HardenedBSD/src f1c5782share/mk bsd.subdir.mk, sys/cddl/contrib/opensolaris/uts/common/dtrace dtrace.c

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+9-1tools/tools/git/candidatematch.lua
+1-6tools/tools/git/mfc-candidates.sh
+3-2sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
+2-2share/mk/bsd.subdir.mk
+15-114 files

HardenedBSD/src 572948dcrypto/openssl/providers fips.ld legacy.ld, secure/lib/libcrypto/modules/fips Makefile

Revert "OpenSSL: use the upstream provided version.map files for the fips/legacy providers"

This change is still under review and should not have been merged
directly to main (yet).

This is a case and point for using `push.default` to nothing instead of
matching or simple.

This reverts commit 42ce242e353065dfbaa248955f6657005a395a95.
DeltaFile
+0-5crypto/openssl/providers/fips.ld
+0-5crypto/openssl/providers/legacy.ld
+0-2secure/lib/libcrypto/modules/fips/Makefile
+0-2secure/lib/libcrypto/modules/legacy/Makefile
+0-144 files

HardenedBSD/src 42ce242crypto/openssl/providers fips.ld legacy.ld, secure/lib/libcrypto/modules/fips Makefile

OpenSSL: use the upstream provided version.map files for the fips/legacy providers

This change introduces a static copy of the fips and legacy linker version maps
generated by the OpenSSL 3.0.13 build process.

This unbreaks the fips and legacy providers by not exposing unnecessary
symbols from the fips/legacy provider shared objects shared with other
providers (base, default) and libcrypto.

More discussion:

Prior to this change, loading the fips provider indirectly from a
FreeBSD 14.0-CURRENT and 15.0-CURRENT host would result in a
process-wide deadlock when invoking select OpenSSL APIs
(CONF_modules_load* in this particular example).

Speaking with the upstream maintainers [1], it became obvious that
the FreeBSD base system was incorrectly building/linking the fips
provider, resulting in a symbol collision at runtime, and thus a

    [9 lines not shown]
DeltaFile
+5-0crypto/openssl/providers/fips.ld
+5-0crypto/openssl/providers/legacy.ld
+2-0secure/lib/libcrypto/modules/fips/Makefile
+2-0secure/lib/libcrypto/modules/legacy/Makefile
+14-04 files

HardenedBSD/src b571bceshare/mk bsd.subdir.mk

bsd.subdir.mk: improve `SUBDIR.${MK_FOO}` advice

- Remove superfluous whitespace by removing trailing whitespace
  before `\` (line continuation character)
- Quote `SUBDIR.` to clarify the fact that this is a variable
  reference--not the end of a sentence.
DeltaFile
+2-2share/mk/bsd.subdir.mk
+2-21 files

HardenedBSD/src 793745ftools/tools/git candidatematch.lua mfc-candidates.sh

mfc-candidates: move pretty printing into lua

d51c59002367 moved the MFC hash matching logic into a lua utility
script but left the output formatting in the shell script. Simplify this
slightly by just printing the formatted output from lua.

Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D44836
DeltaFile
+9-1tools/tools/git/candidatematch.lua
+1-6tools/tools/git/mfc-candidates.sh
+10-72 files

HardenedBSD/src 2d19c2csys/fs/fuse fuse_node.c

fusefs: correct a comment

[skip ci]

Sponsored by:   Axcient

(cherry picked from commit c1326c01df81dd06739ddf1946e1968ddaba0c8e)
DeltaFile
+5-4sys/fs/fuse/fuse_node.c
+5-41 files

HardenedBSD/src 61ddfc0sys/fs/fuse fuse_internal.c

fusefs: only test for incoherency if FN_SIZECHANGE is set

FUSE emits spurious incoherency warnings in writethrough mode. The
warnings are triggered by setattr calls generated by vnode truncation
turning the cached va_size vattr stale, causing comparisons with the
fresh version provided by the server to fail. Only validate the vnode's
va_size vattr if the FN_SIZECHANGE flag is set.

This is a part of the research work at RCSLab, University of Waterloo.

