From nobody Mon Jun 8 07:30:25 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYkGZ3SCxz6h18D for ; Mon, 08 Jun 2026 07:30:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYkGZ2nTtz3VsF for ; Mon, 08 Jun 2026 07:30:30 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780903830; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HqIldGdee3yF1RfkscGXwcKhlOE1rtk/GpcRO6ztTsQ=; b=OIYcrLV1SH6rQHmRhJXcGxJNAtwp7Bos6G5GLCFFcJ6ZWAwwaEyVYwxLsDMhBaCJJa0tfm E96fJsCW4CKRFZ5VJ9q5XCMz9pi9ckJpRvKl42tqYq4/o948Ia/T+bnkYPDQEJoPv17gIo 6tAf6BLYzxF1NGqlSs/R9U58vcWQMTZ3nlzMYkA7n7FDjZQU/wjPObTPxEA8SZWChwav5Q G7iQb+QF/KdVfp3kgd+YKrrQaYl/ryomu8MCMz2SNkL/MLIWm4WU7Y7YqukEfBGlIPt0Fo cRX9IuY0VjYDSnPvcKlLEQIUBf1JAhwHsOoefpTXh0aZTih2CUgc7n9D1CvUvA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780903830; a=rsa-sha256; cv=none; b=S1xefiYJMGz6m954RYS051WWsWPe3/EJtewBfH3/kc9oQ6DfDzvKFK0m5/MshfIy93S51K WOyEdpdqopZ4/1Hu/I5wDM//i23wTMh4plRZJRNcxiLjoBOURjiSQ8FICE75SLc2BQUUfh QFMjAI4cHJ3HmopueaFs0ZknfYPsm2IRJdZ3vDp4an8Mdv34rK50hrmJwjg0+Iw4LXhtl5 ywe0ZuYHMfShBKFFDa9Jg7bN+RrCRDz+9Zq6sSLdPIeulDAktAJOZWYMe4fMczL2O5xt1s kEmB73EMpuPcgs1PlkRNrT7NI26QQYyxRvKYCqGu8TWEXcxhmZN5RJOM2cDFBg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780903830; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HqIldGdee3yF1RfkscGXwcKhlOE1rtk/GpcRO6ztTsQ=; b=r+QeKmCi5BrAk8EkU/mjntA7D07eQZCyVlbWvJu4BkUJjqLEyuX7ADYGNnMapOB5r0UjLd elRXaC2C4ogbLOa0DRokXMwXnFItnViriYIxUr0+fehxhJNDTpHH4VQ3vp6ERECpVOWu6y QKvkiR8sC7M/a4qbpD0dYK/lgaTSWYisnzf54N1Lv0OmZd5dkTDke3p4ykDz5ygNSrrg0I 8meMBW1c8qSCGDjglxvxdFW7Bao37UbifIfCMcVj+OuS6ZEIgHaEVYs3PhGgP5uISEA0fW TiHWNxH+xXVbaf6Gksx5EgNgchaTqqdHyOWqUOHfYVBhlKShCkmUwSWHLZnr1g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gYkGZ2NQCzfhN for ; Mon, 08 Jun 2026 07:30:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 43522 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 07:30:25 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Emmanuel Vadot Subject: git: 5f84c6db7aa1 - main - fwget: amdgpu: Add needed package for Granite Ridge List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: manu X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 5f84c6db7aa16447632c4e6e8959bf28d1bbd8aa Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 07:30:25 +0000 Message-Id: <6a266f91.43522.56b2c60d@gitrepo.freebsd.org> The branch main has been updated by manu: URL: https://cgit.FreeBSD.org/src/commit/?id=5f84c6db7aa16447632c4e6e8959bf28d1bbd8aa commit 5f84c6db7aa16447632c4e6e8959bf28d1bbd8aa Author: Emmanuel Vadot AuthorDate: 2026-06-08 07:28:00 +0000 Commit: Emmanuel Vadot CommitDate: 2026-06-08 07:30:15 +0000 fwget: amdgpu: Add needed package for Granite Ridge Sponsored by: Beckhoff Automation GmbH & Co. KG --- usr.sbin/fwget/pci/pci_video_amd | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.sbin/fwget/pci/pci_video_amd b/usr.sbin/fwget/pci/pci_video_amd index 11f33eef78dd..4c350d92e643 100644 --- a/usr.sbin/fwget/pci/pci_video_amd +++ b/usr.sbin/fwget/pci/pci_video_amd @@ -174,10 +174,10 @@ pci_video_amd() addpkg "gpu-firmware-amd-kmod-sdma-6-0-1" addpkg "gpu-firmware-amd-kmod-vcn-4-0-2" ;; - 0x164e) + 0x13c0|0x164e) + addpkg "gpu-firmware-amd-kmod-dcn-3-1-5" addpkg "gpu-firmware-amd-kmod-gc-10-3-6" addpkg "gpu-firmware-amd-kmod-psp-13-0-5" - addpkg "gpu-firmware-amd-kmod-dcn-3-1-5" addpkg "gpu-firmware-amd-kmod-sdma-5-2-6" addpkg "gpu-firmware-amd-kmod-vcn-3-1-2" ;; From nobody Mon Jun 8 09:07:52 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYmR23380z6fgBL for ; Mon, 08 Jun 2026 09:07:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYmR21BQ3z3hRB for ; Mon, 08 Jun 2026 09:07:58 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780909678; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xLqZd9Lje/UFJc44g2cQIAByA4/p3q3MOg/x3vlXglU=; b=OolBjnZZW9aiV9f1MawDaRbw8xttwg9bEQRH1IdG9g0hXs/mTUgIxMrDXn9rPTsN+sHYsM LE1sX5opZcjV4B3gRJ44QjDPApO84zzPU5GFyT8roNPgyP90+iNRH1lYjFk682wNmQ4YQm tbbnr91alk5o44SpasEuPFE4rbgQzFHTcqukcdCCsYZMc7VdpU3xkljN+2OlD/cBBk724t 0dVBkwf6K2liHbdkmI4oe6+C5QFh2g66WUWiaj4X0vxKzfID/HTXFlF/x5oMytd3Mcf2Nm jwuIwAf4RlkP/idxy3r6VpQgKH7/71dD41VKk5T+0ZQ5rsSVQa5m4zNqfSWHNQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780909678; a=rsa-sha256; cv=none; b=Ro/BRynqmmgWcx3JTlhfGTEoF8V/ULPl3oo54PZJ8t5cnnBRalX2EYOW2lOwXAhonxUroL gOc6OBLs+yqXLeLJSArnImnKI2N3BjprtvgLk3GZODzBek2sxLriWyu/KQdkNazJuNoEP7 wKOgq+Y9z+SJNxi5XAToocs9XHtkcZf/svorsO2+u4dqQHXPMIQN5D2bA3TuRCwwbOKHwf rNQMNwMkpgPGBARy8QDWlvtIolYPe81k8VzoceOVUhY1llDTYG58BtUhr09wZ9Hh3SV/Ch 40q4u9Knja0DMLq6o5qCp3DjApHNvcLi1tI7hSrHc66PFUkS4UuCzBK9Wc5pGw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780909678; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xLqZd9Lje/UFJc44g2cQIAByA4/p3q3MOg/x3vlXglU=; b=cJ/CfSmLjiGq17FHT3NedJcAYg+zej/WQ2n5MDsoWcy71CIuYQL3tp1AUQrzetbVGBHMj2 OhJV4S46/Gfn7cF4Yg6WkKHuHYeydeeBwp+dtYzF3Bzs5PMoWTsTLdR0ofNRbrPvKagRC7 n6TuBYPhyBzt6fpiPWWPx9HB/7e4RV3fHjrEenSY8l85v3vUfMHvThdUxZc27Teqd7Dg84 54AW5at5gc+7aOkb6aLVF3eciVZNJmVBf3B6uYq/bbF4gmR3FiOEXDh4sW13lCJgvHz3Of tYI50T9a2i3MXwPCKTDq1fp1Dn1ncLKF4SSPqlg7LCT0r8KxB6oJDPFPYdZnBw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gYmR20knczj85 for ; Mon, 08 Jun 2026 09:07:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1bd61 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 09:07:52 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kristof Provost Subject: git: 035e87247f84 - main - pfsync: remove invalid panic List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 035e87247f845500b4672e10efb8f47fd2c0f2a2 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 09:07:52 +0000 Message-Id: <6a268668.1bd61.55977035@gitrepo.freebsd.org> The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=035e87247f845500b4672e10efb8f47fd2c0f2a2 commit 035e87247f845500b4672e10efb8f47fd2c0f2a2 Author: Kristof Provost AuthorDate: 2026-06-06 13:44:17 +0000 Commit: Kristof Provost CommitDate: 2026-06-08 07:44:56 +0000 pfsync: remove invalid panic When we undefer a packet (when the peer acks the state) it's possible that we don't find a corresponding pfsync_deferral. We panic here, but that's actually something that can happen in normal operation: - if we have too many deferred packets already (in pfsync_defer()) - if the deferral timed out (in pfsync_defer_tmo()) Remove this panic and document the scenarios where it might occur. MFC after: 2 weeks Sponsored by: Orange Business Services --- sys/netpfil/pf/if_pfsync.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c index a5f377e84307..a64d0ef64a61 100644 --- a/sys/netpfil/pf/if_pfsync.c +++ b/sys/netpfil/pf/if_pfsync.c @@ -2356,7 +2356,11 @@ pfsync_undefer_state_locked(struct pf_kstate *st, int drop) } } - panic("%s: unable to find deferred state", __func__); + /* + * If we don't find this state in b_deferrals that might be because we + * overflowed the list (see pfsync_defer()'s >= 128 check') or because + * the deferral timed out already (see pfsync_defer_tomo()). + */ } static void From nobody Mon Jun 8 13:52:37 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYtlT3QFGz6g5qX for ; Mon, 08 Jun 2026 13:52:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYtlT2XZ5z48P3 for ; Mon, 08 Jun 2026 13:52:37 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780926757; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4x10OKs080WGHugXyjzshQAaRyEcfJXFTvBq6Qw0hKE=; b=ZJHkH/Is2sKrFJF9oom4NG+m8Y74gGBb/ZQGr9Iya1lDtMClqmYSrXuYjC2dzQmRM5Izk0 7yTQDpEYtvKWkgKziJlIJgXuW/9J7SWCuTmjCDbBxsMxPG4U8lYiI6EWLPiP5gVrux/N/0 lRwhHkvUs+QNxSVrf5rQRJq1a/Pyji1YLxjjb6F/dsoqNoYO/Jt2zXzRCrdr3N1V4IH0a/ nBdS+fajBkpNK1KY8ZrwHHtqLHXNAGZVkFNbX25tdY6FZCFwSoD4NFGH0BYaL17kOl9h+f 9qJTEx22Wg5DHZGInFE9xiQldBkkkqxgMkYlm7Lr7O5qFUWjLuaYfVVZPH3fgw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780926757; a=rsa-sha256; cv=none; b=lM7bUDV1r6OT08UTNrTKLEAKqbu97Sy8zQKxbSijhLydVK4hqXfE53YnHkvhhJm9lIt8IX 5PUxVDivPnN0qsgt+pD3GHcCbhnGBKu7SpR4HHfDOIkQ4wVdMznK395FdI9qIC9Mo8QHt2 au7nJcKMghvF/QIuMlQ32YGC8TVy8MRwVuGVpUX4wPStGnCy+c/z918Ij1OMJf9PhL5Adq gBQ09+xYANk+eDvBrxRAuKnCj6Ya/6BDGGFOMeVr8bpG1/xx+FgANbuHmMrexeBaod5u3K xknrse99rafBwEUVoYjYsdvhh/i2a+IR9afk97fZ6dfK4kNywjPZMW0VwTVRbA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780926757; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4x10OKs080WGHugXyjzshQAaRyEcfJXFTvBq6Qw0hKE=; b=x/QII9xyNKjtKT60ky4HUpYgQq1XtrLaYfYGllCfW45ip2wPVPcmtvUC/KVknqYVNU5YOh aG3sdZM8H5spzgaCUBzPt8VqJg7klhopmk9RBpt21xdFRt6FhiDrYqAQFzgSZbfSoGE78g CV2O0aYfvScZVH8U7KH67gVf4Ls55J2gW27o2FjA6w0KbZhWywZ5rLzPa9yXCPJ/auq/lr jeokWNUpEv5QOOgqR1zQPCQsFlDoBb/s+TP7cw3eszLWL0Fg5T6iWw6mOTmaSn3eOGfeoh yUO9QKv1RdkeUPwoJ2g+tEvRymIFivoHLJDBopvXRlI8hpPas+/iW+NVzlzgbQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gYtlT0hMFzrVN for ; Mon, 08 Jun 2026 13:52:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 43353 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 13:52:37 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Cy Schubert Subject: git: 37e9d3641ba0 - main - ipfilter: Fix ip_pptp_pxy (PPTP proxy) length underflow List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 37e9d3641ba0e0da0d2bbaa26a59ee56a8cf3ee6 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 13:52:37 +0000 Message-Id: <6a26c925.43353.7c441902@gitrepo.freebsd.org> The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=37e9d3641ba0e0da0d2bbaa26a59ee56a8cf3ee6 commit 37e9d3641ba0e0da0d2bbaa26a59ee56a8cf3ee6 Author: Cy Schubert AuthorDate: 2026-05-29 06:17:39 +0000 Commit: Cy Schubert CommitDate: 2026-06-08 13:51:24 +0000 ipfilter: Fix ip_pptp_pxy (PPTP proxy) length underflow A PPTP client sending a specially crafted PPTP message with a length smaller than the already processed fixed header can panic the system. This resultes in a negative remaining length (a large unsigned 16-bit number). Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li, and Ke Xu from Tsinghua University using GLM-5.1 from Z.ai MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D57383 --- sys/netpfil/ipfilter/netinet/ip_pptp_pxy.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/sys/netpfil/ipfilter/netinet/ip_pptp_pxy.c b/sys/netpfil/ipfilter/netinet/ip_pptp_pxy.c index dc4c67dc14f0..95eaf78bd575 100644 --- a/sys/netpfil/ipfilter/netinet/ip_pptp_pxy.c +++ b/sys/netpfil/ipfilter/netinet/ip_pptp_pxy.c @@ -318,7 +318,9 @@ ipf_p_pptp_nextmessage(fr_info_t *fin, nat_t *nat, pptp_pxy_t *pptp, int rev) * it should match 1a2b3c4d. Byte order is ignored, * deliberately, when printing out the error. */ - len = MIN(8 - pptps->pptps_bytes, dlen); + if (pptps->pptps_bytes >= 8) + return (-1); + len = MIN((size_t)(8 - pptps->pptps_bytes), dlen); COPYDATA(fin->fin_m, off, len, pptps->pptps_wptr); pptps->pptps_bytes += len; pptps->pptps_wptr += len; @@ -361,7 +363,9 @@ ipf_p_pptp_nextmessage(fr_info_t *fin, nat_t *nat, pptp_pxy_t *pptp, int rev) } } - len = MIN(pptps->pptps_len - pptps->pptps_bytes, dlen); + if (pptps->pptps_len <= pptps->pptps_bytes) + return (-1); + len = MIN((size_t)(pptps->pptps_len - pptps->pptps_bytes), dlen); COPYDATA(fin->fin_m, off, len, pptps->pptps_wptr); pptps->pptps_bytes += len; pptps->pptps_wptr += len; From nobody Mon Jun 8 13:52:38 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYtlV3KlCz6g620 for ; Mon, 08 Jun 2026 13:52:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYtlV23FTz48Qc for ; Mon, 08 Jun 2026 13:52:38 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780926758; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RfAcnrLxY/m23/kZdwyZPNX7TeqQCNDoncjHhq82n9Y=; b=PwCmqyNZOz5BkfllZweo53fh+Kd+VrzBj3U3QQy4zVoC2UtB1qoEsHKqr+moiqr2/LcXV8 th4CRbrpoAEJH8kXajsdCen0k5ihnkkOonXztM2ka8S+EqYfeASNZMFGh2n3G/lUcYIomK rB5WbUR4wxPu3GweNeQ/LATTgYmP09I2zZkZztzYjAHP7itw/WfC2y1w2LSlQBNqGla9hX M/lytSyaaSNub6hr6PgGtb9g9kb37s7EaOIcPf3KKJOsg7cFo49t94nQVJr1Ud9YiSHsEr ElXZE26No7i3D0nfafqeFm82/nO2mXSIx0hSgaJjgfBN4vBan/2kZcH2JQ2eXg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780926758; a=rsa-sha256; cv=none; b=ODprbCwlkzOnkhmX4mmHxp5oV/ebhThIqtg6xkXlQW3/b81i/7jPIzS3vqsZMGiErwLFmW JUP2aHuj/gb/mmurKjMzxsWZeKcnOlPAx+bYcJTKGh3OwC0ITCOd25RBW/gTY1EiMBb0PF RMz0Cf9BFNB55O5brtFAWAJMG5QTrVxS2i8aBVhP7Qi6vq7KIPG0B2jTV8NKQJiHXp9Aie tEhJj1Y9Ug8JaCyN1kVkJF5D6DhX9rtbPmJa1NiC6KQUe+icX6pB2igq5KgbjNYU81DmyP 8BjXcpORmsvw1UGN36DG5+mAU1BjcuVpMJE+WgJXwlQOsVTEx54U21iaKv0xcg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780926758; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RfAcnrLxY/m23/kZdwyZPNX7TeqQCNDoncjHhq82n9Y=; b=pztzolRNorvKUIoYb8pXAbnyjTprsV8KTxDFiRly6wXL7Yrndl+xZKrqG0sRxMwIFOnd1O sPkkTPFGtIlczcEEPZMNkh7JIECdDGQHQkpXbgVRi8liKlae45b4MQB/ayRJsttGLwYMwo polz1feMxgb5FaDH6bfh2ji/vgI9BWGBvd4Nc/z6Bj9IuM8b6zjO+8qDNAMvlj2DufGNH1 Kw1zntJ/iS5KP1gru9l04OkjS2ahT3keTMxl7ygek46viMWGwBoNh/jNLgguVudUTB7pTE oyS6P7GwLYssYyc4ShBYwCCaik7H5lbEvwOTG3Sxr+CL8svnE/wUyOxdyDnwHw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gYtlV1VLSzrWY for ; Mon, 08 Jun 2026 13:52:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 43203 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 13:52:38 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Cy Schubert Subject: git: efb5c07f91c5 - main - krb5: Fix null dereference in SPNEGO token processing List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: efb5c07f91c5c11fb9bd32227ac74c2d08adf3cf Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 13:52:38 +0000 Message-Id: <6a26c926.43203.3b2a8200@gitrepo.freebsd.org> The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=efb5c07f91c5c11fb9bd32227ac74c2d08adf3cf commit efb5c07f91c5c11fb9bd32227ac74c2d08adf3cf Author: Cy Schubert AuthorDate: 2026-06-02 17:57:17 +0000 Commit: Cy Schubert CommitDate: 2026-06-08 13:52:04 +0000 krb5: Fix null dereference in SPNEGO token processing krb5 1.22.1 erroneously removed a check from get_negTokenResp() for successful decoding of the mechListMIC field. Restore the check to prevent a null pointer dereference. Commit message details obtained from upstream commit. Obtained from: Upstream commit 4ae75cded MFC after: 3 days --- crypto/krb5/src/lib/gssapi/spnego/spnego_mech.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/krb5/src/lib/gssapi/spnego/spnego_mech.c b/crypto/krb5/src/lib/gssapi/spnego/spnego_mech.c index 4a778364336e..1dd0f170651b 100644 --- a/crypto/krb5/src/lib/gssapi/spnego/spnego_mech.c +++ b/crypto/krb5/src/lib/gssapi/spnego/spnego_mech.c @@ -3517,6 +3517,8 @@ get_negTokenResp(OM_uint32 *minor_status, struct k5input *in, if (k5_der_get_value(&seq, CONTEXT | 0x03, &field)) { *mechListMIC = get_octet_string(&field); + if (*mechListMIC == GSS_C_NO_BUFFER) + return GSS_S_DEFECTIVE_TOKEN; /* Handle Windows 2000 duplicate response token */ if (*responseToken && From nobody Mon Jun 8 13:52:39 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYtlW6Jx9z6g621 for ; Mon, 08 Jun 2026 13:52:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYtlW2t8Dz48Sn for ; Mon, 08 Jun 2026 13:52:39 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780926759; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=BhAFjHnKLs/RgMYL9Ih2F9SgMvB5pS9Ll9bsobjGQbw=; b=pgQP/VVvIA6JGB3mh/PQetsFJPoOTDmD7OGYA/olRfDlNpR7kkoUWhn1/pmDT6pr87GYDy SWiDMAaufko508MjKAH3eEzrIMY8lvUZIEHMqF4yh0f9FE4N36k6j7NgtKEF111meC0pTo Ql9dvVtqe5gLKkAZUlGYtjLgrPwWyD4r0XQLgfjjDkNDE14bX/HvYdNHETdsDxysZmocJY t2QvA4/hThnEaC6iDNh387R5vpYVwLAB8XFlnuhPgmCA7quSH6uRH1EBVM4JeeyeW7oaiy 53W+n3jg0gjeb2PqGfKZeZ5JaeicpT7qkZBTlvMfwtvH3obU4DxKwyNup3NKrA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780926759; a=rsa-sha256; cv=none; b=kW8gnnKgPneAASQ8HwJO1WI443USEpo+lt9m2VEhd3jV516cvUJiJUWhMx0irtKfEeoxWA Ky0RXCeBl29cCPYSKDz9jtzaNoxRKFGlDVVtny7elB3Alw4qcElww3//wpyU3yhmRuynMT utoU6LQvq7F34BLMBq3aqhkK1CqqZDaUP7mryiv6gXci/voxZx5E2NUhH2wbLvNMqZDYOS 2YS3DkHquGEXz2qduf2N/65c9JmqlEZQJTlbAEddT7hIUhET66+Yp2+/OBTry4NIiO3BWX q+4+/PNuAx6XfAuar4wUvAygpqN7ZrmXaPILqISgpP1Jb7bzJ8JbDmAxAL4jsA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780926759; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=BhAFjHnKLs/RgMYL9Ih2F9SgMvB5pS9Ll9bsobjGQbw=; b=b54XB2WfSOzDib4nKIEKapfku74dPgY811xIqD2VK5jYeMDaDjV+5rTVx2H23ghEu1SChb o48gDyNz0i6Jb7WBr4dmCu1/TUbLwdmhWaZNdwJoSQp2/uqa8V8pfiwvfYy9JxNuvLcKjw eUZJRiwBcMP+J8Rm2sVvDsSASNXGbShaR68kuQSgn6HX8OogkwcZc8cYnKqoWBhehfOCTE Sr0O8J1F/2KSwxgsOnSK3oEigZAsy3lta4nECm6+6ONo9VUMxnpFqcggHFLwjKezetjPVX VojSfQFBoQYtod6rXD4RuqXriNze5tqlLlnFjPpZvWrUWleKTPozzWnqm+RzIw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gYtlW2HdNzrYw for ; Mon, 08 Jun 2026 13:52:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 412c6 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 13:52:39 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Cy Schubert Subject: git: fce16f60de97 - main - krb5: Fix reachable assert when importing krb5 names List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: fce16f60de9718be6b789f00e86141a84cd920d3 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 13:52:39 +0000 Message-Id: <6a26c927.412c6.2e60e78e@gitrepo.freebsd.org> The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/src/commit/?id=fce16f60de9718be6b789f00e86141a84cd920d3 commit fce16f60de9718be6b789f00e86141a84cd920d3 Author: Cy Schubert AuthorDate: 2026-06-02 18:09:43 +0000 Commit: Cy Schubert CommitDate: 2026-06-08 13:52:04 +0000 krb5: Fix reachable assert when importing krb5 names If a name token contains trailing garbage, error out from krb5_gss_import_name() instead of crashing the process with an assertion failure. Commit message details obtained from upstream commit. Obtained from: upstream commit 07818f1fd Reported by: Aisle Research (Ze Sheng, Dmitrijs Trizna, Luigino Camastra, Guido Vranken) to krb5-bugs MFC after: 3 days --- crypto/krb5/src/lib/gssapi/krb5/import_name.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/crypto/krb5/src/lib/gssapi/krb5/import_name.c b/crypto/krb5/src/lib/gssapi/krb5/import_name.c index a067d0742331..b4c29b442511 100644 --- a/crypto/krb5/src/lib/gssapi/krb5/import_name.c +++ b/crypto/krb5/src/lib/gssapi/krb5/import_name.c @@ -297,7 +297,8 @@ import_name(OM_uint32 *minor_status, gss_buffer_t input_name_buffer, goto fail_name; cp += length; } - assert(cp == end); + if (cp != end) + goto fail_name; } else { status = GSS_S_BAD_NAMETYPE; goto cleanup; From nobody Mon Jun 8 14:34:26 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYvgl3KRFz6g9QJ for ; Mon, 08 Jun 2026 14:34:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYvgk60Hhz4FfZ for ; Mon, 08 Jun 2026 14:34:26 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780929266; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=e4FJMwcsjfBEIcyShCYh+h0aT8OYyPjvrE9LeXLs3qo=; b=TlndZP9Dfcl6s2NCaF8wrLP1h3jqrVGIzgTwegII7Y1xj1okXyMm4VVDnEF4ZxalfroTRH SjG88z2lpTIlAFr04pBrR50WlopIARTTjL9H3cHF7FkjTf6yXHVBd5vPIeGoK99IjCvouD eu8NykkPik7OHV9KA4RNT4vOaCRFRHDBtpHOffkcqnG2hq2Dcx7gJ5Ge0uNi5yw3N12yVp aagZ83a3aX3SmCRNSimq5neBMe3SFfsMkEy6ivwFFGIezCPPq7We22OCxlj+YDADvLZywX tgan1JFMj4aQucCvgExrc6O9byCdz0vguDUyLDd2f+gFrJnzhac/xxqW94Opog== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780929266; a=rsa-sha256; cv=none; b=TIFcevvr4J4nvRsPt2Sg815SRqoMOQ0hUdHoFHYqsboulwZ2bOEKXoleDVUr7k6BCBxLUp cuzRviAWtcCWPUqVl+L2vY20QBsYDLUnbhEF1QExCmS7uJKcDi0vluUz1V7nAIWFF0VK2T h9NSIr3NO5AZl4/vB4X2af6j5xN8QmUP/RN6zeuxu0PvReYOfln2VEi2a5nKC8YKhKgFrt vLMagEWxOysG3iUidzSywIaLFkzJkjemMBllzjYuCWqNqBQqtyrwuKgkIcKSZuo3vaI7xT MXFKjMWcfCLyY4MeMg2L42EZIo7I6tGcd7p8S/FP87W8NDD4yACwOT4aohN1yw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780929266; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=e4FJMwcsjfBEIcyShCYh+h0aT8OYyPjvrE9LeXLs3qo=; b=rA/d2H30Yu0nckWP6jIsF0p/Ilkpc2FLTsTXVPI9MAv4BlijFCeahxeQxaZhA0P5qcT6QV 8+4M+zOu6gATy5UZLexkD++HXmmNjeM93jMyDcU7XI5neMUMaTUQfUryNvcNNp5dwp3c3p Y82UlijiPpS3Pzf+71BSlrZoOuP9UG65XwzEc2tdtTuUcEYoT8WbQR0BGopX92KZhzmB0L f3pJbYk+FsZeF84aDitkkcbIoTsPDjQu4VkaivyJJbcv2ZkQCIvsdtpOSSW5oUfJSmVXoX RyRd4TkFYVjFBXrhXgQCVqrBsg2hEFN9PeS8fDYbk+/+++fF6NMsQ6NSDvEIWw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gYvgk4fGLzsSp for ; Mon, 08 Jun 2026 14:34:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 46f84 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 14:34:26 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Abdelkader Boudih From: Adrian Chadd Subject: git: a9519f7821c0 - main - firewire: Fix watchdog_clock aliasing and fw_tl2xfer UAF race List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: adrian X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: a9519f7821c066c393690603eab33043f3804a0c Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 14:34:26 +0000 Message-Id: <6a26d2f2.46f84.4c1d12e1@gitrepo.freebsd.org> The branch main has been updated by adrian: URL: https://cgit.FreeBSD.org/src/commit/?id=a9519f7821c066c393690603eab33043f3804a0c commit a9519f7821c066c393690603eab33043f3804a0c Author: Abdelkader Boudih AuthorDate: 2026-06-08 14:30:29 +0000 Commit: Adrian Chadd CommitDate: 2026-06-08 14:30:29 +0000 firewire: Fix watchdog_clock aliasing and fw_tl2xfer UAF race Two bugs in the firewire bus layer that affect all consumers ( if_fwip, sbp): watchdog_clock was a static local in firewire_watchdog(), shared across all firewire_comm instances. With two controllers (e.g. built-in + Thunderbolt Display), both advance the same counter, so the second controller's 15-second boot-time timeout guard expires prematurely. fw_tl2xfer() released tlabel_lock before returning the xfer pointer. Reviewed by: zlei, adrian Differential Revision: https://reviews.freebsd.org/D57496 --- sys/dev/firewire/firewire.c | 67 +++++++++++++++++++++++------------------- sys/dev/firewire/firewirereg.h | 1 + 2 files changed, 38 insertions(+), 30 deletions(-) diff --git a/sys/dev/firewire/firewire.c b/sys/dev/firewire/firewire.c index 079a50413ffa..a54cbf9cdf0b 100644 --- a/sys/dev/firewire/firewire.c +++ b/sys/dev/firewire/firewire.c @@ -372,23 +372,21 @@ firewire_xfer_timeout(void *arg, int pending) static void firewire_watchdog(void *arg) { - struct firewire_comm *fc; - static int watchdog_clock = 0; - - fc = arg; + struct firewire_softc *sc = arg; + struct firewire_comm *fc = sc->fc; /* * At boot stage, the device interrupt is disabled and - * We encounter a timeout easily. To avoid this, - * ignore clock interrupt for a while. + * we encounter a timeout easily. To avoid this, + * ignore clock ticks for a while. */ - if (watchdog_clock > WATCHDOG_HZ * 15) + if (sc->watchdog_clock > WATCHDOG_HZ * 15) taskqueue_enqueue(fc->taskqueue, &fc->task_timeout); else - watchdog_clock++; + sc->watchdog_clock++; callout_reset(&fc->timeout_callout, hz / WATCHDOG_HZ, - firewire_watchdog, fc); + firewire_watchdog, sc); } /* @@ -444,8 +442,9 @@ firewire_attach(device_t dev) CALLOUT_INIT(&fc->busprobe_callout); TASK_INIT(&fc->task_timeout, 0, firewire_xfer_timeout, fc); + sc->watchdog_clock = 0; callout_reset(&sc->fc->timeout_callout, hz, - firewire_watchdog, sc->fc); + firewire_watchdog, sc); /* create thread */ kproc_create(fw_bus_probe_thread, fc, &fc->probe_thread, @@ -1048,39 +1047,47 @@ fw_tl_free(struct firewire_comm *fc, struct fw_xfer *xfer) } /* - * To obtain XFER structure by transaction label. + * Look up an XFER by transaction label. + * Removes the xfer from fc->tlabels only when AT transmit has completed + * (FWXF_SENT); FWXF_START xfers remain so fw_drain_txq() can find them + * on a bus reset. */ static struct fw_xfer * fw_tl2xfer(struct firewire_comm *fc, int node, int tlabel, int tcode) { struct fw_xfer *xfer; - int s = splfw(); int req; mtx_lock(&fc->tlabel_lock); - STAILQ_FOREACH(xfer, &fc->tlabels[tlabel], tlabel) - if (xfer->send.hdr.mode.hdr.dst == node) { + STAILQ_FOREACH(xfer, &fc->tlabels[tlabel], tlabel) { + if (xfer->send.hdr.mode.hdr.dst != node) + continue; + /* Validate tcode match before claiming the xfer. */ + req = xfer->send.hdr.mode.hdr.tcode; + if (xfer->fc->tcode[req].valid_res != tcode) { + printf("%s: invalid response tcode " + "(0x%x for 0x%x)\n", __func__, tcode, req); mtx_unlock(&fc->tlabel_lock); - splx(s); - KASSERT(xfer->tl == tlabel, - ("xfer->tl 0x%x != 0x%x", xfer->tl, tlabel)); - /* extra sanity check */ - req = xfer->send.hdr.mode.hdr.tcode; - if (xfer->fc->tcode[req].valid_res != tcode) { - printf("%s: invalid response tcode " - "(0x%x for 0x%x)\n", __FUNCTION__, - tcode, req); - return (NULL); - } - - if (firewire_debug > 2) - printf("fw_tl2xfer: found tl=%d\n", tlabel); - return (xfer); + return (NULL); } + /* + * Remove from tlabels only after AT transmit completes + * (FWXF_SENT). Early responses (FWXF_START) must stay + * in the list until fwohci_txd() drains the descriptor. + */ + if (xfer->flag & FWXF_SENT) { + STAILQ_REMOVE(&fc->tlabels[tlabel], xfer, + fw_xfer, tlabel); + xfer->tl = -1; + } + mtx_unlock(&fc->tlabel_lock); + if (firewire_debug > 2) + printf("fw_tl2xfer: found tl=%d\n", tlabel); + return (xfer); + } mtx_unlock(&fc->tlabel_lock); if (firewire_debug > 1) printf("fw_tl2xfer: not found tl=%d\n", tlabel); - splx(s); return (NULL); } diff --git a/sys/dev/firewire/firewirereg.h b/sys/dev/firewire/firewirereg.h index d17f7a15785a..97a53606c001 100644 --- a/sys/dev/firewire/firewirereg.h +++ b/sys/dev/firewire/firewirereg.h @@ -69,6 +69,7 @@ struct fw_device { struct firewire_softc { struct cdev *dev; struct firewire_comm *fc; + int watchdog_clock; }; #define FW_MAX_DMACH 0x20 From nobody Mon Jun 8 15:09:04 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYwRj5y3Qz6gCmP; Mon, 08 Jun 2026 15:09:05 +0000 (UTC) (envelope-from des@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R12" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYwRj5GNtz4KTc; Mon, 08 Jun 2026 15:09:05 +0000 (UTC) (envelope-from des@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780931345; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=BbI48Du9mFyU/V9VO8Dk0QWmX6eD6Og+lxHK3fXtT7Y=; b=qAOkDjkVW8vBoInC1xoEYigWfvofBszclEvpHd4JAoHEIol8GJrPa+MROEE7x9xp9AOgSI k81HOSFxsTSBPpmjFZwavbi5BreO9Xor9wxglGI8QHCXylaMn0hetB1wZ8bunSgpWxvcPz d+SU+hMOYhEhZ2DrDTkYwp2LI4KwUZeZLIXCj+1XMsbeuLNrO8FTkqu8Jcs8De3ddKn+z9 uzIuCdtBUc2rOawEW3OCb4Zm45DxZ5pvmxVA/MsRhD0aVNiPH4mSqbJWvY3ix891uNEQkj 5/pzy782OWZeywHOfDt14NOfx5YQE+Mva3R4RqK5+buGw8sTaJxeLzy+LfUxhg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780931345; a=rsa-sha256; cv=none; b=xbBbmYu5CG/kts3nGmC3vJqKIlqi7Y2LJQ2TkffHHfO0FlACN3SGDZfAatShC0kAOdKHQw 566Eg3mjArVho5k4Yf9/sHe97CVNL/Tp7ouzjSKP57CP2ks5lPVr6HH9TC+pPqN3GN8Pqf KnUlPlXVbDXH3IRK/J+eUHec75MKtKNRYH/Pc6yoASkfr4nKn9rewEMJklHDwh88UcbE6q L0sCdmFTKy7FG2vD2Ps0YDZcvkLiE2P0CS5wZyTm5cbL6UH1fV5XeIIuyAdmriwUxA4gEO EwJWoS7SM0FPIb1GIy/rVx4eU70SPsinTRKJ/GeFUXTp/ArQrbHNZKB7ZVXvIA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780931345; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=BbI48Du9mFyU/V9VO8Dk0QWmX6eD6Og+lxHK3fXtT7Y=; b=WH/ySexkveitkGedEUf9OtqUI7fZavVv2gqVrXJy0SJef2qt94Pod0YdYXTHN+U93S3BW8 5IB+eKKXfkCGukWUmfD2Ly79HC6Z/Xeu+PcGbIoOtvnVHUt1MK/kQaU+in8dX+KFDHR+A2 HV2yrBg/fg8BzLcW2bZFC18mLca5nhHSunV2Wq6C9Ub+85f+YU6xu3FHh2RFzh8E5stFJ4 R+WerM9gsX7hXO81nyezk1FY16OTx1IyTsfdiguriN6EG57pbeWGNFViuL2wMeIGsb8ZPw lWmfzosYCBCR0dvN/NJ6NHVEYAEhBHFBf+MR5ZbdPvpCyCuO5KA59Vo0307Bfw== Received: from ltc.des.dev (unknown [92.183.12.56]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: des/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4gYwRj3wq7z13Vq; Mon, 08 Jun 2026 15:09:05 +0000 (UTC) (envelope-from des@freebsd.org) Received: by ltc.des.dev (Postfix, from userid 1001) id 797E1AF132; Mon, 08 Jun 2026 17:09:04 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Jessica Clarke Cc: "src-committers@freebsd.org" , "dev-commits-src-all@freebsd.org" , "dev-commits-src-main@freebsd.org" Subject: Re: git: ddf6fad0295a - main - etcupdate: Make nobuild the default In-Reply-To: <8E2A1D1D-F83C-4583-82B4-53B869507627@freebsd.org> (Jessica Clarke's message of "Fri, 5 Jun 2026 17:19:22 +0100") References: <6a22f100.42af1.51deb269@gitrepo.freebsd.org> <8E2A1D1D-F83C-4583-82B4-53B869507627@freebsd.org> User-Agent: Gnus/5.13 (Gnus v5.13) Date: Mon, 08 Jun 2026 17:09:04 +0200 Message-ID: <86ecihqdbj.fsf@ltc.des.dev> List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Jessica Clarke writes: > Dag-Erling Sm=C3=B8rgrav writes: > > commit ddf6fad0295aa92af5eed2a4b2fa0bd02f47d94d > > Author: Dag-Erling Sm=C3=B8rgrav > > AuthorDate: 2026-06-05 15:53:25 +0000 > > Commit: Dag-Erling Sm=C3=B8rgrav > > CommitDate: 2026-06-05 15:53:25 +0000 > >=20 > > etcupdate: Make nobuild the default > >=20 > > The common case for etcupdate is to run it after building and instal= ling > > the world, in which case we already have an object directory to draw= on. > > Add a -b option to turn nobuild off (opposite of -B), and turn nobui= ld > > on by default. > >=20 > > MFC after: 1 week > Changing the default here seems like it might not be appropriate for MFC? On the contrary, the reason I'm switching is that the current default is harmful. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@FreeBSD.org From nobody Mon Jun 8 15:13:09 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYwXm0FJ3z6gCvH for ; Mon, 08 Jun 2026 15:13:28 +0000 (UTC) (envelope-from jrtc27@jrtc27.com) Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com [209.85.128.46]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYwXl4jW0z4LJJ for ; Mon, 08 Jun 2026 15:13:22 +0000 (UTC) (envelope-from jrtc27@jrtc27.