FreeBSD/src 8f14ea4sys/kern kern_jail.c

jail: clean up locking around do_jail_attach

jail_attach_jd passed PD_DEREF to do_jail_attach, assuming it would take
care of freeing the held prison. This is not true, as do_jail_attach
immediately cleared that flag, leaving the jail stock in dying state
when it is later removed.

Reported by:    markj
Reviewed by:    markj
Differential Revision:  <https://reviews.freebsd.org/D57674>

(cherry picked from commit 3584cde63e416d150214192721cead4b735ca0b5)
DeltaFile
+45-30sys/kern/kern_jail.c
+45-301 files

FreeBSD/src e4f3ab1contrib/pf/pflogd pflogd.c, libexec/rc/rc.d pflog

pflog: create bpf tapping points without ifnet(9)

Just as was done for ipfw's log device stop creating entire struct
ifnet's for pflog devices. Create only a bpf_t.

This does mean we lose the create/destroy infrastructure provided by the
clone interface. Rather than implement this ourselves we allow users to
configure the number of pflog interfaces using the net.pflog.if_count
sysctl. We default to 8 devices, but allow up to 256.

The /etc/rc.d/pflog script will create extra devices as required.

While it was possible to rename pflog devices pfctl expected the pflogX
name, so it's safe to assume users never did this.

Requested by:   glebius
Reviewed by:    glebius
Sponsored by:   Rubicon Communications, LLC ("Netgate")
Differential Revision:  https://reviews.freebsd.org/D57851
DeltaFile
+82-128sys/netpfil/pf/if_pflog.c
+36-0tests/sys/netpfil/pf/pflog.sh
+12-14share/man/man4/pflog.4
+9-17contrib/pf/pflogd/pflogd.c
+5-17libexec/rc/rc.d/pflog
+5-0sbin/ifconfig/ifclone.c
+149-1762 files not shown
+153-1788 files

FreeBSD/src be23edcsys/netinet/tcp_stacks rack_bbr_common.c

rack_bbr_common: don't use stale pointer after m_pullup()

Reviewed by:            tuexen
MFC after:              1 week
Differential Revision:  https://reviews.freebsd.org/D57816
DeltaFile
+2-2sys/netinet/tcp_stacks/rack_bbr_common.c
+2-21 files

FreeBSD/src d6c4ceashare/man/man4 lo.4, sys/net if_loop.c

loopback: improve checksum offloading

* Allow disabling IFCAP_RXCSUM_IPV6 or IFCAP_TXCSUM_IPV6.
* Do not pretend the checksum is correct by setting the LO_CSUM_SET
  flags if IFCAP_RXCSUM_IPV6 or IFCAP_RXCSUM is enabled. Instead,
  remove the LO_CSUM_SET flags (in case they have been set somehow)
  if IFCAP_RXCSUM_IPV6 or IFCAP_RXCSUM is disabled.
* Do not unset the transmit checksum offload flags LO_CSUM_FEATURES or
  LO_CSUM_FEATURES6 since they now have a meaning for the receive path.

Reviewed by:            glebius, pouria, tuexen
Okayed by:              bz
MFC after:              1 week
Differential Revision:  https://reviews.freebsd.org/D57518
DeltaFile
+6-36sys/net/if_loop.c
+10-13share/man/man4/lo.4
+16-492 files

FreeBSD/src 07b5d1csys/dev/virtio/pci virtio_pci_modern.c

virtio_pci_modern: Remove endianness conversion for config space

The bus_* functions already handle converting from PCI endianness
(i.e. little-endian) to native endianness when accessing the config
space (see ofw_pcib_bus_get_bus_tag), so converting again with
virtio_htogX/virtio_gtohX undoes any byte-swapping and breaks
big-endian systems. They should only be used for operating on shared
memory.
Note part of this reverts commit fb53b42e36a9 ("virtio-modern: fix PCI
common read/write functions on big endian targets").

