Commit Graph

21694 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav 59906a163e ngctl: Fix buffer overflow in config command
Keep track of our buffer length when assembling the argument list.

PR:		293075
MFC after:	1 week
Reviewed by:	zlei, markj
Differential Revision:	https://reviews.freebsd.org/D55259
2026-02-13 16:57:58 +01:00
Dag-Erling Smørgrav 585190dff4 ngctl: Check hook name length
Check the length of the hook name when copying it into the sockaddr.

MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D55258
2026-02-13 16:57:58 +01:00
Dag-Erling Smørgrav 3cbdcabf71 ngctl: Modernize code somewhat
* Replace fgets(3) with getline(3)

* Replace select(2) with poll(2)

* Avoid needlessly copying text around

* Correct use of getopt(3)

* Pick some style and whitespace nits

MFC after:	1 week
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D55257
2026-02-13 16:57:58 +01:00
Siva Mahadevan 5fa297f4bc mixer/tests: use require.kmods property instead of ad-hoc checks
Reviewed by:	christos
Approved by:	lwhsu (mentor)
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D55221
2026-02-12 10:01:57 -05:00
Alexander Ziaee 64e612b462 newsyslog.conf.5: Add a CAVEAT
PR:			282639
MFC after:		3 days
Reviewed by:		michaelo
Differential Revision:	https://reviews.freebsd.org/D55122
2026-02-12 09:14:48 -05:00
Maxim Konovalov 66797b469e pw.8: spell 2026-02-11 21:03:11 +00:00
Dmitry Morozovsky e89454417b pw: make manual page more friendly for uid/gid search
pw.8 structure is quite different from usual manual page, especially in
describing -o option usage.  Specifically, these paragraphs do not
contain "uid/gid" terms, and have "user id"/"group id" instead,
making searching for "override duplicate safety belt" difficult.
Try to simplify such searches.

Also, clarify uid/gid space between 100 and 1000 as "somewhat special",
as it actually is.

Discussed on:   russian telegram FreeBSD group
Reviewed by:	eugen, novel
MFC after:      1 week
2026-02-11 22:36:42 +03:00
Ed Maste 097458ac66 freebsd-update: Error for -b basedir without UNAME_r set
freebsd-update sets the currently running release from UNAME -r, which
can be overridden via the --currently-running commandline option (or by
setting UNAME_r in the environment).  This may be invalid if -b is used
to specify a basedir other than /, so error out if -b is specified
without setting the currently running version.

PR:		283229
Reviewed by:	cperciva
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48016
2026-02-11 10:44:45 -05:00
Vladimir Kondratyev 20a3c611f5 moused(8): Use KQUEUE_CPONFORK flag to pass kqueue fd through fork
and use libc daemon() instead of private rfork-based copy.
2026-02-11 01:59:06 +03:00
Eugene Grosbein 60a6ebaf73 traceroute: graceful recover after networking errors with as_server
Currentlu, the traceroute[6] utility does not check
for possible networking errors while talking to as_server
in case of "traceroute -a". Meantime, there is a common case
when trace is long and it has many non-responding hops
(shown as '* * *'), so as_server aborts our connection,
hence no AS numbers shown for the rest of trace.

Somewhat artifical way to reproduce the problem:

traceroute to 57.144.244.1 (57.144.244.1), 80 hops max, 48 byte packets
 5  [AS174] be2950.ccr42.fra05.atlas.cogentco.com (154.54.72.42)  74.277 ms  9.605 ms  9.599 ms
 6  [AS174] 149.11.228.19 (149.11.228.19)  9.506 ms  9.466 ms  9.420 ms
 7  [AS33182] po172.asw02.fra5.tfbnw.net (129.134.108.146)  9.725 ms  9.874 ms  9.696 ms
 8  [AS32934] psw04.fra5.tfbnw.net (157.240.59.85)  8.718 ms  8.691 ms  8.618 ms
 9  * * *
10  [AS0] edge-star-mini-shv-01-fra5.facebook.com (57.144.244.1)  9.747 ms  9.815 ms  9.699 ms

Note what due to increased timeout (-w10) we get [AS0] for 10th hop
because as_server closed our connection. Same problem occurs
with default -w3 when there are lots of '* * *' hops in a trace.

Fix it with some additional error checking and a reconnection.

