Commit Graph

303121 Commits

Author SHA1 Message Date
Olivier Certner 66b54c48b2 setcred.2: Remove now obsolete mention of setgroups(2)'s different behavior
Reviewed by:    gbe
Fixes:          9da2fe96ff ("kern: fix setgroups(2) and getgroups(2) to match other platforms")
MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52285
2025-09-17 14:16:07 +02:00
Olivier Certner 6d22cd6b5f setgroups.2: Add SECURITY CONSIDERATIONS, fix the groups limit, rework
Add a new SECURITY CONSIDERATIONS section describing in details what the
new behavior is after commit 9da2fe96ff ("kern: fix setgroups(2) and
getgroups(2) to match other platforms"), what setgroups(2) does not
do anymore, and how programs using it are affected.

Fix the groups limit after commit 9da2fe96ff ("kern: fix setgroups(2)
and getgroups(2) to match other platforms").

Prefer a terminology referring to POSIX terms, i.e., use "effective
group list" instead of "group access list".

While here, fix some style.

Note for MFC to stable/14: The content will have to be revised as the
new behavior is not in place.  The latter should still be mentioned as
upcoming in 15.

Fixes:          9da2fe96ff ("kern: fix setgroups(2) and getgroups(2) to match other platforms")
MFC after:      5 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52284
2025-09-17 14:16:07 +02:00
Olivier Certner 9294eb44ee getgrouplist.3: Rework, use more appropriate terminology
Bring up to date with NSS by substituting "file" with "database".

Describe more precisely which database is accessed, i.e., only the group
database, which value should be used and where it lands in the result.

Prefer a terminology referring to POSIX terms, i.e., use "effective
group list" instead of "group access list".

Reviewed by:    gbe
MFC after:      5 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52283
2025-09-17 14:16:07 +02:00
Olivier Certner 9dc1ac8691 initgroups(3): Add a pre-FreeBSD-15-compatible version
After commit 9da2fe96ff ("kern: fix setgroups(2) and getgroups(2) to
match other platforms"), initgroups() does not set the effective GID
anymore and uses all passed groups as the supplementary group list.
This effectively breaks backwards compatibility with programs/libraries
compiled on a FreeBSD 14 or earlier system.

Restore compatibility by creating a new version of the 'initgroups'
symbol that designates the current implementation and providing
a pre-FreeBSD-15-compatible version under the symbol's previously
exported version.  The new version calls the new setgroups(2) system
call, while the compatible one calls the original one (called
freebsd14_setgroups()).

Update the manual page with some history and comparison with other
current open-source systems.  Add a "SECURITY CONSIDERATIONS" section
highlighting some security properties of this approach and the reasons
we adopt it.  While here, revamp the manual page, in particular to use
the exact POSIX terminology where possible.

Note for MFC to stable/14: Only the manual page update is to be MFCed,
and the text changed to reflect the old behavior and inform readers of
the new upcoming behavior in 15.

Reviewed by:    kib
Fixes:          9da2fe96ff ("kern: fix setgroups(2) and getgroups(2) to match other platforms")
MFC after:      5 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52282
2025-09-17 14:16:06 +02:00
Olivier Certner 0b018cfd81 initgroups(3): Fix return value on allocation failure
We must not return ENOMEM, but rather -1 with 'errno' set to ENOMEM, as
described in the manual page and as other implementations are doing.
A malloc() failure actually already sets ENOMEM for us.  Add comments
indicating which function set 'errno' each time we return.

While here, improve style and remove useless headers.

Reviewed by:    kib, emaste
Fixes:          54404cfb13 ("In preparation for raising NGROUPS and NGROUPS_MAX, ...")
MFC after:      5 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52580
2025-09-17 14:16:06 +02:00
Olivier Certner 696cfb27ca syscalls: Old setgroups(2)/getgroups(2): Remove superfluous STD type
An examination of the scripts under 'sys/tools/syscalls' indicates that
keeping STD as a type in the presence of COMPATxx does not make any
difference, and regenerating system call files with STD removed does
indeed not show any difference.  Moreover, this practice is inconsistent
with the rest of the file.

Thus, remove the superfluous STD type for the two above-mentioned system
calls.  While here, re-order the remaining types for getgroups() to be
consistent with other such occurences (COMPATxx before CAPENABLED).

Reviewed by:    kevans, emaste
MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52499
2025-09-17 14:16:06 +02:00
Olivier Certner 59049f4b47 hastd: Remove some now useless assertion
It is in fact redundant with the previous one, as the set of
supplementary groups is expected to be empty.

MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52281
2025-09-17 14:16:05 +02:00
Olivier Certner 10b789d7e1 linux: getsockopt(): Simplify exporting groups a bit
No functional change (intended).

Go through conversion to a 'l_gid_t' before copying out in order to cope
with differing group types (except for not representable values, of
course).  This is what is done, e.g., for getgroups() in 'linux_misc.c'.
As Linux's group type is the same as ours on all architectures, we could
as well just stop bothering and copy out our memory representation,
eliminating the loop here.  Whatever the choice, though, it has to be
consistent here and there.

Introduce 'out' of type 'l_gid_t' to avoid performing "by hand" array
arithmetics when copying out.

MFC after:      5 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52280
2025-09-17 14:16:05 +02:00
Olivier Certner b1326edddb linux: setgroups16(): Pre-extend the groups array
For the size we know we will need in the end.

No functional change (intended).

MFC after:      5 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52279
2025-09-17 14:16:05 +02:00
Olivier Certner b7a87d7c0d linux: setgroups(): Avoid allocation under the process lock
This was missed in commit 838d985825 ("Rework the credential code to
support larger values of NGROUPS (...)").

No functional change (intended).

MFC after:      5 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52278
2025-09-17 14:16:04 +02:00
Olivier Certner bbdea7c9f4 linux: setgroups(): Fix the group number's upper limit
'ngroups_max' is the maximum number of supplementary groups the system
will accept, and this has not changed.

Fixes:          9da2fe96ff ("kern: fix setgroups(2) and getgroups(2) to match other platforms")
MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52277
2025-09-17 14:16:04 +02:00
Olivier Certner a207833f4f linux: Simplify further getgroups() after 'cr_gid' not in cr_groups[]
No functional change (intended).

While here, fix/improve style a bit and in setgroups().

MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52276
2025-09-17 14:16:04 +02:00
Olivier Certner f75d0dc533 cr_canseeothergids(): Make the logic easier to grasp
Invert the initial test on whether the policy is in force so that, if
there are no restrictions, the function bails out early, allowing to
de-indent the rest of the code and have it finish with a non-zero (deny)
'return'.

No functional change (intended).

MFC after:      5 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52272
2025-09-17 14:16:03 +02:00
Olivier Certner d39756f23f MAC/do: Restore matching the first supplementary group
As 'cr_gid' was in fact stored in cr_groups[0],
rule_grant_supplementary_groups() would loop only on further elements of
cr_groups[].  Now that cr_groups[0] is not 'cr_gid' anymore, but some
supplementary group, take it into account.

Fixes:          be1f7435ef ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52271
2025-09-17 14:16:03 +02:00
Olivier Certner ab7186a486 MAC/bsdextended: Restore matching subjects' effective GID
Fixes:          be1f7435ef ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52270
2025-09-17 14:16:03 +02:00
Olivier Certner 0abeb8d8d8 cred: 'struct ucred': Rework comment on 'cr_gid'/cr_groups[]
Make it more straightforward for consumers.  Also, recommend using
cr_sgroups[] for supplementary groups, as this can generally alleviate
index problems and will help us spot and change consumers if/when
'struct ucred' is evolved incompatibly (and cr_sgroups[] suppressed).

MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52269
2025-09-17 14:16:02 +02:00
Olivier Certner fa1cbb02d1 cred: Restore proper checking of effective groups in some security policies
The removal of 'cr_gid' from cr_groups[] as cr_groups[0] made
cr_canseeothergids() skip considering the subject's first supplementary
group, causing the 'security.bsd.see_other_gids' policy to be too
restrictive, and cr_xids_subset() miss a check on the effective GID,
relaxing the "can debug" and "can export KTLS keys" checks.

Fix these policies.

Fixes:          be1f7435ef ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52268
2025-09-17 14:16:02 +02:00
Olivier Certner 30193fce43 cred: Remove obsolete comment after getgroups() not returning the eGID
No functional change.

Fixes:          9da2fe96ff ("kern: fix setgroups(2) and getgroups(2) to match other platforms")
MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52267
2025-09-17 14:16:02 +02:00
Olivier Certner 9397b2ef74 cred: Update some comments after 'cr_gid' is no more cr_groups[0]
While here, fix style of some already-updated comments.

