Commit Graph

305340 Commits

Author SHA1 Message Date
Ruslan Bukin 974ecf6890 xae(4), axidma(4): rewrite DMA operation.
Due to performance constraints on a synthesized CHERI RISC-V core,
remove usage of xdma(4) scatter-gather framework.  Instead, provide
a minimalistic interface between two drivers.

This increases performance ~4-5 times.
Tested using scp(1) and nc(1) on Codasip Prime.

Sponsored by:	CHERI Research Centre
Differential Revision:	https://reviews.freebsd.org/D53932
2025-11-26 16:38:07 +00:00
Gordon Tetlow 2a3a6a1771 Mitigate YXDOMAIN and nodata non-referral answer poisoning.
Add a fix to apply scrubbing of unsolicited NS RRSets (and their
respective address records) for YXDOMAIN and nodata non-referral
answers. This prevents a malicious actor from exploiting a possible
cache poison attack.

Obtained from:	NLnet Labs
Security:	CVE-2025-11411
2025-11-26 07:57:33 -08:00
Cy Schubert 821774dfbd ipfilter: Verify ipnat on entry into kernel
The ipnat struct is built by ipnat(8), specifically ipnat_y.y when
parsing the ipnat configuration file (typically ipnat.conf). ipnat
contains a variable length string field at the end of the struct. This
data field, called in_names, may contain various text strings such as
NIC names. There is no upper bound limit to the length of strings as
long as the in_namelen length field specifies the length of in_names
within the ipnat structure and in_size specifies the size of the ipnat
structure itself.

Reported by:		Ilja Van Sprundel <ivansprundel@ioactive.com>
Reviewed by:		markj
MFC after:		1 week
Differential revision:	https://reviews.freebsd.org/D53843
2025-11-26 07:16:47 -08:00
Cy Schubert eda1756d04 ipfilter: Verify frentry on entry into kernel
The frentry struct is built by ipf(8), specifically ipf_y.y when parsing
the ipfilter configuration file (typically ipf.conf). frentry contains
a variable length string field at the end of the struct. This data field,
called fr_names, may contain various text strings such as NIC names,
destination list (dstlist) names, and filter rule comments.  The length
field specifies the length of fr_names within the frentry structure and
fr_size specifies the size of the frentry structure itself.

The upper bound limit to the length of strings field is controlled by the
fr_max_namelen sysctl/kenv or the max_namelen ipfilter tuneable.

The initial concepts were discussed with emaste and jrm.

Reported by:		Ilja Van Sprundel <ivansprundel@ioactive.com>
Reviewed by:		markj
MFC after:		1 week
Differential revision:	https://reviews.freebsd.org/D53843
2025-11-26 07:16:46 -08:00
Cy Schubert 525c535d5a ipfilter: Add ipf_check_names_string()
ipf_check_names_string will verify userland inputs in names strings
(fr.fr_names, in.in_names) for correctness.

Original concept of ipf_check_names_string() instead of macros by
markj.

Reviewed by:		markj
MFC after:		1 week
Differential revision:	https://reviews.freebsd.org/D53843
2025-11-26 07:15:44 -08:00
Ed Maste e00a781c21 mqueue: Export kern_kmq_* symbols from kernel module
linux.ko supports POSIX message queues using these symbols, so they need
to be exported rather than relying on the kernel linker's misfeature of
linking against debug or local symbols (which will soon be disabled by
default).

Reported by:	mav
Reviewed by:	zlei
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53907
2025-11-26 09:13:09 -05:00
Kristof Provost 23af364630 tests: detect built-in modules
When checking vnet test prerequisites we check if if_epair and if_bridge are
available, but we only checked for loadable modules. It's possible for these to
be built into the kernel instead.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
2025-11-26 11:27:47 +01:00
Warner Losh 718acd7465 nvme: Use 'unsigned int' in preference to bare unsigned
It's our preferred style. No functional change.

Noticed by: avg
Sponsored by: Netflix
2025-11-25 22:14:20 -07:00
Jose Luis Duran 91e7f19ec4 strfmon: Fix typo s/poistion/position/
MFC after:	1 week
2025-11-26 02:50:49 +00:00
Chuck Silvers 2b4dbad2db nda: fix setting of unmappedio flag
The upstream refactoring of ndaregister() to split out ndasetgeom()
accidentally used an uninitialed variable to decide whether or not
to set DISKFLAG_UNMAPPED_BIO.  Fix this by moving that portion of
ndasetgeom() back up to ndaregister().  The check for PIM_UNMAPPED
is not really needed because nvme devices always have that set,
so it cannot change in the other path that ndasetgeom() is now called.

