Commit Graph

304152 Commits

Author SHA1 Message Date
Christos Margiolis 70b34fbdbe sndctl(8): Modify vchans only on supported directions
Currently mod_play_vchans() and mod_rec_vchans() run unconditionally,
even if the direction (playback, recording) is not supported by the
device. This results in the "autoconv" (see mod_autoconv()) control
failing when run on simplex devices, because we'll be trying to modify
vchans on an unsupported direction.

Test whether the direction is supported and silently move on if it
isn't.

Sponsored by:	The FreeBSD Foundation
MFC after:	4 days
Differential Revision:	https://reviews.freebsd.org/D53233
2025-10-22 13:50:55 +02:00
Peter Lei daac364e61 tcp: fix typo in comment
Reviewed by:	tuexen
MFC after:	3 days
Sponsored by:	Netflix, Inc.
2025-10-21 11:20:00 +02:00
David E. O'Brien 3a12982962 random: add RDSEED as a provably unique entropy source
NIST SP800-90B allows for only a single entropy source to be claimed
in a FIPS-140-3 certificate.  In addition, only hardware sources that
have a NIST Entropy Source Validation (ESV) certificate, backed by
a SP800-90B Entropy Assessment Report, are usable.  Intel has obtained
ESV certificates for several of their processors, so RDSEED is a
FIPS-140-3 suitable entropy source.

However, even though RDRAND is seeded by RDSEED internally, RDRAND
would need a RBG certificate and CAVP testing run on the DRBG in order
to use it for FIPS-140-3 (SP800-90B) purposes.  So we need to know
down in the CSPRNG-subsystem which source the entropy came from.

In light of the potential issues surrounding AMD Zen 5 CPU's RDSEED
implementation[*], allow RDSEED to be disabled in loader.conf.
[*] https://www.phoronix.com/news/AMD-EPYC-Turin-RDSEED-Bug

Reviewed by:	cem
MFC after:	3 days
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org/D53150
2025-10-21 23:59:59 -07:00
Maxim Konovalov cdc1990393 bsd-family-tree: add OpenBSD 7.8 release 2025-10-22 03:05:23 +00:00
Seyed Pouria Mousavizadeh Tehrani 1cc316727e if_vxlan: fix byteorder of source port
Fix the htons byteorder of vxlan packets after
`vxlan_pick_source_port` picks a source port during encapsulation.

Reviewed by:	zlei, kp, adrian
Differential Revision:	https://reviews.freebsd.org/D53022
2025-10-21 22:00:27 +02:00
Alan Somers 7648d2ebda tests/sys/netpfil/pf/sctp: make use of required.kmods
This greatly speeds up skipping a test that can't be run.

MFC after:	2 weeks
Sponsored by:	ConnectWise
Reviewed by:	kp
Differential Revision: https://reviews.freebsd.org/D53215
2025-10-21 13:46:26 -06:00
David E. O'Brien d78da1ea01 man9: Provide SYSCTL_BOOL & SYSCTL_ADD_BOOL man pages
Updates: 84e717c4c & 9a593520
2025-10-21 11:31:01 -07:00
Mark Johnston 0225c6d85d vmm: Move local variables into ioctl handlers
Make the ioctl handlers easy to read by moving local variables into
per-ioctl blocks.  No functional change intended.

Reviewed by:	corvink, emaste
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D53145
2025-10-21 17:34:48 +00:00
Mark Johnston e11768e947 vmm: Add PRIV_DRIVER checks for passthru ioctls
In preparation for allowing non-root users to create and access bhyve
VMs, add privilege checks for ioctls which operate on passthru devices.

Reviewed by:	corvink
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D53144
2025-10-21 17:34:29 +00:00
Mark Johnston 14133abfe9 vmm: Improve register get/set handling a bit
On non-amd64 platforms, check for negative register indices.  This isn't
required today since we match against individual register indices, but
we might as well check it.  On amd64, add a comment explaining why we
permit negative register indices.

