* VERSION (_MAKE_VERSION): 20240106
Merge with NetBSD make, pick up
o fix duplicate progname when reporting an unknown target
o unit tests for Cmd_Exec using temp file
* VERSION (_MAKE_VERSION): 20240105
Merge with NetBSD make, pick up
o main.c: Cmd_Exec write cmd to a file if too big
avoid blowing commandline/env limits
* VERSION (_MAKE_VERSION): 20240101
o util.c: flesh out more of strftime
* configure.in: add --with-bmake-strftime
it is not a full implementation but enough to pass all
the unit-tests.
* parse.c: LoadFile do not append \n to empty buffer.
* VERSION (_MAKE_VERSION): 20231230
Merge with NetBSD make, pick up
o simplify memory allocation for string buffers
o fix declared types of list nodes
o suff.c: clean up freeing of suffixes
o var.c: simplify debug message for the ':@var@...@' modifier
clean up variable handling
* VERSION (_MAKE_VERSION): 20231226
Merge with NetBSD make, pick up
o compat.c: ensure make's output is correctly ordered with that of
the target when not going to a tty
o main.c: check for shellPath whether to call Shell_Init()
* VERSION (_MAKE_VERSION): 20231224
Merge with NetBSD make, pick up
o compat.c: check for shellPath whether to call Shell_Init()
tweak the unit test to detect the bug thus fixed.
o make.1: do not claim .SHELL is only used by jobs mode.
* VERSION (_MAKE_VERSION): 20231220
Merge with NetBSD make, pick up
o str.c: speed up pattern matching in the ':M' modifier
o var.c: fix confusing debug logging when deleting a variable
use consistent debug messages style when ignoring variables
* VERSION (_MAKE_VERSION): 20231210
Merge with NetBSD make, pick up
o var.c: avoid segfault on empty :C match expression
explain in debug log why variable assignment is ignored.
* VERSION (_MAKE_VERSION): 20231208
Merge with NetBSD make, pick up
o var.c: ensure fromCmd is set correctly for variables set on
command line.
* VERSION (_MAKE_VERSION): 20231124
Merge with NetBSD make, pick up
o main.c: cleanup processing of -j
fix lint warning about strchr
o var.c: more accurate error message for invalid ':mtime' argument
cleanup :[...] modifier
avoid reading beyond substring when comparing
o unit-tests cover all cases of :mtime, test and explain exporting
of variables
o cleanup comments
* bsd.after-import.mk (ECHO_TAG): FreeBSD no longer uses
$FreeBSD$ tag, so avoid adding it.
Brooks Davis [Sat, 13 Jan 2024 00:00:24 +0000 (00:00 +0000)]
libc: stop exposing __fcntl_compat
It was exposed (under FBSDprivate_1.0) for forward compatability in
threading libraries in 2008 by commit cd7d66a21f1a. The last consumer
was removed in 2015 by commit 8495e8b1e9e1. I missed this among the _
and __sys_ symbols in commit e2417a21a025.
Mark Johnston [Tue, 10 Oct 2023 18:14:46 +0000 (14:14 -0400)]
sanitizers: Avoid building genassym.c and genoffset.c with sanitizers
Some, particularly KASAN, may insert redzones around global symbols,
resulting in incorrect offset definitions because genassym.sh (ab)uses
symbol sizes to assign semantic meaning.
(Ideally I would be able to define this pattern in one place, but I
haven't found a way to define a GENSYM_CFLAGS that actually works for
all of the consumers (kern.post.mk, kmod.mk, sys/conf/files*).)
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: Juniper Networks, Inc.
Mark Johnston [Fri, 12 Jan 2024 15:07:28 +0000 (10:07 -0500)]
systm: Relax __result_use_check annotations
When compiling with gcc, functions annotated this way can not have their
return values cast away, e.g., with `(void)copyout(...)`. clang permits
it but gcc does not. Since we have a number of such casts for calls
which copy data out of the kernel, and since failing to check for errors
when copying *in* is a much more severe bug, remove some of the
annotations in order to make the gcc build happy.
