arm64: Mask out the PAC ID fields when disabled
When we disable PAC we need to mask out the ID registers for userspace.
Call update_special_reg to mask them out so userspace gets a correct
view of the registers and hwcaps.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D50573
arm64: Add a function to restrict the ID registers
This will be used when we need to restrict the register values, e.g.
when an erratum is present that means we need to disable a feature we
will need to remove some fields from these registers.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D50572
arm64: Move users of sanitised ID registers later
To allow for masking of ID registers in the presence of errata move
the late ifunc resolvers and CPU identification functions until after
the errata detection has run.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D50571
glob2_test: Add tests for error callback functions and blocks
This change adds tests that check basic callback functionality for
blocks and function pointers. The tests also make sure that GLOB_ERR
overrides the callback's return value.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D50486
loader: allow for exceptions to restricted settings.
We restrict what an unverified loader.conf etc can set,
and the same restrictions are applied to interactive input.
We need to allow for exceptions (eg boot_verbose).
It is best if any allowed settings match up to '='.
If we do not allow it to be set, do not allow it to be unset
Reviewed by: stevek
Sponsored by: Juniper Networks, Inc.
libarchive: merge from vendor branch
libarchive 3.8.1
New features:
#2088 7-zip reader: improve self-extracting archive detection
#2137 zip writer: added XZ, LZMA, ZSTD and BZIP2 support
#2403 zip writer: added LZMA + RISCV BCJ filter
#2601 bsdtar: support --mtime and --clamp-mtime
#2602 libarchive: mbedtls 3.x compatibility
Security fixes:
#2422 tar reader: Handle truncation in the middle of a GNU long linkname
CVE-2024-57970
#2532 tar reader: fix unchecked return value in list_item_verbose()
CVE-2025-25724
#2532 unzip: fix null pointer dereference
CVE-2025-1632
#2568 warc: prevent signed integer overflow
[28 lines not shown]
netinet6: Do not forward or send ICMPv6 messages to the unspec address
As in f7174eb2b4c4 ("netinet: Do not forward or ICMP response to
INADDR_ANY"), the IPv6 stack should avoid sending packets to the
unspecified address. In particular:
- Make sure that we do not forward received packets to the unspecified
address; the check in ip6_input() catches this in the common case, but
after commit 40faf87894ff it's possible for a pfil hook to bypass this
check and pass the packet to ip6_forward() using the
PACKET_TAG_IPFORWARD tag.
- Make sure that we do not reflect packets back to the unspecified
address; RFC 4443 section 2.4 states that we must not generate error
messages in response to packets from the unspecified address.
Reviewed by: zlei, glebius
Reported by: Franco Fichtner <franco at opnsense.org>
MFC after: 1 month
Sponsored by: Klara, Inc.
Sponsored by: OPNsense
[3 lines not shown]
vfs cache: Simplify cache_enter_time() a bit
The condition `flag == NFC_ISDOTDOT && vp != NULL && vp->v_type != VDIR`
is never true at this point in the function. This is asserted slightly
earlier. So, remove some dead code and simplify control flow.
N.B. we set v_cache_dd for all vnode types, not just VDIR. This seems
to be intentional, see commit ce575cd0e2f9069. For regular files it
appears to effectively represent the most recently entered cache entry
for the vnode.
No functional change intended.
Reviewed by: olce, kib
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D50107
(cherry picked from commit 01435e28211220f985c66569f60939e440f0887f)
makefs: Ensure that FFS superblocks are reproducible
The superblock structure has space reserved for a pointer to an
in-memory structure that gets created at mount time. makefs populates
it since that simplifies code elsewhere. However, the pointer value
ends up in the output file, which breaks reproducibility.
Zero the field when writing the superblock instead, as its on-disk value
is ignored.
Reviewed by: emaste
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D50196
(cherry picked from commit 764ccf410c3c5453c4656113d75cd81fcf01828d)
krb5: Fix handling of transient crypto request failures
- Instead of using CRYPTO_F_DONE to decide whether a request has
completed, use a custom protocol of setting crp_opaque = NULL in the
callback and checking that instead. CRYPTO_F_DONE is set independent
of whether an error occurred, but for transient errors signaled by
EAGAIN, we want to simply retry the request.
- Clear CRYPTO_F_DONE before retrying the request.
- Panic if the request truly failed, as we currently have no way to
pass hard errors back up.
Reviewed by: jhb
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D50238
(cherry picked from commit 04421fda140b92eb0d22bc4c0f81b6de05f21225)
file: Simplify an INVARIANTS check in _fdrop()
No functional change intended.
MFC after: 1 week
Sponsored by: Klara, Inc.
