FreeBSD/src dbd1e32usr.sbin/bsdinstall/scripts auto jail

bsdinstall: Tweak pkgbase/dist set labels

Have the button labels refer to the artifact type directly (distribution
sets / packages), and use "Tech Preview" as packaged base is no longer
experimental.

Reviewed by:    ivy, cperciva
Sponsored by:   The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52999

(cherry picked from commit abd9424590ba37ac10e92723ad6428f0448024c1)
DeltaFile
+2-2usr.sbin/bsdinstall/scripts/auto
+2-2usr.sbin/bsdinstall/scripts/jail
+4-42 files

FreeBSD/src eb895ad. .cirrus.yml

Revert ".cirrus.yml: Reenable CI with pre-commit CI scripts"

This reverts commit 676d64ee8327851063d92d0dd6a4ceee6b3a25e6.

These tests take a combined 3h to run and are consuming our montly
Cirrus-CI credits in short order, before failing.

In the PR markj reports that the failure appeared somewhere between:

good: da64f6e047b5f6cd9b9e8450d19072cb0b6e44d0
bad:  b197d2abcb6895d78bc9df8404e374397aa44748

Unfortunately, even after we find the offending commit and have a fix we
still do not have sufficient monthly compute credit.  Disable these
tests for now, pending a solution to both issues.

PR:             289696
Reviewed by:    ngie
Differential Revision: https://reviews.freebsd.org/D52618

    [2 lines not shown]
DeltaFile
+2-0.cirrus.yml
+2-01 files

FreeBSD/src d1bd541tests/sys/fs/fusefs bad_server.cc

fusefs: fix intermittency in the BadServer.ShortWrite test

This test implicitly depended on the order in which two threads
completed.  If the test thread finished first, the test would pass.  But
if the mock file system thread did, it would attempt to read from an
unmounted file system, and fail.  As a result, the test would randomly
fail once out of every several thousand executions.  Fix it by telling
the mock file system's event loop to exit without attempting to read any
more events.

Reported by:    Siva Mahadevan <me at svmhdvn.name>
MFC after:      1 week
Reviewed by:    Siva Mahadevan <me at svmhdvn.name>
Differential Revision: https://reviews.freebsd.org/D53080
DeltaFile
+5-0tests/sys/fs/fusefs/bad_server.cc
+5-01 files

FreeBSD/src d06e31dlib/msun/src e_remainder.c

libm: remainder: make sure x is zero

Make sure the entirety of x is zero before flipping the sign bit.
Otherwise the sign would be wrong for small values of x when x is
negative and |n*y| > |x|

Reported by:    alfredo
PR:             251091
Reviewed by:    kargl
MFC after:      3 days
Differential Revision: https://reviews.freebsd.org/D53023

(cherry picked from commit 25cca51ed294890d20a3c0290814cd26875db686)
DeltaFile
+2-2lib/msun/src/e_remainder.c
+2-21 files

FreeBSD/src 439909clib/msun/src e_remainder.c

libm: remainder: make sure x is zero

Make sure the entirety of x is zero before flipping the sign bit.
Otherwise the sign would be wrong for small values of x when x is
negative and |n*y| > |x|

Reported by:    alfredo
PR:             251091
Reviewed by:    kargl
MFC after:      3 days
Differential Revision: https://reviews.freebsd.org/D53023

(cherry picked from commit 25cca51ed294890d20a3c0290814cd26875db686)
DeltaFile
+2-2lib/msun/src/e_remainder.c
+2-21 files

FreeBSD/src 583e976lib/msun/src e_remainder.c

libm: remainder: make sure x is zero

Make sure the entirety of x is zero before flipping the sign bit.
Otherwise the sign would be wrong for small values of x when x is
negative and |n*y| > |x|

Reported by:    alfredo
PR:             251091
Reviewed by:    kargl
MFC after:      3 days
Differential Revision: https://reviews.freebsd.org/D53023

(cherry picked from commit 25cca51ed294890d20a3c0290814cd26875db686)
DeltaFile
+2-2lib/msun/src/e_remainder.c
+2-21 files

FreeBSD/src 7117c86sys/kern kern_exec.c

exec: Check for errors when mapping the shared object

In the non-ASLR case, there is no check for an error from
vm_map_fixed().  Restore it, it was dropped in commit 939f0b6323e0a.
This bug could result in a refcount leak of the object used to map the
VDSO page.

