Commit Graph

303409 Commits

Author SHA1 Message Date
Xin LI 8d485a8490 MFV: expat 2.7.3.
MFC after:	3 days
2025-09-28 21:28:12 -07:00
Xin LI a8fa7ccb47 Vendor import of expat 2.7.3. 2025-09-28 21:20:40 -07:00
Warner Losh ebc32e74b6 core.lua: Consistently check for single user
While boot_single:lower() should always be in {yes,no}, it might not
be. In one place we check == yes, and another ~= no. Make both places ~=
no for consistency. We generally try to test != default.

Sponsored by:		Netflix
2025-09-28 19:45:01 -06:00
Warner Losh b7473a5d68 loader: make disable-device more rebust
Check the number of arguments and ensure that the passed-in device to
disable parses correctly.

Sponsored by:		Netflix
2025-09-28 19:45:01 -06:00
Warner Losh 55025f42f6 stand: Remove support for FreeBSD 12.2 and earlier
Remove 'pager' shim that was last not supported in FreeBSD 12.2, which
went EOL on March 31, 2022. People have had enough time to upgrade the
boot loader.

Sponsored by:		Netflix
2025-09-28 19:45:00 -06:00
Vladlen Popolitov 008d04b297 vladlen@ joins comitters-doc and calendar.freebsd
Reviewed by: maxim (mentor)
Approved by: maxim (mentor)
Differential Revision: https://reviews.freebsd.org/D52769
2025-09-28 22:44:33 +03:00
Kajetan Staszkiewicz 7cd3854f82 pf: Fix interface counters for af-to rules
An inbound af-to rule creates a state bypassing outbound pf_test().
In such case increase counters of the outbound interface directly in
pf_route() for post-af-to address family.

For outbound af-to rules ensure that post-af-to address family is used
to increase interface counters.

Reviewed by:	kp
Sponsored by:	InnoGames GmbH
Differential Revision:	https://reviews.freebsd.org/D52448
2025-09-28 19:23:02 +02:00
Kajetan Staszkiewicz 6353f5d9a5 pf: Fix rule and state counters
Increasing counters on "match" rules causes the 1st packet making a
connection to be double-counted, but only for rule counters, not rules'
tables, because those are not increased at all during rule parsing.
Remove "match" rule counter handling during rule parsing, do it only in
pf_counters_inc().

NAT can be performed either by "nat" rules in the  NAT ruleset or by "match"
rules. Rules before the NAT rule, and the NAT rule itself match on pre-NAT
addresses, and later rules match on post-NAT addresses. When increasing
counters go over rules in the same order as a packet would and use
source and destination addresses for updating table counters from
appropriate state key, taking into consideration on which rule NAT
happens.

Use AF from state key, so that table counters can be properly updated for
af-to rules.

Synchronize match rule updating behaviour to that of OpenBSD: if rules
match, but state is not created, don't update counters.

Reviewed by:	kp
Sponsored by:	InnoGames GmbH
Differential Revision:	https://reviews.freebsd.org/D52447
2025-09-28 19:23:02 +02:00
Kajetan Staszkiewicz 938ae26ffd pf: Always skip outbound filtering for inbound af-to rules
The af-to rules on inbound direction create a single state spanning both
the inbound and the outbound interface. Calling pf_test() for the
outbound direction in pf_route() makes the packet pass through state
search, match the existing state, never evaluate the ruleset, and increase
state counters.

Check that the state comes from an af-to rule in inbound direction, and
if yes, skip outbound testing.

Reviewed by:	kp
Sponsored by:	InnoGames GmbH
Differential Revision:	https://reviews.freebsd.org/D52446
2025-09-28 19:23:01 +02:00
Aymeric Wibo 7e5ab18578 Revert "acpi_powerres: acpi_pwr_get_state and getting initial D-state for device"
Setting ACPI D-states is generally broken on FreeBSD and this change
surfaced an issue. So reverting for the time being whilst I write a
proper fix for this.

This reverts commit 02a8fadd2c.

Reported by:	glebius, phk
Tested by:	glebius
Sponsored by:	The FreeBSD Foundation
2025-09-28 18:07:27 +02:00
Christos Margiolis 86a7787e32 virtual_bt_speaker(8): Fix aarch64 build
Reported by:	fuz, otis
Fixes:		9cab9fde5e ("virtual_oss: Port to base")
Sponsored by:	The FreeBSD Foundation
2025-09-28 17:39:44 +02:00
Rick Macklem 70730cd21c rpc_generic.c: Fix a rpcbind core dump when rpcinfo is done
Commit c5d671b added netlink support to
server side rpcbind. However it did not add
a case for AF_NETLINK to __rpc_taddr2uaddr_af().
(Reported as PR#289625.)