Reviewed by: kib
Reported by: Jenkins
Fixes: 8e36732e6eb5 ("systm: Annotate copyin() and related functions with __result_use_check")
Differential Revision: https://reviews.freebsd.org/D43418
Kyle Evans [Fri, 12 Jan 2024 19:57:53 +0000 (13:57 -0600)]
bhyveload(8): document some SECURITY CONSIDERATIONS
The situation is improved now that we're running in a sandbox, but there
is still some host machine access that could be concerning depending on
the context. These concerns may be somewhat mitigated by the fact that
the host machine usually provides the loader binary, even when the guest
image is providing the loader scripts -- they only bring the lua
scripts, and they have to be able to execute arbitrary syscalls rather
than the interfaces provided by libsa(3).
Warner Losh [Fri, 12 Jan 2024 19:07:28 +0000 (12:07 -0700)]
MAINTAINERS: Add myself for nvme entries, remove jimharris
Jim Harris no longer has a commit bit and has moved on from being the
FreeBSD nvme driver maintainer at Intel. I've been reviewing things
so I'll take that up.
Output a line as soon as it is possible to determine that it will have
to be output. For the basic case, this means output each line as it is
read unless it is identical to the previous one. For the -d case, it
means output the first instance as soon as the second is read, unless
the -c option was also given. The -D and -u cases were already fine.
Add test cases for interactive use with no options and with -d.
Cy Schubert [Fri, 12 Jan 2024 07:39:02 +0000 (23:39 -0800)]
Revert "kerberos: Fix numerous segfaults when using weak crypto"
This revision breaks Linux and MacOS cross builds because
TARGET_ENDIANNESS is not define during bootstrapping on these
platforms.
I think the correct approach would be to separate the new
fbsd_ossl_provider_load() and unload functions into their own
library (instead of libroken). This avoids the less desirable
option of including bsd.cpu.mk in secure/lib/Makefile.common,
which does build but could complicate future work.
Xin LI [Fri, 12 Jan 2024 05:38:04 +0000 (21:38 -0800)]
releng-gce: Advertise the availability of gVNIC support in GCE images.
This marks FreeBSD GCE images as gVNIC capable by adding the
--guest-os-features=GVNIC flag at creation time as suggested in GCE
documentation[1]. This allows Generation 3 and newer GCE instances
to leverage advanced networking capabilities and performance
enhancements provided by gVNIC. Users will benefit from these
improvements without needing to create custom images.
Commit cc760de2183f changed the internal interface between
the nfscommon and nfscl modules. As such, both need to be
rebuilt from sources. Therefore, bump __FreeBSD_version.
Rick Macklem [Fri, 12 Jan 2024 00:38:33 +0000 (16:38 -0800)]
nfscl: Only update atime for Copy when noatime is not specified
Commit 57ce37f9dcd0 modified the NFSv4.2 Copy operation so that
it will update atime on the infd file whenever possible.
This is done by adding a Setattr of TimeAccess for the
input file.
This patch disables this change for the case of an NFSv4.2
mount with the "noatime" mount option, which avoids the
additional Setattr of TimeAccess operation.
Mark Johnston [Thu, 11 Jan 2024 16:42:47 +0000 (11:42 -0500)]
conf: Do not set -fno-sanitize-memory-param-retval for old compilers
The option was introduced in LLVM 16.
Fixes: b6c653c97463 ("kmsan: Set -fno-sanitize-memory-param-retval for now")
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: Juniper Networks, Inc.
Brooks Davis [Thu, 11 Jan 2024 18:27:20 +0000 (18:27 +0000)]
libc: separate syscall and non-syscall symbols
Put declerations of _ and __sys_ prefixed stubs at the top and
everything else at the bottom. Sort the bottom list with sort(1).
This paves the way to generate the syscall symbol list.
Cy Schubert [Wed, 6 Dec 2023 15:30:05 +0000 (07:30 -0800)]
kerberos: Fix numerous segfaults when using weak crypto
Weak crypto is provided by the openssl legacy provider which is
not load by default. Load the legacy providers as needed.
When the legacy provider is loaded into the default context the default
provider will no longer be automatically loaded. Without the default
provider the various kerberos applicaions and functions will abort().
vnode_pager_generic_putpages(): correctly handle clean block at EOF
The loop 'skip clean blocks' checking for the clean blocks in the dirty
pages might end up setting the in_hole to true when exactly at EOF at
the middle of the block, without advancing the prev_offset value. Then
the next block is not dirty, and next_offset is clipped back to poffset
+ maxsize, equal to prev_offset, failing the assertion.