This patch was in my use for many years and after traceroute(8) moved
from contrib/ to usr.sbin/ it's nice to have it in the tree.

MFC after:	2 weeks
2026-02-09 17:00:10 +07:00
Jessica Clarke 825aaabcc7 bsdinstall: Add note to zfsboot pointing to release/tools/vmimage.subr
The VM image creation scripts have a copy of this list of datasets which
should be kept in sync, which can otherwise be easily missed, as was the
case in the now-reverted 3e8619e535 ("bsdinstall: Create separate
datasets for directories in /usr/ports").
2026-02-08 17:17:06 +00:00
Ricardo Branco be3962a383 Revert "bsdinstall: Create separate datasets for directories in /usr/ports"
This reverts commit 3e8619e535.

While it's generally a good idea to have separate datasets for things
like this, it breaks git clone with:
fatal: destination path 'ports' already exists and is not an empty directory.

Signed-off-by: Ricardo Branco <rbranco@suse.de>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2006
2026-02-08 09:44:42 -07:00
Michael Osipov a3b90a1f00 daemon: Add option for output file mode
The daemon utility has always created its output file with a fixed mode
of 0600. This causes issues for log collection setups where the collector
does not run as root but instead relies on group access to the watched
daemon’s log file.

Introduce a new option that allows specifying the output file mode using
install(1)-style semantics. This enables non-root log collectors to access
the file as intended and improves compatibility with log rotation tools.

Reviewed by:	kevans
MFC after:	1 week
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D54930
2026-02-07 15:45:40 +01:00
Mark Johnston 86150ed98b bhyve: Simplify passthru_msix_addr()
It can use the passthru_mmio_map() helper function.  Make that change,
and also make passthru_mmio_map() use EPRINTLN to fix formatting when
the guest console is stdio.

Reviewed by:	corvink, jhb
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D55067
2026-02-06 15:38:51 +00:00
Hans Rosenfeld 73ab91aaad bhyve/virtio-scsi: Unlimit max_sectors
The old default of 2 for max_sectors limits performance significantly
with guest systems where the virtio-scsi driver actually honors this
value.

As CTL doesn't seem to have any limit of the maximum size of a single
transfer, set this to INT32_MAX by default.

Reviewed by:	corvink
Differential Revision: https://reviews.freebsd.org/D53466
2026-02-06 09:55:41 -05:00
Hans Rosenfeld 94976733d3 bhyve/virtio-scsi: advertise support for indirect descriptors
Support for indirect registers is actually part of the common virtio code,
the virtio-scsi code doesn't actually care or even know anything about it.

Advertising the features greatly improves performance with some guest
operating systems.

Reviewed by: corvink
Differential Revision: https://reviews.freebsd.org/D53467
2026-02-06 09:14:47 -05:00
Hans Rosenfeld 5379c46277 bhyve/virtio: check negotiated_caps for indirect descriptor support
vq_getchain() erroneously checked vc_hv_caps for indirect descriptor
support when it encountered an indirect descriptor. vc_hv_caps is used
in feature negotiation to advertise what features our device emulation
supports, but we should really check what features we have negotiated
with the driver.

Reviewed by: corvink
Differential Revision: https://reviews.freebsd.org/D53465
2026-02-05 13:49:09 -05:00
Mitchell Horne 39148cbead usr.sbin/jail/Makefile: remove riscv linker workaround
It links fine with newer binutils 2.44 (and GCC 15), so the workaround
can be dropped.

Reviewed by:	emaste
PR:		242109
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D55083
2026-02-05 12:52:22 -04:00
Felix Johnson c5ee920c3f wpa_supplicant.conf.5: Remove removed variables
2005-09-25 - wpa_supplicant v0.4.5 removed "server_nai"
2008-02-22 - wpa_supplicant v0.6.3 removed "eappsk" and "nai"

PR:			284126
MFC after:		3 days
Reviewed by:		carlavilla, ziaee
Reported by:		J.R. Oldroyd <fbsd@opal.com>
Differential Revision:	https://reviews.freebsd.org/D49010
2026-02-05 10:46:53 -05:00
Pavel Knoblokh abf911af22 pkg: Fix mirror type parsing and service discovery
Signed-off-by: Pavel Knoblokh <info@software-advisory.com.au>
Reviewed by:	emaste, imp, kevans
Fixes:		dc4581589a ("pkg: clean support for repositories")
Closes:		https://github.com/freebsd/freebsd-src/pull/1989
2026-02-04 21:59:21 -06:00
Xin LI 4f7336a93c etcupdate: Do not ignore empty files.
PR:		bin/292773
Reviewed by:	markj
MFC after:	1 week