Reviewed by:	imp
Fixes:		dffd882d12
Sponsored by:	Netflix
MFC After:	1 minute
2025-11-25 15:46:52 -07:00
Navdeep Parhar 98f6f6e4f4 cxgbe(4): Enable IFCAP_NV and implement SIOCGIFCAPNV/SIOCSIFCAPNV
MFC after:	1 week
Sponsored by:	Chelsio Communications
2025-11-25 13:08:03 -08:00
Ed Maste a87c1e2dd8 agp: Export intel_gtt_read_pte, required by i915kms
This isn't used by modern cards, but is needed for i915kms to load
on a system that has agp as a module not compiled into the kernel.

PR:		291214
Reviewed by:	cy
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53906
2025-11-25 15:14:19 -05:00
Navdeep Parhar 136a80ad3d if.h: Fix a couple of typos in comments
No functional change.
2025-11-25 10:35:44 -08:00
Marko Zec b1b0fb3dcf fib_algo: add FIB_ALGO to GENERIC kernel config on riscv
FIB_ALGO modular FIB lookups have been enabled by default on
amd64 and arm64 since 2021, so enable it on riscv as well.

Reviewed by:	melifaro
MFC after:	1 month
2025-11-25 19:26:14 +01:00
Minsoo Choo 80ec82aba9 jemalloc: apply freebsd changes to jemalloc 5.3.0 man page
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1890
2025-11-25 11:17:26 -07:00
Minsoo Choo bf4c7487f2 jemalloc: import jemalloc 5.3.0 man page
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1890
2025-11-25 11:17:26 -07:00
Ricardo Branco 51f278e685 lseek.2: SEEK_HOLE, SEEK_DATA & ENXIO conform to POSIX 2024
Signed-off-by: Ricardo Branco <rbranco@suse.de>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1891
2025-11-25 11:17:26 -07:00
Matt Jacobson 4c8bf76893 fdread: Fix logic bug when reading by sector
When reading by sector (because reading a whole track failed), we can
accidentally fall into the "should not happen" path, which both
(a) emits a spurious error message and (b) fouls up our position
accounting going forward.  Ensure we do not inappropriately fall into
that path.

Avoid obscuring the "short after" message in cases where it happens.

Signed-off-by: Matt Jacobson <mhjacobson@me.com>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1897
2025-11-25 11:17:26 -07:00
ykla f7725c3c27 NOTES: Fix a typo in a comments
Signed-off-by: ykla yklaxds@gmail.com
Sponsored by:	Chinese FreeBSD Community
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1899
2025-11-25 11:17:26 -07:00
ykla a4e3e724df NOTES: Remove duplicate options KCSAN entries
Signed-off-by: ykla yklaxds@gmail.com
Sponsored by: Chinese FreeBSD Community
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1900
2025-11-25 11:17:25 -07:00
Jose Luis Duran 8494a3de2c libefivar: Apply uncrustify changes
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737

Apply uncrustify changes to .c/.h files in the MdePkg package

Note that the link above no longer exists.  The commit message was kept
verbatim.  An original copy of the bug report can be found at:
https://web.archive.org/web/20241008121707/https://bugzilla.tianocore.org/show_bug.cgi?id=3737

Obtained from:	https://github.com/tianocore/edk2/commit/2f88bd3a1296c522317f1c21377876de63de5be7

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1894
2025-11-25 11:17:25 -07:00
Jose Luis Duran ca6fef2d4b libefivar: Change OPTIONAL keyword usage style
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3760

Update all use of ', OPTIONAL' to ' OPTIONAL,' for function params.

Note that the link above no longer exists.  The commit message was kept
verbatim.  An archive of the bug report can be found at:
https://web.archive.org/web/20240714185609/https://bugzilla.tianocore.org/show_bug.cgi?id=3760

Obtained from:	https://github.com/tianocore/edk2/commit/d0e2f8232a26453fc0191629ed44ff2a46ea073e

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1894
2025-11-25 11:17:25 -07:00
Jose Luis Duran 6fa0057f89 libefivar: Support UefiDevicePathLib under StandaloneMm
This change added an instance of UefiDevicePathLib for StandaloneMm. It
abstracts DevicePathFromHandle function into different files for
Standalone MM and other instances to avoid linking gBS into MM_STANDALONE
drivers.