Reviewed by:    kib
Reported by:    Ilja Van Sprundel <ivansprundel at ioactive.com>
MFC after:      1 week
Fixes:  939f0b6323e0 ("Implement shared page address randomization")
Differential Revision:  https://reviews.freebsd.org/D53065
DeltaFile
+1-1sys/kern/kern_exec.c
+1-11 files

FreeBSD/src 2df39cesys/netpfil/ipfw ip_fw_nat.c

ipfw: Check for errors from sooptcopyin() and sooptcopyout()

Note, it looks like this code may be unused since commit 4a77657cbc01
("ipfw: migrate ipfw to 32-bit size rule numbers").  In particular, it
looks like the ipfw_nat_*_ptr pointers are unused now.

Reviewed by:    ae
MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D53068
DeltaFile
+7-5sys/netpfil/ipfw/ip_fw_nat.c
+7-51 files

FreeBSD/src ec8e07eusr.sbin/certctl certctl.8

certctl.8: Update documentation of BUNDLE

- Fix a typo.
- Provide the default path.

Reviewed by:    des
MFC after:      3 days
Differential Revision:  https://reviews.freebsd.org/D53001
DeltaFile
+4-2usr.sbin/certctl/certctl.8
+4-21 files

FreeBSD/src 8033663sys/amd64/amd64 elf_machdep.c, sys/amd64/linux linux_sysvec.c

imgact: Mark brandinfo and note structures as const

No functional change intended.

Reviewed by:    olce, kib, emaste
MFC after:      2 weeks
Differential Revision:  https://reviews.freebsd.org/D53062
DeltaFile
+14-14sys/kern/imgact_elf.c
+9-15sys/compat/ia32/ia32_sysvec.c
+6-8sys/amd64/amd64/elf_machdep.c
+6-6sys/amd64/linux32/linux32_sysvec.c
+6-6sys/amd64/linux/linux_sysvec.c
+5-5sys/arm64/linux/linux_sysvec.c
+46-545 files not shown
+56-6511 files

FreeBSD/src 2110ae0sys/rpc svc_auth_unix.c

sys/rpc: UNIX auth: Do not log on bogus AUTH_SYS messages

Remove the printf() stances added in commit d4cc791f3b2e ("sys/rpc: UNIX
auth: Fix OOB reads on too short message").

Even if it can be helpful to know why an authentication message is
rejected, printing explanatory messages on each request attempt is
a remote log filler that could be triggered by accident, and the generic
RPC code generally does not do that.  These printf() calls should be
restored only after some limiting or configuration mechanism is devised.

MFC with:       d4cc791f3b2e ("sys/rpc: UNIX auth: Fix OOB reads on too short message")
Sponsored by:   The FreeBSD Foundation
DeltaFile
+3-17sys/rpc/svc_auth_unix.c
+3-171 files

FreeBSD/src a4105a5sys/rpc authunix_prot.c svc_auth_unix.c

sys/rpc: UNIX auth: Style: Remove unnecessary headers, minor changes

MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
DeltaFile
+3-7sys/rpc/authunix_prot.c
+1-3sys/rpc/svc_auth_unix.c
+4-102 files

FreeBSD/src 4ae70c3sys/rpc authunix_prot.c

sys/rpc: UNIX auth: Support XDR_FREE

xdr_authunix_parms() does not allocate any auxiliary memory, so we can
simply support XDR_FREE by just returning TRUE.

Although there are currently no callers passing XDR_FREE, this makes us
immune to such a change in a way that doesn't cost more but is more
constructive than a mere KASSERT().

Suggested by:   rmacklem
MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
DeltaFile
+4-0sys/rpc/authunix_prot.c
+4-01 files

FreeBSD/src d4cc791sys/rpc svc_auth_unix.c

sys/rpc: UNIX auth: Fix OOB reads on too short message

In the inline version (_svcauth_unix()), fix multiple possible OOB reads
when the credentials part of a request is too short to contain mandatory
fields or with respect to the hostname length or number of groups it
advertises.  The previously existing check was arriving too late and
relied on possibly wrong data coming from earlier OOB reads.

While here, use 'uint32_t' as the length/size type, as it is more than
enough and removes the need for conversions, explicit or implicit.
While here, factor out setting 'stat' to AUTH_BADCRED and then jumping
to 'done' on error, through the new 'badcred' label.  While here,
through comments, refer to what the non-inline version is doing
(xdr_authunix_parms() in 'authunix_prot.c') and the reasons.

