Commit Graph

25680 Commits

Author SHA1 Message Date
Jamie Gritton dbcaac13e4 jail: simplify EVFILT_JAIL events
Instead of using the EVFILT_PROC model of attempting to automatically
register new events when a child jail is created, just give a single
event when a child jail is created.  As was already done with jail
attach events, make a best-effort report of the added jail's id in
kn_data.  If the are multiple NOTE_JAIL_CHILD and/or NOTE_JAIL_ATTACH
events, set the NOTE_JAIL_MULTI flag, and don't report anything in
data, indicating that the caller will need to query the system state
on their own.

MFC after:	3 days
2025-09-11 22:22:45 -07:00
Steve Kargl 8b41ba845c lib/msun: cpow{,f,l}(CMLX(0.0, 0.0)) should return 1.0
PR:	289447
MFC after:	1 week
2025-09-12 05:36:27 +03:00
Dag-Erling Smørgrav d20c825072 Revert "libc: Remove readdir_r(3)"
This reverts commit d549de7690.
2025-09-11 17:12:22 +02:00
Jamie Gritton d81b337d69 jaildesc: remove file-mode-based access controls
Jail descriptors were given a file-like mode, user, and group, for the
purpose of controlling how the descriptor may be used.  This is too far
removed from the file paradigm to make sense.  Remove it in favor of a
better access control method to be added, such as Capsicum.

Also add missing code in jaildesc_fill_kinfo.

Reported by:	crest at rlwinm.de, kib
MFC after:	3 days
2025-09-10 16:21:11 -07:00
Dag-Erling Smørgrav d549de7690 libc: Remove readdir_r(3)
This function was never safe to use.  We marked it deprecated in the
manual page in 2016, and it is marked obsolete in POSIX 2024.  We
previously added a linker warning and annotated the prototype; now that
stable/15 has been branched, we can remove it from main.

Relnotes:	yes
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D52474
2025-09-10 18:58:06 +02:00
Jamie Gritton d8d5324ef5 jaildesc: fix typo and style(9) violations.
Reported by:	kib
MFC after:	3 days
2025-09-09 11:46:45 -07:00
Jamie Gritton 16f600dc30 jaildesc: replace EBADF with EINVAL
Following fd9e09cb, EBADF is not the suitable error code for a non-
jail descriptor passed to jail_set, jail_get, jail_attach_fd, and
jail_remove_fd.

Reported by:	kib
2025-09-09 11:13:11 -07:00
Olivier Certner 7676df2fae kvm_proclist(): Restore outputting the effective GID
In particular, fixes 'procstat -s -M' (only if there are less than 16
groups).

Reviewed by:    kib, emaste
Fixes:          be1f7435ef ("kern: start tracking cr_gid outside of cr_groups[]")
MFC after:      9 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52260
2025-09-09 17:56:49 +02:00
Dag-Erling Smørgrav 5a0119491a unbound: Update to 1.23.1
Release notes at
	https://nlnetlabs.nl/news/2025/Jul/16/unbound-1.23.1-released/

Since we don't enable ECS, this is mostly a nop for us.

Merge commit 'c8864f6ba46ff3271d97b4ae1c3cc6ce01eaf18a'

MFC after:	3 days
2025-09-07 22:05:17 +02:00
Colin Percival 8b4e4c2737 Update main to 16
* Bumps to versions in lib/clang
* Bumps to sys/conf/newvers.sh and sys/sys/param.h
* Update to UPDATING

Approved by:	re (implicit)
Sponsored by:	https://www.patreon.com/cperciva
2025-09-04 16:06:47 -07:00
Jamie Gritton 851dc7f859 jail: add jail descriptors
Similar to process descriptors, jail desriptors are allow jail
administration using the file descriptor interface instead of JIDs.
They come from and can be used by jail_set(2) and jail_get(2),
and there are two new system calls, jail_attach_jd(2) and
jail_remove_jd(2).