Instead of asserting prev_offset < next_offset, we must skip the write.
Gleb Smirnoff [Thu, 11 Jan 2024 04:51:53 +0000 (20:51 -0800)]
netlink: fix bug with socket buffer character counter underflow
Cover case when an nb that we are now reading in full had been partially
read by previous read(2) and now has positive offset. Throw couple
assertions that helped to catch that earlier.
Gleb Smirnoff [Thu, 11 Jan 2024 04:51:53 +0000 (20:51 -0800)]
netlink: avoid putting empty mbufs on the socket queue
When processing incoming Netlink messages in nl_process_nbuf() kernel
always allocates a writer with a buffer to put generated reply to.
However, certain messages aren't replied. That makes nlmsg_flush()
to put an empty buffer to the socket. Avoid doing that because avoiding
is much easier than dealing with empty buffers on the receiver side.
Gleb Smirnoff [Thu, 11 Jan 2024 04:51:53 +0000 (20:51 -0800)]
netlink: improve edge case when reading out truncated last nlmsg in nb
When there is not enough space for one full message we return it truncated.
This enters special block of code that previously may leave empty buffer
with offset == datalen in the queue. Avoid that, as dealing later with
empty buffers causes more pain than just avoiding them. While here add
missing msgrcv increment.
Warner Losh [Wed, 3 Jan 2024 23:18:23 +0000 (16:18 -0700)]
acpi/apm: Improve APM ioctl interface emulation
The apm(8) program documents certain states, but doesn't document the
'unknown' state. It reports things correctly for systems with a battery,
but incorrectly for systems without one. Emulate the old interface a
little better by saying ac power is online if we have no status (instead
of unknown), the battery has a high charge of 255% if there's no battery
(instead of -1). Programs, like emacs, expect to see only the documented
values and misbehave when they see something else.
This is closer to what would happen on old-school APM machines. Sadly
(or not) I have no access to old-school APM machines to 100% confirm
this, but reading the spec, old code and testing with emacs' mode line
with battery suggests these values are more correct. emacs has never
been converted to acpi_conf due to permissions issues with acpi devices.
Fixing the kernel is preferable to hacking apm(8) for these special
cases because other programs that use these interfaces will also be more
correct. The kernel also has more data with which to decide what to
return.
Domagoj Stolfa [Wed, 3 Jan 2024 14:58:01 +0000 (14:58 +0000)]
dtrace: Add the 'oformat' libdtrace option
This option can be used to specify a format to use in DTrace output.
The following formats are supported:
- json
- xml
- html
- none (default DTrace output)
This is implemented using libxo and integrated into libdtrace. Client
code only works with the following API:
- dtrace_oformat_setup(dtrace_hdl_t *) -- to be called when output is starting.
- dtrace_oformat_teardown(dtrace_hdl_t *) -- to be called when output is finished
- dtrace_oformat(dtrace_hdl_t *) -- check if oformat is enabled.
- dtrace_set_outfp(FILE *) -- sets the output file for oformat.
- Ensure that oformat is correctly checked in the drop handler and record
processing callbacks.
This commit also adds tests which check if the generated output is
valid (JSON, XML) and extends the dtrace(1) describing the structured output.
Reviewed by: markj
Discussed with: phil
MFC after: 2 months
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D41745
Emmanuel Vadot [Tue, 26 Dec 2023 17:58:15 +0000 (18:58 +0100)]
syscon: Move syscon code in dev/syscon
We've removed kernel option EXT_RESOURCES almost two years ago.
While it was ok to have some code under a common 'extres' subdirectory
at first, we now have a lot of consumer of it and we made it mandatory
so no need to have it under a cryptic name.
Emmanuel Vadot [Tue, 26 Dec 2023 17:56:52 +0000 (18:56 +0100)]
phy: Move phy code in dev/phy
We've removed kernel option EXT_RESOURCES almost two years ago.
While it was ok to have some code under a common 'extres' subdirectory
at first, we now have a lot of consumer of it and we made it mandatory
so no need to have it under a cryptic name.
Emmanuel Vadot [Tue, 26 Dec 2023 17:54:53 +0000 (18:54 +0100)]
regulator: Move regulator code in dev/regulator
We've removed kernel option EXT_RESOURCES almost two years ago.
