GhostBSD/ghostbsd b197cf9contrib/libpcap configure, contrib/tcpdump configure

Merge remote-tracking branch 'freebsd/stable/14' into 24.10.1
DeltaFile
+0-26,616contrib/unbound/configure~
+4,828-4,793contrib/libpcap/configure
+4,673-3,361contrib/tcpdump/configure
+6,161-156contrib/wpa/src/common/qca-vendor.h
+2,986-2,957contrib/unbound/util/configlexer.c
+2,404-2,333contrib/unbound/util/configparser.c
+21,052-40,2161,913 files not shown
+119,379-71,7681,919 files

GhostBSD/ghostbsd 0d4081esys/amd64/conf NOTES, sys/conf std.debug

sys: add conf/std.debug, generic debugging options

The new sys/conf/std.debug contains the list of debugging options
enabled by default in -CURRENT, so they don't need to be listed
individually in every kernel config.

Introduce *-DEBUG variants of the major kernel configs.

(cherry picked and modified from commit 4f8f9d708e6a4143f3b178bfab10d0a9b75ba2fe)

Reviewed by:    markj, imp, olce (previous version)
Sponsored by:   Rubicon Communications, LLC ("Netgate")
Differential Revision:  https://reviews.freebsd.org/D46871
DeltaFile
+29-0sys/conf/std.debug
+11-0sys/amd64/conf/NOTES
+9-0sys/i386/conf/GENERIC-DEBUG
+9-0sys/powerpc/conf/GENERIC64LE-DEBUG
+9-0sys/riscv/conf/GENERIC-DEBUG
+9-0sys/powerpc/conf/GENERIC-DEBUG
+76-05 files not shown
+121-011 files

GhostBSD/ghostbsd 789f0f3contrib/llvm-project/lld/ELF Relocations.cpp, contrib/llvm-project/llvm/include/llvm/Support Parallel.h

Merge commit b84d773fd004 from llvm git (by Fangrui Song):

  [Parallel] Revert sequential task changes

  https://reviews.llvm.org/D148728 introduced `bool Sequential` to unify
  `execute` and the old `spawn` without argument. However, sequential
  tasks might be executed by any worker thread (non-deterministic),
  leading to non-determinism output for ld.lld -z nocombreloc (see
  https://reviews.llvm.org/D133003).

  In addition, the extra member variables have overhead.
  This sequential task has only been used for lld parallel relocation
  scanning.

  This patch restores the behavior before https://reviews.llvm.org/D148728 .

  Fix #105958

  Pull Request: https://github.com/llvm/llvm-project/pull/109084

    [7 lines not shown]
DeltaFile
+35-21contrib/llvm-project/lld/ELF/Relocations.cpp
+12-37contrib/llvm-project/llvm/lib/Support/Parallel.cpp
+1-3contrib/llvm-project/llvm/include/llvm/Support/Parallel.h
+48-613 files

GhostBSD/ghostbsd 342240clib/clang/include/lld/Common Version.inc, stand/efi/loader Makefile

Bump lld LINKER_FREEBSD_VERSION for reproducibility fix

The upstream fix to make lld output for our EFI loaders reproducible
again was committed in 54521a2ff93a. Bump lld's LINKER_FREEBSD_VERSION
to be able to check this in the EFI loader Makefile.

MFC after:      3 days

(cherry picked from commit f97c7fdc59d252cc8611968ffac541d4b8342b8b)
DeltaFile
+8-1stand/efi/loader/Makefile
+1-1lib/clang/include/lld/Common/Version.inc
+9-22 files

GhostBSD/ghostbsd 62cd7d5release/tools basic-cloudinit.conf

release: basic-cloudinit improve default image

- Add the firstboot-freebsd-update package, as long as we do not have
  pkgbase, this is needed
- Support SLAAC by default to complement DHCPv4 (use SYNCDHP instead)

Signed-off-by: Jose Luis Duran <jlduran at gmail.com>
(cherry picked from commit 120740221fd4a4577e63e6c279f9873cabe449d0)
DeltaFile
+8-5release/tools/basic-cloudinit.conf
+8-51 files

GhostBSD/ghostbsd e573007libexec/nuageinit/tests nuageinit.sh nuage.sh

nuageinit: tests: Cleanup

- Export NUAGE_FAKE_ROOTDIR only once
- Use the header section of the test to require the root user
- Use the PWD environment variable
- Set the root/sys shell as /bin/sh
- Use RFC 5737 reserved IP addresses

Signed-off-by: Jose Luis Duran <jlduran at gmail.com>
(cherry picked from commit e72457c4f5166eef2a27249e02f3c1e9a1cf852d)
DeltaFile
+76-89libexec/nuageinit/tests/nuageinit.sh
+7-7libexec/nuageinit/tests/nuage.sh
+83-962 files

GhostBSD/ghostbsd 9881d68libexec/nuageinit nuage.lua, libexec/nuageinit/tests nuageinit.sh

nuageinit: Fix passwords

The hashed password usually contains a "$" sign, which, when used on a
shell, must be escaped.  Also, the plain text password may contain
special characters that require escaping.

