BSD Commit Log Search

HBSD: Re-Enable core kernel debugging features

With commit 1aad58b919d3d22f86be01b8e26a203cd020eaae, FreeBSD removed
the inclusion of "std.debug" in the GENERIC kernel. This results in a
broken kernel on HardenedBSD since we rely on INVARIANTS and WITNESS.

This is a direct commit to hardened/15-stable/main.

Signed-off-by:  Shawn Webb <shawn.webb at hardenedbsd.org>
Fixes:          1aad58b919d3d22f86be01b8e26a203cd020eaae

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main

krb5: Include <features.h> on Linux so __GLIBC__ can be checked

__GLIBC__ is not pre-defined by the toolchain, it comes from features.h,
so we need to make sure that's included by this point.

Fixes:  4dd2b869cd07 ("krb5: Fix -Wint-conversion when bootstrapping on GNU/Linux")
(cherry picked from commit 34e7a57673c9730ee5d1f7ebb07e152567bd8e0b)

krb5: Fix -Wint-conversion when bootstrapping on GNU/Linux

This shows up in GitHub Actions as a warning, and some compilers can
default to it being an error.

(cherry picked from commit 4dd2b869cd078ed6f40c42d1ef429222da16a58f)

usb: umass: add SCSIEJECT quirk and fix RTW8821CU_CD (USB mode switch)

Several Realtek (and lots other) USB dongles present themselves as
CDROM device first.  Upon eject they do a mode switch and suddenly
are a different kind of device (sometimes even with different IDs),
e.g., a wireless dongle.

In order to avoid the CDROM stage and rather than adding the quirk
handling to more drivers, add support to umass and if enabled
automatically eject the "CDROM" to make it the real device.

Longer-term some other drivers could stop using their hand-rolled
support for this.  It is unclear as-to how much we need the list of
(eject) quirks from u3g here, or if these are very specific to that
kind of devices.

Sponsored by:   The FreeBSD Foundation
Fixes:          b3b6a959c85a, 9c0cce328363
Reviewed by:    imp

    [3 lines not shown]

net80211: fix VHT160/80P80/80 chanwidth selection in the "40-" case

Depending on the base channel ni_vht_chan2 - ni_vht_chan1 can be
negative.  Apply abs() as indicated in the comments right above
        | CCFS1 - CCFS0 | = 8  or > 16
in order to fix the channel width selection.

Sponsored by:   The FreeBSD Foundation
PR:             293645
Fixes:          4bf049bfeefd9
Reviewed by:    adrian
Differential Revision: https://reviews.freebsd.org/D55717

(cherry picked from commit 6cfd2b93e68061c7831016b91c2e308d01658764)

LinuxKPI: 802.11: lkpi_sta_auth_to_scan() fail graciously on lsta == NULL

Usually after a firmware crash, we see reports of crashes in
lkpi_sta_auth_to_scan().  One of the last ones was in the PR
mentioned below.

These crashes are often attributed as the problem while the real
problem happened before.

At this point try avoid the NULL pointer and to fail graciously if
lvif->iv_bss (lsta) is no longer set.  This way users have a chance
to possibly recover using netif restart wlan0 rather than dealing
with a panic.

See if this helps us to better track down the original problems
rather than the follow-up crash.

On a debug kernel the KASSERT should normally have caught that
condition as well but we see panics on page faults were the log

    [8 lines not shown]

share/dict/web2: Sort

PR: 293659
Fixes: e49b6ead4114 ("Add a number of five letter words to the dictionary")
(cherry picked from commit 72f0bc868bf00586cba1e50057d8f1998b4abe80)

LinuxKPI: avoid -Werror=unused-value in sort() from BUILD_BUG_ON_ZERO()

The BUILD_BUG_ON_ZERO() macro returns an (int)0 if it does not fail
at build time. LinuxKPI sort() has it as a guard for an unsupported
argument but ignores the return value.

This leads to gcc complaining:

/usr/src/sys/compat/linuxkpi/common/include/linux/build_bug.h:60:33: error: statement with no effect [-Werror=unused-value]
   60 | #define BUILD_BUG_ON_ZERO(x)    ((int)sizeof(struct { int:-((x) != 0); }))
      |                                 ^
/usr/src/sys/compat/linuxkpi/common/include/linux/sort.h:37:9: note: in expansion of macro 'BUILD_BUG_ON_ZERO'
   37 |         BUILD_BUG_ON_ZERO(swap);                        \
      |         ^~~~~~~~~~~~~~~~~
/usr/src/sys/contrib/dev/rtw89/core.c:2575:9: note: in expansion of macro 'sort'
 2575 |         sort(drift, RTW89_BCN_TRACK_STAT_NR, sizeof(*drift), cmp_u16, NULL);

Change to BUILD_BUG_ON() for the statement version.


    [8 lines not shown]

Calendars: Update status reports deadlines

Also move the deadlines in their own calendar file.