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-wm1-f46.google.com with SMTP id 5b1f17b1804b1-490a76757e5so29104245e9.2 for ; Mon, 08 Jun 2026 08:13:22 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1780931601; x=1781536401; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-gg:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=IsFxY3+x71OoTYY2XGmczyG6cR/nxC4XSyG0sSXp3oI=; b=rCAkHhSkYbGQNJMGpomMTGd4bP/DEwSKU3acK0BpKOgeBR1j8HL48ZmPTYwnvOnUfB PrlRr2O9tr8qvgxF9NfGf1iNcW1nRYS/xlxhlCCIFJVtWaCjwreEsZFwCxlO2bC9m04O t+mI4kILxI/b9OsDW5VSuekAkzWFwKbfOReK1/Iz1IHC/qQemyowZDfdOaMHDo4ygFvo W1vanf7QW9opYCZ0BFfL2WdHYNCsb9S85KjRJzW+vcIELktcZHqc0S4q3fG7MxhjwpOk aWoE1JKiNSBmJyCR5ue9T6P/0jxnXBaS+X7C7rMBtECS6bfSLOkNKQ0R9xl8gGdCYWF1 avCQ== X-Forwarded-Encrypted: i=1; AFNElJ8h1MPndFmay2Hfvy3FJX/6Hg6pt6HU0HiSo6/IrQrPDnLLrB7ra2JLO6kjnbAh//Yd/4PDWZv54AUfOMXfu8eJlldP@freebsd.org X-Gm-Message-State: AOJu0YxqkStrlf9+pF5VVAQUHADKFBl2fDtOMCq+FRtaYcA/F7tldmv7 pJL0zAgTZYclBXe3bAKw1AyR+toGRCZPk/ajL/w7E0+mr9AFDojgD0XqWP7xRJp1rzVUxlZTQv0 roMAgdYk= X-Gm-Gg: Acq92OF2SbAnPRVEed8glHiJa8LMdWifH61RqSNnuM+9HW6xt1VDWQ8Z2+WTpMrqPLx fh8eGMdYCPkvdorM8CSlsD3xTEmX5kqDEX8z3dQW9pKoJqKTP6zRA/1UcAWOX7wsE7QRkYbivOT Pp/TX48TfUqDaeddLyOeUljZADqPXyNC3lzFmpVXIq9nkb2zrT4iB67NclogS/wZ3iunUYiFA7M RngX+Wm7Q8Noxl6JHabgc4UHBvTc3IQPeFQ9FHqnlxSj+AhxDrZ8VeuOG8OxBjBQSPYM7j0Mn1c QjWqc19Ks7+2+prMzOqPRK7896vCh/JsWzTCUWWHnS5AAyU1o0WXpjOk80CFF89fXTQcqc1e6lq sr1S9BgExUg2Cm8Tt5sv9dfmy+3kkPlRzrQZnhOlCr1OulgekGrbPz1uLXv/+nQSn20gAcwOHxf XzFJdEZX/5XZx0cChV9FFUCYXutoW6fs7u0AyL69Qph/4n/OLiHEZgmNWhNBVadJYkpPQCFzoQ3 ddxeg== X-Received: by 2002:a05:600c:6094:b0:490:4b89:5362 with SMTP id 5b1f17b1804b1-490c2609cecmr266798115e9.24.1780931600855; Mon, 08 Jun 2026 08:13:20 -0700 (PDT) Received: from smtpclient.apple (nat-184-89.net.cam.ac.uk. [131.111.184.89]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-490bc3cbfe4sm410335565e9.7.2026.06.08.08.13.19 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 08 Jun 2026 08:13:19 -0700 (PDT) Content-Type: text/plain; charset=utf-8 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3864.600.51.1.1\)) Subject: Re: git: ddf6fad0295a - main - etcupdate: Make nobuild the default From: Jessica Clarke In-Reply-To: <86ecihqdbj.fsf@ltc.des.dev> Date: Mon, 8 Jun 2026 16:13:09 +0100 Cc: "src-committers@freebsd.org" , "dev-commits-src-all@freebsd.org" , "dev-commits-src-main@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: References: <6a22f100.42af1.51deb269@gitrepo.freebsd.org> <8E2A1D1D-F83C-4583-82B4-53B869507627@freebsd.org> <86ecihqdbj.fsf@ltc.des.dev> To: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= X-Mailer: Apple Mail (2.3864.600.51.1.1) X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US] X-Rspamd-Queue-Id: 4gYwXl4jW0z4LJJ X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated On 8 Jun 2026, at 16:09, Dag-Erling Sm=C3=B8rgrav = wrote: >=20 > Jessica Clarke writes: >> Dag-Erling Sm=C3=B8rgrav writes: >>> commit ddf6fad0295aa92af5eed2a4b2fa0bd02f47d94d >>> Author: Dag-Erling Sm=C3=B8rgrav >>> AuthorDate: 2026-06-05 15:53:25 +0000 >>> Commit: Dag-Erling Sm=C3=B8rgrav >>> CommitDate: 2026-06-05 15:53:25 +0000 >>>=20 >>> etcupdate: Make nobuild the default >>>=20 >>> The common case for etcupdate is to run it after building and = installing >>> the world, in which case we already have an object directory to = draw on. >>> Add a -b option to turn nobuild off (opposite of -B), and turn = nobuild >>> on by default. >>>=20 >>> MFC after: 1 week >> Changing the default here seems like it might not be appropriate for = MFC? >=20 > On the contrary, the reason I'm switching is that the current default = is > harmful. Any user relying on this (yes, harmful for the majority of cases) default for a current release would be rightfully annoyed that a minor release changed the command-line interface in a breaking manner, IMO. I won=E2=80=99t block you MFCing this in its entirety, but that breakage = is on you if a user encounters it. Jessica From nobody Mon Jun 8 16:36:03 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYyN9082Hz6gLmX for ; Mon, 08 Jun 2026 16:36:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYyN84xBlz3D06 for ; Mon, 08 Jun 2026 16:36:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780936568; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+hxSd8FlRX484l9O5GDKG76ZWSpEpxYcve11YTTRs54=; b=CO2YEdD7xZPYPmPSDDtvBIsXSl8o30Kz0zuY282O8n+lKVHiuCgTY96yq6hUASHhwjBEyE klCmvmpICQ6EKBYeBcNOdKCMNUXAKSafNE4aC+hBTQAufi4Y4F5gri0wK+zByb3uyKS0/d ivihUmxcfCiC0urZVydsl9YNCujzWwMIzSrmS7DgS9osyerloyhM6F/L15ca+sRkkUmzbo OZ7YnEXk7gwWqPyzyM4fjh9Ci+DFFyTvbSZ4TJUN5oIJU3ZbJPuVZ9uTLZcvhvpTqsnzne 5KbwZTQPU8FmTc84WmyFFZVQZYaiPr975uDCUBdI0/iD905QIU4P9ID1EOSyJQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780936568; a=rsa-sha256; cv=none; b=ifRnSZ+E1dT0tqR1q3q8yz2fR1OOYIufurpqSgqUO18vZ/hWcMGrMQbYVmB0EZP1Cn/rDW qU0wPP16pHrjmqgtPEd8yLDwSjFOrlu8lM4Cc+b9mz8Uo0CTiaBGrJVf5m3dQT3v9qjIdd zJ9sAuIdLisYVZpz/eypurpcRsjSOGFJujrlHYd2KtwbzV/APm5bERoqaDorJIeNrQZHuS tRK+L2Rr3/TQbhFjKG7t6JPi+0QnQIb1wmzPWUJAbg8ZJxNdn/GjveZpaujCz1z+dSis2g 2odyur3U+McMdrePLMSOYKUb2r8ZO4RzKsUyB4L3xkI1t/4/YfYSUUDEoXOiUA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780936568; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+hxSd8FlRX484l9O5GDKG76ZWSpEpxYcve11YTTRs54=; b=lLPuE5bknR5Oa4rN857Kmvm+KmPLJXWfhk/ZEGyqwaBYPA6Okd5EnjZml0aUPiVqJXSmlM aRPbm51EXmXtN3XkqyDy9kauIhfMTbcs+pjIXmSwm3HnKAFX7YYNdP9Eedu+ImJcDjjuQN Bf4n4lCnn9bY9vt4PUJtj4EBb7oiw9LOSiBs4kRec7JkJoNxzYZ6Vws7BqXR6W4vA3ll8E N+CX+QAKTpCFmv0daM7vb6qI+4KIneEs/f4yllt1qaM1jUPYC73odzKx1rBAeR8dPutIH+ eNIgi6tAPj3sfnKJDSHMTado58JE942XCAAyKcJUXzEJoN6nfLCNSP2u8fm46A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gYyN8462GzwQW for ; Mon, 08 Jun 2026 16:36:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 24047 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 16:36:03 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Gleb Smirnoff Subject: git: 256fa87c9fc3 - main - netgraph: remove remnants of IPPROTO_DIVERT List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: glebius X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 256fa87c9fc31d67c3da27dd1aac0c42db3dcf41 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 16:36:03 +0000 Message-Id: <6a26ef73.24047.737593d8@gitrepo.freebsd.org> The branch main has been updated by glebius: URL: https://cgit.FreeBSD.org/src/commit/?id=256fa87c9fc31d67c3da27dd1aac0c42db3dcf41 commit 256fa87c9fc31d67c3da27dd1aac0c42db3dcf41 Author: Gleb Smirnoff AuthorDate: 2026-06-08 16:35:07 +0000 Commit: Gleb Smirnoff CommitDate: 2026-06-08 16:35:07 +0000 netgraph: remove remnants of IPPROTO_DIVERT Fixes: 8624f4347e8133911b0554e816f6bedb56dc5fb3 --- share/examples/netgraph/ngctl | 2 +- sys/netgraph/ng_ksocket.c | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/share/examples/netgraph/ngctl b/share/examples/netgraph/ngctl index c879cbea7b0f..7ee572b4d7c0 100644 --- a/share/examples/netgraph/ngctl +++ b/share/examples/netgraph/ngctl @@ -36,7 +36,7 @@ + mkpeer ksocket foo divert/raw/0 # Note that ``foo'' is the hook name on the socket node, which can be -# anything. The ``inet/raw/divert'' is the hook name on the ksocket +# anything. The ``divert/raw/0'' is the hook name on the ksocket # node, which tells it what kind of socket to create. # Lets give our ksocket node a global name. How about ``fred'': diff --git a/sys/netgraph/ng_ksocket.c b/sys/netgraph/ng_ksocket.c index 74b2e211c0ed..bb5d56eabb86 100644 --- a/sys/netgraph/ng_ksocket.c +++ b/sys/netgraph/ng_ksocket.c @@ -165,7 +165,6 @@ static const struct ng_ksocket_alias ng_ksocket_protos[] = { { "ah6", IPPROTO_AH, PF_INET6 }, { "swipe6", IPPROTO_SWIPE, PF_INET6 }, { "encap6", IPPROTO_ENCAP, PF_INET6 }, - { "divert6", IPPROTO_DIVERT, PF_INET6 }, { "pim6", IPPROTO_PIM, PF_INET6 }, { NULL, -1 }, }; From nobody Mon Jun 8 16:44:28 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYyYn2QwGz6gM98 for ; Mon, 08 Jun 2026 16:44:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYyYm6jy5z3Dcn for ; Mon, 08 Jun 2026 16:44:28 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780937069; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RuANojvttz/jDCcMkFTQA+AfoSfRIZK9HncSNplK//k=; b=VdVA9sUPeZ+a2BE/kMvKrEwEc5XVUo12HWZ6MZ1UUo9sAxSsN4JtMNds5k3pyyVF8bh9PE OflUBL1iQZhCUVSUyOqQURWZz0x/Axx4GpArVfIa+f1hno/mRXMsHXSLMNJtEWO/2TB/gT 8Z11FXiIpHaA+1rSgdIlh14tAM5iuTnkIVj+2u8NCadP+LeGjltNFY+dy1nJ0QF5fi8Z6K 0TOLlKqajeqT0dSKnsLGiEg/QTM/xsrad7gZ4ua846jTM/Oru04x4SqT2RMzuchyBmW18g gKvYzeynWoDa5OzKub3e3H3+rdtpJ2K5ItVo/d1hJ+f/g5Eq16EsvUqOcRDyGA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780937069; a=rsa-sha256; cv=none; b=yezxp8j+ZBMIMf6AFzyFTaLh5yltKhqnoS17tvK7PNZS0zPO650fIqf9aOEI6FK8fKCsrf QNc4HzWuCZ9ZFDsOJ/iUa2rkGAgz1+M6E4D4KnE2Cd2OPbSUeNYFoh4568cYaXXNT90/UE mDpmFRAK7/v7WfXh6OdpBPJMD2aLKMHDzxq9K+mRuGckgtCVi+wTIV6pehP1OOUV6aPI3F +QVZwKGqSVNmJiFmjTmsz1F/g3292rjs2AfzTeagmwjWWmlXdtwbYYeUuwOK14RUlPIdrY lbNb/BqjSibpU1aehejjIekXYOnSo4deGbmtiXIoN4Ze4tp8i6G6LaF3HQOH6A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780937069; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RuANojvttz/jDCcMkFTQA+AfoSfRIZK9HncSNplK//k=; b=M2dQ8ezSwXcm105+QabMYo6pvDIunFEkZThSNS0Hp1ewAuDeo8PuxQGAX4VCLqlhTe7D3h +x2W90Zu94fBSwDrd+U6K17zs5HQrQvN0diw07iGRd2bqb3wQ05XLPPhbhQZPTuuIv4xSw m8LFoWaH7Ez3Fgvb/InsOgdKyqe5cmhgRy8eXP26XYlt3290JknsyfcLxUkuRsMnGqqVXe KMNWlk2TxohtK5YHu3UG851lVg+QBqmkv+rK9RDugapjhAKWWzqdPNjkaPjMJVg8cAfru3 L/KEzc/VoECP2jKma3gBji8PQv1XVGMVH5PIQ3LG4PTNuhEGyGOPDOk3U1eXug== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gYyYm5jmHzwyW for ; Mon, 08 Jun 2026 16:44:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 25786 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 16:44:28 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Warner Losh Subject: git: 8dca7fccfa65 - stable/14 - loader.efi: Fix when staging moves late List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 8dca7fccfa6514b0a48a290683572fadbb4e2a68 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 16:44:28 +0000 Message-Id: <6a26f16c.25786.51544913@gitrepo.freebsd.org> The branch stable/14 has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=8dca7fccfa6514b0a48a290683572fadbb4e2a68 commit 8dca7fccfa6514b0a48a290683572fadbb4e2a68 Author: Warner Losh AuthorDate: 2026-06-05 05:18:40 +0000 Commit: Warner Losh CommitDate: 2026-06-08 16:34:58 +0000 loader.efi: Fix when staging moves late Prior to this commit, we'd compute the page tables and have the last entries point to the staging area. We'd then add some more metadata to the image and boot. This assumed the staging area didn't need to move for this last bit of data. However, if we go over the staging limit, when we copyin new data, we grow the staging area, usually be moving it to a lower address. This overage usually happens when we're loading modules and so things work out nicely. Sometimes we're close to the limit, and we need to do this growing inside bi_load, after we've computed the page table, making the page table wrong, and the code we jump to random rather than the btext routine we normally start at. To fix this, move computation of the table (but not its allocation) to after bi_load, but before we call the trampoline. This problem was most observed when loading microcode for many peole, but Gleb reproduced the error with a set of modules that didn't include ucode. This bug hunt was greatly assisted by Claude who looked at the crash from the EFI boot loader and surmised that we weren't jumping to the code we thought we were jumping to. After inspecting the code, I asked claude how corruption could happen (I thought overwriting the page table), but claude notice the possibility that staging might change after we computed the page table, and this fix is the result. Claude didn't suggest a diff, but did provide many helpful clues that lead me to this fix. PR: 294630 Reviewed by: kib (prior version) Sponsored by: Netflix MFC After: insta per re@ request Differential Revision: https://reviews.freebsd.org/D57462 (cherry picked from commit 3915ffb1c3e04b26d1506bf35d3f665b2e25a915) --- stand/efi/loader/arch/amd64/elf64_freebsd.c | 47 ++++++++++++++++++----------- stand/efi/loader/bootinfo.c | 19 +++++++++++- 2 files changed, 48 insertions(+), 18 deletions(-) diff --git a/stand/efi/loader/arch/amd64/elf64_freebsd.c b/stand/efi/loader/arch/amd64/elf64_freebsd.c index 91dd979a677e..72c8d558d8a6 100644 --- a/stand/efi/loader/arch/amd64/elf64_freebsd.c +++ b/stand/efi/loader/arch/amd64/elf64_freebsd.c @@ -94,7 +94,7 @@ elf64_exec(struct preloaded_file *fp) Elf_Ehdr *ehdr; vm_offset_t modulep, kernend, trampcode, trampstack; int err, i; - bool copy_auto; + bool copy_auto, needs_pt4; copy_auto = copy_staging == COPY_STAGING_AUTO; if (copy_auto) @@ -162,6 +162,7 @@ elf64_exec(struct preloaded_file *fp) PT2[i] = (pd_entry_t)i * (2 * 1024 * 1024); PT2[i] |= PG_V | PG_RW | PG_PS; } + needs_pt4 = false; } else { PT4 = (pml4_entry_t *)0x0000000100000000; /* 4G */ err = BS->AllocatePages(AllocateMaxAddress, EfiLoaderData, 9, @@ -173,7 +174,35 @@ elf64_exec(struct preloaded_file *fp) copy_staging = COPY_STAGING_AUTO; return (ENOMEM); } + needs_pt4 = true; + } + + printf("%scopying staging tramp %p PT4 %p\n", + copy_staging == COPY_STAGING_ENABLE ? "" : "not ", + trampoline, PT4); + printf("Start @ 0x%lx ...\n", ehdr->e_entry); + + /* + * we have to cleanup here because net_cleanup() doesn't work after + * we call ExitBootServices + */ + dev_cleanup(); + + efi_time_fini(); + err = bi_load(fp->f_args, &modulep, &kernend, true); + if (err != 0) { + efi_time_init(); + if (copy_auto) + copy_staging = COPY_STAGING_AUTO; + return (err); + } + /* + * staging might move in bi_load because we automatiaclly move when we + * copy data in. At this point, staging can't move anymore, so create + * PT4 with the correct value. + */ + if (needs_pt4) { bzero(PT4, 9 * EFI_PAGE_SIZE); PT3_l = &PT4[NPML4EPG * 1]; @@ -210,22 +239,6 @@ elf64_exec(struct preloaded_file *fp) } } - printf("staging %#lx (%scopying) tramp %p PT4 %p\n", - staging, copy_staging == COPY_STAGING_ENABLE ? "" : "not ", - trampoline, PT4); - printf("Start @ 0x%lx ...\n", ehdr->e_entry); - - efi_time_fini(); - err = bi_load(fp->f_args, &modulep, &kernend, true); - if (err != 0) { - efi_time_init(); - if (copy_auto) - copy_staging = COPY_STAGING_AUTO; - return (err); - } - - dev_cleanup(); - trampoline(trampstack, copy_staging == COPY_STAGING_ENABLE ? efi_copy_finish : efi_copy_finish_nop, kernend, modulep, PT4, ehdr->e_entry); diff --git a/stand/efi/loader/bootinfo.c b/stand/efi/loader/bootinfo.c index 2961b8b97fb7..e56cd90ed7b8 100644 --- a/stand/efi/loader/bootinfo.c +++ b/stand/efi/loader/bootinfo.c @@ -213,6 +213,17 @@ bi_load_efi_data(struct preloaded_file *kfp, bool exit_bs) } #endif +#if defined(__amd64__) || defined(__i386__) + extern uint64_t staging; + /* + * Staging can't move after this point, so report the final value before + * we try to exit boot services below. The metadata added is added to + * the malloced arena that we setup when we started and doesn't interact + * with boot services. + */ + printf("staging %#jx\n", (uintmax_t)staging); +#endif + do_vmap = true; efi_novmap = getenv("efi_disable_vmap"); if (efi_novmap != NULL) @@ -302,14 +313,20 @@ bi_load_efi_data(struct preloaded_file *kfp, bool exit_bs) * loader.conf(5). By default we will setup the virtual * map entries. */ - if (do_vmap) efi_do_vmap(mm, sz, dsz, mmver); + + /* + * Add the memory map to the metadata. addmetadata copies the data into + * the malloc arena, so we can safely free the memory map pages after. + * Or could if boot services was still running. + */ efihdr->memory_size = sz; efihdr->descriptor_size = dsz; efihdr->descriptor_version = mmver; file_addmetadata(kfp, MODINFOMD_EFI_MAP, efisz + sz, efihdr); + /* BS->FreePages(addr, pages); */ return (0); } From nobody Mon Jun 8 17:03:31 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYyzl6Hmqz6gP36 for ; Mon, 08 Jun 2026 17:03:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYyzl5cyYz3GZ9 for ; Mon, 08 Jun 2026 17:03:31 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780938211; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=st2N3Qc7ESjB0jQnwJ/y/YVqcqeFwL69d/byrbIoukM=; b=sdKxFKrfwm23nhJsk695E9MXYRPum3uE7QohWlfNPEiFRHlHaWOX7OtnlE1YH/0MvekdcB sw9Z6RbEzuKFqh4l2ai8nGM59BAym7L5kn94wGGXF5Y8vptIzkDCfQSb42eLyEPEAR7QAw OT/hGMOr50TffiXm/p11I9LfH9y/87HPSiU+E4h8lriEvymtQ8wjF92qnbyGy34acU3HLB xUDqtCBmfVFkSSg1ggP7BkWk9P+7CfsDa2I2MzhhF07n79jZjHjqwyPqtvOuYkK12/8P5M ANd0z2j57C8mefmt9v65GJvAwVodSTvUJvxIVLZmMA4BfkdGaeomhAwRdLa1mg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780938211; a=rsa-sha256; cv=none; b=j3KQn7XUjyBj93dNCwO5LFHz9zucgl5omzz3PUK0uci6PEfaIixkZZw7BQy/c7ANZP871f AYL68MEIWyTEDoKhB1oKTF40vlfg3jRdxP4g/BJCUg1v3qW1+5TXy7Jp6DXdEQqNUHTrHb 79FxqYf6E4MW8MNbhydde3u8TsT8Hi55pC3DgwgBggbDB6WcuYxzjZn7vb71lRqEYS62PR X31YL67PrU93lH8hH1WEen5iZQTM+a4D8gEkd75gavZ9iuQkQ45iMwReewOSrLvDsD+W8q JkbtUmlvifd8u7sisrkuNB8pNS8+n5HTOvRpOqS2nZdROilsCswskrPn7at2IQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780938211; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=st2N3Qc7ESjB0jQnwJ/y/YVqcqeFwL69d/byrbIoukM=; b=OwPSyt7zK3PAhZ/xsvGEfKglyabBbPiZ70EcEhZz7RhALV1zWtbJJZ7sw0PWFs9nI6VJ51 KgxqWOEhXyhFZbp5AReWE1VqfApBYLgjfvnBF5ZnTrT9T0+Pf6u9WbQZ7arWwJk4pfy/Z3 0y4BHenW664pLyWsbU1MNRUTDvmTvsZ0XMI8VKGebVPxL4kcwO0h91u7cP0AVWQp1NpQ3D ofjjWsdj3YfXIQ7h1PWkAuDPbs97jmaWkRDQ6+IdSGs1aG0ZZsFYjjd4e+8yvaYmeMThcA mIeO5V/+psBfZwvRvJt8ZLuvctJ+SCXq/Uj2n4coq1uciAzQdAevqAJGfVGizQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gYyzl58Ttzx2L for ; Mon, 08 Jun 2026 17:03:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 25edf by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 17:03:31 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: 0b269737f9ca - main - imgact_elf: handle unaligned phdrs List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 0b269737f9ca057826a6c9376c2474b1ae5bc91c Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 17:03:31 +0000 Message-Id: <6a26f5e3.25edf.4c6a5357@gitrepo.freebsd.org> The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=0b269737f9ca057826a6c9376c2474b1ae5bc91c commit 0b269737f9ca057826a6c9376c2474b1ae5bc91c Author: Konstantin Belousov AuthorDate: 2026-06-08 01:22:51 +0000 Commit: Konstantin Belousov CommitDate: 2026-06-08 17:02:13 +0000 imgact_elf: handle unaligned phdrs Althought non-compliant, there are binaries which have the phdrs placed unaligned in the image. Since we have the code to allocate memory for off-page phdrs, the same code path can be used to handle unaligned phdrs. Relax the requirement for both the activated image and interpreter. PR: 295629 Reviewed by: emaste, markj, olce Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D57498 --- sys/kern/imgact_elf.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c index b889c4a14866..46908f01097b 100644 --- a/sys/kern/imgact_elf.c +++ b/sys/kern/imgact_elf.c @@ -858,12 +858,12 @@ __elfN(load_file)(struct thread *td, const char *file, u_long *addr, goto fail; } - if (!aligned(imgp->image_header + hdr->e_phoff, Elf_Addr) || - hdr->e_phnum > __elfN(phnums)) { + if (hdr->e_phnum > __elfN(phnums)) { error = ENOEXEC; goto fail; } - if (__elfN(phdr_in_zero_page)(hdr)) { + if (__elfN(phdr_in_zero_page)(hdr) && + aligned(imgp->image_header + hdr->e_phoff, Elf_Addr)) { phdr = (const Elf_Phdr *)(imgp->image_header + hdr->e_phoff); } else { VOP_UNLOCK(imgp->vp); @@ -1157,10 +1157,6 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) free_interp = false; m_phdrs = NULL; - if (!aligned(imgp->image_header + hdr->e_phoff, Elf_Addr)) { - uprintf("Unaligned program headers\n"); - return (ENOEXEC); - } if (hdr->e_phoff + hdr->e_phnum * hdr->e_phentsize < hdr->e_phoff) { uprintf("PHDRS wrap\n"); return (ENOEXEC); @@ -1170,7 +1166,8 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) hdr->e_phnum, __elfN(phnums)); return (ENOEXEC); } - if (__elfN(phdr_in_zero_page)(hdr)) { + if (__elfN(phdr_in_zero_page)(hdr) && + aligned(imgp->image_header + hdr->e_phoff, Elf_Addr)) { phdr = (const Elf_Phdr *)(imgp->image_header + hdr->e_phoff); } else { VOP_UNLOCK(imgp->vp); From nobody Mon Jun 8 17:20:35 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gYzMR5C5vz6gPyH for ; Mon, 08 Jun 2026 17:20:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gYzMR4SHtz3Jl9 for ; Mon, 08 Jun 2026 17:20:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780939235; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hl05PxPWKHsh1eqMVwOK1xSVKz48YTYY48stguT65Z8=; b=pc8BCkgnWc1HiVPrqvqRW3hssFczpsvCk5vG9rCSsyXBdr1FUS5p40e9faTc9gnxttGy3H 33zWbo3tisvdE42dkbZ84eVDCadi1kgAMqWw6MPUl9YXy7teH5shn5aDtmfvG31L2FlYr/ vpGeW7BwFWoLredsV0my9vbKwYuWBO2DjDfOT9M4a6yXPIzu+5z5POtLsriK5PZa4Gsd7c apgKl1SNoqeVyfNM35K2DPIup+hmFim0boOor32IOSubq/ep2xQZnat9lcwQp4qjXhr3iQ wIUPlLztVR1JRP2eLLQx/eEcPpn0c0jrDp1RmIq4heaY7TQ16Wj+Cickg3EmwA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780939235; a=rsa-sha256; cv=none; b=bo+Rya9xgX4GurKfkHlL36xMH8pxuBvhywk2vFOdcsetGWzdWuJ5BMk5UPBWhCz5FvV5ys 7LH64hxXDCo2KOVXoe+l04bZmnXdsLzhNKlRVtgyOl60QhQEn6DdzQnnOqkCSm6jIT2BIu cj6dEF7EYnZsHy7bfKA5fKWO+Wlt5zvy2LAeBIVc7t1vOL1hKwLRifdcj+G2SBf5b+iyIo 0zQvhmb9A8w4NIs7uQEZsTiFZo34mZCeSZyAcotz/wIIZ3qd0etoxy9hglk4Wg4dd3Oi17 bBI5VMgTV22GLI8RppB033at7iN74DB4pdZm8Ek4pvKFEXykdF255YJz01jr2Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780939235; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hl05PxPWKHsh1eqMVwOK1xSVKz48YTYY48stguT65Z8=; b=f30SqoyCP04dz7kx3b466Pa2MfGKUGEe7Y1tkPh2wCP+o9nldGP+Q6XBbWafxBYojVJCVb fb1r2M/VKW+L7ZcqRyqFoO+ps5lNQpRKZEcA59mtO6IesbhVTloJ0SYBFR43b0LwlkaHFx QUiaGmQtgfR4qIeCM46P4CwNYQnY1JepqZpjFvW51kYUkwFSutKVqgLlBUYR6/1HvdQtA2 Zsct9lEIIJqwr/ctNu6EspxD1ERREi6SeI94JTj2ykjMUYT9r10OUTObJrHupLdedCgViN ZTnqougpriilZZSOHims4HFPPKCzsbOkOL7C8uf8Xgxuhs4WN94zHG3wdHZBiw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gYzMR3kQZzxVn for ; Mon, 08 Jun 2026 17:20:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 30e38 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 17:20:35 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Koine Yuusuke From: Ed Maste Subject: git: 04cee2a1727e - stable/15 - intelhfi: Add IA32_PM_ENABLE bit flag define List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 04cee2a1727ea9e5b0ad20b5c4b36d8b5859ae49 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 17:20:35 +0000 Message-Id: <6a26f9e3.30e38.58e978f9@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=04cee2a1727ea9e5b0ad20b5c4b36d8b5859ae49 commit 04cee2a1727ea9e5b0ad20b5c4b36d8b5859ae49 Author: Koine Yuusuke AuthorDate: 2026-05-17 15:58:41 +0000 Commit: Ed Maste CommitDate: 2026-06-08 17:20:15 +0000 intelhfi: Add IA32_PM_ENABLE bit flag define Reviewed by: Minsoo Choo Differential Revision: https://reviews.freebsd.org/D56919 (cherry picked from commit 436f47a80c20a4d8395d30f81684b2d5dd35991e) --- sys/x86/include/specialreg.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sys/x86/include/specialreg.h b/sys/x86/include/specialreg.h index f14c8c56d0e3..7933291a752e 100644 --- a/sys/x86/include/specialreg.h +++ b/sys/x86/include/specialreg.h @@ -903,6 +903,9 @@ /* MSR IA32_MCU_OPT_CTRL */ #define IA32_RNGDS_MITG_DIS 0x00000001 +/* MSR IA32_PM_ENABLE */ +#define IA32_PM_ENABLE_HWP_ENABLE (1ULL << 0) + /* MSR IA32_HWP_CAPABILITIES */ #define IA32_HWP_CAPABILITIES_HIGHEST_PERFORMANCE(x) (((x) >> 0) & 0xff) #define IA32_HWP_CAPABILITIES_GUARANTEED_PERFORMANCE(x) (((x) >> 8) & 0xff) From nobody Mon Jun 8 19:33:10 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ2Jg4jw5z6gcnp for ; Mon, 08 Jun 2026 19:33:23 +0000 (UTC) (envelope-from eduardo@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R12" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ2Jg4FKqz3gtX for ; Mon, 08 Jun 2026 19:33:23 +0000 (UTC) (envelope-from eduardo@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780947203; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=G/cxXMtWWPSBLRpd1fMwIQnNNGRhsC1XjEirMVQ31OY=; b=K30UrZ30eFGQVLHxXnkFEuomk4ZZBZ6/86gsVWBDsV0EzGPrREwSurwdf3x7ZqrF2bJzjV srlmNK+0HBDjRghQ6As/LzWxqxgewgeHdhqFA0oe5hOvdQrDSo9h6ZHpswcQhVU4T5rcwj e8fqkf+gjE2qXw26OBxQaTIBhRunjJohu2SnDI8EhfJxyyjBlTpLvG7ymQWPVtGwr5oIsR /TlL0dI45YodVN5++g1d1zxtPTjTQWANlxYMaPSEutPTNOCryWR/JtQ8j7wWNv9EDpXU9o 7Qwp9gP2/fM+qGFlXOdCwfUUrsoJfENljEDa5LCUiQN64Mcf+NrVJtibGmIcCg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780947203; a=rsa-sha256; cv=none; b=Mh3T2wbLKPmzhZjWw8nIPrIgjHF/R2BbirWV0qtAGJ8ywt1ThnWnMdgwwd32yqWWH0s2GW sVDqU++LYA6oiG6B1RP4PNR7iTHmsOnrvXlzzkCb7YGZshZnQV3IdBefyD0PICTW+hbgR1 k7GM2g/MQdhF2JnjNvCnU3HcPBBFG+IaQ/9sfMClCB53PZtgy0cCl8vJ2mMcbquMj9EMGc nZmlc3DbkCZunDbCoOdx2kRfknbD4nowDVWa/fnsFVlIJCRvjcgW1BPlVNTKnkBLg5RU4A YQ0kihPRC9gG5JUllciKRK0EsZt3lrfOYmSAYhBxxoMIkRD4uO2PuO4quFwmyQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780947203; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=G/cxXMtWWPSBLRpd1fMwIQnNNGRhsC1XjEirMVQ31OY=; b=NOHLWAmsJ2pP+9+22ckXy080oe1SU1+kr7r028LA38GQf9elI+DBheFF6QVCWbdVfC1xkV 4wdfQI6sLWQoyfAew1uiSBVIWsbLz6trPKDUsu08QgHN5Npo8t2YDJdMVObBnbxGFkFOhU 4ffDq5sJddL5DDTM5Ntg7UpCGpUiEkiKzLz5DL2F8Yf214xO6gl332VpBiFBYaw9pKGYiR Le7Q5gg0bBk+0AxzpZPUf0iHxucCcOOIc/vUvrjb/O5Mpumlxnm1qwYa/dG/DTfKbK53P9 UVQChJFi3Xs2pMQzZXh8ZYUmmN0vVJ6EO2yEYJd+btDJiLoN4ly6O/fgO5bDug== Received: from mail-lj1-f176.google.com (mail-lj1-f176.google.com [209.85.208.176]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) (Authenticated sender: eduardo) by smtp.freebsd.org (Postfix) with ESMTPSA id 4gZ2Jg3r0Sz19lb for ; Mon, 08 Jun 2026 19:33:23 +0000 (UTC) (envelope-from eduardo@freebsd.org) Received: by mail-lj1-f176.google.com with SMTP id 38308e7fff4ca-39677114c7bso4162071fa.0 for ; Mon, 08 Jun 2026 12:33:23 -0700 (PDT) X-Forwarded-Encrypted: i=1; AFNElJ83QetQX3Pv9LwUc5UWh4G+srjFEHlcH9y4AItDUD93v4h1LkWvnJSCbPk89d/ll1ybPD/3/ffC5rM07n1LByE5p1kU@freebsd.org X-Gm-Message-State: AOJu0Ywu0xLfy26QERIR3EDqQ839px4aVfOyuMjNgNTw/k3jr7JTP5R4 pgNkLUEeRHewVWeKXzBN0dbpJ5wUchiAuxfT6e3ioxAKr6ex900uzaCI7+4+kbjlOargcLGXD5P q6zroUEyKsomY2CIqtoXtWqiSRKZhoJs= X-Received: by 2002:a05:651c:18cb:b0:38a:325a:8a0b with SMTP id 38308e7fff4ca-396d0a10734mr19879271fa.5.1780947202033; Mon, 08 Jun 2026 12:33:22 -0700 (PDT) List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 References: <6a21bc18.2040e.38ce0e7e@gitrepo.freebsd.org> In-Reply-To: <6a21bc18.2040e.38ce0e7e@gitrepo.freebsd.org> From: Nuno Teixeira Date: Mon, 8 Jun 2026 20:33:10 +0100 X-Gmail-Original-Message-ID: X-Gm-Features: AVVi8Ce5xzbyZMryNCGXAhkVct0cEBnvUa0kZtd6h_UQrhADEPz-l-lk9hrAe6w Message-ID: Subject: Re: git: 453968c78d27 - main - uipc_usrreq: revert addition of EMPTYPATH for bindat(2) To: Konstantin Belousov Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Content-Type: multipart/alternative; boundary="000000000000574e000653c31544" --000000000000574e000653c31544 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hello Konstantin. I'm geting a testunit failure on devel/aws-c-io reported at https://github.com/awslabs/aws-c-io/issues/803 that might be related to this change. Any clues how to deal with it? Thanks, Konstantin Belousov escreveu (quinta, 4/06/2026 =C3=A0(s) 18:55): > The branch main has been updated by kib: > > URL: > https://cgit.FreeBSD.org/src/commit/?id=3D453968c78d27ed5c90562a1178f34fe= 8d616bf40 > > commit 453968c78d27ed5c90562a1178f34fe8d616bf40 > Author: Konstantin Belousov > AuthorDate: 2026-06-04 17:26:09 +0000 > Commit: Konstantin Belousov > CommitDate: 2026-06-04 17:55:11 +0000 > > uipc_usrreq: revert addition of EMPTYPATH for bindat(2) > > The caller wants the parent vnode, which cannot be provided for > emptypath > lookups. > > Reported and reviewed by: markj > Fixes: 12c590a9abd7 ("bindat(2)/connectat(2): allow implicit > EMPTYPATH for unix domain sockets") > Sponsored by: The FreeBSD Foundation > MFC after: 1 week > Differential revision: https://reviews.freebsd.org/D57448 > --- > lib/libsys/open.2 | 4 +--- > sys/kern/uipc_usrreq.c | 5 ++--- > 2 files changed, 3 insertions(+), 6 deletions(-) > > diff --git a/lib/libsys/open.2 b/lib/libsys/open.2 > index defc593b15ce..7915f7e8ef0a 100644 > --- a/lib/libsys/open.2 > +++ b/lib/libsys/open.2 > @@ -447,11 +447,9 @@ The other functionality of the returned file > descriptor is limited to > the following descriptor-level operations: > .Pp > .Bl -tag -width __acl_aclcheck_fd -offset indent -compact > -.It Xr bindat 2 > -for unix domain socket > -.Pq see Xr unix 4 > .It Xr connectat 2 > for unix domain socket > +.Pq see Xr unix 4 > .It Xr fcntl 2 > but advisory locking is not allowed > .It Xr dup 2 > diff --git a/sys/kern/uipc_usrreq.c b/sys/kern/uipc_usrreq.c > index a798aaf4f871..920588627914 100644 > --- a/sys/kern/uipc_usrreq.c > +++ b/sys/kern/uipc_usrreq.c > @@ -612,9 +612,8 @@ uipc_bindat(int fd, struct socket *so, struct sockadd= r > *nam, struct thread *td) > buf[namelen] =3D 0; > > restart: > - NDINIT_ATRIGHTS(&nd, CREATE, NOFOLLOW | LOCKPARENT | NOCACHE | > - EMPTYPATH, UIO_SYSSPACE, buf, fd, cap_rights_init_one(&rights= , > - CAP_BINDAT)); > + NDINIT_ATRIGHTS(&nd, CREATE, NOFOLLOW | LOCKPARENT | NOCACHE, > + UIO_SYSSPACE, buf, fd, cap_rights_init_one(&rights, > CAP_BINDAT)); > /* SHOULD BE ABLE TO ADOPT EXISTING AND wakeup() ALA FIFO's */ > error =3D namei(&nd); > if (error) > > --=20 Nuno Teixeira FreeBSD UNIX: Web: https://FreeBSD.org --000000000000574e000653c31544 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello Konstantin.

I'm geti= ng a testunit failure on devel/aws-c-io reported at https://github.com/awslabs/aws-c-io/iss= ues/803 that might be related to this change.

Any clues ho= w to deal with it?

Thanks,

Konstantin Bel= ousov <kib@freebsd.org> escrev= eu (quinta, 4/06/2026 =C3=A0(s) 18:55):
The branch main has been updated by kib:

URL: https://cgit.= FreeBSD.org/src/commit/?id=3D453968c78d27ed5c90562a1178f34fe8d616bf40
commit 453968c78d27ed5c90562a1178f34fe8d616bf40
Author:=C2=A0 =C2=A0 =C2=A0Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2026-06-04 17:26:09 +0000
Commit:=C2=A0 =C2=A0 =C2=A0Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2026-06-04 17:55:11 +0000

=C2=A0 =C2=A0 uipc_usrreq: revert addition of EMPTYPATH for bindat(2)

=C2=A0 =C2=A0 The caller wants the parent vnode, which cannot be provided f= or emptypath
=C2=A0 =C2=A0 lookups.

