FreeBSD/src 3ff24c7sys/netinet in_pcb.c

inpcb: remove unneeded #ifdef INET || INET6

Per sys/conf/files this unit is not compiled for a NOIP kernel.
DeltaFile
+1-5sys/netinet/in_pcb.c
+1-51 files

FreeBSD/src e56cb0bsys/kern uipc_socket.c

sockets: inherit SO_ACCEPTFILTER from listener to child

This is crucial for operation of accept_filter(9).  See added comment.

Fixes:  d29b95ecc0d049406d27a6c11939d40a46658733
(cherry picked from commit a8acc2bf5699556946dda2a37589d3c3bd9762c6)
DeltaFile
+6-2sys/kern/uipc_socket.c
+6-21 files

FreeBSD/src 4d07fdctests/sys/netinet fibs_test.sh

fibs_test: Mark same_ip_multiple_ifaces_fib0 as expected to fail

The test relies on being able to assign the same interface address to
two different tap interfaces; it then removes one of the addresses,
which at one point would trigger a kernel panic.

Since 361a8395f0b0 it is not possible to assign an address multiple
times this way, so the test fails.  Just mark it as expected to fail for
now: if the kernel's behaviour here changes again, this test might be a
useful seatbelt.

MFC after:      2 weeks

(cherry picked from commit 6bdc9743d8f8c9727e5101d6cb6f2a85a13c5acb)
DeltaFile
+3-0tests/sys/netinet/fibs_test.sh
+3-01 files

FreeBSD/src 39e1726sys/kern uipc_accf.c, tests/sys/kern socket_accf.c

accept_filter: return different errors for non-listener and a busy socket

The fact that an accept filter needs to be cleared first before setting to
a different one isn't properly documented.  The requirement that the
socket needs already be listening, although trivial, isn't documented
either.  At least return a more meaningful error than EINVAL for an
existing filter.  Cover this with a test case.

(cherry picked from commit 19307b86d31b7dea4bb5c3f7e233ee0e59049258)
DeltaFile
+32-0tests/sys/kern/socket_accf.c
+5-1sys/kern/uipc_accf.c
+37-12 files

FreeBSD/src d73ce9dshare/man/man9 accf_tls.9 Makefile, sys/conf NOTES

accf_tls: accept filter that waits for TLS handshake header

(cherry picked from commit c68eed82a3dcadf0c826e9e150f59769f4c44f24)
DeltaFile
+106-0sys/netinet/accf_tls.c
+95-0share/man/man9/accf_tls.9
+60-1tests/sys/kern/socket_accf.c
+7-0sys/modules/accf_tls/Makefile
+1-0sys/conf/NOTES
+1-0share/man/man9/Makefile
+270-13 files not shown
+273-19 files

FreeBSD/src 8cd7442sys/netinet6 nd6.c in6_var.h

netinet6: Remove ndpr_raf_ra_derived flag

This flag was introduced at 8036234c72c9361711e867cc1a0c6a7fe0babd84
to prevent the SIOCSPFXFLUSH_IN6 ioctl from removing manually-added
entries.  However, this flag did actually not work due to an
incomplete implementation making prelist_update() not handle it before
calling nd6_prelist_add().

This patch removes the flag because a prefix is derived from an RA
always has an entry in the ndpr_advrtrs member in the struct
nd_prefix.  Having a separate flag is not a good idea because it can
cause a mismatch between the flag and the ndpr_advrtrs entry.  Testing
using LIST_EMPTY() is simpler for the origial goal.

This also removes in a prefix check in the ICMPV6CTL_ND6_PRLIST sysctl
to exclude manually-added entries.  This ioctl is designed to list all
entries, and there is no relationship to SIOCSPFXFLUSH_IN6.

Differential Revision:  https://reviews.freebsd.org/D46441

    [2 lines not shown]
DeltaFile
+3-5sys/netinet6/nd6.c
+1-3sys/netinet6/in6_var.h
+0-1sys/netinet6/nd6.h
+0-1sys/netinet6/nd6_rtr.c
+4-104 files

FreeBSD/src 954001asys/dev/sound/usb uaudio.c

snd_uaudio: Initialize mixer_lock with MTX_RECURSE

Fixes:          fc9dc8482396 ("snd_uaudio: Lock usbd_transfer_start() in uaudio_mixer_ctl_set()")
PR:             296682
Sponsored by:   The FreeBSD Foundation
MFC after:      3 days
DeltaFile
+8-1sys/dev/sound/usb/uaudio.c
+8-11 files

FreeBSD/src 40cc9desys/dev/mlx5/mlx5_ib mlx5_ib_devx.c

mlx5ib: use the eventfd_ctx API for DEVX event subscriptions

The DEVX_SUBSCRIBE_EVENT redirect path resolved the user's eventfd with
fdget(), which on FreeBSD only finds LinuxKPI files.  rdma-core creates
the eventfd with the native FreeBSD eventfd(2), so the lookup failed and
subscription returned EBADF; the delivery side likewise assumed a
LinuxKPI-pollable file.