Reviewed by:	bz, brooks
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D43696
2025-09-04 13:27:47 -07:00
Jamie Gritton 1bd74d201a jail: add kqueue(2) support for jails
Add kqueue tracking to jails, inspired by how it's done with processes.
EVFILT_JAIL takes a jail ID, and tracks with NOTE_JAIL_SET,
NOTE_JAIL_ATTACH, NOTE_JAIL_REMOVE, and NOTE_JAIL_CHILD. It also uses
the NOTE_TRACK mechanism that EVFILT_PROC uses, using the same result
flags (NOTE_CHILD and NOTE_TRACKERR).

Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D51940
2025-09-04 11:56:56 -07:00
Lexi Winter 7e97c6adff kerberos5: Fix the Heimdal pkgbase build
When LIB_PACKAGE was added, MIT Kerberos was updated to use it but
Heimdal was not, so it still used PACKAGE=kerberos-lib.  Since we
deleted kerberos-lib-all.ucl, this caused update-packages to fail
when WITHOUT_MITKRB5 is set.

Change the Heimdal libraries to use LIB_PACKAGE by setting this in
kerberos5/lib/Makefile.inc, and remove PACKAGE=kerberos-lib from the
individual Makefiles for each library.  This means Heimdal gets the
same set of packages as MIT Kerberos, except for kerberos-kdc which
we don't create for Heimdal.

Fixes:	929f5966a9 ("packages: Improve handling of -lib packages")
Reported by:	jlduran
Reviewed by:	jlduran, cy
Differential Revision:	https://reviews.freebsd.org/D52371
2025-09-04 14:53:02 +01:00
Evgenii Ivanov ccc6cf3b67 libgpio: Add and document gpio interrupt utility functions
Add utility functions for configuring gpio interrupts and document file
operations.

Reviewed by:	vexeduxr, ziaee
Differential Revision:	https://reviews.freebsd.org/D52102
2025-09-03 21:01:05 +03:00
Kristof Provost 932ec59d99 pf: fix ICMP type/code representation
internal representation of icmp type/code in pfctl(8)/pf(4) does not
fit into u_int8_t. Issue has been noticed and kindly reported by
amalinin _at_ bh0.amt.ru via bugs@.

OK bluhm@

Obtained from:	OpenBSD, sashan <sashan@openbsd.org>, 1fdb608f55
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2025-09-02 23:10:19 +02:00
Dag-Erling Smørgrav 016d3ec239 tzcode: Add a test case for plain issetugid case
This catches a bug in tzcode which incorrectly considers TZDEFAULT as
unsafe as if it came from the environment.

Also deduplicate some repeated code, and fix a missing mode in an
open(2) call with O_CREAT set.

Event:		Oslo Hackathon 202508
Reviewed by:	philip
Differential Revision:	https://reviews.freebsd.org/D52241
2025-09-01 08:33:47 +02:00
Muhammad Saheed 94ed4c1903 libifconfig: Add netlink based helper to bring the interface up/down
Adds `ifconfig_set_up()` to set and unset the `IFF_UP`
on a network interface using `RTM_NEWLINK`.

Sponsored by:	Google LLC (GSoC)
Reviewed by:	obiwac, mckusick (mentor), kp
Approved by:	obiwac, mckusick (mentor), kp
Differential Revision:	https://reviews.freebsd.org/D52128
2025-08-29 17:39:39 +02:00
Dag-Erling Smørgrav b2f394b900 tzcode: Add a test case for thin jails
Add a test case for a typical thin jail scenario where TZDIR does not
exist and we get our information from /etc/localtime.  This is
technically already covered by the detect_tz_changes test case, but
this new test case is independent of the DETECT_TZ_CHANGES option.
2025-08-27 20:40:09 +02:00
John Baldwin 1595031258 libutil++: Rename manpage source files to avoid colons
To permit checking the sources out on systems such as Windows with
more restrictive file name requirements, rename the manpage source
files to replace colons with underscrores.  Use MANSRC.foo to point
<bsd.man.mk> at the new source file names.

