git-arc: Fix failure to call arc() function
As of b3e53f9fff11, git-arc attempted to call the internal shell
function, arc(), using env(1). However, because env(1) does not call
shell functions, it actually attempted to run the arc utility. This led
to errors:
% git arc create -r xxx HEAD
env: arc: No such file or directory
git-arc: could not create Phabricator diff
This change removes the unnecessary use of env(1), so the arc() function
is correctly called.
Reviewed by: markj
Fixes: b3e53f9fff11 ("git-arc: Don't require devel/arcanist")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53972
Mitigate YXDOMAIN and nodata non-referral answer poisoning.
Add a fix to apply scrubbing of unsolicited NS RRSets (and their
respective address records) for YXDOMAIN and nodata non-referral
answers. This prevents a malicious actor from exploiting a possible
cache poison attack.
Obtained from: NLnet Labs
Security: FreeBSD-SA-25:10.unbound
Security: CVE-2025-11411
(cherry picked from commit 2a3a6a1771148a709c2d9694c1d66c41ce8dee79)
(cherry picked from commit cd40a23fb249bba461e38ca0c3d243a20a12eef4)
Signed-off-by: Shawn Webb <shawn.webb at hardenedbsd.org>
pkg: Move FreeBSD-base to pkg.freebsd.org
Rather than fetching packages directly from the CDN which currently
backs pkgbase.freebsd.org, requests will go to pkg.freebsd.org mirrors
and be 302ed to the correct servers. This adds ~70 seconds to the
process of installing or upgrading a pkgbase system; it also orphans
systems with 15.0-{PRERELEASE,ALPHA*,BETA*} installed since they are
expecting to see pkgbase files signed with the pkg keys, not the new
pkgbase signing keys.
Reviewed by: dch, philip
MFC after: immediately (for 15.0-RELEASE)
With hat: re
Requested by: clusteradm, core
Differential Revision: https://reviews.freebsd.org/D53964
(cherry picked from commit a3b0902d73901e7243103e60cf78c53cd7f566a1)
pkg: Move FreeBSD-base to pkg.freebsd.org
Rather than fetching packages directly from the CDN which currently
backs pkgbase.freebsd.org, requests will go to pkg.freebsd.org mirrors
and be 302ed to the correct servers. This adds ~70 seconds to the
process of installing or upgrading a pkgbase system; it also orphans
systems with 15.0-{PRERELEASE,ALPHA*,BETA*} installed since they are
expecting to see pkgbase files signed with the pkg keys, not the new
pkgbase signing keys.
Reviewed by: dch, philip
MFC after: immediately (for 15.0-RELEASE)
With hat: re
Requested by: clusteradm, core
Differential Revision: https://reviews.freebsd.org/D53964
exports.5: Typo: "auomatically" => "automatically"
Fixes: 9d975e47d5a3 ("exports.5: Clarify that exported dirs should be local mount points")
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
git-arc: Don't require devel/arcanist
Instead of invoking just “arc”, which requires devel/arcanist, which
conflicts with archivers/arc, invoke the underlying script installed by
devel/arcanist-lib.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D53942
sys/_types.h: centralize __vm_offset_t and __vm_size_t definitions
Use __ptraddr_t to define __vm_offset_t and __size_t for __vm_size_t
rather than per-pointer-size definitions.
Reviewed by: kib, markj
Effort: CHERI upstreaming
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D53818
sys/_types.h: add __intptr_t to __mbstate_t
Extend __mbstate_t to include an intptr_t to ensure it can hold a
pointer if required.
Reviewed by: kib, markj
Effort: CHERI upstreaming
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D53822
add types: (u)int64ptr_t
This type represents an integer value of at least 64 bits which is
capable of being cast to and from pointer types. It is intended to
replace various spellings of (u)int64_t there the value is expected to
hold a pointer. This is common in Linux code to allow 32-bit and 64-bit
structures to be the same and used other places including OpenZFS. With
the introduction of CHERI this no longer works, but we need to preserve
the ABI for integer pointer targets. Rather than adding ifdefs in every
case, we introduce a new type.
Reviewed by: kib, markj
Effort: CHERI upstreaming
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D53823
sys/_types.h: define __(u)int(f)ptr_t for CHERI
On pure-capability ABIs, uintptr_t and variants are capabilities and
defined to the new primative type __uintcap_t and variants. This is
required to allow pointers (capabilities) to round trip through
uintptr_t as required by the C standard.
Reviewed by: kib, markj
Effort: CHERI upstreaming
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D53819
sys/_types.h: add void * to __max_align_t
Add a pointer member to __max_align_t as pointers may have different
alignment requirements than long long or long double.
Reviewed by: kib
Effort: CHERI upstreaming
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D53821
sys/_types.h: define fallback __(u)intcap_t
__intcap_t and __uintcap_t are new primative types in CHERI-aware ABIs
that are used to define (u)intptr_t. To allow coexistance of integer
pointers and hybrid code, define them to __(u)intptr_t when they are
not otherwise available.
Reviewed by: kib, markj
Effort: CHERI upstreaming
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D53820
new type: ptraddr_t
ptraddr_t is an unsigned integer type that can hold the address of any
pointer. It differes from uintptr_t in that it does not carry
provenance which is useful for CHERI in that it can disambigurate the
provenance of uintptr_t expressions. It differes from size_t in that
some segmented architecture (not supported by FreeBSD) may have a size_t
that does not hold an address.
ptraddr_t is not yet standardized, but is currently proposed for
inclusion in C++2Y.
Prefer the compiler defined __PTRADDR_TYPE__ defintion where available
as this a new type and we don't need to worry about historical values.
Fall back to __size_t where unavailable.
Reviewed by: kib, markj
Effort: CHERI upstreaming
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D53817
pf tests: pflog:{rdr_action,state_max} disable IPv6
Turn off IPv6 on all interfaces to avoid having multicast listener
reports generated that might turn up in out pflog output, disrupting
the test.
Sponsored by: Rubicon Communications, LLC ("Netgate")
pf tests: fix syncookie:loopback_v6
Use 'no_dad' when assigning a v6 address, because otherwise we may try
to use it before it becomes usable.
Sponsored by: Rubicon Communications, LLC ("Netgate")
pf tests: explicitly set the source address in killstate:v6
We've seen failures due to pft_ping.py selecting the wrong source address.
Explicitly use 2001:db8::1 as source, to match the tests's expectations.
Sponsored by: Rubicon Communications, LLC ("Netgate")
