Commit Graph

308926 Commits

Author SHA1 Message Date
Dimitry Andric 3f16c588d1 Adjust llvm-project main llvmorg-21-init-19288-gface93e724f4, part 1
This adjusts the llvmorg-21-init-19288-gface93e724f4 import: add partial
third-party/ top-level directory.

PR:		292067
MFC after:	1 month
2026-04-25 16:08:57 +02:00
Dimitry Andric 700637cbb5 Merge llvm-project main llvmorg-21-init-19288-gface93e724f4
This updates llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and
openmp to llvm-project main llvmorg-21-init-19288-gface93e724f4, the
last commit before the upstream release/21.x branch was created.

PR:		292067
MFC after:	1 month
2026-04-25 16:08:55 +02:00
Dimitry Andric 6243d755fb Revert "libcxx-compat: revert llvmorg-19-init-18063-g561246e90282:"
This reverts commit 1d99ada3215dbc28665fe051f9ccf028a2a02ce8, in
preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:43 +02:00
Dimitry Andric f3b0cac70b Revert "libcxx-compat: revert llvmorg-19-init-18062-g4dfa75c663e5:"
This reverts commit 6933315cf57fc3f505431bff7a0075df471d7453, in
preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:43 +02:00
Dimitry Andric 3b0a0e64bd Revert "libcxx-compat: revert llvmorg-19-init-17853-g578c6191eff7:"
This reverts commit 2facc097b9b28a81b925c924f27f09b40f29fd4d, in
preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:43 +02:00
Dimitry Andric f8152c67d4 Revert "libcxx-compat: revert llvmorg-19-init-17728-g30cc12cd818d:"
This reverts commit 198b947ebc6834eade6acc52c5441a38693b8822, in
preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:42 +02:00
Dimitry Andric 1f9c1cd08d Revert "libcxx-compat: revert llvmorg-19-init-17727-g0eebb48fcfbc:"
This reverts commit f12b6acbe1ea1c425c0e21d80097115e4ad33017, in
preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:42 +02:00
Dimitry Andric 501871ebf9 Revert "libcxx-compat: revert llvmorg-19-init-17473-g69fecaa1a455:"
This reverts commit cab3680acf8e6ea40c686d4f26db4429e26a5331, in
preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:42 +02:00
Dimitry Andric a843ea3f24 Revert "libcxx-compat: revert llvmorg-19-init-8667-g472b612ccbed:"
This reverts commit f7570f1eb0dc056dfce9d7500157538c670edaf6, in
preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:42 +02:00
Dimitry Andric 3ac42330b1 Revert "libcxx-compat: revert llvmorg-19-init-5639-ga10aa4485e83:"
This reverts commit 267fa9ab814c23ca97b8b7e1740f4da51485ac72, in
preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:41 +02:00
Dimitry Andric 3ca6facafc Revert "libcxx-compat: revert llvmorg-19-init-4504-g937a5396cf3e:"
This reverts commit a7455c47801ea1e4c4eed10cab2072375f6f92a2, in
preparation for merging llvm 21, in preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:41 +02:00
Dimitry Andric a24406d2e0 Revert "libcxx-compat: revert llvmorg-19-init-4003-g55357160d0e1:"
This reverts commit fd17362f6225085e60eabed8af7421838100b457, in
preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:41 +02:00
Dimitry Andric 3f6219840d Revert "libcxx-compat: don't remove headers that were reintroduced by reverts"
This reverts commit 2b3703a4f4519e202c3bdf12e7e13d9b5fdbc3f3, in
preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:41 +02:00
Dimitry Andric d6d48190ec Revert "libcxx-compat: install headers that were reintroduced by reverts"
This reverts commit 8ad38d5eb3985ef778a7d36093878b0b373ccedf, in
preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:40 +02:00
Dimitry Andric 5945da0bc9 Revert "libcxx-compat: update libcxx.imp for headers that were reintroduced by reverts"
This reverts commit caf0ccccc304e3e7938c9722f1deb0a362fd70d5, in
preparation for merging llvm 21.