PR:                     294706
Reviewed by:            adrian, tuexen
Fixes:                  fb53b42e36a9 ("virtio-modern: fix PCI common read/write functions on big endian targets")
Fixes:                  9da9560c4dd3 ("virtio: Add VirtIO PCI modern (V1) support")
MFC after:              1 week
Differential Revision:  https://reviews.freebsd.org/D57392
DeltaFile
+10-17sys/dev/virtio/pci/virtio_pci_modern.c
+10-171 files

FreeBSD/src d4e539busr.sbin/adduser adduser.sh

adduser: Normalize supplemental groups

Rather than insist on a space-separated list, normalize the input so
that any number of spaces, commas, colons, or semicolons are accepted.

Reviewed by:    bcr
Differential Revision:  https://reviews.freebsd.org/D57774

(cherry picked from commit 65fba082f44cb9451d2b12bcd99c3287d0a47acc)
DeltaFile
+1-1usr.sbin/adduser/adduser.sh
+1-11 files

FreeBSD/src 10ae3fclibexec/rc rc.subr, libexec/rc/rc.d kld ntpd

rc: Improve load_kld

* Centralize the usage message.

* Document and enforce that -e and -m are mutually exclusive; previously,
  speficying both would result in only -e being applied.

* If -e was not specified, and -m was not specified or did not match,
  fall back to `kldstat -n file` which will always work for modules that
  aren't built into the kernel.

This means the kld and ntpd scripts can now rely on load_kld to dtrt.

MFC after:      1 week
Reviewed by:    imp
Differential Revision:  https://reviews.freebsd.org/D57706

(cherry picked from commit a95d324dd3107afcbc16767d183acca7a57ebca9)
DeltaFile
+14-13libexec/rc/rc.subr
+4-2libexec/rc/rc.d/kld
+1-1libexec/rc/rc.d/ntpd
+19-163 files

FreeBSD/src 19cba66libexec/rc/rc.d linux bthidd

rc: Fix improper use of load_kld

Fix scripts that needlessly used -e when the simpler -m would work, or
that used -m when the module and file name are the same, or, in one
particularly egregious case, used -m with the wrong name when using
nothing at all would have worked just fine.

MFC after:      1 week
Reviewed by:    imp
Differential Revision:  https://reviews.freebsd.org/D57705

(cherry picked from commit cfe1962a19259fea8f51673f4da6c96656776486)
DeltaFile
+4-4libexec/rc/rc.d/linux
+3-3libexec/rc/rc.d/bthidd
+1-1libexec/rc/rc.d/mountcritremote
+1-1libexec/rc/rc.d/cfumass
+9-94 files

FreeBSD/src efd3996libexec/rc/rc.d devmatch

rc: Make devmatch use load_kld

The default behavior of load_kld is now robust enough for devmatch.
Switching means settings from /etc/sysctl.kld.d are now properly applied
when the corresponding modules are loaded by devmatch.

While here, reduce the amount of output produced by devmatch from one
line per module to a single line.

MFC after:      1 week
Reviewed by:    imp
Differential Revision:  https://reviews.freebsd.org/D57707

(cherry picked from commit b9f616d031566e94e6967a2c533b8aa7f36123b9)
DeltaFile
+4-2libexec/rc/rc.d/devmatch
+4-21 files

FreeBSD/src 59573a0usr.sbin/adduser adduser.sh

adduser: Normalize supplemental groups

Rather than insist on a space-separated list, normalize the input so
that any number of spaces, commas, colons, or semicolons are accepted.

Reviewed by:    bcr
Differential Revision:  https://reviews.freebsd.org/D57774

(cherry picked from commit 65fba082f44cb9451d2b12bcd99c3287d0a47acc)
DeltaFile
+1-1usr.sbin/adduser/adduser.sh
+1-11 files

FreeBSD/src d67aa8blibexec/rc/rc.d devmatch

rc: Make devmatch use load_kld

The default behavior of load_kld is now robust enough for devmatch.
Switching means settings from /etc/sysctl.kld.d are now properly applied
when the corresponding modules are loaded by devmatch.

While here, reduce the amount of output produced by devmatch from one
line per module to a single line.