Reviewed by:    rmacklem
Fixes:          dfdcada31e79 ("Add the new kernel-mode NFS Lock Manager.")
MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52964
DeltaFile
+61-40sys/rpc/svc_auth_unix.c
+61-401 files

FreeBSD/src e665c0fsys/rpc svc_auth_unix.c

sys/rpc: UNIX auth: Use AUTH_SYS_MAX_{GROUPS,HOSTNAME} as limits (2/2)

Remove local defines from 'svc_auth_unix.c' and use the new limit
macros instead.

Reviewed by:    rmacklem
MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52963
DeltaFile
+2-5sys/rpc/svc_auth_unix.c
+2-51 files

FreeBSD/src 47e9c81sys/rpc authunix_prot.c

sys/rpc: UNIX auth: Fix OOB accesses, notably writes on decode

When the received authentication message had more than XU_NGROUPS, we
would write group IDs beyond the end of cr_groups[] in the 'struct
xucred' being filled (as 'ngroups_max' is always greater than
XU_NGROUPS).

For robustness, prevent various OOB accesses that would result from
a change of value of XU_NGROUPS or a 'struct xucred' with an invalid
'cr_ngroups' field, even if these cases are unlikely.

Reviewed by:    rmacklem
Fixes:          dfdcada31e79 ("Add the new kernel-mode NFS Lock Manager.")
MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52960
DeltaFile
+21-19sys/rpc/authunix_prot.c
+21-191 files

FreeBSD/src f7c4f80sys/rpc auth.h

sys/rpc: Define AUTH_SYS_MAX_{GROUPS,HOSTNAME}

As, respectively, the maximum number of "supplementary" groups and the
maximum hostname size allowed in the credentials structure for AUTH_SYS
(aka, AUTH_UNIX).

Will be used in subsequent commits.

Reviewed by:    rmacklem
MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52961
DeltaFile
+4-0sys/rpc/auth.h
+4-01 files

FreeBSD/src b119ef0sys/rpc authunix_prot.c

sys/rpc: UNIX auth: Use AUTH_SYS_MAX_{GROUPS,HOSTNAME} as limits (1/2)

Consistently with the XDR_INLINE() variant of xdr_authunix_parms()
(_svcauth_unix() in 'svc_auth_unix.c'), reject messages with credentials
having a machine name length in excess of AUTH_SYS_MAX_HOSTNAME or more
than AUTH_SYS_MAX_GROUPS supplementary groups, which do not conform to
RFC 5531.  This is done mainly because we cannot store excess groups
anyway, even if at odds with the robustness principle ("be liberal in
what you accept").

While here, make sure the current code is immune to AUTH_SYS_MAX_GROUPS
changing value (in future RFCs?) even if that seems improbable.

Reviewed by:    rmacklem
Fixes:          dfdcada31e79 ("Add the new kernel-mode NFS Lock Manager.")
MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
Differential Revision:  https://reviews.freebsd.org/D52962
DeltaFile
+23-10sys/rpc/authunix_prot.c
+23-101 files

FreeBSD/src bda3b61sys/rpc authunix_prot.c svc_auth_unix.c

sys/rpc: UNIX auth: Rename 'ngroups' => 'supp_ngroups' for clarity

MFC after:      2 days
Sponsored by:   The FreeBSD Foundation
DeltaFile
+8-8sys/rpc/authunix_prot.c
+8-8sys/rpc/svc_auth_unix.c
+16-162 files

FreeBSD/src af30e8dsys/fs/fuse fuse_vnops.c

fuse_flush: Reuse the struct mount *mp variable

Approved by: asomers
Differential Revision: https://reviews.freebsd.org/D53082
DeltaFile
+2-2sys/fs/fuse/fuse_vnops.c
+2-21 files

FreeBSD/src dfd822bsbin/ipfw tables.c

ipfw: do not use errno value for error reporting

table_do_modify_record() already uses errno value on error.
Also this fixes problem when `ipfw table add` returns ENOTTY that
is unrelated to operation.

Tested by:      dhw
Fixes:          09025a714708
MFC after:      3 days
Differential Revision:  https://reviews.freebsd.org/D53050
DeltaFile
+0-3sbin/ipfw/tables.c
+0-31 files

FreeBSD/src bf591dd. UPDATING

blocklist: Add an UPDATING entry

Add an UPDATING entry about the renaming of blocklist.