Use mallocarray() for allocating register arrays in the ioctl layer.

No functional change intended.

Reviewed by:	corvink
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D53143
2025-10-21 17:34:11 +00:00
Cy Schubert 05637c8224 rc: Chase 052211e08c and bfb202c455, remove ifconfig down/up
bfb202c455 addresses the CTRL-EVENT-SCAN-FAILED. Upstream d807e289d
caused FreeBSD regression in driver_bsd.c, which this rc.d patch
worked around. As of bfb202c455 this workaround is no longer needed.

052211e08c implemented this change for wpa_supplicant but not for
hostapd.

Reported by:	avg
MFC after:	3 days
2025-10-21 10:31:23 -07:00
Martin Matuska 401026e482 libarchive: merge from vendor branch
Update vendor/libarchive to 3.8.2

Important bugfixes:
 #2477 tar writer: fix replacing a regular file with a dir for
       ARCHIVE_EXTRACT_SAFE_WRITES
 #2659 lib: improve filter process handling
 #2664 zip writer: fix a memory leak if write callback error early
 #2665 lib: archive_read_data: handle sparse holes at end of file correctly
 #2668 7zip: Fix out of boundary access
 #2670 zip writer: fix writing with ZSTD compression
 #2672 lib: fix error checking in writing files
 #2678 zstd write filter: enable Zstandard's checksum feature
 #2679 lib: handle possible errors from system calls
 #2707 lib: avoid leaking file descriptors into subprocesses
 #2713 RAR5 reader: fix multiple issues in extra field parsing function
 #2716 RAR5 reader: early fail when file declares data for a dir entry
 #2717 bsdtar: Allow filename to have CRLF endings
 #2719 tar reader: fix checking the result of the strftime (CVE-2025-25724)
 #2737 tar reader: fix an infinite loop when parsing V headers
 #2742 lib: parse_date: handle dates in 2038 and beyond if time_t is big
       enough

Obtained from:	libarchive
Vendor commit:	7f53fce04e4e672230f4eb80b219af17975e4f83
Security:	CVE-2025-25724
PR:		290303 (exp-run)
MFC after:	1 week
2025-10-21 17:52:44 +02:00
Warner Losh e29f81c2ad ata: Add error bits
Add notes for other bits that we don't use in the code for error
status. We report these when there's an error, and this allows people
decoding it to not have to chase down these bits from the standard.

Sponsored by:		Netflix
2025-10-21 07:36:55 -06:00
Bjoern A. Zeeb 37ad1beaf5 UPDATING: bump __FreeBSD_version for LinuxKPI changes
The size of an embedded struct has changed and might possibly be a
problem.  Allow this change to be detected by bumping __FreeBSD_version.

MFC after:	3 days
2025-10-21 07:52:46 +00:00
Bjoern A. Zeeb 0567484734 LinuxKPI: 802.11: additions for Linux v6.17 based wireless drivers
This includes some type cleanups as well as some shuffling of structs
and functions to sort dependencies out.  Few new functions and defines
as well as new struct members.  Minor fixes to style and debug logging.

This is the majority of changes.  None of these should conflict with
current in-tree drivers.  The final bit of changes will come along with
the driver updates adding an extra argument to function pointers.

MFC after:	3 days
2025-10-21 07:52:21 +00:00
Bjoern A. Zeeb 5ea941a4fb LinuxKPI: netdevice add attach/detach skeleton functions
For the moment add skeleton functions for netif_device_attach/detach()
needed by rtw8[89] v6.17.

MFC after;	3 days
2025-10-21 07:49:40 +00:00
Bjoern A. Zeeb 88dbf83345 LinuxKPI: skbuff: add a misplaced socket operation to skbuff.h for now
This likely belongs in socket code which we do not have in LinuxKPI.
Needed by a wirless driver at v6.17.