PR:		292067
MFC after:	1 month
2026-04-25 16:07:40 +02:00
Dimitry Andric e5e636cf5e Revert "imgact_elf: Fix uninitialized variable use in note_procstat_auxv"
This reverts commit 753a166bde. It appears
to be unnecessary now.
2026-04-25 16:06:34 +02:00
Alex Richardson 753a166bde imgact_elf: Fix uninitialized variable use in note_procstat_auxv
Found building with latest clang

MFC after:	3 days
2026-04-25 15:42:16 +02:00
Jilles Tjoelker 7262e60119 sh: Allow vfork on redirected simple commands
Things like `{ some_program; } >/dev/null` use vfork, so use vfork
similarly for things like `some_program >/dev/null`.

This cannot be done for command substitutions, because of two problems:

* Redirections might cause the error message for later redirections or
  for an unknown command to be sent to the pipe (to be substituted), and
  this might cause a deadlock if the message is too long.

* The assignment of the pipe needs to come before instead of after the
  redirections.

Reviewed by:	bdrewery
Differential Revision:	https://reviews.freebsd.org/D55190
2026-04-25 15:04:10 +02:00
Kristof Provost 4001613878 pfsync: rename unused variable
Make it more obvious that this field is not used.
No functional change.

Event:	Wiesbaden Hackathon 202604
2026-04-25 13:27:03 +02:00
Gleb Smirnoff 4602d45eb3 kgss: de-virtualize kgss_gssd_handle
The RPC client is more of a class rather than an instance.  RPCs from
different VNETs are served by the same client.  This makes the kgss layer
fully transparent to VIMAGE and not even required to be aware of it.

It is responsibility of the rpcsec_gss module to have curvnet set on the
calling thread when doing RPC calls via kgssapi.

This change should enable proper operation of an NFS server with gssd(8)
in a VIMAGE jail.

PR:			294501
Reviewed by:		rmacklem
Differential Revision:	https://reviews.freebsd.org/D56562
2026-04-24 19:55:55 -07:00
Gleb Smirnoff 2bd2f267f3 kgss: remove unnecessary CURVNET_SET() and kgss_gssd_handle checks
These RPC methods correctly acquire the kgss_gssd_handle later with call
to kgss_gssd_client().

Reviewed by:		rmacklem
Differential Revision:	https://reviews.freebsd.org/D56561
2026-04-24 19:55:50 -07:00
Gleb Smirnoff 50c5715159 kgss: remove KGSS_VNET_* macros family
The original idea was that something else than VNET(9) might be used for
kgss in jails, but that is very unlikely to happen.

Mechanical change done with sed+grep.  No functional change.

Reviewed by:		rmacklem
Differential Revision:	https://reviews.freebsd.org/D56560
2026-04-24 19:55:45 -07:00
Maxim Konovalov c0c7d1e1af split.1: grammar
PR:		294757
Reported by:	Ulrich Eduard
MFC after:	1 week
2026-04-25 02:16:23 +00:00
Colin Percival 0f7b8f79f6 ena: Budget rx descriptors, not packets
We had ENA_RX_BUDGET = 256 in order to allow up to 256 received
packets to be processed before we do other cleanups (handling tx
packets and, critically, refilling the rx buffer ring).  Since the
ring holds 1024 buffers by default, this was fine for normal packets:
We refill the ring when it falls below 7/8 full, and even with a large
burst of incoming packets allowing it to fall by another 1/4 before we
consider refilling the ring still leaves it at 7/8 - 1/4 = 5/8 full.

With jumbos, the story is different: A 9k jumbo (as is used by default
within the EC2 network) consumes 3 descriptors, so a single rx cleanup
pass can consume 3/4 of the default-sized rx ring; if the rx buffer
ring wasn't completely full before a packet burst arrives, this puts
us perilously close to running out of rx buffers.