While it was ok to have some code under a common 'extres' subdirectory
at first, we now have a lot of consumer of it and we made it mandatory
so no need to have it under a cryptic name.
Emmanuel Vadot [Tue, 26 Dec 2023 17:51:22 +0000 (18:51 +0100)]
nvmem: Move nvmem code in dev/nvmem
We've removed kernel option EXT_RESOURCES almost two years ago.
While it was ok to have some code under a common 'extres' subdirectory
at first, we now have a lot of consumer of it and we made it mandatory
so no need to have it under a cryptic name.
Emmanuel Vadot [Tue, 26 Dec 2023 17:49:19 +0000 (18:49 +0100)]
hwreset: Move reset code in dev/hwreset
We've removed kernel option EXT_RESOURCES almost two years ago.
While it was ok to have some code under a common 'extres' subdirectory
at first, we now have a lot of consumer of it and we made it mandatory
so no need to have it under a cryptic name.
Emmanuel Vadot [Tue, 26 Dec 2023 17:43:48 +0000 (18:43 +0100)]
clk: Move clock code in dev/clk
We've removed kernel option EXT_RESOURCES almost two years ago.
While it was ok to have some code under a common 'extres' subdirectory
at first, we now have a lot of consumer of it and we made it mandatory
so no need to have it under a cryptic name.
Emmanuel Vadot [Mon, 25 Dec 2023 19:01:52 +0000 (20:01 +0100)]
clk: Move allwinner driver into the common directory
No need to keep it under sys/arm/allwinner/clkng
It's easier to find which controller we support by looking under one directory.
It will also be shared with Allwinner RiscV SoC.
Emmanuel Vadot [Mon, 25 Dec 2023 18:21:52 +0000 (19:21 +0100)]
iicbus: Move rockchip driver into the common directory
No need to keep it under sys/arm64/rockchip
It's easier to find which controller we support by looking under one directory.
While here remove the condition on SOC option, device rk_i2c is enough as all
Rockchip SoC that we support have this controller.
Olivier Certner [Thu, 4 Jan 2024 17:45:52 +0000 (18:45 +0100)]
pthread_attr_get_np(): Use malloc(), report ENOMEM, don't tamper on error
Similarly as in the previous commit, using calloc() instead of malloc()
is useless here in the regular case since the subsequent call to
cpuset_getaffinify() is going to completely fill the allocated memory.
However, there is an additional complication. This function tries to
allocate memory to hold the cpuset if it previously wasn't, and does so
before the thread lock is acquired, which can fail on a bad thread ID.
In this case, it is necessary to deallocate the memory allocated in this
function so that the attributes object appears unmodified to the caller
when an error is returned. Without this, a subsequent call to
pthread_attr_getaffinity_np() would expose uninitialized memory (not
a security problem per se, since it comes from the same process) instead
of returning a full mask as it would before the failing call to
pthread_attr_get_np(). So the caller would be able to notice a change
in the state of the attributes object even if pthread_attr_get_np()
reported failure, which would be quite surprising. A similar problem
that could occur on failure of cpuset_setaffinity() has been fixed.
Finally, we shall always report memory allocation failure. This already
goes for pthread_attr_init(), so, if for nothing else, just be
consistent.
Reviewed by: emaste, kib
Approved by: emaste (mentor)
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D43329
Stefan Eßer [Thu, 4 Jan 2024 23:07:46 +0000 (00:07 +0100)]
vendor/bc: upgrade to version 6.7.5
This update fixes a bug that line breaks in printed numbers may not
match the line length set by the user. The value is printed correctly,
just not split as specified in some situations.
Michael Tuexen [Wed, 10 Jan 2024 07:33:09 +0000 (08:33 +0100)]
tcpsso: fix when used without -i option
Since fdb987bebddf it is not possible anymore to use inp_next
iterator for bound, but unconnected sockets. This applies
to TCP listening sockets. Therefore the metioned commit broke
tcpsso on listening sockets if the -i option was not used.
Fix this by iterating through all endpoints instead of only
through the bound, but unconnected ones.
