FreeBSD/src 4fd518fbin/kenv kenv.1, lib/libsys kenv.2

kern: add a security knob to disable unprivileged access to kenv

We sometimes store sensitive things in the kenv that get zapped, but we
really shouldn't rely on that zapping to actually happen.  Most
unprivileged processes don't really need to read from the kernel
environment in the first place, so add a knob that allows it to be
disabled.

Note that we consider jailed root to be unprivileged from this
perspective; they have their own meta/env concepts and we should
encourage users to take advantage of those for passing information to
jails.

"Hey we should do something about that":        dch
Reviewed by:    imp, ziaee, zlei (all slightly previous version)
Differential Revision:  https://reviews.freebsd.org/D57697
DeltaFile
+40-6sys/kern/kern_environment.c
+9-1bin/kenv/kenv.1
+6-1lib/libsys/kenv.2
+3-1share/man/man7/security.7
+1-0sys/sys/priv.h
+59-95 files

FreeBSD/src 88deb1cusr.sbin/makefs/zfs dsl.c

makefs/zfs: Explicitly include sys/param.h for nitems()

MFC after:      1 week
Sponsored by:   The FreeBSD Foundation
DeltaFile
+1-0usr.sbin/makefs/zfs/dsl.c
+1-01 files

FreeBSD/src ca89b0fusr.bin/xinstall xinstall.c

install: Explicitly include sys/param.h for MAXPATHLEN

MFC after:      1 week
Sponsored by:   The FreeBSD Foundation
DeltaFile
+1-0usr.bin/xinstall/xinstall.c
+1-01 files

FreeBSD/src 5bec087sys/dev/acpica acpi_spmc.c, sys/dev/amdsmu amdsmu.c

amdsmu(4), acpi_spmc(4): Fix ordering of calls

The AMD SMU is supposed to be notified of suspension the SPMC has been,
and conversely on resume, as expressed in comments.

Fix the EVENTHANDLER(9) priorities used so that they match the
comments. Lower values indeed indicate higher priority in this
subsystem.

Reviewed by:    obiwac
Fixes:          2c60fce365f4 ("amdsmu: Sleep entry/exit hints for PMFW")
Event:          Halifax Hackathon 202606
Sponsored by:   The FreeBSD Foundation
DeltaFile
+2-2sys/dev/amdsmu/amdsmu.c
+2-2sys/dev/acpica/acpi_spmc.c
+4-42 files

FreeBSD/src df8ca3flib/libsys kqueue.2

kqueue.2: knote is activated as the first action of tdsendsignal()

Sponsored by:   The FreeBSD Foundation
MFC after:      3 days
DeltaFile
+1-1lib/libsys/kqueue.2
+1-11 files

FreeBSD/src 1ca439ausr.sbin/etcupdate etcupdate.8

etcupdate: Recommend building when bootstrapping

Since building is no longer the default, add -b to the bootstrapping
examples as they are likely to be run with a tree that hasn't been
built.

MFC after:      1 week
Fixes:          ddf6fad0295a ("etcupdate: Make nobuild the default")
Reviewed by:    jhb
Differential Revision:  https://reviews.freebsd.org/D57643
DeltaFile
+3-3usr.sbin/etcupdate/etcupdate.8
+3-31 files

FreeBSD/src 53a3d47usr.sbin/etcupdate etcupdate.sh

etcupdate: Warn if the tree hasn't been built

Warn the user before trying `make installetc` if etcupdate was invoked
without -b (or with -B) and it appears that `make buildetc` hasn't
already been run (which usually happens as part of `make buildworld`).

MFC after:      1 week
Reviewed by:    jhb
Differential Revision:  https://reviews.freebsd.org/D57504
DeltaFile
+14-1usr.sbin/etcupdate/etcupdate.sh
+14-11 files

FreeBSD/src e4c4c6esys/ofed/drivers/infiniband/core ib_umem.c, sys/ofed/include/rdma ib_verbs.h

RDMA: dma-mapping: use unsigned long for dma_attrs

Tested by:      Wafa Hamzah <wafah at nvidia.com> (mlx5_ib)
Tested by:      John Baldwin <jhb at FreeBSD.org> (iw_cxgbe)
Obtained from:  Linux commit 00085f1efa387a8ce100e3734920f7639c80caa3
Sponsored by:   Chelsio Communications
DeltaFile
+10-10sys/ofed/include/rdma/ib_verbs.h
+3-3sys/ofed/drivers/infiniband/core/ib_umem.c
+13-132 files

