tests/netinet/socket_afinet: reduce tautology in test cases names
Just avoid repeating the test program name in every test case name.
No functional change.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D56727
tests/socket_afinet: extend bind_connected_port_test to cover more cases
- Test SOCK_DGRAM (UDP) sockets.
- Test binding to 0:port and to a addr:port in presence of connected socket
using the port.
Differential Revision: https://reviews.freebsd.org/D56707
tests/socket_afinet: make child_bind() return a full spectre of results
There is no functional change for existing tests, but allows to write a test
that would expect an immediate success of bind(2).
inpcb: use correct mask in in6_pcblookup_lbgroup()
There is no visible bug fixed as in current tree masks are the same.
Fixes: 6883b120c53735ff1681ef96d257f376731f56b3
hym8563: Fix 32-bit powerpc build
Depend on clknode_if.h in the module Makefile, so that it gets
explicitly built for the module. Also, reduce the #if guards to only
the new clock output code, and gate them on all powerpc, not just
powerpc64.
Fixes: 6b77d34f("HYM8563: Add support for clock output.")
Reviewed by: mmel
Differential Revision: https://reviews.freebsd.org/D57795
rge: Fix 32-bit powerpc build
Book-E powerpc has 64-bit bus_addr_t but only a 32-bit bus_size_t. Use
the right macros for maxsize and maxsegsize to fix the build.
Fixes: 4bf8ce037 ("if_rge: initial import of if_rge driver from OpenBSD.")
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D57794
ktls: Add a tunable to disable TLS receive
TLS receive offload is really only beneficial for in-kernel use cases
(such as NFS over TLS) or when using a hardware offload. In addition,
several recent SAs have involved the TLS receive path, but the only
current mitigation for those is to disable TLS offload entirely.
Reviewed by: ziaee, gallatin, markj
Relnotes: yes
Sponsored by: Netflix
Sponsored by: Chelsio Communications
Co-authored-by: John Baldwin <jhb at FreeBSD.org>
Differential Revision: https://reviews.freebsd.org/D57974
ktls: Centralize the check for CBC ciphers
Move the check out of ktls_enable_(rx|tx) and into ktls_create_session.
Reviewed by: gallatin, markj
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D57973
security/vuxml: add FreeBSD SAs issued on 2026-06-30
FreeBSD-SA-26:37.vm affects all supported releases
FreeBSD-SA-26:38.jail affects 15.0R and 15.1R
FreeBSD-SA-26:39.execve affects all supported releases
FreeBSD-SA-26:40.zfs affects all supported releases
FreeBSD-SA-26:41.libalias affects all supported releases
FreeBSD-SA-26:42.unlinkat affects all supported releases
FreeBSD-SA-26:43.tcp affects all supported releases
FreeBSD-SA-26:44.posixshm affects all supported releases
FreeBSD-SA-26:45.audit affects all supported releases
FreeBSD-SA-26:46.ktls affects all supported releases
FreeBSD-SA-26:47.linux affects 14.3R, 14.4R and 15.0R
FreeBSD-SA-26:48.compat32 affects 14.3R, 14.4R and 15.0R
FreeBSD-SA-26:49.iconv affects all supported releases
pkgconf: match the update to version 2.9.93
This update brings spdxtool(1), with the ability to generate software
bill of material files (SBOM) in the SPDX 3.0.1 format (JSON-LD).
Reviewed by: markj
Approved by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57953
asmc: try PIO before MMIO to avoid false T2 detection
Add hw.asmc.system-state and hw.asmc.board-id read-only sysctls to
expose the T2 system state register and Mac board identifier via SMC.
Try PIO access before MMIO during probe to prevent false T2 detection
on Macs that happen to have something mapped at the T2 BAR address.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D57844
net80211: fix CCMP/GCMP AAD for MFP frames
Update ieee80211_crypto_init_aad() to do what 802.11-2020 says -
only mask fc[0] bits 4-6 on data frames, not on management frames.
This (with other diffs to actually negotiate MFP and configure
ath(4) for MFP + software keys) allows the CCMP path to decrypt
CCMP MFP frames in the software path.
Differential Revision: https://reviews.freebsd.org/D57799