No functional change intended, as this function and its invocation are ifdefd
out.

Obtained from:	https://github.com/tianocore/edk2/commit/14a746bb6a92d59669c67a970479558734cf2383

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1894
2025-11-25 11:17:25 -07:00
Jose Luis Duran 136ff605bf libefivar: Replace BSD License with BSD+Patent License
https://bugzilla.tianocore.org/show_bug.cgi?id=1373

Replace BSD 2-Clause License with BSD+Patent License.  This change is
based on the following emails:

  https://lists.01.org/pipermail/edk2-devel/2019-February/036260.html
  https://lists.01.org/pipermail/edk2-devel/2018-October/030385.html

RFCs with detailed process for the license change:

  V3: https://lists.01.org/pipermail/edk2-devel/2019-March/038116.html
  V2: https://lists.01.org/pipermail/edk2-devel/2019-March/037669.html
  V1: https://lists.01.org/pipermail/edk2-devel/2019-March/037500.html

Note that the link above no longer exists.  The commit message was kept
verbatim.  An archive of the bug report can be found at:
https://web.archive.org/web/20240714192319/https://bugzilla.tianocore.org/show_bug.cgi?id=1373

Obtained from:	https://github.com/tianocore/edk2/commit/9344f0921518309295da89c221d10cbead8531aa

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1894
2025-11-25 11:17:25 -07:00
Jose Luis Duran 5c2ae0a209 libefivar: Add sanity check for FilePath device path
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1497

Current implementation of IsDevicePathValid() is not enough for type
of MEDIA_FILEPATH_DP, which has NULL-terminated string in the device
path. This patch add a simple NULL character check at Length position.

Note that the link above no longer exists.  The commit message was kept
verbatim.  An archived version of the bug report can be found at:
https://web.archive.org/web/20240714191428/https://bugzilla.tianocore.org/show_bug.cgi?id=1497

Add the const keyword to avoid errors/warnings about dropping a const
qualifier.

Obtained from:	https://github.com/tianocore/edk2/commit/2f7a96d6ec13b292d6f31295f3195913921173e1

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1894
2025-11-25 11:17:24 -07:00
Jose Luis Duran fd606b629f libefivar: Add a checking step
Add a checking step in DevicePathUtilities.c to verify DevicePath.
https://bugzilla.tianocore.org/show_bug.cgi?id=1372

v2: Remove ASSERT() and the redundant checking step. Update related
    description.

Note that the link above no longer exists.  The commit message was kept
verbatim.  An archived version of the bug report can be found at:
https://web.archive.org/web/20240714192353/bugzilla.tianocore.org/show_bug.cgi?id=1372

Obtained from:	https://github.com/tianocore/edk2/commit/fd02394228ee1dc2378cccfde6098c461f96dd42

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1894
2025-11-25 11:17:24 -07:00
Jose Luis Duran 9677ae7864 libefivar: MdePkg: Clean up source files
1. Do not use tab characters
2. No trailing white space in one line
3. All files must end with CRLF

No functional change.

Obtained from:	https://github.com/tianocore/edk2/commit/9095d37b8fe5bfc3d02adad6ba7fd7359ebc0107

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1894
2025-11-25 11:17:24 -07:00
Jose Luis Duran 5b7b60af7b libefivar: Add and comment out unused functions
This commit introduces gratuitous white space and unused functions.
This functionality is guarded/commented out.  This change is necessary
to reduce the differences with the reference file in subsequent commits.

No functional change intended.

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1894
2025-11-25 11:17:24 -07:00
Jose Luis Duran ef191142dc libefivar: Move functions to match reference file
Move a few functions to match their locations in the reference file.
No functional change intended.

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1894
2025-11-25 11:17:24 -07:00
Jose Luis Duran b38f48d336 libefivar: Standardize #ifndef __FreeBSD__
Standardize preprocessor directives that comment out unused functions
(essentially #if 0).

No functional change intended.

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1894
2025-11-25 11:17:23 -07:00
Jose Luis Duran 0e614a4afe libefivar: Fix (some) typos
Fix typos in the files that are owned by the project.

Bring back a "duplicate word" removal (node node), which should have
been "node Node", the second "node" is not capitalized in the reference
file (yet).  We'll bring it back capitalized to avoid it from triggering
automated checking scripts and possibly reverting this change again.  A
few other typos were not fixed, as we strive to keep as close to the
reference files as possible, these fixes should be submitted to the
reference project (tianocore/edk2) in the not so distant future.