FreeBSD/src 49ee94bsys/ofed/drivers/infiniband/ulp/ipoib ipoib_ib.c ipoib_multicast.c

IB/ipoib: Prevent hung task or softlockup processing multicast response

Tested by:      Wafa Hamzah <wafah at nvidia.com> (mlx5_ib)
Tested by:      John Baldwin <jhb at FreeBSD.org> (iw_cxgbe)
Obtained from:  Linux commit 3874397c0bdec3c21ce071711cd105165179b8eb
Sponsored by:   Chelsio Communications
DeltaFile
+8-5sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_ib.c
+5-2sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_multicast.c
+1-1sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_main.c
+14-83 files

FreeBSD/src 259a763sys/ofed/drivers/infiniband/core ib_cq.c, sys/ofed/include/rdma ib_verbs.h

OFED: Implement ib_process_cq_direct

This is largely pulled from the original Linux commit to add cq.c.
Note that irq_poll is still not supported, but polling should now be
possible whereas it wasn't really before.

Tested by:      Wafa Hamzah <wafah at nvidia.com> (mlx5_ib)
Tested by:      John Baldwin <jhb at FreeBSD.org> (iw_cxgbe)
Obtained from:  Linux commit 14d3a3b2498edadec344cb11e60e66091f5daf63
Sponsored by:   Chelsio Communications
DeltaFile
+68-30sys/ofed/drivers/infiniband/core/ib_cq.c
+3-0sys/ofed/include/rdma/ib_verbs.h
+71-302 files

FreeBSD/src fbe76easys/ofed/drivers/infiniband/ulp/ipoib ipoib_cm.c ipoib_main.c

OFED: Use vmalloc() and vzalloc() in various places

This contains changes from the following Linux commits:

10313cbb9220 IPoIB: Allocate priv->tx_ring with vmalloc()
b1404069f644 IPoIB/cm: Use vmalloc() to allocate rx_rings
948579cd8c6e RDMA: Use vzalloc() to replace vmalloc()+memset(0)

Tested by:      Wafa Hamzah <wafah at nvidia.com> (mlx5_ib)
Tested by:      John Baldwin <jhb at FreeBSD.org> (iw_cxgbe)
Sponsored by:   Chelsio Communications
DeltaFile
+7-10sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_cm.c
+3-4sys/ofed/drivers/infiniband/ulp/ipoib/ipoib_main.c
+10-142 files

FreeBSD/src 1a9ef1asys/ofed/drivers/infiniband/core ib_cma.c

OFED: Use prandom_u32() to reduce diff with upstream

Tested by:      Wafa Hamzah <wafah at nvidia.com> (mlx5_ib)
Tested by:      John Baldwin <jhb at FreeBSD.org> (iw_cxgbe)
Sponsored by:   Chelsio Communications
DeltaFile
+1-3sys/ofed/drivers/infiniband/core/ib_cma.c
+1-31 files

FreeBSD/src 45a0cb5libexec/rtld-elf rtld.c

rtld: Check for -1 as an-end-of-section marker

rtld calls functions in the .init_array section one at a time, until
it finds a distinguished sentinel value. The C runtime does the same
thing (in crtend.c). However, that checks for the sentinel -1 and not
1. If one is using a linker that unifies .ctors and .init_array, then
rtld will miss the sentinel value. I believe the author of this code
intended to write -1 instead of 1. Indeed, changing the code to also
check for -1 prevents rtld from attempting to call a non-existent
function. The same is true of .dtors and .fini_array.

Signed-off-by:  Daniel Levin <daniellevin2607 at gmail.com>
Reviewed by:    kib
MFC after:      3 days
Pull Request:   https://github.com/freebsd/freebsd-src/pull/2270
DeltaFile
+4-2libexec/rtld-elf/rtld.c
+4-21 files

FreeBSD/src 9cd0d62sys/fs/cd9660 cd9660_rrip.c iso_rrip.h

cd9660: Add various length checks when parsing RRIP extensions

Pass the length of a RockRidge attribute to the handler functions and
validate that length in each handler.  If a parsing error is detected,
abort the entire parsing pass.