This precise failure mode has been observed on some EC2 instance types
within a Cluster Placement Group, resulting in the nominal 10 Gbps
single-flow throughput between instances dropping to ~100 Mbps as a
result of repeated rx overruns causing packet loss and ultimately
retransmission timeouts.

To correct this, switch from processing up to ENA_RX_BUDGET (256)
packets to processing up to ENA_RX_DESC_BUDGET (256) descriptors (or
slightly more, if we hit the limit in the middle of a packet).  This
ensures that, even with jumbos, we refill the ring before processing
most of a ring worth of descriptors, and returns the throughput to
expected levels.

Note that theoretically up to ENA_PKT_MAX_BUFS (19) descriptors can be
used for a single packet, in which case even 54 packets would exhaust
the default rx buffer ring; it's not clear if this ever occurs in
practice, but this fix will address that case as well.

Reviewed by:	akiyano
Sponsored by:	Amazon
MFC after:	6 days
Differential Revision:	https://reviews.freebsd.org/D56479
2026-04-24 15:30:13 -07:00
Colin Percival f6d2c8591c ena: Adjust ena_[rt]x_cleanup to return bool
The ena_[rt]x_cleanup functions are limited internally to a maximum
number of packets; this ensures that TX doesn't starve RX (or vice
versa) and also attempts to ensure that we get a chance to refill
the RX buffer ring before the device runs out of buffers and starts
dropping packets.

Historically these functions have returned the number of packets which
they processed which ena_cleanup compares to their respective budgets
to decide whether to reinvoke them.  This is unnecessary complication;
since the precise number of packets processed is never used, adjust
the APIs of those functions to return a bool indicating if they want
to be reinvoked (aka if they hit their limits).

Since ena_tx_cleanup now only uses work_done if diagnostics are
enabled (ena_log_io macros to nothing otherwise) eliminate that
variable and pass its value (ENA_TX_BUDGET - budget) to ena_log_io
directly.

No functional change intended; this will simplify a future commit.

Reviewed by:	akiyano
Sponsored by:	Amazon
MFC after:	6 days
Differential Revision:	https://reviews.freebsd.org/D56478
2026-04-24 15:29:57 -07:00
Raphael 'kena' Poss f31e6b198f speaker(4): move static data to text
Make this data const (it doesn't change) which will also move it to
a text section.

Signed-off-by: Raphael Poss <knz@thaumogen.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1922
2026-04-24 16:04:43 -06:00
Warner Losh 45a12d8a26 Revert "speaker(4): move static data to bss"
This reverts commit 690ef95b33.

The commit message was wrong.
2026-04-24 16:04:14 -06:00
Enji Cooper af864dd4a2 hosts.equiv.5: correct nits to fix mandoc -T lint issues
- Rename `.Nm .rhosts` to `.Nm rhosts` to match the MLINK for the
  manpage.
- Use `.Pa` instead of `.Nm` when discussing the paths for `.rhosts` and
  `hosts.equiv.5` for explicitness and clarity.

Bump .Dd for the change.

MFC after:	1 week
2026-04-24 13:45:14 -07:00
Enji Cooper 573a9e5764 security(7): fix mandoc -T lint complaints
- Add `.Nm` section for securelevel(7) to match corresponding MLINKS entry.
- Fix the spelling for mac(4) (the actual subsystem manpage is spelled out in
  lowercase.

MFC after:	1 week
2026-04-24 13:45:14 -07:00
Enji Cooper 944a4de2d2 Remove cam.d when MK_DTRACE == no
MFC with:	efb77950fd
Fixes:	efb77950fd ("dtrace: Add definitiosn for the cam dtrace provider")
Differential Revision:	https://reviews.freebsd.org/D56588
2026-04-24 13:45:13 -07:00
Bjoern A. Zeeb 93d301d95a Remove -fms-extensions throughout the tree
During a discussion about using -fms-extensions jhb pointed out that
we have them enabled in the kernel for gcc by default (even multiple
times in one part). I had missed all that and clang still failed on
my use case (needing another option).