MFC after:	3 days
2025-10-21 07:49:40 +00:00
Bjoern A. Zeeb 224ac9d2a0 LinuxKPI: soc/mediatek add pr_debug calls
We do not support Wireless Ethernet Dispatch (wed) on the mt76 (yet).
Add pr_debug calls with TODO in case we run into the calls anyway so
we could deal with them.

MFC after:	3 days
2025-10-21 07:49:40 +00:00
Bjoern A. Zeeb 7c31cdfa40 LinuxKPI: page_pool headers moved; add netmem.h
page_pool headers were not used yet;  they were created for mt76 but
are without functionality.  Upstream has migrated them for v6.17 and
split them up into multiple files.  Also add netmem.h which the little
needed is directly related to page pools.

MFC after:	3 days
2025-10-21 07:49:40 +00:00
Bjoern A. Zeeb 885e8f272f LinuxKPI: add skeleton pci_enable_wake()
Given we do not yet support "wake" bits in device there is little need
doing it in PCI if we cannot check if we are supposed to do the
operation in first place.  Once we would implement this, we would need
to also do the appropriate PCI (pme) checks before enabling (disabling)
it.

MFC after:	3 days
Reviewed by:	dumbbell
Differential Revision: https://reviews.freebsd.org/D53208
2025-10-21 07:49:39 +00:00
Bjoern A. Zeeb 98609f4fec LinuxKPI: add fips.h
We do not currently aim to support crypto FIPS compliance in LinuxKPI
so keep this turned off.

MFC after:	3 days
Reviewed by:	emaste, dumbbell
Differential Revision: https://reviews.freebsd.org/D53207
2025-10-21 07:49:39 +00:00
Bjoern A. Zeeb 8ea366f400 LinuxKPI: device_driver add (*coredump)()
Needed by multiple wireless driver for the v6.17 update (likely earlier
versions already).

MFC after:	3 days
Reviewed by:	dumbbell
Differential Revision: https://reviews.freebsd.org/D53206
2025-10-21 07:49:39 +00:00
Bjoern A. Zeeb 0ae4998423 LinuxKPI: platform_device return type change
The return type now is void;  I believe no one ever used this
so we can just chnage it.  The only active platform_driver_register()
calls seems to be in ath1[01]k and mt76 and there in unsupported code.

MFC after:	3 days
Reviewed by:	dumbbell, emaste
Differential Revision: https://reviews.freebsd.org/D53205
2025-10-21 07:49:39 +00:00
Bjoern A. Zeeb cc792250ac LinuxKPI: add three skeleton functions to etherdevice.h
We will see how much we will need them and how to fill them at that
point.  They are left with a pr_debug("TODO") for now.

MFC after:	3 days
Differential Revision: https://reviews.freebsd.org/D53204
2025-10-21 07:49:38 +00:00
Bjoern A. Zeeb 0a4b11ddb2 LinuxKPI: add __counted_by_le() and __counted_by_be()
The former is needed by a wireless driver at v6.17.

MFC after:	3 days
Reviewed by:	dumbbell, emaste
Differential Revision: https://reviews.freebsd.org/D53203
2025-10-21 07:49:38 +00:00
Jamie Gritton 5f7d5709e0 jail: fix an error condition that was returned without setting errno.
MFC after:	3 days
2025-10-20 17:09:39 -07:00
Mitchell Horne f34e152e02 ti_clkctrl.c: fix paths in comment
Now under sys/contrib/device-tree.
2025-10-20 20:43:28 -03:00
Mitchell Horne 67bc0e3459 aw_mmc.4: add D1 compatible
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D52586
2025-10-20 20:37:14 -03:00
Mitchell Horne 15c79c6fa6 man4: move allwinner pages and logic to a standard place
They are shared by arm, arm64, and now riscv. Note that they are
always installed by default, where MAN_ARCH=all.

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D52585
2025-10-20 20:37:13 -03:00
Mitchell Horne ddc1d4b072 modules: fix some riscv module logic
The change which enabled the sdhci_fdt module build on riscv
inadvertently enabled the neta module as well. This driver is not needed
on this platform.