Reviewed by:	ivy
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D51794
2025-08-26 16:44:38 -04:00
Felix Johnson 4ba91e076e sysdecode_syscallnames.3: s/names/name/
The sysdecode_syscallname function was accidentally documented as being
plural. Move it to reflect it's actual name, and adjust all references.

PR:			278383
Reviewed by:		ziaee
Differential Revision:	https://reviews.freebsd.org/D51002
2025-08-25 20:49:05 -04:00
Dag-Erling Smørgrav c6c7c7ac94 tzcode: Add test case for setugid programs
Fixes:		a6b19979bf ("tzcode: Fix TZ for non-setugid programs")
Differential Revision:	https://reviews.freebsd.org/D52124
2025-08-25 13:56:48 +02:00
Gordon Bergling e041280989 libnvmf: Fix a typo in a source code comment
- s/tranfers/transfers/

MFC after:	3 days
2025-08-25 10:33:32 +02:00
Lexi Winter 649e8a3ea4 libelftc: Move to toolchain package
This is where the rest of ElfToolchain lives now.  Note that this
library only installs manpages.

Reported by:	des
Differential Revision:	https://reviews.freebsd.org/D51899
2025-08-23 01:57:23 +01:00
Lexi Winter 1a80bcc5fa Remove redundant PACKAGE for INTERNALLIB libraries
These libraries don't install anything, so they shouldn't have a
PACKAGE setting.  This avoids surprising behaviour in future if
e.g. manpages are added to an internal library.

Reported by:	des
Differential Revision:	https://reviews.freebsd.org/D51901
2025-08-23 01:57:23 +01:00
Lexi Winter 929f5966a9 packages: Improve handling of -lib packages
For some packages (OpenSSL, Kerberos) we want to ship runtime libraries
in a separate package, e.g. openssl and openssl-lib.  Currently this is
done using PACKAGE=openssl-lib, but that creates packages with strange
names like openssl-lib-lib32.

Instead, add a new LIB_PACKAGE option to bsd.lib.mk that causes runtime
libraries to be placed in a new -lib subpackage.  This significantly
improves the set of packages we create; for example, OpenSSL goes from:

	FreeBSD-openssl
	FreeBSD-openssl-dbg
	FreeBSD-openssl-lib
	FreeBSD-openssl-lib-dbg
	FreeBSD-openssl-lib-dbg-lib32
	FreeBSD-openssl-lib-dev
	FreeBSD-openssl-lib-dev-lib32
	FreeBSD-openssl-lib-lib32
	FreeBSD-openssl-lib-man
	FreeBSD-openssl-man

to:

	FreeBSD-openssl
	FreeBSD-openssl-dbg
	FreeBSD-openssl-dbg-lib32
	FreeBSD-openssl-dev
	FreeBSD-openssl-dev-lib32
	FreeBSD-openssl-lib
	FreeBSD-openssl-lib32
	FreeBSD-openssl-man

While here, move /usr/bin/krb5-config and /usr/bin/compile_et into
the kerberos-dev package.

Reviewed by:	des
Differential Revision:	https://reviews.freebsd.org/D51925
2025-08-23 01:57:23 +01:00
Rick Macklem e39c9ac213 copy_file_range.2: Document the COPY_FILE_RANGE_CLONE flag
Commit 37b2cb5ecb added support for the
COPY_FILE_RANGE_CLONE flags argument to
copy_file_range(2).

This patch documents this flags argument.

This is a content change.

Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D51938
Fixes:	37b2cb5ecb ("vfs: Add support for file cloning to VOP_COPY_FILE_RANGE")
2025-08-22 15:01:59 -07:00
Dag-Erling Smørgrav a6b19979bf tzcode: Fix TZ for non-setugid programs
The previous commit had the desired effect for setugid programs, but
broke TZ for everyone else.  I didn't notice because my test cases
swap out /etc/localtime instead of setting TZ, so add a test case
that sets TZ.

