Commit Graph

21863 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav 641e8e3956 Revert "libc: Constify the getcap API"
This broke cross-building on Linux and macOS.

This reverts commit 823d00b2d4.
2026-06-05 19:15:46 +02:00
Antranig Vartanian 8f6c577c9f bhyve(8): allow cpu pinning using N-M:X-Y ranges
bhyve's -p allows to pin guest's virtual CPU vcpu to hostcpu, however
this becomes very tedious work when you have to pin more than a single
CPU.

This allows to pass a range to -p, e.g. -p 0-3:4-7 which will pin the
cpus 0:4, 1:5, 2:6, 3:7. The ranges must be equal and the CPU numbers
must be ascending.

Sponsored by: Armenian Bioinformatics Institute
Reviewed by:	corvink, markj
Tested by:	bnovkov
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D54937
2026-06-05 18:07:49 +02:00
Dag-Erling Smørgrav ddf6fad029 etcupdate: Make nobuild the default
The common case for etcupdate is to run it after building and installing
the world, in which case we already have an object directory to draw on.
Add a -b option to turn nobuild off (opposite of -B), and turn nobuild
on by default.

MFC after:	1 week
Reviewed by:	jhb, emaste
Differential Revision:	https://reviews.freebsd.org/D57306
2026-06-05 17:53:25 +02:00
Baptiste Daroussin ab478de1f9 pw: fix incorrect metalog path in mkdir_home_parents 2026-06-05 08:01:56 +02:00
Baptiste Daroussin fe1e912d5a pw: fix setmode(NULL) crash when homemode is a boolean value 2026-06-05 08:01:50 +02:00
Baptiste Daroussin 5f9c8f142d pw: fix const qualification in unquote()
The unquote() function took a const char * parameter but modified the
string in-place (removing quote characters). Change the parameter to
char * and update callers that passed const char * to cast explicitly.
2026-06-05 08:01:44 +02:00
Baptiste Daroussin 4fd8a69ec6 pw: fix inverted condition in shell_path error handling 2026-06-05 08:01:35 +02:00
Baptiste Daroussin 13f4a37b53 pw: fix uninitialized name pointer in pw_group_del
The 'name' variable could be left uninitialized if neither the
positional argument nor -n is supplied, leading to undefined
behavior when passed to getgroup().
2026-06-05 08:01:24 +02:00
Baptiste Daroussin 1cc5684b32 pw: remove duplicate pw_user_add declarations 2026-06-05 08:01:09 +02:00
Dag-Erling Smørgrav a85e39030f etcupdate: Make diff -l actually work
While here, remove unnecessary blank lines.

MFC after:	1 week
Fixes:          6d65c91b9a ("etcupdate: fix arguments order of diff command")
Reviewed by:	Boris Lytochkin <lytboris@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D57330
2026-06-05 00:41:27 +02:00
Dag-Erling Smørgrav 823d00b2d4 libc: Constify the getcap API
MFC after:	1 week
Inspired by:	NetBSD
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D57252
2026-06-05 00:41:22 +02:00
Kristof Provost 3d9cd10b28 pfdenied: fix checking root anchor
pfctl doesn't like empty anchors (-a ''), but we can specify the root
anchor as '/' too, so do that instead.

PR:		295324
Tested by:	Paweł Krawczyk
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2026-06-03 10:52:06 +02:00
Christos Margiolis 4f7092eeb2 virtual_oss_cmd(8): Improve error messages
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2026-06-02 15:00:45 +02:00
Christos Margiolis eb5aa5c337 bsdinstall: Add virtual_oss service option
Since virtual_oss is now part of base, there is no reason not to provide
an installer option to enable it, and make it more visible to new users,
who might also benefit from the devd rules in /etc/devd/snd.conf, which
use virtual_oss, as well as 8532b4a436 ("rc: virtual_oss: Create a
loopback device in the default configuration").

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Reviewed by:	ivy
Pull-Request:	https://ron-dev.freebsd.org/FreeBSD/src/pulls/31
2026-06-02 14:05:05 +02:00
Sulev-Madis Silber ee41a88205 spi: switch to switch
use recommended switch with default case to catch invalid values

Reviewed by:	kevans, adrian
Differential Revision:	https://reviews.freebsd.org/D54759
2026-05-29 09:58:50 -07:00
Jose Luis Duran 283959bbe0 bsdinstall: script: Fix scripted DISTRIBUTIONS
Restore exporting DISTRIBUTIONS to make it available to other scripts.