Use the LinuxKPI eventfd_ctx API instead: eventfd_ctx_fdget() resolves
the native eventfd, eventfd_signal() notifies it, and eventfd_ctx_put()
releases it.  DEVX async events can then be delivered through a redirect
eventfd.

Reviewed by: kib
Sponsored by: Nvidia networking
MFC after: 1 month
DeltaFile
+12-10sys/dev/mlx5/mlx5_ib/mlx5_ib_devx.c
+12-101 files

FreeBSD/src f1e8b0fshare/mk bsd.cpu.mk

bsd.cpu.mk: Add a workaround for erratum 843419

Add a workaround for the Arm Cortex-A53 erratum 843419. This has been
targeted when the build is either unoptimised for any CPU/architecture
or targets the Cortex-A53 or ARMv8.0 architecture.

PR:             296240
PR:             296395
Reported by:    Hal Murray <halmurray+freebsd at sonic.net>
Reported by:    Andreas Schuh <x55839 at icloud.com>
Reviewed by:    cognet, mmel
Sponsored by:   Arm Ltd
Differential Revision:  https://reviews.freebsd.org/D58212
DeltaFile
+17-1share/mk/bsd.cpu.mk
+17-11 files

FreeBSD/src 4c9f648sbin Makefile, sbin/init init.c Makefile

init(8): extract reroot transient code into reroot_seed

Since init become dynamically linked, reroot appeared to be broken
because init copies itself into a transient tmpfs mount to continue
controlling execution right after the reboot(REROOT) syscall.  Because
the binary is dynamically linked, it cannot be properly executed.

Provide a minimal static binary 'reroot_seed' embedded into the init as
byte stream, which performs what the 'init -r' did, namely, the second
phase reroot.

For the static build of init as part of the /rescue crunch, keep the
inline reroot code.

Reported and tested by: markj
Sponsored by:   The FreeBSD Foundation
MFC after:      1 week
Differential revision:  https://reviews.freebsd.org/D58164
DeltaFile
+109-0sbin/reroot_seed/reroot_seed.c
+74-17sbin/init/init.c
+8-1sbin/init/Makefile
+6-0sbin/reroot_seed/Makefile
+4-0sbin/init/reroot_seed.embed.s
+2-0sbin/Makefile
+203-186 files

FreeBSD/src 0228338usr.sbin/bhyve block_if.c

bhyve: Fix some leaks in usr.sbin/bhyve/block_if.c

Modify `blockif_open` to properly release a partially initialized
`blockif_ctxt` structure on error.

Differential Revision:  https://reviews.freebsd.org/D57887
Reviewed by:    novel, bnovkov, glebius
Tested by:      bnovkov
MFC after:      2 weeks
DeltaFile
+39-9usr.sbin/bhyve/block_if.c
+39-91 files

FreeBSD/src 1aeb9d7sys/arm64/rockchip rk_gpio.c

Revert "rk_gpio: defer level-IRQ EOI until source line is driven low"

There is a more correct / preferable scheme for handling of EOI.

Requested-by:   mmel

This reverts commit 8ffb400bfd64102ac2a49639ccbbfffbe0c6f127.
DeltaFile
+3-54sys/arm64/rockchip/rk_gpio.c
+3-541 files

FreeBSD/src f82ee47etc/mtree BSD.tests.dist, tests/sys/fs Makefile

tests: Add pjdfstest integration

Use ATF to wrap the new reimplementation of pjdfstest that came out of
GSOC 2022, now available in the ports tree as filesystems/pjdfstest.

So far I added tests for UFS (with several different option
combinations), tmpfs and ZFS, plus ZFS+nullfs.  All of these create a
memory disk, initialize the filesystem, and point the pjdfstest
executable at it.

In the future it would be good to add tests for at least NFS and p9fs.

Reviewed by:    asomers
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D56605

(cherry picked from commit 8fd4d1c0fff8441b42dbab767810db7aeaf796c3)
DeltaFile
+130-0tests/sys/fs/pjdfstest/ufs.sh
+96-0tests/sys/fs/pjdfstest/zfs.sh
+60-0tests/sys/fs/pjdfstest/tmpfs.sh
+12-0tests/sys/fs/pjdfstest/Makefile
+2-0etc/mtree/BSD.tests.dist
+1-0tests/sys/fs/Makefile
+301-06 files

FreeBSD/src 32ae329sys/netinet udp_usrreq.c

udp: Wrap a long line in udp_send()

No functional change intended.