(cherry picked from commit a2e22ed3420d92d9d98a1e9681b5c9b1fbe40fca)
sysrc: Fix check flag logic for append and subtract
When using sysrc with the check flag (-c), the append (+=) and subtract
(-=) operations result in incorrect return values because on the check
path the necessary union/difference calculation logic is not performed.
However, the correct union/difference calculation is already performed
when running without the check flag. We fix the issue on the check path
by using the results from the existing union/difference calculation in
the check logic to get the correct return values.
PR: 279200
Reviewed by: markj
MFC after: 1 month
Pull Request: https://github.com/freebsd/freebsd-src/pull/1664
(cherry picked from commit c97460c4d97db1bd46dab9f2bdbc90cd1ed7757f)
ifnet: Integrate if_unroute() into if_down()
if_unroute() is static since 2004 and is not used anywhere except for
if_down().
This also makes it easier to grep by the pattern `if_flags &= ~IFF_UP`.
No functional change intended.
Reviewed by: glebius
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D49356
(cherry picked from commit 0693c3f7cb3d9e5389863a0c131ddef799c77091)
net80211: fix VHT160 and VHT80P80 selection and enable in LinuxKPI 802.11
Between 802.11ac-2013 and 802.11-2020 some fields were deprecated and the
way VHT160 and VHT80P80 are selected has changed.
In order to get onto VHT160 with modern APs adopt and support both the
deprecated as well as the new logic.
For simplicity of blocks we pull out the non-HT40 handling early on,
followed by the "use HT", followed by the deprectaed options and then
the 80Mhz channel width.
In all cases keep checking (a) what is locally supported, (b) what the
user has locally allowed (FVHT flags, [-]vht160 [-]vht80p80 [-]vht80
[-]vht40), as well as (c) what is announced. Provide possible fallbacks
to lower channel widths in all cases (but VHT20, which means VHT is
disabled).
With this enable VHT160 and VHT80P80 in the LinuxKPI 802.11 driver
compat code as well.
[5 lines not shown]
if_firewire: Make firewire_broadcastaddr static const
This global variable is used only in this file. While here, constify it
since it is only used to read.
No functional change intended.
MFC after: 1 week
bsdinstall: restore the environment when restarting
It is possible to restart the installation process upon errors, when
installing normally through the `auto` script, or when installing a jail
with the `jail` script. However, some values obtained interactively from
the user or guessed by some scripts were kept in the environment when
restarting the process; this made it impossible to re-run some steps as
expected after the restart.
For instance, if a bad choice of mirror was made in the `mirrorselect`
phase, restarting the installer remembered the choice made, and would
never prompt for a different one again. Rebooting was then the only easy
way out of this situation.
This change restores a pre-defined list of environment variables when
restarting the installation process.
PR: 266987
Reviewed by: emaste
[3 lines not shown]
ifconfig: reject netmask and broadcast for inet6
We don't support setting netmask or broadcast address for INET6
addresses, and trying to do crashes ifconfig. Handle this the
same way as af_link, by rejecting attempts to configure these
parameters.
PR: 286910
Reported by: Hayzam Sherif <hayzam at alchemilla.io>
MFC after: 3 days
Reviewed by: zlei, kevans, des, cy
Approved by: kevans (mentor)
Differential Revision: https://reviews.freebsd.org/D50413
(cherry picked from commit 59ee9260e6bbcc3b5654126eed6e9490315c81f1)
ifconfig tests: remove incorrect #!
Fixes: 59ee9260e6bb ("ifconfig: reject netmask and broadcast for inet6")
[5 lines not shown]
bridge: check allow_llz_overlap before member_ifaddrs
When adding a new interface to a bridge and allow_llz_overlap=0, which
is the default value, if_bridge checks if the interface has IPv6 link
local addresses assigned, and if it does, it calls in6_ifdetach() to
remove all IPv6 addresses from the interface.
This means it was possible to do this:
% ifconfig bridge1 create inet6 -ifdisabled auto_linklocal up
% ifconfig epair20 create inet6 -ifdisabled auto_linklocal up
% ifconfig bridge1 addm epair20a
... with the result that the link-local address on epair20a would be
removed, then the interface would be added to the bridge.
If member_ifaddrs=0, which is also the default value, this no longer
works:
[17 lines not shown]
rc.subr: remove the dependency on bsdconfig
rc.subr uses sysrc(8) for the 'enable' and 'disable' commands, which
means the entire rc(8) stack depends on bsdconfig. Instead, provide a
minimal amount of rc.conf-editing functionality in rc.subr and use it to
implement these commands.
Reviewed by: des, bapt
Approved by: des (mentor)
Differential Revision: https://reviews.freebsd.org/D50325
(cherry picked from commit f6328f052518d56c01f10e14cd9ef1f2675c01a4)