Reported by:    jhs
Reviewed by:    jhs, adamw,
                Graham Percival <gperciva at tarsnap.com>
Differential Revision:  https://reviews.freebsd.org/D55491

sigreturn.2: refresh the man page

Remove mention of the longjmp(3), which does not use sigreturn.
Try to be more precise when describing the syscall effects.

Reviewed by:    emaste, markj
Sponsored by:   The FreeBSD Foundation
MFC after:      3 days
Differential revision:  https://reviews.freebsd.org/D55750

llvm-*: Use SYMLINKS for unprefixed LLVM binutils

Previously they were hard links.  This change will support future
packaging changes by decoupling the prefixed (e.g. llvm-ar) and
unprefixed (e.g. ar) names.

Reviewed by:    dim, ivy
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D55693

system(3): Address test robustness issue

Don't assume that SIGINT and SIGQUIT are set to SIG_DFL at the start
of the test.  Instead, retrieve their current dispositions and verify
that they are restored at the end of the test.

MFC after:      1 week
Sponsored by:   Klara, Inc.
Reviewed by:    kevans
Differential Revision:  https://reviews.freebsd.org/D55709

(cherry picked from commit 48368f702423742b2a7dff7ad3191625e8bf26f0)

system(3): Fix brain glitch in previous commit

We were saving SIGINT twice instead of SIGINT and SIGQUIT.

Also restore original order of operations (SIGINT then SIGQUIT), which
matches the order in which they're discussed in the POSIX description

    [7 lines not shown]

system(3): Unwrap execve()

There is no need to call execl(), which will allocate an array and copy
our arguments into it, when we can use a static array and call execve()
directly.

MFC after:      1 week
Sponsored by:   Klara, Inc.
Reviewed by:    kevans
Differential Revision:  https://reviews.freebsd.org/D55648

(cherry picked from commit 40e52e0edd038460a2a2aca017b3ac5a513fe37b)

Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main

me.4: MFC: link if_me kernel module to its manual page.

(cherry picked from commit 46ba263d6eeb1c6029841b4c42f54912ad61de5c)

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

tzcode: Update to 2026a

Many thanks to Paul Eggert for adopting most of our adaptations as
optional features upstream in the previous release (2025c).

MFC after:      1 week
Reviewed by:    philip
Differential Revision:  https://reviews.freebsd.org/D55741

yes: Add tests

MFC after:      1 week
Sponsored by:   Klara, Inc.
Reviewed by:    kevans
Differential Revision:  https://reviews.freebsd.org/D55802

Merge remote-tracking branch 'origin/hardened/current/master' into hardened/current/cross-dso-cfi

Merge branch 'freebsd/current/main' into hardened/current/master

build: Stop testing LINKER_FEATURES for ifunc and build-id

These features are available in all supported linkers, and we can expect
that they'll be supported by any GNU-compatible linker that we'd use to
link FreeBSD.

Reviewed by:    imp, kib
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D55676

libpmc: Explicitly whitelist json fields

Adds all missing Intel fields and turns jevents.c into an explicit white
list mechanism so that we no longer ignore important fields that often
invalidate the counter.  The json event parser must now parse every
field on each architecture that we support.  This has been tested by
running tinderbox and manually running jevent against our current json
repository.  As a bonus I fixed spelling errors in the AMD JSON
definitions.

Sponsored by: Netflix

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/2055

tests/kern/ssl_sendfile: fix 'random' and 'basic' flakyness

The read of c.sbytes needs to be synchronized with mutex.  The problem was
fixed for 'truncate' and 'grow' with 8a9508563542, but these two suffer
from the same problem.  Provide require_sbytes(), a locked wrapper around
ATF_REQUIRE() to reduce copy and paste.

Submitted by:           olivier
Differential Revision:  https://reviews.freebsd.org/D55781

tests/kern/ssl_sendfile: reduce copy & paste

Provide sendme_locked_wait() for a common pattern.  Not functional change.

ena: Update driver version to v2.8.2

Bug Fixes:
* Verify that an ENA ring is in netmap only in native mode

Minor Changes:
* Move parenthesis to correct place in switch
* Add comment
* Reorder define

MFC after: 2 weeks
Sponsored by: Amazon, Inc.
Reviewed by: cperciva
Differential Revision: https://reviews.freebsd.org/D55698

ena: Verify that an ENA ring is in netmap only in native mode

netmap operates in two modes:
1) Emulated - netmap handling is done by the network stack, the
NIC driver operates transparently to netmap.
2) Native - netmap management is done by the NIC driver.

When checking whether a specific ENA ring is running in netmap
mode, only the following checks were done:
1. IFCAP_NETMAP - Check whether netmap capability is enabled on
the device.
2. NKR_NETMAP_ON - Check whether netmap is actively using this
ring.

The above checks implied that the netmap mode is native and the
ENA driver needs to handle the netmap logic.
The code was missing an explicit check on whether native mode
is actually on (NAF_NATIVE).
This led to a case where though emulated mode was used and

    [18 lines not shown]