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1894
2025-11-25 11:17:23 -07:00
Ed Maste fad4c92b78 Revert "kernel linker: Disable local sym resolution by default"
I've received a report of a failure from resolving kern_kmq_open.
Revert for now as we are currently in stabweek.

This reverts commit 9562994a7a.

Reported by:	mav
2025-11-25 12:14:10 -05:00
Warner Losh 301b8a806f nvme: Minor style(9) fixes
<sys/systm.h> needs to be first after <sys/param.h>. And we don't need
both sys/param.h and sys/types.h.

Fixes:		032fbda024
Sponsored by:	Netflix
2025-11-25 09:12:51 -07:00
Kristof Provost bc3b72ff48 pf: relax sctp v_tag verification
pf was too strict when validating SCTP tags. When a server receives a
retransmitted INIT it will reply with a random initiate tag every time.
However, pf saves the first initiate tag and expects every subsequent INIT_ACK
retransmission to have the same tag. This is not the case, leading to endless
INIT/INIT_ACK cycles.

Allow the tag to be updated as long as we've not gone past COOKIE_WAIT.

Add a test case to verify this.

MFC after:	2 weeks
See also:	https://redmine.pfsense.org/issues/16516
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2025-11-25 15:59:55 +01:00
George V. Neville-Neil a8151f196c Add description of the LD_DEBUG environment variable. 2025-11-25 09:14:26 -05:00
Kristof Provost 238ad591da libpfctl: improve error handling
If we fail to open /dev/pf don't try to close it again. That would result in
errno getting overwritten by close(), hiding potentially useful information.

MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2025-11-25 14:50:09 +01:00
Ed Maste 9562994a7a kernel linker: Disable local sym resolution by default
In 95c20faf11 and ecd8245e0d kib introduced support to have the
kernel linker stop resolving local symbols from other files, but did
not enable it by default to avoid surprises.  Flip the default now,
before FreeBSD 16.0.

The debug.link_elf_leak_locals and debug.link_elf_obj_leak_locals
sysctls are available to revert to the previous behaviour if necessary.

PR:		207898
Reviewed by:	bz
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47742
2025-11-25 08:49:20 -05:00
Alexander Motin 7f7d4934cb FreeBSD: Fix uninitialized variable error
On FreeBSD errno is defined as (* __error()), which means compiler
can't say whether two consecutive reads will return the same.
And without this knowledge the reported error is formally right.

Caching of the errno in local variable fixes the issue.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Rob Norris <robn@despairlabs.com>
Signed-off-by: Alexander Motin <alexander.motin@TrueNAS.com>
Closes #17975
2025-11-25 05:16:35 -05:00
Ruslan Bukin 64ee9c166c em(4): fix capability bounds needed to access checksum context.
Ensure the offp capability bounds cover entire struct with checksum fields.

This is needed for CHERI systems to avoid bounds violation trap, as
otherwise offp allowed to dereference 4 bytes of csum_flags field only
so bzero failed.

Tested on ARM Morello.

Reviewed by:	kbowling
Discussed with:	jrtc27
Sponsored by:	CHERI Research Centre
Differential Revision:	https://reviews.freebsd.org/D53903
2025-11-25 09:20:03 +00:00
Ruslan Bukin b87f633001 nvme(4): Increase HMB alignment.
The NVME controller in Crucial P310 disk does not accept 16-byte aligned
host memory buffer on Codasip Prime platform, but works fine on PAGE_SIZE
aligned memory.

Instead of adding a quirk, just increase alignment for everyone.

Reviewed by:	jhb
Discussed with:	imp
Sponsored by:	CHERI Research Centre
Differential Revision:	https://reviews.freebsd.org/D53296
2025-11-25 08:38:37 +00:00
Jessica Clarke aac0ef54dc kern: Fix section name for embedded firmware blobs
In practice this just ends up as an orphan section and so is placed next
to .rodata-like sections, so it's pretty harmless, but not intended.

Fixes:	a095390344 ("Use a template assembly file for firmware object files.")
2025-11-25 04:29:22 +00:00
Warner Losh 3c857567c1 stand: Rename ZFSSRC to SAZFSSRC to avoid confusion
ZFSSRC is abiguous on its surface and too clos to ZFSTOP, so rename it
to SAZFSSRC.