=C2=A0 =C2=A0 Reported and reviewed by:=C2=A0 =C2=A0 =C2=A0 =C2=A0markj
=C2=A0 =C2=A0 Fixes:=C2=A0 12c590a9abd7 ("bindat(2)/connectat(2): allo= w implicit EMPTYPATH for unix domain sockets")
=C2=A0 =C2=A0 Sponsored by:=C2=A0 =C2=A0The FreeBSD Foundation
=C2=A0 =C2=A0 MFC after:=C2=A0 =C2=A0 =C2=A0 1 week
=C2=A0 =C2=A0 Differential revision:=C2=A0 https://reviews.freebsd= .org/D57448
---
=C2=A0lib/libsys/open.2=C2=A0 =C2=A0 =C2=A0 | 4 +---
=C2=A0sys/kern/uipc_usrreq.c | 5 ++---
=C2=A02 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/lib/libsys/open.2 b/lib/libsys/open.2
index defc593b15ce..7915f7e8ef0a 100644
--- a/lib/libsys/open.2
+++ b/lib/libsys/open.2
@@ -447,11 +447,9 @@ The other functionality of the returned file descripto= r is limited to
=C2=A0the following descriptor-level operations:
=C2=A0.Pp
=C2=A0.Bl -tag -width __acl_aclcheck_fd -offset indent -compact
-.It Xr bindat 2
-for unix domain socket
-.Pq see Xr unix 4
=C2=A0.It Xr connectat 2
=C2=A0for unix domain socket
+.Pq see Xr unix 4
=C2=A0.It Xr fcntl 2
=C2=A0but advisory locking is not allowed
=C2=A0.It Xr dup 2
diff --git a/sys/kern/uipc_usrreq.c b/sys/kern/uipc_usrreq.c
index a798aaf4f871..920588627914 100644
--- a/sys/kern/uipc_usrreq.c
+++ b/sys/kern/uipc_usrreq.c
@@ -612,9 +612,8 @@ uipc_bindat(int fd, struct socket *so, struct sockaddr = *nam, struct thread *td)
=C2=A0 =C2=A0 =C2=A0 =C2=A0 buf[namelen] =3D 0;

=C2=A0restart:
-=C2=A0 =C2=A0 =C2=A0 =C2=A0NDINIT_ATRIGHTS(&nd, CREATE, NOFOLLOW | LOC= KPARENT | NOCACHE |
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0EMPTYPATH, UIO_SYSSPACE, buf, fd,= cap_rights_init_one(&rights,
-=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0CAP_BINDAT));
+=C2=A0 =C2=A0 =C2=A0 =C2=A0NDINIT_ATRIGHTS(&nd, CREATE, NOFOLLOW | LOC= KPARENT | NOCACHE,
+=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0UIO_SYSSPACE, buf, fd, cap_rights= _init_one(&rights, CAP_BINDAT));
=C2=A0/* SHOULD BE ABLE TO ADOPT EXISTING AND wakeup() ALA FIFO's */ =C2=A0 =C2=A0 =C2=A0 =C2=A0 error =3D namei(&nd);
=C2=A0 =C2=A0 =C2=A0 =C2=A0 if (error)



--
Nuno Teixeira
=
FreeBSD UNIX:=C2=A0 <eduardo@FreeBSD.org>=C2=A0 =C2=A0Web:=C2=A0 https://Fr= eeBSD.org
--000000000000574e000653c31544-- From nobody Mon Jun 8 19:52:00 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ2k875QVz6gf2q for ; Mon, 08 Jun 2026 19:52:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ2k83TGzz3lsq for ; Mon, 08 Jun 2026 19:52:00 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780948320; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Li5xPkQtDaSH5kuZZy8UdlEhkTXuEz+0tVJa50oUVRY=; b=NJ90W5fi6GACxGL3+L/zWqv8WVVaNYLCkse99RmAkFvpuBtFgFLsPIuDm2uIY35eqPL/0o s8gpKFDh0KBXIdDfWJasCxYDRodXEmF9BEnG5RErcdUzrEuqtsc/cwmiI6mWC5i6MG0u9f Jjz1fRTmgCrUFpbzXBXKNXeZP3u7XcX9tTukb85x4AML96RD+DFdT+AB8jtBeV32fwTQPv EjsPKOKKZaypx0qdm9u2EuUdAaVbriuvlT26BRIZkTDGZoDesBkPgybLw7udU1gh0o61bF vgaF5NM/iIlk9WadbVslCC7scuRZA4GX/6sALb0Fwgcyv5vRMOnTtrVQwwCjcg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780948320; a=rsa-sha256; cv=none; b=us9UzHpIWKZsXOkAIXsYPx8K6Vko+y2f0hVdJqYRinyvcMh/JMSedxcX/CFo2qYRMkrgsD 7ZowJjcx8V0G3ptZakTH9/q5NLfmfsKRrtZQ6cke6dxStv1LUtAvi8J4rQoM52TC2icexV iUCxiww1ygtViYwOI8gzaiW9qZHcMk/Ajoqvqz7cm7Ng9jQnvXqjYomYZW3gZ4U/ZKo277 5zn8J2cfUuYi0LNVQxWnnRrYIlnVH8faQiRk189l/cErKwc/Zw1s13OZBy5WasWK+bTmNn ATBYXb7c8/bUBf5AS/HkHFxLRQ+4lQQhRTpFtRJVvbw7EWwLtgfJueYSCzWJsQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780948320; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Li5xPkQtDaSH5kuZZy8UdlEhkTXuEz+0tVJa50oUVRY=; b=eczMs9738Uls2Trub/F+OjJrOE9ZNPHPpY087WX2g049cB2f8XgwqfMFnw4g9OnA877CMy wc98Uc1tfzYi31iFDsEeEjCum92Mrj15V6J8ZHsxoq0PFXua0DJEFsDJG0ttIWMIe5cVL/ +Gp+meMN0PlzcQbKFRlqHDDN5KXzzVnzkEyTPcPHYaX6URj2EguVdXkOh9QD2jpEMjOkzb ZkgmygoZfQMhqFEJWEZtdCL7JkYydlnyH2I+Aa06wg6909BFd5lMCoEcfaiZDAk5kfEcSR njNfPzX8LbZziaWrX7NL4dhkRMjVaCiAACyw6IecUmE5IdzWS6cOp8XX4Vmoog== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ2k831qNz12tF for ; Mon, 08 Jun 2026 19:52:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 4146c by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 19:52:00 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Ed Maste Subject: git: 888d9236e224 - main - netlink: Use unsigned type in nl_process_nbuf List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 888d9236e2249cb1bda686aca8729fdcc69a10ac Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 19:52:00 +0000 Message-Id: <6a271d60.4146c.6180cf37@gitrepo.freebsd.org> The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=888d9236e2249cb1bda686aca8729fdcc69a10ac commit 888d9236e2249cb1bda686aca8729fdcc69a10ac Author: Ed Maste AuthorDate: 2026-06-05 19:16:53 +0000 Commit: Ed Maste CommitDate: 2026-06-08 19:51:35 +0000 netlink: Use unsigned type in nl_process_nbuf nlmsghdr::nlmsg_len and nl_buf::offset are u_int. Make msglen match. Reviewed by: pouria, glebius Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57474 --- sys/netlink/netlink_io.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sys/netlink/netlink_io.c b/sys/netlink/netlink_io.c index 9646eb2650d5..51c87d229717 100644 --- a/sys/netlink/netlink_io.c +++ b/sys/netlink/netlink_io.c @@ -345,9 +345,11 @@ nl_process_nbuf(struct nl_buf *nb, struct nlpcb *nlp) }; for (; nb->offset + sizeof(struct nlmsghdr) <= nb->datalen;) { + u_int msglen; + hdr = (struct nlmsghdr *)&nb->data[nb->offset]; /* Save length prior to calling handler */ - int msglen = NLMSG_ALIGN(hdr->nlmsg_len); + msglen = NLMSG_ALIGN(hdr->nlmsg_len); NL_LOG(LOG_DEBUG3, "parsing offset %d/%d", nb->offset, nb->datalen); npt_clear(&npt); From nobody Mon Jun 8 19:54:15 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ2mr3CVpz6gfGV for ; Mon, 08 Jun 2026 19:54:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ2mr1CM5z3mwv for ; Mon, 08 Jun 2026 19:54:20 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780948460; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kgd0/Bb1ANa6T6j1G3GtjNHYX3TF8jarQ5JTNUEyiLA=; b=VELrza4ec4g+1jwB4xZ37QYL65p+WeYLCCm7l9B/jzh9Y3VtSjNJQwpwxF0tf00JzyboXR 3XmEe2eZRjLdL1lMaSBFnJvruRGe83UGNFsoNBIwSfGl+YZxSTzqvqKFRPwooq/ouZ9Sp4 sL5c1T5PG817lWhmmE6s6jOQ7rMnCbdsz/IJO43+hrXEuvRGJg+H+H7aiS5Oi2tLJcxEme kWFzYRvgb3HwKkpt+tXbEnvdUZxje7EsIq+S6a4u0lEWsbH5uAarWTWCCQAYkrUayZQhqI +CQ+MAawqOrFeK0S+eNlkuLcbM69aPKdf7Jy5QAJonUxrBc20RhFipi7jbqUWw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780948460; a=rsa-sha256; cv=none; b=Ukvap4GANJgOgIdXAdPrGGm0JY3opR5inSLu0NG5j2mYWAq+hsrpXhCH56UyLRO/YmQCpK EYGYR6wbteNzQfmlhCy8BZ8kfLC79a1reVXlE882z4bFRW81NsJ2xcwnO/ZDS91ymsCfbT C0lBUCnYzOghlE0mtlleJyzHi6e22Ap/CKLcoy4e2K6gFUZVX9NZylAsR7li5FZ2Nh0ENb QczV2CgyAtaJt1PzMjNAcORfvFcyhOg6pFAea3IpKAircsXVEaFztsDqKXra+mWJJ44reQ oYOvYZ/poOsSd1iUsPC/bjJTQkcCCw4n+WVsOi2V1UVd15CPmgDboD13jshg2A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780948460; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kgd0/Bb1ANa6T6j1G3GtjNHYX3TF8jarQ5JTNUEyiLA=; b=dkdGsSpwIjwFeTpzswHpRNHqSUXO0EY50V+aEAvVReBerCvBuZir8YcPUO217vJSumnYX7 r/AQBUWaoCyGjf9wPnr59evppSoM2U95KF0CASbZmVZZhTNQba0lNzJEW/1ZSOlCKL53Gl dXAugfKZt2LY6ur455FxFOWFxBt09c323r56FGEN9aj6viNZbqLdBRRHE+2UEOo2qxgmBW hL9/YxvTxzWEGG3g4nvOat+tkmyXUUEFzUwSbTwH8l+cHG4Oh3U3+4xI3aDVaxNJMHxp6+ GoFMCah5Hm7Q7sDjJuiC+O+4QgXYllP5bJxwZ4pOHblJyGwHC7Rhz6iikgZITQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ2ml0h1yz131x for ; Mon, 08 Jun 2026 19:54:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 4137c by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 19:54:15 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: bfdc17ca8006 - stable/15 - src.opts.mk: Comment about CTF & DTRACE relationship List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: bfdc17ca8006773ca7efd8dec9d16f28a862dd0e Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 19:54:15 +0000 Message-Id: <6a271de7.4137c.5228d95@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=bfdc17ca8006773ca7efd8dec9d16f28a862dd0e commit bfdc17ca8006773ca7efd8dec9d16f28a862dd0e Author: Ed Maste AuthorDate: 2026-05-12 17:19:46 +0000 Commit: Ed Maste CommitDate: 2026-06-08 19:53:57 +0000 src.opts.mk: Comment about CTF & DTRACE relationship WITH_CTF enables building userland components with CTF, and not the ctf* tools as one might expect. The tools are actually included with the DTRACE knob. Add a comment where the dependency is handled, as this has caused confusion. Reported by: ivy Reviewed by: markj Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D56977 (cherry picked from commit f6178451eea5b1ce6802fbb0e6eceb555c7b4841) --- share/mk/src.opts.mk | 2 ++ 1 file changed, 2 insertions(+) diff --git a/share/mk/src.opts.mk b/share/mk/src.opts.mk index a0bf8c2d454f..f9fc2dad280a 100644 --- a/share/mk/src.opts.mk +++ b/share/mk/src.opts.mk @@ -431,6 +431,8 @@ MK_KERBEROS_SUPPORT:= no MK_MITKRB5:= no .endif +# MK_DTRACE also gates ctf tools, so we cannot build userland with CTF +# if it is off. .if ${MK_DTRACE} == "no" MK_CTF:= no .endif From nobody Mon Jun 8 20:14:43 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ3DM4K22z6ggKn for ; Mon, 08 Jun 2026 20:14:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ3DM37j3z3rRZ for ; Mon, 08 Jun 2026 20:14:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780949683; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HsWSIqK0ectdEWzFH6adquF+T+v4Gr9bqLp+OLMGnc0=; b=C/SMEHgBvIxHy609AltmXdqQeQgPuTvqbwgaLrCJfzv7yd3Cxyk+7p3/1VphGCvYTDauU/ BDlX7PqBlB9yvxCXJvStiXiVTzCe3neLgl3OMLqULi6dSjD8qw8Win7NTcNRyGBMoyeugO PiUh4+gMtrfoKmc9xDAsEXg9E3OxZWHuWaXVJ/acSP8uBXxwoG+opu/+QQqQftcGke2Dj9 11nBZKxCDR58He60BOFCsq3on4msHEWBTKRq4Ze4TCj7NFUuTSCDm3cbHwMqgHqAb/cKuy 6T7u00b6bjQ0VdbLyfUBVPftAt14PoRO7mYdVzzyCxwOkyKfjNIqvcndsoeevw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780949683; a=rsa-sha256; cv=none; b=f0Pem5cFbWIXpXAgbtd3EPL/QapgRnjgMGtbeiSaSp2U9vHiosTPucyVmifiGWvmQmJubB qWihNft5l0o2sR/Ob+t0uemKqLEZ/2Akelvp7hHoHEx56BmMFugjWvrMAgmFGa/SSz0ppl 8P+moOxw0FV7L4/YX5QDE1XpyViAqnxz5uoG3OIE7R4lOfr0wx0GiUECsrZSbB3hMQLp7B ObTvdDqiq1mDJYFpDfMpxJ0DUZqiAvMXRom5Gh11p4/Cp3aF6zAVsLzzOXwvOjBamZmCdc QSD7aPYbSrPiCDrumM5255XrEJv1JFX3gqtLd8flefuu56CqwIWGexVF0/Ujaw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780949683; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HsWSIqK0ectdEWzFH6adquF+T+v4Gr9bqLp+OLMGnc0=; b=Wbr6sWGMHUQz7CbFRQwMVzBniMrWI90lCz9YbOCHwtoFgq4Nczo4H7pfAYWYJx929ok2Dt 76EvX4cmQULx9q4SQJ7Xcx4Pyt6aYzNftZ+gP6TlNerEspV2wLHoKM/6Mv2o/OfzJFL7+p 57Nj1vfbV//p8W4QNJORJxatYg0+a7o1XVx/FgB1zOjlcEqZKPoNSBccUN0tPuWlTm40t+ WW2vorv9BTNRSlT9uCwDtWAXg4ghq673kqq1Vs/9Ss2NZasjM/qkWZp5pQ6CpAze0yiI33 0pYvGp9UoAlv7oVDexIIg39iD/gCudTB/Rs3ekfNIDSvQug07H4ULaDkFvLTWg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ3DM2Ntbz13W6 for ; Mon, 08 Jun 2026 20:14:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 43997 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 20:14:43 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: 9f378397ee89 - main - procstat binary: do not skip pid if either path or osrel sysctls failed List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 9f378397ee89044a4faec522916b50f0a164d62e Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 20:14:43 +0000 Message-Id: <6a2722b3.43997.525fed57@gitrepo.freebsd.org> The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=9f378397ee89044a4faec522916b50f0a164d62e commit 9f378397ee89044a4faec522916b50f0a164d62e Author: Konstantin Belousov AuthorDate: 2026-06-07 07:28:29 +0000 Commit: Konstantin Belousov CommitDate: 2026-06-08 20:14:20 +0000 procstat binary: do not skip pid if either path or osrel sysctls failed PR: 295893 Reviewed by: emaste Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D57493 --- usr.bin/procstat/procstat_bin.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/usr.bin/procstat/procstat_bin.c b/usr.bin/procstat/procstat_bin.c index 04482e5ee1ba..d3061c1ac420 100644 --- a/usr.bin/procstat/procstat_bin.c +++ b/usr.bin/procstat/procstat_bin.c @@ -35,6 +35,7 @@ #include #include #include +#include #include #include @@ -50,12 +51,13 @@ procstat_bin(struct procstat *prstat, struct kinfo_proc *kipp) xo_emit("{T:/%5s %-16s %8s %s}\n", "PID", "COMM", "OSREL", "PATH"); - if (procstat_getpathname(prstat, kipp, pathname, sizeof(pathname)) != 0) + if (kill(kipp->ki_pid, 0) == -1) return; - if (strlen(pathname) == 0) + if (procstat_getpathname(prstat, kipp, pathname, sizeof(pathname)) + != 0 || strlen(pathname) == 0) strcpy(pathname, "-"); if (procstat_getosrel(prstat, kipp, &osrel) != 0) - return; + osrel = -1; xo_emit("{k:process_id/%5d/%d} ", kipp->ki_pid); xo_emit("{:command/%-16s/%s} ", kipp->ki_comm); From nobody Mon Jun 8 20:14:44 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ3DN5LKQz6ggMw for ; Mon, 08 Jun 2026 20:14:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ3DN3kHbz3rcW for ; Mon, 08 Jun 2026 20:14:44 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780949684; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UetfvG7cz4pyXoqHtM1WtvHyAo0pT+IZmZHG2suE3Gw=; b=G/N6M0JZ+QlwmMSmE20R7y0zRSaBabTa5dc409TZ5m1ZuYO5ZJ6Wn4K6IZuY9NM3GYkvGE I5mbpfO0hsnLTFHI8l54o/AtvQ72umJd8MLKkGZDSOSCnpR3rKMZnrGneaV4JeZ8E2WOQQ HAb7vo2JAFYX5kTMqssP7NHi0qCw/Sg0LIxbFngSZ7SdoQDWoClrwDBCdatLJoSNoxV+Gu fCiGl1C7J3kkRrqjLzuQ4ML/gbmf2peTBL0HLNlAOao/g1F+hTd04zqE2g9q5ExL8qD1Ul 7CsUUXO+9yMIKBoWUYqdOHRh1gBMiXtZMpQa6bGjlF321r/StJc2as2Q4h7WBg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780949684; a=rsa-sha256; cv=none; b=dHs10f00rYUk36tT5UWSr7FCPr1kOlbL7I4ADEyR+IYygoNH9JZ76d3C1HzBURtVRM7m2O T0LyC0gIJ3P2n9TgtPzqEXlBi1pbo1Hq86cR6XLGBAozyH/lD3gdqasN//vejhPNVlkekB HMvIW3HvE9hUmDZMCw+3EC15eS4gh1B/vYxV4WCn6JypEFBxAs5p82sabgggOaSpqV5pDY vZa38EAWjgDRmU7oqfhduotpO3SGa85ZkuJeZNK1NLIdYFGoeRaEEXizU17LQOXEvZ+mLU Eon8weMK0G66ZQ6BkokHaN2XBTg+WJj/KRYiyYyM37K5ueiMz0rEJxpfkVNh0A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780949684; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UetfvG7cz4pyXoqHtM1WtvHyAo0pT+IZmZHG2suE3Gw=; b=h7rF1Hi4o+IUxECHmuYa4RmHVntLKDjNWM0g04jb3Aumw3PlaT8Ut8Qqpxry5i3M5LxsHd uqUhP9XGiMCaDpafFjJwRw/ZiOqa/zfzmqXOnm5NdC2MKDW3FJMdbzAtEB/+os4LMm/1ks 26gas+PUE2fBqqWnO5EbHr0LZUvek70BrQVVHmG7YIBo7SvVkP8gk+eOZz4n3ABjEDSBWP cXmuQKpxv9iSgNYlR5RerYrd4VBnIB6pEVSJQL2Mdn7iWp+u/5lngdYMFvukXNV8NYSGnE UmYYV8rSMFbxOUdvW1m0awV60gb9velRr+UD+1XyWSddouD0tZApcqhM1TSINA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ3DN3Jnjz12xY for ; Mon, 08 Jun 2026 20:14:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 42be3 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 20:14:44 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: a2cfe535771d - main - exit1(9): do not deadlock if exit is called due to PT_SC_REMOTERQ List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: a2cfe535771ded3ca8526bae405a5b61f71f1f33 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 20:14:44 +0000 Message-Id: <6a2722b4.42be3.6a50a1e5@gitrepo.freebsd.org> The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=a2cfe535771ded3ca8526bae405a5b61f71f1f33 commit a2cfe535771ded3ca8526bae405a5b61f71f1f33 Author: Konstantin Belousov AuthorDate: 2026-06-05 20:21:59 +0000 Commit: Konstantin Belousov CommitDate: 2026-06-08 20:14:20 +0000 exit1(9): do not deadlock if exit is called due to PT_SC_REMOTERQ The remote syscall is executed in the context where debugger owns a p_lock hold on the target. Due to this, exit1() waiting for p_lock going to zero, never happen. Postpone the exit1() call to ast then, saving the provided rval and signo in the struct proc. Mark the async-exiting proc with the new p_flag P_ASYNC_EXIT. While p_xexit can be reused, p_xsig can be only set by actual exit1(), otherwise it breaks the ptrace mechanism. Allocate a dedicated p_asig for it. Reviewed by: markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D57482 --- sys/compat/linux/linux_fork.c | 4 +-- sys/compat/linux/linux_misc.c | 4 +-- sys/kern/kern_exec.c | 13 +++++----- sys/kern/kern_exit.c | 57 ++++++++++++++++++++++++++++++++++++++++--- sys/kern/kern_fork.c | 3 ++- sys/kern/kern_ucoredump.c | 4 +-- sys/sys/proc.h | 4 ++- sys/sys/signalvar.h | 2 +- sys/sys/syscallsubr.h | 1 + 9 files changed, 72 insertions(+), 20 deletions(-) diff --git a/sys/compat/linux/linux_fork.c b/sys/compat/linux/linux_fork.c index 1c9189162a09..24c5d3351623 100644 --- a/sys/compat/linux/linux_fork.c +++ b/sys/compat/linux/linux_fork.c @@ -486,8 +486,8 @@ linux_exit(struct thread *td, struct linux_exit_args *args) * exit via pthread_exit() try thr_exit() first. */ kern_thr_exit(td); - exit1(td, args->rval, 0); - /* NOTREACHED */ + kern_exit(td, args->rval, 0); + return (0); } int diff --git a/sys/compat/linux/linux_misc.c b/sys/compat/linux/linux_misc.c index eafba4f4bd19..c863e1db8b02 100644 --- a/sys/compat/linux/linux_misc.c +++ b/sys/compat/linux/linux_misc.c @@ -1545,8 +1545,8 @@ linux_exit_group(struct thread *td, struct linux_exit_group_args *args) * SIGNAL_EXIT_GROUP is set. We ignore that (temporarily?) * as it doesnt occur often. */ - exit1(td, args->error_code, 0); - /* NOTREACHED */ + kern_exit(td, args->error_code, 0); + return (0); } #define _LINUX_CAPABILITY_VERSION_1 0x19980330 diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 4066682cbcc5..8ea00543989e 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -341,11 +341,11 @@ post_execve(struct thread *td, int error, struct vmspace *oldvmspace) } /* - * kern_execve() has the astonishing property of not always returning to - * the caller. If sufficiently bad things happen during the call to - * do_execve(), it can end up calling exit1(); as a result, callers must - * avoid doing anything which they might need to undo (e.g., allocating - * memory). + * kern_execve() has the astonishing property of not always returning + * to the caller. If sufficiently bad things happen during the call + * to do_execve(), it can end up calling exit2(). Callers must avoid + * doing anything which they might need to undo (e.g., allocating + * memory), unless called from the ptrace(PT_SC_REMOTERQ) handler. */ int kern_execve(struct thread *td, struct image_args *args, struct mac *mac_p, @@ -1042,8 +1042,7 @@ exec_fail: if (error && imgp->vmspace_destroyed) { /* sorry, no more process anymore. exit gracefully */ exec_cleanup(td, oldvmspace); - exit1(td, 0, SIGABRT); - /* NOT REACHED */ + kern_exit(td, 0, SIGABRT); } #ifdef KTRACE diff --git a/sys/kern/kern_exit.c b/sys/kern/kern_exit.c index 18ea3a7bd29d..63e46dcf46f7 100644 --- a/sys/kern/kern_exit.c +++ b/sys/kern/kern_exit.c @@ -204,9 +204,8 @@ exit_onexit(struct proc *p) int sys__exit(struct thread *td, struct _exit_args *uap) { - - exit1(td, uap->rval, 0); - __unreachable(); + kern_exit(td, uap->rval, 0); + return (0); } void @@ -216,6 +215,48 @@ proc_set_p2_wexit(struct proc *p) p->p_flag2 |= P2_WEXIT; } +static void +ast_async_exit(struct thread *td, int asts) +{ + struct proc *p; + + p = td->td_proc; + if ((p->p_flag & P_ASYNC_EXIT) != 0) + exit1(td, p->p_xexit, p->p_asig); +} + +/* + * The variation on exit1() intended to be used in the syscall + * handlers. Unlike exit1(), it might delay the current process exit + * to ast. This is needed e.g. when _exit(2) is executed due to the + * ptrace(PT_SC_REMOTERQ), which must do more work after the syscall + * handler call. + */ +void +kern_exit(struct thread *td, int rval, int signo) +{ + struct proc *p; + + KASSERT(rval == 0 || signo == 0, + ("kern_exit rv %d sig %d", rval, signo)); + + p = td->td_proc; + if ((td->td_dbgflags & TDB_SCREMOTEREQ) != 0) { + PROC_LOCK(p); + p->p_xexit = rval; + p->p_asig = signo; + p->p_flag |= P_ASYNC_EXIT; + ast_sched(td, TDA_ASYNC_EXIT); + PROC_UNLOCK(p); + return; + } + if ((p->p_flag & P_ASYNC_EXIT) != 0) { + rval = p->p_xexit; + signo = p->p_asig; + } + exit1(td, rval, signo); +} + /* * Exit: deallocate address space and other resources, change proc state to * zombie, and unlink proc from allproc and parent's lists. Save exit status @@ -231,6 +272,7 @@ exit1(struct thread *td, int rval, int signo) mtx_assert(&Giant, MA_NOTOWNED); KASSERT(rval == 0 || signo == 0, ("exit1 rv %d sig %d", rval, signo)); + MPASS((td->td_dbgflags & TDB_SCREMOTEREQ) == 0); TSPROCEXIT(td->td_proc->p_pid); p = td->td_proc; @@ -828,7 +870,7 @@ out: sbuf_delete(sb); PROC_LOCK(p); sigexit(td, sig); - /* NOTREACHED */ + return (0); } #ifdef COMPAT_43 @@ -1627,3 +1669,10 @@ proc_reparent(struct proc *child, struct proc *parent, bool set_oppid) if (set_oppid) child->p_oppid = parent->p_pid; } + +static void +initexit(void *dummy __unused) +{ + ast_register(TDA_ASYNC_EXIT, ASTR_ASTF_REQUIRED, 0, ast_async_exit); +} +SYSINIT(exit, SI_SUB_EXEC, SI_ORDER_ANY, initexit, NULL); diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c index 75f8413e5f36..2fb4d9d4274d 100644 --- a/sys/kern/kern_fork.c +++ b/sys/kern/kern_fork.c @@ -66,6 +66,7 @@ #include #include #include +#include #include #include #include @@ -1258,7 +1259,7 @@ fork_return(struct thread *td, struct trapframe *frame) * If the prison was killed mid-fork, die along with it. */ if (!prison_isalive(td->td_ucred->cr_prison)) - exit1(td, 0, SIGKILL); + kern_exit(td, 0, SIGKILL); #ifdef KTRACE if (KTRPOINT(td, KTR_SYSRET)) diff --git a/sys/kern/kern_ucoredump.c b/sys/kern/kern_ucoredump.c index d425596b5f24..e08490fbf7b1 100644 --- a/sys/kern/kern_ucoredump.c +++ b/sys/kern/kern_ucoredump.c @@ -46,6 +46,7 @@ #include #include #include +#include #include #include #include @@ -197,8 +198,7 @@ sigexit(struct thread *td, int sig) err != NULL ? err : ""); } else PROC_UNLOCK(p); - exit1(td, 0, sig); - /* NOTREACHED */ + kern_exit(td, 0, sig); } diff --git a/sys/sys/proc.h b/sys/sys/proc.h index ed69a09422e2..5f017e6ece2c 100644 --- a/sys/sys/proc.h +++ b/sys/sys/proc.h @@ -504,6 +504,7 @@ enum { TDA_MOD3, /* .. and after */ TDA_MOD4, TDA_SCHED_PRIV, + TDA_ASYNC_EXIT, TDA_MAX, }; #define TDAI(tda) (1U << (tda)) @@ -777,6 +778,7 @@ struct proc { TAILQ_HEAD(, kq_timer_cb_data) p_kqtim_stop; /* (c) */ LIST_ENTRY(proc) p_jaillist; /* (d) Jail process linkage. */ + u_int p_asig; /* (c) ASYNCEXIT pending signal. */ }; #define p_session p_pgrp->pg_session @@ -842,7 +844,7 @@ struct proc { #define P_INEXEC 0x04000000 /* Process is in execve(). */ #define P_STATCHILD 0x08000000 /* Child process stopped or exited. */ #define P_INMEM 0x10000000 /* Loaded into memory, always set. */ -#define P_UNUSED1 0x20000000 /* --available-- */ +#define P_ASYNC_EXIT 0x20000000 /* XXX */ #define P_UNUSED2 0x40000000 /* --available-- */ #define P_PPTRACE 0x80000000 /* PT_TRACEME by vforked child. */ diff --git a/sys/sys/signalvar.h b/sys/sys/signalvar.h index 9a4009d269af..c7b3b620a459 100644 --- a/sys/sys/signalvar.h +++ b/sys/sys/signalvar.h @@ -399,7 +399,7 @@ int sigacts_shared(struct sigacts *ps); int sig_ast_checksusp(struct thread *td); int sig_ast_needsigchk(struct thread *td); void sig_drop_caught(struct proc *p); -void sigexit(struct thread *td, int sig) __dead2; +void sigexit(struct thread *td, int sig); int sigev_findtd(struct proc *p, struct sigevent *sigev, struct thread **); void sigfastblock_clear(struct thread *td); void sigfastblock_fetch(struct thread *td); diff --git a/sys/sys/syscallsubr.h b/sys/sys/syscallsubr.h index 8d546428820e..0eb471cc9dde 100644 --- a/sys/sys/syscallsubr.h +++ b/sys/sys/syscallsubr.h @@ -136,6 +136,7 @@ int kern_cpuset_setid(struct thread *td, cpuwhich_t which, int kern_dup(struct thread *td, u_int mode, int flags, int old, int new); int kern_execve(struct thread *td, struct image_args *args, struct mac *mac_p, struct vmspace *oldvmspace); +void kern_exit(struct thread *, int, int); int kern_extattr_delete_fd(struct thread *td, int fd, int attrnamespace, const char *attrname); int kern_extattr_delete_path(struct thread *td, const char *path, From nobody Mon Jun 8 20:47:35 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ3yN4ngVz6gjZZ for ; Mon, 08 Jun 2026 20:47:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ3yN4DF1z3vV1 for ; Mon, 08 Jun 2026 20:47:40 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780951660; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bB/O0Sk0ulaoyPYXWkJPm7kb2uf+Vufbf9bFmpxYhRI=; b=Zm/AvuAzJ4Qj3mt+LqQLMT5513kjxcYM00xZel8K5oJ8JCnh7J8vWWFwkgC7DZxQxUZIwZ tQ1fup3sPdzIf6N6TNc9lfPGX8tvypfOlNV0ZxFlqTjiWWW+Km3sPBBM+39/Z/EQKfXrs+ aVmMJ1yM1DYzBRdJUh8D9R93SydJEV+3QxUjAu+lQ7ZvhqmKId1DKGbnDRLtQQ4Q09Ytws xaGHiA4RXTC/ylOCIUklmk14tQbsmqiKEcpRPl5trPc09HAqEJn48UXLo+D/yHYK6eiljk pWGI1h7SsjYGmGjVtpUEq17nwpsAx+LR9k0GBdmnAUspeNa2T+vDtxba/MItRA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780951660; a=rsa-sha256; cv=none; b=R9aW8XmnYnzPo8euv5kUfqFWfqk+5Vh1mghP7BJm1NRYG35hN4Q6uYXnq4YPsxDwkirdm6 +cI33JBY+qHi1+qDQGetSUy+jv1NKYoAiiTbs+0vlUIGStmEDCCfMDENAV+z2eRlw6g1Ow 6RgeIBb/1sAUAf6cuOGEzm8MROTrl0LNEHAgZdQjqUktCtU5fViYq+STVim15M79BTexd4 +3Txa25q7RTg4wD8QePg6PXtHQ4k+t5ZyqMlP2cW5ROfpOuAJhA1yqagGlRCWLSyxNkBJU 1DwEG3dUT6FUOFz4Lmwlh+lgTTSzZhXRtLhgmiNe1hQ23H/VdMvgE0lPB2iC8Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780951660; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bB/O0Sk0ulaoyPYXWkJPm7kb2uf+Vufbf9bFmpxYhRI=; b=TSEzPP2j4ePsDmEOUl5NkMmAUpYSQMYgCSj4Ooz8orp3vO72t781Xb968tM9EtNbqvz2eK tr+Njn0Yc5j32PQae+lj8Oh8QRnsbFPXIZxr7y21kctq2n/bsbfH4DZkj+V8//ZW/2i3Y2 q8ldcn4YEsiFJS7rf4DX/OiLnrOlaOdElghVS57OF6E4vp6tw/JU74BrsqGY+uXeONZxA1 nNEcDx9P32qk0pld7rh7gV6ez1+qPyhpgVGpvBXqQbp06+MCmCq+K4srE+OeLGQGzppGHp wBjiCNJxGrae3fM+d+8z87EEtzKJmRy39MquyXHcffrntamjhGjEkh7zG8TniA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ3yN3j6wz141c for ; Mon, 08 Jun 2026 20:47:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 4434b by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 20:47:35 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Ed Maste Subject: git: b16c731b0191 - main - ipfw nat: Add assertion that mbuf is not a chain List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: b16c731b0191d6c47de46a3c6057b0c5ec0dd420 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 20:47:35 +0000 Message-Id: <6a272a67.4434b.4d38b685@gitrepo.freebsd.org> The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=b16c731b0191d6c47de46a3c6057b0c5ec0dd420 commit b16c731b0191d6c47de46a3c6057b0c5ec0dd420 Author: Ed Maste AuthorDate: 2026-06-05 21:00:07 +0000 Commit: Ed Maste CommitDate: 2026-06-08 20:47:24 +0000 ipfw nat: Add assertion that mbuf is not a chain Discarding m_free's return value will result in an mbuf leak if the mbuf was in a chain. In general we should use m_freem if the mbuf may be in a chain, or assert that the return was NULL. There will not be a chain here due to m_megapullup, so add an assert. Reviewed by: ae Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57479 --- sys/netpfil/ipfw/ip_fw_nat.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sys/netpfil/ipfw/ip_fw_nat.c b/sys/netpfil/ipfw/ip_fw_nat.c index e816c7bd95eb..6ebde03fe2e3 100644 --- a/sys/netpfil/ipfw/ip_fw_nat.c +++ b/sys/netpfil/ipfw/ip_fw_nat.c @@ -291,7 +291,7 @@ free_nat_instance(struct cfg_nat *ptr) static int ipfw_nat(struct ip_fw_args *args, struct cfg_nat *t, struct mbuf *m) { - struct mbuf *mcl; + struct mbuf *mcl, *mfree __diagused; struct ip *ip; /* XXX - libalias duct tape */ int ldt, retval, found; @@ -396,7 +396,8 @@ ipfw_nat(struct ip_fw_args *args, struct cfg_nat *t, struct mbuf *m) (retval == PKT_ALIAS_IGNORED && (t->mode & PKT_ALIAS_DENY_INCOMING) != 0)))) { /* XXX - should i add some logging? */ - m_free(mcl); + mfree = m_free(mcl); + MPASS(mfree == NULL); args->m = NULL; return (IP_FW_DENY); } From nobody Mon Jun 8 21:10:06 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ4SN1hclz6glFw for ; Mon, 08 Jun 2026 21:10:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ4SM5ZvMz3x3l for ; Mon, 08 Jun 2026 21:10:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780953011; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=d5Gu6m6fLiERTXEWQn5quhTFzk3BVQWRYTNOq/bEWkE=; b=Oa444jKVQAS8WyIcRYwWpm5YkG3C/4g/zEJIrkNIzfwYNnbfnToprYAtZVyw2lGvSKfaFC HLsHTyyFt0UcCS4iWc4USMoxidfMezWxSHWNZN+d7al0CQFlSbLQ51OswxqB2niUEYMRo3 Bw/Sj0e2DiAKdyGe+7Vu3gI4U/9BvjLxnd5CE63RV2PYSikxpDPtH3wjwpWe89iTlwZE83 CsJd8wFTx9Cm//yC0EVdZhAH1x3948lUqP4WFDdSxu+NLeAjfVPmblcSEQfW3AP3uubqJb gNopOc3p62ueHhMvwBTmDvpxslcQwm0EBiUGqwL4scHGr336spDs8Vs8A7DMJA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780953011; a=rsa-sha256; cv=none; b=AdjLBy8wNniIrDewbXLj1uwT9f8bWNlm5v76oMMz7aVnfI2Nnf7cZfwH8ywcpop8G1GRUn eNJGrgtTxOSPo/mx+c7zEZgE280xPiUEr3qVK92VXprLyFARXtboVPtXm2Ne1Qnjvre7lH WoFOY4cXncYlN27bSCWwTNIEVFugC6EoqR7R7AQt3saHfVz+9cjsa8s9w4DjVm/2xWUX4n zOflaFiAGhzXU1BsKSXdeBuMhG1myK/pGilNmmRoQfhhTK+y1u4V21L1zBZ61u4AFCqf8t tPeicWm9Hi6ognlqIuLt1slIaKCya7GUHS6TXL9lIJxzbtsaRYALadX4uExbrw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780953011; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=d5Gu6m6fLiERTXEWQn5quhTFzk3BVQWRYTNOq/bEWkE=; b=iSL955g4W2wJcp429/xPPV566PQldJZIEim2FGER7SGmEHqhMhtyCjIwn7bwL4kdD0b5Ey buQ3IatPYW3S+W/eDSJhliWWm612ju2xSpu/epwNQrgNkoI+zu9KYKPo3nFIqO9aT7CFkM PYMONb1IuB0IghyQtUlabMm1dxssPOlJmLeodhLSOCGBtHf0xhCHutdhqkhPh38epb07Kr GX6Y4G9/fmLHkhPqrOs4QTa+VdW1vgrY6dItuyWZFhS8xmq9AS/CDhnvbyidkZpGG0Wfvx WBFDzsNkVoHREim8MGEyr289MFFslrx8nBqxb9fRII2Y4+mYQqAT+lm/uEMcKQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ4SM44Jhz14MQ for ; Mon, 08 Jun 2026 21:10:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 181dd by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 21:10:06 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: =?utf-8?Q?Jes=C3=BAs?= Daniel Colmenares Oviedo Subject: git: ea3426bc80aa - main - nuageinit: Create parent directories in write_files List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: dtxdf X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: ea3426bc80aad58e689c144ec6ddee0cda7861cb Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 21:10:06 +0000 Message-Id: <6a272fae.181dd.56109540@gitrepo.freebsd.org> The branch main has been updated by dtxdf: URL: https://cgit.FreeBSD.org/src/commit/?id=ea3426bc80aad58e689c144ec6ddee0cda7861cb commit ea3426bc80aad58e689c144ec6ddee0cda7861cb Author: Jesús Daniel Colmenares Oviedo AuthorDate: 2026-06-08 21:05:09 +0000 Commit: Jesús Daniel Colmenares Oviedo CommitDate: 2026-06-08 21:05:09 +0000 nuageinit: Create parent directories in write_files Currently, 'write_files' does not create parent directories, and 'runcmd' cannot be used here, since those scripts run after the files have been written. The only workaround is to create the files in an existing directory, such as '/root' or '/tmp', and then move those files using 'runcmd', but this is cumbersome when there are many files, even if they are small. With this change, nuageinit now creates the parent directories for each file using the path field, which mimics the same behavior as in cloud-init. Permissions and ownership can also be configured using 'runcmd'. Reviewed by: bapt@ Approved by: bapt@ Differential Revision: https://reviews.freebsd.org/D57395 --- libexec/nuageinit/nuage.lua | 1 + libexec/nuageinit/nuageinit.7 | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/libexec/nuageinit/nuage.lua b/libexec/nuageinit/nuage.lua index a554553b3e61..cbf92627918c 100644 --- a/libexec/nuageinit/nuage.lua +++ b/libexec/nuageinit/nuage.lua @@ -832,6 +832,7 @@ local function addfile(file, defer) root = "" end local filepath = root .. file.path + mkdir_p(dirname(filepath)) local f = assert(io.open(filepath, mode)) if content then f:write(content) diff --git a/libexec/nuageinit/nuageinit.7 b/libexec/nuageinit/nuageinit.7 index e1c4b9d61382..a3d9da2415d9 100644 --- a/libexec/nuageinit/nuageinit.7 +++ b/libexec/nuageinit/nuageinit.7 @@ -3,7 +3,7 @@ .\" Copyright (c) 2025 Baptiste Daroussin .\" Copyright (c) 2025 Jesús Daniel Colmenares Oviedo .\" -.Dd June 6, 2026 +.Dd June 8, 2026 .Dt NUAGEINIT 7 .Os .Sh NAME @@ -615,7 +615,7 @@ and are supported for now. .It Ic path The path of the file to be created. -.Pq Note intermerdiary directories will not be created . +.Pq Note intermerdiary directories will be created . .It Ic permissions A string representing the permission of the file in octal. .It Ic owner From nobody Mon Jun 8 21:28:56 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ4t103H3z6gmQN for ; Mon, 08 Jun 2026 21:28:57 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ4t04qcDz41S8 for ; Mon, 08 Jun 2026 21:28:56 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780954136; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=QNGYmAgOuDaGE49/jI3xexOJSB2RRbOzTkRonQcxeLw=; b=o4ZXHOPQqpn73wBpQqmweypFaMuqW6Ejmq2kLfHcmkH7U+tk6+95NbGuF+g8+mrjBbt6s8 yuygXWxP/ppP3E2T3+SsatDyPT9ThiyaVB6KXetVElUqveGjyKvOI24qs/HxlrLOBYAKZQ jUgZOZU8P+71qvlvNKyBciIFMz3GHLD/rELmwAlc7ddqs6OrWCqBqovb0f2Ow74o5xP3rA whoCxHfX6ZuA2OvFSwNKdVGcUyFBlF+4hX3395y6YSVY+buoUkCvQ1AEw6Ka6fhckvPv36 Q6QgJ00iRhjZKo3dXZ2s4L/mrcOODiLpnWpYQZqmUhoV4GWSbMdptZzmlSf8yA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780954136; a=rsa-sha256; cv=none; b=psh3Na9sljVN5JPK4t7kZC/buPQK3g6Ibv8TR0ZFiRe713ULqG7ouIVg2RM39MJV4F6d8z aN5nOUoiR6VdCezMtp4rM52Tu9wUdl2+0ufuz4Ko1cgOoPY0KB39hlu0AsI418I8p1eW5t qQm51FVmmJs3sj31wqm4Viui/26L9J1SRMhdMR8Evm/5Sa8J2RJy23JIUIyR7mvdduJ319 tkDsnF3hhvt7yJra8x0reBDWaDcukxm4mpzS93pfuedpMvo/J6lcM6JL1s7kKGrtUGWPQd cy3fyjW1NzVweAQgQ/8TA3nQnf0ExIxXIBYHvoefDrpMj8+MTubfVXy4zIyE0g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780954136; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=QNGYmAgOuDaGE49/jI3xexOJSB2RRbOzTkRonQcxeLw=; b=ai+g9KWixcmcJUNDNg/0xN3PiGp8y9xAHclW/cWHoiqT9DyhdiLD395OrORcr2hh1vdcLW 2RAvJwZErLVYkBrdXMZcw43kOhwYrW1Chf3t4TWBXjx6vJLQ3F9YDI9kv/f61/40Tqenf7 eRBgN5n+enOD7QMOkxfaHIseelPu5JUwdtq6bdyEiRPUcEf+FL3hijF8zbG68gDGLDaLgf YzOh+458cAJ3/Nz0+elumoqgGzx14QEbDyoEqjwP524LkqZmisO4G4pMOYj8hKzjX40ghW +VGEmo9yhyDFDRzGU1y8ERQuObI7dukqUD/NVcFsXx4gUeFLf6eNfeiAG71hqQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ4t03rWkz15G6 for ; Mon, 08 Jun 2026 21:28:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 19fdd by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 21:28:56 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Chuck Tuffli Subject: git: 471fdd91d915 - main - linux: Fix sockopt copyout List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: chuck X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 471fdd91d9156aeab026dc420fb97d97be872d65 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 21:28:56 +0000 Message-Id: <6a273418.19fdd.55d3f832@gitrepo.freebsd.org> The branch main has been updated by chuck: URL: https://cgit.FreeBSD.org/src/commit/?id=471fdd91d9156aeab026dc420fb97d97be872d65 commit 471fdd91d9156aeab026dc420fb97d97be872d65 Author: Chuck Tuffli AuthorDate: 2026-06-08 21:19:34 +0000 Commit: Chuck Tuffli CommitDate: 2026-06-08 21:20:14 +0000 linux: Fix sockopt copyout The Linux getsockopt did not check the size of the provided buffer when copying out the value, leading to buffer overflows (e.g., for TCP_INFO). Fix is to use the smaller of the option value size and the provided buffer. MFC after: 1 month Relnotes: yes Reviewed by: kib, markj Differential Revision: https://reviews.freebsd.org/D55881 --- sys/compat/linux/linux_socket.c | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/sys/compat/linux/linux_socket.c b/sys/compat/linux/linux_socket.c index 29b55ef60357..12ba6a3adfce 100644 --- a/sys/compat/linux/linux_socket.c +++ b/sys/compat/linux/linux_socket.c @@ -2316,10 +2316,21 @@ linux_sockopt_copyout(struct thread *td, void *val, socklen_t len, struct linux_getsockopt_args *args) { int error; + l_int loptlen; + socklen_t optlen; - error = copyout(val, PTRIN(args->optval), len); - if (error == 0) - error = copyout(&len, PTRIN(args->optlen), sizeof(len)); + error = copyin(PTRIN(args->optlen), &loptlen, sizeof(loptlen)); + if (error != 0) + return (error); + if (loptlen < 0) + return (EINVAL); + + optlen = (socklen_t)loptlen; + error = copyout(val, PTRIN(args->optval), min(len, optlen)); + if (error == 0) { + loptlen = (l_int)len; + error = copyout(&loptlen, PTRIN(args->optlen), sizeof(loptlen)); + } return (error); } From nobody Mon Jun 8 21:40:55 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ57r0FX2z6gnf7 for ; Mon, 08 Jun 2026 21:40:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ57q6Dq9z43Zt for ; Mon, 08 Jun 2026 21:40:55 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780954855; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=BzmV6Zu1g2VBHVkmd+xjR8I4YQU4uhzMei0nhIovG2E=; b=hWFxfKd7R2Oo2uWjslcys6ae5MoHN9WIQ8JMLcQaI2KdqJ0SBditK26bRs+3uFDo6RQo/y /V5TtXbsl+U6mGEOQSA0r2oP4ELdF3voe80MR+4s2SBxPxbSeBO/I44u6l+Jzx8wcEvgza PgIlCbnx0QacS4Plv8VdswEOCvFssX5RQiccsSIWcOHWiRnKgsmtUdWhcrd9ETeShtt5vZ o99JMCFZ1HRgygfLeRj4F3+MYSODJzaL8d9rtxShn3jd951AVcjNU26S75JHTUaRLE1/Kq 4uVzB/MPxu3T7TjAx6jeZaDSd9gpGBsjbfinOnn3d7C0flGYq+LviLsDw8+X6w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780954855; a=rsa-sha256; cv=none; b=RuH1/AHBr2FIkPY8z9aVgXZRBnZQoCTZ2cktaQ0tcwUy9ur93OTAE9GmUzoM6tf44djZlG TptWwKsDx9C1Dc1mKcZ8RWGlO0eJUiN/iLz8epcxCBL0KIOTlkhekpRkzXMMc7R5iukIG5 5WbMXaEsIZ+LxNmCbuNP/HCSBLXGgovBUC7IZ1L1GRY3X+p686sL2voq293Dso5tICVa4U +N1Qp7jCXiYzm9qilnOezTObB+RvWiOpfQe6Po1f7Ck7JQe8kAIRRvDtr6jvyx/LE7e9sB imh5ma+LfywPb9yAGMUgDSBMa+L9UUWkq5ceuDAnJeXmsSSo1HqYORc/wlru0A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780954855; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=BzmV6Zu1g2VBHVkmd+xjR8I4YQU4uhzMei0nhIovG2E=; b=XULEMMHvlqYnqZCd6/ePRPX1soMtgCEtVCRNK+VNXYX7vxN5xoOqh+XRL0o/kh8kpaoNlr rp2EwtOTObTSOw6LqpoBSh6kXSzMCC1Snzn6Kz60ScX2P5QxDdYa8UwuZzcd9B+7+RldL6 JmL2qk7anse4LcWr2m2iIG9dZQqFEEzKvBvqEanP8MUUC8q8Jtq2+zJLyZHYNhda9J68Ma ZBddAil2QtXqN8Z/G1SGInjXDNudxFyF/p0bR+nU/CEFxoPzEfyMFNuqGUatkfGRYDhBY9 MBNTduC3GQqph5yg2XFV+hl4OzAfk2Dro5IQTzc5Q++muOom7imikNHA6wwe2Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ57q4z9zz15R4 for ; Mon, 08 Jun 2026 21:40:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1ca61 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 21:40:55 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Peter Eriksson From: Rick Macklem Subject: git: 36d411987b51 - stable/15 - acl_id_to_name.c: Fix printing of uids and gids List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rmacklem X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 36d411987b5173175d6d1b9e45337e7db218c020 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 21:40:55 +0000 Message-Id: <6a2736e7.1ca61.2eabea7@gitrepo.freebsd.org> The branch stable/15 has been updated by rmacklem: URL: https://cgit.FreeBSD.org/src/commit/?id=36d411987b5173175d6d1b9e45337e7db218c020 commit 36d411987b5173175d6d1b9e45337e7db218c020 Author: Peter Eriksson AuthorDate: 2026-05-25 19:44:41 +0000 Commit: Rick Macklem CommitDate: 2026-06-08 20:37:52 +0000 acl_id_to_name.c: Fix printing of uids and gids uid_t and gid_t are uint32_t (unsigned 32bit integers). They are printed as signed integers when calling getfacl (and other tools using the acl_to_text() libc function). This causes uid/gids larger than 2G (214783648) to print as negative numbers - which causes problem with setfacl since the acl_from_text() libc function fails on negative numbers. (cherry picked from commit 6e7c10c79deac3c6bb6ad3bd12c8e0ad68bb59f0) --- lib/libc/posix1e/acl_id_to_name.c | 4 ++-- lib/libc/posix1e/acl_to_text_nfs4.