MFC after:      1 week
Reviewed by:    imp
Differential Revision:  https://reviews.freebsd.org/D57707

(cherry picked from commit b9f616d031566e94e6967a2c533b8aa7f36123b9)
DeltaFile
+4-2libexec/rc/rc.d/devmatch
+4-21 files

FreeBSD/src 8f59fdblibexec/rc/rc.d linux bthidd

rc: Fix improper use of load_kld

Fix scripts that needlessly used -e when the simpler -m would work, or
that used -m when the module and file name are the same, or, in one
particularly egregious case, used -m with the wrong name when using
nothing at all would have worked just fine.

MFC after:      1 week
Reviewed by:    imp
Differential Revision:  https://reviews.freebsd.org/D57705

(cherry picked from commit cfe1962a19259fea8f51673f4da6c96656776486)
DeltaFile
+4-4libexec/rc/rc.d/linux
+3-3libexec/rc/rc.d/bthidd
+1-1libexec/rc/rc.d/cfumass
+1-1libexec/rc/rc.d/mountcritremote
+9-94 files

FreeBSD/src 2baf97flibexec/rc rc.subr, libexec/rc/rc.d kld ntpd

rc: Improve load_kld

* Centralize the usage message.

* Document and enforce that -e and -m are mutually exclusive; previously,
  speficying both would result in only -e being applied.

* If -e was not specified, and -m was not specified or did not match,
  fall back to `kldstat -n file` which will always work for modules that
  aren't built into the kernel.

This means the kld and ntpd scripts can now rely on load_kld to dtrt.

MFC after:      1 week
Reviewed by:    imp
Differential Revision:  https://reviews.freebsd.org/D57706

(cherry picked from commit a95d324dd3107afcbc16767d183acca7a57ebca9)
DeltaFile
+14-13libexec/rc/rc.subr
+4-2libexec/rc/rc.d/kld
+1-1libexec/rc/rc.d/ntpd
+19-163 files

FreeBSD/src 62551aeusr.sbin/iostat iostat.8

iostat.8: Expand -w description

PR:             194781
MFC after:      3 days
Reviewed by:    ziaee
Event:          Halifax Hackathon 202606

(cherry picked from commit 4d299a767acce2841ded288e789a9c36620b57d7)
DeltaFile
+6-1usr.sbin/iostat/iostat.8
+6-11 files

FreeBSD/src 1744efcshare/man/man4 tcp.4, sys/netinet tcp_fastopen.c

tcp.fastopen.client_enable: Fix documented default

The default value has been 1 since June 2018, but the docs were not
updated to reflect the change.

MFC after:      3 days
Reviewed by:    ziaee
Fixes:          af4da5865557 (Enable TCP_FASTOPEN by default)
Signed-off-by:  Matteo Riondato <matteo at FreeBSD.org>
Closes:         https://github.com/freebsd/freebsd-src/pull/2285

(cherry picked from commit 0bc852cc62afcd79fc776f784623c3f2b7691d27)
DeltaFile
+2-2share/man/man4/tcp.4
+1-1sys/netinet/tcp_fastopen.c
+3-32 files

FreeBSD/src fa550b2stand/man loader.efi.8

loader.efi.8: hw.uart.console is explained in uart

PR:             295944
MFC to:         15
MFC after:      3 days

(cherry picked from commit a641aa1c80f80e44cd9212b95e6584db9533712c)
DeltaFile
+2-3stand/man/loader.efi.8
+2-31 files

FreeBSD/src c19c83bsbin/mount_udf mount_udf.8

mount_udf.8: Alphabetize and align options

While here, remove "The following UDF specific options are available:".
It is unused and does not appear to have ever been used.

MFC after:      3 days

(cherry picked from commit 05f132adc530cd53203b9cd09d7e1b211d2babc4)
DeltaFile
+5-6sbin/mount_udf/mount_udf.8
+5-61 files

FreeBSD/src 4016f9dcontrib/mandoc mdoc.7

mdoc.7: Revert upstream changes to Lb/LIBRARY

Since this manual describes the mdoc syntax throughout the ecosystem,
I had to blend what we had before with what upstream is doing now.

Thanks:         adrian
MFC after:      3 days (we shipped this doc in 15.0/14.4)
Reviewed by:    ivy, mhorne, des, adrian
Discussed with: arch@
Differential Revision:  https://reviews.freebsd.org/D56153

(cherry picked from commit 4e2bf6e90a65bee317e4dd379e098ba2eb5d8c0d)
DeltaFile
+33-4contrib/mandoc/mdoc.7
+33-41 files

FreeBSD/src 9e6c043bin/ln symlink.7

symlink.7: Clean up markup and tag SPDX

Also unwind some parentheticals.