Reviewed by:    asomers
Pull Request:   https://github.com/freebsd/freebsd-src/pull/1110

(cherry picked from commit 8758bf0aaec1d4b2ebcb429e8cabc691c2c95461)
DeltaFile
+2-2sys/fs/fuse/fuse_internal.c
+2-21 files

HardenedBSD/src 9c44457sys/arm/allwinner aw_gpio.c

aw_gpio: temporarily switch to input function if read in eint mode

This is needed for gpiokeys driver that needs to read input state after
receiving an interrupt for either edge.

PR:             248138

(cherry picked from commit b98558e69b0aefbb99120a8a6ca7efbb8cafab5b)
DeltaFile
+12-0sys/arm/allwinner/aw_gpio.c
+12-01 files

HardenedBSD/src 43bf62asys/arm/allwinner aw_gpio.c

aw_gpio: temporarily switch to input function if read in eint mode

This is needed for gpiokeys driver that needs to read input state after
receiving an interrupt for either edge.

PR:             248138

(cherry picked from commit b98558e69b0aefbb99120a8a6ca7efbb8cafab5b)
DeltaFile
+12-0sys/arm/allwinner/aw_gpio.c
+12-01 files

HardenedBSD/src f12a50fsys/cddl/contrib/opensolaris/uts/common/dtrace dtrace.c

Revert "dtrace: make 'ring' and 'fill' policies imply 'noswitch' flag"

This reverts commit e92491d95ff3500e140eafa614e88ca84ffb0d26.
It was cherry-picked as f0ed49921c2891733b7ee65679a8dcba5398e3b6.

The general idea looked good to me.  In particular, it allowed to save
some memory and avoid memory allocation failures when a large buffer
size was requested along with ring and fill policies.

But I didn't take into account that the second, supposedly unused
buffer, was actually used as the scratch buffer.  The scratch buffer is
used as a temporary space for DTrace subroutines like copyin, copyinstr,
and alloca.

I think that the change can be fixed by allocating a separate smaller
buffer for the scratch buffer, but that fix would require more work than
I am able to do now.  Hence the revert.

Reported by:    Domagoj Stolfa

    [3 lines not shown]
DeltaFile
+3-2sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
+3-21 files

HardenedBSD/src 73c9d51sys/cddl/contrib/opensolaris/uts/common/dtrace dtrace.c

Revert "dtrace: make 'ring' and 'fill' policies imply 'noswitch' flag"

This reverts commit e92491d95ff3500e140eafa614e88ca84ffb0d26.
It was cherry-picked as fb9c50f983ff6bdd6f33a22ae7d5b391435dd02a.

The general idea looked good to me.  In particular, it allowed to save
some memory and avoid memory allocation failures when a large buffer
size was requested along with ring and fill policies.

But I didn't take into account that the second, supposedly unused
buffer, was actually used as the scratch buffer.  The scratch buffer is
used as a temporary space for DTrace subroutines like copyin, copyinstr,
and alloca.

I think that the change can be fixed by allocating a separate smaller
buffer for the scratch buffer, but that fix would require more work than
I am able to do now.  Hence the revert.

Reported by:    Domagoj Stolfa

    [3 lines not shown]
DeltaFile
+3-2sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
+3-21 files

HardenedBSD/src b9827c0sys/cddl/contrib/opensolaris/uts/common/dtrace dtrace.c

Revert "dtrace: make 'ring' and 'fill' policies imply 'noswitch' flag"

This reverts commit e92491d95ff3500e140eafa614e88ca84ffb0d26.

The general idea looked good to me.  In particular, it allowed to save
some memory and avoid memory allocation failures when a large buffer
size was requested along with ring and fill policies.

But I didn't take into account that the second, supposedly unused
buffer, was actually used as the scratch buffer.  The scratch buffer is
used as a temporary space for DTrace subroutines like copyin, copyinstr,
and alloca.

I think that the change can be fixed by allocating a separate smaller
buffer for the scratch buffer, but that fix would require more work than
I am able to do now.  Hence the revert.