Reviewed by:	imp, asomers
Fixes:		dc14ae4217 ("bsdinstall: do pkgbase installations with the "script" command")
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D57319
2026-05-29 02:09:49 +00:00
Dag-Erling Smørgrav 95fc64cc29 ctld: More consistent error messages
The error messages ctld emits when it finds a port or LUN it did not
create were inconsistent with each other as well as with ctld's other
error messages.

MFC after:	1 week
Sponsored by:	Klara, Inc.
Sponsored by:	NetApp, Inc.
Reviewed by:	jhb
Differential Revision:	https://reviews.freebsd.org/D57270
2026-05-28 19:22:43 +02:00
Ricardo Branco 4dfc78e0e3 crashinfo: Create core.txt.last symlink
When saving a coredump, savecore(8) maintains .last symlinks for the
info and vmcore artifacts, but not for the crashinfo text report.

Make crashinfo(8) create the link, pointing at the current
core.txt.<bounds> file.

This makes /var/crash/core.txt.last track the same core dump as
info.last and vmcore.last.

[mhorne: I tweaked the submission, such that the link will be created as
soon as the core.txt.X file is generated; not only after a successful
report has been written.]

Signed-off-by:	Ricardo Branco <rbranco@suse.de>
Reviewed by:	mhorne
MFC after:	1 week
Pull Request:	https://github.com/freebsd/freebsd-src/pull/2199
2026-05-28 13:20:30 -03:00
Christos Margiolis 453de99b38 virtual_oss(8): Fix buffer overflow in voss_compressor() call
This particular calls swaps the samples and maxchan arguments, which can
cause a buffer overflow in p_ch_chain if maxchan exceeds its bounds
(VMAX_CHAN).

Reported by:	Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li, and Ke Xu from Tsinghua University using GLM-5.1 from Z.ai
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Reviewed by:	emaste
2026-05-28 16:46:01 +02:00
Ed Maste f9f46294d6 bsdinstall: Use libarchive secure flags for extract
This doesn't really matter, as we trust that the installer tarballs are
not malicious, but it doesn't hurt to set these flags.

Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li, and Ke Xu from Tsinghua University using GLM-5.1 from Z.ai
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57274
2026-05-28 09:03:45 -04:00
Dag-Erling Smørgrav 39f23af2ba certctl: Style nits
MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57298
2026-05-28 14:28:22 +02:00
John Baldwin d1a8fa2e0f ctld: Only check physical port linking in a single configuration context
Commit 969876fcee moved struct pport from being per-configuration to
being a "global" object shared across multiple configurations.  As a
result, the check for duplicate ports actually spanned across
configurations, such that reloading a configuration would now think
that existing physical ports were already linked.

The linking field in pport added in the C++-ification (commit
6acc7afa34) faithfully replicated this bug (albeit simpler as I had
noticed that the TAILQ links weren't used after the earlier commit).

To restore the desired behavior, remove the linking field from struct
pport entirely and use a local unordered_map in conf::add_pports which
tracks if a given pport is claimed by more than one target.

PR:		293076
Reported by:	Ken J. Thomson <thomsonk@yandex.com>
Fixes:		969876fcee ("ctld: parse config file independently of getting kernel info")
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D57093
2026-05-27 16:57:38 -04:00
John Baldwin caef3c50ac ctld: Refactor ioctl port handling
- Normalize ioctl port names when the port name is first added to
  the configuration.  This can catch potential duplicate port names
  sooner and helps with other parts of this change.

- When recognizing existing ioctl ports, always expand the name to
  include the physical and virtual port numbers.  This permits binding
  ioctl/0/0 or ioctl/1/0 to a target, for example.

- When adding physical ports to a target, first check for an existing
  kernel port to reuse.  This handles both ioctl and non-ioctl ports
  and removes the need for the conf::add_port method for ioctl ports
  to check in kports.

- If an existing kport isn't found when adding physical ports, check
  to see if the port name is an ioctl port.  If so, call conf::add_port
  to add an ioctl port.  This add_port method overload is now simpler
  as it always creates a new port.