Fixes:		b6ea2513f7 ("tzcode: Limit TZ for setugid programs")
Reviewed by:	cy
Differential Revision:	https://reviews.freebsd.org/D52108
2025-08-22 09:22:17 +02:00
Lexi Winter dc5ba6b8b4 Remove MK_GSSAPI
For MIT Kerberos, MK_GSSAPI has no meaning: GSSAPI is a required part of
Kerberos and is always built if MK_KERBEROS is enabled.  Backport this
behaviour to Heimdal so it works the same way.

While here, change Heimdal's libcom_err and compile_et to be selected by
MK_KERBEROS, not MK_KERBEROS_SUPPORT, since these are part of Kerberos
and third-party users might need it even if Kerberos support is disabled
in the base system.  This means MK_KERBEROS_SUPPORT installs the same
files with both MIT and Heimdal.

Reviewed by:	cy
Differential Revision:	https://reviews.freebsd.org/D51859
2025-08-20 19:42:20 +01:00
Muhammad Saheed 75acf71786 libifconfig: Remove ifconfig_set_fib and ifconfig_sfp_id_is_qsfp
Remove the declaration of ifconfig_set_fib from libifconfig.h as it had
no definition.

ifconfig_sfp_id_is_qsfp is defined as a static header function in
libifconfig_sfp.h and doesn't generate a symbol.

Both have been removed from Symbol.map.

Reviewed by:	obiwac, mckusick (mentor)
Approved by:	obiwac, mckusick (mentor)
Sponsored by:	Google LLC (GSoC)
Differential Revision:	https://reviews.freebsd.org/D50666
2025-08-20 01:07:15 +02:00
Konstantin Belousov f892e509c1 libc: preserve errno in gai_strerror()
PR:	288931
Reviewed by:	emaste, glebius
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D52010
2025-08-20 00:22:40 +03:00
Konstantin Belousov bd4dd5d951 libc: some style in gai_strerror.c
Reviewed by:	emaste, glebius
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D52010
2025-08-20 00:22:35 +03:00
Konstantin Belousov 47d1788c2e libc: mark ai_errlist as const
Reviewed by:	emaste, glebius
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D52010
2025-08-20 00:22:30 +03:00
Konstantin Belousov 632f705170 libc: convert ai_errlist array to designated initializers syntax
Reviewed by:	emaste, glebius
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D52010
2025-08-20 00:22:26 +03:00
Kristof Provost 094a60281b pf: fix potential infinite loop adding/deleting addresses in tables
The 'nadd' returned by these calls is the number of addresses actually added
or deleted. It can differ from the number userspace sent to the kernel if the
addresses are already present (or not present for the delete case).
This meant that if all of the addresses were already handled the kernel would
return zero, putting us in an infinite loop.

Handle this, and extend the test case to provoke this scenario.

Reported by:	netchild@
Fixes:	bad279e12d ("pf: convert DIOCRDELADDRS to netlink")
Fixes:	8b388995b8 ("pf: convert DIOCRADDADDRS to netlink")
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2025-08-18 12:03:23 +02:00
Dag-Erling Smørgrav 567e6250c0 vfs: Introduce VN_ISDEV() macro
We frequently need to check if a vnode refers to either a character or
block special, so we might as well have a macro for it.

We somewhat less frequently need to perform similar checks on things
that aren't vnodes (usually a struct vattr *), so add VATTR_ISDEV()
and a generic VTYPE_ISDEV() as well.

Sponsored by:	Klara, Inc.
Sponsored by:	NetApp, Inc.
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D51947
2025-08-17 19:29:27 +02:00
Dag-Erling Smørgrav 4eaa7f6662 stat(2): Document the st_rdev field
MFC after:	1 week
Sponsored by:	Klara, Inc.
Sponsored by:	NetApp, Inc.
Reviewed by:	bcr
Differential Revision:	https://reviews.freebsd.org/D51946
2025-08-17 19:29:27 +02:00
Dag-Erling Smørgrav 8073a5137f getmntpoint: Don't compare st_rdev for non-devices
If the mntfromname of a mountpoint is not a device (e.g. nullfs, tarfs,
procfs) we shouldn't compare st_rdev, as any match will be spurious.