Add a quick fix by enclosing it in single quotes.  Note that if the
plain text password contains a "'", it will still fail.  This will be
properly fixed in later commits.

Some here documents require the document to be a string literal,
especially when passing invalid characters.  Enclose it in single
quotes.

Signed-off-by: Jose Luis Duran <jlduran at gmail.com>
(cherry picked from commit b9ce743c5447e90c2c97f4d49e048c301f708527)
DeltaFile
+4-4libexec/nuageinit/nuage.lua
+3-3libexec/nuageinit/tests/nuageinit.sh
+7-72 files

GhostBSD/ghostbsd 1eaf333libexec/nuageinit nuage.lua

nuageinit: Replace os.execute with Lua libraries

Prefer posix.sys.stat's chmod() to os.execute().  While here, change the
name of the locals to be more descriptive.

Signed-off-by: Jose Luis Duran <jlduran at gmail.com>
(cherry picked from commit 9b2d92addc31ba6f5696c85d184a45d43e9073dc)
DeltaFile
+6-5libexec/nuageinit/nuage.lua
+6-51 files

GhostBSD/ghostbsd c96dbfblibexec/rc/rc.d nuageinit

nuageinit: Silence an fstyp(8) warning

Silence a warning emitted by fread(3) in fstyp(8)'s read_buf(), when
detecting the file system type of the cloud-init device:

    % fstyp /dev/iso9660/cidata
    fstyp: fread: Invalid argument
    cd9660

Also rephrase slightly a comment while here.

Signed-off-by: Jose Luis Duran <jlduran at gmail.com>
(cherry picked from commit d71e2c037c942dbe2a9fd2630d5cf155dd1bf7db)
DeltaFile
+3-3libexec/rc/rc.d/nuageinit
+3-31 files

GhostBSD/ghostbsd 03abe3alibexec/nuageinit nuageinit, libexec/nuageinit/tests nuageinit.sh

nuageinit: Standardize user-facing error messages

Signed-off-by: Jose Luis Duran <jlduran at gmail.com>
(cherry picked from commit 38bb6f79e39a14ea99f559f59129a4cadf92b569)
DeltaFile
+3-3libexec/nuageinit/tests/nuageinit.sh
+1-1libexec/nuageinit/nuageinit
+4-42 files

GhostBSD/ghostbsd 68c7c28libexec/nuageinit nuageinit nuage.lua, libexec/nuageinit/tests nuageinit.sh nuage.sh

nuageinit: Lua check and lint files

Mostly white space, style, and luacheck compliance.

Signed-off-by: Jose Luis Duran <jlduran at gmail.com>
(cherry picked from commit 504981357aa36365784458cfe8d9e23097bfac7b)
DeltaFile
+95-92libexec/nuageinit/tests/nuageinit.sh
+85-75libexec/nuageinit/nuageinit
+30-26libexec/nuageinit/nuage.lua
+16-5libexec/nuageinit/tests/nuage.sh
+14-4libexec/nuageinit/tests/utils.sh
+5-5libexec/nuageinit/tests/Makefile
+245-2078 files not shown
+259-20914 files

GhostBSD/ghostbsd 182ff41libexec/nuageinit nuageinit nuage.lua, libexec/nuageinit/tests nuage.sh nuageinit.sh

nuageinit: Standardize warning/error messages

Standardize the utilities from nuage.lua, to return nil on failure, plus
an error message as a second result, and some value different from nil
on success.

Make warnmsg() and errmsg() append "nuageinit: " by default.  Pass an
optional second parameter as false to avoid printing this tag.