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/libc/posix1e/acl_id_to_name.c b/lib/libc/posix1e/acl_id_to_name.c index 78e050a8648a..c90e6083cca1 100644 --- a/lib/libc/posix1e/acl_id_to_name.c +++ b/lib/libc/posix1e/acl_id_to_name.c @@ -67,7 +67,7 @@ _posix1e_acl_id_to_name(acl_tag_t tag, uid_t id, ssize_t buf_len, char *buf, else p = getpwuid(id); if (!p) - i = snprintf(buf, buf_len, "%d", id); + i = snprintf(buf, buf_len, "%ju", (uintmax_t)id); else i = snprintf(buf, buf_len, "%s", p->pw_name); @@ -83,7 +83,7 @@ _posix1e_acl_id_to_name(acl_tag_t tag, uid_t id, ssize_t buf_len, char *buf, else g = getgrgid(id); if (g == NULL) - i = snprintf(buf, buf_len, "%d", id); + i = snprintf(buf, buf_len, "%ju", (uintmax_t)id); else i = snprintf(buf, buf_len, "%s", g->gr_name); diff --git a/lib/libc/posix1e/acl_to_text_nfs4.c b/lib/libc/posix1e/acl_to_text_nfs4.c index 157215c9dd52..4f19f3a9a7b2 100644 --- a/lib/libc/posix1e/acl_to_text_nfs4.c +++ b/lib/libc/posix1e/acl_to_text_nfs4.c @@ -69,7 +69,7 @@ format_who(char *str, size_t size, const acl_entry_t entry, int numeric) else pwd = NULL; if (pwd == NULL) - snprintf(str, size, "user:%d", (unsigned int)*id); + snprintf(str, size, "user:%ju", (uintmax_t)*id); else snprintf(str, size, "user:%s", pwd->pw_name); acl_free(id); @@ -89,7 +89,7 @@ format_who(char *str, size_t size, const acl_entry_t entry, int numeric) else grp = NULL; if (grp == NULL) - snprintf(str, size, "group:%d", (unsigned int)*id); + snprintf(str, size, "group:%ju", (uintmax_t)*id); else snprintf(str, size, "group:%s", grp->gr_name); acl_free(id); From nobody Mon Jun 8 22:30:48 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6FP1fYYz6grmj for ; Mon, 08 Jun 2026 22:30:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6FN6Nywz47CK for ; Mon, 08 Jun 2026 22:30:48 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780957848; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lnfIWZiuXf5BJM5D9/lsD2oYE1rqNviISB+bG+g8rjg=; b=VtyivBdvClUMLlvBJ+lxiDUkCBvYCxq+RnM6yzXQr8saKjWUms7fowPjBBZVbUJyY1BECC veAm9OWt/fnMSFoC7CHZEWL9Kb+NRjjRksgHcw9m0fM83wX954Xyg9PG712wVi28lzFc6I h3XIFM/fn2hsYB629wJiDjDu61lysnRFzV+b+yN7CChamEMUpIZrrSl9RO/IldSYWTiorK HRDfnNHWn/7ID0tf+Ldpagy5HBDTrz+EtaIVVk0cb9PXX2sj94FxYLohK3rYTz1NJiMv/M P1V4q4kUJfJCynmWnNJtmYqPZTyadPhD9jCsrVf6nFVxdG6aMkwFLapsX7wGAw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780957848; a=rsa-sha256; cv=none; b=w+uzcfYcaXKwMkFRvl1RiUHXvA90HCl2piYmzJKntc4FsuNrPScpTURsdIy7OuMZnjWkJM yax8ZzGNaGWCoHsC8dNfhrXHvWNABZd1NSFOqPq+DBEotzN0Kesk6tJLxhGCyZJpGChGpm sT7Vfz4JaCTtChDz8K9wlfAtA4H49GrgEt1MkzDVhLHrDAFGVGKprX/gbdeRPvXmmMvWvS XYpQAbeLS9+punWNYgfg/goQO+rw9nR37vfhqCJLMsrKQkAU4PACrzDSkKpVucPzNz4CBD +onOKS6yGArKORMc1zeanEdQUYTQfncc5DS+pD9Ey79nCR5GnWzQvxkMY3HNlA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780957848; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lnfIWZiuXf5BJM5D9/lsD2oYE1rqNviISB+bG+g8rjg=; b=odPGAIio9tggYZ1hHqTdCEXhp+qBpxaneS0AhImTSJMKkX9wN17RL5HPZK6EzQethVp9A2 qJ+wW6fXvEwuSYO68DCFWvp97Ovz/lXcQjA0G0UbrUmM+mcJIlqH4Vgu/+psm750IlH6iq GaPefTypuucavxtC3r9VNFK4L3gkAkyUgdlWP8Nsruhf7S8uNe+M08ksYRI89X42/shNfl 1cM66pKiT2oFWqG9Ow2X4zA6UmaaIPT2Hf9fkfQRWjEustTdsCLYbMAwG5s+gH3ypBTgSR tQGpaOO5200FJz7X7pU6/i4c48LD7rk4r6x7sQIcyug+i+OgmrVZszdWNO0SFQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6FN5Njkz15jB for ; Mon, 08 Jun 2026 22:30:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 21cba by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 22:30:48 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Alexander Ziaee Subject: git: 05f132adc530 - main - mount_udf.8: Alphabetize and align options List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ziaee X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 05f132adc530cd53203b9cd09d7e1b211d2babc4 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 22:30:48 +0000 Message-Id: <6a274298.21cba.7008e40@gitrepo.freebsd.org> The branch main has been updated by ziaee: URL: https://cgit.FreeBSD.org/src/commit/?id=05f132adc530cd53203b9cd09d7e1b211d2babc4 commit 05f132adc530cd53203b9cd09d7e1b211d2babc4 Author: Alexander Ziaee AuthorDate: 2026-06-08 22:22:32 +0000 Commit: Alexander Ziaee CommitDate: 2026-06-08 22:30:22 +0000 mount_udf.8: Alphabetize and align options While here, remove "The following UDF specific options are available:". It is unused and does not appear to have ever been used. MFC after: 3 days --- sbin/mount_udf/mount_udf.8 | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/sbin/mount_udf/mount_udf.8 b/sbin/mount_udf/mount_udf.8 index 505582746550..75882cf6562d 100644 --- a/sbin/mount_udf/mount_udf.8 +++ b/sbin/mount_udf/mount_udf.8 @@ -45,7 +45,11 @@ to the global file system namespace at the location indicated by .Ar node . .Pp The options are as follows: -.Bl -tag -width indent +.Bl -tag -width "-C charset" +.It Fl C Ar charset +Specify local +.Ar charset +to convert Unicode file names. .It Fl o Options are specified with a .Fl o @@ -53,13 +57,8 @@ flag followed by a comma separated string of options. See the .Xr mount 8 man page for possible options and their meanings. -The following UDF specific options are available: .It Fl v Be verbose about mounting the UDF file system. -.It Fl C Ar charset -Specify local -.Ar charset -to convert Unicode file names. .El .Sh SEE ALSO .Xr cdcontrol 1 , From nobody Mon Jun 8 22:46:57 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6c64Jjhz6gsjX for ; Mon, 08 Jun 2026 22:47:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6c63TSJz49rv for ; Mon, 08 Jun 2026 22:47:02 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780958822; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vTyL0ckxZWNHnv0Czgt+Wps1elmYCoLPy4AmLQhLTVY=; b=hDRwg9AciGn6MvywqeT7bF17nyVun6LP3x7nWHjVYZTskQfiHG/+58h81+gKyuL2gcIIBp 3jQAhA4hcNfniyFtWsPzgBDOMMucGSkgMr1Ivz6ska6xbGeqTXOg2cQnxn2IyPiFAVuokH udutzCxFKQcvKhGgDp1Ap4nSkUDG3adxuGqi76R/MSKVGJMK87mTUA7B+HBIc2qyPB7ulJ vCOIN/F/0w6KU0zogbB1Yhv0AjVRN5NoouatxxcctQsqph0QDTmGGYWz/mk8I/WfM82A/s 0XPKFmZ5cpqYNnc6llcL9QU4/pAoHgDpoSjO+bWGdWs77xbak52Gis6DBQUysA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780958822; a=rsa-sha256; cv=none; b=XO8GBicaEvoo3N8X0YVth3TBdW9R0gKODDRQO7DSgcZRyfPg++RNePdvDXSCuyG7HNAhty WHNDfqq2PyfHUS0KLcljZeeqxVPQn3CsEKtieQprqU3UE+OUYhO2f3vptKbHP1LP0N7YXG n7lnw2Y5cRbBesveG5GuTaInuJN5fGdp/fm0SJ+KadjjBPmBXvUyFKR7gy//yTm3XiHFTn UkaAIX58MysqufCNzkmius4QVx8O2ATPziAQ+yBRlStv0slnhhpCi62tu6Ab8rOICTHrUP I6rjiBKGqjsHdHCqCaseIM2+5G0JZUpZFjjFLL7RjfAwhMzrIMOIYYN0RiPfkQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780958822; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vTyL0ckxZWNHnv0Czgt+Wps1elmYCoLPy4AmLQhLTVY=; b=ibUoekmN/cXtiWa4cbavSAv06l6vzDA4Js1DSy75BQVCL8K6GDtb+s0cny6mnVTxJcFYKx SF0e01PCxomHghdD9CeIbbOiG03bzdJ79qoypnI5lVwoFYIG5PBCdYEyRkG6kAjarLh2gR t3+04wHhIQwIlnZRSVPV6nsE+xNLHgWeJYfZSvtB2o15bGN9Hnwy3IAS5ed+BWg7t9a2cs c8DyjcuY1nSsdcpcciLhQBCDeURKECniOy+lnTkalKCMvnJxWCNW/rcnTxGReCNOWzQQdH IiQQWDeCalglnb9sJk55cr/EmhEoTWc32UvyePCIB4CrMEO6paqXjpeI7ZjWwQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6c632Dfz17Fb for ; Mon, 08 Jun 2026 22:47:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 2185d by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 22:46:57 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: 5bd78cfc8003 - main - auditd: Fix signal handling List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 5bd78cfc800339fd7f3945498052d67553af9e3c Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 22:46:57 +0000 Message-Id: <6a274661.2185d.33c7c37e@gitrepo.freebsd.org> The branch main has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=5bd78cfc800339fd7f3945498052d67553af9e3c commit 5bd78cfc800339fd7f3945498052d67553af9e3c Author: Dag-Erling Smørgrav AuthorDate: 2026-06-08 22:45:34 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-08 22:45:34 +0000 auditd: Fix signal handling Rewrite the main loop to use ppoll() instead of just blocking on read, blocking the signals we care about when we aren't polling. I didn't bother replacing alarm() with setitimer(); the alarm code is dead anyway since there is no way for max_idletime to acquire a non-zero value. While here, avoid leaking the pid file and trigger descriptors to the log child. PR: 295840 MFC after: 1 week Sponsored by: Klara, Inc. Reviewed by: kevans Differential Revision: https://reviews.freebsd.org/D57451 --- contrib/openbsm/bin/auditd/audit_warn.c | 4 ++ contrib/openbsm/bin/auditd/auditd.c | 50 ++++++++++++++++---- contrib/openbsm/bin/auditd/auditd.h | 3 ++ contrib/openbsm/bin/auditd/auditd_fbsd.c | 79 ++++++++++++++++---------------- 4 files changed, 86 insertions(+), 50 deletions(-) diff --git a/contrib/openbsm/bin/auditd/audit_warn.c b/contrib/openbsm/bin/auditd/audit_warn.c index 6bd2b8477c10..04a6e1caf03c 100644 --- a/contrib/openbsm/bin/auditd/audit_warn.c +++ b/contrib/openbsm/bin/auditd/audit_warn.c @@ -29,6 +29,7 @@ #include +#include #include #include #include @@ -57,6 +58,9 @@ auditwarnlog(char *args[]) /* * Child. */ +#ifndef USE_MACH_IPC + sigprocmask(SIG_SETMASK, &auditd_origmask, NULL); +#endif /* !USE_MACH_IPC */ execv(AUDITWARN_SCRIPT, loc_args); syslog(LOG_ERR, "Could not exec %s (%m)\n", AUDITWARN_SCRIPT); diff --git a/contrib/openbsm/bin/auditd/auditd.c b/contrib/openbsm/bin/auditd/auditd.c index bd00a6b16191..e9b2cfb2269b 100644 --- a/contrib/openbsm/bin/auditd/auditd.c +++ b/contrib/openbsm/bin/auditd/auditd.c @@ -107,6 +107,19 @@ static gid_t audit_review_gid = -1; */ static char *lastfile = NULL; +/* + * File descriptor to our locked pid file. + */ +static int pidfd; + +#ifndef USE_MACH_IPC +/* + * Original signal mask in effect at startup. Used by the main event loop + * and the log child. + */ +sigset_t auditd_origmask; +#endif /* !USE_MACH_IPC */ + /* * Error starting auditd. Run warn script and exit. */ @@ -354,12 +367,20 @@ close_misc(void) auditd_log_err("Couldn't remove %s: %m", AUDITD_PIDFILE); return (1); } + close(pidfd); + pidfd = -1; endac(); if (auditd_close_trigger() != 0) { auditd_log_err("Error closing trigger messaging mechanism"); return (1); } + +#ifndef USE_MACH_IPC + /* Restore the original signal mask. */ + sigprocmask(SIG_SETMASK, &auditd_origmask, NULL); +#endif /* !USE_MACH_IPC */ + return (0); } @@ -416,9 +437,17 @@ static int register_daemon(void) { struct sigaction action; - FILE * pidfile; - int fd; - pid_t pid; + sigset_t sigmask; + +#ifndef USE_MACH_IPC + /* Set up the signal mask. */ + sigemptyset(&sigmask); + sigaddset(&sigmask, SIGTERM); + sigaddset(&sigmask, SIGALRM); + sigaddset(&sigmask, SIGCHLD); + sigaddset(&sigmask, SIGHUP); + sigprocmask(SIG_BLOCK, &sigmask, &auditd_origmask); +#endif /* !USE_MACH_IPC */ /* Set up the signal hander. */ action.sa_handler = auditd_relay_signal; @@ -449,29 +478,30 @@ register_daemon(void) fail_exit(); } - if ((pidfile = fopen(AUDITD_PIDFILE, "a")) == NULL) { + /* Open the pid file. */ + pidfd = open(AUDITD_PIDFILE, O_CREAT | O_WRONLY | O_APPEND | O_CLOEXEC, + S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); + if (pidfd < 0) { auditd_log_err("Could not open PID file"); audit_warn_tmpfile(); return (-1); } /* Attempt to lock the pid file; if a lock is present, exit. */ - fd = fileno(pidfile); - if (flock(fd, LOCK_EX | LOCK_NB) < 0) { + if (flock(pidfd, LOCK_EX | LOCK_NB) < 0) { auditd_log_err( "PID file is locked (is another auditd running?)."); audit_warn_ebusy(); return (-1); } - pid = getpid(); - ftruncate(fd, 0); - if (fprintf(pidfile, "%u\n", pid) < 0) { + /* Write our pid to the pid file and leave it open. */ + ftruncate(pidfd, 0); + if (dprintf(pidfd, "%u\n", getpid()) < 0) { /* Should not start the daemon. */ fail_exit(); } - fflush(pidfile); return (0); } diff --git a/contrib/openbsm/bin/auditd/auditd.h b/contrib/openbsm/bin/auditd/auditd.h index 20afd75172cf..ce1b8bfb69e7 100644 --- a/contrib/openbsm/bin/auditd/auditd.h +++ b/contrib/openbsm/bin/auditd/auditd.h @@ -96,5 +96,8 @@ void auditd_terminate(void); int auditd_config_controls(void); void auditd_reap_children(void); +#ifndef USE_MACH_IPC +extern sigset_t auditd_origmask; +#endif /* !USE_MACH_IPC */ #endif /* !_AUDITD_H_ */ diff --git a/contrib/openbsm/bin/auditd/auditd_fbsd.c b/contrib/openbsm/bin/auditd/auditd_fbsd.c index 6553bf26386e..d62367b4d23b 100644 --- a/contrib/openbsm/bin/auditd/auditd_fbsd.c +++ b/contrib/openbsm/bin/auditd/auditd_fbsd.c @@ -33,6 +33,7 @@ #include #include +#include #include #include #include @@ -57,10 +58,7 @@ static int auditing_state = AUD_STATE_INIT; */ static int max_idletime = 0; -static int sigchlds, sigchlds_handled; -static int sighups, sighups_handled; -static int sigterms, sigterms_handled; -static int sigalrms, sigalrms_handled; +static volatile sig_atomic_t signaled[NSIG]; static int triggerfd = 0; @@ -83,7 +81,7 @@ auditd_openlog(int debug, gid_t __unused gid) } /* - * Log messages at different priority levels. + * Log messages at different priority levels. */ void auditd_log_err(const char *fmt, ...) @@ -154,7 +152,7 @@ auditd_set_state(int state) { int old_auditing_state = auditing_state; - if (state == AUD_STATE_INIT) + if (state == AUD_STATE_INIT) init_audit_state(); else auditing_state = state; @@ -173,7 +171,6 @@ auditd_set_state(int state) int auditd_get_state(void) { - if (auditing_state == AUD_STATE_INIT) init_audit_state(); @@ -186,8 +183,8 @@ auditd_get_state(void) int auditd_open_trigger(int __unused launchd_flag) { - - return ((triggerfd = open(AUDIT_TRIGGER_FILE, O_RDONLY, 0))); + triggerfd = open(AUDIT_TRIGGER_FILE, O_RDONLY | O_CLOEXEC); + return (triggerfd); } /* @@ -196,56 +193,66 @@ auditd_open_trigger(int __unused launchd_flag) int auditd_close_trigger(void) { - return (close(triggerfd)); } -/* +/* * The main event loop. Wait for trigger messages or signals and handle them. * It should not return unless there is a problem. */ void auditd_wait_for_events(void) { - int num; + struct pollfd pfd; + ssize_t ret; unsigned int trigger; + pfd.fd = triggerfd; + pfd.events = POLLIN; + pfd.revents = 0; for (;;) { - num = read(triggerfd, &trigger, sizeof(trigger)); - if ((num == -1) && (errno != EINTR)) { - auditd_log_err("%s: error %d", __FUNCTION__, errno); - return; - } - /* Reset the idle time alarm, if used. */ - if (max_idletime) + if (max_idletime != 0) alarm(max_idletime); - if (sigterms != sigterms_handled) { + /* Check if any signals were caught. */ + if (signaled[SIGTERM]) { + signaled[SIGTERM] = 0; auditd_log_debug("%s: SIGTERM", __FUNCTION__); auditd_terminate(); - /* not reached */ + /* not reached */ } - if (sigalrms != sigalrms_handled) { + if (signaled[SIGALRM]) { + signaled[SIGALRM] = 0; auditd_log_debug("%s: SIGALRM", __FUNCTION__); auditd_terminate(); - /* not reached */ + /* not reached */ } - if (sigchlds != sigchlds_handled) { - sigchlds_handled = sigchlds; + if (signaled[SIGCHLD]) { + signaled[SIGCHLD] = 0; auditd_reap_children(); } - if (sighups != sighups_handled) { + if (signaled[SIGHUP]) { + signaled[SIGHUP] = 0; auditd_log_debug("%s: SIGHUP", __FUNCTION__); - sighups_handled = sighups; auditd_config_controls(); } - if (num == -1) + /* Now wait for a trigger or signal. */ + if ((ret = ppoll(&pfd, 1, NULL, &auditd_origmask)) < 0 && + errno != EINTR) { + auditd_log_err("%s: error %d", __FUNCTION__, errno); + break; + } + if (ret <= 0) continue; - if (num == 0) { + if ((ret = read(triggerfd, &trigger, sizeof(trigger))) < 0) { + auditd_log_err("%s: error %d", __FUNCTION__, errno); + break; + } + if (ret == 0) { auditd_log_err("%s: read EOF", __FUNCTION__); - return; + break; } auditd_handle_trigger(trigger); } @@ -258,15 +265,7 @@ auditd_wait_for_events(void) * context. */ void -auditd_relay_signal(int signal) +auditd_relay_signal(int signo) { - if (signal == SIGHUP) - sighups++; - if (signal == SIGTERM) - sigterms++; - if (signal == SIGCHLD) - sigchlds++; - if (signal == SIGALRM) - sigalrms++; + signaled[signo] = 1; } - From nobody Mon Jun 8 22:50:05 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6gd6mR9z6gtJx for ; Mon, 08 Jun 2026 22:50:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6gd5wVwz3Bqv for ; Mon, 08 Jun 2026 22:50:05 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959005; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6wWfnzRa9SRRLRvO+FdSTAovj7q1/2JCP+G/sHAkaII=; b=N04wKf7iKq6GJssbDOFIfU6XtXVCjlTvEPuaP14/4Wu9ZPhtkrvSvT4Ii+pQEal8XIjrE3 C6LlqDXKt9P3WRtluqFH1CAGr6apQ3XrsZyml9CHypADocp8jJL1H02VsruiEb0sjEHqGx bNerZVfAXkZGud+nUWFUBoqSJS6E8ytc4vO32/JaaqZ+8u5cLoZ9S9QLhASJK1q3AoOgDY 30uTtN1jLZoqRVEFjy7y/M0GHFzFyyYExSOfW9AIlN8XQ6Dx66MI7GGsUeQ4A7dwU1cosC duzQlL0vP0YvhjG2oWWMXQ1pbbtnJt6hGpkVtvfsk01OJjdK83NvukyjVE2pkw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780959005; a=rsa-sha256; cv=none; b=cd1dhnD5/Lb9PV8Pe0Hafo8ZrCIfrnol1oAjk0bm8h6nY3PIe4XTpjUyf+jQs5wObblTpU P4eMZUfVDnz+X0kBQKyDhmDnrFqJMzsxwp6SlEj3VtbN9PwOEsBPEdzsdnlKWVl+kQvx1L SCfTbLxyvuGbgw/YKw8As7pe5RgJozz6ccRVaaOa2LXe4Xhzlqa/fw1ldD5gc+1djjt9dL xaxscXZO642LegI9GXZiWJ/QsdT+LJkMSpHOg0QZXb93ePA4dSBMIsZkg1Ptd9wtV6RIJw Hu5k7SN4vch7xjblOJStMUX1/ZYOugmD1ryQg+Xo3PI6E5RYq8C+OK5csJWrHQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959005; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6wWfnzRa9SRRLRvO+FdSTAovj7q1/2JCP+G/sHAkaII=; b=dWvBsscId7uDvAAgzqPqawq5FjIFB/57mFlk3XQzPO4StFN5vZafweHjg2uqeP4bv67PgA g8EF3L9ukMNPM5h5k2e9mLZ+gQ8JD7a9a4BRgQgYANCwRBVr3hQwwBpD+lrMvjKcqwuk48 oS8E8cCBZ6w7axS7UlM3POgqV0KdI024vH8rgw9RIGSS3ZHY1l7DcEtDanI+dOIadzbdYm I3kxiuQCg5Dr6uzi9H6A1wW2FqWjqq6jfRi6oTs1fmq7UADS/0QCNpM7zIPcUpZ9viluBZ 6reUMpihzxKOf70RE5M7NogjlMtEUVVEf33k3/sym3ylWBZbKNIYpIguKZLmVQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6gd53Plz17Ff for ; Mon, 08 Jun 2026 22:50:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 243f4 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 22:50:05 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 6cd8a1bf4f15 - main - tests/ptrace: Validate PT_SC_REMOTE with some tricky syscalls List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 6cd8a1bf4f15ff8a9b646dc94ac90b3fe0926650 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 22:50:05 +0000 Message-Id: <6a27471d.243f4.4559ed13@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=6cd8a1bf4f15ff8a9b646dc94ac90b3fe0926650 commit 6cd8a1bf4f15ff8a9b646dc94ac90b3fe0926650 Author: Mark Johnston AuthorDate: 2026-06-08 22:45:54 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 22:49:51 +0000 tests/ptrace: Validate PT_SC_REMOTE with some tricky syscalls Reviewed by: kib MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D57485 --- tests/sys/kern/ptrace_test.c | 215 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 215 insertions(+) diff --git a/tests/sys/kern/ptrace_test.c b/tests/sys/kern/ptrace_test.c index 3a55a6f48033..478e787d129b 100644 --- a/tests/sys/kern/ptrace_test.c +++ b/tests/sys/kern/ptrace_test.c @@ -26,6 +26,8 @@ #include #include #include +#define _WANT_KERNEL_ERRNO +#include #include #include #include @@ -4472,6 +4474,215 @@ ATF_TC_BODY(ptrace__PT_SC_REMOTE_syscall_validation, tc) ATF_REQUIRE(ptrace(PT_DETACH, fpid, (caddr_t)1, 0) != -1); } +ATF_TC_WITHOUT_HEAD(ptrace__PT_SC_REMOTE_exit); +ATF_TC_BODY(ptrace__PT_SC_REMOTE_exit, tc) +{ + struct ptrace_sc_remote pscr; + syscallarg_t args[1]; + pid_t fpid, wpid; + int status; + + ATF_REQUIRE((fpid = fork()) != -1); + if (fpid == 0) { + trace_me(); + exit(0); + } + + wpid = waitpid(fpid, &status, 0); + REQUIRE_EQ(wpid, fpid); + ATF_REQUIRE(WIFSTOPPED(status)); + REQUIRE_EQ(WSTOPSIG(status), SIGSTOP); + + args[0] = 42; + pscr.pscr_syscall = SYS_exit; + pscr.pscr_nargs = 1; + pscr.pscr_args = args; + ATF_REQUIRE(ptrace(PT_SC_REMOTE, fpid, (caddr_t)&pscr, + sizeof(pscr)) != -1); + + wpid = waitpid(fpid, &status, 0); + REQUIRE_EQ(wpid, fpid); + ATF_REQUIRE(WIFSTOPPED(status)); + ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) != -1); + + wpid = waitpid(fpid, &status, 0); + REQUIRE_EQ(wpid, fpid); + ATF_REQUIRE(WIFEXITED(status)); + REQUIRE_EQ(WEXITSTATUS(status), 42); +} + +/* + * Trace a forking process with FOLLOW_FORK. Once the child stops in + * fork_return(), use PT_SC_REMOTE to force it to call exit(). + */ +ATF_TC_WITHOUT_HEAD(ptrace__PT_SC_REMOTE_exit_child); +ATF_TC_BODY(ptrace__PT_SC_REMOTE_exit_child, tc) +{ + struct ptrace_sc_remote pscr; + syscallarg_t args[1]; + pid_t child, fpid, wpid; + int status; + + ATF_REQUIRE((fpid = fork()) != -1); + if (fpid == 0) { + trace_me(); + follow_fork_parent(false); + } + + wpid = waitpid(fpid, &status, 0); + REQUIRE_EQ(wpid, fpid); + ATF_REQUIRE(WIFSTOPPED(status)); + REQUIRE_EQ(WSTOPSIG(status), SIGSTOP); + + ATF_REQUIRE(ptrace(PT_LWP_EVENTS, fpid, NULL, 1) != -1); + ATF_REQUIRE(ptrace(PT_FOLLOW_FORK, fpid, NULL, 1) != -1); + ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, 0) != -1); + + child = handle_fork_events(fpid, NULL); + ATF_REQUIRE(child > 0); + + args[0] = 42; + pscr.pscr_syscall = SYS_exit; + pscr.pscr_nargs = 1; + pscr.pscr_args = args; + + /* The child must be at the syscall boundary. */ + ATF_REQUIRE_ERRNO(EBUSY, + ptrace(PT_SC_REMOTE, child, (caddr_t)&pscr, sizeof(pscr)) == -1); + + /* Resume the child and ask it to stop during syscall exits. */ + ATF_REQUIRE(ptrace(PT_TO_SCX, child, (caddr_t)1, 0) != -1); + + wpid = waitpid(child, &status, 0); + REQUIRE_EQ(wpid, child); + ATF_REQUIRE(WIFSTOPPED(status)); + + ATF_REQUIRE(ptrace(PT_SC_REMOTE, child, (caddr_t)&pscr, sizeof(pscr)) != + -1); + + wpid = waitpid(child, &status, 0); + REQUIRE_EQ(wpid, child); + ATF_REQUIRE(WIFSTOPPED(status)); + ATF_REQUIRE(ptrace(PT_CONTINUE, child, (caddr_t)1, 0) != -1); + + wpid = waitpid(child, &status, 0); + REQUIRE_EQ(wpid, child); + ATF_REQUIRE(WIFEXITED(status)); + REQUIRE_EQ(WEXITSTATUS(status), 42); +} + +/* + * Use PT_SC_REMOTE to ask the tracee to exit, then send SIGKILL before + * continuing it. + */ +ATF_TC_WITHOUT_HEAD(ptrace__PT_SC_REMOTE_exit_sigkill); +ATF_TC_BODY(ptrace__PT_SC_REMOTE_exit_sigkill, tc) +{ + struct ptrace_sc_remote pscr; + syscallarg_t args[1]; + pid_t fpid, wpid; + int status; + + ATF_REQUIRE((fpid = fork()) != -1); + if (fpid == 0) { + trace_me(); + exit(0); + } + + wpid = waitpid(fpid, &status, 0); + REQUIRE_EQ(wpid, fpid); + ATF_REQUIRE(WIFSTOPPED(status)); + REQUIRE_EQ(WSTOPSIG(status), SIGSTOP); + + args[0] = 42; + pscr.pscr_syscall = SYS_exit; + pscr.pscr_nargs = 1; + pscr.pscr_args = args; + ATF_REQUIRE(ptrace(PT_SC_REMOTE, fpid, (caddr_t)&pscr, + sizeof(pscr)) != -1); + + wpid = waitpid(fpid, &status, 0); + REQUIRE_EQ(wpid, fpid); + ATF_REQUIRE(WIFSTOPPED(status)); + + ATF_REQUIRE(ptrace(PT_CONTINUE, fpid, (caddr_t)1, SIGKILL) != -1); + + /* The child should honour the original exit() call. */ + wpid = waitpid(fpid, &status, 0); + REQUIRE_EQ(wpid, fpid); + ATF_REQUIRE(WIFEXITED(status)); + REQUIRE_EQ(WEXITSTATUS(status), 42); +} + +ATF_TC_WITHOUT_HEAD(ptrace__PT_SC_REMOTE_execve); +ATF_TC_BODY(ptrace__PT_SC_REMOTE_execve, tc) +{ + struct ptrace_sc_remote pscr; + syscallarg_t args[3]; + char *ping_path; + char *argv[5]; + char *envp[1]; + pid_t fpid, wpid; + int status; + + ping_path = __DECONST(char *, "/sbin/ping"); + argv[0] = ping_path; + argv[1] = __DECONST(char *, "-c"); + argv[2] = __DECONST(char *, "1"); + argv[3] = __DECONST(char *, "localhost"); + argv[4] = NULL; + envp[0] = NULL; + + ATF_REQUIRE((fpid = fork()) != -1); + if (fpid == 0) { + trace_me(); + exit(0); + } + + wpid = waitpid(fpid, &status, 0); + REQUIRE_EQ(wpid, fpid); + ATF_REQUIRE(WIFSTOPPED(status)); + REQUIRE_EQ(WSTOPSIG(status), SIGSTOP); + + args[0] = (syscallarg_t)ping_path; + args[1] = (syscallarg_t)argv; + args[2] = (syscallarg_t)envp; + pscr.pscr_syscall = SYS_execve; + pscr.pscr_nargs = 3; + pscr.pscr_args = args; + ATF_REQUIRE(ptrace(PT_SC_REMOTE, fpid, (caddr_t)&pscr, + sizeof(pscr)) != -1); + /* EJUSTRETURN here is an implementation detail. */ + REQUIRE_EQ(pscr.pscr_ret.sr_error, EJUSTRETURN); + + wpid = waitpid(fpid, &status, 0); + REQUIRE_EQ(wpid, fpid); + ATF_REQUIRE(WIFSTOPPED(status)); + REQUIRE_EQ(WSTOPSIG(status), SIGSTOP); + + { + struct kinfo_proc kp; + size_t len; + int mib[4]; + + mib[0] = CTL_KERN; + mib[1] = KERN_PROC; + mib[2] = KERN_PROC_PID; + mib[3] = fpid; + len = sizeof(kp); + ATF_REQUIRE(sysctl(mib, nitems(mib), &kp, &len, NULL, 0) == 0); + ATF_REQUIRE_STREQ(kp.ki_comm, "ping"); + } + + /* Let the child (now ping) run to completion. */ + ATF_REQUIRE(ptrace(PT_DETACH, fpid, (caddr_t)1, 0) != -1); + + wpid = waitpid(fpid, &status, 0); + REQUIRE_EQ(wpid, fpid); + ATF_REQUIRE(WIFEXITED(status)); + REQUIRE_EQ(WEXITSTATUS(status), 0); +} + /* * Ensure that procctl(PROC_REAP_KILL) won't block forever waiting for a target * process that stopped to report its status to a debugger. @@ -4712,6 +4923,10 @@ ATF_TP_ADD_TCS(tp) ATF_TP_ADD_TC(tp, ptrace__procdesc_reparent_wait_child); ATF_TP_ADD_TC(tp, ptrace__PT_SC_REMOTE_getpid); ATF_TP_ADD_TC(tp, ptrace__PT_SC_REMOTE_syscall_validation); + ATF_TP_ADD_TC(tp, ptrace__PT_SC_REMOTE_exit); + ATF_TP_ADD_TC(tp, ptrace__PT_SC_REMOTE_exit_child); + ATF_TP_ADD_TC(tp, ptrace__PT_SC_REMOTE_exit_sigkill); + ATF_TP_ADD_TC(tp, ptrace__PT_SC_REMOTE_execve); ATF_TP_ADD_TC(tp, ptrace__reap_kill_stopped); ATF_TP_ADD_TC(tp, ptrace__PT_ATTACH_no_EINTR); ATF_TP_ADD_TC(tp, ptrace__PT_DETACH_continued); From nobody Mon Jun 8 22:50:06 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6gg3nfnz6gtGg for ; Mon, 08 Jun 2026 22:50:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6gg0V2Fz4B8J for ; Mon, 08 Jun 2026 22:50:07 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959007; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=u9+Y7dke3+rE6Qq5sJV/C34Uw09jXpAl0O24Tnm45Tg=; b=nRM/6uHevk8dFjPk12p3d7uOW+OmF0EDLkgikhkq3pvwXO3+StBy+OHYjsY7iiwLurRYQe iOV5/bi6M0WOH/z5itC7vBa+xGbUSJWlqzlNNrdR495J0IRBM7YUK7IO5nrrxhgWh+6Fzm eUNJgppaFcrds/4HlknY9b9r5ihgY0D8Hq6Na6YZmCjuFMYhUFiLirEDpa6ZFXZJn7JiZv zm86P2HB0rZYkTuJUhosCVojnxfxUVvv89oC3B1/DwLEmljhIeqERQBL4/q/AsjxjN2yBa 3wETQ1wTWlex3uj7946sA7iZ0r1aUL8BuZv9e8SJrf3ugj2VHgha/sjgYanx7A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780959007; a=rsa-sha256; cv=none; b=U0NJFY1QkS+eswYQXBO5MOfWK/V9bk86744CY2uSVwHnhtmVxy38hP/BNr5K5ELpp8JEXf v20N7JkNSmbmCW11KJyNyyqlcclVVkDnbC2FQDfU+MHkIxHH5zxflIauQjsMs5I2ojU/T+ 57dk/Xdgmh8AfPpyDtMS7lP/YGanzk1fk8ewNfOR6PpPizk7tSfkh7aKe0glpJvTH5PQTW yWsjECQKrtwBejX+JciVnEn+JY7jcsnTS2DDiy8TxmPuKvtNj9XfCE/vXVkN9RgxQWhqx/ RERmfHVMs/6VK74OGNTeNG2eCT4bvXwtfe80DtauZ1+4lmmTtv6FmsA1UbgUjA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959007; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=u9+Y7dke3+rE6Qq5sJV/C34Uw09jXpAl0O24Tnm45Tg=; b=r9ADkICVJ6ODcAD67cEGjc4mLfrg35vMqQAzi6y98QbHmfgTYlQZCLOlFArwy6cRViI0qu 7ZZLWVQFBqaYQX3qE3WaJF9qjtTpaHmVo6mUM0CeMgv+Q9YoXEdg4fDEvkzxyp47Q0VmQE NOJPj/x9Z6Il/eib1vrJYgHQfrUWa+XkaDjQQesOH4gQ2Jjj6vvhG6mxXtJDsOzD7kl62h rsbMFCwIOWm4gY/U3AnyYZR2BC9qI2ry41zdNhi7yRGz52wdwuTwZeaN6Eq1s3VvccBLOY TKisHB6BtxzMj5aQqt4EiXIsdeAETyBvj038Lwc1BUnWNPPX6uGST135ZUmb1w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6gf5ZFSz178s for ; Mon, 08 Jun 2026 22:50:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 24e03 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 22:50:06 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: c491c2db2f37 - main - iconv.3: Fix formatting of the error section List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: c491c2db2f37399eba7a356c4bfa298d64012101 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 22:50:06 +0000 Message-Id: <6a27471e.24e03.4dfcca1a@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=c491c2db2f37399eba7a356c4bfa298d64012101 commit c491c2db2f37399eba7a356c4bfa298d64012101 Author: Mark Johnston AuthorDate: 2026-06-08 22:46:08 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 22:49:51 +0000 iconv.3: Fix formatting of the error section MFC after: 1 week --- lib/libc/iconv/iconv.3 | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/libc/iconv/iconv.3 b/lib/libc/iconv/iconv.3 index 577b537e5c21..d20171cf5717 100644 --- a/lib/libc/iconv/iconv.3 +++ b/lib/libc/iconv/iconv.3 @@ -238,6 +238,7 @@ There is no converter specified by and .Fa dstname . .El +.Pp The .Fn iconv_open_into function may cause an error in the following cases: From nobody Mon Jun 8 22:50:07 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6gh3GFLz6gtDs for ; Mon, 08 Jun 2026 22:50:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6gg6Ztnz3Bn6 for ; Mon, 08 Jun 2026 22:50:07 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959007; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=a97//UTeVV73WJZ+/hRcXjpymcuVLoVh4cU0Gy6WUqE=; b=xPyOOdvPfFnQSeI3HmIFSV7KgYpmYN1y8u61kOm9LyPm12yhuNoigX2Q7nd2xPkZn5jWu7 Q4mxwOrKPAXaKYpNR5GbdugU+SMfUIG0L0Me2QtdIk0LBPEJHlOBX4/nUUK8IpjR6c1Ib+ Sxm8AHxgmdFWyqJLTk2NTpdBTh4/EZ4SJ2KVwbqI6stQfsI3dv6O8izS6NJ5d7Xu5u34a8 MfFVeJxL0Yhsz1uDyU9VEOoqOwrmROinJDjviExATxzmH9osanJPwI8hMusfivZMw5jIEL H5YudnV0sh9SGJs5tOkDE2HAduTWT+2crxs67ThfqRiCxkBhZ+8vBY62obgr+A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780959008; a=rsa-sha256; cv=none; b=SZK3VgeB7kxqx4LgKtdNp7j1yJ/2cacJPRWU++2qSJLY3ZLt2LK6/Pn8omCr3berGGY7du bPzjZgd44zCGmMTCxMtiWhUYngN0UybO3VR6/dJmBwZXTZyiZp7+qKmKH8v5eKmqrwTi90 7R8cptbv8+WkxCJlw6dTO46pHY9RV0YPF2SMv0HKEIXmh9rrdlwMA+9WJDf92N8OC73QZV 08KZgQskv1gNJk/NtexXm67mWXlQcskQN0ZdHHXeCMDcfWxEDiBkJezuMP1Uel99i3Otjj KXGOf0Ako/whBJFDX1jRFfjkE/UIOqV8XN2JKn1b4L941dI0Q3U/HWjOyKRNJQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959007; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=a97//UTeVV73WJZ+/hRcXjpymcuVLoVh4cU0Gy6WUqE=; b=uftOQyxWQuTF8dBZD8zLNMNKwAY+J8rFiVdsqKc5owyW8ccC9PSP1hl27uuLgitltOVC6Z QgBQBI53qnobDjXM+UesDuh/Ho46Q+/FcyEjmNAzPVa7yYFFY5O3uq+kqqEYeuUFSecRuT ftov0BymsIAeuufVqRabOsWMglScXN9OyX8tPYZdgISbF3YmF/o2IeoqDvSWvqXMHiHypq 8r+EoQKivtp/L3KG4ERuoNGBI5KSUCFRqEta8XSFNJdgXfM4jto6TLJmT1Kf9vCKCb6cEa BRHXtjrW4zyclnCIUrmdsTerv9LuiJyC8VJSzPUJy6JhYXUoz/jOKXaUsIr3ug== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6gg5s4Pz16kL for ; Mon, 08 Jun 2026 22:50:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 24e07 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 22:50:07 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 2ff705f32a20 - main - libalias: Serialize updates to the global instance list List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 2ff705f32a2033201a8f83f1ade5ddbc0460387d Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 22:50:07 +0000 Message-Id: <6a27471f.24e07.100f034b@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=2ff705f32a2033201a8f83f1ade5ddbc0460387d commit 2ff705f32a2033201a8f83f1ade5ddbc0460387d Author: Mark Johnston AuthorDate: 2026-06-08 22:46:32 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 22:49:51 +0000 libalias: Serialize updates to the global instance list libalias maintains a global list of all libalias handles. The list was updated without any locking, but nothing prevents updates from running concurrently. MFC after: 1 week --- sys/netinet/libalias/alias_db.