Differential Revision: https://reviews.freebsd.org/D54935
2026-02-04 19:44:26 -08:00
Brooks Davis e236502a99 clnt_broadcast(3): fix eachresult argument type
The `eachresult` argument is documented to take a function pointer of
type:

	bool_t (*)(caddr_t, struct sockaddr_in *)

It was declared to take a resultproc_t which has historically been
declared to be:

	bool_t (*resultproc_t)(caddr_t, ...);

This overlapped well enough for currently supported ABIs where variadic
arguments are passed in registers, but this declaration is misaligned
with the documentation (resultproc_t takes three arguments) and will be
fixed in a followup commit.

Fix the type to be non-variadic, matching callbacks, and define a
convenience type of as most callbacks take something other than a char *
as their first argument and need to be cast.

Effort:		CHERI upstreaming
Reviewed by:	ngie, glebius, jhb
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D54940
2026-02-02 21:20:10 +00:00
John Baldwin 6e82cb2906 wlanstat: Drop unneeded bsd.compiler.mk from Makefile
No functional change, but downstream in CheriBSD this was causing a
link error as the Makefile was overriding CFLAGS set via a side effect
of bsd.compiler.mk.

Reviewed by:	bz, brooks, emaste
Sponsored by:	AFRL, DARPA
Differential Revision:	https://reviews.freebsd.org/D54894
2026-01-31 11:58:39 -05:00
Mark Johnston 59bbb62b60 cpucontrol: Be more strict with input validation
Avoid truncating 32-bit values.  This would have saved me a bit of time
when I was looking at a cpuid leaf on my system and typed 0x80000001f
instead of 0x8000001f.

Reviewed by:	kib
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D54919
2026-01-28 17:47:02 +00:00
Mark Johnston 1db1e4bdc6 bhyve: Use PCIOCGETCONF to find the host LPC bridge
pci_host_read_config() requires write access to /dev/pci so cannot be
used with unprivileged bhyve.  The lpc init code uses it to find the
host system's LPC bridge device and so was generating warnings with
bhyve running as a non-root user.

Refactor the implementation to use PCIOCGETCONF instead, which doesn't
require any special privileges.  This isn't formally necessary, as we
only care about copying the host system's identifiers in order to
support Intel GPU passthrough (see commit f4ceaff56d), but it's
straightforward and lets an unprivileged user run bhyve without seeing
warnings about failing to open /dev/pci with write permissions.

Reviewed by:	corvink, rew
MFC after:	3 weeks
Sponsored by:	The FreeBSD Foundation
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D54851
2026-01-26 22:03:51 +00:00
Jose Luis Duran fe962e33d8 METALOG: Order keyword entries
To facilitate comparison with mtree -C generated output, keep the
keywords ordered.

No functional change intended.

Reviewed by:	imp
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D54872
2026-01-26 20:19:44 +00:00
Mark Johnston d6bc31f929 makefs/zfs/tests: Force-destroy md devices
Most of these tests create a md(4) device backed by a makefs-generated
image, then import the pool, using the md device as a pool vdev.  When
a test finishes, it destroys the pool, then destroys the md device.

Once in a while md device destruction fails with EBUSY.  This happens
when a GEOM consumer is holding the device open; kern_mddetach_locked()
simply fails if any consumers are present.  zpool destruction is
synchronous so ZFS is innocent, rather, the problem seems to be that
GEOM re-tastes the device after the zpool reference goes away.  This
operation creates a transient reference that causes the spurious
failure.

Use "mdconfig -o force" to work around this.

MFC after:	2 weeks
2026-01-25 22:41:10 +00:00
Mark Johnston 14dce731d7 syslogd/tests: Fix flakiness in forwarding tests
syslogd_start() waits for the local log socket to appear before
returning, to ensure that the daemon is ready to handle log messages.
Some tests start two daemons, so by default the socket already exists
when the second daemon is started, so syslogd_start() returns early.
The test subsequently sends a message to this second daemon, which
sometimes isn't ready.