MFC after:	1 week
Sponsored by:	Klara, Inc.
Sponsored by:	NetApp, Inc.
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D51945
2025-08-17 19:29:27 +02:00
Warner Losh edf9a2fae9 jemalloc: don't error out on initializer warning in gcc
gcc doesn't like something about the initializer that comes with
jemalloc. Since it's vendor code, make this warning not an error
for -Werror purposes.

Sponsored by:		Netflix
2025-08-17 11:13:33 -06:00
Gordon Bergling 333b0490e3 libc: Fix a typo in a source code comment
- s/aguments/arguments/

MFC after:	3 days
2025-08-17 09:24:59 +02:00
Lexi Winter 9b48774c57 sendmail: Move libmilter to its own package
Many things other than sendmail itself use the milter API, for example
mail/opendkim from ports.  Putting the library in its own package means
those applications don't need to depend on FreeBSD-sendmail.

Reviewed by:	manu
Differential Revision:	https://reviews.freebsd.org/D51914
2025-08-16 21:07:57 +01:00
Warner Losh c43cad8717 jemalloc: Merge from jemalloc 5.3.0 vendor branch
This brings in a merge from jemalloc 5.3.0. It's almost fully scripted, except:
	Three conflicts resolved by hand:
	include/jemalloc/internal/test_hooks.h	Use the new name
	src/extent.c				Use the new code
	src/jemalloc.c				Use the new code since je_realloc has moved

The script is recorded in FREEBSD-upgrade. The old script did svn
commands that were basically a rebase of our changes. This update has a
series of diff reduction changes before this.

Note: I'd planned on fixing the above three conflicts with commits, but
ran out of time when I did this work in January. I got discouraged when
jemalloc was EOL'd and didn't pick this back up. I did the above by hand
to get this into FreeBSD 15.0

This work is a repeat of the work by Minsoo Choo who did all these
changes and created a pull request. Given the importance of jemalloc, I
audited these changes by redoing them in this series of commits (and
with the script that was checked in). I did this to confince myself and
anybody else in doubt that there was no supply chain attack. The diffs
between this series of commits and Minsoo's work are minor (though the
version skew makes adds some noise). Interested parties can independent
audit each step, I hope. I've listed Minsoo as a co-author since without
his pull request to test again, this wouldn't have been possible.

Thanks to brooks@ for help with getting the jemalloc 3 ABI compat
symbols right.

Co-authored-by: Minsoo Choo <minsoochoo0122@proton.me>
Pull Request: https://github.com/freebsd/freebsd-src/pull/1337
Sponsored by: Netflix
2025-08-15 15:48:34 -06:00
Lexi Winter 837b13af68 Revert "Remove Secure RPC DES authentication"
This reverts commit 7ac276298b.

Requested by:	kib
2025-08-15 17:59:18 +01:00
Dag-Erling Smørgrav 5205b32de3 libc: Drop incorrect qsort optimization
As pointed out in the PR and the article linked below, the switch to
insertion sort in the BSD qsort code is based on a misunderstanding of
Knuth's TAOCP and is actually a pessimization.  As demonstrated by the
added test, it is trivially easy to construct pathological input which
results in quadratic runtime.  Without that misguided optimization, the
same input runs in nearly linearithmic time.

https://www.raygard.net/2022/02/26/Re-engineering-a-qsort-part-3

PR:		287089
MFC after:	1 week
Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D51907
2025-08-15 09:23:03 +02:00
Kyle Evans 10708fdc0b sysent: regenerate after bumping setgroups/getgroups 2025-08-14 23:06:20 -05:00
Kyle Evans 9da2fe96ff kern: fix setgroups(2) and getgroups(2) to match other platforms
On most other platforms observed, including OpenBSD, NetBSD, and Linux,
these system calls have long since been converted to only touching the
supplementary groups of the process.  This poses both portability and
security concerns in porting software to and from FreeBSD, as this
subtle difference is a landmine waiting to happen.  Bugs have been
discovered even in FreeBSD-local sources, since this behavior is
somewhat unintuitive (see, e.g., fix 48fd05999b for chroot(8)).