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c index 41f0a328daec..bc567ad2d918 100644 --- a/sys/netinet/libalias/alias_db.c +++ b/sys/netinet/libalias/alias_db.c @@ -33,6 +33,7 @@ #include #include #include +#include #include #include #include @@ -61,6 +62,10 @@ #include "alias_db.h" +#ifdef _KERNEL +static struct mtx list_mtx; +MTX_SYSINIT(libalias_list, &list_mtx, "libalias list lock", MTX_DEF); +#endif static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); int LibAliasTime; @@ -2190,8 +2195,14 @@ LibAliasInit(struct libalias *la) /* kernel cleans up on module unload */ if (LIST_EMPTY(&instancehead)) atexit(finishoff); +#endif +#ifdef _KERNEL + mtx_lock(&list_mtx); #endif LIST_INSERT_HEAD(&instancehead, la, instancelist); +#ifdef _KERNEL + mtx_unlock(&list_mtx); +#endif #ifdef _KERNEL LibAliasTime = time_uptime; @@ -2259,8 +2270,14 @@ LibAliasUninit(struct libalias *la) UninitPacketAliasLog(la); #ifndef NO_FW_PUNCH UninitPunchFW(la); +#endif +#ifdef _KERNEL + mtx_lock(&list_mtx); #endif LIST_REMOVE(la, instancelist); +#ifdef _KERNEL + mtx_unlock(&list_mtx); +#endif LIBALIAS_UNLOCK(la); LIBALIAS_LOCK_DESTROY(la); free(la); From nobody Mon Jun 8 22:50:04 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6gk1PvLz6gtBR for ; Mon, 08 Jun 2026 22:50:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6gj6B6Lz3C6T for ; Mon, 08 Jun 2026 22:50:09 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959009; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Znxe6amMgO5XT+91L5M7/T55MAhSmcDovlNqt4Pf858=; b=OnWPsmjSqENYtXryUBk3wJxJusERkNGbRk/X/xdjzLx3TOh2IwjrWqNZyq/0UI908Xl/oD rXRjXbod5WMPpSiV/xYvkfqmgMdPLZryCK52vQjgFJWPv7W3NJ1Q6WpWAQhS/Ob79SiZzX Bw1CTRhHBgq2XHgpo/nyuhoeg0bjn7H5L1fgkl2p7PLFNasPHtEBJjCnx4Os7/fnEEaIfB J72/gZDBP/PdCL9iajGNAs0H932TX2RhhJUeabGfDA/XhjksPhxQH2EUzrCzzENcNE+bKv TdD6WVrdMwH5LLlJ7iBO+EpsMp1bV0clfKbksk+3qDUWsQRxjl/mLL68AsJinQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780959009; a=rsa-sha256; cv=none; b=AvLLUt+msU7FHtGUXjo1r3RJQNHQrZ51os+pfRFGsFKeIp5XAke4tsaAC9IWKXKAIHLsDX /pPOFCFQay/Mvwhvo5dlBszYcW+9f+udH/Hc6c9ih4nZe/Ft6B6nP5zygL8H64YYzDYDvh moPUHlJmS349aLo/PCVkR+LpX5CaY1tR1CHCtaTFAybKNuMMnyp+3d9ba1lxnG/5Kg1WTt ELlAW/Oe+Zu0QOgPViDp8AJstUAA+ocKtbbT6sCqmMpAqwWB9kRrdHNe+I+y1WYO2GOnaP XEK2mwv//tSAw5edp2ofS3Y2+E5JSfggPCpeDftZWK4DIU4H9p+eKWmx39slkQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959009; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Znxe6amMgO5XT+91L5M7/T55MAhSmcDovlNqt4Pf858=; b=k7dcm8HgaGeTSArhFVCAwpY4e5Q+wD9y8VwHE2XKMxS/laWGMQi9K8ZJY6ZoW38MdcVgD+ 1Dof3Ie2Dg3XleOxaC1cJEArd4vhW06li36597zNCOe4Dq0Z7s0B0/k4jSyzUaXQHjs1R6 PjDoWht6BJtub7DcFownFt90NHQE+JOa1lSHY/WMzykxz6Hbc2B8PiQEcXo7mSKcGd6u8/ TgLochssEOX7grZI1iXu3gfHgAyIllC1nByMYUutbBYcRt0XrrQihBYk20Q4tcC8Yp3sbG b8DVq5T6G1BlIOZxIHiusEpwmp77ifyiA2OJ7hWhckMDJ4lY7SaT1jmrYKo2VQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6gj5NQCz178t for ; Mon, 08 Jun 2026 22:50:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 23c43 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 22:50:04 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: acf0be6e5192 - main - ip6: Drop dead code in ip6_input_hbh() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: acf0be6e5192c8b1ae2c9a71d86828daf12317b2 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 22:50:04 +0000 Message-Id: <6a27471c.23c43.33d849da@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=acf0be6e5192c8b1ae2c9a71d86828daf12317b2 commit acf0be6e5192c8b1ae2c9a71d86828daf12317b2 Author: Mark Johnston AuthorDate: 2026-06-08 22:45:44 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 22:49:51 +0000 ip6: Drop dead code in ip6_input_hbh() After commit 069a67374ed9, ip6_input() quickly rejects packets with plen == 0, before ip6_input_hbh() is called. So, there is no need to check this condition again in the helper function. Reviewed by: pouria, zlei, tuexen Differential Revision: https://reviews.freebsd.org/D57342 --- sys/netinet6/ip6_input.c | 20 ++++---------------- 1 file changed, 4 insertions(+), 16 deletions(-) diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c index 0dae879c1bd5..426b81dc9c03 100644 --- a/sys/netinet6/ip6_input.c +++ b/sys/netinet6/ip6_input.c @@ -421,24 +421,9 @@ ip6_input_hbh(struct mbuf **mp, uint32_t *rtalert, int *off, goto out; /* m have already been freed */ } - /* adjust pointer */ m = *mp; ip6 = mtod(m, struct ip6_hdr *); - /* - * If the payload length field is 0 and the next header field indicates - * Hop-by-Hop Options header, then a Jumbo Payload option MUST be - * included. We no not support Jumbo Payloads so report an error. - */ - if (ip6->ip6_plen == 0) { - IP6STAT_INC(ip6s_badoptions); - in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard); - in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr); - icmp6_error(m, ICMP6_PARAM_PROB, - ICMP6_PARAMPROB_HEADER, - (caddr_t)&ip6->ip6_plen - (caddr_t)ip6); - goto out; - } /* ip6_hopopts_input() ensures that mbuf is contiguous */ hbh = (struct ip6_hbh *)(ip6 + 1); *nxt = hbh->ip6h_nxt; @@ -760,8 +745,11 @@ passin: * We don't support Jumbograms, reject packets with plen == 0 as early * as we can. */ - if (plen == 0) + if (__predict_false(plen == 0)) { + IP6STAT_INC(ip6s_tooshort); + in6_ifstat_inc(rcvif, ifs6_in_hdrerr); goto bad; + } /* * Disambiguate address scope zones (if there is ambiguity). From nobody Mon Jun 8 23:01:03 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wH1k5nz6gtl8 for ; Mon, 08 Jun 2026 23:01:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6wH0gDPz3DrQ for ; Mon, 08 Jun 2026 23:01:03 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959663; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=3iboUAiezFV3nn3fCZHzw/WmMzrStYUK/BT6Px/brjk=; b=rV2xSoNpcNvTB35xBkRITRbrpZair0lIeVLAHi927+GfjjHjsUQ4f4bFSV8lKoJy+Ky12B GUBf0IVkf/+Tfd3I+i8vhkegiwRJ8QT7juum9ocu9UOQixvsllVab3kAyGRLBucBIP6azQ mGIGEVF7bEZzk8G9ePwKGdrC8UBMgRKIUu/kRxF9yt1r8HBObiYTMwLNW6Zj1wSJYLgv/A bVhzPdBjZN72y8LjEly/Hdryl4S0V8pKOFEkwxob45p1wG/7lZYdEYgjpMP31x43svcjgs hwBxH/hyqcdXGEPOOT77v58f8+Oq9k/SwMIlHR68ayoRksSRBURGrx1cbQltaQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780959663; a=rsa-sha256; cv=none; b=eNe+BdNCQjfFuuwIeUzA4c+2/63bq7T6p7kBrgKwALAGT8rIG3hqZqxseF+3y+17KQIwMh WZiwPh6IVtIicNcnh5SkKxcCAG9aspJYne3CY7JfuQueqJpLSiGzIzrg5ieTz+hCfe5M0J dQ6bp81BvoPa7wQkTITEeDjYVtiP3T3fqqcsRibf0dMmFXk+FGQgnN+bEMgONObat82S3C Pa4fSLxvh+fZ0/Rlfn8ZJaKHPcZW4oDPjZMdd37PUSv1x8ZwrxFIlI/3Hk5oj8tmJgRwFl dZ5sWaUSMdLKHhwBXFTmUlgxT+dl1gH17kEINWL++XT/fWmgmAxpYZ3jyz2XYg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959663; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=3iboUAiezFV3nn3fCZHzw/WmMzrStYUK/BT6Px/brjk=; b=Hh+qmP/YCtmlNvSO9owo8DgY8L0nflEw08aqycxTyQxEibojCky/VfAz7wbwH7EMc7bwBh kU913dHddgwYPJDevXDsyvEK3v4Uac1H+yJEVB+jMer0pOkvZOxfm4hgwSl23XF3PXNVDl Qt73qKQaR5DA08k23mJDA/FQlwUu+Wb2RYF84TpJH/CvCfNcVqWTs/HF72B0aR0mtFRUY9 6PHJB8yVX+7NmVrVYBspTZH4xjSI4BG4SgUIqB0c9VgMoGH842jk7M1loJWtCVPquAlBR1 UC7Ooc640bwGFq0Z0D2qk95ILqKLQNEMLzFPWxvPDVhUmkP3e/JPCgxOR5IHBw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wH0GwRz17Sr for ; Mon, 08 Jun 2026 23:01:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 24cda by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 23:01:03 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: f4744e76333d - stable/15 - limits: Fix pipebuf resource type List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: f4744e76333deba32bd381549169f2e8b92b163d Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 23:01:03 +0000 Message-Id: <6a2749af.24cda.382417c6@gitrepo.freebsd.org> The branch stable/15 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=f4744e76333deba32bd381549169f2e8b92b163d commit f4744e76333deba32bd381549169f2e8b92b163d Author: Dag-Erling Smørgrav AuthorDate: 2026-06-04 22:41:41 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-08 23:00:42 +0000 limits: Fix pipebuf resource type * pipebuf is a size but is listed as a count PR: 295623 MFC after: 1 week Fixes: f54f41403d14 ("usr.bin/limits: support RLIMIT_PIPEBUF") Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D57456 (cherry picked from commit ad524568f9fb77e270a22744d81b9cea0a2ab0eb) --- usr.bin/limits/limits.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.bin/limits/limits.c b/usr.bin/limits/limits.c index c53066b52a9f..0a76ec5b8e4e 100644 --- a/usr.bin/limits/limits.c +++ b/usr.bin/limits/limits.c @@ -244,7 +244,7 @@ static struct { { "swapuse", login_getcapsize }, { "kqueues", login_getcapnum }, { "umtxp", login_getcapnum }, - { "pipebuf", login_getcapnum }, + { "pipebuf", login_getcapsize }, }; /* From nobody Mon Jun 8 23:01:04 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wK0qZ2z6gtXl for ; Mon, 08 Jun 2026 23:01:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6wJ1x3nz3DZJ for ; Mon, 08 Jun 2026 23:01:04 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959664; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=onC6TpSS6xZUs/SD/Io6S2Acrmj2NK/i2C3LouT85MM=; b=pPzFmbZdnU1/uJt7yC3NkcA9j3DZDmurXVDdKQaUd+6B8UWST2j/OHB+gofd2QRRu70I56 XgeanLtl44RdaMwFovRiUD6E/JgNoqxgl+gzn8ThRVEdn7Jhl6vjUFk/FuzTHY5Mk0Gnz0 UUrzkUWjYDyq+v9PtZ+zqDLKa4GGoXAAjz28wqMXDhSW5gr2W6Ai91tmK7kuJYCfsyylNu b8ei1VWt5Xd4UhQv7d+ekazrZq+AGvsLbWk0gOD5TSov9Vd+/qdJhjajFX3TTrWNB//dNB er8maHzAEhM80IPEmAl2BBNKcAFSRTIu/qdSfcQe8SFeMO9ggb7MEmPgWirheg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780959664; a=rsa-sha256; cv=none; b=kuTvM2SRW31nQbbfhoTm1WeNYuCPt56CH5/MuJZwS1stQL0iza1wUjCwuc2105xYm5DULc 5tn792t2hq2YEqRi2dDArX82c7Wzt5StlxFHQt49VRciRKIdqlqt/3SnViGNW2wkfdQt09 oy9Jf46eAtBhBq7+3uwiWigmrffBupaKnywJgEbdTE4PnUAd+1EO26c52Dfx1gDpeTZl5v Q/YktCWHrf4VqNT1SsOvb9aUoapZ7GXLEyFuArPibZwIfs0Akz8jeqYR4XGgYRdDjSBmbZ CpgOcKVufrm9As9Evy4bnw55j+r/ZYlBKFUI0OHXBrVCGZJkqPnaxisM6DC/7A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959664; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=onC6TpSS6xZUs/SD/Io6S2Acrmj2NK/i2C3LouT85MM=; b=IXQVnJOzay5Zyvy45qa69Qio4i5XGjqpelnszrSPaciBOXp2GzoILK2cmHc1ciN0eCBRpa +ZeBumlKC/EcAbeRUIYd8w0CfOYTQ5owt42saqwBpnWd+S1vp1cf3AxOJxSI6egbnkuIgX 3gUirsC3Ww2vV2G6RsFkGbePPJ65fwThhuMTOYi8UD0ZyoMHS36n0fKc4GlWOZVfNIGDU+ mQ6qo8bStRJOs8La3izlew1pOIBVm+G8YAkvmtv+IUPHgD1TGx6QszPHhgexKkdaAKCGqT 8Bj++KcNAVfT4nw2b+AuFUtPVOcU0f1VcLfBiJuNR1NkpAalIhw1ICD7zjO1zg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wJ0zYlz17VJ for ; Mon, 08 Jun 2026 23:01:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 23c70 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 23:01:04 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: 70dfaf4521d4 - stable/15 - etcupdate: Make diff -l actually work List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 70dfaf4521d4e39c07180c4137b777560ffbccb5 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 23:01:04 +0000 Message-Id: <6a2749b0.23c70.839e6d5@gitrepo.freebsd.org> The branch stable/15 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=70dfaf4521d4e39c07180c4137b777560ffbccb5 commit 70dfaf4521d4e39c07180c4137b777560ffbccb5 Author: Dag-Erling Smørgrav AuthorDate: 2026-06-04 22:41:27 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-08 23:00:42 +0000 etcupdate: Make diff -l actually work While here, remove unnecessary blank lines. MFC after: 1 week Fixes: 6d65c91b9a47 ("etcupdate: fix arguments order of diff command") Reviewed by: Boris Lytochkin Differential Revision: https://reviews.freebsd.org/D57330 (cherry picked from commit a85e39030f8c7faa3d5a33373389440de6f0fff7) --- usr.sbin/etcupdate/etcupdate.sh | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) diff --git a/usr.sbin/etcupdate/etcupdate.sh b/usr.sbin/etcupdate/etcupdate.sh index f62343a24eee..738e4f4ef378 100755 --- a/usr.sbin/etcupdate/etcupdate.sh +++ b/usr.sbin/etcupdate/etcupdate.sh @@ -504,42 +504,32 @@ diffnode() $COMPARE_EQUAL) ;; $COMPARE_ONLYFIRST) - echo echo "Removed: $3" - echo ;; $COMPARE_ONLYSECOND) - echo echo "Added: $3" - echo ;; $COMPARE_DIFFTYPE) first=`file_type $1/$3` second=`file_type $2/$3` - echo echo "Node changed from a $first to a $second: $3" - echo ;; $COMPARE_DIFFLINKS) first=`readlink $1/$file` second=`readlink $2/$file` - echo echo "Link changed: $file" rule "=" echo "-$first" echo "+$second" - echo ;; $COMPARE_DIFFFILES) if [ -n "$difflistonly" ]; then - echo echo "Changed: $3" - echo - break; + else + echo "Index: $3" + rule "=" + diff -u $diffargs -L "$3 ($4)" -L "$3 ($5)" $1/$3 $2/$3 fi - echo "Index: $3" - rule "=" - diff -u $diffargs -L "$3 ($4)" -L "$3 ($5)" $1/$3 $2/$3 ;; esac } From nobody Mon Jun 8 23:01:05 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wL4SKMz6gv16 for ; Mon, 08 Jun 2026 23:01:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6wK5Zv0z3DtQ for ; Mon, 08 Jun 2026 23:01:05 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959665; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1SRKwFnE8sRY9NtwAhaO3NukNyVFhJDA0PvcTdSUAKs=; b=twBdTsk3a4/QoiXvMc+vc4PsX2BTXywMCY2JYSKFcZ5N6V6b8PpyLsb1e/8HagrQX5+0vy 1f7pQNAQihlyViz9UHOw/Tx3TVB/BqVtOHZ4EJ2DZh2ixY3YT5rBuGfBe81NWHUpBUN38H hGbSkwhFXWRO6wpy1ztkM6QlRKammYG6/cghcPcRmUvSXYN8tcx+p9C71Obfmzi0hKL8bq UjnUFm99Py0XaVMMyDYeBq9oIMlPrtbm3n3Ro9xSzP5ZmAUIbuvu1W64Bhordtp1csQGNk OSyFupH1yIAfH01KFftGqZ4DjaAGPnsTn3DV0PuT9MeRWiDjndHzz7grCpjZxw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780959665; a=rsa-sha256; cv=none; b=IaL0g95oJ41dMEcdFfgkz8+zLL+qyuzrxOGQgVI/99ScBJpDFYu86RV15/9GphMeLR9IBj WR4dai+QR8La8CF4OGdUIGD4m7o7Hj7VmaF6ZOrs7HNoE19WWHjpu0liHssDJVgOr9pK5G 8OrVVqb0etfGJn9cWHXrpGG1XC67KSrjyTjvxM9QO3s1j0DJVV1u/QGuxcrguVE/DUFdUA X30TLV+KgeETPHWvYlmDfkaYqxGanwz1FqYQRo8wLJTKZkzLmrDqdlEOgW+ai02CwaJNtL bBXJ4XKyuELdEtTDIvIKqWXpKxmLpBdKraGjR8uuhNv4Kunget1CmVwGcSNRaw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959665; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1SRKwFnE8sRY9NtwAhaO3NukNyVFhJDA0PvcTdSUAKs=; b=VhrvaAXG2x80YNxS9pduc/b9Nf9mbTQOsQ+36s+6RoCyc/2keBW8uduRrmVgRfMQ08vzLI dXrU0RZfeUz7/cHVtWpvk5EhUCwYBvrrvEI+v2Q0CquUxWlBMSiwArclAQ9vwQsWOjWTS5 4mtqPP5+uh8c6cX34f2cRYP2FEa/441V8Gq2/Tl5dkyTTPYb6/xh62ur7v/orCUOG55Iju x2QdbcWOiDaHPuUWUzq250pZgA0pjSr+jMeKMlxrQhCBmLskSUG6O9auCpXDRq4qcqF6Y1 OxAUtj9K63KLM/Ak5zZhB+2vRPtV4D0v8CM5DlDHNofmoGKinpIqZjIf174OBQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wK1rJjz16lM for ; Mon, 08 Jun 2026 23:01:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 2617c by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 23:01:05 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: 5c12023beb94 - stable/15 - rc: Bail if /dev/null is not a device List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 5c12023beb94609fb65845b76f21748a9f49bdca Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 23:01:05 +0000 Message-Id: <6a2749b1.2617c.5014c70e@gitrepo.freebsd.org> The branch stable/15 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=5c12023beb94609fb65845b76f21748a9f49bdca commit 5c12023beb94609fb65845b76f21748a9f49bdca Author: Dag-Erling Smørgrav AuthorDate: 2026-06-05 15:53:29 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-08 23:00:43 +0000 rc: Bail if /dev/null is not a device On startup, check that /dev/null exists and is a character device. Otherwise, one of two things will happen: either /dev is a writable directory and we will immediately create /dev/null as a regular file and dump garbage into it, or it does not and we will spit out a stream of error messages about failing to create /dev/null. PR: 295782 MFC after: 1 week Reviewed by: jhb, emaste Differential Revision: https://reviews.freebsd.org/D57447 (cherry picked from commit b5a96894f67a92f78f0641763eff1e0a46f2e036) --- libexec/rc/rc | 5 +++++ share/man/man8/rc.8 | 12 +++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/libexec/rc/rc b/libexec/rc/rc index db3c3e20ab44..75eef606b7fe 100644 --- a/libexec/rc/rc +++ b/libexec/rc/rc @@ -46,6 +46,11 @@ HOME=/ PATH=/sbin:/bin:/usr/sbin:/usr/bin export HOME PATH +if ! [ -c /dev/null ]; then + echo "/dev is not populated" >&2 + exit 1 +fi + if [ "$1" = autoboot ]; then autoboot=yes _boot="faststart" diff --git a/share/man/man8/rc.8 b/share/man/man8/rc.8 index a68878f0a10a..bfdd65b52f4a 100644 --- a/share/man/man8/rc.8 +++ b/share/man/man8/rc.8 @@ -28,7 +28,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd September 20, 2024 +.Dd June 4, 2026 .Dt RC 8 .Os .Sh NAME @@ -97,6 +97,16 @@ command provides a scripting interface to modify system config files. .Ss Operation of Nm .Bl -enum .It +Verify that +.Pa /dev/null +exists and is a character device. +If that is not the case, +.Nm +prints an error message and terminates. +This is normally caused by forgetting to enable +.Xr devfs 5 +in a jail's configuration. +.It If autobooting, set .Va autoboot Ns = Ns Li yes and enable a flag From nobody Mon Jun 8 23:01:01 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wM4lLLz6gtw8 for ; Mon, 08 Jun 2026 23:01:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6wM0W2Gz3F7D for ; Mon, 08 Jun 2026 23:01:07 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959667; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SO8SZ95+WvZGWxUOqnsQxW0ANc5pnePAMv6rQM/MaZQ=; b=vSCxNDZ8c9ZhCBVtQBQp2l7Bl8+SJDrdfF58VE4TWIQxuTZR3L0yH9IBktnFAXazky6Gja Dex7bD/wuL1RhWSmygMSR4DGmmbdLqGl7J4lj4a7jmLOycdB+ThPnCOUkWCi9ZrwT4bczC Mo44RpOwHt4ocP7uB1x+52cqyaHKzCUybNuDpdTFQJP3Kupk1XuO7wl9lGUvywWgAoMnOh TJf2fGsnWmTIrHQJP01T1MgkzU/bTuUKrHTurQAjmrN7/Gz3izzL7xtXB4gvv6qcdaASFA hu3tm05ItMM6CkthvbTi0WNfOwb5o2aXwn5idmVAXq5kkYnSTALLWSXjeQQRSg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780959667; a=rsa-sha256; cv=none; b=u4rk2QgwogB5GzIhARlLWFwcsSV1E2n3Aie1nxzWHZeWzUpjTTM2WkIUSayjRL54IKIlep qWlWSGDiYPJy6VOA/5bUAcWYIPeCmRmiJO0jPlvl7qwO9D/WCKPEDL5Ojm6Sxb8HIKizTF 91Ba3mf+JGbf/lxq1q9xqvx3AWbqbHGvjU0/LQouBolXCULi6/8i53e/J2UMTeQO83BJH4 6V6HEOrCfjLlZbUUAp28UGF/ytvZg1fcwR861Kb/KUDF3JuQ3ylnpH8JUIPhGGiD+daSG/ uvjCjK1ua/O1tTdJl96k/pZUG8HY+9Njg4KIHCjQsM/+bMKDKGuyAyePGKRLGQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959667; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SO8SZ95+WvZGWxUOqnsQxW0ANc5pnePAMv6rQM/MaZQ=; b=nU8LHjhX04C+VywEaEdJotHQFPXE59mhyYvU2POHoInp7umQ71V4URaDolWB1MCuTCYJyF ZRtKJDWNN3GM/e0qUsUCzvr3cD9+zYFvqmZghyGfGqyozNfBc1EZtUwh/Ek9LFqjxJHlqp iAOOZRPGyoxK3+rnNlZCrPDqAc0VfGb/EQZX184JdViAWJ7JYpM214OsVCN/4pkUfBs5my ywLVRfcxCMiv+X1EEsc8RocTg/btJXcWpEkUXRoAMYsU2PM847yKU5OJKBLNwYaeFrmu51 WUFONSqNJHF196cUanVC/2subVcpxbmFFGmG6tSih52kyjmp4SbvOkNh2nk7zQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wL73zWz17D8 for ; Mon, 08 Jun 2026 23:01:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 2544c by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 23:01:01 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: 0932e252b859 - stable/15 - libarchive: Clean up the build configuration List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 0932e252b8595afc382fb62acd6b4eddd1c1a00f Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 23:01:01 +0000 Message-Id: <6a2749ad.2544c.188d9a2e@gitrepo.freebsd.org> The branch stable/15 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=0932e252b8595afc382fb62acd6b4eddd1c1a00f commit 0932e252b8595afc382fb62acd6b4eddd1c1a00f Author: Dag-Erling Smørgrav AuthorDate: 2026-06-04 13:12:23 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-08 23:00:42 +0000 libarchive: Clean up the build configuration * Move settings duplicated in libarchive, bsdcat, bsdcpio, bsdtar, and bsdunzip into libarchive's Makefile.inc. * Drop some CFLAGS that merely duplicated some of the contents of our platform configuration header. MFC after: 1 week Reviewed by: mm Differential Revision: https://reviews.freebsd.org/D57307 (cherry picked from commit eb3a0a74a069d0f294e1596504676459282bb308) libarchive: Fix typo in sed command MFC after: 1 week Fixes: eb3a0a74a069 ("libarchive: Clean up the build configuration") Reported by: Shawn Webb (cherry picked from commit ba0d22eacd6008e9f3b7395b41056de2423aef3d) --- lib/libarchive/Makefile | 7 ++----- lib/libarchive/Makefile.inc | 16 +++++++++++----- lib/libarchive/tests/Makefile | 8 ++++---- usr.bin/bsdcat/Makefile | 17 ++++++----------- usr.bin/bsdcat/tests/Makefile | 15 +++++++-------- usr.bin/cpio/Makefile | 18 +++++------------- usr.bin/cpio/tests/Makefile | 15 +++++++-------- usr.bin/tar/Makefile | 13 +++---------- usr.bin/tar/tests/Makefile | 13 +++++++------ usr.bin/unzip/Makefile | 14 ++++---------- usr.bin/unzip/tests/Makefile | 13 +++++++------ 11 files changed, 63 insertions(+), 86 deletions(-) diff --git a/lib/libarchive/Makefile b/lib/libarchive/Makefile index 4e32dcf72341..c4b4bc67ba33 100644 --- a/lib/libarchive/Makefile +++ b/lib/libarchive/Makefile @@ -1,7 +1,8 @@ .include +.include "Makefile.inc" + PACKAGE=lib${LIB} -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive LIB= archive @@ -9,10 +10,6 @@ LIB= archive # It has no real relation to the libarchive version number. SHLIB_MAJOR= 7 -CFLAGS+= -I${.OBJDIR} -CFLAGS+= -I${SRCTOP}/sys/contrib/zstd/lib -.include "Makefile.inc" - .if ${MACHINE_ARCH:Marm*} != "" || ${MACHINE_ARCH:Mpowerpc*} != "" NO_WCAST_ALIGN= yes .if ${MACHINE_ARCH:M*64*} == "" diff --git a/lib/libarchive/Makefile.inc b/lib/libarchive/Makefile.inc index 755a39ec01e8..514ce205d560 100644 --- a/lib/libarchive/Makefile.inc +++ b/lib/libarchive/Makefile.inc @@ -2,11 +2,17 @@ # them in sync we can get run-time crashes while running tests due to mismatches # between structures such as archive_md5_ctx, etc. -LIBADD= z bz2 lzma bsdxml zstd -CFLAGS+= -DHAVE_BZLIB_H=1 -DHAVE_LIBLZMA=1 -DHAVE_LZMA_H=1 \ - -DHAVE_ZSTD_H=1 -DHAVE_LIBZSTD=1 -DHAVE_ZSTD_compressStream=1 \ - -DHAVE_SYSCONF=1 -CFLAGS+= -DPLATFORM_CONFIG_H=\"${.CURDIR}/config_freebsd.h\" +_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive +LIBARCHIVE_VERSION_ONLY_STRING!= \ + sed -n '/define.*ARCHIVE_VERSION_ONLY_STRING/{s,[^0-9.],,gp;q;}' \ + ${_LIBARCHIVEDIR}/libarchive/archive.h + +LIBADD+= z bz2 lzma bsdxml zstd +CFLAGS+= -DPLATFORM_CONFIG_H=\"config_freebsd.h\" +CFLAGS+= -I${SRCTOP}/lib/libarchive +CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive +CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive_fe +CFLAGS+= -I${SRCTOP}/sys/contrib/zstd/lib .if ${MK_OPENSSL} != "no" CFLAGS+= -DWITH_OPENSSL diff --git a/lib/libarchive/tests/Makefile b/lib/libarchive/tests/Makefile index 3a03725054f4..3210938bc117 100644 --- a/lib/libarchive/tests/Makefile +++ b/lib/libarchive/tests/Makefile @@ -1,11 +1,11 @@ .include +.include "${SRCTOP}/lib/libarchive/Makefile.inc" + PACKAGE= tests WARNS?= 3 -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive - ATF_TESTS_SH+= functional_test TEST_METADATA.functional_test+= timeout="600" @@ -14,8 +14,8 @@ BINDIR= ${TESTSDIR} PROGS+= libarchive_test -CFLAGS+= -I${.CURDIR} -I${.CURDIR:H} -I${.OBJDIR} -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive -I${_LIBARCHIVEDIR}/libarchive/test +CFLAGS+= -I${.OBJDIR} +CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive/test CFLAGS+= -I${_LIBARCHIVEDIR}/test_utils CFLAGS+= -I${SRCTOP}/sys/contrib/zstd/lib diff --git a/usr.bin/bsdcat/Makefile b/usr.bin/bsdcat/Makefile index 06081fc2b2f8..3f51bfc753de 100644 --- a/usr.bin/bsdcat/Makefile +++ b/usr.bin/bsdcat/Makefile @@ -1,11 +1,8 @@ .include -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive -_LIBARCHIVECONFDIR= ${SRCTOP}/lib/libarchive +.include "${SRCTOP}/lib/libarchive/Makefile.inc" PROG= bsdcat -BSDCAT_VERSION_STRING!= sed -n '/define.*ARCHIVE_VERSION_ONLY_STRING/{s,[^0-9.],,gp;q;}' \ - ${_LIBARCHIVEDIR}/libarchive/archive.h .PATH: ${_LIBARCHIVEDIR}/cat SRCS= bsdcat.c cmdline.c @@ -13,15 +10,13 @@ SRCS= bsdcat.c cmdline.c .PATH: ${_LIBARCHIVEDIR}/libarchive_fe SRCS+= lafe_err.c -CFLAGS+= -DBSDCAT_VERSION_STRING=\"${BSDCAT_VERSION_STRING}\" -CFLAGS+= -DPLATFORM_CONFIG_H=\"${_LIBARCHIVECONFDIR}/config_freebsd.h\" -CFLAGS+= -I${_LIBARCHIVEDIR}/cat -I${_LIBARCHIVEDIR}/libarchive_fe - LIBADD= archive -.if ${MK_ICONV} != "no" -CFLAGS+= -DHAVE_ICONV=1 -DHAVE_ICONV_H=1 -DICONV_CONST=const -.endif +CFLAGS+= -DBSDCAT_VERSION_STRING=\"${LIBARCHIVE_VERSION_ONLY_STRING}\" +CFLAGS+= -I${_LIBARCHIVEDIR}/cat + +#SYMLINKS=bsdcat ${BINDIR}/cat +#MLINKS= bsdcat.1 cat.1 HAS_TESTS= SUBDIR.${MK_TESTS}+= tests diff --git a/usr.bin/bsdcat/tests/Makefile b/usr.bin/bsdcat/tests/Makefile index c323da34e080..f75ebeac2aea 100644 --- a/usr.bin/bsdcat/tests/Makefile +++ b/usr.bin/bsdcat/tests/Makefile @@ -1,6 +1,8 @@ -PACKAGE= tests +.include + +.include "${SRCTOP}/lib/libarchive/Makefile.inc" -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive +PACKAGE= tests ATF_TESTS_SH+= functional_test @@ -8,13 +10,10 @@ BINDIR= ${TESTSDIR} PROGS+= bsdcat_test -CFLAGS+= -DPLATFORM_CONFIG_H=\"${SRCTOP}/lib/libarchive/config_freebsd.h\" -CFLAGS+= -I${SRCTOP}/lib/libarchive -I${.OBJDIR} - CFLAGS+= -I${.OBJDIR} -CFLAGS+= -I${_LIBARCHIVEDIR}/cat -I${_LIBARCHIVEDIR}/cat/test -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive_fe -I${_LIBARCHIVEDIR}/test_utils +CFLAGS+= -I${_LIBARCHIVEDIR}/cat +CFLAGS+= -I${_LIBARCHIVEDIR}/cat/test +CFLAGS+= -I${_LIBARCHIVEDIR}/test_utils CFLAGS.test_utils.c+= -Wno-cast-align diff --git a/usr.bin/cpio/Makefile b/usr.bin/cpio/Makefile index 31b25e4199da..edc2ddf2bcb6 100644 --- a/usr.bin/cpio/Makefile +++ b/usr.bin/cpio/Makefile @@ -1,11 +1,8 @@ .include -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive -_LIBARCHIVECONFDIR= ${SRCTOP}/lib/libarchive +.include "${SRCTOP}/lib/libarchive/Makefile.inc" PROG= bsdcpio -BSDCPIO_VERSION_STRING!= sed -n '/define.*ARCHIVE_VERSION_ONLY_STRING/{s,[^0-9.],,gp;q;}' \ - ${_LIBARCHIVEDIR}/libarchive/archive.h .PATH: ${_LIBARCHIVEDIR}/cpio SRCS= cpio.c cmdline.c @@ -13,18 +10,13 @@ SRCS= cpio.c cmdline.c .PATH: ${_LIBARCHIVEDIR}/libarchive_fe SRCS+= lafe_err.c line_reader.c passphrase.c -CFLAGS+= -DBSDCPIO_VERSION_STRING=\"${BSDCPIO_VERSION_STRING}\" -CFLAGS+= -DPLATFORM_CONFIG_H=\"${_LIBARCHIVECONFDIR}/config_freebsd.h\" -CFLAGS+= -I${_LIBARCHIVEDIR}/cpio -I${_LIBARCHIVEDIR}/libarchive_fe - LIBADD= archive -.if ${MK_ICONV} != "no" -CFLAGS+= -DHAVE_ICONV=1 -DHAVE_ICONV_H=1 -DICONV_CONST=const -.endif +CFLAGS+= -DBSDCPIO_VERSION_STRING=\"${LIBARCHIVE_VERSION_ONLY_STRING}\" +CFLAGS+= -I${_LIBARCHIVEDIR}/tar -SYMLINKS=bsdcpio ${BINDIR}/cpio -MLINKS= bsdcpio.1 cpio.1 +SYMLINKS= bsdcpio ${BINDIR}/cpio +MLINKS= bsdcpio.1 cpio.1 HAS_TESTS= SUBDIR.${MK_TESTS}+= tests diff --git a/usr.bin/cpio/tests/Makefile b/usr.bin/cpio/tests/Makefile index ee4da15bc7e4..0db109c1e379 100644 --- a/usr.bin/cpio/tests/Makefile +++ b/usr.bin/cpio/tests/Makefile @@ -1,6 +1,8 @@ -PACKAGE= tests +.include + +.include "${SRCTOP}/lib/libarchive/Makefile.inc" -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive +PACKAGE= tests ATF_TESTS_SH+= functional_test @@ -8,13 +10,10 @@ BINDIR= ${TESTSDIR} PROGS+= bsdcpio_test -CFLAGS+= -DPLATFORM_CONFIG_H=\"${SRCTOP}/lib/libarchive/config_freebsd.h\" -CFLAGS+= -I${SRCTOP}/lib/libarchive -I${.OBJDIR} - CFLAGS+= -I${.OBJDIR} -CFLAGS+= -I${_LIBARCHIVEDIR}/cpio -I${_LIBARCHIVEDIR}/cpio/test -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive_fe -I${_LIBARCHIVEDIR}/test_utils +CFLAGS+= -I${_LIBARCHIVEDIR}/cpio +CFLAGS+= -I${_LIBARCHIVEDIR}/cpio/test +CFLAGS+= -I${_LIBARCHIVEDIR}/test_utils # Uncomment to link against dmalloc #LDADD+= -L/usr/local/lib -ldmalloc diff --git a/usr.bin/tar/Makefile b/usr.bin/tar/Makefile index 8b0d3e4a6cf0..0452e084bee2 100644 --- a/usr.bin/tar/Makefile +++ b/usr.bin/tar/Makefile @@ -1,11 +1,9 @@ .include -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive +.include "${SRCTOP}/lib/libarchive/Makefile.inc" PACKAGE= runtime PROG= bsdtar -BSDTAR_VERSION_STRING!= sed -n '/define.*ARCHIVE_VERSION_ONLY_STRING/{s,[^0-9.],,gp;q;}' \ - ${_LIBARCHIVEDIR}/libarchive/archive.h .PATH: ${_LIBARCHIVEDIR}/tar SRCS= bsdtar.c \ @@ -23,14 +21,9 @@ SRCS+= lafe_err.c \ LIBADD= archive -.if ${MK_ICONV} != "no" -CFLAGS+= -DHAVE_ICONV=1 -DHAVE_ICONV_H=1 -DICONV_CONST=const -.endif +CFLAGS+= -DBSDTAR_VERSION_STRING=\"${LIBARCHIVE_VERSION_ONLY_STRING}\" +CFLAGS+= -I${_LIBARCHIVEDIR}/tar -CFLAGS+= -DBSDTAR_VERSION_STRING=\"${BSDTAR_VERSION_STRING}\" -CFLAGS+= -DPLATFORM_CONFIG_H=\"${SRCTOP}/lib/libarchive/config_freebsd.h\" -CFLAGS+= -I${_LIBARCHIVEDIR}/tar -I${_LIBARCHIVEDIR}/libarchive -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive_fe SYMLINKS= bsdtar ${BINDIR}/tar MLINKS= bsdtar.1 tar.1 diff --git a/usr.bin/tar/tests/Makefile b/usr.bin/tar/tests/Makefile index 116425b0621f..45db3abf7bc2 100644 --- a/usr.bin/tar/tests/Makefile +++ b/usr.bin/tar/tests/Makefile @@ -1,17 +1,18 @@ +.include + +.include "${SRCTOP}/lib/libarchive/Makefile.inc" + PACKAGE= tests WARNS?= 3 -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive - ATF_TESTS_SH+= functional_test BINDIR= ${TESTSDIR} -CFLAGS+= -DPLATFORM_CONFIG_H=\"${SRCTOP}/lib/libarchive/config_freebsd.h\" -CFLAGS+= -I${SRCTOP}/lib/libarchive -I${.OBJDIR} -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive -CFLAGS+= -I${_LIBARCHIVEDIR}/tar -I${_LIBARCHIVEDIR}/tar/test +CFLAGS+= -I${.OBJDIR} +CFLAGS+= -I${_LIBARCHIVEDIR}/tar +CFLAGS+= -I${_LIBARCHIVEDIR}/tar/test CFLAGS+= -I${_LIBARCHIVEDIR}/test_utils CFLAGS.test_utils.c+= -Wno-cast-align diff --git a/usr.bin/unzip/Makefile b/usr.bin/unzip/Makefile index 3ca95e5fa881..35d82729b718 100644 --- a/usr.bin/unzip/Makefile +++ b/usr.bin/unzip/Makefile @@ -1,25 +1,20 @@ .include -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive -_LIBARCHIVECONFDIR= ${SRCTOP}/lib/libarchive +.include "${SRCTOP}/lib/libarchive/Makefile.inc" PROG= bsdunzip -BSDUNZIP_VERSION_STRING!= sed -n '/define.*ARCHIVE_VERSION_ONLY_STRING/{s,[^0-9.],,gp;q;}' \ - ${_LIBARCHIVEDIR}/libarchive/archive.h - .PATH: ${_LIBARCHIVEDIR}/unzip SRCS= bsdunzip.c .PATH: ${_LIBARCHIVEDIR}/libarchive_fe SRCS+= cmdline.c lafe_err.c lafe_getline.c passphrase.c -CFLAGS+= -DBSDUNZIP_VERSION_STRING=\"${BSDUNZIP_VERSION_STRING}\" -CFLAGS+= -DPLATFORM_CONFIG_H=\"${_LIBARCHIVECONFDIR}/config_freebsd.h\" -CFLAGS+= -I${_LIBARCHIVEDIR}/unzip -I${_LIBARCHIVEDIR}/libarchive_fe - LIBADD= archive +CFLAGS+= -DBSDUNZIP_VERSION_STRING=\"${LIBARCHIVE_VERSION_ONLY_STRING}\" +CFLAGS+= -I${_LIBARCHIVEDIR}/unzip + SYMLINKS=bsdunzip ${BINDIR}/unzip MLINKS= bsdunzip.1 unzip.1 @@ -27,4 +22,3 @@ HAS_TESTS= SUBDIR.${MK_TESTS}+= tests .include -# DO NOT DELETE diff --git a/usr.bin/unzip/tests/Makefile b/usr.bin/unzip/tests/Makefile index fada172b1bd7..0e55c49d07b5 100644 --- a/usr.bin/unzip/tests/Makefile +++ b/usr.bin/unzip/tests/Makefile @@ -1,3 +1,7 @@ +.include + +.include "${SRCTOP}/lib/libarchive/Makefile.inc" + PACKAGE= tests _LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive @@ -8,13 +12,10 @@ BINDIR= ${TESTSDIR} PROGS+= bsdunzip_test -CFLAGS+= -DPLATFORM_CONFIG_H=\"${SRCTOP}/lib/libarchive/config_freebsd.h\" -CFLAGS+= -I${SRCTOP}/lib/libarchive -I${.OBJDIR} - CFLAGS+= -I${.OBJDIR} -CFLAGS+= -I${_LIBARCHIVEDIR}/unzip -I${_LIBARCHIVEDIR}/unzip/test -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive_fe -I${_LIBARCHIVEDIR}/test_utils +CFLAGS+= -I${_LIBARCHIVEDIR}/unzip +CFLAGS+= -I${_LIBARCHIVEDIR}/unzip/test +CFLAGS+= -I${_LIBARCHIVEDIR}/test_utils # Uncomment to link against dmalloc #LDADD+= -L/usr/local/lib -ldmalloc From nobody Mon Jun 8 23:01:09 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wP3tYcz6gtsl for ; Mon, 08 Jun 2026 23:01:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6wP1P7Xz3F9h for ; Mon, 08 Jun 2026 23:01:09 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959669; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZFyRbL6qYzTNnZcw/qng4g/Auk/tSGwdnsIiclPT/gU=; b=wJW7hTtIst4b8saBgaRUncyR5vmudA1CPqqE092SfTsVPOuaq7fnBpH7+QF8iODiC2Wmcx 3mkczDL1QagvG/DdMAM+bNkcLSIZJ5+h8Jryutvf72SBJBgG/RguEpBexY6Y+/aDPJAbV7 u82j8VKpEM4CZhQKhdNoTwGqhhMwktZCkQScFFoU4k/tdw1WPR9eAwHh5MOEuKQo9B5zGq cZpPVfafBQfsNCtEtG5uBBOpVT/wabMFzzlQAa+37JKVvRb6c5pEYbmXPe9SN+Auc5B2Q3 gqUpzoNvNcx6jL49ErlwC3BNPaTvFWnEiE7zlpEPC7Y0rsHVidqJoHLn3tOi9A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780959669; a=rsa-sha256; cv=none; b=oCpa3sw+x4Cph/aH0zU6+qrROyY369Ge+J2Cu1fHAxgx9/OQRwOEokEoIQYh5eR+OOjcgk WSfD7scBNo7jVvCwRQ+J8PnefL6DbZ8Vc0MZ/x+7ho5dAp3vqAy5LpXI2viFEBJT5WHcq+ Rp08aMnWiNl2mLTC3MMT/KGVeBYjyNhqnHAL9hNvw4+ty6XTAn50L9+D66yEcGqNKM5tQP m9Okugh7dwOvtQqnPCGmV7eyiN9JZHW/4AZAuabWatDVxC5FALQpv0tL7mpC1fgSfZXQcv tEmasrBukprdHrLJuvvZxP4UVUS6AZ+NnyEIRoMVG0PGvZlqEME56F7nGbEBrg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959669; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZFyRbL6qYzTNnZcw/qng4g/Auk/tSGwdnsIiclPT/gU=; b=RchskVaqcENb/oy3TxkiB4vRDNbTuFvrVumYXw0T0/bi8u+K1PQho9Rwr8OaXRww9Xjwdb HDFJjUsR2mELyso/vDmxoKxSS05kIhKe67tTKou4xEAv6l56NzRyDCBS+hLgOeMaJkXz5c mQ51dNFwqEsw/EnaJ5BcFO9psVhGbMzMP5ZTrcbebNngSg3744v/Floz3KgaStmSZkYfTB oWnp3y0mLi6UQ/EAGmf1hHrYA6VQHm74E22eNTnzZoycbMZaeXK9Qi/jiGsqkjiOSvXUo7 fU1N2ZvqFgRMMnV38CoTrlOabujKYvKhAX/8wgZRYPC9YvO9t7M6tWoNWPQPxw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wP0wngz16lN for ; Mon, 08 Jun 2026 23:01:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 24afd by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 23:01:09 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: 62f3971e6c06 - stable/14 - libarchive: Clean up the build configuration List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 62f3971e6c062d67660e4236e6106cc51e6492f0 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 23:01:09 +0000 Message-Id: <6a2749b5.24afd.7ce0c87a@gitrepo.freebsd.org> The branch stable/14 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=62f3971e6c062d67660e4236e6106cc51e6492f0 commit 62f3971e6c062d67660e4236e6106cc51e6492f0 Author: Dag-Erling Smørgrav AuthorDate: 2026-06-04 13:12:23 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-08 23:00:52 +0000 libarchive: Clean up the build configuration * Move settings duplicated in libarchive, bsdcat, bsdcpio, bsdtar, and bsdunzip into libarchive's Makefile.inc. * Drop some CFLAGS that merely duplicated some of the contents of our platform configuration header. MFC after: 1 week Reviewed by: mm Differential Revision: https://reviews.freebsd.org/D57307 (cherry picked from commit eb3a0a74a069d0f294e1596504676459282bb308) libarchive: Fix typo in sed command MFC after: 1 week Fixes: eb3a0a74a069 ("libarchive: Clean up the build configuration") Reported by: Shawn Webb (cherry picked from commit ba0d22eacd6008e9f3b7395b41056de2423aef3d) --- lib/libarchive/Makefile | 7 ++----- lib/libarchive/Makefile.inc | 16 +++++++++++----- lib/libarchive/tests/Makefile | 8 ++++---- usr.bin/bsdcat/Makefile | 17 ++++++----------- usr.bin/bsdcat/tests/Makefile | 14 ++++++-------- usr.bin/cpio/Makefile | 18 +++++------------- usr.bin/cpio/tests/Makefile | 14 ++++++-------- usr.bin/tar/Makefile | 13 +++---------- usr.bin/tar/tests/Makefile | 12 ++++++------ usr.bin/unzip/Makefile | 14 ++++---------- usr.bin/unzip/tests/Makefile | 12 ++++++------ 11 files changed, 59 insertions(+), 86 deletions(-) diff --git a/lib/libarchive/Makefile b/lib/libarchive/Makefile index fed73c388318..f9c5f758382c 100644 --- a/lib/libarchive/Makefile +++ b/lib/libarchive/Makefile @@ -1,7 +1,8 @@ .include +.include "Makefile.inc" + PACKAGE=lib${LIB} -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive LIB= archive @@ -9,10 +10,6 @@ LIB= archive # It has no real relation to the libarchive version number. SHLIB_MAJOR= 7 -CFLAGS+= -I${.OBJDIR} -CFLAGS+= -I${SRCTOP}/sys/contrib/zstd/lib -.include "Makefile.inc" - .if ${MACHINE_ARCH:Marm*} != "" || ${MACHINE_ARCH:Mpowerpc*} != "" NO_WCAST_ALIGN= yes .if ${MACHINE_ARCH:M*64*} == "" diff --git a/lib/libarchive/Makefile.inc b/lib/libarchive/Makefile.inc index 755a39ec01e8..514ce205d560 100644 --- a/lib/libarchive/Makefile.inc +++ b/lib/libarchive/Makefile.inc @@ -2,11 +2,17 @@ # them in sync we can get run-time crashes while running tests due to mismatches # between structures such as archive_md5_ctx, etc. -LIBADD= z bz2 lzma bsdxml zstd -CFLAGS+= -DHAVE_BZLIB_H=1 -DHAVE_LIBLZMA=1 -DHAVE_LZMA_H=1 \ - -DHAVE_ZSTD_H=1 -DHAVE_LIBZSTD=1 -DHAVE_ZSTD_compressStream=1 \ - -DHAVE_SYSCONF=1 -CFLAGS+= -DPLATFORM_CONFIG_H=\"${.CURDIR}/config_freebsd.h\" +_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive +LIBARCHIVE_VERSION_ONLY_STRING!= \ + sed -n '/define.*ARCHIVE_VERSION_ONLY_STRING/{s,[^0-9.],,gp;q;}' \ + ${_LIBARCHIVEDIR}/libarchive/archive.h + +LIBADD+= z bz2 lzma bsdxml zstd +CFLAGS+= -DPLATFORM_CONFIG_H=\"config_freebsd.h\" +CFLAGS+= -I${SRCTOP}/lib/libarchive +CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive +CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive_fe +CFLAGS+= -I${SRCTOP}/sys/contrib/zstd/lib .if ${MK_OPENSSL} != "no" CFLAGS+= -DWITH_OPENSSL diff --git a/lib/libarchive/tests/Makefile b/lib/libarchive/tests/Makefile index 3a03725054f4..3210938bc117 100644 --- a/lib/libarchive/tests/Makefile +++ b/lib/libarchive/tests/Makefile @@ -1,11 +1,11 @@ .include +.include "${SRCTOP}/lib/libarchive/Makefile.inc" + PACKAGE= tests WARNS?