Move each entry to a respective identical conditional blocks.

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Fixes:	e9dd9f95f8 ("riscv: Add the sdhci_fdt driver to the build")
2025-10-20 20:37:13 -03:00
Mitchell Horne 5aefe9f16f arm: tweak imx module build logic
Add the subdirectory in the Makefile, not the config.

No functional change intended.

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2025-10-20 20:37:13 -03:00
Mitchell Horne 5522519731 modules: enable allwinner kmods on riscv
While here, standardize the place they are enabled in the Makefile. For
armv7 the module subdirectory was added explicitly in the config file,
but this is not idiomatic.

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2025-10-20 20:37:13 -03:00
Mitchell Horne 3ed48eb085 riscv: build allwinner DTBs
These are known to work if loaded manually by loader(8) (for the Nezha
board at least). If nothing else, it is useful to provide a DTB closely
tied to the kernel version.

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D53118
2025-10-20 20:37:13 -03:00
Mitchell Horne 96b137c044 riscv: build starfive JH7110 DTBs
These are known to work if loaded manually by loader(8) (for VF2 at
least). If nothing else, it is useful to provide a DTB closely tied to
the kernel version.

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D53117
2025-10-20 20:37:13 -03:00
Mitchell Horne cf202819af dtb: sort by vendor on riscv
Just like arm64, our DTS comes from Linux and is correctly sorted into
subdirectories by vendor. Enable the logic to preserve these directories
in the installation, for example:

  /boot/dtb/sifive/hifive-unmatched-a00.dtb

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D53116
2025-10-20 20:37:13 -03:00
Dag-Erling Smørgrav fa347930f8 quot: Make nusers unsigned
Fixes:		195b00ec45 ("quot: Clean up")
Reviewed by:	rlibby
Differential Revision:	https://reviews.freebsd.org/D53224
2025-10-20 23:42:13 +02:00
Michael Tuexen be3c59ff50 UDP: let udp_pcblist() support UDP and UDP-Lite
Provide the IPPROTO_UDP in the arg2 parameter of udp_pcblist() and use
this to determine the inpcbinfo. This allows the same function to be
used in an upcoming commit to provide the list of pcbs for UDP-Lite
just by providing IPPROTO_UDPLITE in the arg2 parameter.

Reviewed by:		rrs
MFC after:		3 days
Differential Revision:	https://reviews.freebsd.org/D53218
2025-10-20 23:21:47 +02:00
Michael Tuexen 7294d2601f Revert "UDP: let udp_pcblist() support UDP and UDP-Lite"
This reverts commit 5f6f2c3fa2.
Missing link to review.
2025-10-20 23:19:29 +02:00
Michael Tuexen 5f6f2c3fa2 UDP: let udp_pcblist() support UDP and UDP-Lite
Provide the IPPROTO_UDP in the arg2 parameter of udp_pcblist() and use
this to determine the inpcbinfo. This allows the same function to be
used in an upcoming commit to provide the list of pcbs for UDP-Lite
just by providing IPPROTO_UDPLITE in the arg2 parameter.

Reviewed by:		rrs
MFC after:		3 days
Pull Request:		https://reviews.freebsd.org/D53218
2025-10-20 23:10:34 +02:00
Jason A. Harmening 35170408a7 AMD IOMMU: fix per-device IOMMU bypass when IR is enabled
When interrupt remapping (IR) is enabled, the device table entry
(DTE) for a given device will likely be initialized by
amdiommu_ir_find() during MSI configuration.  This function directly
calls amdiommu_get_ctx_for_dev() with id_mapped=false, which means that
any attempt to disable DMA remapping for the device (e.g. by setting
hw.busdma.pciD.B.S.F='bounce' in the loader tunables) will effectively
be ignored as the paging mode field in the DTE will not be set to
0 as required for identity mapping.  This will ultimately produce
an unusable device, because busdma will later observe the bounce
configuration through iommu_instantiate_ctx() and will employ the
non-translated 'bounce' busdma methods for the device, while the DTE
remains configured to enable translation.