Now that the egid is tracked outside of cr_groups in our ucred, convert
the syscalls to deal with only supplementary groups.  Some remaining
stragglers in base that had baked in assumptions about these syscalls
are fixed in the process to avoid heartburn in conversion.

For relnotes: application developers should audit their use of both
setgroups(2) and getgroups(2) for signs that they had assumed the
previous FreeBSD behavior of using the first element for the egid.  Any
calls to setgroups() to clear groups that used a single array of the
now or soon-to-be egid can be converted to setgroups(0, NULL) calls to
clear the supplementary groups entirely on all FreeBSD versions.

Co-authored-by:	olce (but bugs are likely mine)
Relnotes:	yes (see last paragraph)
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D51648
2025-08-14 23:06:09 -05:00
Steve Kargl c58c77246f [libm] Avoid left shift of signed integer entities
Follow-up commit d180086e6e by fixing the left shift of signed integer
entities through the use of a helper function. Specific per file changes
are:

* lib/msun/src/e_fmodf.c:
* lib/msun/src/s_remquof.c:
  . Eliminate now unused variable 'i'.
  . Sort declaration statement.
  . Use subnormal_ilogbf() to avoid left shift of signed integer.

* lib/msun/src/math_private.h b/lib/msun/src/math_private.h:
  . Implement subnormal_ilogbf() to extract an exponent of a subnormal
    float.  This avoids left shifts of signed integers.
  . Update nearby comment.

* lib/msun/src/s_ilogbf.c
  . Fix declaration of the function statement in accordance with style(9).
  . Use subnormal_ilogbf() to avoid left shift of signed integer.

PR:		288850
MFC after:	1 week
2025-08-14 20:38:41 +02:00
Mark Johnston b1afa460f8 libutil++: Move to the utilities package
We should keep the clibs package as small as possible.  Currently it
contains some "extra" libraries, but this isn't a good argument for
adding more stuff.  Move it to the utilities package (the default for
bsd.lib.mk consumers), since libutil++ is an INTERNALLIB and thus only
installs man pages, so therefore doesn't need to be in FreeBSD-runtime.

Requested by:	kib
Reviewed by:	ivy, des
Fixes:		f4fd2aa07c ("libutil++: Move to clibs")
Differential Revision:	https://reviews.freebsd.org/D51898
2025-08-14 16:15:43 +00:00
Rick Macklem dec341af76 pathconf.2: Add an entry for _PC_CLONE_BLKSIZE
Commit 37b2cb5ecb added VFS support for
cloning, including a new pathconf name to
acquire the clone block size called
_PC_CLONE_BLKSIZE.

This patch documents this new name.

This is a content change.

Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D51851
Fixes:	37b2cb5ecb ("vfs: Add support for file cloning to VOP_COPY_FILE_RANGE")
2025-08-13 08:05:35 -07:00
Ricardo Branco 5e8b3eeb60 kern: Allow O_CLOFORK to be passed to shm_open(2)
Signed-off-by: Ricardo Branco <rbranco@suse.de>

Reviewed by:	kib
Pull Request:	https://github.com/freebsd/freebsd-src/pull/1802
2025-08-12 21:45:24 +00:00
Dag-Erling Smørgrav d0cc09fcdb libutil: Fix manlint failures
MFC after:	1 week
Reviewed by:	ziaee
Differential Revision:	https://reviews.freebsd.org/D51864
2025-08-12 14:55:01 +02:00