= 3 -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive - ATF_TESTS_SH+= functional_test TEST_METADATA.functional_test+= timeout="600" @@ -14,8 +14,8 @@ BINDIR= ${TESTSDIR} PROGS+= libarchive_test -CFLAGS+= -I${.CURDIR} -I${.CURDIR:H} -I${.OBJDIR} -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive -I${_LIBARCHIVEDIR}/libarchive/test +CFLAGS+= -I${.OBJDIR} +CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive/test CFLAGS+= -I${_LIBARCHIVEDIR}/test_utils CFLAGS+= -I${SRCTOP}/sys/contrib/zstd/lib diff --git a/usr.bin/bsdcat/Makefile b/usr.bin/bsdcat/Makefile index 0377a4c48f5f..ce10aefd4c58 100644 --- a/usr.bin/bsdcat/Makefile +++ b/usr.bin/bsdcat/Makefile @@ -1,12 +1,9 @@ .include -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive -_LIBARCHIVECONFDIR= ${SRCTOP}/lib/libarchive +.include "${SRCTOP}/lib/libarchive/Makefile.inc" PROG= bsdcat -BSDCAT_VERSION_STRING!= sed -n '/define.*ARCHIVE_VERSION_ONLY_STRING/{s,[^0-9.],,gp;q;}' \ - ${_LIBARCHIVEDIR}/libarchive/archive.h .PATH: ${_LIBARCHIVEDIR}/cat SRCS= bsdcat.c cmdline.c @@ -14,15 +11,13 @@ SRCS= bsdcat.c cmdline.c .PATH: ${_LIBARCHIVEDIR}/libarchive_fe SRCS+= lafe_err.c -CFLAGS+= -DBSDCAT_VERSION_STRING=\"${BSDCAT_VERSION_STRING}\" -CFLAGS+= -DPLATFORM_CONFIG_H=\"${_LIBARCHIVECONFDIR}/config_freebsd.h\" -CFLAGS+= -I${_LIBARCHIVEDIR}/cat -I${_LIBARCHIVEDIR}/libarchive_fe - LIBADD= archive -.if ${MK_ICONV} != "no" -CFLAGS+= -DHAVE_ICONV=1 -DHAVE_ICONV_H=1 -DICONV_CONST=const -.endif +CFLAGS+= -DBSDCAT_VERSION_STRING=\"${LIBARCHIVE_VERSION_ONLY_STRING}\" +CFLAGS+= -I${_LIBARCHIVEDIR}/cat + +#SYMLINKS=bsdcat ${BINDIR}/cat +#MLINKS= bsdcat.1 cat.1 HAS_TESTS= SUBDIR.${MK_TESTS}+= tests diff --git a/usr.bin/bsdcat/tests/Makefile b/usr.bin/bsdcat/tests/Makefile index 02382137aa16..f75ebeac2aea 100644 --- a/usr.bin/bsdcat/tests/Makefile +++ b/usr.bin/bsdcat/tests/Makefile @@ -1,7 +1,8 @@ +.include -PACKAGE= tests +.include "${SRCTOP}/lib/libarchive/Makefile.inc" -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive +PACKAGE= tests ATF_TESTS_SH+= functional_test @@ -9,13 +10,10 @@ BINDIR= ${TESTSDIR} PROGS+= bsdcat_test -CFLAGS+= -DPLATFORM_CONFIG_H=\"${SRCTOP}/lib/libarchive/config_freebsd.h\" -CFLAGS+= -I${SRCTOP}/lib/libarchive -I${.OBJDIR} - CFLAGS+= -I${.OBJDIR} -CFLAGS+= -I${_LIBARCHIVEDIR}/cat -I${_LIBARCHIVEDIR}/cat/test -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive_fe -I${_LIBARCHIVEDIR}/test_utils +CFLAGS+= -I${_LIBARCHIVEDIR}/cat +CFLAGS+= -I${_LIBARCHIVEDIR}/cat/test +CFLAGS+= -I${_LIBARCHIVEDIR}/test_utils CFLAGS.test_utils.c+= -Wno-cast-align diff --git a/usr.bin/cpio/Makefile b/usr.bin/cpio/Makefile index a52a12ea361b..594bd86fdbd5 100644 --- a/usr.bin/cpio/Makefile +++ b/usr.bin/cpio/Makefile @@ -1,12 +1,9 @@ .include -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive -_LIBARCHIVECONFDIR= ${SRCTOP}/lib/libarchive +.include "${SRCTOP}/lib/libarchive/Makefile.inc" PROG= bsdcpio -BSDCPIO_VERSION_STRING!= sed -n '/define.*ARCHIVE_VERSION_ONLY_STRING/{s,[^0-9.],,gp;q;}' \ - ${_LIBARCHIVEDIR}/libarchive/archive.h .PATH: ${_LIBARCHIVEDIR}/cpio SRCS= cpio.c cmdline.c @@ -14,18 +11,13 @@ SRCS= cpio.c cmdline.c .PATH: ${_LIBARCHIVEDIR}/libarchive_fe SRCS+= lafe_err.c line_reader.c passphrase.c -CFLAGS+= -DBSDCPIO_VERSION_STRING=\"${BSDCPIO_VERSION_STRING}\" -CFLAGS+= -DPLATFORM_CONFIG_H=\"${_LIBARCHIVECONFDIR}/config_freebsd.h\" -CFLAGS+= -I${_LIBARCHIVEDIR}/cpio -I${_LIBARCHIVEDIR}/libarchive_fe - LIBADD= archive -.if ${MK_ICONV} != "no" -CFLAGS+= -DHAVE_ICONV=1 -DHAVE_ICONV_H=1 -DICONV_CONST=const -.endif +CFLAGS+= -DBSDCPIO_VERSION_STRING=\"${LIBARCHIVE_VERSION_ONLY_STRING}\" +CFLAGS+= -I${_LIBARCHIVEDIR}/tar -SYMLINKS=bsdcpio ${BINDIR}/cpio -MLINKS= bsdcpio.1 cpio.1 +SYMLINKS= bsdcpio ${BINDIR}/cpio +MLINKS= bsdcpio.1 cpio.1 HAS_TESTS= SUBDIR.${MK_TESTS}+= tests diff --git a/usr.bin/cpio/tests/Makefile b/usr.bin/cpio/tests/Makefile index e06f7fc34de3..0db109c1e379 100644 --- a/usr.bin/cpio/tests/Makefile +++ b/usr.bin/cpio/tests/Makefile @@ -1,7 +1,8 @@ +.include -PACKAGE= tests +.include "${SRCTOP}/lib/libarchive/Makefile.inc" -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive +PACKAGE= tests ATF_TESTS_SH+= functional_test @@ -9,13 +10,10 @@ BINDIR= ${TESTSDIR} PROGS+= bsdcpio_test -CFLAGS+= -DPLATFORM_CONFIG_H=\"${SRCTOP}/lib/libarchive/config_freebsd.h\" -CFLAGS+= -I${SRCTOP}/lib/libarchive -I${.OBJDIR} - CFLAGS+= -I${.OBJDIR} -CFLAGS+= -I${_LIBARCHIVEDIR}/cpio -I${_LIBARCHIVEDIR}/cpio/test -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive_fe -I${_LIBARCHIVEDIR}/test_utils +CFLAGS+= -I${_LIBARCHIVEDIR}/cpio +CFLAGS+= -I${_LIBARCHIVEDIR}/cpio/test +CFLAGS+= -I${_LIBARCHIVEDIR}/test_utils # Uncomment to link against dmalloc #LDADD+= -L/usr/local/lib -ldmalloc diff --git a/usr.bin/tar/Makefile b/usr.bin/tar/Makefile index 8b0d3e4a6cf0..0452e084bee2 100644 --- a/usr.bin/tar/Makefile +++ b/usr.bin/tar/Makefile @@ -1,11 +1,9 @@ .include -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive +.include "${SRCTOP}/lib/libarchive/Makefile.inc" PACKAGE= runtime PROG= bsdtar -BSDTAR_VERSION_STRING!= sed -n '/define.*ARCHIVE_VERSION_ONLY_STRING/{s,[^0-9.],,gp;q;}' \ - ${_LIBARCHIVEDIR}/libarchive/archive.h .PATH: ${_LIBARCHIVEDIR}/tar SRCS= bsdtar.c \ @@ -23,14 +21,9 @@ SRCS+= lafe_err.c \ LIBADD= archive -.if ${MK_ICONV} != "no" -CFLAGS+= -DHAVE_ICONV=1 -DHAVE_ICONV_H=1 -DICONV_CONST=const -.endif +CFLAGS+= -DBSDTAR_VERSION_STRING=\"${LIBARCHIVE_VERSION_ONLY_STRING}\" +CFLAGS+= -I${_LIBARCHIVEDIR}/tar -CFLAGS+= -DBSDTAR_VERSION_STRING=\"${BSDTAR_VERSION_STRING}\" -CFLAGS+= -DPLATFORM_CONFIG_H=\"${SRCTOP}/lib/libarchive/config_freebsd.h\" -CFLAGS+= -I${_LIBARCHIVEDIR}/tar -I${_LIBARCHIVEDIR}/libarchive -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive_fe SYMLINKS= bsdtar ${BINDIR}/tar MLINKS= bsdtar.1 tar.1 diff --git a/usr.bin/tar/tests/Makefile b/usr.bin/tar/tests/Makefile index fe3dd3e8e6ed..45db3abf7bc2 100644 --- a/usr.bin/tar/tests/Makefile +++ b/usr.bin/tar/tests/Makefile @@ -1,18 +1,18 @@ +.include + +.include "${SRCTOP}/lib/libarchive/Makefile.inc" PACKAGE= tests WARNS?= 3 -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive - ATF_TESTS_SH+= functional_test BINDIR= ${TESTSDIR} -CFLAGS+= -DPLATFORM_CONFIG_H=\"${SRCTOP}/lib/libarchive/config_freebsd.h\" -CFLAGS+= -I${SRCTOP}/lib/libarchive -I${.OBJDIR} -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive -CFLAGS+= -I${_LIBARCHIVEDIR}/tar -I${_LIBARCHIVEDIR}/tar/test +CFLAGS+= -I${.OBJDIR} +CFLAGS+= -I${_LIBARCHIVEDIR}/tar +CFLAGS+= -I${_LIBARCHIVEDIR}/tar/test CFLAGS+= -I${_LIBARCHIVEDIR}/test_utils CFLAGS.test_utils.c+= -Wno-cast-align diff --git a/usr.bin/unzip/Makefile b/usr.bin/unzip/Makefile index e359ca162e73..bf00df8f1eee 100644 --- a/usr.bin/unzip/Makefile +++ b/usr.bin/unzip/Makefile @@ -1,26 +1,21 @@ .include -_LIBARCHIVEDIR= ${SRCTOP}/contrib/libarchive -_LIBARCHIVECONFDIR= ${SRCTOP}/lib/libarchive +.include "${SRCTOP}/lib/libarchive/Makefile.inc" PROG= bsdunzip -BSDUNZIP_VERSION_STRING!= sed -n '/define.*ARCHIVE_VERSION_ONLY_STRING/{s,[^0-9.],,gp;q;}' \ - ${_LIBARCHIVEDIR}/libarchive/archive.h - .PATH: ${_LIBARCHIVEDIR}/unzip SRCS= bsdunzip.c .PATH: ${_LIBARCHIVEDIR}/libarchive_fe SRCS+= cmdline.c lafe_err.c lafe_getline.c passphrase.c -CFLAGS+= -DBSDUNZIP_VERSION_STRING=\"${BSDUNZIP_VERSION_STRING}\" -CFLAGS+= -DPLATFORM_CONFIG_H=\"${_LIBARCHIVECONFDIR}/config_freebsd.h\" -CFLAGS+= -I${_LIBARCHIVEDIR}/unzip -I${_LIBARCHIVEDIR}/libarchive_fe - LIBADD= archive +CFLAGS+= -DBSDUNZIP_VERSION_STRING=\"${LIBARCHIVE_VERSION_ONLY_STRING}\" +CFLAGS+= -I${_LIBARCHIVEDIR}/unzip + SYMLINKS=bsdunzip ${BINDIR}/unzip MLINKS= bsdunzip.1 unzip.1 @@ -28,4 +23,3 @@ HAS_TESTS= SUBDIR.${MK_TESTS}+= tests .include -# DO NOT DELETE diff --git a/usr.bin/unzip/tests/Makefile b/usr.bin/unzip/tests/Makefile index fd5254a55912..0e55c49d07b5 100644 --- a/usr.bin/unzip/tests/Makefile +++ b/usr.bin/unzip/tests/Makefile @@ -1,3 +1,6 @@ +.include + +.include "${SRCTOP}/lib/libarchive/Makefile.inc" PACKAGE= tests @@ -9,13 +12,10 @@ BINDIR= ${TESTSDIR} PROGS+= bsdunzip_test -CFLAGS+= -DPLATFORM_CONFIG_H=\"${SRCTOP}/lib/libarchive/config_freebsd.h\" -CFLAGS+= -I${SRCTOP}/lib/libarchive -I${.OBJDIR} - CFLAGS+= -I${.OBJDIR} -CFLAGS+= -I${_LIBARCHIVEDIR}/unzip -I${_LIBARCHIVEDIR}/unzip/test -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive -CFLAGS+= -I${_LIBARCHIVEDIR}/libarchive_fe -I${_LIBARCHIVEDIR}/test_utils +CFLAGS+= -I${_LIBARCHIVEDIR}/unzip +CFLAGS+= -I${_LIBARCHIVEDIR}/unzip/test +CFLAGS+= -I${_LIBARCHIVEDIR}/test_utils # Uncomment to link against dmalloc #LDADD+= -L/usr/local/lib -ldmalloc From nobody Mon Jun 8 23:01:10 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wQ5DQNz6gtr1 for ; Mon, 08 Jun 2026 23:01:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6wQ1rlGz3F5L for ; Mon, 08 Jun 2026 23:01:10 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959670; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=7J767PmSFnhGiUfsjjw0DPoTDSS3f3OUTG+fcRCLWgM=; b=vFqdm1W2D1E9avdnnTaJSXlGmDRA8Qb8BkvAZKENo81i4BTPIXoxRw2vqFtblHQIrfv4yN Bx17mWfc4U+L+a8d3T/hlYkcpFFuULbr4zBpXqF+fD8SWtaeQj6AQgT0/6Hhw0L0dWMi0K jwv6T0P2uzTI2WNEVV7wS1xCei/kXwX6Hl5f+IKnBIgTgc9byFiqNBt7k9zJy6frGbZ6EV 8YdyUIdi6/mzEZX68zGZZSviV5AwDsQOM/4z28TnC2aO1AiU3UCPG4hOvS72PkUkvi8+lZ 4fSxcZi7qh48z2lch5ZZ/g0gJUlGyTRwmrvl/94yqOCHkHngpfCJwontbbC+1Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780959670; a=rsa-sha256; cv=none; b=yPDXIMnOiW3Rwizry8WnVCTqjWjjiPT81aWLQ6QZHNKpfe86Vyw4KtxSjORtMEVuStCI0R r7xAsdkHNTcuRdQnp3+E/FHUZfWTJkWtDD3oXCjz8ur1ogGVKNwujfsevehL0F7btf9UG2 ObSKKV82e3dFf3UB9MZwRRUFte2R4hU+kfZiqQoV4aZGvuj/MffMaTBNTS5CO9ZSR6tp63 X2TZO669vRJE8reMmCx9GfUUWtDl00nKNPMkhweUp2lCV3gTm024W9FAh/phKCzHy1Eurb L1kSNM3hf7WSYH3OotuY1sxVzgiPavScOmNh64QsCfyprCoCRgjyW7Hl86gy9Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959670; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=7J767PmSFnhGiUfsjjw0DPoTDSS3f3OUTG+fcRCLWgM=; b=MsD+gaVWbtaRujGM0oIE/e1Jzxtjz+oEPmfmIYRToLu5x2zvlWEJoNQLYUnSdFYonItHD7 AObU/Um7H0XUf1p4RHz26rchADsUlWNwfhC9+8bJ10CNmu5fereVDdBF92pZRHscos067Z UeerT8eb3nsQA8dhkHWcEmnZnC5A73rrVAEiHqvZog7HEgpL4CDP4Ynpv48BNlWlg7D56S e93yxjSCAXiIqahtuJfemiGyTifHmUBb2iRnm874cbygytMd/Ls4t8xWo0H6U1RW3dlSUi 0i0q93zp0VNF22R6ztWT89ukHlUMgIg41UWZR+z3g69k8HVOgTR/K6/yJuKUlQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wQ1NzBz16ws for ; Mon, 08 Jun 2026 23:01:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 24d23 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 23:01:10 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: d6800be31a1e - stable/14 - limits: Fix pipebuf resource type List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: d6800be31a1e1e51f8fa34dfb0654402f323d109 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 23:01:10 +0000 Message-Id: <6a2749b6.24d23.488d06cb@gitrepo.freebsd.org> The branch stable/14 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=d6800be31a1e1e51f8fa34dfb0654402f323d109 commit d6800be31a1e1e51f8fa34dfb0654402f323d109 Author: Dag-Erling Smørgrav AuthorDate: 2026-06-04 22:41:41 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-08 23:00:53 +0000 limits: Fix pipebuf resource type * pipebuf is a size but is listed as a count PR: 295623 MFC after: 1 week Fixes: f54f41403d14 ("usr.bin/limits: support RLIMIT_PIPEBUF") Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D57456 (cherry picked from commit ad524568f9fb77e270a22744d81b9cea0a2ab0eb) --- usr.bin/limits/limits.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.bin/limits/limits.c b/usr.bin/limits/limits.c index c53066b52a9f..0a76ec5b8e4e 100644 --- a/usr.bin/limits/limits.c +++ b/usr.bin/limits/limits.c @@ -244,7 +244,7 @@ static struct { { "swapuse", login_getcapsize }, { "kqueues", login_getcapnum }, { "umtxp", login_getcapnum }, - { "pipebuf", login_getcapnum }, + { "pipebuf", login_getcapsize }, }; /* From nobody Mon Jun 8 23:01:11 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wS00lsz6gtr2 for ; Mon, 08 Jun 2026 23:01:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6wR2gGVz3F84 for ; Mon, 08 Jun 2026 23:01:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959671; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=H3TQ7A1PI7OwquQTch9iSt6yR5/WHJxizsrKvq+wAy0=; b=WkOgZoP6pFSF/uTP2YAlB4ONmnN77M+NhW4wkqHzqnyZNuXeJoDiPcwVRr377/ICTDQk+p 06PhGxWvyprEiW/e160whI2oWPvxoctZVcaKYQTzf6IQQ8z1HP/VwqB9eAUCJVeu4Z35oS jGmHexniI/an1xDaVAxNBVqEF8zsZv29HHZ542q73q1tk3GL/ofZzk1zbWiR8LZ7XamQNN CuA/lsVUfFuwKMclxVgA8HP2ebwrWfn7pKIjkW5h1yfZ3s1CE8rK+DpwVd7a6uSGPR4WW8 qq5N/h+FvYNXAqmSblYuwwQDqSUSjnAKb30qp7MPXoVT0eQ1+PMci3N+3C8Yag== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780959671; a=rsa-sha256; cv=none; b=CU2jHYPZcxZ5GQ+0tPlworsArQFYPL0ZGYWfoUV+QubVXkUhJJguSNSy/+DCInH3dQ9PUh N0FjFnF5azCQ2jNJJ+va7nJTtlH4svJHnBZWY7wPigCNHxSCzed83ou129jzLOypBmOlmk BXgJ4BCAkpb0sloRNShPHG6sFT0kGnMx1rr2uE07cSC6fBKqNxUUsVYcMVtiODybSkLkZ/ hKgmngOacfnOhfwaiDEv3eZEZnnrCp57Uk4Z7X58iTn7ECHTDH74M1bIAyChXh+ymgHQfB R2gs0rMNz8s50sXWBlZCu8FuW2Pb+CTAGD7lVWeGtsbWxXl9k9a1/goVW/KvMQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959671; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=H3TQ7A1PI7OwquQTch9iSt6yR5/WHJxizsrKvq+wAy0=; b=wcMX4zWCKnRcO0EaYlkqHwoXTSc/1rIriehkTnyHvw5RC8PJRnD0DaFyPup3HrEa7oUmlM 2zMkeirDFDn9k9Q86vU5rrlrc1RaPxdGnP5hAhu4aMFHuLpTdQKUlufv4XVHr9UxFY1wHK MzVRs7BSfT6IcKMPs3zwottpaF62r4sEj7zsnHDaQDJAmql6GZKligFVWMnkTz8g27Dyeb cqYwabsMV5Dae+hOGCQfvL4HJJvkItwqbN5yqkO5MZW5MsQ3LG9fqMppp0fp46vKvdETql hNll5vIAtjPUHaoFi0R9zdPosklSkkXauJRYh6TR5smuMzFNv6XKEgJAhSpzpg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wR2FkLz17Sw for ; Mon, 08 Jun 2026 23:01:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 26680 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 23:01:11 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: c8b81d5ff2f4 - stable/14 - etcupdate: Make diff -l actually work List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: c8b81d5ff2f404570c35653a1256916b06865f28 Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 23:01:11 +0000 Message-Id: <6a2749b7.26680.187184c6@gitrepo.freebsd.org> The branch stable/14 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=c8b81d5ff2f404570c35653a1256916b06865f28 commit c8b81d5ff2f404570c35653a1256916b06865f28 Author: Dag-Erling Smørgrav AuthorDate: 2026-06-04 22:41:27 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-08 23:00:54 +0000 etcupdate: Make diff -l actually work While here, remove unnecessary blank lines. MFC after: 1 week Fixes: 6d65c91b9a47 ("etcupdate: fix arguments order of diff command") Reviewed by: Boris Lytochkin Differential Revision: https://reviews.freebsd.org/D57330 (cherry picked from commit a85e39030f8c7faa3d5a33373389440de6f0fff7) --- usr.sbin/etcupdate/etcupdate.sh | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) diff --git a/usr.sbin/etcupdate/etcupdate.sh b/usr.sbin/etcupdate/etcupdate.sh index f62343a24eee..738e4f4ef378 100755 --- a/usr.sbin/etcupdate/etcupdate.sh +++ b/usr.sbin/etcupdate/etcupdate.sh @@ -504,42 +504,32 @@ diffnode() $COMPARE_EQUAL) ;; $COMPARE_ONLYFIRST) - echo echo "Removed: $3" - echo ;; $COMPARE_ONLYSECOND) - echo echo "Added: $3" - echo ;; $COMPARE_DIFFTYPE) first=`file_type $1/$3` second=`file_type $2/$3` - echo echo "Node changed from a $first to a $second: $3" - echo ;; $COMPARE_DIFFLINKS) first=`readlink $1/$file` second=`readlink $2/$file` - echo echo "Link changed: $file" rule "=" echo "-$first" echo "+$second" - echo ;; $COMPARE_DIFFFILES) if [ -n "$difflistonly" ]; then - echo echo "Changed: $3" - echo - break; + else + echo "Index: $3" + rule "=" + diff -u $diffargs -L "$3 ($4)" -L "$3 ($5)" $1/$3 $2/$3 fi - echo "Index: $3" - rule "=" - diff -u $diffargs -L "$3 ($4)" -L "$3 ($5)" $1/$3 $2/$3 ;; esac } From nobody Mon Jun 8 23:01:12 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wT2v5Vz6gv3X for ; Mon, 08 Jun 2026 23:01:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ6wS3b8mz3FBH for ; Mon, 08 Jun 2026 23:01:12 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959672; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=I1ncG7n7iCNtUdTHHnm738OHM0k8NeR0XjYt4EXc4EE=; b=SeCVpjDNeOE4t4zndZUYhydhjm5cRbIWCCchSb/7+uVGMcm43ERiDncvGfRordrSIHs7II /3OUdo/MT/jXXR5I3IwZ7Grf5bZwROgNZmarzmvFV4oo+4xARMSzZXXLBc/JlwnLtDhZuE K7/iuPDfy00ElZdcD8HlH/oIlegZno7CsQROfp0XDJ89+sX/IYYPAhwl019tG1UBTxmq59 +zGqUaUgocT2HTkuizM4Rs9n5zy+Hepoee6O5M3y5o25v6/NadSU3HLXbihRBAy35LuBsU DXQwYqFNiEi9GFL1PxwUUiT38AowidM/UaqXRHVsFlsq8SDx6hIgePXqzh5Guw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780959672; a=rsa-sha256; cv=none; b=rUdrnyRsYsvaCasKgDj5Um02GI3HyU7c/ALLpOFDCk81QoK4lEaCDzu+xxkqu4tnLljr6B aphOB58ObSZ9v8scKU1F12qmPWBdznuSzgEmdrk2+wd8q/DmHy8HRXZ7pjYzUyZCjwoym+ geenatb0ehUgLKYglEMSHKNy9LoPB3Vg2O11QYP3H2Wa1L3hC7a0ECn0BFJeJv2zGBuo/D gxzsgCzSCY7GnAoWhtMqBAlGzR0wrgMstRlPQHMR8JUX/GBJqX0L3Kah6htNcz7wXOpUu8 dUz7xUhYVUJBB4IFg6zH8DkOCqypwWEPptC4uyrp9pTw4FsJnQrGaPSgC4vAcw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780959672; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=I1ncG7n7iCNtUdTHHnm738OHM0k8NeR0XjYt4EXc4EE=; b=pFzBGpBNPLNRYR+STgujNu5nmgekjvuuyTOhIxM9pFPDd3aAQQkcwBSI9kHsIc7o1Ce2i3 hq1tJs7ywS/2aF22/G75DxOA4QO7ggB1gjy8qqtBzavtcA1gt1YQpNbNcG8E6KsRYZZmUh EhK4WRGVWuVaZQ5+j+1p90u4B6PvHbF5Zui2UnLabrTEe/l4wrad+o7BLXwDpILyhxRTvd tQe+qSyMQKgLfe3VrxFzDGlI9UK3VsCi24NUNrmY7YXTUBPyPRaV2ZEZWm5+Q8EVccPTaN y27Oy+d4OouPf/d6CUvIoHVeWfo2AY85WJZS2KX6e8tjVBIzgvo436JYLcT9Ow== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ6wS38Dtz17GL for ; Mon, 08 Jun 2026 23:01:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 23bfe by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 08 Jun 2026 23:01:12 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: d09b42a876bb - stable/14 - rc: Bail if /dev/null is not a device List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: d09b42a876bbd3a03edd8443976d0ad55a864e2e Auto-Submitted: auto-generated Date: Mon, 08 Jun 2026 23:01:12 +0000 Message-Id: <6a2749b8.23bfe.7991b2e9@gitrepo.freebsd.org> The branch stable/14 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=d09b42a876bbd3a03edd8443976d0ad55a864e2e commit d09b42a876bbd3a03edd8443976d0ad55a864e2e Author: Dag-Erling Smørgrav AuthorDate: 2026-06-05 15:53:29 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-08 23:00:54 +0000 rc: Bail if /dev/null is not a device On startup, check that /dev/null exists and is a character device. Otherwise, one of two things will happen: either /dev is a writable directory and we will immediately create /dev/null as a regular file and dump garbage into it, or it does not and we will spit out a stream of error messages about failing to create /dev/null. PR: 295782 MFC after: 1 week Reviewed by: jhb, emaste Differential Revision: https://reviews.freebsd.org/D57447 (cherry picked from commit b5a96894f67a92f78f0641763eff1e0a46f2e036) --- libexec/rc/rc | 5 +++++ share/man/man8/rc.8 | 13 +++++++++++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/libexec/rc/rc b/libexec/rc/rc index ae1b24a6f36d..3df98ef8a714 100644 --- a/libexec/rc/rc +++ b/libexec/rc/rc @@ -49,6 +49,11 @@ HOME=/ PATH=/sbin:/bin:/usr/sbin:/usr/bin export HOME PATH +if ! [ -c /dev/null ]; then + echo "/dev is not populated" >&2 + exit 1 +fi + if [ "$1" = autoboot ]; then autoboot=yes _boot="faststart" diff --git a/share/man/man8/rc.8 b/share/man/man8/rc.8 index fa736ce50394..beb0e86c6142 100644 --- a/share/man/man8/rc.8 +++ b/share/man/man8/rc.8 @@ -30,8 +30,7 @@ .\" .\" @(#)rc.8 8.2 (Berkeley) 12/11/93 .\" -.Dd June 1, 2023 -.Dd September 20, 2024 +.Dd June 4, 2026 .Dt RC 8 .Os .Sh NAME @@ -99,6 +98,16 @@ command provides a scripting interface to modify system config files. .Ss Operation of Nm .Bl -enum .It +Verify that +.Pa /dev/null +exists and is a character device. +If that is not the case, +.Nm +prints an error message and terminates. +This is normally caused by forgetting to enable +.Xr devfs 5 +in a jail's configuration. +.It If autobooting, set .Va autoboot Ns = Ns Li yes and enable a flag From nobody Tue Jun 9 00:48:50 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ9Jl5NDLz6h2nF for ; Tue, 09 Jun 2026 00:48:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ9Jl3J2Jz3Pr3 for ; Tue, 09 Jun 2026 00:48:55 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780966135; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vUqQ56NhiRsr6HLLmuiDJLKABhkFySJ/Pr70WOvfWQM=; b=oeJO89WcjmdPEAISTz6zhCyxHR+2NiqUpHlZ5b/fOALX4uVnWwUpsBgCab845Z2C+JzWXm +0FyfxZWmdxTMlvw3KfcNc5vO1QeDZbAonvKr4OBukMkul2b+zSoargHS/lASNux977cHA m2ebTbi+tyeWt4KLHBeTXSXkT1zOqJAFMr69P6wc633nGWo3BbyEYDj3tQ7txXy8vEMFE8 6Lqr1slf/aZAOTSWnlPQRysCvPEklWO4H3LXGCgSPPPzMg4PgniGk4e5ppex+SkQkjbyFd 7UdySH63fRVsbeESCUifGpAl3ANBY1wwwVRyZDZqeeKL4L8UA0KpwAfGFrPOqw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780966135; a=rsa-sha256; cv=none; b=hJvn3ezbs319dArN5Ne6ofMwuK5+4s3lwd+Q8CR0zXLgwHLWlfeOxJ20qsXBKqt8B0J0i6 H8rYtTLQI4NChj7JkrChpoMsgKN59O+KmXCy0dYOKsX6LC6inONWge/CnzbitKdwfhHTdZ xYAyks7uoDxF6sVxD11s7fDacawZgUT9g+zZTkg8A27gk91j6jNbPIDEy+8qHxPqzg0iza HJqgRKmACwk4NzgyXRM/N2lVLXjfTbf/5Xf3sICCoaJN4vG3HQMrbSDZhiDZn8ZU1uCYFu KcPW2j0YwhMpA8tT148+CA/G2WmvF7v7mXLWrTW/eMP7MPMcCepOFWxeBbBnmQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780966135; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vUqQ56NhiRsr6HLLmuiDJLKABhkFySJ/Pr70WOvfWQM=; b=hqfNO0AtwgcCdITmj/+82quEyxtxmUybD+NgERChwZ5yBzibAm62s1KM9ySLQxmVe54Pom 7ky0KPMC1Kc+bM5T7ZpB+1paYqXVp7HD3ePsaTAtreYUFDnNtJ4GQ1s5mhlEFpJHpZWKF5 gGuzRQ0Ap4suswv3VUFOxS/aAsrWls9mySyahm0zjhW2iZldcvqZpWQMpOJeBDbP2q+PhJ qWdkAvymXCj6eAungK1VJs4y821eJrrpkA2IcKsP7pcTON2ZMP6dv85ATVGYYrmDAtpR0j C6iPcxze1XDm7N51BsuFB/NEbfaEuLmNVyHjkSy3NPa5ICDuNhJzu6OCzB890A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ9Jl2LqHz1B9D for ; Tue, 09 Jun 2026 00:48:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3937d by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 00:48:50 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 6a1e761dc47d - stable/15 - Makefile.vm: Split error condition List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 6a1e761dc47d36f550393cb90cc0e321c9cfb3fb Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 00:48:50 +0000 Message-Id: <6a2762f2.3937d.285c22c@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=6a1e761dc47d36f550393cb90cc0e321c9cfb3fb commit 6a1e761dc47d36f550393cb90cc0e321c9cfb3fb Author: Ed Maste AuthorDate: 2026-05-05 21:12:25 +0000 Commit: Ed Maste CommitDate: 2026-06-09 00:48:29 +0000 Makefile.vm: Split error condition Make it clear which of two possible cases applies. Reviewed by: cperciva Differential Revision: https://reviews.freebsd.org/D56837 (cherry picked from commit 76d756eaa6823aad282cc53ec4e41a9777d89adc) --- release/Makefile.vm | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/release/Makefile.vm b/release/Makefile.vm index d937783f02fe..8296fc47a477 100644 --- a/release/Makefile.vm +++ b/release/Makefile.vm @@ -99,9 +99,10 @@ QEMUTGT?= .if (defined(WITH_CLOUDWARE) && !empty(WITH_CLOUDWARE)) || \ (defined(WITH_VMIMAGES) && !empty(WITH_VMIMAGES)) -.if (defined(WITHOUT_QEMU) && !defined(NO_ROOT)) || \ - (!defined(WITHOUT_QEMU) && defined(NO_ROOT)) -.error WITHOUT_QEMU requires NO_ROOT (and vice versa) +.if (defined(WITHOUT_QEMU) && !defined(NO_ROOT)) +.error WITHOUT_QEMU requires NO_ROOT +.elif (!defined(WITHOUT_QEMU) && defined(NO_ROOT)) +.error NO_ROOT requires WITHOUT_QEMU .endif .endif From nobody Tue Jun 9 01:01:17 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZ9b63KNbz6h4Gy for ; Tue, 09 Jun 2026 01:01:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZ9b61qQpz3Qgh for ; Tue, 09 Jun 2026 01:01:22 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780966882; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wZueDECu4/zjMt7ObbEMk2ZrtbAhWM2rFRNQEIC7XTg=; b=H3VyOsRmIgbVPh47b2+NvbDwETH9u8omrUkluu6hgyzEQff07WFdftkFGXyUaXeIFRJ2ig tvBYkKOFlsjJBPKqGg4hm8DmUyaKG91t4V1TgHJdJ0lNECvt4l6q5C8d3ZgDaaBbUuiDxP iQbLGMm3dgnUc0jS8bK93s+roatg/fvGJm+KwvwKQec4KGjrNjAKedOER5+k8IRHAsekgN cH+YQXifIc+Ny5R2dFCX+XEAe/FWghwLYV8Uj2Utw/f3/z7SCwNo/lzdo5N9MM1Ijt+1oE mRRm/mxibRS5lpD6aHhd7P4hZlYvdU24pBPyZq3bFzFDn+O/+vnyp12OnJqTNw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780966882; a=rsa-sha256; cv=none; b=pLEJB0fv7kGVabt3TyIZ6B4aCjvj5uisbPt5noq5742R3Vtvs04KZacm6bZXr29nj8pAvd ox7q2hbIr95oNwUFyo8W8TpFefmSipxY0a0T9sO6jrIxgCDm5MEAIJoPbYFxUZAM6Bw1C9 QW5xzwCDh2GyrThwCp7dp7C6y/nYKUXypx7sLehCf0F7rObWMWzmSN3ZQ2Qh5VzHDIaCA6 s+6QsRE4z2g1JZfVLNdHpnoIdN4GLCwFSiTTM1zibcSw00iYRZp6YxpQGH6zXgplAMXtiT FLaDHONt9wKwtP2m4rMFcBU3rOxzbJWhalgy57Ej7iLZB2pmo4o39LXJ1VzZFg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780966882; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wZueDECu4/zjMt7ObbEMk2ZrtbAhWM2rFRNQEIC7XTg=; b=rq5ih2h8nGZTiBG4VPBOvYttCDq8vGTRN1bpHzxKKbSvcWJsF4XgiqjddhxGRa+rmh5OPs gEV/fo6eu9CZdiAWlTfInS1uRr64fRvADOAjU2CLPAGA32P1svb3eyoWsGIpAZqB72F4vO Gqkfd07D1kAxPXU4dE9dbN31eiJ6sP3olx4pCBjNxu8KEatw9wHPtC/tD39zviSQR0NSxT ZiSim+1Ogd2HuMSEpPEdJ61l5M3+qmK9IrV+3lFKHXLa0sOYKhRyaW0EpKh2IZXPxDgDGW Y5NjclnQa+V+nkH+txn99iM2fGS9dfYYgPL58zShkJKP1WK7JhnEdGjK+v4iKw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZ9b60bPLz1BpF for ; Tue, 09 Jun 2026 01:01:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3aa16 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 01:01:17 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Adrian Chadd Subject: git: c3d8aca1d43e - main - net80211: add DEFERRED_WORK.md List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: adrian X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: c3d8aca1d43ee8c569a351b7e1bf2aeb53508b98 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 01:01:17 +0000 Message-Id: <6a2765dd.3aa16.7ebd2a8d@gitrepo.freebsd.org> The branch main has been updated by adrian: URL: https://cgit.FreeBSD.org/src/commit/?id=c3d8aca1d43ee8c569a351b7e1bf2aeb53508b98 commit c3d8aca1d43ee8c569a351b7e1bf2aeb53508b98 Author: Adrian Chadd AuthorDate: 2026-06-09 01:00:36 +0000 Commit: Adrian Chadd CommitDate: 2026-06-09 01:00:36 +0000 net80211: add DEFERRED_WORK.md Describe the ieee80211_task API, why its used and some of its shortcomings. Differential Revision: https://reviews.freebsd.org/D57261 --- sys/net80211/DEFERRED_WORK.md | 180 ++++++++++++++++++++++++++++++++++++++++++ sys/net80211/README.md | 2 +- 2 files changed, 181 insertions(+), 1 deletion(-) diff --git a/sys/net80211/DEFERRED_WORK.md b/sys/net80211/DEFERRED_WORK.md new file mode 100644 index 000000000000..5dac4d7c9cf1 --- /dev/null +++ b/sys/net80211/DEFERRED_WORK.md @@ -0,0 +1,180 @@ +# Deferred work in net80211 + +## Overview + +The work of driving the driver, interface and node state machines is +partially implemented as a set of deferred work tasks which are +serialised on a driver task queue. This way the order of +control plane operations can be guaranteed and work can be done +without complicated lock ordering strategies. + +## Implementation + +The current net80211 implementation uses FreeBSD taskqueues to +provide a place for both net80211 and driver specific state machine +tasks to be serialised into and run. This replaced the bulk +of per-driver taskqueues for state management. + +Each (struct ieee80211com) has an entry (ic_tq) which represents +the state taskqueue. The FreeBSD implementation of taskqueues +requires the caller create, initialise and add their own task +to the queue. + +### net80211 and driver API + +net80211 and drivers have the following API: + +Initialising tasks currently just uses the FreeBSD taskqueue macros: + + * struct task - the FreeBSD taskqueue work item + * TASK_INIT() - initialise a task with state pointer and callback + +Work is handled via two calls: + + * ieee80211_runtask() - will schedule the given task to run + * ieee80211_draintask() - will wait for the given task to complete if scheduled + +Tasks are run in their order they are scheduled. + +In addition, the following functions leverage taskqueues to provide +known good states for certain control plane operations such as +suspend, resume, interface stop, etc: + + * ieee80211_waitfor_parent() - will block the taskqueue and then wait for + (some) pending work to complete. + +Other parts of driver/net80211 code currently calls the taskqueue_* +routines directly on the ic_tq rather than a platform API to +abstract it. + +### Why use this versus mutexes and state variables? + +net80211 has to handle a variety of state changes from a variety of sources. +Here are some examples: + + * userland - (ioctl calls from hostapd/wpa_supplicant, ifconfig, other tools); + * timers - eg a BAR timeout causing A-MPDU TX state to be torn out, + nodes expiring, association / authentication timeouts; + * transmit errors + * received frames - plenty of 802.11 state changes based on received + frames! + * driver input - the driver / firmware itself may trigger state changes + due to packet errors, firmware command success/failure, notifications + about node timeouts, and much more. + +These could all be implemented by holding mutexes whilst state changes +occur, but in a lot of cases there may be other mutexes being held inside +net80211, the ioctl layer, the driver stack, the upper layers of the network +stack and .. well, a variety of other places. This also can lead into +situations where the driver and net80211 end up calling into each other +in circles just to get work done. + +Here's an example - notification of an 802.11n channel width via a call to +ieee80211_update_chw(). + + * This happens when an 802.11 IE is received which indicates the channel + width should change. + * This will end up calling into the 802.11 stack to signal the channel + width change. + * It will also need to call back into the driver to potentially change + the currently configured channel width. + +If this were done without a deferred task, the flow would be driver -> +net80211 -> driver (and then potentially -> net80211 again.) + +Instead, deferring the work addresses a few things: + + * Any locks held across the driver receive path don't matter here, + as the serialising is done via the task queue order, not by + mutexes being held; + * The work is serialised based on the order of received state changes + (ie receving packets A, B and C which cause state changes A, B and + C to be scheduled should result in A, B and C happening in that order); + * There's no recursion from driver -> net80211 -> driver, or net80211 -> + driver -> net80211 (except for some macros/utility calls.) + +### VAP state change handling / ieee80211_new_state() + +The VAP newstate handling is an example of where the current task API +falls short and it would benefit from being more dynamic. + +The older net80211 code had a single task for newstate. Each call +to ieee80211_new_state() to change the VAP state (AUTH, RUN, INIT, etc) +would attempt to update the VAP state via a deferred task. +However if multiple state changes came in quickly, the requested new +state and argument would end up replacing the existing queued one, +and the driver would not see the intermediate state changes. + +This is fine for some - eg back to back channel width changes +can be coalesced into one - but others such as the VAP state +machine should not! + +This changed in FreeBSD-14 / FreeBSD-15 to leverage an array of +newstates to attempt to deal with this happening. ieee80211_new_state_locked() +would request a free slot, and then ieee80211_newstate_cb() would +get the next pending state from the list to handle. + +### Deferred tasks versus data path and control path + +There is no implicit synchronisation between deferred tasks, the control +path and the data path. Deferred tasks can and will run in parallel with +packet transmit and receive and with ioctl / other control paths. + +The goals of task deferral is to serialise these tasks between itself and other +tasks. This has the side effect of happening outside of all the locking +that may be occuring if it were done inline, but it does not preclude +tasks themselves from having to use locks to serialise with the data/control +paths. + +Thus, data path, control path and deferred tasks must still use the +appropriate mutexes to protect any state changes (global, vap, node, etc.) +In most cases it'll be the driver lock (via IEEE80211_LOCK() ), but +it may also involve the node table lock, power save queue lock, etc. + +### net80211 driver tasks + +The following are a list of tasks which are global to the device and +are defined in struct ieee80211com . + + * ic_parent_task - deferred parent processing + * ic_promisc_task - deferred promiscuous configuration change processing + * ic_mcast_task - deferred multicast config/filter processing + * ic_chan_task - deferred global device channel change + * ic_bmiss_task - deferred beacon miss handler + * ic_chw_task - deferred HT channel width (20/40MHz) update processing + * ic_restart_task - deferred device restart + +The following are a list of tasks which are per-VAP and are defined in +struct ieee80211vap . + + * iv_swbmiss_task - deferred per-vap beacon miss processing + * iv_nstate_task (with iv_nstates, iv_nstate_args) - VAP state transition + handling tasks + * iv_wme_task - deferred WME (QoS configuration) update + * iv_slot_task - deferred slot time update + * iv_erp_protmode_task - deferred ERP/11g protection mode update + * iv_preamble_task - deferred 802.11b preamble update + * iv_ht_protmode_update - deferred 802.11n protection mode update + +## Future work + + * There's currently no way to schedule multiple instances of a task + with some state into the taskqueue. Eg, the newstate task used to "miss" + state changes; it now works around this by having an array of newstate task + entries. + + * The task API is very much a thin wrapper around FreeBSD's taskqueue API. + It really should become a platform API which is defined and implemented + in ieee80211_freebsd.