Signed-off-by: Jose Luis Duran <jlduran at gmail.com>
(cherry picked from commit 945632ca76117029e7bd1f46d17ccb378973daf7)
DeltaFile
+13-13libexec/nuageinit/nuageinit
+14-7libexec/nuageinit/nuage.lua
+2-2libexec/nuageinit/tests/nuage.sh
+2-2libexec/nuageinit/tests/nuageinit.sh
+2-2libexec/nuageinit/tests/utils.sh
+33-265 files

GhostBSD/ghostbsd d6374eesys/net if_enc.c

if_enc(4): Make enc_add_hhooks() void

As for the consumer `enc_add_hhooks()`, `hhook_add_hook()` will never
fail for the given parameters. Meanwhile, to build the module if_enc(4),
at least option INET or INET6 is required, so no need for the error
EPFNOSUPPORT.

No functional change intended.

Reviewed by:    ae
MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D46770

(cherry picked from commit 7643141e9314f1eac0d9ac08457410509e6829ad)
DeltaFile
+8-15sys/net/if_enc.c
+8-151 files

GhostBSD/ghostbsd 54c79d3share/man/man9 khelp.9, sys/kern kern_khelp.c

khelp: Sprinkle const qualifiers where appropriate

No functional change intended.

MFC after:      1 week

(cherry picked from commit 89937323bddd41fd8b92430c3ece48d3e32c2c23)
DeltaFile
+3-3share/man/man9/khelp.9
+2-2sys/sys/khelp.h
+2-2sys/kern/kern_khelp.c
+7-73 files

GhostBSD/ghostbsd 18aa2a8sys/kern kern_hhook.c, sys/sys hhook.h

hhook: Sprinkle const qualifiers where appropriate

No functional change intended.

MFC after:      1 week

(cherry picked from commit 941f8aceac1b6c16ca4d96b52e60ab437c4f9207)
DeltaFile
+4-4sys/sys/hhook.h
+4-4sys/kern/kern_hhook.c
+8-82 files

GhostBSD/ghostbsd 6b86b8fusr.bin/netstat nhops.c route.c

netstat: increase width of Netif column

The previous width of Netif (10 or 8) was too short for modern interface
names; make it 12, which is long enough to display "epair0a.1000".

This came up in practice with genet(4) interfaces, since the base
interface name is long enough that with the previous limit, VLAN
identifiers would be truncated at 1 character in the IPv6 output:
"genet0.100" becomes "genet0.1".

The width is now fixed, and doesn't depend on the address family,
because there's no reason that length of the interface name would vary
based on the AF.

Reviewed by: imp,zlei,Mina Galić
Pull Request: https://github.com/freebsd/freebsd-src/pull/1223

(cherry picked from commit d33b87e8cf91a6bcb5eac0ecc0371c1041c61050)


    [6 lines not shown]
DeltaFile
+2-3usr.bin/netstat/nhops.c
+2-3usr.bin/netstat/route.c
+4-62 files

GhostBSD/ghostbsd 80b19c3. ObsoleteFiles.inc

ObsoleteFiles.inc: Update after libpcap upgrade from 1.10.4 to 1.10.5

Sponsored by:   The FreeBSD Foundation

(cherry picked from commit 407a9cced68440ce86f1c5d86c57e6b4ec3e4618)
DeltaFile
+5-0ObsoleteFiles.inc
+5-01 files

GhostBSD/ghostbsd ec3da16contrib/tcpdump configure install-sh

tcpdump: Update to 4.99.5

Changes:        https://git.tcpdump.org/tcpdump/blob/4a789712f187e3ac7b2c0044c3a3f8c71b83646e:/CHANGES
Obtained from:  https://www.tcpdump.org/release/tcpdump-4.99.5.tar.xz
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit 0a7e5f1f02aad2ff5fff1c60f44c6975fd07e1d9)
DeltaFile
+4,673-3,361contrib/tcpdump/configure
+502-211contrib/tcpdump/install-sh
+372-112contrib/tcpdump/configure.ac
+248-53contrib/tcpdump/CMakeLists.txt
+236-33contrib/tcpdump/CONTRIBUTING.md
+250-0contrib/tcpdump/instrument-functions.c
+6,281-3,770221 files not shown
+8,134-5,536227 files

GhostBSD/ghostbsd 26f21a6contrib/libpcap configure CMakeLists.txt

libpcap: Update to 1.10.5

Changes:        https://git.tcpdump.org/libpcap/blob/bbcbc9174df3298a854daee2b3e666a4b6e5383a:/CHANGES
Reviewed by:    emaste
Obtained from:  https://www.tcpdump.org/release/libpcap-1.10.5.tar.gz
Sponsored by:   The FreeBSD Foundation