Fix this by tweaking iommu_instantiate_ctx() to always return the
relevant per-device context object even if translation is disabled,
and adopt it in amdiommu_ir_find() instead of directly calling
amdiommu_get_ctx_for_dev().

Reviewed by:	kib
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D53209
2025-10-20 16:06:47 -05:00
Colin Percival 2b5c62494d release: Add pkg .conf to METALOG on dvd
We're correctly recording all of the packages in the dvd METALOG file,
but if we don't record ./packages/repos/FreeBSD_install_cdrom.conf then
users won't be able to install them very easily.

Reviewed by:	markj
Reported by:	Lars Tunkrans
MFC after:	3 days
Sponsored by:	https://www.patreon.com/cperciva
Differential Revision:	https://reviews.freebsd.org/D53199
2025-10-20 14:00:26 -07:00
Jean-Sébastien Pédron b596b44965 zfs: zfs_getpages: Don't zero freshly allocated pages
Initially, `zfs_getpages()` is provided with an array of busy pages by
the vnode pager. It then tries to acquire the range lock, but if there
is a concurrent `zfs_write()` running and fails to acquire that range
lock, it "unbusies" the pages to avoid a deadlock with `zfs_write()`.
After that, it grabs the pages again and retries to acquire the range
lock, and so on.

Once it got the range lock, it filters out valid pages, then copy DMU
data to the remaining invalid pages.

The problem is that freshly allocated zero'd pages it grabbed itself are
marked as valid. Therefore they are skipped by the second part of the
function and DMU data is never copied to these pages. This causes mapped
pages to contain zeros instead of the expected file content.

This was discovered while working on RabbitMQ on FreeBSD. I could
reproduce the problem easily with the following commands:

    git clone https://github.com/rabbitmq/rabbitmq-server.git
    cd rabbitmq-server/deps/rabbit

    gmake distclean-ct RABBITMQ_METADATA_STORE=mnesia \
      ct-amqp_client t=cluster_size_3:leader_transfer_stream_send

The testsuite fails because there is a sendfile(2) that can happen
concurrently to a write(2) on the same file. This leads to sendfile(2)
or read(2) (after the sendfile) sending/returning data with zeros, which
causes a function to crash.

The patch consists of not setting the `VM_ALLOC_ZERO` flag when
`zfs_getpages()` grabs pages again. Then, the last page is zero'd if it
is invalid, in case it would be partially filled with the end of the
file content. Other pages are either valid (and will be skipped) or they
will be entirely overwritten by the file content.

This patch was submitted to OpenZFS as openzfs/zfs#17851 which was
approved.

Reviewed by:	avg, mav
Obtained from:	OpenZFS
OpenZFS commit:	8a3533a366e6df2ea770ad7d80b7b68a94a81023
MFC after:	3 days
Differential revision: https://reviews.freebsd.org/D53219
2025-10-20 21:16:43 +02:00
John Baldwin aa358ce3ca inet_net_test: Compare pointers against nullptr
GCC does not like passing NULL (__null) to std::ostringstream::operator<<
inside of ATF_REQUIRE_EQ:

lib/libc/tests/net/inet_net_test.cc: In member function 'virtual void {anonymous}::atfu_tc_inet_net_ntop_invalid::body() const':
lib/libc/tests/net/inet_net_test.cc:306:9: error: passing NULL to non-pointer argument 1 of 'std::__1::basic_ostream<_CharT, _Traits>& std::__1::basic_ostream<_CharT, _Traits>::operator<<(long int) [with _CharT = char; _Traits = std::__1::char_traits<char>]' [-Werror=conversion-null]
  306 |         ATF_REQUIRE_EQ(ret, NULL);
      |         ^~~~~~~~~~~~~~
In file included from /usr/obj/.../amd64.amd64/tmp/usr/include/c++/v1/sstream:317,
                 from /usr/obj/.../amd64.amd64/tmp/usr/include/atf-c++/macros.hpp:29,
                 from /usr/obj/.../amd64.amd64/tmp/usr/include/atf-c++.hpp:29,
                 from lib/libc/tests/net/inet_net_test.cc:33:
/usr/obj/.../amd64.amd64/tmp/usr/include/c++/v1/__ostream/basic_ostream.h:338:81: note:   declared here
  338 | basic_ostream<_CharT, _Traits>& basic_ostream<_CharT, _Traits>::operator<<(long __n) {
      |                                                                            ~~~~~^~~
...

Fixes:		8f4a0d2f7b ("libc: Import OpenBSD's inet_net_{ntop,pton}")
2025-10-20 14:31:41 -04:00
John Baldwin e1aeb58cbb inet_net_test: Use int to hold expected return values from inet_net_pton
GCC warns about the sign mismatch in comparisons:

lib/libc/tests/net/inet_net_test.cc: In member function 'virtual void {anonymous}::atfu_tc_inet_net_inet4::body() const':
lib/libc/tests/net/inet_net_test.cc:86:17: error: comparison of integer expressions of different signedness: 'int' and 'const unsigned int' [-Werror=sign-compare]
   86 |                 ATF_REQUIRE_EQ(bits, addr.bits);
      |                 ^~~~~~~~~~~~~~
lib/libc/tests/net/inet_net_test.cc: In member function 'virtual void {anonymous}::atfu_tc_inet_net_inet6::body() const':
lib/libc/tests/net/inet_net_test.cc:205:17: error: comparison of integer expressions of different signedness: 'int' and 'const unsigned int' [-Werror=sign-compare]
  205 |                 ATF_REQUIRE_EQ(bits, addr.bits);
      |                 ^~~~~~~~~~~~~~

Fixes:		8f4a0d2f7b ("libc: Import OpenBSD's inet_net_{ntop,pton}")
2025-10-20 14:31:41 -04:00
Randall Stewart a8e4399fc6 Move bbr and rack to use inline per C99 (TCP Sub-system)
This is a small change as suggested by Gleb to move all __inline -> inline aka C99 style. This
covers both BBR and Rack and makes no real changes to the code functionality

Reviewed by:	tuexen
 Differential Revision:	<https://reviews.freebsd.org/D53197>
2025-10-20 14:09:11 -04:00
Jamie Gritton 78f70d4ff9 jail: fix a regression that creates zombies when removing dying jails
When adding jail descriptors, I split sys_jail remove in two, and
didn't properly track jail held between them when a jail was dying.
This fixes that as well as cleaning up the logic behind it.

PR:		290217
Reported by:	David 'equinox' Lamparter <equinox at diac24.net>
Reviewed by:	markj
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D53200
2025-10-20 09:49:14 -07:00
Michael Tuexen 4ee0ddae1d sockstat: fix column length for PROTO
The computation of the length was not taking into account that IPv6
endpoints, which are not IPv6 only, have a suffix of 46.
For UDP and TCP this bug was not relevant, since tcp46 and udp46
has the same length as PROTO, but sctp46 is longer. Upcoming
udplite support will also be affected.

Reviewed by:		asomers
MFC after:		3 days
Differential Revision:	https://reviews.freebsd.org/D53212
2025-10-20 16:26:52 +02:00
Dmitry Luhtionov a2838e818c ehci(4): Add ID for Realtek RTL811x USB 2.0 controller 2025-10-20 10:05:05 -04:00
Dmitry Luhtionov 4c66761537 snd_hda: Add device ID for ATI Raven 2025-10-20 09:59:57 -04:00
Ed Maste b0c64ce0ea bsdinstall: Use pkgbase release URL for BETA/RC
PR:		290238
Reviewed by:	ivy
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53214
2025-10-20 09:28:49 -04:00