Reviewed by:    des
Differential Revision:  https://reviews.freebsd.org/D57136
DeltaFile
+135-51sys/fs/cd9660/cd9660_rrip.c
+1-0sys/fs/cd9660/iso_rrip.h
+136-512 files

FreeBSD/src 17c391csys/conf kern.post.mk, sys/i386/i386 genassym.c

i386: Fix build (of 'genassym.o')

(cherry picked from commit ce243df20aa8ba94918cafdca2537c8cd18887c8)
DeltaFile
+4-1sys/conf/kern.post.mk
+1-0sys/i386/i386/genassym.c
+5-12 files

FreeBSD/src 8de9299share/man/man4 acpi_ibm.4

acpi_ibm.4: Remove extraneous .Tn

As flagged by mandoc linter.

Event:          Halifax Hackathon 202606
Sponsored by:   The FreeBSD Foundation
DeltaFile
+1-3share/man/man4/acpi_ibm.4
+1-31 files

FreeBSD/src 40ab0a0share/man/man4 acpi_ibm.4, sys/dev/acpi_support acpi_ibm.c

acpi_ibm(4): Refer to "mic *mute* led" instead of "mic led"

Event:          Halifax Hackathon 202606
Sponsored by:   The FreeBSD Foundation
DeltaFile
+1-1share/man/man4/acpi_ibm.4
+1-1sys/dev/acpi_support/acpi_ibm.c
+2-22 files

FreeBSD/src b9d6497share/man/man4 acpi_ibm.4

acpi_ibm.4: Fix mic_led sysctl name

Fixes:  707347f88649 ("Add missing documentation for dev.acpi_ibm.0.mic_led added in r335304")
Event:          Halifax Hackathon 202606
Sponsored by:   The FreeBSD Foundation
DeltaFile
+1-1share/man/man4/acpi_ibm.4
+1-11 files

FreeBSD/src 1a8701elib/libusb libusb20.3 libusb20.c

libusb: Implement libusb20_tr_get_flags

Reviewed by:    adrian, bapt
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57543
DeltaFile
+11-0lib/libusb/libusb20.3
+6-0lib/libusb/libusb20.c
+1-0lib/libusb/Makefile
+1-0lib/libusb/libusb20.h
+19-04 files

FreeBSD/src fc6d7a7sys/amd64/acpica acpi_wakeup.c, sys/dev/acpica acpi.c acpivar.h

acpi: Forbid requesting S4 when S4BIOS is not supported

Pending the OS-supported hibernate functionality, prevent requesting S4
when S4BIOS is not supported.

To this end, make sure that acpi_supported_stypes[] indicates that
POWER_STYPE_FW_HIBERNATE is not supported if 'acpi_s4bios_supported' is
false, even if S4 is supported by the platform (which is only
a power-down-like state, without any support to save the system image by
itself).  This will cause requests to enter S4, which are translated to
POWER_STYPE_FW_HIBERNATE before reaching
acpi_ReqSleepState()/acpi_EnterSleepState(), to fail in this case.

Retire the 'hw.acpi.s4bios' sysctl knob, as having it to 0 by default
(S4BIOS not supported) or setting it to 0 (default is 1 when S4BIOS is
supported) could only lead, on a S4 request, to a power down without any
possibility to restore the system (and, since a recent commit, it has
not been possible anymore to force it to 1 when S4BIOS is not announced
supported in the FACS table, which would cause a failure or a crash).

    [14 lines not shown]
DeltaFile
+8-26sys/dev/acpica/acpi.c
+0-8sys/dev/acpica/acpivar.h
+6-2sys/amd64/acpica/acpi_wakeup.c
+6-2sys/i386/acpica/acpi_wakeup.c
+20-384 files

FreeBSD/src d928113lib/libusb libusb.3

libusb: Bump manual date for multiple changes

Sponsored by:   The FreeBSD Foundation
DeltaFile
+1-1lib/libusb/libusb.3
+1-11 files

FreeBSD/src d84b639lib/libusb libusb10.c libusb.h

libusb: implement zlp flag in libusb transfer

The USB protocol defines a Zero-Length Packet (ZLP) to signal the end of
a transfer when the data size is an exact multiple of the Maximum Packet
Size (MPS). Without a ZLP in such cases, the device may not be able to
determine that the transfer has completed.

This flag is added to libusb to allow the user send a ZLP in the end
of libusb_xfer.