Define a separate log socket for the second daemon.  Add a check to
syslogd_start() to help catch this type of bug.

Reviewed by:	jlduran
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D54800
2026-01-22 15:52:00 +00:00
Mark Johnston 92d251472e syslogd/tests: Improve loopback interface initialization
- In syslogd_start(), assign the lo0 address in the specified jail.
- Use the correct netmask.

Reviewed by:	jlduran
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D54799
2026-01-22 15:51:42 +00:00
Mark Johnston 560c22937b syslogd/tests: Address races
I occasionally see failures in the syslogd test suite.  The problem is
that the tests are racy: they send a message using logger(1), then
immediately check whether the message was logged to a log file.  If the
syslogd instance under test doesn't get a chance to run before the
second step, the test fails.

This change reworks things to avoid the race while minimizing the amount
of time sleeping.
1) Each test uses a single logfile, so have them use a new common
   variable, SYSLOGD_LOGFILE, instead of something test-specific.
2) In syslogd_start(), if the configuration references SYSLOGD_LOGFILE,
   wait for it to be created by syslogd before returning.
3) Add a helper syslogd_check_log(), to check for a given log entry in
   the last line of SYSLOGD_LOGFILE, instead of using atf_check
   directly.
4) In syslogd_check_log(), poll the logfile until the desired log entry
   appears, or the test times out.

With this change, I was able to run the tests 1000 times in a loop with
4-way parallelism without seeing any test failures.  Without the change
I usually get a failure within 10 loops.

Reviewed by:	jlduran
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D54779
2026-01-22 15:50:25 +00:00
Mark Johnston ffdbc1bc21 syslogd/tests: Use a helper function to log from within a jail
This is just for consistency with all other logger(1) invocations, which
happen from the syslogd_log() function.

No functional change intended.

Reviewed by:	jlduran
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D54778
2026-01-22 15:50:14 +00:00
Xin LI 53d6b23765 cron.8: clarify system crontab format
PR:		234504
MFC after:	1 week
2026-01-20 22:33:48 -08:00
Xin LI 12444a4da5 cron: Implement full PAM session lifecycle for user jobs
Extend PAM integration beyond account checks to include credential
establishment and session management, allowing PAM modules to configure
the execution environment for user cron jobs.

Previously, cron only called pam_acct_mgmt() to verify account validity
but immediately terminated the PAM handle before job execution. This
prevented PAM modules from establishing sessions, setting credentials
(e.g., Kerberos tickets), or exporting environment variables needed by
jobs.

The PAM handle now persists in the intermediate process throughout the
job execution, enabling proper session open/close pairing. Credentials
are established and sessions opened while still running as root, before
dropping privileges in the grandchild. PAM environment variables are
exported in the job process with user crontab variables taking precedence.

A session rule (pam_permit.so) is added to /etc/pam.d/cron to enable
session support without changing default behavior. Administrators can
replace this with other modules as needed.

System crontab entries continue to bypass all PAM operations.

PR:		bin/244844
Reviewed by:	des
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D54415
2026-01-20 18:47:16 -08:00
Joseph Mingrone 8ac6427b1b periodic: Support RFC 5424 syslog timestamps
This is based on an initial implementation by michaelo in
https://reviews.freebsd.org/D54361.

PR:		270497
Reported by:	michaelo
Reviewed by:	michaelo
Tested by:	michaelo
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D54606
2026-01-18 18:11:37 -04:00
Sulev-Madis Silber 6dc12ecfb2 spi: "-S" option for continuous stream from standard input to bus
created to allow addressable leds to be driven by abusing spi bus as waveform generator. this might have other uses for similar "permanent" spi transfers

Differential Revision:	https://reviews.freebsd.org/D54734
Reviewed by:	adrian
2026-01-16 19:41:33 -08:00
Hans Rosenfeld e2d7bec6bc bhyve: Want walk_config_nodes
Add a function to all nodes under a config option node. This allows
parsing an arbitrary number of similarly structured configuration
options in a config option group.

Reviewed by:	corvink, markj
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D51551
2026-01-16 10:48:34 -04:00
Brooks Davis 373c72ad50 virtual_oss: build system tidying
general:
 - find libsamplerate's headers in the temporary sysroot instead of
   digging in the source tree.
 - use LIBADD where possible

lib/virtual_oss:
 - centralize SHLIBDIR define
 - centralize include path for internal headers
 - don't try to find libsamplerate directly in .OBJDIR

No functional changes.