Sponsored by:		Netflix
Reviewed by:		tsoome
Differential Revision:	https://reviews.freebsd.org/D53901
2025-11-24 17:50:26 -07:00
Warner Losh 05346243df stand: Move from OZFS to ZFSTOP
Use ZFSTOP instead of OZFS. They are the saame thing.

Sponsored by:		Netflix
Reviewed by:		tsoome
Differential Revision:	https://reviews.freebsd.org/D53900
2025-11-24 17:35:46 -07:00
Navdeep Parhar a303b1455f cxgbe(4): Fix compile warning for !RSS kernels
.../sys/dev/cxgbe/t4_main.c:7197:1: warning: unused function 'hashen_to_hashconfig' [-Wunused-function]
 7197 | hashen_to_hashconfig(int hashen)
      | ^~~~~~~~~~~~~~~~~~~~
1 warning generated.

Reported by:	bz
Fixes:	d381a6b4a5 cxgbe: use newly exposed RSS hash key API rather than ad-hoc hashing
2025-11-24 13:56:00 -08:00
Olivier Certner 4cd93df95e setcred(): Remove an optimization for when cr_groups[0] was the egid
Because setcred() has (always) treated the effective GID separately from
the supplementary groups, when cr_groups[0] was storing the effective
GID, it internally needed to build an array containing both the
effective GID and the specified supplementary groups to eventually call
crsetgroups_internal().

As kern_setcred() was only used to actually implement
user_setcred()/sys_setcred(), which need to allocate a buffer to copy in
the userland groups array into, some optimization was put in place where
these would allocate an array with one more element than
'wc_supp_groups', copyin() the latter into the subarray starting at
index 1 and pass the pointer to the whole array to kern_setcred() in
'preallocated_groups'.  This would allow kern_setcred() not to have to
allocate memory again to make room for the additional effective GID.

Since commit be1f7435ef ("kern: start tracking cr_gid outside of
cr_groups[]"), crsetgroups_internal() only takes supplementary groups,
so this machinery has become obsolete.  It was not removed as part of
that commit, but just minimally amended to simplify the changes and
lower the risks.  Finally remove it.

Reviewed by:    kevans
MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D53772
2025-11-24 21:31:06 +01:00
Olivier Certner b92b1b4758 mdo(1): Avoid calling getgroups() in some unnecessary cases
If the basis for supplementary groups are the current ones, we do not
need to fetch them when they are to be replaced entirely (which we
already have been doing), as in the '!start_from_current_groups' case,
but specifically also when they are not going to be touched at all.

This change in passing makes the modified code block's comment saying
that SETCREDF_SUPP_GROUPS need not be set here correct.

MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D53771
2025-11-24 21:31:00 +01:00
Bartosz Sobczak 7b6644e160 irdma(4): fix potential memory leak on qhash cqp operation
It was found that in some circumstances when launching
non-waiting create qhash cqp operation the refcount on
the cqp_request may be not properly decremented leading to a memory
leak.

Signed-off-by: Bartosz Sobczak <bartosz.sobczak@intel.com>

Reviewed by:	anzhu_netapp.com
Tested by:	mateusz.moga_intel.com
Approved by:	kbowling (mentor)
MFC after:	1 week
Sponsored by:	Intel Corporation
Differential Revision:	https://reviews.freebsd.org/D53732
2025-11-24 19:45:58 +01:00
Mark Johnston d78231ed04 cxgbe: Fix the RSS build
When "options RSS" is configured, opt_rss.h defines the "RSS" token.

PR:	291068
Fixes:	17b4a0acfa ("cxgbe(4): T7 related updates to shared code")
2025-11-24 18:39:54 +00:00
Konstantin Belousov 72a447d0bc vm_object_page_remove(): clear pager even if there is no resident pages
Swap pager might still carry the data.

Debugging help from:	mmel
Reviewed by:	alc
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D53891
2025-11-24 20:08:31 +02:00
Rob Norris e37937f42d ztest: fix broken random call
Bad copypasta in 4d451bae8a, leading to random stuff being blasted all
over stack, destroying the program.

Sponsored-by: Klara, Inc.
Sponsored-by: Wasabi Technology, Inc.
Reviewed-by: Alexander Motin <alexander.motin@TrueNAS.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Igor Kozhukhov <igor@dilos.org>
Reviewed-by: Sean Eric Fagan <sean.fagan@klarasystems.com>
Signed-off-by: Rob Norris <rob.norris@klarasystems.com>
Closes #17957
2025-11-24 12:43:15 -05:00