The original cause for enabling them for our tree back then was that
we needed to support C11 anonymous struct/unions.
Our in-tree gcc 4.2.1, despite later patches, needed the
-fms-extensions to support these even though this was not the expected
use case for that option ( cc4a90c445 enabled it globally for the
kernel).
clang at that time (or at least when it became default for 10.0)
already was fine (with C11).

Any later gcc (4.6.0 onwards) did not need that option anymore, even
when compiled for -std=iso9899:1990 (which does not support anonymous
structs/unions) unless one would add -pedantic (see gcc git 4bdd0a60b27a).
This is also the reason why userland cddl sources now compile with the
option removed despite CSTD=c99.

The only driver which needed the option recently was ccp, but that was
fixed in 8d3f41dbcb by jhb.

So cleanup all uses cases of -fms-extensions for the moment as they are
no longer needed given all compilers currently supported seem to be
fine without them and gcc-4.2.1 was removed from the tree in stable/13
in 2020 (a9854bc381).

Reported by:	jhb (all this but possibly the world CDDL parts)
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Reviewed by:	emaste (earlier), imp, jhb, glebius
Differential Revision: https://reviews.freebsd.org/D55072
2026-04-24 20:36:15 +00:00
Andrew Gallatin 5923b363ca net: Fix collision between SIOCGI2CPB and IPSECGREQID
It turns out interface ioctls are defined not just in sockio.h, but are
spread among many files.  When I added SIOCGI2CPB at the bottom of the
file, the next number (160) collided with an ioctl (IPSECGREQID) that
I was unaware of in another file.  Fix this by moving to a number that
is unclaimed.

Fixes: cf1f215728 (net: Add SIOCGI2CPB ioctl & add page/bank fields to ifi2creq)
Reported by: dhw
Reviewed by: imp
2026-04-24 16:30:24 -04:00
Dag-Erling Smørgrav 76f642310d tzcode: Update to 2026b
MFC after:	1 week
2026-04-24 22:07:20 +02:00
Dag-Erling Smørgrav b17ccc1f45 Import tzcode 2026b 2026-04-24 21:54:03 +02:00
Warner Losh b40205855e nda: Filter non-storage nvme drives
Non-stroage drives have namespaces, but no storage attached. These
drives have a different interface type than storage drives, so ignore
them for the nvme_sim, which just handles storage.

Sponsored by:		Netflix
Differential Revision:	https://reviews.freebsd.org/D56461
2026-04-24 12:32:49 -06:00
Scott Long cb78764d47 cam: kern.cam.max_high_power tuneable / sysctl
Create a tunable for the maxinum number of 'high power' commands to
schedule, kern.cam.max_high_power.  Default remains at 4.

Differential Revision:	https://reviews.freebsd.org/D56462
2026-04-24 12:32:46 -06:00
Warner Losh 334adacbc1 cam: Document kern.cam.max_high_power.
Sponsored by:		Netflix
Differential Revision:	https://reviews.freebsd.org/D56463
2026-04-24 12:32:42 -06:00
Warner Losh 3454d97aae cam: Set ccb_h.status on XPT_GDEVLIST early-return paths
XPT_GDEVLIST in xpt_action_default has two early-return paths (list
changed and index not found) that set cgdl->status but not ccb_h.status.
Since xpt_action sets ccb_h.status to CAM_REQ_INPROG before dispatching,
and XPT_GDEVLIST is an non-queued CCB, cam_periph_ccbwait skips the
sleep loop and immediately hits the KASSERT checking that status !=
CAM_REQ_INPROG, causing a panic.

Set ccb_h.status = CAM_REQ_CMP at the top of the code rather than the
bottom. Any future error paths will be right (since this command can't
fail at the command level, just in the status of the data level).