Marius Strobl [Tue, 9 Jan 2024 22:01:46 +0000 (23:01 +0100)]
igb(4): Remove disconnected SYSCTL
The global hw.igb.rx_process_limit knob never was adhered to by the
in-tree version of this driver but similar functionality is available
via the device-specific dev.igb.N.iflib.rx_budget.
While at it, remove the - besides initialization of tx_process_limit -
unused {r,t}x_process_limit members.
Andrew Gallatin [Tue, 9 Jan 2024 20:52:07 +0000 (15:52 -0500)]
apei: Mark ReadAckRegister resource as shareable
Work around vendors who use the same address for multiple
ReadAckRegisters in their ACPI HEST table. This
allows apei to attach cleanly on Ampere Altra servers.
Note the issue is not specific to Ampere, I've run into
it with at least one other vendor (whose server is not
yet released).
Gleb Smirnoff [Tue, 9 Jan 2024 21:01:28 +0000 (13:01 -0800)]
netlink: fix regression with group writers
Refactoring of argument list to nl_send_one() led to derefercing
wrong union member. Rename nl_send_one() to a more generic name,
isolate anew nl_send_one() as the callback only for the normal
writer and provide correct argument to nl_send() from nl_send_group().
John Baldwin [Tue, 9 Jan 2024 19:23:10 +0000 (11:23 -0800)]
acpi: Only reserve resources enumerated via _CRS
In particular, don't reserve resources added by drivers via other
means (e.g. acpi_bus_alloc_gas which calls bus_alloc_resource
right after adding the resource).
The intention of reserved resources is to ensure that a resource range
that a bus driver knows is assigned to a device is reserved by the
system even if no driver is attached to the device. This prevents
other "wildcard" resource requests from conflicting with these
resources. For ACPI, the only resources the bus driver knows about
for unattached devices are the resources returned from _CRS. All of
these resources are already reserved now via acpi_reserve_resources
called from acpi_probe_children.
As such, remove the logic from acpi_set_resource to try to reserve
resources when they are set. This permits RF_SHAREABLE to work with
acpi_bus_alloc_gas without requiring hacks like the current one for
CPU device resources in acpi_set_resource.
Reported by: gallatin (RF_SHAREABLE not working)
Diagnosed by: jrtc27
John Baldwin [Tue, 9 Jan 2024 19:05:03 +0000 (11:05 -0800)]
memdesc: Helper function to construct mbuf chain backed by memdesc buffer
memdesc_alloc_ext_mbufs constructs a chain of external (M_EXT or
M_EXTPG) mbufs backed by a data buffer described by a memory
descriptor.
Since memory descriptors are not an actual buffer just a description
of a buffer, the caller is required to supply a couple of helper
routines to manage allocation of the raw mbufs and associating them
with a reference to the underlying buffer.
John Baldwin [Tue, 9 Jan 2024 18:57:48 +0000 (10:57 -0800)]
kldxref: Workaround incorrect PT_DYNAMIC in existing powerpc kernels
Existing powerpc kernels include additional sections beyond .dynamic
in the PT_DYNAMIC segment. Relax the requirement for an exact size
match of the section and segment for PowerPC files as a workaround.
gofaster [Tue, 9 Jan 2024 17:49:30 +0000 (12:49 -0500)]
Add Gotify notification support to ZED
This commit adds the zed_notify_gotify() function and hooks it
into zed_notify(). This will allow ZED to send notifications
to a self-hosted Gotify service, which can be received
on a desktop or mobile device. It is configured with ZED_GOTIFY_URL,
ZED_GOTIFY_APPTOKEN and ZED_GOTIFY_PRIORITY variables in zed.rc.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: gofaster <felix.gofaster@gmail.com>
Closes #15693
Alexander Motin [Tue, 9 Jan 2024 17:48:40 +0000 (12:48 -0500)]
Fix livelist assertions for dedup and cloning
Two block pointers in livelist pointing to the same location may
be caused not only by dedup, but also by block cloning. We should
not assert D bit set in them.
Two block pointers in livelist pointing to the same location may
have different logical birth time in case of dedup or cloning. We
should assert identical physical birth time instead.
Assert identical physical block size between pointers in addition
to checksum, since that is what checksums are calculated on.
Reviewed-by: Matthew Ahrens <mahrens@delphix.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Alexander Motin <mav@FreeBSD.org>
Sponsored by: iXsystems, Inc.
Closes #15732