Reviewed by:	christos
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D54704
2026-01-16 09:33:56 +00:00
Brooks Davis adab1dd6a7 virtual_oss: build commands/libs in parallel
Reviewed by:	christos
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D54703
2026-01-16 09:33:50 +00:00
Brooks Davis 497a13601f virtual_oss: remove needless .include in intermediate Makefile
It doesn't define anything we use.

Reviewed by:	christos
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D54702
2026-01-16 09:33:22 +00:00
Kyle Evans 1e8c28712a jail: document the mac.label parameter
In particular, we should provide a hint about mac.conf(5), since libjail
will just use the mac_prepare_type(3) API to provide a reasonably sane
interface for system administrators.  Progammers wanting to fetch an
arbitrary MAC label would need to bypass libjail and use jail_get(2)
directly with their own prepared `struct mac`.

Differential Revision:	https://reviews.freebsd.org/D54067
2026-01-15 18:23:40 -06:00
Christos Margiolis 241a43cf9d virtual_oss: Take MK_CUSE into account
Reported by:	brooks
Fixes:		f74f891581 ("src.opts: Introduce MK_SOUND")
Sponsored by:	The FreeBSD Foundation
MFC after:	4 days
Reviewed by:	brooks, emaste
Differential Revision:	https://reviews.freebsd.org/D54708
2026-01-15 19:54:22 +02:00
Jesús Daniel Colmenares Oviedo 5810786791 jexec: Add -e parameter to customize the environment
Currently, to define a new environment variable or modify an existing
one, we need to use env(1), which may or may not be available inside
the jail, especially in OCI containers created with the scratch
layer (i.e., those containers that are only a single static binary,
plus configuration files and related stuff). With this option, we
can specify environment variables of arbitrary length for the
specified process running inside the jail.

Reviewed by:                jamie@
Approved by:                jamie@
Differential Revision:      https://reviews.freebsd.org/D54660
2026-01-15 01:33:25 -04:00
Ed Maste dac74b20c7 bsdinstall: Drop "Technology preview" from package sets
And refer to dist sets as "legacy."  This matches our expectation for
FreeBSD 16.0.

Reviewed by:	cperciva
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54156
2026-01-12 13:47:38 -05:00
Jose Luis Duran b0c2236f03 etcupdate: tests: Fix tests
Fix test login.conf files and update their MD5 checksums.

PR:		291649
Reviewed by:	imp
Fixes:		54ce6b2c4c ("login.conf.5: Remove mention of login copyright setting")
Pull Request:	https://github.com/freebsd/freebsd-src/pull/1962
2026-01-12 17:10:48 +00:00
Mark Johnston cf34eb8264 build: Remove duplicate SUBDIR entries
Fixes:	f74f891581 ("src.opts: Introduce MK_SOUND")
2026-01-12 16:06:31 +00:00
Christos Margiolis f74f891581 src.opts: Introduce MK_SOUND
PR:		291853
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Reviewed by:	zarychtam_plan-b.pwste.edu.pl, markj
Differential Revision:	https://reviews.freebsd.org/D54456
2026-01-12 16:16:35 +02:00
Christos Margiolis aa58af04dc sndctl(8): Add libxo support
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Reviewed by:	ziaee, mckusick
Differential Revision:	https://reviews.freebsd.org/D54032
2026-01-12 14:32:32 +01:00
Jake Freeland 60ae4e52f3 syslogd: Terminate pipe processes gracefully
Pipe actions spawn a process based on the command provided in the
syslogd configuration file. When a HUP signal is received, enter
the process into the deadq instead of immediately killing it.
This matches the behavior of syslogd prior to it being Capsicumized.

Fixes: d2d180fb77
2026-01-12 12:40:23 +09:00
Navdeep Parhar dda55f83f9 cxgbe(4): Update shared code and config files
Obtained from:	Chelsio Communications
MFC after:	1 week
Sponsored by:	Chelsio Communications
2026-01-10 14:44:31 -08:00
Ricardo Branco 3e8619e535 bsdinstall: Create separate datasets for directories in /usr/ports
Both distfiles & packages contain compressed files.

Signed-off-by: Ricardo Branco <rbranco@suse.de>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1873
2026-01-09 22:05:37 -07:00