PR:			293899
Assisted-By:		Claude Opus 4.6 (1M context)
Sponsored by:		Netflix
Reviewed by:		jhb
Differential Revision:	https://reviews.freebsd.org/D56487
2026-04-24 12:32:24 -06:00
Warner Losh e1cff85499 pass(4): Allowlist CCB func_codes to harden passthrough ioctls
The pass(4) driver's CAMIOCOMMAND and CAMIOQUEUE ioctls accept arbitrary
CCBs from userland.  This device requires root to open, and thus send
these commands. Previously, the only func_code filter was a blocklist
check against the XPT_FC_XPT_ONLY flag.  This missed several dangerous
func_codes that lack that flag:

 - XPT_ABORT: the abort_ccb field is a raw kernel pointer from the
   user CCB payload.  xpt_action_default() dereferences it without
   validation, leading to kernel crashes or worse.

 - XPT_SASYNC_CB: the callback and callback_arg fields come directly
   from the user CCB payload and get registered as a kernel async
   callback, allowing arbitrary kernel code execution.

 - Target mode CCBs (XPT_EN_LUN, XPT_TARGET_IO, etc.) fall through
   directly to the SIM with user-controlled payloads.

Replace the XPT_FC_XPT_ONLY blocklist with an explicit allowlist of CCB
function codes that are known to be safe for userland to submit: I/O
operations (SCSI, ATA, NVMe, SMP, MMC), device queries, transport
settings, and a handful of safe control operations (NOOP, REL_SIMQ,
RESET_DEV, DEBUG). Normally, the /dev/pass* permissions only allow root
to access them, so this is only a safety issue by default.

Also reject CAM_DATA_PADDR and CAM_DATA_SG_PADDR, since these pass
user-supplied physical addresses directly to DMA with no validation,
which on systems without an IOMMU allows arbitrary host memory access.
Add `options PASS_UNSAFE_PADDR` to allow the old behavior.

Verified that camdd, camcontrol, smartmontools, and cdrtools use only
func_codes on the allowlist (XPT_SCSI_IO, XPT_ATA_IO, XPT_NVME_IO,
XPT_NVME_ADMIN, XPT_PATH_INQ, XPT_GDEV_TYPE, XPT_GET_TRAN_SETTINGS,
XPT_SET_TRAN_SETTINGS, XPT_RESET_DEV, XPT_DEBUG) and none use
CAM_DATA_PADDR.

PR:			293888, 293890
Assisted-By:		Claude Opus 4.6 (1M context)
Sponsored by:		Netflix
Reviewed by:		jhb
Differential Revision:	https://reviews.freebsd.org/D56486
2026-04-24 12:31:55 -06:00
Raphael 'kena' Poss d76523a318 speaker(4): enable concurrent opens from different threads
Prior to this patch, a thread would get EBUSY on open(2) if another
thread had the speaker open.

With this patch, two or more threads/processes can use the speaker
device at the same time. When two or more threads write to the speaker
concurrently, individual melodies--single strings, as written by
write(2) or ioctl(2) with command SPKRTONE/SPKRTUNE--are played
atomically.

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1922
2026-04-24 10:23:07 -06:00
Raphael 'kena' Poss 690ef95b33 speaker(4): move static data to bss
Signed-off-by: Raphael Poss <knz@thaumogen.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1922
2026-04-24 10:23:06 -06:00
Raphael 'kena' Poss e2199dc33f speaker(4): one ioctl / write at a time
If two processes are holding a spkr fd, we want orderly access to the
allocated tone buffer and the speaker itself.

Signed-off-by: Raphael Poss <knz@thaumogen.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1922
2026-04-24 10:23:06 -06:00
Raphael 'kena' Poss a80ec2b51a speaker(4): make spkropen thread-safe
Signed-off-by: Raphael Poss <knz@thaumogen.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1922
2026-04-24 10:23:06 -06:00
Raphael Poss 43b7cf42d4 speaker(4): drop NEEDGIANT
When the frequency configuration logic was moved to clock.c in 2008, a
mutex lock was added there (timer_spkr_setfreq) to serialize accesses
to the I/O register.