As such, without this patch the r_addr field of the
netlink rbllist is NULL, which causes a crash in
svc_sendreply() for a Dump query (what rpcinfo
does).

PR:	289625
Reviewed by:	glebius
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D52651
Fixes:	c5d671b711 ("libc/rpc: add userland side RPC server over netlink(4)")
2025-09-28 07:57:34 -07:00
Gleb Smirnoff bbec2c9a6d newsyslog: fix one hour rotation with frequent execution
If a newsyslog.conf(5) has an entry that is configured to be rotated every
hour, and crontab(8) is set to execute newsyslog several times per hour,
the logic of age_old_log() is broken and it would rotate the entry too
often.  AFAIU, the extra 1800 seconds were added to allow some leeway for
the previous newsyslog invocation, that could have been too slow and the
timestamp on the old file is newer than actual time of the previous
newsyslog invocation.  But 30 minutes of leeway is way to much.  Reduce
this down to 3 minutes, which would be a compromise between a potential
need to run newsyslogd every 5 minutes and a situation when newsyslog
takes a significant time to rotate the logs.

Provide a test case for that.

Reviewed by:		delphij
Differential Revision:	https://reviews.freebsd.org/D52700
2025-09-28 07:54:53 -07:00
Gleb Smirnoff 81df9522c8 newsyslog: provide -I option to specify default signal
Useful when used with syslog-ng, which uses SIGUSR1.  Instead of adding
signal number to every new entry, just set it via command line option.

Reviewed by:		bcr, delphij
Differential Revision:	https://reviews.freebsd.org/D52701
2025-09-28 07:54:33 -07:00
Gleb Smirnoff aab45f2aee tests/netlink: fix flaky netlink_sockets:sizes
The problem is that fullsocket() creates a socket that has both send and
receive buffers full and as we process messages from the receive buffer we
allow the kernel to continue processing of the send buffer and a new
message may arrive while the test expects that no new messages arrive.
Fix that by creating a socket that has several messages in the receive
buffer, but don't have any in the send buffer.
2025-09-28 07:49:31 -07:00
Olivier Certner c1d5fc4e0c mac_do.4: Mention "from" part's GID can also match supplementary groups
MFC after:      3 days
Event:          EuroBSDCon 2025
Sponsored by:   The FreeBSD Foundation
2025-09-28 16:01:55 +02:00
Dag-Erling Smørgrav 202b59c35e tzcode: Really fix issues when TZ is an absolute path
This was accidentally left out of the previous commit.

Fixes:		df8bc705eb ("tzcode: Fix issues when TZ is an absolute path")
2025-09-28 13:12:44 +02:00
Christos Margiolis 5c8835e5c0 mixer(8): Update virtual_oss path
virtual_oss is part of base as of 9cab9fde5e ("virtual_oss: Port to
base").

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D52322
2025-09-28 11:58:35 +02:00
Christos Margiolis c457acb4ee RELNOTES: virtual_oss in base
Sponsored by:	The FreeBSD Foundation
Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D52583
2025-09-28 11:58:34 +02:00
Christos Margiolis 9cab9fde5e virtual_oss: Port to base
This patch diverges quite a bit from the current upstream [1] in a few
ways:

1. virtual_oss(8), virtual_bt_speaker(8) and virtual_oss_cmd(8) are
   actually separate programs.
2. Backends (lib/virtual_oss) are built as separate shared libraries and
   we dlopen() them in virtual_oss(8) and virtual_bt_speaker(8) on
   demand.
3. virtual_equalizer(8) and the sndio and bluetooth backends are built
   as ports, because they depend on third-party libraries.
4. Use newer libav API in bluetooth backend (see HAVE_LIBAV ifdefs) to
   address compiler errors.