MFC after:      3 days

(cherry picked from commit e821152cc71dbd09f5bd28be86499165c553f3ae)
DeltaFile
+49-43bin/ln/symlink.7
+49-431 files

FreeBSD/src bb1154fsys/kern kern_exec.c

kern_exec.c: explicitly include sys/limits.h for UINT_MAX

(cherry picked from commit f5fce0bcc370a9700249e64901eabf2e0be4ecb0)
DeltaFile
+1-1sys/kern/kern_exec.c
+1-11 files

FreeBSD/src 34b95f5sys/kern kern_prot.c

sys_set*id(9): wait for the execblocks to pass

(cherry picked from commit d0384f50dad25d3358d76f7556969ea1d515ba68)
DeltaFile
+10-0sys/kern/kern_prot.c
+10-01 files

FreeBSD/src d7d5337sys/compat/linprocfs linprocfs.c, sys/fs/procfs procfs_map.c procfs_mem.c

procfs, linprocfs: ensure target process vmspace stability

(cherry picked from commit 5db31f1b47b586a5091eb41fc957236f28b78dba)
DeltaFile
+7-10sys/fs/procfs/procfs_map.c
+5-11sys/compat/linprocfs/linprocfs.c
+1-5sys/fs/procfs/procfs_mem.c
+13-263 files

FreeBSD/src ec0d7d0sys/fs/pseudofs pseudofs_vnops.c

pseudofs: ensure that the target process vmspace is stable for VOP_READ/WRITE

(cherry picked from commit a4993bac41350e85bc9affb862d2974a1a09bb5e)
DeltaFile
+41-18sys/fs/pseudofs/pseudofs_vnops.c
+41-181 files

FreeBSD/src caa2e5csys/fs/pseudofs pseudofs_vnops.c

pfs_readdir(): block the target process from execing

(cherry picked from commit 4c0a0909f928baac982b7de4bfa5b5ca7de5291a)
DeltaFile
+9-1sys/fs/pseudofs/pseudofs_vnops.c
+9-11 files

FreeBSD/src 23ebf0csys/kern kern_procctl.c

kern_procctl(PROC_WX_MAPPINGS_PERMIT): ensure stability of the target vmspace

(cherry picked from commit 6a572920f251ac8ac6a80a55d4d039736ea7dd65)
DeltaFile
+14-9sys/kern/kern_procctl.c
+14-91 files

FreeBSD/src a11c4f0sys/compat/linux linux_misc.c

linux_prlimit(): block execve for the target

(cherry picked from commit e41c28e67fac9cd22a85b160c5c9d0477ed03600)
DeltaFile
+15-0sys/compat/linux/linux_misc.c
+15-01 files

FreeBSD/src 190d667sys/kern kern_resource.c

kern_resource.c: disallow execve around sysctl kern.proc.rlimitusage

(cherry picked from commit 836749817036b90b60af0584fa21f2d9dbd60ff7)
DeltaFile
+19-8sys/kern/kern_resource.c
+19-81 files

FreeBSD/src 35b95besys/kern kern_proc.c

kern_proc.c: disallow execve around sysctl kern.proc.rlimit

(cherry picked from commit 5a91fa5a7656c99e527fe7e6f6bf6bd9e85ab589)
DeltaFile
+16-10sys/kern/kern_proc.c
+16-101 files

FreeBSD/src adb1479sys/kern kern_event.c

kern_event: block the target process from execing for sysctl kern.proc.kqueue

(cherry picked from commit 79b384bd8fdff4869ce4799edb0342ff5c25b6fa)
DeltaFile
+17-5sys/kern/kern_event.c
+17-51 files

FreeBSD/src 197f367sys/kern kern_proc.c

kern_proc.c: disallow execve around sysctl kern.proc.kstacks

(cherry picked from commit 8b5abd9027b8b1f6290c756730ee3adebed007f4)
DeltaFile
+16-12sys/kern/kern_proc.c
+16-121 files