Reported by:    Domagoj Stolfa
Diagnosed by:   Domagoj Stolfa, markj
MFC after:      immediately
DeltaFile
+3-2sys/cddl/contrib/opensolaris/uts/common/dtrace/dtrace.c
+3-21 files

HardenedBSD/src d4f1336sys/amd64/vmm/amd ivrs_drv.c, sys/arm/freescale/vybrid vf_sai.c

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+2-2sys/dev/wtap/wtap_hal/hal.c
+1-1sys/geom/geom_subr.c
+1-1sys/dev/wtap/if_wtap.c
+1-1sys/arm/freescale/vybrid/vf_sai.c
+1-1sys/amd64/vmm/amd/ivrs_drv.c
+1-1sys/kern/uipc_domain.c
+7-76 files

HardenedBSD/src 26f6c14sys/arm/freescale/vybrid vf_sai.c

freescale: Fix a typo in a source code comment

- s/cant/can't/

MFC after:      3 days
DeltaFile
+1-1sys/arm/freescale/vybrid/vf_sai.c
+1-11 files

HardenedBSD/src 9576fc1sys/kern uipc_domain.c

uipc_domain: Fix a typo in a source code comment

- s/cant/can't/

MFC after:      3 days
DeltaFile
+1-1sys/kern/uipc_domain.c
+1-11 files

HardenedBSD/src c0a01eesys/geom geom_subr.c

geom(4): Fix a typo in a source code comment

- s/cant/can't/

MFC after:      3 days
DeltaFile
+1-1sys/geom/geom_subr.c
+1-11 files

HardenedBSD/src 026520asys/dev/wtap if_wtap.c, sys/dev/wtap/wtap_hal hal.c

wtap: Fix typos in kernel messages

- s/cant/can't/

MFC after:      1 week
DeltaFile
+2-2sys/dev/wtap/wtap_hal/hal.c
+1-1sys/dev/wtap/if_wtap.c
+3-32 files

HardenedBSD/src 8b5c5casys/amd64/vmm/amd ivrs_drv.c

vmm(4): Fix a typo in a kernel message

- s/cant/can't/

MFC after:      1 week
DeltaFile
+1-1sys/amd64/vmm/amd/ivrs_drv.c
+1-11 files

HardenedBSD/src c61eb16sys/dev/oce oce_mbox.c

oce(4): Fix a typo in a source code comment

- s/addres/address/

(cherry picked from commit e991acd5d0f60fe3c57acb452003c551194a758b)
DeltaFile
+1-1sys/dev/oce/oce_mbox.c
+1-11 files

HardenedBSD/src 39ccab4sys/dev/usb/net if_muge.c

muge(4): Fix a typo in a source code comment

- s/addres/address/

(cherry picked from commit 046fe202e76623988ac612b20047940b86dd373f)
DeltaFile
+1-1sys/dev/usb/net/if_muge.c
+1-11 files

HardenedBSD/src 36a642asys/netpfil/ipfilter/netinet ip_fil.h ip_ftp_pxy.c, sys/netpfil/pf pf.c

netpfil: Fix typos in source code comments

- s/addres/address/

(cherry picked from commit 8ce3ef5f35fd4dc442b1a33605ca7d3132047faf)
DeltaFile
+2-2sys/netpfil/ipfilter/netinet/ip_fil.h
+1-1sys/netpfil/ipfilter/netinet/ip_ftp_pxy.c
+1-1sys/netpfil/pf/pf.c
+4-43 files

HardenedBSD/src 2b343cdsys/dev/oce oce_mbox.c

oce(4): Fix a typo in a source code comment

- s/addres/address/

(cherry picked from commit e991acd5d0f60fe3c57acb452003c551194a758b)
DeltaFile
+1-1sys/dev/oce/oce_mbox.c
+1-11 files

HardenedBSD/src 04ab414sys/dev/usb/net if_muge.c

muge(4): Fix a typo in a source code comment

- s/addres/address/

(cherry picked from commit 046fe202e76623988ac612b20047940b86dd373f)
DeltaFile
+1-1sys/dev/usb/net/if_muge.c
+1-11 files

