PR lib/60369 Update tests to match modern UTF-8
This just removes test cases using invalid (by current standards) UTF-8
sequences (in one case the test is modified to switch it from invalid to valid)
The XFAIL that was added is removed. ("removed" in all of this means
hashifd away).
There is, in this change, no attempt to fix either of the other very valid
concerns - actually testing invalid input to ensure it is rejected (would
need to be a whole new test case, the way they are currently structured is
not condusive to that - the input is simply known to be valid), nor having
the test continue to try the remaining cases if an invalid result is obtained
rather than simply abandoning ship at the first opportunity.
Also note that none of this really has anything whatever to do with the
PR, which had nothing at all to do with what is valid UTF-8 and what is
not, but merely when something that is to be treated as invalid is
detetected, that MUST be reported, the (libc, not test) code must not
go on to examine further bytes and end up reporting that more are needed
[2 lines not shown]
PR lib/58282 revert refresh.c 1.132 (Mon Jun 29 06:06:10 UTC 2026)
This "broke stuff" (reported by gson@ and ryo@) and was reported as:
This has been reverted and sysinst behaves for me now.
Yet it had not been. Now it has.
sshd_config(5): Clarify again how to disable password authentication.
Upstream changed their version of this text by adding some quotation
marks but not really making it clearer. We had replaced the comment a
while ago to cross-reference UsePAM but it got lost in the update to
OpenSSH 10.0 last year. Restore the explanation of how to disable
password authentication, and expand on the relevant knobs a little.
PR bin/32313: sshd 'PasswordAuthentication no' silently fails
tests/bin/expr - fix the regex & length tests for UTF-8 input
If LC_CTYPE is to be set to a UTF-8 charset, the input must be
valid UTF-8 encoded data, or the results will not be what is expected.
0xFF as input is *not* ever valid in a UTF-8 string. It cannot be
the initial byte of a character (the biggest conceivable value for
that is 0xFC and even that is beyond what current UTF-8 allows, the
actual biggest is 0xF4), and it cannot be a trailing byte, as those
always have 1 0 as the two higest bits (ie: range is 0x80..0xBF)
mbrtowc() fix a stupid typo in the previous version.
No idea how I managed to miss this previously. This update should
make at least some of the ATF tests (and other stuff) which failed
after the previous change start working again.
Pull up following revision(s) (requested by riastradh in ticket #2026):
sys/dev/mm.c: revision 1.26
mm(4): Only grant kva exposure if user opens /dev/kmem.
Don't apply the same to /dev/null, /dev/zero, or anything else.
PR kern/60374: opening /dev/null exposes kva
Pull up following revision(s) (requested by riastradh in ticket #1296):
sys/dev/mm.c: revision 1.26
mm(4): Only grant kva exposure if user opens /dev/kmem.
Don't apply the same to /dev/null, /dev/zero, or anything else.
PR kern/60374: opening /dev/null exposes kva
Pull up following revision(s) (requested by riastradh in ticket #352):
sys/dev/mm.c: revision 1.26
mm(4): Only grant kva exposure if user opens /dev/kmem.
Don't apply the same to /dev/null, /dev/zero, or anything else.
PR kern/60374: opening /dev/null exposes kva
Pull up following revision(s) (requested by riastradh in ticket #2025):
sys/compat/netbsd32/netbsd32_socket.c: revision 1.57
compat32: Fix accidental use of error branch in recvmsg(2).
Avoids use-after-free / double-free.
PR kern/60373: compat32: kernel use-after-free in recvmsg
Pull up following revision(s) (requested by riastradh in ticket #1295):
sys/compat/netbsd32/netbsd32_socket.c: revision 1.57
compat32: Fix accidental use of error branch in recvmsg(2).
Avoids use-after-free / double-free.
PR kern/60373: compat32: kernel use-after-free in recvmsg
Pull up following revision(s) (requested by riastradh in ticket #351):
sys/compat/netbsd32/netbsd32_socket.c: revision 1.57
compat32: Fix accidental use of error branch in recvmsg(2).
Avoids use-after-free / double-free.
PR kern/60373: compat32: kernel use-after-free in recvmsg
Pull up following revision(s) (requested by riastradh in ticket #2024):
sys/modules/lua/lua.c: revision 1.29
distrib/sets/lists/tests/mi: revision 1.1422
tests/kernel/t_lua.c: revision 1.1
etc/MAKEDEV.tmpl: revision 1.239
distrib/sets/lists/debug/mi: revision 1.514
tests/kernel/Makefile: revision 1.97
sys/sys/lua.h: revision 1.10
MAKEDEV: Set default perms on /dev/lua to 0600.
Otherwise unprivileged users can submit Lua code into the kernel, if
lua.kmod is loaded (which doesn't happen by default, not even
autoloaded on demand).
PR misc/60375: lua.kmod enables local privilege escalation
lua(4): Fix and test some issues.
[16 lines not shown]
Pull up following revision(s) (requested by riastradh in ticket #1294):
sys/modules/lua/lua.c: revision 1.29
distrib/sets/lists/tests/mi: revision 1.1422
tests/kernel/t_lua.c: revision 1.1
etc/MAKEDEV.tmpl: revision 1.239
distrib/sets/lists/debug/mi: revision 1.514
tests/kernel/Makefile: revision 1.97
sys/sys/lua.h: revision 1.10
MAKEDEV: Set default perms on /dev/lua to 0600.
Otherwise unprivileged users can submit Lua code into the kernel, if
lua.kmod is loaded (which doesn't happen by default, not even
autoloaded on demand).
PR misc/60375: lua.kmod enables local privilege escalation
lua(4): Fix and test some issues.
[16 lines not shown]
Pull up following revision(s) (requested by riastradh in ticket #350):
sys/modules/lua/lua.c: revision 1.29
distrib/sets/lists/tests/mi: revision 1.1422
tests/kernel/t_lua.c: revision 1.1
etc/MAKEDEV.tmpl: revision 1.239
distrib/sets/lists/debug/mi: revision 1.514
tests/kernel/Makefile: revision 1.97
sys/sys/lua.h: revision 1.10
MAKEDEV: Set default perms on /dev/lua to 0600.
Otherwise unprivileged users can submit Lua code into the kernel, if
lua.kmod is loaded (which doesn't happen by default, not even
autoloaded on demand).
PR misc/60375: lua.kmod enables local privilege escalation
lua(4): Fix and test some issues.
[16 lines not shown]
Pull up following revision(s) (requested by nia in ticket #349):
crypto/external/bsd/openssh/dist/sshd-auth.c: revision 1.7
sshd(8): Restore rlimit sandbox from portable openssh.
This is used as an alternative to pledge sandboxing.
PR security/60367
pmap(9): Clarify obligations around pmap_update.
Note: pmap_kenter_pa does not specify for now, because there is still
some disagreement over what the rule SHOULD be, and current usage is to
use pmap_update.
Prompted by:
PR kern/60377: x86 cpu_uarea_alloc: pmap_update before freeing
redzone pages