Since then, no more calls to disable/enable_intr were needed in spkr.c
than they were needed in the other callers to the same timer_spkr
functions in syscons / kern_cons, that is, not at all. This is because
there are no other accesses remaining in the kernel to the i8254
timers after boot than through clock.c.

For context, see commits
e465985885
and
93f5134aaf.

Signed-off-by: Raphael Poss <knz@thaumogen.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1922
2026-04-24 10:23:06 -06:00
Raphael Poss 03a515e989 speaker(4): Update outdated comments
The comments in tone() were referring to pre-2000 logic that does not
exist any more. This patch updates them.

Signed-off-by: Raphael Poss <knz@thaumogen.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1922
2026-04-24 10:23:06 -06:00
Ali Mashtizadeh 70ae0c4524 i386: Remove perfmon performance monitoring facility
Remove the perfmon performance monitoring facility that was for Intel
Pentium and Pentium Pro processors.

Reviewed by: imp,mhorne,emaste
Pull Request: https://github.com/freebsd/freebsd-src/pull/2155
2026-04-24 10:23:05 -06:00
Ali Mashtizadeh 576c6e9620 pmc: Implement the feature bits for recent Zen 4/5
Ensure that the optional MSRs and the user flags are guarded by the
cpuid feature flags.  This prevents the user from triggering undefined
behavior or crashes on AMD processors where some of these features are
not present.  As part of this, I added the branch target and DATA4 MSRs
to the IBS op state as those are only present on a subset of the Zen
chips that I have tested.

Reviewed by:	mhorne
Sponsored by:	Netflix
Pull Request:	https://github.com/freebsd/freebsd-src/pull/2133
2026-04-24 12:33:42 -03:00
Vladimir Kondratyev 87ed6840a0 rtlbtfw(8): Load firmware from filesystem with mmap()
rather than with read() to alleviate concerns about partial reads.
2026-04-24 18:15:22 +03:00
Lexi Winter bb75b0d581 packages: Convert world to a subdir build
Instead of driving the world package build from Makefile.inc1,
use a subdir build where each package has a subdirectory under
packages/ using the new <bsd.pkg.mk>.

Convert some metadata that was previously in the UCL files (e.g.
sets and dependencies) to Makefile variables.

Build the packages under objdir (not repodir), and use the new
stagepackages target to copy them to repodir when creating the
repository.

Determine an explicit list of packages to build in packages/Makefile
based on enabled src.conf options, and add logic to abort the build
if we attempt to build an empty package.  This inverts the previous
logic in Makefile.inc1 which would simply skip empty packages.

There are a few advantages to doing it this way:

* The package build works more like the rest of the build system,
  so it's more accessible to developers.

* We can customise the packages we build based on src.conf options,
  e.g. skipping a package entirely, or adjusting its dependencies
  based on what it actually requires.

* We have a specific list of packages that we want to build, and an
  unexpectedly missing package results in a build error, instead of
  silently producing a broken repository.

* It's possible to build (and in the future, install) an individual
  package without having to rebuild the entire repository.

This doesn't apply to the dtb, kernel-* or src-* packages; those
have their own build systems in Makefile.inc1 and will be converted
later.

MFC after:	4 weeks (stable/15 only)
Reviewed by:	jlduran, sjg, brooks
Sponsored by:	https://www.patreon.com/bsdivy
Differential Revision:	https://reviews.freebsd.org/D56087
2026-04-24 15:10:01 +01:00
Mark Johnston 75c6621840 tests/posixshm: Check for hardware support in largepage_pkru
MFC after:	3 days
Fixes:		ca87c0b8e3 ("pkru: Fix handling of 1GB largepage mappings")
2026-04-24 13:23:03 +00:00