HardenedBSD/src bf2582csys/netpfil/ipfilter/netinet ip_fil.h ip_ftp_pxy.c, sys/netpfil/pf pf.c

netpfil: Fix typos in source code comments

- s/addres/address/

(cherry picked from commit 8ce3ef5f35fd4dc442b1a33605ca7d3132047faf)
DeltaFile
+2-2sys/netpfil/ipfilter/netinet/ip_fil.h
+1-1sys/netpfil/ipfilter/netinet/ip_ftp_pxy.c
+1-1sys/netpfil/pf/pf.c
+4-43 files

HardenedBSD/src afcb065sys/dev/aic7xxx aic79xx_osm.c aic7xxx_osm.c

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+21-14sys/dev/aic7xxx/aic79xx_osm.c
+21-14sys/dev/aic7xxx/aic7xxx_osm.c
+1-1sys/dev/aic7xxx/aic7xxx_inline.h
+0-1sys/dev/aic7xxx/aic7xxx.c
+43-304 files

HardenedBSD/src c5179c2sys/dev/amdsmn amdsmn.c, sys/dev/amdtemp amdtemp.c

amdsmn(4), amdtemp(4): add support for AMD Family 19h Models 10h-1Fh.

Tested on AMD Threadripper 7960X.

PR:             kern/278311
Tested by:      jbo

(cherry picked from commit 51c69c8682e8ab0e5d82ab3d6f2d16419d40bad4)
DeltaFile
+13-1sys/dev/amdtemp/amdtemp.c
+7-0sys/dev/amdsmn/amdsmn.c
+20-12 files

HardenedBSD/src e4d8fe7sys/dev/amdsmn amdsmn.c, sys/dev/amdtemp amdtemp.c

amdsmn(4), amdtemp(4): add support for AMD Family 19h Models 10h-1Fh.

Tested on AMD Threadripper 7960X.

PR:             kern/278311
Tested by:      jbo

(cherry picked from commit 51c69c8682e8ab0e5d82ab3d6f2d16419d40bad4)
DeltaFile
+13-1sys/dev/amdtemp/amdtemp.c
+7-0sys/dev/amdsmn/amdsmn.c
+20-12 files

HardenedBSD/src 9dcf395sys/dev/aic7xxx aic79xx_osm.c aic7xxx_osm.c

ahc(4)/ahd(4): fix target mode on ARM

One of the comments in ahc_execute_scb() notes that the CAM direction is
actually w.r.t. the initiator.  As a consequence, all of our sync ops
end up being wrong because the direction is flipped from that of the
transfer.  Fix it to do proper invalidation and avoid spewing random
garbage out on the SCSI bus.

Reported and tested by: HP van Braam <hp at tmm.cx>
Reviewed by:    imp, mav
Differential Revision:  https://reviews.freebsd.org/D44860
DeltaFile
+21-14sys/dev/aic7xxx/aic79xx_osm.c
+21-14sys/dev/aic7xxx/aic7xxx_osm.c
+42-282 files

HardenedBSD/src b5e0cc2sys/dev/aic7xxx aic7xxx_inline.h aic7xxx.c

ahc(4): resolve some minor nits

In ahc_init(), qoutfifo is already assigned to effectively the same
value a couple lines up, except in the first assignment it uses the
proper definition; keep the more descriptive assignment.

ahc_targetcmd_offset() gets the offset wrong entirely; as per the
area of ahc_init() this diff also touches, targetcmds is laid out first
in the shared map and it's followed by the qoutfifo.  As a result, we'd
generally be getting negative offsets here.  We can't actually do a
partial sync anyways, so there was no consequence to getting this wrong.

Reviewed by:    imp, mav
Differential Revision:  https://reviews.freebsd.org/D44859
DeltaFile
+1-1sys/dev/aic7xxx/aic7xxx_inline.h
+0-1sys/dev/aic7xxx/aic7xxx.c
+1-22 files

HardenedBSD/src 373c0c5usr.sbin/adduser adduser.sh

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+11-13usr.sbin/adduser/adduser.sh
+11-131 files