Fixes:          be1f7435ef ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52266
2025-09-17 14:16:01 +02:00
Olivier Certner a61e7b5c98 cred: 'kern.ngroups' tunable: Rework the comment on the initial value
Remove the parts about the effective GID being stored as the first
element of the groups array, as this is generally not the case now after
commit be1f7435ef ("kern: start tracking cr_gid outside of
cr_groups[]") (some credentials export structures still have the old
layout, and need to do the 'ngroups_max + 1' computation, but given the
computation needed to obtain a size in bytes, this detail is not really
important here).

Remove the part about 32-bit machines, avoiding another modification
when support for them is removed.

No functional change.

MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52265
2025-09-17 14:16:01 +02:00
Olivier Certner 5fa6ca8b8a nfsd: nfsd_excred(): Remove an obsolete comment
This comment has been obsoleted by commit be1f7435ef ("kern: start
tracking cr_gid outside of cr_groups[].").

No functional change.

MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52264
2025-09-17 14:16:01 +02:00
Olivier Certner d22592cd6f fuse: Fix GID when sending FUSE_INTERRUPT to a FUSE daemon
Due to the partial-only changes of commit 46c07316f9 ("kern: adopt the
cr_gid macro for cr_groups[0] more widely"), subsequent commit
be1f7435ef ("kern: start tracking cr_gid outside of cr_groups[]")
caused a mismatch between filling cr_groups[0] in 'reused_creds' in
fuse_interrupt_send() and reading 'cr_gid' from it in
fuse_setup_ihead(), with the consequence that the kernel would send
a FUSE_INTERRUPT message to the FUSE deamon with an uninitialized GID in
its header (which, besides being wrong, would disclose 4 bytes from its
stack).

Fixes:          be1f7435ef ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52255
2025-09-17 14:16:01 +02:00
Olivier Certner c5e920e49c unix: SCM_CREDS: Restore passing the effective GID
cmcred_groups[0] in 'struct cmsgcred' must be the effective GID.

Note that the code in unp_addsockcred() filling up 'struct
sockcred'/'struct sockcred2' (LOCAL_CREDS/LOCAL_CREDS_PERSISTENT
options) was in fact "wrong" before 'cr_gid' was moved out of
cr_groups[], in the sense that it would transmit the effective GID
twice, both separately as 'sc_egid' and as the first element of
'sc_groups'.  It is now exact, so is left unchanged, which causes
a difference in output (the effective GID is no more in 'sc_groups',
unless it is also a supplementary group) that is unlikely to affect
applications in practice.

Reviewed by:    glebius
Fixes:          be1f7435ef ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52262
2025-09-17 14:16:00 +02:00
Olivier Certner 11cbb7d122 libprocstat: procstat_getgroups_kvm(): Output again the effective GID
In particular, fixes 'procstat -s -M' (for processes with more than 16
groups).

Reviewed by:    kib
Fixes:          be1f7435ef ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52275
2025-09-17 14:16:00 +02:00
Olivier Certner e4cc7f9930 dtrace: Fix effective GID shown by 'curpsinfo'
Reviewed by:    emaste
Fixes:          be1f7435ef ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after:      5 days
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52274
2025-09-17 14:16:00 +02:00
Olivier Certner 580d2d4295 libc: compat.h: Remove a superfluous blank line at end
No functional change (intended).

MFC after:      5 days
Sponsored by:   The FreeBSD Foundation
2025-09-17 14:15:54 +02:00
Jose Luis Duran dea1dd6690 pf tests: Add python3 as a dependency
These tests use pft_ping.py, which requires python3 and Scapy.

Reviewed by:	ngie
Approved by:	emaste (mentor)
Fixes:	65c3186301 ("pf: Add prefer-ipv6-nexthop option for route-to pools")
MFC after:	10 days
Differential Revision:	https://reviews.freebsd.org/D52589
2025-09-17 00:26:49 +00:00
Enji Cooper d18058b7b8 crypto/openssl: apply polish to new vendor import process
This change does the following 2 things:
- Makes the build more repeatable by isolating the environment. This
  prevents bmake from leaking variables into gmake and makes the overall
  process a bit more robust.
- Add debug printouts to make the process more straightforward to the
  reader and whoever is executing doing the current vendor import.