[1] https://github.com/freebsd/virtual_oss

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D52308
2025-09-28 11:56:52 +02:00
Mateusz Piotrowski f34e1c76ad sysctl.9: Fix grammar in *TUN descriptions
Reported by:	bcr
Reviewed by:	bcr
MFC after:	3 days
Event:		EuroBSDCon 2025
Fixes:	5eb1caa8c8 Updated SYSCTL manual pages
Differential Revision:	https://reviews.freebsd.org/D52768
2025-09-28 11:27:08 +02:00
Jose Luis Duran 2872ced187 rc.d: Fix ftpd flags
After f99f0ee14e ("rc.d: add a service jails config to all base system
services"), the FTP service ignores the flags configured in ftpd_flags:

    # sysrc ftpd_flags=-B
    ftpd_flags:  -> -B
    # service ftpd enable
    ftpd enabled in /etc/rc.conf
    # service ftpd start
    Starting ftpd.
    # pgrep -fl ftpd
    1234 /usr/libexec/ftpd -D

Notice the absence of the "-B" flag.

PR:		285600
Reviewed by:	0mp, emaste
Approved by:	emaste (mentor)
Fixes:	f99f0ee14e ("rc.d: add a service jails config to all base system services")
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D52745
2025-09-28 09:12:41 +00:00
Michael Tuexen f2575d56c8 vtnet: improve control of transmit offloading
Keep the hwassist flags for transmit checksum offload and transmit
segment offload in sync with the enabled capabilities.

Reported by:		Timo Völker
Reviewed by:		Timo Völker
MFC after:		3 days
Differential Revision:	https://reviews.freebsd.org/D52765
2025-09-28 11:01:18 +02:00
Alexander Ziaee 52eb7e394a mrsas.4: Cleaning
+ Rewrite SYNOPSIS for consistency
+ Rewrite HARDWARE for HW Relnotes, and add some stragglers
+ Correct mdoc grammar, making sysctls aproposable and linking xrefs
+ Clean up TODO, cannonicalize to CAVEATS, a standard section
+ Editorial pass, tag SPDX

MFC after:		3 days
Reviewed by:		imp
Differential Revision:	https://reviews.freebsd.org/D52125
2025-09-27 23:42:30 -04:00
Lexi Winter 29a4fe3dbd packages: Add kernel-man to minimal-jail
These manpages are broadly applicable to all systems, even jails,
since they describe kernel facilities which are available in jails.

MFC after:	3 days
Sponsored by:	https://www.patreon.com/bsdivy
Differential Revision:	https://reviews.freebsd.org/D52743
2025-09-28 03:00:16 +01:00
Lexi Winter fc726c4ec4 packages: Add efi-tools to set-minimal
This is required to manage the firmware on amd64 and aarch64 systems.

MFC after:	3 days
Reviewed by:	imp, emaste
Sponsored by:	https://www.patreon.com/bsdivy
Differential Revision:	https://reviews.freebsd.org/D52742
2025-09-28 03:00:15 +01:00
Jesús Daniel Colmenares Oviedo 68691160f4 nuageinit: Ignore non-existent groups
In cloud-init, when a group specified in the 'users.{index}.groups' parameter
does not exist, it is ignored, but the user is created anyway. In the case of
nuageinit, it exits with an exception, since pw(8) expects each group to exist.

Reviewed by:		bapt@
Approved by:		bapt@
Differential Revision:	https://reviews.freebsd.org/D52718
2025-09-27 18:05:03 -04:00
Aymeric Wibo 2ed9833791 thunderbolt: Import USB4 code
Add initial USB4 code written by Scott Long and originally passed on to
HPS (source: https://github.com/hselasky/usb4), minus the ICM code and
with some small fixes.

For context, older TB chips implemented the connection manager in
firmware (ICM) instead of in the OS (HCM), but maintaining the ICM code
would be a huge burden for not many chips.

Mostly completed work:

- Debug/trace framework.
- NHI controller driver.
- PCIe bridge driver.
- Router and config space layer handling (just reading in this commit).

Link to the email where Scott shared details about the initial USB4
work:

https://lists.freebsd.org/archives/freebsd-hackers/2024-July/003411.html

Glanced at by:	emaste, imp
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D49450
Event:		EuroBSDcon 2025
2025-09-27 19:13:13 +02:00
Dag-Erling Smørgrav df8bc705eb tzcode: Fix issues when TZ is an absolute path
* If TZ starts with TZDIR, strip any additional slashes so relname
  does not end up looking like an absolute path.  For instance,
  TZ=/usr/share/zoneinfo//UTC should result in UTC, not /UTC.

* In the setugid case, we were incorrectly passing name rather than
  relname to fstatat().