NB: The kernel_port class handles CTL ports that already existed
before ctld started including existing ioctl ports, whereas the
ioctl_port class handles ioctl ports that are created and completely
managed by ctld.  This was true before this change but is perhaps more
obvious after this change.

Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D57092
2026-05-27 16:57:23 -04:00
John Baldwin 7a436d3789 ctld: Don't ignore pp/vp values of kernel ports with pp == 0 but vp != 0
Fixes:		c6f1e9b8a4 ("ctld: Simplify XML parsing memory management")
Sponsored by:	Chelsio Communications
2026-05-27 16:56:56 -04:00
Christos Margiolis 8b8dbc6bbe sndctl(8): Implement EQ controls
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Pull Request:	https://ron-dev.freebsd.org/FreeBSD/src/pulls/15
2026-05-27 17:27:11 +02:00
Aymeric Wibo aba599a6cc zzz: Rewrite to use new power device
Previous script called acpiconf(8) (or apm(8) if ACPI wasn't supported,
although this was anyway redundant because APMIO just uses ACPI now).

Since a new generic power management interface was introduced, this isn't
sufficient, as this would only work for ACPI systems and for ACPI S3 suspend
(so no way to select suspend-to-idle). Rewrite in C to take advantage of the
new power interface.

We may want to add a switch to manually override the kern.power.suspend sysctl,
which is otherwise what the power device uses to decide which suspend type to
switch to (suspend-to-idle or firmware suspend), but this will require us to
amend the power interface.

Reviewed by:	olce, imp, mhorne, ziaee
Tested by:	mhorne
Approved by:	olce, imp, mhorne, ziaee
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D56918
2026-05-27 00:05:45 +01:00
Hans Rosenfeld ccb14be785 bhyve/virtio-scsi: Make all I/O processing parameters configurable
This includes:
- seg_max, the number of segments allowed in a single command
- {ctl,evt,req}_ringsz, the number of descriptors in a queue
- thr_per_q, the number of processing threads per request queue
- num_queues, the number of request queues

Reviewed by:	markj
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D54073
2026-05-26 16:03:12 +00:00
Hans Rosenfeld 9542ddb21d bhyve/virtio-scsi: Support multiple backends
In order to support multiple backends for virtio-scsi, we should isolate
the core of virtio-scsi from the backend-specific code. The existing
interface to CTL will become the new "CTL" backend for virtio-scsi.

Care has been taken to keep compatibility with previous configurations:
The first backend linked (CTL) will be the default backend if none is
specified, and it does provide a default configuration if no further
options such as targets are explicitly configured.

Reviewed by:	markj
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D53223
2026-05-26 16:03:12 +00:00
Hans Rosenfeld 19728f98cb bhyve/virtio-scsi: Implement task management functions
Currently, all I/O requests are queued internally, and a number of
threads will pick I/O requests of the queue and send them to CTL with
a synchronous CTL_IO ioctl. On the other hand, TMF requests are sent
to CTL immediately using the same synchronous ioctl.

Besides being unworkable for non-CTL backends such as for SCSI
passthrough, this simple approach may easily run into situations
where a TMF request operating on a particular I/O request is sent
to CTL while it is still on our queue and thus unknown to CTL.
In addition, for target and/or LUN resets we should really clear
our queue and return all outstanding I/O requests with a proper
status.

Reviewed by:	markj
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D53222
2026-05-26 16:03:12 +00:00
Hans Rosenfeld 4151296fdc bhyve/virtio-scsi: Support for multiple targets
Currently, virtio-scsi supports only one target with 16383 LUNs, which
fits nicely with what CTL provides. It would be useful to support more
than that, multiple targets each with 16383 LUNs.

While this can be useful with CTL by attaching each target to another
CTL target port, this will be necessary to support SCSI passthrough.

The new syntax for configuring targets will look like this:

-s X,virtio-scsi,target=/dev/foo,target=/dev/bar,target=4:/dev/baz

This will create the following configuration nodes:

pci.0.X.0.device=virtio-scsi
pci.0.X.0.target.0=/dev/foo
pci.0.X.0.target.1=/dev/bar
pci.0.X.0.target.4=/dev/baz

The existing configuration syntax is still understood for compatibility:

(1) -s X,virtio-scsi
(2) -s X,virtio-scsi,/dev/foo
(3) -s X,virtio-scsi,dev=/dev/foo

This will create the following configuration nodes:

pci.0.X.0.device=virtio-scsi (1, 2, 3)
pci.0.X.0.target.0=/dev/cam/ctl (1)
pci.0.X.0.target.0=/dev/foo (2, 3)

Reviewed by:	markj
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D53221
2026-05-26 16:03:12 +00:00
Dag-Erling Smørgrav 123591e41c lpd: Style and whitespace cleanup
No functional change intended.

MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57186
2026-05-25 18:52:17 +02:00
Dag-Erling Smørgrav 0f3e148709 lpd: Fix issues reported by clang-analyzer
Also, unlink our temporary file if we fail to chmod it.

MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57185
2026-05-25 18:52:17 +02:00
Dag-Erling Smørgrav f2c7c5f948 lpd: Avoid buffer overflow when sending a job
When forwarding a print job to a remote server, we could overflow the
command buffer if a control or data file had a very long name.

MFC after:	1 week
Reported by:	Joshua Rogers <joshua@joshua.hu>
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57184
2026-05-25 18:52:16 +02:00
Dag-Erling Smørgrav 6047f6a210 lpd: Drop deprecated -p option
This alias for the -s option has been deprecated since 2002.  Time to
drop it from the documentation.

MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57183
2026-05-25 18:52:16 +02:00
Dag-Erling Smørgrav 8e91778973 lpd: Reorder option list in manual page
MFC after:	1 week
Reviewed by:	ziaee, markj
Differential Revision:	https://reviews.freebsd.org/D57182
2026-05-25 18:52:16 +02:00
Dag-Erling Smørgrav c0cae7d8da lpd: Restore ability to specify a port number
This has been broken since IPv6 support was added in 2000.  We would
validate the port number (which had to be a port number, but can now
also be a service name) and then ignore it.

MFC after:	1 week
Fixes:		08829865f6 ("IPv6 support for lpr.")
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D57181
2026-05-25 18:52:16 +02:00
Dag-Erling Smørgrav 05e8f2bf09 ttymsg: Overhaul
* Instead of an error string, return the usual 0 or -1 and let the caller
  figure out what, if anything, to tell the user.

* Avoid string manipulations by opening /dev first and using openat()
  with O_RESOLVE_BENEATH.

* Add a boolean argument which, if false, causes ttymsg() to return
  without sending the message if the tty's group-writable bit is not
  set.  This saves programs that respect this setting (like syslogd(8))
  from having to check before calling ttymsg().

* Update all callers.

The observable effect of this change is minimal except for slightly
different error messages when ttymsg() fails.  However, syslogd(8) will
no longer print spurious error messages on the console after trying and
failing to write a log message to an X11 session.

PR:		295171
MFC after:	1 week
Reviewed by:	jfree, markj
Differential Revision:	https://reviews.freebsd.org/D57018
2026-05-25 18:52:15 +02:00
Michael Osipov c74645b0c8 mfiutil.8/mrsasutil.8: Use Broadcom/LSI consistently
Both tools support controllers from both companies, so document it.

Reviewed by:	ziaee (via IRC)
MFC after:	immediately
Differential Revision:	https://reviews.freebsd.org/D57212
2026-05-23 22:12:43 +02:00
Pat Maddox c783d7181d syslogd: fix memory leak in casper_ttymsg()
nvlist_take_string_array(9) takes ownership of the array and its
strings. casper_ttymsg() freed neither, leaking memory on every
F_CONSOLE and F_TTY message. On long-running systems with high
error-rate syslog traffic routed to /dev/console, syslogd.casper grew
to hundreds of MB.

Use nvlist_get_string_array(9) to borrow the array instead. Update
casper_wallmsg() similarly.

Approved by:    src (des)
Closes:         https://github.com/freebsd/freebsd-src/pull/2222
Fixes:          61a29eca55 ("syslogd: Log messages using libcasper")
MFC after:      3 days
MFC to:         stable/15
PR:             295488
Reported by:    Pat Maddox <pat@patmaddox.com>
Reviewed by:    markj
Tested by:      dch
2026-05-22 21:45:30 +00:00
Christos Margiolis 5f904cb1b0 virtual_oss(8): Create loopback devices with GID_AUDIO
Make sure the user is part of the audio group to avoid unintended
snooping of loopback audio by unprivileged users.