MFC after: 1 month
Differential Revision:	https://reviews.freebsd.org/D52420
2025-09-16 16:11:48 -07:00
Timo Völker 5da388d939 vtnet: deprecate loader tunable fixup_needs_csum
If this tunable is enabled and vtnet receives a packet with
VIRTIO_NET_HDR_F_NEEDS_CSUM set, vtnet computes the TCP/UDP checksum
and writes it in the checksum field.
This was somewhat useful when vtnet pretended that such a packet has
a correct checksum and set the mbuf flag CSUM_DATA_VALID.
But this is not the case anymore.

Reviewed by:		tuexen
MFC after:		3 days
Differential Revision:	https://reviews.freebsd.org/D52546
2025-09-16 23:37:45 +02:00
Michael Tuexen 1bb72d3d6e tcp: improve compilation of cc and their helper modules
* Allow the congestion control modules CDG, CHD, HD, and vegas also
  to be compiled into the kernel for IPv6 only kernel configs.
* Compile the helper module h_ertt for round trip time estimation only
  into the kernel, if one of the congestion control module using it
  (one of CDG, CDH, HD, or vegas) is also compiled into the kernel.
Please note the second point implies that TCP TSO is done whenever
possible as long as none of the congestion control modules CDG, CHD,
HD, or vegas is loaded or compiled into the kernel.

Reviewed by:		cc
MFC after:		3 days
Sponsored by:		Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D52547
2025-09-16 23:30:40 +02:00
Mark Johnston 135cb071e0 release: Prepare Vagrant cloudware images for building as non-root
Add metalog entries for various files.  This is a bit incomplete as
pw(8) doesn't yet have support for emitting metalog entries, which we
need since it's used here to create an interactive user.

Reviewed by:	emaste
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D52456
2025-09-16 20:50:33 +00:00
Mark Johnston f1995d6fc1 release: Prepare GCE cloudware images for building as non-root
- Avoid mounting devfs just to list packages and fetch distfiles.
- Add metalog entries.

Reviewed by:	cperciva, emaste
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D52455
2025-09-16 20:50:33 +00:00
Mark Johnston 8f5791873a release: Prepare oracle cloudware images for non-root builds
- Add metalog entries.
- Remove a stray entry in the package list.

Reviewed by:	cperciva, emaste
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D52454
2025-09-16 20:50:33 +00:00
Mark Johnston 8027de008d release: Prepare EC2 cloudware images to be buildable as non-root
- Avoid chrooting to uninstall pkg, as it will not be installed in the
  first place when in non-root mode.
- Add metalog entries.

Reviewed by:	cperciva
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D52452
2025-09-16 20:50:33 +00:00
Mark Johnston bab6b01bcf release: Make azure cloudware images buildable as non-root
- Don't chroot to uninstall pkg since we don't install pkg in the first
  place.
- Use pw -R instead of chrooting.
- Add metalog entries.

Reviewed by:	cperciva, emaste
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D52451
2025-09-16 20:50:33 +00:00
Jilles Tjoelker 779812d669 init: Use root's home directory in single-user mode
When starting single-user mode, use the home directory from user root as
current directory and for the HOME environment variable. If the
directory does not exist, set HOME=/.

Also adjust /root/.profile to stop setting HOME, since it should always
have been set now.

This is intended to keep shell startup files working in single-user mode
after /.profile has been removed.

Reviewed by:	emaste, ivy, kevans
MFC after:	1 week
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D52527
2025-09-16 22:36:41 +02:00
Isaac Freund 36edc5014f packages: remove tests from base set
Create a new tests package set to hold the tests, which are not useful
to all users and don't belong in the base set.

Reviewed by:	emaste, ivy
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52574
2025-09-16 13:02:50 -04:00
Isaac Freund 87a78d9618 packages: remove src from base set
The FreeBSD-src package is the largest single pkgbase package at 158M
currently. Remove it and FreeBSD-src-sys (87M) from the base set as
they are not useful to all users.

Reviewed by:	emaste, ivy
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52573
2025-09-16 13:02:50 -04:00
Mark Johnston 5eb917426e release: Enable installing packages as a non-root user
Provide variables, PKG_REPOS_DIR and PKG_REPO_NAME, to allow the user to
configure the source package repository.  Configure pkg to emit added
files to a metalog which gets concatenated with the main metalog
immediately before we build the root filesystem.

Reviewed by:	cperciva, emaste
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D52453
2025-09-16 16:09:55 +00:00
Konstantin Belousov 22cce201da vm/vm_fault.c: update and split comments for vm_fault() and vm_fault_trap()
Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differrential revision:	https://reviews.freebsd.org/D52567
2025-09-16 19:05:24 +03:00
Zhenlei Huang 0418e6690e ipfw: Teach ipfw that EtherIP is an upper layer protocol
so that we do not discard EtherIP packets ( over IPv6 network ) when
net.inet6.ip6.fw.deny_unknown_exthdrs is set to 1 ( which is the default
value ).