* Modify the tz_env and tz_env_setugid test cases to exercise both
  of these scenarios.

* Also add test cases for invalid values of TZ, which I wrote
  earlier but forgot to include in a5f14e4f90.

Reported by:	Paul Eggert <eggert@cs.ucla.edu>
MFC after:	3 days
Fixes:		967a49a21a ("Update tzcode to 2025b")
Fixes:		a5f14e4f90 ("tzcode: Use -00 only for invalid time zones")
Reviewed by:	philip
Differential Revision:	https://reviews.freebsd.org/D52753
2025-09-27 19:07:16 +02:00
Dag-Erling Smørgrav d58339f398 tzcode: Drop libc namespace
This hasn't been needed in years and is a maintenance headache.

MFC after:	1 week
Reviewed by:	philip
Differential Revision:	https://reviews.freebsd.org/D52694
2025-09-27 19:07:15 +02:00
Mateusz Piotrowski 6b164f1811 mktemp.1: Document TMPDIR in ENVIRONMENT
While here, use Ev for TMPDIR consistently.

MFC after:	3 days
Event:		EuroBSDCon 2025
2025-09-27 17:24:43 +02:00
Gleb Smirnoff d9f03a43f2 ucode: use wrmsr_early_safe() for early CPU microcode update
Use the new method for wrmsr that is able to set up fault handler even at
the very early stage of kernel boot.  This prevents panic with new
microcode for some new AMD EPYCs, that requires certain patchlevel of
microcode to be already present in the CPU.  If BSP patching failed, we
print the message and we don't try to patch APs.

This has been tested only on AMD booted in EFI mode.

Reviewed by:		stas, kib
Differential Revision:	https://reviews.freebsd.org/D52643
2025-09-27 07:30:40 -07:00
Mark Johnston ceb5792d1e OptionalObsoleteFiles.inc: Add more ATF libraries
PR:		289653
Reported by:	Trond Endrestøl <Trond.Endrestol@ximalas.info>
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D52676
2025-09-27 08:11:19 +00:00
Mark Johnston ba364342ae vm_object: Remove the kmem_object alias
This was retained for KPI compatibility, but I can't find anything which
needs it.  Just get rid of it.

Reported by:	rwatson
Reviewed by:	alc, kib
Differential Revision:	https://reviews.freebsd.org/D52708
2025-09-27 03:56:08 -04:00
Colin Percival 523fece9d1 pkgbase-stage: Use unique PKG_DBDIR
Prior to this commit, pkgbase-stage.lua used a hard-coded PKG_DBDIR
"./pkgdb"; unfortunately this creates a race condition if we start
building disc1.iso and dvd1.iso at the same time

  pkg: sqlite error while executing CREATE TABLE licenses [...]
  in file pkgdb.c:2330: table licenses already exists

since pkg checks to see if the pkgdb is initialized and initializes
it if not.

Use separate pkgdb-disc1 and pkgdb-dvd directories.

MFC after:	1 minute
Sponsored by:	https://www.patreon.com/cperciva
Differential Revision:	https://reviews.freebsd.org/D52755
2025-09-26 21:08:00 -07:00
Mateusz Guzik 5e395c3440 vfs: stop using SDT_PROBES_ENABLED in inlined ops
No point after hot patching was introduced.
2025-09-27 04:00:59 +00:00
Mateusz Guzik 7e4c451c12 vfs: retire the VREF macro
It is defined as a plain use of vref.

Churn generated with coccinelle:
@@
expression vp;
@@

- VREF(vp)
+ vref(vp)
2025-09-27 04:00:59 +00:00
Mateusz Guzik 01c8e2e33d vfs: retire the NULLVP macro
The kernel was already mostly using plain NULL, just whack it and be
doen with the legacy.

Churn generated with coccinelle:
@@
@@

- NULLVP
+ NULL
2025-09-27 04:00:59 +00:00
Mateusz Guzik 08f06aa1b4 vfs: retire the VCALL macro
There is precisely one place using it and even that should probably go
away.
2025-09-27 04:00:59 +00:00
Mateusz Guzik 5c0e5f418d BUF_ISLOCKED.9: drop a reference to lockstatus(9)
It's the same as lockmgr(9), which the man page already refers to.
2025-09-27 04:00:59 +00:00
Aymeric Wibo 5632b0d462 sys/power: Sleep type reporting by PM backends
Allow PM backends to report supported sleep types when registering
through `power_pm_register`. Expose this information through
`kern.power.supported_stype` sysctl, and set defaults for
`power_standby/suspend/hibernate_stype` based on this.