(cherry picked from commit afdbf109c6a661a729938f68211054a0a50d38ac)
(cherry picked from commit ecb75be376a3e18d3e4836b6ee07015264784694)
(cherry picked from commit f0bcebe67ef6cf9f104535d6cd9f151c1b61dd6a)
(cherry picked from commit 34aa6f2c2db5cc9655f201a1ef01adbb9fb484d5)
DeltaFile
+4,828-4,793contrib/libpcap/configure
+621-398contrib/libpcap/CMakeLists.txt
+502-211contrib/libpcap/install-sh
+402-254contrib/libpcap/pcap-linux.c
+426-158contrib/libpcap/gencode.c
+504-0contrib/libpcap/pcap-haiku.c
+7,283-5,814152 files not shown
+12,016-9,205158 files

GhostBSD/ghostbsd 757bbf4usr.sbin/bhyve hda_codec.c

bhyve: improve bounds checks in hda_codec

The function hda_codec_command is vulnerable to buffer over-read, the
payload value is extracted from the command and used as an array index
without any validation.
Fortunately, the payload value is capped at 255, so the information
disclosure is limited and only a small part of .rodata of bhyve binary
can be disclosed.

The risk is low because the leaked information is not sensitive. An
attacker may be able to validate the version of the bhyve binary using
this information disclosure (layout of .rodata information, ex:
jmp_tables) before executing an exploit.

Reported by:    Synacktiv
Reviewed by:    christos, emaste
Security:       HYP-13
Sponsored by:   The Alpha-Omega Project
Sponsored by:   The FreeBSD Foundation

    [3 lines not shown]
DeltaFile
+6-3usr.sbin/bhyve/hda_codec.c
+6-31 files

GhostBSD/ghostbsd 2dea4desys/amd64/vmm vmm.c

vmm: Properly handle writes spanning across two pages in vm_handle_db

The vm_handle_db function is responsible for writing correct status
register values into memory when a guest VM is being single-stepped
using the RFLAGS.TF mechanism. However, it currently does not properly
handle an edge case where the resulting write spans across two pages.
This commit fixes this by making vm_handle_db use two vm_copy_info
structs.

Security:       HYP-09
Reviewed by:    markj

(cherry picked from commit 51fda658baa3f80c9778f3a9873fbf67df87119b)
DeltaFile
+5-5sys/amd64/vmm/vmm.c
+5-51 files

GhostBSD/ghostbsd f8db6fbsys/amd64/vmm vmm.c

vmm: avoid potential KASSERT kernel panic in vm_handle_db

If the guest VM emits the exit code VM_EXITCODE_DB the kernel will
execute the function named vm_handle_db.

If the value of rsp is not page aligned and if rsp+sizeof(uint64_t)
spans across two pages, the function vm_copy_setup will need two structs
vm_copyinfo to prepare the copy operation.

For instance is rsp value is 0xFFC, two vm_copyinfo objects are needed:

* address=0xFFC, len=4
* address=0x1000, len=4

The vulnerability was addressed by commit 51fda658baa ("vmm: Properly
handle writes spanning across two pages in vm_handle_db").  Still,
replace the KASSERT with an error return as a more defensive approach.

Reported by:    Synacktiv

    [7 lines not shown]
DeltaFile
+2-1sys/amd64/vmm/vmm.c
+2-11 files

GhostBSD/ghostbsd 113e746contrib/tzcode Makefile theory.html

Update tzcode to 2024b.

MFC after:      3 weeks
Sponsored by:   Klara, Inc.
Reviewed by:    philip
Differential Revision:  https://reviews.freebsd.org/D46565

(cherry picked from commit a979394afeb5c20fc58c5f5b005d51eb8f92f666)
DeltaFile
+216-196contrib/tzcode/Makefile
+143-71contrib/tzcode/theory.html
+55-70contrib/tzcode/tzselect.ksh
+122-2contrib/tzcode/NEWS
+69-45contrib/tzcode/private.h
+68-45contrib/tzcode/tz-link.html
+673-42914 files not shown
+926-64720 files

GhostBSD/ghostbsd 2403e6dlib/libc/stdio vfprintf.c snprintf.c

printf(): Save errno earlier.

The manual page says %m is replaced with “the string representation of
the error code stored in the errno variable at the beginning of the
call”.  However, we don't actually save `errno` until fairly late in
`__vfprintf()`.  Make sure it is saved before we do anything that
might perturb `errno`.