PR:		227450
Reviewed by:	ae, #network
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D52566
2025-09-16 23:58:24 +08:00
Mark Johnston 4be491e1b9 jail: Optionally allow audit session state to be configured in a jail
Currently it is impossible for a privileged, jailed process to set audit
session state.  This can result in suprising audit event misattribution.
For example, suppose a user ssh'es into a jail and restarts a service;
normally, sshd sets audit state such that events generated by the SSH
session are attributed to the newly authenticated user, but in a jail,
the corresponding setaudit(2) call fails, so events are attributed to
the user who had started sshd in the jail (typically the user who had
started the jail itself by some means).

While this behaviour is reasonable, administrators might want to trust
the jailed sshd to reset audit state, such that the authenticated user
appears in audit logs.  Add a jail knob to enable this.  Add a simple
regression test.

This is a reapplication of commit 246d7e9fc2 following a revert.
The audit system calls must preserve the old behaviour of returning
ENOSYS if the system call is disallowed within a jail, as some
applications depend on that behaviour.

Reviewed by:	kevans, jamie (previous version)
MFC after:	1 week
Sponsored by:	Modirum MDPay
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D51719
Differential Revision:	https://reviews.freebsd.org/D52572
2025-09-16 15:48:25 +00:00
Christos Margiolis 67f3c0d6a5 dtraceall: Enable kinst for aarch64 and riscv as well
aarch64 and riscv are supported since 2023 so it should be safe to
enable it by default.

MFC after:	2 weeks
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D52575
2025-09-16 18:37:19 +03:00
Mitchell Horne a7340d559e MODULE_PNP_INFO.9: tweak list indent
So that it renders as intended.

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2025-09-16 11:11:02 -03:00
Mark Johnston 1c3ca0c733 Revert "jail: Optionally allow audit session state to be configured in a jail"
Changing audit system calls to return EPERM instead of ENOSYS when
invoked from a jail breaks some userspace applications.  Revert for now
until a more complete change is reviewed.

This reverts commit 246d7e9fc2.

PR:		289645
2025-09-16 13:44:58 +00:00
Dag-Erling Smørgrav 9b8224b950 cp: Drop test helper
Now that stat(1) can report whether a file is sparse, we no longer need
a helper program for our tests.

Sponsored by:	Klara, Inc.
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D52482
2025-09-16 15:38:26 +02:00
Dag-Erling Smørgrav 1a7a067da4 stat: Add option to list holes
Add a new -h option that causes stat to print a list of holes for each
file argument.

Sponsored by:	Klara, Inc.
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D52481
2025-09-16 15:38:25 +02:00
Mitchell Horne e13b5298ec if_re: Add PNP info for module
Add PNP info so it the module can be by devmatch(8) and automatically
loaded. On non-x86 platforms it is not included in GENERIC.

Reviewed by:	imp
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D52557
2025-09-16 10:22:05 -03:00
Konrad Witaszczyk 99213b3c35 aarch64: Save correct value of x18 on trapframe for nested faults
x18 is overwritten with a temporary copy of the kernel stack pointer
when it is saved in the trapframe.  This does not matter in terms of
function since nested exception return does not restore x18 from the
trapframe, but it does mean that examining x18 in a debugger in stack
frames above a nested fault outputs the wrong register value.

To fix, compute the value of the original stack pointer to save in x18
later after the trapframe has been constructed.

Reviewed by:	jhb, andrew
Sponsored by:	AFRL, DARPA
Differential Revision:	https://reviews.freebsd.org/D52472
2025-09-16 07:23:58 -04:00
John Baldwin 7314f78b24 aarch64: Clarify the initial adjustments to sp for kernel exception entry
The first store-pair instruction in save_registers_head decrements the
stack pointer to create room for most of the trapframe (and the
redzone area for nested exceptions).  However, the expression was a
bit non-intuitive as it was using an expression without a leading
negative sign to adjust the stack pointer.  Rewrite the expression so
that it is more clearly a negative adjustment to the stack pointer.

Suggested by:	andrew
Reviewed by:	andrew
Sponsored by:	AFRL, DARPA
Differential Revision:	https://reviews.freebsd.org/D52514
2025-09-16 07:21:39 -04:00