Reviewed by:    adrian
Sponsored by:   The FreeBSD Foundataion
Differential Revision: https://reviews.freebsd.org/D51759
DeltaFile
+28-1lib/libusb/libusb10.c
+1-0lib/libusb/libusb.h
+29-12 files

FreeBSD/src ae48999lib/libusb libusb10_desc.c libusb20_desc.c

libusb: implement IAD parser

libusb provide functions to parse interface association descriptor. This
descriptor indicates that a function is composed by multiple interface
and which interfaces is associate to the target function. This
descriptor is not a separate USB require, instead, it comes with the
config descriptor.

Reviewed by:    adrian
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D50958
DeltaFile
+89-0lib/libusb/libusb10_desc.c
+25-5lib/libusb/libusb20_desc.c
+27-0lib/libusb/libusb.3
+23-0lib/libusb/libusb20_desc.h
+21-0lib/libusb/libusb.h
+185-55 files

FreeBSD/src 964823alib/libusb libusb10.c libusb.3

libusb: implement libusb_get_max_alt_packet_size

The libusb has a function to calculate the size from given interface,
alt_setting, endpoint. Implementing it by refactoring the calculating
function for libusb_get_max_iso_packet_size.

Reviewed by:    adrian
Sponsored By:   FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D51225
DeltaFile
+133-30lib/libusb/libusb10.c
+6-0lib/libusb/libusb.3
+3-1lib/libusb/libusb.h
+142-313 files

FreeBSD/src 2879c81lib/libusb libusb10.c libusb.3

libusb: implement libusb_set_option

Implement libusb_set_option for API compatibility of libusb upstream
The implementation status of each option is as following:

LIBUSB_OPTION_LOG_LEVEL: just like libusb_set_debug
LIBUSB_OPTION_LOG_CB: add callback support for DPRINTF
LIBUSB_OPTION_NO_DEVICE_DISCOVERY: disable initialization of devd and
netlink when register. Also, create no thread when registration of
callback happens.
LIBUSB_OPTION_USE_USBDK: no needed as USBDK is for Windows

Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D50818
DeltaFile
+77-1lib/libusb/libusb10.c
+24-0lib/libusb/libusb.3
+8-1lib/libusb/libusb.h
+3-0lib/libusb/libusb10_hotplug.c
+2-0lib/libusb/libusb10.h
+114-25 files

FreeBSD/src be95871lib/libusb libusb10.c libusb.h

libusb: refactor the process of setting option when init the context.

From
https://github.com/libusb/libusb/commit/6622f386f52807dac76c8a260c98aa02c311bc93#diff-c1f9bc250077d41456a3e580fca0ddf5d8c25b741bff6d9b9505990a8b70b254R2358.
We are able to set all of the option from the init_context. To address
this, we modify the process of setting option in init_context to make it be more clear and then
adapat libusb_set_option inside to all other option.

Reviewed by:    adrian
Sponsored By:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D51224
DeltaFile
+25-18lib/libusb/libusb10.c
+2-5lib/libusb/libusb.h
+1-1lib/libusb/libusb.3
+28-243 files

FreeBSD/src 7c7725dtests/sys/kern jaildesc.c

tests/jaildesc: Use a more efficient mechanism to block

MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D57148

(cherry picked from commit 75b23c102e8d797654025affdfada0b6771a95ba)
DeltaFile
+3-6tests/sys/kern/jaildesc.c
+3-61 files

FreeBSD/src 94a47b3tests/sys/kern jaildesc.c Makefile

tests/jaildesc: Add some more test scenarios

MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D57147

(cherry picked from commit fe03a78c5d5966992c8df482d984bae83dc92b45)
DeltaFile
+204-0tests/sys/kern/jaildesc.c
+1-1tests/sys/kern/Makefile
+205-12 files

FreeBSD/src 0392077share/man/man7 tests.7

tests.7: Remove an unused configuration variable

No existing tests require it, and I cannot understand what kinds of test
scenarios are supposed to require it.  Just remove it.

While here, improve the documentation of test variables a bit.

Reviewed by:    ngie
MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D56604

(cherry picked from commit 6bd97b5f3778aa36bcf89ff870bb1483b301a9be)
DeltaFile
+5-12share/man/man7/tests.7
+5-121 files

FreeBSD/src 349ba81tests/sys/kern ptrace_test.c

tests/ptrace: Validate PT_SC_REMOTE with some tricky syscalls

Reviewed by:    kib
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D57485

(cherry picked from commit 6cd8a1bf4f15ff8a9b646dc94ac90b3fe0926650)
DeltaFile
+215-0tests/sys/kern/ptrace_test.c
+215-01 files