Approved by:    re (cperciva)
Approved by:    emaste (mentor)
Fixes:  7238317403b9 ("blocklist: Rename blacklist to blocklist")
MFC after:      1 day

(cherry picked from commit ffa8165009365ff93050626d880f2d1d6aacc31a)
(cherry picked from commit f22ca25404e795aa08efc35d8cdbb5b44304650f)
DeltaFile
+6-0UPDATING
+6-01 files

FreeBSD/src 621d4b1contrib/blocklist/bin blacklistd.8 blacklistd.conf.5, contrib/blocklist/lib libblacklist.3

blacklist: Avoid duplicate manual pages in METALOG

Previously, blacklist man pages were just a symlink to their blocklist
counterpart, this in turn installed blocklist man pages twice, and
resulted in a duplicate error when running metalog_reader.lua -c.

Take advantage of the duplication to document nuances in blacklist, such
as the fact that it uses the new database and socket name (blocklist).
Also, note that it has been renamed to blocklist.  In the future, it
will help to document its deprecation.

Approved by:    re (cperciva)
Approved by:    emaste (mentor)
Fixes:  7238317403b9 ("blocklist: Rename blacklist to blocklist")
MFC after:      2 days

(cherry picked from commit c6240045536548c22ce40d9ef36c1dc52abcfc9c)
(cherry picked from commit f935c0f66f75e882185ed8bc46f39054f2ced4e1)
DeltaFile
+308-0contrib/blocklist/bin/blacklistd.8
+242-0contrib/blocklist/bin/blacklistd.conf.5
+188-0contrib/blocklist/lib/libblacklist.3
+136-0contrib/blocklist/bin/blacklistctl.8
+7-8lib/libblacklist/Makefile
+1-3usr.sbin/blacklistd/Makefile
+882-111 files not shown
+883-137 files

FreeBSD/src f315a35contrib/blocklist/libexec blocklistd-helper, libexec/blocklistd-helper blacklistd-helper

blocklist-helper: Silence a bogus pf warning

Silence a bogus warning about (an ethernet) anchor not being found.

It has been reported as PR 280516.  In the meantime, just sweep under
the carpet.

Approved by:    re (cperciva)
Approved by:    emaste (mentor)
MFC after:      2 days

(cherry picked from commit 2347ca21d657121670e6e7246c6ac32efc996cac)
(cherry picked from commit ba5768504bee39191754fc1aece3927c8936f27c)
DeltaFile
+1-1contrib/blocklist/libexec/blocklistd-helper
+1-1libexec/blocklistd-helper/blacklistd-helper
+2-22 files

FreeBSD/src 2b6eb65contrib/blocklist/bin blacklistd.c blacklistctl.c, contrib/blocklist/lib old_bl.c blacklist.c

blocklist: Rename blacklist to blocklist

Follow up upstream rename from blacklist to blocklist.

- Old names and rc scripts are still valid, but emitting an ugly warning
- Old firewall rules and anchor names should work, but emitting an ugly
  warning
- Old MK_BLACKLIST* knobs are wired to the new ones

Although care has been taken not to break current configurations, this
is a large patch containing mostly duplicated code.  If issues arise, it
will be swiftly reverted.

Approved by:    re (cperciva)
Reviewed by:    ivy (pkgbase)
Approved by:    emaste (mentor)
MFC after:      2 days
Relnotes:       yes


    [2 lines not shown]
DeltaFile
+592-0contrib/blocklist/bin/blacklistd.c
+554-0contrib/blocklist/lib/old_bl.c
+293-0libexec/blocklistd-helper/blacklistd-helper
+170-0contrib/blocklist/bin/blacklistctl.c
+117-0contrib/blocklist/lib/blacklist.c
+97-0crypto/openssh/blocklist.c
+1,823-060 files not shown
+2,570-28866 files

FreeBSD/src 803c373contrib/blocklist/bin blocklistd.c, contrib/blocklist/lib libblocklist.3

blocklist: Revert upstream commit ddf6d71

Upstream commit ddf6d71 ("implement BLOCKLIST_BAD_USER as a "one-count"
failure") introduced BLOCKLIST_BAD_USER with a one-count failure
mechanism.  BLOCKLIST_AUTH_FAIL was implemented with a two-count failure
mechanism.  Since we have been utilizing BLOCKLIST_AUTH_FAIL, the number
of failed attempts now doubles towards the maximum limit (nfails),
giving system administrators the impression that the number of failed
authentication attempts is inaccurate.