Implement this in ACPI PM backend.

Reviewed by:	cy
Approved by:	cy
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D52727
Event:		EuroBSDcon 2025 Devsummit
2025-09-26 18:03:13 +02:00
Aymeric Wibo 9e1e29bd5e acpi: Add back hw.acpi.suspend_state sysctl
When writing an ACPI S-state to it it will set kern.power.suspend to the
appropriate sleep type, and when reading from it it will return the
corresponding ACPI S-state to the sleep type in kern.power.suspend.

This is deprecated and kern.power.suspend should be used directly
instead, but add this back because zzz(1) makes use of this and we can't
easily rewrite it just now.

PR:		289634
Reviewed by:	cy, markj
Approved by:	cy, markj
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D52600
Event:		EuroBSDcon 2025 Devsummit
2025-09-26 18:03:05 +02:00
Aymeric Wibo 97d152698f acpi: Use sleep types defined in sys/power.h
This is as opposed to using ACPI sleep states directly
(`ACPI_STATE_S*`). We now use `POWER_STYPE_*` added in D52036.

This is in preparation for adding support for s2idle, which is not an
ACPI sleep state, but needs to be handled specially by
`acpi_EnterSleepState`.

Reviewed by:	cy
Approved by:	cy
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D52705
Event:		EuroBSDcon 2025 Devsummit
2025-09-26 18:02:35 +02:00
Andrew Turner 2554148bd8 arm64: Add table attributes to the EFI maps
Use table attributes to also limit unprivileged access to the EFI
runtime mappings. This is mostly for parity with pmap as this is never
mapped while userspace could execute.

Reviewed by:	tuexen
Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D52751
2025-09-26 16:07:41 +01:00
Andrew Turner cee4802d0e arm64: Mark EFI memory as userspace non-executable
FEAT_PAN3 adds the SCTLR_EL1.EPAN field. This tells the hardware to
raise a permission abort when userspace could execute a page, i.e. the
ATTR_S1_UXN field is clear in the page table.

This causes issues for the EFI runtime as we only mark non-executable
pages with this flag leading to a permission fault when accessing it.

Fix this by marking all EFI mappings with ATTR_S1_UXN. The kernel
already had this field set so was already safe.

Reported by:	tuexen
Reviewed by:	tuexen
Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D52750
2025-09-26 16:07:41 +01:00
Michael Tuexen eaf619fddc vtnet: improve interface capability handling
Enable the handling of the IFCAP_RXCSUM_IPV6 handling by handling
IFCAP_RXCSUM and IFCAP_RXCSUM_IPV6 as a pair. Also make clear, that
software and hardware LRO require receive checksum offload.

Reviewed by:		Timo Völker
MFC after:		3 days
Differential Revision:	https://reviews.freebsd.org/D52682
2025-09-26 12:12:51 +02:00
Paul Floyd 7feac79331 libc/aarch64: fix ELF size of timingsafe_memcmp
Looks like a copy and paste error.
The ELF size of 0 prevents Valgrind from redirecting this function.

PR:		289845
Reviewed by:	fuz
Fixes:		3f224333af
See also:	https://bugs.kde.org/show_bug.cgi?id=509406
Pull Request:	https://github.com/freebsd/freebsd-src/pull/1854
MFC after:	1 day
Event:		EuroBSDcon 2025
2025-09-26 11:04:54 +02:00
Konstantin Belousov 495813bfd7 libsys: drop private exports no longer needed
after libc is switched to use public symbols for pre-ino64 syscalls.

Reviewed by:	olce
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D52687
2025-09-26 09:51:28 +03:00
Konstantin Belousov e194103bd3 libc: properly forward the compat syscall references to libsys
same as it was done for setgroups@FBSD_1.0.
Switch from weakref to symver, since GNU as cannot handle version spec
with weakref.

Reviewed by:	olce
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D52687
2025-09-26 09:51:28 +03:00
Konstantin Belousov f15d3694db libc: un-namespace gen-compat.h
There are no symbols that needs to be namespaced in the header, and it
would not allow to use proper raw syscall names later, where they are
needed.

Reviewed by:	olce
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision:  https://reviews.freebsd.org/D52687
2025-09-26 09:51:28 +03:00