MFC after:      1 week

(cherry picked from commit 3b69c7201fd06b368090f2ee3840d384a949cba8)
DeltaFile
+2-1sys/netinet/udp_usrreq.c
+2-11 files

FreeBSD/src 49b5356sys/compat/linux linux_futex.c

linux/futex: Don't load a timeout when try-locking a mutex

linux_sys_futex() does not copyin a timespec for the timeout if the
operation is LINUX_FUTEX_TRYLOCK_PI, presumably because it doesn't make
sense to specify a timeout for a try-lock operation.  However, this
means that we pass a userspace timespec pointer to
linux_umtx_abs_timeout_init().

Modify linux_futex_lock_pi() to not initialize the timeout if we're
try-locking.

Reviewed by:    kib, dchagin
Reported by:    Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li,
                and Ke Xu from Tsinghua University using GLM-5.2 from Z.ai
MFC after:      1 week
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D58061

(cherry picked from commit 407c7c339adb429efcb6658accd16399031c34ca)
DeltaFile
+8-5sys/compat/linux/linux_futex.c
+8-51 files

FreeBSD/src f815c54usr.bin/xinstall xinstall.c

install: Explicitly include sys/param.h for MAXPATHLEN

MFC after:      1 week
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit ca89b0fa1a93744a5bbf7a5c949826bbee4e2559)
DeltaFile
+1-0usr.bin/xinstall/xinstall.c
+1-01 files

FreeBSD/src 9af7633usr.sbin/makefs/zfs dsl.c

makefs/zfs: Explicitly include sys/param.h for nitems()

MFC after:      1 week
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit 88deb1cff92cb3620c248f32fa6e7bdbc5301213)
DeltaFile
+1-0usr.sbin/makefs/zfs/dsl.c
+1-01 files

FreeBSD/src d4b1fe7tests/sys/netinet ip6_v4mapped_test.c

netinet tests: Fix leaks in ip6_v4mapped_test

Reported by:    Coverity
MFC after:      1 week

(cherry picked from commit 6ad6929974e6394d57a40f7d43c899963c6ae5ec)
DeltaFile
+7-2tests/sys/netinet/ip6_v4mapped_test.c
+7-21 files

FreeBSD/src eba4bf3lib/librpcsec_gss svc_rpcsec_gss.c

librpcsec_gss: Fix an off-by-one in rpc_gss_get_principal_name()

Include an extra byte for the nul-terminator, otherwise we may end up
with an out-of-bounds write.

The corresponding bug in the kernel implementation was fixed by commit
e3081f7e3e2d ("kgssapi(4): Fix string overrun in Kerberos principal construction").

Reviewed by:    markj
MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D57738

(cherry picked from commit 635ad6f2ec97e9c6b1f15620cd5ee84eb632082f)
DeltaFile
+1-1lib/librpcsec_gss/svc_rpcsec_gss.c
+1-11 files

FreeBSD/src cdd4f32sys/net if_ovpn.c

if_ovpn: Fix a lock leak in an error path

Reviewed by:    kp
MFC after:      1 week
Fixes:          04a7134c1e92 ("if_ovpn: fix use-after-free of mbuf")
Differential Revision:  https://reviews.freebsd.org/D57696

(cherry picked from commit f7b71f832c990da0bf203095f02405df665529d0)
DeltaFile
+1-0sys/net/if_ovpn.c
+1-01 files

FreeBSD/src 60585eesys/kern uipc_socket.c

so_splice: Fix the KTLS check for the sink socket in so_splice()

Reviewed by:    gallatin
Reported by:    Claude Sonnet 4.6
Fixes:          1000cc4a0d39 ("so_splice: Disallow splicing with KTLS-enabled sockets")
MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D56385

(cherry picked from commit d88a159da42a75dbd46ea4f6f9c8059975dab5e8)
DeltaFile
+1-1sys/kern/uipc_socket.c
+1-11 files

FreeBSD/src 085667csys/vm vm_object.c

Reset kvo_laundry to prevent it being cumulative

`sysctl vm.objects`, used by `vmstat -o` was not resetting the
laundry counter to 0 inside the loop, causing it to show the sum of
the laundry count for all previous objects instead of only the laundry
count for the current object.

Fixes:  a86373bc93ee1c850943e8585d0d426479378145
Reviewed by:    markj
Sponsored by:   Klara, Inc.
Sponsored by:   Modirum MDPay
Differential Revision:  https://reviews.freebsd.org/D50907

(cherry picked from commit 32f9c9699a5a56ef8ef1da8e2974a8b34e2b84f5)
DeltaFile
+1-0sys/vm/vm_object.c
+1-01 files

FreeBSD/src 7cf84b5sys/cddl/dev/kinst/aarch64 kinst_isa.c

kinst/arm64: Fix return values from kinst_invop()

After commit 853cd8723494 it became invalid for kinst_invop() to return
0: dtrace_invop_start() would convert this to a sentinel value
indicating that it did not consume the breakpoint, and so we'd just
call kdb_trap() to handle it.