Revert this commit until a consensus has been reached.  We do not want
to introduce yet another breaking change with the renaming of the
library.

Approved by:    re (cperciva)
Approved by:    emaste (mentor)
MFC after:      2 days

(cherry picked from commit 4d56eb007b18881becb2107f87bd2a7edca3e6bf)
(cherry picked from commit a719ef67e8ed2cbae5f397d2a4680a02495b79ab)
DeltaFile
+19-13contrib/blocklist/lib/libblocklist.3
+9-9contrib/blocklist/bin/blocklistd.c
+28-222 files

FreeBSD/src e2dcc9fcontrib/blocklist/bin blocklistd.c blacklistd.c, contrib/blocklist/libexec blocklistd-helper

MFV: Import blocklist 2025-04-28 (8aa81bf)

Merge commit '70f30afd4e9af5a51ee324d97e4d8c5f2124ec15'

Breaking changes:

- Upstream commit 24932b6 ("blocklistd: log the conf file line number
  with bad protocol errors") breaks backward database compatibility.
  An error will be displayed:
      Key size mismatch 296 != 288
  A new and compatible database, with the new name, will be created when the
  service starts (committed separately).

- Upstream commit ddf6d71 ("implement BLOCKLIST_BAD_USER as a
  "one-count" failure") introduced BLOCKLIST_BAD_USER with a one-count
  failure mechanism.  BLOCKLIST_AUTH_FAIL was implemented with a
  two-count failure mechanism.  Since we utilize BLOCKLIST_AUTH_FAIL, the
  number of failed attempts now doubles towards the maximum limit
  (nfails).  This commit will be reverted separately.

    [12 lines not shown]
DeltaFile
+592-0contrib/blocklist/bin/blocklistd.c
+0-576contrib/blocklist/bin/blacklistd.c
+303-0contrib/blocklist/bin/blocklistd.8
+0-284contrib/blocklist/bin/blacklistd.8
+272-0contrib/blocklist/libexec/blocklistd-helper
+237-0contrib/blocklist/bin/blocklistd.conf.5
+1,404-86062 files not shown
+2,833-2,12768 files

FreeBSD/src 6908a35release/tools ec2-builder.conf ec2-small.conf

EC2: Fix additional files on small+builder AMIs

The file /usr/local/etc/ssl/cert.pem is not present on "small" and
"builder" AMIs, so we don't need to add it to METALOG.

Approved by:    re (cperciva)
Fixes:  2b0ffc0ee48c ("EC2: metalog_add missing files from packages")
MFC after:      3 days
Sponsored by:   https://www.patreon.com/cperciva

(cherry picked from commit 8a7ac88aa3991e8c2c19007ac0c36a92fc94bc2d)
(cherry picked from commit e9010214e9bebbe6155c9f720551008a785b692c)
DeltaFile
+0-1release/tools/ec2-builder.conf
+0-1release/tools/ec2-small.conf
+0-22 files

FreeBSD/src e901021release/tools ec2-builder.conf ec2-small.conf

EC2: Fix additional files on small+builder AMIs

The file /usr/local/etc/ssl/cert.pem is not present on "small" and
"builder" AMIs, so we don't need to add it to METALOG.

Fixes:  2b0ffc0ee48c ("EC2: metalog_add missing files from packages")
MFC after:      3 days
Sponsored by:   https://www.patreon.com/cperciva

(cherry picked from commit 8a7ac88aa3991e8c2c19007ac0c36a92fc94bc2d)
DeltaFile
+0-1release/tools/ec2-builder.conf
+0-1release/tools/ec2-small.conf
+0-22 files

FreeBSD/src 3c9a2f3sbin/ping/tests Makefile

Ping: Make build reproducible

As recently fixed in sockstat (9934558460e4), having tests/Makefile
include files from the parent directory with SRCS= ../foo.c results
in a race condition as the parent build and the tests build try to
produce the same object file but contain different paths.

Use .PATH to tell make to find sockstat.c in the parent directory
but place the object file in the current object directory.

Reviewed by:    emaste, jrtc27, kevans
MFC after:      3 days
Sponsored by:   https://www.patreon.com/cperciva
Differential Revision:  https://reviews.freebsd.org/D53075
DeltaFile
+2-1sbin/ping/tests/Makefile
+2-11 files