jail: open the fstab files with fopen("re")
This protects against accidentally leaking them past fork()+exec()
in future refactorings.
PR: 295052
Reviewed by: kevans
jail: avoid leaking jail config fds to exec.* hooks
The jail(8) command must not leave parsed configuration files open
since the file descriptors will be leaked to child processes
including the untrusted exec.start or exec.stop hooks.
While fopen() doesn't provide direct access to O_CLOEXEC, it does
provide access to FD_CLOEXEC via "e" in the mode string which
provides the desired defense in depth against leaking file descriptors
into exec.* hooks since those always execve() into a shell.
Jail configuration is potentially sensitive and some hooks execute from
within the jail context, leaving some opening for the jail to exfiltrate
information about the host environment.
(Commit message wordsmithed by kevans)
PR: 295052
Reviewed by: kevans
MFC after: 3 days
mail/archiveopteryx: Update to latest git
archiveopteryx has not received an official release in many years and
many fixes have been accumulating. I have traditionally published the
git version under the mail/archiveopteryhx-devel port, but many
improvements have happened that aox users should be getting by default.
I'm working with upstream to get a new release finally made.
While here, correct the LICENSE which is actually PostgreSQL, not MIT.
Unskip test sys.netinet6.frag6.frag6_07.frag6_07
This is now consistently passing with 100+ consecutive runs.
Signed-off-by: Siva Mahadevan <me at svmhdvn.name>
PR: 244170
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 681e9d3e391f30a512c523514f69a63c9782a901)
tests/if_lagg_test: unskip 'witness' testcase
This testcase passes consistently (in 100+ runs) now.
Signed-off-by: Siva Mahadevan <me at svmhdvn.name>
PR: 244163, 251726
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 7a83fedc116d827cc9c6d8e049b785f1d7b68dcd)
nuageninit: modify the test to show the issue fixed inc316ec259011
Ensure the script used is invalid when parsed by libyaml which
highlight the issue revealed in PR295062
while at here validate the mode of the file is properly changed
PR: 295062
MFC After: 1 day
emulators/dosbox-staging: add mt32emu support
Add port option MT32EMU which provides Roland MT-32 emulation support by using
mt32emu from the Munt project. Enable this option by default.
PR: 284635
devel/libmt32emu: New port: Emulate Roland MT-32, CM-32L and LAPC-I synthesiser modules
mt32emu is part of the Munt project. It represents a C/C++ library named
libmt32emu which allows to emulate (approximately) the Roland MT-32, CM-32L and
LAPC-I synthesiser modules.
WWW: https://munt.sourceforge.net
PR: 284634
Co-authored-by: Max Brazhnikov <makc at FreeBSD.org>
kobj: Use M_WAITOK in kobj_init
Blocking allocation is safe in all of the current callers of kobj_init
(most of them do a M_WAITOK malloc of the structure passed as the
first argument to kobj_init just before calling it). kobj_init
doesn't return an error code but instead panics if the nested malloc
in kobj_class_compile1 fails, so using M_WAITOK here is more robust.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D56625
mlx5en: destroy TIR before DEK during TLS RX teardown
Reorder the TLS RX teardown sequence so the TIR is destroyed before
the DEK. DESTROY_TIR for a TLS-enabled TIR issues a TRA RX fence
that drains all in-flight packets from the crypto pipeline. If the
DEK is destroyed first, packets still in flight hit a TPT encryption
error (vendor syndrome 0x55) because the key they reference is
already gone.
Reviewed by: kib
Sponsored by: Nvidia networking
MFC after: 1 week
nuageinit: only parse user_data as yaml when necessary
This fixes a regression introduced in cae280931c9e which prevents
user_data as a shell script to be used
PR: 295062
Reported by: Ross McKelvie <ross at exitzero.uk>
MFC After: 1 day
sys/cdefs.h: Introduce __maybe_unused attribute
The __maybe_unused attribute should be used for variables which may or
may not be used, such as when their only use is in an assertion. This
attribute is functionally identical to __unused, suppressing compiler
warnings for particular variable if it remains unused.
Reviewed by: Minsoo Choo <minsoo at minsoo.io>, imp
Differential Revision: https://reviews.freebsd.org/D56517
rtadvd(8): Honor pltime/vltime in interface declarations
Currently rtadvd ignores interface pltime/vltime specifications
unless the (static) address range is also included in the config file.
This extends the validity of a pltime and/or vltime stanza in
the config file for an interface to delegated addresses from
an upstream provider.
Signed-off-by: tickerguy <karl at denninger.net>
PR: 288426
Reviewed by: pouria
Pull Request: https://github.com/freebsd/freebsd-src/pull/1863
15.1/relnotes: Mention ENA/arm64 irq mapping fix
This is technically a general intrng bug fix, but I'm not aware of the
bug affecting anything other than ena(4) on arm64 so I'm listing this
under "Cloud Support".
Sponsored by: Amazon
15.1/relnotes: Clarify Extended Destination ID
We don't merely recognize bits in CPUID; we make use of it to allow
FreeBSD to run on larger VMs, including EC2 r8i.96xlarge.
Sponsored by: Amazon
Makefile.vm: Split error condition
Make it clear which of two possible cases applies.
Reviewed by: cperciva
Differential Revision: https://reviews.freebsd.org/D56837
bhyve/virtio-scsi: Don't invoke iov_to_buf() in an assert() expression
If anyone would build bhyve with -DNDEBUG, any code in the expression
in assert() won't be executed. Instead put the return value in a
temporary variable to assert that it has the expected value.
Reviewed by: emaste, markj (earlier version)
Fixes: 2a514d377b37 ("bhyve/virtio-scsi: Preallocate all I/O requests")
Differential Revision: https://reviews.freebsd.org/D55803