While here, retire voss_dsp_perm, since we don't use the same value
everywhere now.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Reviewed by:	emaste
Pull-Request:	https://ron-dev.freebsd.org/FreeBSD/src/pulls/26
2026-05-21 19:32:43 +02:00
Mark Johnston 2afb4c979f bsdconfig: Make sure that SSID names are properly escaped
The f_menu_wpa_scan_results() function returns a list of networks
discovered by a scan.  The untrusted network names are evaluated in
f_dialog_menu_wireless_edit.  The quoting applied in
f_menu_wpa_scan_results() protects against evaluation of something like
"$(whoami)" but one can add single quotes to defeat that.

Pass the SSID names through f_shell_escape to work around this.  Escape
single quotes in f_dialog_wireless_edit() and f_menu_wireless_configs()
too for consistency.

I note that this module doesn't seem to actually work, see e.g.,
bugzilla PR 229883.

Approved by:	so
Security:	FreeBSD-SA-26:23.bsdinstall
Security:	CVE-2026-45255
Reported by:	Austin Ralls
Reviewed by:	dteske, des
Differential Revision:	https://reviews.freebsd.org/D56974
2026-05-20 19:34:51 +00:00
Mark Johnston 0f15f53590 bsdinstall: Avoid invoking eval on the wlan SSID list
The wlanconfig utility is not careful about handling untrusted network
names, which can contain shell metacharacters.  Factor network selection
into a subroutine and use the `set -- "$@"` trick to build up a list of
positional parameters for bsddialog without evaluating them.

Approved by:	so
Security:	FreeBSD-SA-26:23.bsdinstall
Security:	CVE-2026-45255
Reported by:	Austin Ralls
Reviewed by:	dteske, des, asiciliano
Differential Revision:	https://reviews.freebsd.org/D56973
2026-05-20 19:34:50 +00:00
John Baldwin 9306d0449b ctld: Simplify pidfile rename handling in conf::apply
Explicitly copy the pidfile path from the initial configuration file
to the kernel-derived configuration to avoid having to check if the
old path is empty as a special case in conf::apply().

Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D56533
2026-05-18 15:49:57 -04:00
John Baldwin f1c5de5fab ctld: Add a dedicated conf method for shutting down
Currently the main loop creates an empty config and applies it to
force a shutdown of all of the existing configuration.  While this is
functional and does avoid duplicating some code, it is also a bit
clunky and requires a special hack in the pidfile path handling
in the conf::apply method.

Instead, use a dedicated conf::shutdown method which tears down the
CTL ports and LUNs and closes the sockets.

Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D56532
2026-05-18 15:49:35 -04:00
John Baldwin 63d7b7fad2 ctld: Mark a few more isns_* methods in the conf class private
These are only invoked from other methods in the conf class.

Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D56531
2026-05-18 15:47:57 -04:00
John Baldwin 4f90de0933 ctld: Remove redundant call to conf::isns_schedule_update
This is already called at the end of conf::apply.

Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D56530
2026-05-18 15:47:41 -04:00
Dag-Erling Smørgrav 2509ddee9b freebsd-update: Skip /etc/ssl/cert.pem
We already run `certctl rehash` at the end, there is no point in asking
users upgrading from 15.0 to 15.1 to manually merge the trust store.

MFC after:	3 days
Reviewed by:	cperciva
Differential Revision:	https://reviews.freebsd.org/D57028
2026-05-18 18:22:04 +02:00
Bjoern A. Zeeb ca67cfa523 fwget: update realtek and intel pci entries
For Realtek we only add new entries.

For Intel the old way of extracting IDs from the driver no longer
works.  The new list is shortened as we drop more specific entries
which were already covered by wildcard entries.  The new lists are
also sorted within the groups.
There are 4 entries the new driver no longer carries but are still
present in older versions, so we keep them manually.

Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2026-05-17 23:37:12 +00:00
Mateusz Piotrowski e0c3d21e3b bhyve.8: Improve readability by not breaking -f's synopsis
MFC after:	3 days
2026-05-15 11:49:43 +02:00
Mateusz Piotrowski 7abddbb3cd bhyve.8: Fix formatting of -G's "w" prefix
"w" is a command modifier, not an argument. Use Cm.

Fixes:	2cdff9918e byhve: add option to specify IP address for gdb
MFC after:	3 days
2026-05-15 11:48:43 +02:00