MFC after:      1 week
Reviewed by:    kevans
Differential Revision:  https://reviews.freebsd.org/D46718

(cherry picked from commit 74f1007fcc838501c74a633792c3f01833bf65e1)
DeltaFile
+10-10lib/libc/stdio/vfprintf.c
+10-8lib/libc/stdio/snprintf.c
+6-4lib/libc/stdio/vsprintf.c
+4-3lib/libc/stdio/vsnprintf.c
+3-2lib/libc/stdio/vasprintf.c
+2-1lib/libc/stdio/vdprintf.c
+35-281 files not shown
+36-297 files

GhostBSD/ghostbsd d2c02cfbin/date date.1 date.c

date: Fix a few nits.

* Don't use `asprintf()` when `strdup()` can do the job just as well.
* Fix a couple of typos in a comment.

Fixes:          eeb04a736cb9
MFC after:      3 days
Sponsored by:   Klara, Inc.
Reviewed by:    markj
Differential Revision:  https://reviews.freebsd.org/D46533

(cherry picked from commit a8ddd1926a34fc20970d9ceaad71b31fc414b1c5)

date: Documentation nits.

* Fix spurious capitalization.
* Fix inconsistent quoting.
* Use `Dq` rather than ASCII double quotes.


    [6 lines not shown]
DeltaFile
+6-3bin/date/date.1
+4-4bin/date/date.c
+10-72 files

GhostBSD/ghostbsd 8d65747usr.bin/locate/locate updatedb.sh

locate.updatedb: Explicitly exit from trap code.

When a signal is trapped, the script continues after the trap code has
run, unless the trap code explicitly exits.  In the particular case of
locate.updatedb, this is mostly harmless, except that the trap code is
executed twice (once for the signal and once when we reach the end of
the script), but it's still worth fixing.

Furthermore, install the trap as soon as we've created the temporary
directory, to minimize the window during which we can fail to clean up
after ourselves if interrupted.

While here, simplify the empty check at the end and make some minor
style tweaks.

MFC after:      1 week
Sponsored by:   Klara, Inc.
Reviewed by:    kevans
Differential Revision:  https://reviews.freebsd.org/D46475

    [17 lines not shown]
DeltaFile
+5-8usr.bin/locate/locate/updatedb.sh
+5-81 files

GhostBSD/ghostbsd 013d817sys/dev/igc if_igc.c igc_nvm.c

igc: Add NVM/firmware prints and sysctl

This chipset suffered an (un)usual number of bugs and iterations. Let's
add our NVM/firmware code from e1000 and the similar igc_nvm function
from DPDK to keep track of issues.

Sponsored by:   BBOX.io

(cherry picked from commit 33ed9bdca307bedb3d66a50ed7d4d7b4bf4acf39)
DeltaFile
+104-0sys/dev/igc/if_igc.c
+81-0sys/dev/igc/igc_nvm.c
+24-4sys/dev/igc/igc_defines.h
+18-0sys/dev/igc/igc_nvm.h
+2-0sys/dev/igc/if_igc.h
+229-45 files

GhostBSD/ghostbsd f75c75dsys/dev/igc if_igc.c if_igc.h

igc: Remove non-existent legacy absolute and packet timers

igc, derived from igb, does not use these registers. All interrupt
timing is governed by EITR or LLI and driven by write-back.

Sponsored by:   BBOX.io

(cherry picked from commit a40ecb6f740530fb7e6a95e702113aa3fe24d975)
DeltaFile
+0-109sys/dev/igc/if_igc.c
+0-59sys/dev/igc/if_igc.h
+0-5sys/dev/igc/igc_regs.h
+0-1733 files

GhostBSD/ghostbsd 941833bsys/dev/ixgbe if_sriov.c

ixgbe: Switch if_sriov read/write back to ixgbe_mbx APIs

These are more succinct than jumping through the function pointers
directly and add some additional error handling.

(cherry picked from commit 1e3b1870ad2a426de6e3f5445211b698f20f7f1f)
DeltaFile
+2-3sys/dev/ixgbe/if_sriov.c
+2-31 files

GhostBSD/ghostbsd a67cc4bsys/dev/hyperv/vmbus hyperv_mmu.c

hyperv: call smp_targeted_tlb_shootdown_native() with pin

(cherry picked from commit 6dcffb980fa3026092f79107ee7668918c9f5490)
DeltaFile
+0-1sys/dev/hyperv/vmbus/hyperv_mmu.c
+0-11 files