("power:
Rename sleep types"), I forgot to update the lengths of the buffers they
went into.

Reported by:	mhorne
Fixes:	95b4436e98 ("power: Rename sleep types")
Sponsored by:	The FreeBSD Foundation
2026-05-22 11:01:07 +01:00
ShengYi Hung 28d85db46b xhci: Do not drop and add bits in xhci
Drop and Add bits reset the data toggle for high-speed devices in XHCI.
The toggle bit represents the sequence number in USB 2.0 transfers. However,
a device can only recognize that the toggle bit has been reset while in
the HALT state. As a result, the host and device toggle values may
become mismatched, causing xHCI to reject the packet. This issue was
observed while testing the EZ-USB FX2 device.

The transfer may then return to the original value after a
bi-directional TD because the toggle field is only one bit wide. This
explains the reson that we can only receive packets bi-transfer in some
case. Therefore, we do not reset the toggle bit here.

Reviewed by:    adrian
MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57146
2026-05-22 15:41:07 +08:00
Konstantin Belousov 0c85df0065 vop_read_pgcache_post(): the vnode is unlocked
Reported by:	markj
Fixes:	e9a5eb0e5e ("vop_read_pgcache_post(): report inotify IN_ACCESS same as for vop_read_post()")
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2026-05-22 06:07:59 +03:00
Ed Maste d66fec481b netlink: Fix lock leak in nl_find_nhop
Reviewed by: bz, pouria
Fixes: 7e5bf68495 ("netlink: add netlink support")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57156
2026-05-21 20:38:45 -04:00
Kristof Provost e4130ac13d pf: switch to getmicro(up)time()
It is reported that micro(up)time() performs poorly in certain
virtualisation scenarios. Absolute accuracy isn't required here, so
switch to the slightly less accurate (as per the man page) get-variants.

PR:		295043
MFC after:	3 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2026-05-21 23:19:50 +02:00
Kristof Provost 64327f769c pf: fix incorrect table decoding in netlink
We used nla_p_table for pfr_table structures, but this netlink decoder
was intended for pfioc_table and decoded an extra field, outside
of pfr_table. This allowed userspace to write (slightly) outside of
pfr_table.

Use a separate nlattr_parser for pfr_table.

PR:		295218
Reported by:	Robert Morris <rtm@lcs.mit.edu>
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2026-05-21 23:19:49 +02:00
Olivier Certner ad3d7666e0 BSD.tests.dist: Add the new sys/mac/do directory
Without that, 'make distributeworld' fails ('make buildworld' and 'make
installworld' do not need it).

Fixes:          cba191e291 ("MAC/do: Add basic tests on setting rules")
MFC after:      1 minute
Sponsored by:   The FreeBSD Foundation
2026-05-21 22:32:16 +02:00
Joseph Mingrone bc2055b945 sbin/devd/snd.conf: Add missing -n options to sysrc calls
Reviewed by:	christos
Fixes:		70e27ecba5 (virtual_oss: Introduce virtual_oss_default_control_device rc variable)
Sponsored by:	The FreeBSD Foundation
Pull Request:	https://ron-dev.freebsd.org/FreeBSD/src/pulls/36
2026-05-21 17:14:45 -03:00
Konstantin Belousov f5433e7840 vfs_domount(): handle the case when vn_lock_pair() only locked once
Reviewed by:	jah, markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D57035
2026-05-21 23:11:55 +03:00
Konstantin Belousov ace4a3e177 vn_lock_pair(): handle the case of vp1->v_vnlock == vp2->v_vnlock
It is not enough to check vp1 == vp2 to detect lock recursion, since
vnodes might share the locks.  This might happen for e.g. stacked
filesystems (nullfs and other), and for FFS snapshots.

Switch from checking vnode equiality to check v_vnlock equiality, and
recheck the condition after vnode relock since reclamation or otner
parallel operation might change the vnode locks under us.

Return a value (not really an error) indicating the case that vnodes
share the lock, to simplify the unlock in caller.

Reviewed by:	jah, markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D57035
2026-05-21 23:11:47 +03:00
Martin Cracauer 03c410ba17 man: Stop referring to non-existing manpage strlcpy(9)
Reviewed by: ziaee, mhorne, kevans
2026-05-21 16:08:08 -04:00
Olivier Certner cba191e291 MAC/do: Add basic tests on setting rules
MFC after:      1 minute
Sponsored by:   The FreeBSD Foundation
2026-05-21 21:18:56 +02:00
Olivier Certner 21df76d01f mac_do.4: Jail parameter takes 'new', not 'enable'; uid_t/gid_t are 32-bit
MFC after:	1 minute
Sponsored by:   The FreeBSD Foundation
2026-05-21 21:18:48 +02:00