Change kinst_invop() to return NOP_INSTR after handling a matching
breakpoint.  NOP_INSTR is handled by advancing the ELR, so we have to
compensate by subtracting INSTR_SIZE before returning.

Reviewed by:    christos
MFC after:      1 week
Fixes:          853cd8723494 ("arm64: Clean up usage of the dtrace invop handler")
Differential Revision:  https://reviews.freebsd.org/D56987

(cherry picked from commit d6f0e671d0797b56011880f84d12ce5fb20bf099)
DeltaFile
+20-18sys/cddl/dev/kinst/aarch64/kinst_isa.c
+20-181 files

FreeBSD/src 1d5f108share/man/man3 Makefile

queue.3: Add MLINKs for *_EMPTY_ATOMIC

MFC after:      1 week
Fixes:          d2870b8666f2 ("queue: Add atomic variants for *_EMPTY")

(cherry picked from commit 1563da200d4d3d56799267f1bbc58933a6c21331)
DeltaFile
+4-0share/man/man3/Makefile
+4-01 files

FreeBSD/src a619438sys/dev/sound/pcm channel.c dsp.c

sound: track kqueue low watermark per-knote for mmaped channels

Use kn->kn_sdata to track the last bs->total value for each knote
attached to an mmaped channel. An event is delivered only when the total
byte counter has advanced by at least c->lw since the last delivery.
After delivery kn_sdata is updated to the current total.

Each knote tracks its own watermark independently, so multiple knotes
attached to the same mmaped channel all receive events correctly.

Non-mmap channels keep the existing level-triggered behavior via
chn_polltrigger().

MFC after:      1 week
Reviewed by:    christos
Differential Revision:  https://reviews.freebsd.org/D57833

(cherry picked from commit 24576c39789ca13846b9450155923ee0e377aeb4)
DeltaFile
+9-5sys/dev/sound/pcm/channel.c
+13-1sys/dev/sound/pcm/dsp.c
+1-1sys/dev/sound/pcm/channel.h
+23-73 files

FreeBSD/src 4b539c5sys/netinet/libalias alias_db.c

libalias: Serialize updates to the global instance list

libalias maintains a global list of all libalias handles.  The list was
updated without any locking, but nothing prevents updates from running
concurrently.

MFC after:      1 week

(cherry picked from commit 2ff705f32a2033201a8f83f1ade5ddbc0460387d)
DeltaFile
+17-0sys/netinet/libalias/alias_db.c
+17-01 files

FreeBSD/src f49ca17lib/libc/iconv iconv.3

iconv.3: Fix formatting of the error section

MFC after:      1 week

(cherry picked from commit c491c2db2f37399eba7a356c4bfa298d64012101)
DeltaFile
+1-0lib/libc/iconv/iconv.3
+1-01 files

FreeBSD/src 4542cc1sys/conf kern.mk

kernel: Enable -fstack-protector-strong by default

This extends stack canary use to all functions which define arrays on
the stack, not just those which operate on byte buffers.  This option
would have made it harder to exploit SA-26:18.setcred and
SA-26:08.rpcsec_gss.

The change bloats the amd64 kernel text by about 350KB and increases the
number of covered functions from ~1500 to ~9000 (within the kernel
itself, i.e., not counting kernel modules).

Reviewed by:    olce, olivier, emaste
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D56870

(cherry picked from commit 8deebce931fa9b469cf28a082038a64caf972602)
DeltaFile
+1-1sys/conf/kern.mk
+1-11 files

FreeBSD/src 38cbd25sys/x86/x86 ucode.c

ucode: Fix validation on Intel platforms

The check for the extended signature table was backwards, so we always
ignored it.

We should verify that the extended signature table fits within the total
image size.

Reviewed by:    jrm, kib
MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D57209

(cherry picked from commit 0beb172898499fff51eed4df3d9284cd1094afbb)
DeltaFile
+24-8sys/x86/x86/ucode.c
+24-81 files

FreeBSD/src 1e857a9sys/x86/include ucode.h, sys/x86/x86 ucode.c

x86/ucode: add const where appropriate

Sponsored by:   Netflix
Reviewed by:    markj
Differential Revision:  https://reviews.freebsd.org/D43865

(cherry picked from commit fd24a63a38d0d4cb4f5041ef232036abe09d9d4f)
DeltaFile
+21-19sys/x86/x86/ucode.c
+1-1sys/x86/include/ucode.h
+22-202 files