[ch]. + + * Tasks are fire and forget. There's currently no way for the submitter + to be called when thas task runs or is canceled; it can only run and + then block via calling drain until its called or cancelled. + + * There's currently no way to suspend transmit and receive handling + around state processing. This is not always desirable for packet + performance and latency reasons but there are cases where this + would be desirable (eg a channel width change would benefit from + stopping and queueing transmit, waiting for the driver to finish + transmitting, then change the channel width and then unblock + transmit to continue.) diff --git a/sys/net80211/README.md b/sys/net80211/README.md index be704185f43f..c47e27a10219 100644 --- a/sys/net80211/README.md +++ b/sys/net80211/README.md @@ -101,7 +101,7 @@ with the protocol definitions. * Debugging - (@ref md_net80211_DEBUG) * Top-level device layout (ieee80211com) * Data / Control Path Overview (@ref md_net80211_DATAPATH_TRANSMIT), (@ref md_net80211_DATAPATH_RECEIVE) - * Deferred work + * Deferred work (@ref md_net80211_DEFERRED_WORK) * Regulatory * Virtual interfaces * Operating Modes From nobody Tue Jun 9 01:38:58 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZBQj280Nz6h7Zs; Tue, 09 Jun 2026 01:39:09 +0000 (UTC) (envelope-from kib@freebsd.org) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZBQh3HP4z3XZ3; Tue, 09 Jun 2026 01:39:08 +0000 (UTC) (envelope-from kib@freebsd.org) Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=fail reason="No valid SPF, No valid DKIM" header.from=freebsd.org (policy=none); spf=softfail (mx1.freebsd.org: 2001:470:d5e7:1::1 is neither permitted nor denied by domain of kib@freebsd.org) smtp.mailfrom=kib@freebsd.org Received: from tom.home (kib@localhost [127.0.0.1] (may be forged)) by kib.kiev.ua (8.18.1/8.18.1) with ESMTP id 6591cwZl098876; Tue, 9 Jun 2026 04:39:01 +0300 (EEST) (envelope-from kib@freebsd.org) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua 6591cwZl098876 Received: (from kostik@localhost) by tom.home (8.18.1/8.18.1/Submit) id 6591cwh8098875; Tue, 9 Jun 2026 04:38:58 +0300 (EEST) (envelope-from kib@freebsd.org) X-Authentication-Warning: tom.home: kostik set sender to kib@freebsd.org using -f Date: Tue, 9 Jun 2026 04:38:58 +0300 From: Konstantin Belousov To: Robert Clausecker Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org, Faraz Vahedi Subject: Re: git: 5f732742ad5b - main - libc: Add free_sized() and free_aligned_sized() as per C23 Message-ID: References: <6a25dc0b.4729a.7f7225a7@gitrepo.freebsd.org> List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <6a25dc0b.4729a.7f7225a7@gitrepo.freebsd.org> X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham autolearn_force=no version=4.0.2 X-Spam-Checker-Version: SpamAssassin 4.0.2 (2025-08-27) on tom.home X-Spamd-Result: default: False [-2.97 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-0.99)[-0.989]; NEURAL_HAM_SHORT(-0.98)[-0.984]; DMARC_POLICY_SOFTFAIL(0.10)[freebsd.org : No valid SPF, No valid DKIM,none]; MIME_GOOD(-0.10)[text/plain]; ARC_NA(0.00)[]; ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US]; HAS_XAW(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEFALL_USER(0.00)[kib]; TO_DN_SOME(0.00)[]; R_SPF_SOFTFAIL(0.00)[~all]; R_DKIM_NA(0.00)[]; MLMMJ_DEST(0.00)[dev-commits-src-all@freebsd.org,dev-commits-src-main@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; MISSING_XM_UA(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCPT_COUNT_FIVE(0.00)[5] X-Spamd-Bar: -- X-Rspamd-Queue-Id: 4gZBQh3HP4z3XZ3 On Sun, Jun 07, 2026 at 09:00:59PM +0000, Robert Clausecker wrote: > The branch main has been updated by fuz: > > URL: https://cgit.FreeBSD.org/src/commit/?id=5f732742ad5b3133a860a8969cf2bd13dc9ac358 > > commit 5f732742ad5b3133a860a8969cf2bd13dc9ac358 > Author: Faraz Vahedi > AuthorDate: 2026-05-16 18:36:17 +0000 > Commit: Robert Clausecker > CommitDate: 2026-06-07 20:59:19 +0000 > > libc: Add free_sized() and free_aligned_sized() as per C23 > > +FBSD_1.9 { > + free_sized; > + free_aligned_sized; > + __free_sized; > + __free_aligned_sized; Why these two symbols (from private C namespace) need to be exported? And then, why they need to be exported in the public version? > +}; From nobody Tue Jun 9 04:26:51 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZG8J3GQtz6hL16 for ; Tue, 09 Jun 2026 04:26:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZG8J2jz5z3r6P for ; Tue, 09 Jun 2026 04:26:56 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780979216; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=x6GN3peRpCP/LnAstqdg5jJYWTg3VEoC2V8ylfcRdok=; b=EVKDnLl3SAZEldQyDCY7/q7gP5n6fCFYigTKk72Vg+Aw/cgIkUtb7uy41YFIJ43XNFI2si Kc3qHAukYiLI3sf18j+tPbQaQrUlFGFklmvOAG1/rII5YyZDwD02m1dvHkTcaZZrq1JAqa Ypv7h6/dOaLjj0PInEWzxBtjir6jLyYmjt/twtsi43NoZ66Td4LI82+aqqTajwanCPiLQv qOLRgeG366HhJ5wg6INxoHa0UBqM2h3t3eJkUikcdzZyq+iY9WZp1uvrpF9nJpM6opSm9f ZBe+dd7dLesQP7kcdvKOuQdk9dNUZymea3uj6gTi6k7AFORQSLvsfVvhV89UoA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780979216; a=rsa-sha256; cv=none; b=nmRZO1mSpWjKdilqJl9HoeTdAnkumzdUw3XS1MqRaY7hANcI9JHIYA4t/lJiAgJv/Cd/H9 3KeAxcrqw/5dQpHikLeiZkvIhFKdI4ErxcQrP1xNdME9VDJEZacnZdAtPpCVEJ/7V0O+J7 4ZY5M1TQPhY3aTjgAnqazb3VHHzO9vrAdub0A6aQX0HzlQYBqxgQDaJIJwi/fh9TBJiS2/ rPOrQksuIeGKK8Q+rjjeCkqWskY58ioV9ooPMXBPdV5fS3Wqp95mhsI0ftONw+C8Pwdzwt EdZJ9dDI+vUqtPBSiYaPcNZy+LTgbdZ+dbSC/kg58mRZveZxZ4E6/GHZ/OjRFQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780979216; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=x6GN3peRpCP/LnAstqdg5jJYWTg3VEoC2V8ylfcRdok=; b=Ebsdy/urBMDjHtf4GVuRAAwmySMTcF39ZoFnKFxFs7cReCi+c4/KfUKImOXO5I3FArVC1o r/BjS6f+TNFBddqWp8V/2Tk16pzgklQSwFQXTjn722rpJidFg3DUpNg77dlgvmQwORHPmu vJrq5CO6M2Em/G0aZ4aPOvF5h3CLlBdYyv6Igiww+UFBxBkZVbI7LCJyIM7nwAdU7zTJX/ 8TvM4Up84Cm0aRs5UUYYtnZUgdjGZknt6KjHCCNIi6jEjWIoBENKvUsAu0JG2IKXAt9i1Y UIf34AM7/eM4Q/znzgGmRu23v5iH8FoTr5kAgJVEItX4sm0JSr1GSazdwXaOWw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZG8J2JxYz42H for ; Tue, 09 Jun 2026 04:26:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 272c1 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 04:26:51 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Adrian Chadd Subject: git: a653fd5560cf - main - net80211: create IEEE80211_KEYBUF_128_SIZE / IEEE80211_MICBUF_128_SIZE List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: adrian X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: a653fd5560cfdd68f634cca7352c56f2cf7e1473 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 04:26:51 +0000 Message-Id: <6a27960b.272c1.2fafbe61@gitrepo.freebsd.org> The branch main has been updated by adrian: URL: https://cgit.FreeBSD.org/src/commit/?id=a653fd5560cfdd68f634cca7352c56f2cf7e1473 commit a653fd5560cfdd68f634cca7352c56f2cf7e1473 Author: Adrian Chadd AuthorDate: 2026-06-09 04:26:07 +0000 Commit: Adrian Chadd CommitDate: 2026-06-09 04:26:07 +0000 net80211: create IEEE80211_KEYBUF_128_SIZE / IEEE80211_MICBUF_128_SIZE The IEEE80211_KEYBUF_SIZE and IEEE80211_MICBUF_SIZE are sprinkled throughout the net80211 stack, ioctl API and drivers. This makes it challenging to (eventually) up IEEE80211_KEYBUF_SIZE to support 256 / 384 bit encryption as, well, it'll break every single driver and the ioctl API in doing so. So as part of this, let's start to separate out the current key/mic buffer size from what drivers and the ioctl layer are using. Drivers especially shouldn't be using these definitions as their key sizes are hardware / firmware API limits, not net80211 limits. Ideally drivers would define their own key buffer / mic buffer sizes and only copy in keys up to that length (and fail keys that are too large) but the current net80211 API isn't there yet. This doesn't yet change what defines / buffer sizes are used in the ioctl layer. I'm going to plan out some subsequent work to separate out those defines and ioctl APIs so they maintain using the 128 bit key/mic buffer sizes and will copy them in/out of any larger net80211 key buffer size in the future. Differential Revision: https://reviews.freebsd.org/D54593 --- sys/dev/ipw/if_ipwreg.h | 2 +- sys/dev/iwi/if_iwireg.h | 4 ++-- sys/dev/malo/if_malo.h | 6 +++--- sys/dev/mwl/if_mwl.c | 4 ++-- sys/dev/ral/rt2560reg.h | 4 ++-- sys/dev/usb/wlan/if_rsureg.h | 4 ++-- sys/dev/usb/wlan/if_rum.c | 4 ++-- sys/dev/usb/wlan/if_rumreg.h | 2 +- sys/dev/wpi/if_wpireg.h | 4 ++-- sys/net80211/ieee80211_crypto.h | 20 ++++++++++++++++++-- sys/net80211/ieee80211_crypto_wep.c | 4 ++-- 11 files changed, 37 insertions(+), 21 deletions(-) diff --git a/sys/dev/ipw/if_ipwreg.h b/sys/dev/ipw/if_ipwreg.h index 05f5939ac597..acb310f22138 100644 --- a/sys/dev/ipw/if_ipwreg.h +++ b/sys/dev/ipw/if_ipwreg.h @@ -168,7 +168,7 @@ struct ipw_hdr { uint8_t encrypt; uint8_t keyidx; uint8_t keysz; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX should be HW specific */ uint8_t reserved[10]; uint8_t src_addr[IEEE80211_ADDR_LEN]; uint8_t dst_addr[IEEE80211_ADDR_LEN]; diff --git a/sys/dev/iwi/if_iwireg.h b/sys/dev/iwi/if_iwireg.h index dd6bb91bfecd..b34867677d12 100644 --- a/sys/dev/iwi/if_iwireg.h +++ b/sys/dev/iwi/if_iwireg.h @@ -341,7 +341,7 @@ struct iwi_tx_desc { #define IWI_DATA_XFLAG_QOS 0x10 uint8_t wep_txkey; - uint8_t wepkey[IEEE80211_KEYBUF_SIZE]; + uint8_t wepkey[IEEE80211_KEYBUF_128_SIZE]; /* XXX hardware specific */ uint8_t rate; uint8_t antenna; uint8_t reserved3[10]; @@ -530,7 +530,7 @@ struct iwi_wep_key { uint8_t seq; uint8_t idx; uint8_t len; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX hardware specific */ } __packed; /* structure for command IWI_CMD_SET_WME_PARAMS */ diff --git a/sys/dev/malo/if_malo.h b/sys/dev/malo/if_malo.h index 05c5bc90c467..008068c99524 100644 --- a/sys/dev/malo/if_malo.h +++ b/sys/dev/malo/if_malo.h @@ -332,9 +332,9 @@ struct malo_cmd_wepkey { uint8_t len; uint8_t flags; uint16_t index; - uint8_t value[IEEE80211_KEYBUF_SIZE]; - uint8_t txmickey[IEEE80211_WEP_MICLEN]; - uint8_t rxmickey[IEEE80211_WEP_MICLEN]; + uint8_t value[IEEE80211_KEYBUF_128_SIZE]; /* XXX hardware */ + uint8_t txmickey[IEEE80211_WEP_MICLEN]; /* XXX hardware */ + uint8_t rxmickey[IEEE80211_WEP_MICLEN]; /* XXX hardware */ uint64_t rxseqctr; uint64_t txseqctr; } __packed; diff --git a/sys/dev/mwl/if_mwl.c b/sys/dev/mwl/if_mwl.c index b7f85e65cfd9..87e2679778db 100644 --- a/sys/dev/mwl/if_mwl.c +++ b/sys/dev/mwl/if_mwl.c @@ -1661,10 +1661,10 @@ _mwl_key_set(struct ieee80211vap *vap, const struct ieee80211_key *k, /* Copy in TKIP MIC after the 16 byte main key */ memcpy(hk.key.aes, ieee80211_crypto_get_key_data(k), ieee80211_crypto_get_key_len(k)); - memcpy(hk.key.aes + IEEE80211_KEYBUF_SIZE, + memcpy(hk.key.aes + IEEE80211_KEYBUF_128_SIZE, ieee80211_crypto_get_key_txmic_data(k), 8); - memcpy(hk.key.aes + IEEE80211_KEYBUF_SIZE + 8, + memcpy(hk.key.aes + IEEE80211_KEYBUF_128_SIZE + 8, ieee80211_crypto_get_key_rxmic_data(k), 8); break; diff --git a/sys/dev/ral/rt2560reg.h b/sys/dev/ral/rt2560reg.h index af95a7626b62..86d6a568dad1 100644 --- a/sys/dev/ral/rt2560reg.h +++ b/sys/dev/ral/rt2560reg.h @@ -224,7 +224,7 @@ struct rt2560_tx_desc { uint8_t plcp_length_hi; uint32_t iv; uint32_t eiv; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX hardware */ uint32_t reserved2[2]; } __packed; @@ -251,7 +251,7 @@ struct rt2560_rx_desc { uint8_t ta[IEEE80211_ADDR_LEN]; uint32_t iv; uint32_t eiv; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX hardware */ uint32_t reserved[2]; } __packed; diff --git a/sys/dev/usb/wlan/if_rsureg.h b/sys/dev/usb/wlan/if_rsureg.h index e2074e1dd2ad..7ac194e6f142 100644 --- a/sys/dev/usb/wlan/if_rsureg.h +++ b/sys/dev/usb/wlan/if_rsureg.h @@ -478,14 +478,14 @@ struct r92s_fw_cmd_set_key { uint8_t cam_id; uint8_t grpkey; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX firmware */ } __packed; /* Structure for R92S_CMD_SET_STA_KEY. */ struct r92s_fw_cmd_set_key_mac { uint8_t macaddr[IEEE80211_ADDR_LEN]; uint8_t algo; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX firmware */ } __packed; /* Structures for R92S_EVENT_SURVEY/R92S_CMD_JOIN_BSS. */ diff --git a/sys/dev/usb/wlan/if_rum.c b/sys/dev/usb/wlan/if_rum.c index 4a4a150146a1..4683267bda25 100644 --- a/sys/dev/usb/wlan/if_rum.c +++ b/sys/dev/usb/wlan/if_rum.c @@ -2867,10 +2867,10 @@ rum_common_key_set(struct rum_softc *sc, struct ieee80211_key *k, return EIO; if (k->wk_cipher->ic_cipher == IEEE80211_CIPHER_TKIP) { - if (rum_write_multi(sc, base + IEEE80211_KEYBUF_SIZE, + if (rum_write_multi(sc, base + IEEE80211_KEYBUF_128_SIZE, ieee80211_crypto_get_key_txmic_data(k), 8)) return EIO; - if (rum_write_multi(sc, base + IEEE80211_KEYBUF_SIZE + 8, + if (rum_write_multi(sc, base + IEEE80211_KEYBUF_128_SIZE + 8, ieee80211_crypto_get_key_rxmic_data(k), 8)) return EIO; } diff --git a/sys/dev/usb/wlan/if_rumreg.h b/sys/dev/usb/wlan/if_rumreg.h index 348a57582859..cc364e95590c 100644 --- a/sys/dev/usb/wlan/if_rumreg.h +++ b/sys/dev/usb/wlan/if_rumreg.h @@ -45,7 +45,7 @@ /* * H/w encryption/decryption support */ -#define KEY_SIZE (IEEE80211_KEYBUF_SIZE + IEEE80211_MICBUF_SIZE) +#define KEY_SIZE (IEEE80211_KEYBUF_128_SIZE + IEEE80211_MICBUF_128_SIZE) #define RT2573_ADDR_MAX 64 #define RT2573_SKEY_MAX 4 diff --git a/sys/dev/wpi/if_wpireg.h b/sys/dev/wpi/if_wpireg.h index 84d25bbeb953..4c6af326329d 100644 --- a/sys/dev/wpi/if_wpireg.h +++ b/sys/dev/wpi/if_wpireg.h @@ -466,7 +466,7 @@ struct wpi_node_info { uint8_t reserved4; uint16_t ttak[5]; uint16_t reserved5; - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX firmware */ uint32_t action; #define WPI_ACTION_SET_RATE (1 << 2) @@ -514,7 +514,7 @@ struct wpi_cmd_data { #define WPI_CIPHER_TKIP 3 #define WPI_CIPHER_WEP104 9 - uint8_t key[IEEE80211_KEYBUF_SIZE]; + uint8_t key[IEEE80211_KEYBUF_128_SIZE]; /* XXX firmware */ uint8_t tkip[IEEE80211_WEP_MICLEN]; uint32_t fnext; #define WPI_NEXT_STA_ID(id) ((id) << 8) diff --git a/sys/net80211/ieee80211_crypto.h b/sys/net80211/ieee80211_crypto.h index 48115da586b5..824983ae4d2d 100644 --- a/sys/net80211/ieee80211_crypto.h +++ b/sys/net80211/ieee80211_crypto.h @@ -31,8 +31,24 @@ /* * 802.11 protocol crypto-related definitions. */ -#define IEEE80211_KEYBUF_SIZE 16 -#define IEEE80211_MICBUF_SIZE (8+8) /* space for both tx+rx keys */ + +/* + * Legacy 128 bit key size storage for WEP, TKIP, CCMP key sizes. + * This has been used to store keys in net80211 for various things + * (eg the rc4key in WEP) as well as driver definitions for their + * own hardware programming. + * + * This should eventually be used by the ioctl and drivers instead of + * IEEE80211_KEYBUF_SIZE as the key size will eventually grow. + */ +#define IEEE80211_KEYBUF_128_SIZE 16 +#define IEEE80211_MICBUF_128_SIZE (8+8) /* space for both tx+rx keys */ + +/* + * Temporary definition whilst I clean up where this is still being used. + */ +#define IEEE80211_KEYBUF_SIZE IEEE80211_KEYBUF_128_SIZE +#define IEEE80211_MICBUF_SIZE IEEE80211_MICBUF_128_SIZE /* * Old WEP-style key. Deprecated. diff --git a/sys/net80211/ieee80211_crypto_wep.c b/sys/net80211/ieee80211_crypto_wep.c index e1b261a0be6f..cf947e559a4f 100644 --- a/sys/net80211/ieee80211_crypto_wep.c +++ b/sys/net80211/ieee80211_crypto_wep.c @@ -348,7 +348,7 @@ wep_encrypt(struct ieee80211_key *key, struct mbuf *m0, int hdrlen) struct wep_ctx *ctx = key->wk_private; struct ieee80211vap *vap = ctx->wc_vap; struct mbuf *m = m0; - uint8_t rc4key[IEEE80211_WEP_IVLEN + IEEE80211_KEYBUF_SIZE]; + uint8_t rc4key[IEEE80211_WEP_IVLEN + IEEE80211_KEYBUF_128_SIZE]; uint8_t icv[IEEE80211_WEP_CRCLEN]; uint32_t i, j, k, crc; size_t buflen, data_len; @@ -431,7 +431,7 @@ wep_decrypt(struct ieee80211_key *key, struct mbuf *m0, int hdrlen) struct wep_ctx *ctx = key->wk_private; struct ieee80211vap *vap = ctx->wc_vap; struct mbuf *m = m0; - uint8_t rc4key[IEEE80211_WEP_IVLEN + IEEE80211_KEYBUF_SIZE]; + uint8_t rc4key[IEEE80211_WEP_IVLEN + IEEE80211_KEYBUF_128_SIZE]; uint8_t icv[IEEE80211_WEP_CRCLEN]; uint32_t i, j, k, crc; size_t buflen, data_len; From nobody Tue Jun 9 04:35:22 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZGL739Zsz6hL9h for ; Tue, 09 Jun 2026 04:35:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZGL72Y3Cz3s9J for ; Tue, 09 Jun 2026 04:35:27 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780979727; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=LCiN/hBY9coRWHdTM01y3EJoABoRCdQ3O1nCkVNCUQI=; b=CWMzrQxyLYs3nXDatUJEoONU5CRMg/xp96NlEkI4hkRuEuKiL8Di3jd2kfdzVhEG7TsniG x2QeDBAFPbBf+y8G8k5cDhGoNlDbZ7J/PIoZASx9RCHWMKz7uE86c0DbYkI2eHvgZKiwP9 xUFU09W/7HpmgUXoL4aBBiauoCCPUqoaHuT7qLB3KRwFXhpl4ZOQGCEUschJHm8jIwAtam RfUeJxQjEcsbqiP4jYAD8QN78ZdkCutpLLXUufxHNkPGXRnyHNSaVlXMlPqUazoHnpGL4q JN+nz80xF52okbQQH/G1EcrY/LyFQL/wIftkqCL9uzKK9I+7HERTQ6wjHkBhnA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780979727; a=rsa-sha256; cv=none; b=lpdU5tuiJEnzot06Im4+Jah12blHa1tjjg/PtwPa5lvaGg9CwSUgeMstLs0kDmSaM8NGw5 SqnozAu09y9mh15Ohrl13hrau2A/ZCOzK43+oEEpBfN/ZhzHlYh0qWbIbApa/MH6+Hv+eW 2k3ozkLj751BJnlSAi7gPpQt2VFq2N4wkBidnoF1DPHBY3zXr4ZdNSnAVRPz3Enje04Au5 tNPt/ElSyJgGO/sUjkR3YMIoD+rJmJYdky1fkgvMxyQCjCBTmBOsjJXYh7AxowJ103EUgC t4p3XAhU8rXPAyhQdXYVJyIzdnVtE/ss3rsOvZ4Ou48V0UoyRiECbGjPs+B5QQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780979727; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=LCiN/hBY9coRWHdTM01y3EJoABoRCdQ3O1nCkVNCUQI=; b=Ev8exe5LXZAe2k/cQxuZx3Eu2JJSCMVSbzj2dEH8lZPaTJCGqimekz10M6quz3x8q2iLdZ 6lKRQ8AJE9CIqwnQVudR/NwlNJmyPNxJoLk2cc0eUCPQX9RglBk6YigMFNEm4IrAo2Fgka aaaToJXSR2LkcebtRxCwQUKXQy08dWG7HGFXelmA9u77+DD/d3ZW6V4KW4oPRjydyMbG24 FKxxV7I7LRbD/UzODcWcKPGzNdGbNe9/W39anPWuv9EQZB+kEOtH0mhR+zxZptUkJeTOxB I4Eq8Mi7ChK4xS8qx4jeWyyzNHdu25MubHr8+UMfZkpR941lSTp3nwv5oO4tLw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZGL71sXxz4T9 for ; Tue, 09 Jun 2026 04:35:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 307e0 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 04:35:22 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Adrian Chadd Subject: git: 62c1865c9aae - main - net80211: delete the deprecated ieee80211_wepkey struct List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: adrian X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 62c1865c9aaef436498c444b460e6ec2fbcaf44d Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 04:35:22 +0000 Message-Id: <6a27980a.307e0.c0488d6@gitrepo.freebsd.org> The branch main has been updated by adrian: URL: https://cgit.FreeBSD.org/src/commit/?id=62c1865c9aaef436498c444b460e6ec2fbcaf44d commit 62c1865c9aaef436498c444b460e6ec2fbcaf44d Author: Adrian Chadd AuthorDate: 2026-06-09 04:27:12 +0000 Commit: Adrian Chadd CommitDate: 2026-06-09 04:27:12 +0000 net80211: delete the deprecated ieee80211_wepkey struct This hasn't been used in a long time, and since I am shuffling around the net80211 crypto API a bunch, let's just delete it instead of leaving it here and trying to figure out how to support it if it's used by userland somehow. Reviewed by: guest-seuros Differential Revision: https://reviews.freebsd.org/D57312 --- sys/net80211/ieee80211_crypto.h | 8 -------- 1 file changed, 8 deletions(-) diff --git a/sys/net80211/ieee80211_crypto.h b/sys/net80211/ieee80211_crypto.h index 824983ae4d2d..9ae91bcaeb5d 100644 --- a/sys/net80211/ieee80211_crypto.h +++ b/sys/net80211/ieee80211_crypto.h @@ -50,14 +50,6 @@ #define IEEE80211_KEYBUF_SIZE IEEE80211_KEYBUF_128_SIZE #define IEEE80211_MICBUF_SIZE IEEE80211_MICBUF_128_SIZE -/* - * Old WEP-style key. Deprecated. - */ -struct ieee80211_wepkey { - u_int wk_len; /* key length in bytes */ - uint8_t wk_key[IEEE80211_KEYBUF_SIZE]; -}; - struct ieee80211_rsnparms { uint8_t rsn_mcastcipher; /* mcast/group cipher */ uint8_t rsn_mcastkeylen; /* mcast key length */ From nobody Tue Jun 9 08:17:45 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZMGd5mzrz6hb3k for ; Tue, 09 Jun 2026 08:17:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZMGd4NyTz3DBr for ; Tue, 09 Jun 2026 08:17:45 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780993065; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZmFNqQ6W2USf4zLUZH4aKK1BBNLNqhtamHqrmtEYDxQ=; b=cHx5IXX4pqtnQjS5NoF/8y0Bi5sO5IDi0aazlRkhC7QNCyxFhz4BTPgWSX9TrL3emlCP1j nrJuKxwx3SDCZvckkQMT49wnAndPEiJV408ipfZl5dLwO8UxLvzgPnNrVG7N4+0zwT5KVM RTt56fd99ZKU/kntGzwXzwwBgeK8+Omf3GTmZJQNQE2REts0slnfDw4Ey29qtjG1gFmUvx WsTpxybisVVYdjUgnFzZWEkb/vaxraBygHQUqyXo6+SXBdT+08t2wh+jiq9L3PC7uv4mXa 0FgVk57XOhfvc/cue4XYM/84KTV4zSxI5V8PdmtJkseh8ky8DtvnKjyFP05zlg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780993065; a=rsa-sha256; cv=none; b=FCve8L8FVkv5Jeh8Fre+bdYa7g81HBJ47Fiz4vQAeXYyDMGI8Kog3LsDQ1mBMvCaxZtcZE Ede4XamcVWuqimt3doAhZ0EmfeUX6tOA2AMIVx3gslIN25p4DBmddFTZJ7abHLTGlQg5ym BILeeuCfk65C+/EsWk3bN3QA0D8QIAdb6rJsnCfSZB2SyiaY5wPUlo7iY968omeXnPzTMm vrPzriCX+SVNA9E71lF5OnNd/IFUY5Q3DPLoNcP7YyN3tFEFn+8G8V9p5xugbnupSYCcRB IHB/xjeJzm53LRnZVQslZ+AMvgdnVuikh85ZidPo9ezmp2vwL10hpes3/jCJyQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780993065; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZmFNqQ6W2USf4zLUZH4aKK1BBNLNqhtamHqrmtEYDxQ=; b=Xkmjyxc+I5f758EP2lHPOescwNwp9n2NFN9CM7hmFAmfKGrlzOzjMVwuRJe8+llMDcvsTB yYl0Rr8FRMd0GNIAzg2xyMRzSh987642nOW5emCnGLjz6+bRMrST/wshomjjV6QtrfELCv h//J9XkAXUlHUrPex9FWmuFsF0bQpVZ11/fzMRHjIbtgEHhyS+o5aFtWF6xhQxey9aj9pL 4kc+u6SswmXssBH+TioUMR4rwFMO1PpITBmQeU6qtb71+wfaAtrE0uRjS+hb5wzwEAYfsL UIPy8Yb0RI8qrXZWhCmfXaTCng+mknIz/E3sfOZCNgQv147W27P0ZzvwbUkU7w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZMGd3zY0z9tm for ; Tue, 09 Jun 2026 08:17:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 47a19 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 08:17:45 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: 6c2ea480cabd - stable/14 - stat: Nits in readlink tests List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 6c2ea480cabd69d25f7b63f610820e296c54f108 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 08:17:45 +0000 Message-Id: <6a27cc29.47a19.704ae589@gitrepo.freebsd.org> The branch stable/14 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=6c2ea480cabd69d25f7b63f610820e296c54f108 commit 6c2ea480cabd69d25f7b63f610820e296c54f108 Author: Dag-Erling Smørgrav AuthorDate: 2026-04-08 11:26:23 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-09 08:10:43 +0000 stat: Nits in readlink tests * The f_flag test may fail if a component of the full path to the temporary directory is a symbolic link. * The n_flag test had an empty head; give it a description. * Use consistent quoting. MFC after: 1 week Sponsored by: Klara, Inc. Reviewed by: kevans Differential Revision: https://reviews.freebsd.org/D56293 (cherry picked from commit 1c793e7cbe2ecded388fd51fb20274891620a6f4) --- usr.bin/stat/tests/readlink_test.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/usr.bin/stat/tests/readlink_test.sh b/usr.bin/stat/tests/readlink_test.sh index d0107e0d655e..8eff21fa7a16 100755 --- a/usr.bin/stat/tests/readlink_test.sh +++ b/usr.bin/stat/tests/readlink_test.sh @@ -33,7 +33,7 @@ basic_head() basic_body() { atf_check ln -s foo bar - atf_check -o inline:'foo\n' readlink bar + atf_check -o inline:"foo\n" readlink bar } atf_test_case f_flag @@ -44,6 +44,7 @@ f_flag_head() } f_flag_body() { + cd "$(realpath "$PWD")" atf_check touch A.file atf_check ln -s nonexistent A.link atf_check -o inline:"nonexistent\n" \ @@ -55,13 +56,15 @@ f_flag_body() atf_test_case n_flag n_flag_head() { + atf_set "descr" "Verify that calling readlink with -n will not emit " \ + "a newline character." } n_flag_body() { atf_check ln -s nonexistent.A A atf_check ln -s nonexistent.B B - atf_check -o 'inline:nonexistent.A\nnonexistent.B\n' readlink A B - atf_check -o 'inline:nonexistent.Anonexistent.B' readlink -n A B + atf_check -o inline:"nonexistent.A\nnonexistent.B\n" readlink A B + atf_check -o inline:"nonexistent.Anonexistent.B" readlink -n A B } atf_init_test_cases() From nobody Tue Jun 9 08:17:46 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZMGf6wwCz6hb3l for ; Tue, 09 Jun 2026 08:17:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZMGf5FN3z3CwB for ; Tue, 09 Jun 2026 08:17:46 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780993066; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=40pxJ+Jw3XFbEjFmipGZou/f4539RkyNoJE64bOokAA=; b=cNgXgvpZpIttWtNOHVysfTht609iRIHdKYg00gcqC2lwJGbOv3AyvGRGeymnNfdLgj598a hFbxKzvWK14aHtZ9xGA2X4p0aKka8NaBUYCtRvCy3zIiMkMzVdNw88o0znshQnq7RoIkof m//KKD8S1A/f+E9J5/5KQj04XqclQlKl0O/U3NdgRcpOWCWhzOClkeRmR9dzE0Gmra/ZLp vKQ/NsX6nq0gvJt9jAKn6DIzWYwcnWsdSyXbT8sw8cIeJeSz5dZwyR4K43ggxiKQHXbaD0 o3bYb4zsIEuMNS2qwRGIe9l+BuSMTe7LiO8SrZ9Nm24S+uUP39550ghxUELxbg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780993066; a=rsa-sha256; cv=none; b=DTfrCcE5sxJCh/YOCRWW1XUT2g6xMr6Cjca76DcsftBu1fwfkTQctzjirLjt3jK+H8ANId eZiYyvDaZU/kLIUcdcyXLwrOpjupTLnKk0FZwPJv/oyRctTZEDgxM1hEAiOF9wV1CXclSX CcOYhBHsCpdI7PQRnfr+QTEieGCidqcJDF72sibq+3fxp6VxH5+by50PZV+8riGjS+Kq7L FgveHghA3lD/3EXtm2CN0dQce8MatXYKOW7Ym97Nn/82U9lt8EbQeoE61rPUlCWR3R1LNx tKAFjH/Ztc2D6X7hJhVHIdJUJwQPTqqaokHBDDy5PqYnEnsD1dAKT7Z/FpoHNw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780993066; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=40pxJ+Jw3XFbEjFmipGZou/f4539RkyNoJE64bOokAA=; b=q5UJlvG/EpAWXjAjnOGc1my0TK4fr6Kz6R04T6b9v38S9VOS/VI8TfS6ecN93LjVHNStez R+g0sCEzgn79mkq3vyF+5Ug6I5oqUXzUnO0y8D3Dx4iF6MOddWTkayHQx3NDnlzXkcmyrE rOzWIManJRfiIqKAZ/EjtxsCPfR+M/Dg0pugZez0gBTpAR6+UHKtBFgsVUci8BG8OBVY6Z mujJdpkEqACkNAKg725/eUQGFH0H/LCJKdSKsvdJuIJby5OvifDkrOce+eUUS2A+z1cFqY rSZwa72TjYSw/pwrEmz31p3Fhbbg8RfMmjdXgR+7sJ+sDQB9YPeAWuj/OErdhw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZMGf4r8jzBBF for ; Tue, 09 Jun 2026 08:17:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 47c83 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 08:17:46 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: 7062e428a627 - stable/14 - stat: Nits in stat tests List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 7062e428a6275d8624d27d4608424f6968d7e0f3 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 08:17:46 +0000 Message-Id: <6a27cc2a.47c83.1e62780c@gitrepo.freebsd.org> The branch stable/14 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=7062e428a6275d8624d27d4608424f6968d7e0f3 commit 7062e428a6275d8624d27d4608424f6968d7e0f3 Author: Dag-Erling Smørgrav AuthorDate: 2026-04-08 15:35:35 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-09 08:10:44 +0000 stat: Nits in stat tests * Use ourselves as test file instead of /COPYRIGHT, which may or may not be present in the test environment. * atf-check understands \n in strings, use it. * Some file systems don't like creating small holes, so create large ones instead. This means we need two variables: ps (page size) is the minimum size of a data region and the alignment for a hole, while hs (hole size) is the minimum size of the holes we create. This makes no difference on FreeBSD but makes it easier to port the test to other platforms. MFC after: 1 week Sponsored by: Klara, Inc. Reviewed by: kevans Differential Revision: https://reviews.freebsd.org/D56304 (cherry picked from commit 8cbd3949297d56e3960dcde73bd7e2277ac4bee8) --- usr.bin/stat/tests/stat_test.sh | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/usr.bin/stat/tests/stat_test.sh b/usr.bin/stat/tests/stat_test.sh index afe698575034..6043686396be 100755 --- a/usr.bin/stat/tests/stat_test.sh +++ b/usr.bin/stat/tests/stat_test.sh @@ -54,6 +54,7 @@ h_flag_head() } h_flag_body() { + file=$(realpath $0) # POSIX defines a hole as “[a] contiguous region of bytes # within a file, all having the value of zero” and requires # that “all seekable files shall have a virtual hole starting @@ -82,27 +83,27 @@ h_flag_body() atf_check -o inline:"$((ps)) .\n" stat -h . atf_check -o inline:"$((ps)) ." stat -hn . - # For a file, prints a list of holes. + # For a file, prints a list of holes. Some file systems don't + # like creating small holes, so we create large ones instead. + hs=$((16*1024*1024)) atf_check truncate -s 0 foo atf_check -o inline:"0 foo" \ stat -hn foo - atf_check truncate -s "$((ps))" foo - atf_check -o inline:"0-$((ps-1)) foo" \ + atf_check truncate -s "$((hs))" foo + atf_check -o inline:"0-$((hs-1)) foo" \ stat -hn foo - atf_check dd status=none if=/COPYRIGHT of=foo \ - oseek="$((ps))" bs=1 count=1 - atf_check -o inline:"0-$((ps-1)),$((ps+1)) foo" \ + atf_check dd status=none if="${file}" of=foo \ + oseek="$((hs))" bs=1 count=1 + atf_check -o inline:"0-$((hs-1)),$((hs+1)) foo" \ stat -hn foo - atf_check truncate -s "$((ps*3))" foo - atf_check -o inline:"0-$((ps-1)),$((ps*2))-$((ps*3-1)) foo" \ + atf_check truncate -s "$((hs*3))" foo + atf_check -o inline:"0-$((hs-1)),$((hs+ps))-$((hs*3-1)) foo" \ stat -hn foo # Test multiple files. - atf_check dd status=none if=/COPYRIGHT of=bar + atf_check dd status=none if="${file}" of=bar sz=$(stat -f%z bar) - atf_check -o inline:"0-$((ps-1)),$((ps*2))-$((ps*3-1)) foo -$((sz)) bar -" \ + atf_check -o inline:"0-$((hs-1)),$((hs+ps))-$((hs*3-1)) foo\n$((sz)) bar\n" \ stat -h foo bar # For a device, fail. From nobody Tue Jun 9 08:17:47 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZMGj0nZmz6hZy8 for ; Tue, 09 Jun 2026 08:17:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZMGh43jZz3DL4 for ; Tue, 09 Jun 2026 08:17:48 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780993068; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Q+pB2ThaumztUmDPPLyc3WfSnuLc3Y08eEZ+KEVAf1c=; b=ezLyYEpTZh2zRYFbl/sa1jQM1fxOjMUukL9mZR1Rwuj5W255g31tqa+uNGQK5aMROj5e6m n8Z+szZcX5bTUY7cgDmjK6pdmu143TocZwfjE5rsxY+DcSdHJgkrrun4QfyK2aad9YuaN0 IWR6qoT2jPYPDgjLkx6jMXu0ceovOngUm9gKl035cIlp1MPVPOmh4G6EsLznj+ECkAIkAc Jm62HJZiQt/fH52+pLroXoGzP44Hw3ICDWqjfBEkU5iF9UWj6YEExXm7rGc/ko8+C2KX6c FdnIiymotoh2FZnSLNU5o4gO2o1zKQ1duw9EoI0nfxE+EcvjJ0vthBXY/fwcoQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780993068; a=rsa-sha256; cv=none; b=XHczWKRjRKnZghLJk6D4nq/I9BU3UGAsi/mXCeScfT7bc6/m/3ARMVCS1DrptxxUPg2sTg V0sut6Xh3oGnJyRXL4PEnSK1vg4ei4W41Uavdkz/jikrdA94qyaADxKqfbi9XT8u/y9r0X PNzfse2AbsS+6UrdSEi80+X4nY1m2BBBwFydT+oGXbwfjaUYPEM0900ZdMYE3ttsHUxkGi H9dJ/VX++xHStCv8pJRVTgFywffLpu94YMVH7pbxbO7YamNX3HrZ9EH9iWx8pi6INqJPPZ xr4pYOkKsHy9s2FIvfaOolCZzz/bGMo9jNe2PIeraOGd0NDY8TgCIQf7rBZC1w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780993068; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Q+pB2ThaumztUmDPPLyc3WfSnuLc3Y08eEZ+KEVAf1c=; b=QeGekHSeYaQ6a0pDY0ibKPLZ9w6Tj3R/sY8My7G6Wy6tmMT5d487rayQr1GCkngpaJVrmQ +YV5lPylLyHNTAwul8kMyVkj9KIxySyiob3C8omNdWqnNuDPZljS3ujwS+shmflDGQVju0 yXvGZ6mQRzVEyzLfSI0EV+rj8WprLF9qQ3tb+t+sER7x+PA8uG5JgIlAs6GBZpepGbOBOY //bjlPRKqhntpW+uVZHdkTteaPk73Ga6jVfBHK7C2vp4+0kjzzPepuSgLbyYMScb7xS8dV PQqzTRSv6pGTX8K0txVA/mLXUuvWpHc1hN2af5Wdob1PL/Dt0K3RgmGLpCGP8Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZMGg5gJPzBQ7 for ; Tue, 09 Jun 2026 08:17:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 4799d by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 08:17:47 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Kyle Evans From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: 233ece107da0 - stable/14 - stat: fix use of devname(3) List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 233ece107da0628cc6fbf7f4a8940f1d5eb52d72 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 08:17:47 +0000 Message-Id: <6a27cc2b.4799d.54f1447a@gitrepo.freebsd.org> The branch stable/14 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=233ece107da0628cc6fbf7f4a8940f1d5eb52d72 commit 233ece107da0628cc6fbf7f4a8940f1d5eb52d72 Author: Kyle Evans AuthorDate: 2026-05-01 03:00:26 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-09 08:12:23 +0000 stat: fix use of devname(3) Besides being a little hard to parse through visually, this had its own bug of inspecting st->st_mode to determine what to pass to devname(3), which is only correct for st_rdev. For st_dev, you're likely to be looking at files or directories and attempting to assess what device they're located on, so the mode is meaningless- we just have to assume that our filesystems are on character devices and attempt to resolve st_dev as such. Reviewed by: des, kib (previous version) Differential Revision: https://reviews.freebsd.org/D56565 (cherry picked from commit 4d4acdbfc22c84081037f31cff4fb03d18373036) stat: The devname test case requires root Fixes: 4d4acdbfc22c ("stat: fix use of devname(3)") (cherry picked from commit 72b1aae09bf0bcc01c76df757699e27ad7cf7ecc) stat: Set the timezone before testing -t flag The test assumes UTC, which is what I use on my development systems and clearly what is used on our CI runners. MFC after: 1 week Sponsored by: Klara, Inc. Reviewed by: kevans Differential Revision: https://reviews.freebsd.org/D56836 (cherry picked from commit 49e496d2776870fb36ed8ea4c8139b5eb9f7f747) stat: Expand devname test case Test what happens when we ask for the rdev of a non-device. MFC after: 1 week Sponsored by: Klara, Inc. Reviewed by: kevans Differential Revision: https://reviews.freebsd.org/D56838 (cherry picked from commit 2c88636e0e7a0316d5e6d146874bdb2751f75c40) --- usr.bin/stat/stat.c | 14 +++++++++++--- usr.bin/stat/tests/stat_test.sh | 40 ++++++++++++++++++++++++++++++++++++++-- 2 files changed, 49 insertions(+), 5 deletions(-) diff --git a/usr.bin/stat/stat.c b/usr.bin/stat/stat.c index 9c693a124f9a..d98447b78d18 100644 --- a/usr.bin/stat/stat.c +++ b/usr.bin/stat/stat.c @@ -650,6 +650,7 @@ format1(const struct stat *st, struct timespec ts; struct tm *tm; int l, small, formats; + mode_t dtype; tsp = NULL; formats = 0; @@ -665,9 +666,16 @@ format1(const struct stat *st, small = (sizeof(st->st_dev) == 4); data = (what == SHOW_st_dev) ? st->st_dev : st->st_rdev; #if HAVE_DEVNAME - sdata = devname(what == SHOW_st_dev ? st->st_dev : - st->st_rdev, S_ISCHR(st->st_mode) ? S_IFCHR : - (S_ISBLK(st->st_mode) ? S_IFBLK : 0)); + switch (what) { + case SHOW_st_dev: + dtype = S_IFCHR; + break; + case SHOW_st_rdev: + dtype = st->st_mode & (S_IFCHR | S_IFBLK); + break; + } + + sdata = devname(data, dtype); #endif /* HAVE_DEVNAME */ if (hilo == HIGH_PIECE) { data = major(data); diff --git a/usr.bin/stat/tests/stat_test.sh b/usr.bin/stat/tests/stat_test.sh index 6043686396be..aa8563c62ccc 100755 --- a/usr.bin/stat/tests/stat_test.sh +++ b/usr.bin/stat/tests/stat_test.sh @@ -1,7 +1,7 @@ # # Copyright (c) 2017 Dell EMC # All rights reserved. -# Copyright (c) 2025 Klara, Inc. +# Copyright (c) 2025-2026 Klara, Inc. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -25,6 +25,9 @@ # SUCH DAMAGE. # +: ${CHKPATH:="mnt"} +: ${NODEV:="#NODEV"} + atf_test_case F_flag F_flag_head() { @@ -232,9 +235,9 @@ t_flag_head() { atf_set "descr" "Verify the output format for -t" } - t_flag_body() { + export TZ=UTC atf_check touch foo atf_check touch -d 1970-01-01T00:00:42 foo atf_check -o inline:'42\n' \ @@ -301,6 +304,38 @@ x_flag_body() done } +atf_test_case devname cleanup +devname_head() +{ + atf_set "descr" "Verify that %Sd outputs a device name" + atf_set "require.user" "root" +} +devname_body() +{ + local devname devpath + + atf_check -o save:dev mdconfig -t malloc -s 16M + read devname < dev + devpath="/dev/$devname" + atf_check -o not-empty newfs "$devpath" + + atf_check mkdir "$CHKPATH" + atf_check mount "$devpath" "$CHKPATH" + + atf_check -o inline:"$devname\n" stat -f '%Sd' "$CHKPATH" + atf_check -o inline:"$devname\n" stat -f '%Sr' "$devpath" + atf_check -o inline:"$NODEV\n" stat -f '%Sr' "$CHKPATH" +} +devname_cleanup() +{ + if [ -d "$CHKPATH" ]; then + umount "$CHKPATH" || true + fi + if [ -f dev ]; then + mdconfig -d -u $(cat dev) || true + fi +} + atf_init_test_cases() { atf_add_test_case F_flag @@ -315,4 +350,5 @@ atf_init_test_cases() atf_add_test_case s_flag atf_add_test_case t_flag atf_add_test_case x_flag + atf_add_test_case devname } From nobody Tue Jun 9 08:17:44 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZMGk2M0mz6hb65 for ; Tue, 09 Jun 2026 08:17:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZMGj5vdnz3DCP for ; Tue, 09 Jun 2026 08:17:49 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780993069; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SJK4R2FsNnWOG5AVIS2YvOxwpnT07kJhz7hfrDoR9qY=; b=tWfpCsemQ4/YTjS5LTMUsyS1i+oI5j8ufTV95oV6yaKpQt9McqHLzMISpnake6qDFYgGXd tB7M6ortOV7Daq0jri/V/WgaYhxLUj1/s+nYTarw2rc3KsA4vKTKuYi9ggqGCKSYJwvKyC GNG9WF74fpqnsSDSYZHbUbbmASam4ZfbchAxdaLDqoADIxJT/kzowijJrmrG5lfxLt4uf7 2r77MNejCizWRdUCDB1a+MDckzKoSo5/fIps+rwgvlimcia0kGQ5koYv8MJau/6/xg3tnb JzERgd9t86I09V5ERTxOYHKSUrCQQVRKayGYVWVMfvEEo9StSXSVnOHtJcT9Sw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780993069; a=rsa-sha256; cv=none; b=xbX6vG47gyWnuJ6TZk1d0ejW+wDmQ8fLOzekNRSm1wepowvysIZtQZ3MorRznOKdnqC+c0 baV+9dq+YlAIBCEK1/xvv9xC93qfwEF3X24+wxmRd3KRea+4EURnBiXTFeukdVZ5LA0/6W FfQZOD2jUE4RQfKFEA9fbJZt8GR3GIx5i0TCjqmyE1o732ojr3m67Lbs2O++ka99IzJMQK TKMNLTRCuM5lAwSUQ35Pe2TB/FrNqeNayEiXCPIRhnJwg1h+lg57gpxFWSTJ0BzL1/hStJ iVkch+11Yx3OPwcDGSh1Y94YNLpIFcjVsfVEAz32VZPJrkkbwMh/S2ACnYEpGw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780993069; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SJK4R2FsNnWOG5AVIS2YvOxwpnT07kJhz7hfrDoR9qY=; b=EAv3hZejnbJI1wlccio/qUXcy0zSm+8O9cqbIO7uijhp5Xg+F+TWeUD2aLJSvYpnYT9rC1 RYkQLBYCu9k7KrfMlNlA0Ur4406iEauB5SsgJm88FLFzh8biKOMw+6mf8G6bVIMK8rXfS2 /Is4b2tgDv0yh2fHbh2kvbVcoczXD7Xt2f7n8fRzD0hjRJfKHmG4YCKlwXlLWWVFOcyfJ9 vE8VwwOM6iD1YAnfyT5jpNgZlnDyvXBMtrZj2un1uDx3ga2fEiXJu/d18LH395ZGLjER+B kOToiQYQqsQ5g+KIsn4tywztjVEtGYCIfAFgRr8P3OjBnjCyS48x0uOiiLlLFw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZMGj5M9vzBBJ for ; Tue, 09 Jun 2026 08:17:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 47e28 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 08:17:44 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: 12f8971ee6b6 - stable/14 - stat: Add option to list holes List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 12f8971ee6b60ecdbfae2ff1f1b936f27d573880 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 08:17:44 +0000 Message-Id: <6a27cc28.47e28.4bd23b4@gitrepo.freebsd.org> The branch stable/14 has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=12f8971ee6b60ecdbfae2ff1f1b936f27d573880 commit 12f8971ee6b60ecdbfae2ff1f1b936f27d573880 Author: Dag-Erling Smørgrav AuthorDate: 2025-09-16 13:37:57 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-09 08:10:43 +0000 stat: Add option to list holes Add a new -h option that causes stat to print a list of holes for each file argument. Sponsored by: Klara, Inc. Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D52481 (cherry picked from commit 1a7a067da456f8962ef87bfdf75c94cd12988615) --- usr.bin/stat/stat.1 | 45 +++++++++- usr.bin/stat/stat.c | 176 ++++++++++++++++++++++++++++++---------- usr.bin/stat/tests/stat_test.sh | 72 ++++++++++++++++ 3 files changed, 250 insertions(+), 43 deletions(-) diff --git a/usr.bin/stat/stat.1 b/usr.bin/stat/stat.1 index 2996781fafa6..55e64de0767e 100644 --- a/usr.bin/stat/stat.1 +++ b/usr.bin/stat/stat.1 @@ -6,6 +6,8 @@ .\" This code is derived from software contributed to The NetBSD Foundation .\" by Andrew Brown and Jan Schaumann. .\" +.\" Copyright (c) 2025 Klara, Inc. +.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -27,7 +29,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd June 22, 2017 +.Dd September 9, 2025 .Dt STAT 1 .Os .Sh NAME @@ -36,7 +38,7 @@ .Nd display file status .Sh SYNOPSIS .Nm -.Op Fl FHLnq +.Op Fl FHhLnq .Op Fl f Ar format | Fl l | r | s | x .Op Fl t Ar timefmt .Op Ar @@ -129,6 +131,45 @@ and use instead of .Xr lstat 2 . This requires root privileges. +.It Fl h +For each file argument, print a line consisting of a comma-separated +list of holes, a space, and the file name. +Each hole is reported as its starting offset as a decimal number +followed by a hyphen and the ending offset (one less than the starting +offset of the data region that follows the hole) as a decimal number. +If the file ends in a hole, the ending offset of the final hole will +be one less than the size of the file. +Otherwise, the final entry in the list (indeed, the only entry in the +list, if the file is not sparse), is a single decimal number +corresponding to the size of the file, representing the virtual hole +at the end of the file. +.Pp +If the argument is a directory, instead of a list of holes, a single +number is printed, corresponding to the minimum hole size for that +directory as reported by +.Xr pathconf 2 , +followed by a space and the directory name. +.Pp +Please note that the only way to retrieve information about the holes +in a file is to open it and walk the list of holes and data regions +using +.Xr lseek 2 . +If the file is being modified by another process at the same time as +.Nm +is inspecting it, the result may be inconsistent. +.Pp +This option cannot be combined with the +.Fl F , +.Fl f , +.Fl H , +.Fl L , +.Fl l , +.Fl r , +.Fl s , +.Fl t , +or +.Fl x +options. .It Fl L Use .Xr stat 2 diff --git a/usr.bin/stat/stat.c b/usr.bin/stat/stat.c index 720069db3195..9c693a124f9a 100644 --- a/usr.bin/stat/stat.c +++ b/usr.bin/stat/stat.c @@ -7,6 +7,8 @@ * This code is derived from software contributed to The NetBSD Foundation * by Andrew Brown. * + * Copyright (c) 2025 Klara, Inc. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -47,18 +49,19 @@ __RCSID("$NetBSD: stat.c,v 1.33 2011/01/15 22:54:10 njoly Exp $" #endif /* HAVE_CONFIG_H */ #include -#include #include #include #include #include #include +#include #include #include #include #include #include +#include #include #include #include @@ -178,22 +181,24 @@ __RCSID("$NetBSD: stat.c,v 1.33 2011/01/15 22:54:10 njoly Exp $" #define SHOW_filename 'N' #define SHOW_sizerdev 'Z' -void usage(const char *); -void output(const struct stat *, const char *, - const char *, int, int); -int format1(const struct stat *, /* stat info */ +static void usage(const char *); +static void output(const struct stat *, const char *, const char *, int); +static int format1(const struct stat *, /* stat info */ const char *, /* the file name */ const char *, int, /* the format string itself */ char *, size_t, /* a place to put the output */ int, int, int, int, /* the parsed format */ int, int); -int hex2byte(const char [2]); +static int hex2byte(const char [2]); #if HAVE_STRUCT_STAT_ST_FLAGS -char *xfflagstostr(unsigned long); +static char *xfflagstostr(unsigned long); #endif +static int fdlistholes(int, const char *); +static int listholes(const char *); static const char *timefmt; static int linkfail; +static bool nonl; #define addchar(s, c, nl) \ do { \ @@ -205,20 +210,22 @@ int main(int argc, char *argv[]) { struct stat st; - int ch, rc, errs, am_readlink; - int lsF, fmtchar, usestat, nfs_handle, fn, nonl, quiet; - const char *statfmt, *options, *synopsis; char dname[sizeof _PATH_DEV + SPECNAMELEN] = _PATH_DEV; - fhandle_t fhnd; + const char *statfmt, *options, *synopsis; const char *file; + fhandle_t fhnd; + int ch, rc, errs, am_readlink, fn, fmtchar; + bool lsF, holes, usestat, nfs_handle, quiet; am_readlink = 0; - lsF = 0; + errs = 0; + lsF = false; fmtchar = '\0'; - usestat = 0; - nfs_handle = 0; - nonl = 0; - quiet = 0; + holes = false; + usestat = false; + nfs_handle = false; + nonl = false; + quiet = false; linkfail = 0; statfmt = NULL; timefmt = NULL; @@ -231,28 +238,35 @@ main(int argc, char *argv[]) fmtchar = 'f'; quiet = 1; } else { - options = "f:FHlLnqrst:x"; - synopsis = "[-FLnq] [-f format | -l | -r | -s | -x] " + options = "Ff:HhLlnqrst:x"; + synopsis = "[-FHhLnq] [-f format | -l | -r | -s | -x] " "[-t timefmt] [file|handle ...]"; } while ((ch = getopt(argc, argv, options)) != -1) switch (ch) { case 'F': - lsF = 1; + lsF = true; break; case 'H': - nfs_handle = 1; + nfs_handle = true; + break; + case 'h': + holes = true; break; case 'L': - usestat = 1; + usestat = true; break; case 'n': - nonl = 1; + nonl = true; + break; + case 't': + timefmt = optarg; break; case 'q': - quiet = 1; + quiet = true; break; + /* remaining cases are purposefully out of order */ case 'f': if (am_readlink) { statfmt = "%R"; @@ -269,9 +283,6 @@ main(int argc, char *argv[]) fmtchar, ch); fmtchar = ch; break; - case 't': - timefmt = optarg; - break; default: usage(synopsis); } @@ -280,6 +291,28 @@ main(int argc, char *argv[]) argv += optind; fn = 1; + if (holes) { + if (fmtchar || lsF || nfs_handle || usestat || timefmt) + usage(synopsis); + if (argc > 0) { + while (argc-- > 0) { + if (listholes(*argv) != 0) { + if (!quiet) + warn("%s", *argv); + errs++; + } + argv++; + } + } else { + if (fdlistholes(STDIN_FILENO, "stdin") != 0) { + if (!quiet) + warn("stdin"); + errs++; + } + } + exit(errs ? 1 : 0); + } + if (fmtchar == '\0') { if (lsF) fmtchar = 'l'; @@ -318,7 +351,6 @@ main(int argc, char *argv[]) if (timefmt == NULL) timefmt = TIME_FORMAT; - errs = 0; do { if (argc == 0) { if (fdevname_r(STDIN_FILENO, dname + @@ -361,8 +393,7 @@ main(int argc, char *argv[]) errno == ENOENT && (rc = lstat(file, &st)) == -1) errno = ENOENT; - } - else + } else rc = lstat(file, &st); } @@ -371,9 +402,8 @@ main(int argc, char *argv[]) linkfail = 1; if (!quiet) warn("%s", file); - } - else - output(&st, file, statfmt, fn, nonl); + } else + output(&st, file, statfmt, fn); argv++; argc--; @@ -387,7 +417,7 @@ main(int argc, char *argv[]) /* * fflagstostr() wrapper that leaks only once */ -char * +static char * xfflagstostr(unsigned long fflags) { static char *str = NULL; @@ -402,10 +432,9 @@ xfflagstostr(unsigned long fflags) } #endif /* HAVE_STRUCT_STAT_ST_FLAGS */ -void +static void usage(const char *synopsis) { - (void)fprintf(stderr, "usage: %s %s\n", getprogname(), synopsis); exit(1); } @@ -413,9 +442,8 @@ usage(const char *synopsis) /* * Parses a format string. */ -void -output(const struct stat *st, const char *file, - const char *statfmt, int fn, int nonl) +static void +output(const struct stat *st, const char *file, const char *statfmt, int fn) { int flags, size, prec, ofmt, hilo, what; char buf[PATH_MAX + 4 + 1]; @@ -606,7 +634,7 @@ output(const struct stat *st, const char *file, /* * Arranges output according to a single parsed format substring. */ -int +static int format1(const struct stat *st, const char *file, const char *fmt, int flen, @@ -1073,7 +1101,7 @@ format1(const struct stat *st, (void)strcat(lfmt, "ll"); switch (ofmt) { case FMTF_DECIMAL: (void)strcat(lfmt, "d"); break; - case FMTF_OCTAL: (void)strcat(lfmt, "o"); break; + case FMTF_OCTAL: (void)strcat(lfmt, "o"); break; case FMTF_UNSIGNED: (void)strcat(lfmt, "u"); break; case FMTF_HEX: (void)strcat(lfmt, "x"); break; } @@ -1083,9 +1111,75 @@ format1(const struct stat *st, #define hex2nibble(c) (c <= '9' ? c - '0' : toupper(c) - 'A' + 10) -int +static int hex2byte(const char c[2]) { if (!(ishexnumber(c[0]) && ishexnumber(c[1]))) return -1; return (hex2nibble(c[0]) << 4) + hex2nibble(c[1]); } + +static int +fdlistholes(int fd, const char *fn) +{ + struct stat sb; + off_t pos = 0, off; + long l; + + if (fstat(fd, &sb) < 0) + return (-1); + if (S_ISDIR(sb.st_mode)) { + if ((l = fpathconf(fd, _PC_MIN_HOLE_SIZE)) < 0) + return (-1); + printf("%ld", l); + } else if (!S_ISREG(sb.st_mode)) { + errno = ESPIPE; + return (-1); + } else { + for (;;) { + if ((off = lseek(fd, pos, SEEK_HOLE)) < 0) { + if (errno != ENXIO) + return (-1); + /* + * This can only happen if the file was + * truncated while we were scanning it, or + * on the initial seek if the file is + * empty. Report the virtual hole at the + * end of the file at this position. + */ + off = pos; + } + printf("%jd", (intmax_t)off); + pos = off; + if ((off = lseek(fd, pos, SEEK_DATA)) < 0) { + if (errno != ENXIO) + return (-1); + /* + * There are no more data regions in the + * file, or it got truncated. However, we + * may not be at the end yet. + */ + if ((off = lseek(fd, 0, SEEK_END)) > pos) + printf("-%jd", (intmax_t)off - 1); + break; + } + printf("-%jd,", (intmax_t)off - 1); + pos = off; + } + } + printf(" %s", fn); + if (!nonl) + printf("\n"); + return (0); +} + +static int +listholes(const char *fn) +{ + int fd, ret; + + if ((fd = open(fn, O_RDONLY)) < 0) + return (-1); + ret = fdlistholes(fd, fn); + close(fd); + return (ret); +} diff --git a/usr.bin/stat/tests/stat_test.sh b/usr.bin/stat/tests/stat_test.sh index e75fd0c56490..afe698575034 100755 --- a/usr.bin/stat/tests/stat_test.sh +++ b/usr.bin/stat/tests/stat_test.sh @@ -1,6 +1,7 @@ # # Copyright (c) 2017 Dell EMC # All rights reserved. +# Copyright (c) 2025 Klara, Inc. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions @@ -45,6 +46,76 @@ F_flag_body() atf_check -o match:'.* f\|' stat -Fn f } +atf_test_case h_flag cleanup +h_flag_head() +{ + atf_set "descr" "Verify the output format for -h" + atf_set "require.user" "root" +} +h_flag_body() +{ + # POSIX defines a hole as “[a] contiguous region of bytes + # within a file, all having the value of zero” and requires + # that “all seekable files shall have a virtual hole starting + # at the current size of the file” but says “it is up to the + # implementation to define when sparse files can be created + # and with what granularity for the size of holes”. It also + # defines a sparse file as “[a] file that contains more holes + # than just the virtual hole at the end of the file”. That's + # pretty much the extent of its discussion of holes, apart + # from the description of SEEK_HOLE and SEEK_DATA in the lseek + # manual page. In other words, there is no portable way to + # reliably create a hole in a file on any given file system. + # + # On FreeBSD, this test is likely to run on either tmpfs, ufs + # (ffs2), or zfs. Of those three, only tmpfs has predictable + # semantics and supports all possible configurations (the + # minimum hole size on zfs is variable for small files, and + # ufs will not allow a file to end in a hole). + atf_check mkdir mnt + atf_check mount -t tmpfs tmpfs mnt + cd mnt + + # For a directory, prints the minimum hole size, which on + # tmpfs is the system page size. + ps=$(sysctl -n hw.pagesize) + atf_check -o inline:"$((ps)) .\n" stat -h . + atf_check -o inline:"$((ps)) ." stat -hn . + + # For a file, prints a list of holes. + atf_check truncate -s 0 foo + atf_check -o inline:"0 foo" \ + stat -hn foo + atf_check truncate -s "$((ps))" foo + atf_check -o inline:"0-$((ps-1)) foo" \ + stat -hn foo + atf_check dd status=none if=/COPYRIGHT of=foo \ + oseek="$((ps))" bs=1 count=1 + atf_check -o inline:"0-$((ps-1)),$((ps+1)) foo" \ + stat -hn foo + atf_check truncate -s "$((ps*3))" foo + atf_check -o inline:"0-$((ps-1)),$((ps*2))-$((ps*3-1)) foo" \ + stat -hn foo + + # Test multiple files. + atf_check dd status=none if=/COPYRIGHT of=bar + sz=$(stat -f%z bar) + atf_check -o inline:"0-$((ps-1)),$((ps*2))-$((ps*3-1)) foo +$((sz)) bar +" \ + stat -h foo bar + + # For a device, fail. + atf_check -s exit:1 -e match:"/dev/null: Illegal seek" \ + stat -h /dev/null +} +h_flag_cleanup() +{ + if [ -d mnt ]; then + umount mnt || true + fi +} + atf_test_case l_flag l_flag_head() { @@ -233,6 +304,7 @@ atf_init_test_cases() { atf_add_test_case F_flag #atf_add_test_case H_flag + atf_add_test_case h_flag #atf_add_test_case L_flag #atf_add_test_case f_flag atf_add_test_case l_flag From nobody Tue Jun 9 08:41:10 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZMnl4F17z6hcjH for ; Tue, 09 Jun 2026 08:41:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZMnl3YBVz3JDh for ; Tue, 09 Jun 2026 08:41:15 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780994475; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=NmVEyKQBgJXSjqbzW7oB27hVTaR8Almpak1wQ3RElc8=; b=DKFhIctNYlKcGJy+ZgGpok45RvI7By4kEv+ZjvRTo1t8kCHbL8TLAjo8ofvfiQOQz0fXfn gEiuFCYrQQj8ThsRU3DGNe0MzNtm6EAxdXPEp/FQpJMWDsw6qyMrMwnIuHrN9KpsMZDO0P WAxy+bipZ+H/VfPNstKD+9QptMRIeR4Zuf4DqbZUNol9vdsOz6nYOhpHVyL114x8bEP8Rp TGGccq02sJv59pOJ/ziT3/1LIn9TdmDMGbTWzPEwwh5KXzLjk4pfSwjrTPBaMQy+3l8lfl 8X6pkD7FHSDDQU1pHo6Mtvk+RqZe50aQ74DSwACtc614dy7kZI8EPwUybDu/Cg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1780994475; a=rsa-sha256; cv=none; b=uED/+rFauqZWBSUoH1whY0WResSzxq+fBezzM5vT4+TxImWvBiOBP3pU8/VUwcXH3aGYRC K+Qvo46vbW0yvPD0TWpNqiGk/b/9y5gtvJl28YiRr+rVuub4zcaEZMF9NyEvr/XvvPPC/r nW82drGqp011p+kPV0uhRNzMJ/MpVF18lIDzR5NPaHcNrwkfMBbv1e9jUT3wOBmFab7J4q s/95FsZV3pnjvXaim3yOtwWDlNnk/QSYrHl4w4Fae1ydAyQS2gILht6H7a46YKmXaRSEJk Ymt1f1AcPXZkqKMGRYvETgV0VVjaxtYz5vx2YR8cIuZeeQk4z92fsCut+aNIUg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1780994475; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=NmVEyKQBgJXSjqbzW7oB27hVTaR8Almpak1wQ3RElc8=; b=eTbG8OW36ytZtdiqeIkRdb+XzXvMzVAajr0cM6+A3EirlzDOOyOzto2ggjDghQwksipPRQ 6K194GZMWN3oId6VjkxVCiOry6Qm5jNlocrduKTa1gaF945uMyfpN2NqBRb4qla/flww8a l6CM8vuwGoqRA6V8IAY6kiQ3vK+6Ay6AtX2+FtRchdQRfHgunTQ+ochltyWACWep45jMBD XlEJUqnuzzvIl1cInIYIcRSEMSpCflYAPmwTPJJQyEPUMUbQs4BH/YPWKfe969ekLJwvlm oTdaBb49423qjwP0dXeOd4DLgQjzi14j/wJExA9GHEexPCPg2DLfi6QEF9z/0g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZMnl2sYlzBNS for ; Tue, 09 Jun 2026 08:41:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1923a by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 08:41:10 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mateusz Piotrowski <0mp@FreeBSD.org> Subject: git: c0ec8ffb46ab - main - stats: Reference zpool-iostat(8) instead of zpool(8) List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: 0mp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: c0ec8ffb46ab337dcf726fcdf8083f62859d0ae6 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 08:41:10 +0000 Message-Id: <6a27d1a6.1923a.7e027125@gitrepo.freebsd.org> The branch main has been updated by 0mp: URL: https://cgit.FreeBSD.org/src/commit/?id=c0ec8ffb46ab337dcf726fcdf8083f62859d0ae6 commit c0ec8ffb46ab337dcf726fcdf8083f62859d0ae6 Author: Mateusz Piotrowski <0mp@FreeBSD.org> AuthorDate: 2026-06-09 08:37:13 +0000 Commit: Mateusz Piotrowski <0mp@FreeBSD.org> CommitDate: 2026-06-09 08:40:42 +0000 stats: Reference zpool-iostat(8) instead of zpool(8) MFC after: 3 days --- share/man/man7/stats.7 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/share/man/man7/stats.7 b/share/man/man7/stats.7 index f81c2fef0155..54620b90dd9e 100644 --- a/share/man/man7/stats.7 +++ b/share/man/man7/stats.7 @@ -24,7 +24,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd May 7, 2026 +.Dd June 9, 2026 .Dt STATS 7 .Os .Sh NAME @@ -116,7 +116,7 @@ Report ZFS I/O statistics .Xr pmcstat 8 , .Xr pstat 8 , .Xr vmstat 8 , -.Xr zpool 8 +.Xr zpool-iostat 8 .Sh HISTORY The .Nm From nobody Tue Jun 9 10:46:54 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZQZk3ZKpz6hlfq for ; Tue, 09 Jun 2026 10:46:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZQZk2bp0z3TtT for ; Tue, 09 Jun 2026 10:46:54 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781002014; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wYErWV3UAL+wkRxQG+dNE5wANTQBQRTxgml0nnfrM9Q=; b=DL8EmQKZXAYOGWZ1iYfP349r7cG2+0QvmU7uwZMNalyUnsWsyjhIO2sKjtZVJbhj5m2FKD SZMDo+nTKYB/JiiWbGVqwXO3+X1GDaWJAzTMrFUboaJXj1NKwtShkFa6rYzeUUl8wx2Q3T RysgShez8hS5BtyG4E0wK4r3fPT8a3by8QBXeMSpj4VccWBhx8Wyw3AMNlIyWkklXUS3Er QY8Afiz7tPRisR7Xg3JmRXN7N7e68Ma0FwznjsGxMX8fN67j6LHJPoG4TO7JnVhUDWZ3ZV wI67uLTGXb0nyn+YYhK7tTPShyz/2QFCZshbTtN8GJlq6RQR/Z2kfWE9o1vzTg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781002014; a=rsa-sha256; cv=none; b=NzRRG2OsW4ISHj/1/wdVuBid7UZCppj+f1kGxkrqQHedNeGWSOMWXOHoQ3sqkMzJIZ4g4L E61Xgw2pZ+hcMpU032+UeHu0AUS4dMiPc+PG4XpmQrrXm1OIg4HFqNBQKSnXqJaSaueLGx /hIi/8VGTQGElwG9GXhPJhdM7WWoHN0SsKE92kOl0EETWqE2Fu1f9ji1obZEOxmEeIw2Xp elXRRmWngDlNmI/LElUWxTctms2PhgWp1v+MTQCgEKOmPyOVKXdPp8H5iQBOexCNM3+lb9 NaZEHCA+SqZn/y+t86YGa296RdUH2ku7amsYvMSIyJFcHmh3dmCokIf1wl9G1w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781002014; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wYErWV3UAL+wkRxQG+dNE5wANTQBQRTxgml0nnfrM9Q=; b=oaRc5kaSMYzpMR+RoHvEgb2Di6uqV3UHRLnxD3HTxds5E69cP28zd+hdBq/KYyQ4k8jLD8 JqNPJk3DiY/AACh4raBYXvI4RytpRWM+153rpAIa41Jac4yrD51XMABUTaAjsgq9nQXvyy gqXUBR1r3lkhKXSvTQYrghFpSNCW7H6SmiwuLxHVpcbKGablvMq9JKgZUCd79us8lCd4Wh rBoA1rymCYdbfuvvv6PkxRVm63SKCMHjTMhTP4sC2PlHLFBX1LR1VStSomcO3E4s7u4JyZ 2TV61Q6hihoCl4IXKYaaYVhNWjueuydqwFyjYtPzB5Gq3XdrEr6y2oYvcT6A8g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZQZk28lPzXFr for ; Tue, 09 Jun 2026 10:46:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 27a63 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 10:46:54 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Christos Margiolis Subject: git: 81b3a7991543 - stable/15 - virtual_oss_cmd(8): Improve error messages List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: christos X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 81b3a7991543e1cf2f279e474c9636f2a0ce2e6e Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 10:46:54 +0000 Message-Id: <6a27ef1e.27a63.827aad1@gitrepo.freebsd.org> The branch stable/15 has been updated by christos: URL: https://cgit.FreeBSD.org/src/commit/?id=81b3a7991543e1cf2f279e474c9636f2a0ce2e6e commit 81b3a7991543e1cf2f279e474c9636f2a0ce2e6e Author: Christos Margiolis AuthorDate: 2026-06-02 12:57:45 +0000 Commit: Christos Margiolis CommitDate: 2026-06-09 10:46:47 +0000 virtual_oss_cmd(8): Improve error messages Sponsored by: The FreeBSD Foundation MFC after: 1 week (cherry picked from commit 4f7092eeb22d3882f54d67a35149533fef8376ca) --- usr.sbin/virtual_oss/virtual_oss_cmd/command.c | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) diff --git a/usr.sbin/virtual_oss/virtual_oss_cmd/command.c b/usr.sbin/virtual_oss/virtual_oss_cmd/command.c index 64781992ddfd..99316b896e83 100644 --- a/usr.sbin/virtual_oss/virtual_oss_cmd/command.c +++ b/usr.sbin/virtual_oss/virtual_oss_cmd/command.c @@ -35,20 +35,11 @@ #include "virtual_oss.h" -static void -message(const char *fmt, ...) -{ - va_list list; - - va_start(list, fmt); - vfprintf(stderr, fmt, list); - va_end(list); -} - -static void +static void __dead2 usage(void) { - message("Usage: virtual_oss_cmd /dev/vdsp.ctl [command line arguments to pass to virtual_oss]\n"); + fprintf(stderr, "usage: %s [virtual_oss(8) command " + "line options]\n", getprogname()); exit(EX_USAGE); } @@ -66,7 +57,7 @@ main(int argc, char **argv) fd = open(argv[1], O_RDWR); if (fd < 0) - errx(EX_SOFTWARE, "Could not open '%s'", argv[1]); + err(EX_SOFTWARE, "Could not open control device: %s", argv[1]); for (int x = 2; x != argc; x++) { size_t tmp = strlen(argv[x]) + 1; From nobody Tue Jun 9 10:46:53 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZQZp2qRtz6hlfv for ; Tue, 09 Jun 2026 10:46:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZQZp2GcSz3TjS for ; Tue, 09 Jun 2026 10:46:58 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781002018; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qakz0nWj3UflWrf4qpt6kQpHBFc+Il5+vzqR2tgHkHo=; b=hGjROc9CeNQUgVZKM2ia/1ZKx6B8SSTSAIiT+ejxV3mQSuaIkC+xAHxEAWq9YISb4YH5kY yOhXLDB4DnO2SDCnWjXx000UMj5E02WXKKD+YsVwDbVsY4BcfYY624e/b5D/waaOrrF2w7 e4Ij28y5LyKs1jKA1YQHFtVDB+8dcFa+MgAYUnQUlS07kVuu5ILUdUaG/qwiS5WmRQuZ86 S1q2FndnWguWNd011AB+BMYHJJWp1fm4TAiYRxCvbZ8bXQeb2dnfQimoHSl32RohNfd25Y bi/ukKxdVPt6fwTyCkNrZ4GDmV5G6L8xOICcf/29KmVEHUR2I7UP0erj5keSVw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781002018; a=rsa-sha256; cv=none; b=Wvjw3OoshhNmincwhP5+2CxwAalq6FPyNcm+i9DE41FCarcUjijmBTCkF7gAQEvrg3TR6V JY1uEs0rPjaogdgrL5BzHpumdFrN8UOZpN7ks32xIcxsISl5zV/mq1lgNl4RWz/XOW1d+Q l1g7Vb/lDmyNAWsOxAuLL/T8F5rheW4trP3ljFyF42GGTYFFbEdbFe+5NIcKugjndmRhcW 9AA8zw5nh5CNByesW2nfouX3n3gnWpoLDEav4fEd2qg5fXNi0zhwYTqMXtauCAuYMNDW4p ET7MDWKcaJjG0kjkgVKePvXWUnecO7RjjGGRMIrZE6lSjly79wxX1zW122c0YA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781002018; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qakz0nWj3UflWrf4qpt6kQpHBFc+Il5+vzqR2tgHkHo=; b=Jf1p7CpP1qhTf3PvMJAzdtYpkEqdylqm9z6jJctniAMX8w2PnMzXDRJI1PnTEjD0vBASv5 sX1q5iVcBe+AoMRWHHZveGm5F9IyDpraMyLu4vTToW7WV91ZWzpv5VBh1DXLvlETEJblDU tt5EJvvlE/LSzQFTrFWZqkjfp0kKGjTJtjh8vU0tbp6gdKE6khvDRM6lBVRn21TYjsGeKd InwIY5ZxpyUcaxkWR1OJbwh0KpPXjIlV1QOOBdbA+sj6vpPTe8LskpTRoUyglWTVuSBQyZ Ajn9n6ovpVys0zqcMJz3FZFROzWFz08XZIr8kj2laHbVCXJbWTAKOs/fUHir7g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZQZp1cQlzWfv for ; Tue, 09 Jun 2026 10:46:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 2786b by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 10:46:53 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Christos Margiolis Subject: git: b896c159135d - stable/15 - bsdinstall: Add virtual_oss service option List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: christos X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: b896c159135ddb9856fcee68f1ebc151bd21dfbe Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 10:46:53 +0000 Message-Id: <6a27ef1d.2786b.2997ac45@gitrepo.freebsd.org> The branch stable/15 has been updated by christos: URL: https://cgit.FreeBSD.org/src/commit/?id=b896c159135ddb9856fcee68f1ebc151bd21dfbe commit b896c159135ddb9856fcee68f1ebc151bd21dfbe Author: Christos Margiolis AuthorDate: 2026-05-20 15:51:39 +0000 Commit: Christos Margiolis CommitDate: 2026-06-09 10:46:41 +0000 bsdinstall: Add virtual_oss service option Since virtual_oss is now part of base, there is no reason not to provide an installer option to enable it, and make it more visible to new users, who might also benefit from the devd rules in /etc/devd/snd.conf, which use virtual_oss, as well as 8532b4a43636 ("rc: virtual_oss: Create a loopback device in the default configuration"). Sponsored by: The FreeBSD Foundation MFC after: 1 week Reviewed by: ivy Pull-Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/31 (cherry picked from commit eb5aa5c337c8d52fc1a7e867f526ca770bbe6612) --- usr.sbin/bsdinstall/scripts/services | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/usr.sbin/bsdinstall/scripts/services b/usr.sbin/bsdinstall/scripts/services index 110b6f321ed1..814ce1f95753 100755 --- a/usr.sbin/bsdinstall/scripts/services +++ b/usr.sbin/bsdinstall/scripts/services @@ -71,6 +71,11 @@ if [ -x "${BSDINSTALL_CHROOT}/etc/rc.d/moused" ]; then moused \"PS/2 mouse pointer on console\" ${moused_enable:-off}" fi +if [ -x "${BSDINSTALL_CHROOT}/etc/rc.d/virtual_oss" ]; then + DAEMON_OPTIONS="$DAEMON_OPTIONS \ + virtual_oss \"Sound server\" ${virtual_oss_enable:-off}" +fi + exec 5>&1 DAEMONS=$(eval bsddialog --backtitle \"$OSNAME Installer\" \ --title \"System Configuration\" --no-cancel --separate-output \ From nobody Tue Jun 9 11:27:55 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZRV91pYqz6hp2x for ; Tue, 09 Jun 2026 11:28:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZRV86ypHz3cRS for ; Tue, 09 Jun 2026 11:28:00 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781004481; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=LSnYUdoiwZmbyAv/ii0JVG18HFqVxvr56igCMUwQpT4=; b=Cj+cRlsVAlvbcN5ep2hQGEA2Fw8QS5PQsI5BM44xEOuI9H5cK35K9Q3opOvaRNQP4X4niC kxJiQkvolJ7h9LTnHBkTzUs2sM3Qja2XsjSCM1LG7pLSlAKDrZD16b8ufT5xS8RLm/BnIq Delqafn+YfOxR5sS+2u8UYRKw6gCqbjH6tPlLuWKSJJRaZIutZlP5vfgXnrVvNxPY1FUbu 0qgMNFbaD3st3JnAljhyLy4vQ0Ch/0ZKAtAb7bLOiC+vkNYgbCdebfwC55gtnEoKgQR+VM TdGeaGJqQDFlGh9U6Le0729CcoJ+fcN1AuCfC+LgelEPYQxADNw3lkm27IOIpQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781004481; a=rsa-sha256; cv=none; b=ewQWQ3KLt14544Nit46lLq66jQCRkKdL7KTEk0huXUxzRCXXctzcSAVSOlusYeTOpl/OhX m3IlvJFrYt1sdYdNE6hdgha3NyeaQPnzpgkzR9czS9dPUARlucSxIdXB3q0JufcGanYQgt K+5TbQ66UuI3epTDVGdQNpr5u+hWXgH6eX5SAXr9yzXVFC80/HuW41GZ1mbLf3AH2eFpjS OlnCYAU1KX2HAYUiuAKjSvHcVekvQLE5USwX0lViQCPgtJgs0xZR/+I9ujV5TaYvUT9NDF HqKiMOk/kAfBQ32oKvfdIchf7Lq+Zkewloktm79CQRGH2ts0Y4sm0Rq/RTUybw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781004481; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=LSnYUdoiwZmbyAv/ii0JVG18HFqVxvr56igCMUwQpT4=; b=yetdt+Y/Nuu35QfoIe6y8QOZJGmqCDmYALJ52YjqkcmuYUt733vTKbghDRd/f0dEBLHCz/ 0bWLlNhfumCNljC7RfjrwnSRBAVYpbKyjsFOKuaG7xEkHrkgcgLuoALVwvrTF5RXNf2aDS bIZaU4FJTYS+GAHfz+Qlw+NLKyCgOEiCX0AflN8DRN1azoywiltWxb8R99Nc/D2519cgOj V4Kzt0X6CDeLG2xbq7eJ/d1jLMqck9HOYPfQ700nBPbzokYeynZP9Oa1wJqtrWCvJ2V01E 9WQ7M6Xqa+1jlJAG102Cp7Fe7rq0/3bS+uf2vzgamQ8xOzmqAP2sBw+MWByhyA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZRV86ZC7zYVh for ; Tue, 09 Jun 2026 11:28:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3257d by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 11:27:55 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: ShengYi Hung Subject: git: 9c0489508695 - main - libc: Use slow path in fenv in C++ List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: aokblast X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 9c0489508695fde3bdd742edfd1b4b681aab4d19 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 11:27:55 +0000 Message-Id: <6a27f8bb.3257d.36b63bf9@gitrepo.freebsd.org> The branch main has been updated by aokblast: URL: https://cgit.FreeBSD.org/src/commit/?id=9c0489508695fde3bdd742edfd1b4b681aab4d19 commit 9c0489508695fde3bdd742edfd1b4b681aab4d19 Author: ShengYi Hung AuthorDate: 2026-06-04 08:58:28 +0000 Commit: ShengYi Hung CommitDate: 2026-06-09 11:25:30 +0000 libc: Use slow path in fenv in C++ C++ exposes cfenv functions via using ::func. Our name-mangling mechanism rewrites all function calls causing symbols such as std::feclearexcept to be transformed into std::__feclearexcept_int. Since no such function exists, compilation fails. The using ::feclearexpect declarations themselves are unaffected because they are not function calls, which further exposes the mismatch As a result, enable the fast path only for C and fall back to the slow path in C++. Reviewed by: kib Fixes: 5bc64b7d417d MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57450 --- lib/msun/aarch64/fenv.h | 10 ++++++++++ lib/msun/arm/fenv.h | 10 ++++++++++ lib/msun/powerpc/fenv.h | 12 ++++++++++++ lib/msun/riscv/fenv.h | 12 ++++++++++++ lib/msun/x86/fenv.h | 10 ++++++++++ 5 files changed, 54 insertions(+) diff --git a/lib/msun/aarch64/fenv.h b/lib/msun/aarch64/fenv.h index 5d47940cf9eb..aebcd99909ce 100644 --- a/lib/msun/aarch64/fenv.h +++ b/lib/msun/aarch64/fenv.h @@ -96,6 +96,15 @@ int feenableexcept(int); int fedisableexcept(int); int fegetexcept(void); +/* + * C permits a standard library function to also be exposed as a function-like + * macro (C23 7.1.4), and msun uses that here to inline the fast path. C++ + * forbids it: imports these names into namespace std (using + * ::feclearexcept; etc.), so std::feclearexcept() and friends must denote the + * actual functions. Expose the inlining macros to C only; C++ uses the real + * extern functions (defined in the matching lib/msun//fenv.c). + */ +#ifndef __cplusplus #define feclearexcept(a) __feclearexcept_int(a) #define fegetexceptflag(e, a) __fegetexceptflag_int(e, a) #define fesetexceptflag(e, a) __fesetexceptflag_int(e, a) @@ -110,6 +119,7 @@ int fegetexcept(void); #define feenableexcept(a) __feenableexcept_int(a) #define fedisableexcept(a) __fedisableexcept_int(a) #define fegetexcept() __fegetexcept_int() +#endif /* !__cplusplus */ __fenv_static inline int __feclearexcept_int(int __excepts) diff --git a/lib/msun/arm/fenv.h b/lib/msun/arm/fenv.h index 78ca9ef0f589..6febbf95008d 100644 --- a/lib/msun/arm/fenv.h +++ b/lib/msun/arm/fenv.h @@ -129,6 +129,15 @@ int fedisableexcept(int); int fegetexcept(void); #endif +/* + * C permits a standard library function to also be exposed as a function-like + * macro (C23 7.1.4), and msun uses that here to inline the fast path. C++ + * forbids it: imports these names into namespace std (using + * ::feclearexcept; etc.), so std::feclearexcept() and friends must denote the + * actual functions. Expose the inlining macros to C only; C++ uses the real + * extern functions (defined in the matching lib/msun//fenv.c). + */ +#ifndef __cplusplus #define feclearexcept(a) __feclearexcept_int(a) #define fegetexceptflag(e, a) __fegetexceptflag_int(e, a) #define fesetexceptflag(e, a) __fesetexceptflag_int(e, a) @@ -145,6 +154,7 @@ int fegetexcept(void); #define fedisableexcept(a) __fedisableexcept_int(a) #define fegetexcept() __fegetexcept_int() #endif +#endif /* !__cplusplus */ __fenv_static inline int __feclearexcept_int(int __excepts) diff --git a/lib/msun/powerpc/fenv.h b/lib/msun/powerpc/fenv.h index f6fb354470c7..8752be09994c 100644 --- a/lib/msun/powerpc/fenv.h +++ b/lib/msun/powerpc/fenv.h @@ -123,6 +123,15 @@ int feholdexcept(fenv_t *); int fesetenv(const fenv_t *); int feupdateenv(const fenv_t *); +/* + * C permits a standard library function to also be exposed as a function-like + * macro (C23 7.1.4), and msun uses that here to inline the fast path. C++ + * forbids it: imports these names into namespace std (using + * ::feclearexcept; etc.), so std::feclearexcept() and friends must denote the + * actual functions. Expose the inlining macros to C only; C++ uses the real + * extern functions (defined in the matching lib/msun//fenv.c). + */ +#ifndef __cplusplus #define feclearexcept(a) __feclearexcept_int(a) #define fegetexceptflag(e, a) __fegetexceptflag_int(e, a) #define fesetexceptflag(e, a) __fesetexceptflag_int(e, a) @@ -134,6 +143,7 @@ int feupdateenv(const fenv_t *); #define feholdexcept(e) __feholdexcept_int(e) #define fesetenv(e) __fesetenv_int(e) #define feupdateenv(e) __feupdateenv_int(e) +#endif /* !__cplusplus */ __fenv_static inline int __feclearexcept_int(int __excepts) @@ -266,8 +276,10 @@ __feupdateenv_int(const fenv_t *__envp) int feenableexcept(int); int fedisableexcept(int); +#ifndef __cplusplus /* see the note above; C++ uses the real functions */ #define feenableexcept(a) __feenableexcept_int(a) #define fedisableexcept(a) __fedisableexcept_int(a) +#endif __fenv_static inline int __feenableexcept_int(int __mask) diff --git a/lib/msun/riscv/fenv.h b/lib/msun/riscv/fenv.h index 1059744941f3..199ca1806684 100644 --- a/lib/msun/riscv/fenv.h +++ b/lib/msun/riscv/fenv.h @@ -91,6 +91,15 @@ int feholdexcept(fenv_t *); int fesetenv(const fenv_t *); int feupdateenv(const fenv_t *); +/* + * C permits a standard library function to also be exposed as a function-like + * macro (C23 7.1.4), and msun uses that here to inline the fast path. C++ + * forbids it: imports these names into namespace std (using + * ::feclearexcept; etc.), so std::feclearexcept() and friends must denote the + * actual functions. Expose the inlining macros to C only; C++ uses the real + * extern functions (defined in the matching lib/msun//fenv.c). + */ +#ifndef __cplusplus #define feclearexcept(a) __feclearexcept_int(a) #define fegetexceptflag(e, a) __fegetexceptflag_int(e, a) #define fesetexceptflag(e, a) __fesetexceptflag_int(e, a) @@ -102,6 +111,7 @@ int feupdateenv(const fenv_t *); #define feholdexcept(e) __feholdexcept_int(e) #define fesetenv(e) __fesetenv_int(e) #define feupdateenv(e) __feupdateenv_int(e) +#endif /* !__cplusplus */ __fenv_static inline int __feclearexcept_int(int __excepts) @@ -224,8 +234,10 @@ __feupdateenv_int(const fenv_t *__envp) int feenableexcept(int); int fedisableexcept(int); +#ifndef __cplusplus /* see the note above; C++ uses the real functions */ #define feenableexcept(a) __feenableexcept_int(a) #define fedisableexcept(a) __fedisableexcept_int(a) +#endif __fenv_static inline int __feenableexcept_int(int __mask __unused) diff --git a/lib/msun/x86/fenv.h b/lib/msun/x86/fenv.h index b5da37902083..cb44624a858a 100644 --- a/lib/msun/x86/fenv.h +++ b/lib/msun/x86/fenv.h @@ -150,12 +150,22 @@ int fesetround(int); int fegetround(void); int fesetenv(const fenv_t *); +/* + * C permits a standard library function to also be exposed as a function-like + * macro (C23 7.1.4), and msun uses that here to inline the fast path. C++ + * forbids it: imports these names into namespace std (using + * ::feclearexcept; etc.), so std::feclearexcept() and friends must denote the + * actual functions. Expose the inlining macros to C only; C++ uses the real + * extern functions (defined in the matching lib/msun//fenv.c). + */ +#ifndef __cplusplus #define feclearexcept(a) __feclearexcept_int(a) #define fegetexceptflag(e, a) __fegetexceptflag_int(e, a) #define fetestexcept(a) __fetestexcept_int(a) #define fesetround(a) __fesetround_int(a) #define fegetround() __fegetround_int() #define fesetenv(a) __fesetenv_int(a) +#endif /* !__cplusplus */ #ifdef __i386__ From nobody Tue Jun 9 11:28:38 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZRVv05Zfz6hp34 for ; Tue, 09 Jun 2026 11:28:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZRVt6WLpz3crt for ; Tue, 09 Jun 2026 11:28:38 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781004518; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HfZFLqeqQlIOrRmqxWdbpHdnUf2EpGxDzqFNGm1Ojr4=; b=c08CVTJT5DGzAtSeRIBEVfaCsy61OpnKrAnBzHHPr3Y5nOZSkUAcXxPIUHFRO7WiKNcRBg FEmtu/MoYo5P0Lf61Z3tJ/j8RLr/eLENXLT/m42txurxns1xunkMQmeH2Oywl2UIyTQJnl rp9M+XXFNtQHpc+N5/dxCKEtvOaikKh3zQC1qm/12umtyfF1R/QRUAeM2Wx6MEUceQ3vug c7cG7Mn5VPSLJmY5+6LgCNUOZTRv1kT76a76VT6S16clMr+fJXv9fGzmGIOu6QbDKf1Iav YTVnz5eigFfFPrZdduisIILhcV0x7zjUtbY6LmS45fUEtbso018+rb3YRYo5RQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781004518; a=rsa-sha256; cv=none; b=IqI2U4Mmecz4UuHWrkmSVwso6tTUyKYXVwpmEhDHg7zHJ8ZGbUjTHukjXuOclF0PpzB5Qx q6QNCcAWnBI/FZfveaYpmR/lI8EWmGbDvKiChwwHvRQYI/V0p4auT2YzNeeXIwFAKTvUQw 4PTpR1k7jjovJ+hP0tCddAkb8Z782+2eJ55oz6nciBp63x+LQUXhaL7SdkqFU/IZYdZFi5 fhA5k0XNAnfOCiPm9dl83KdfC+/3WGOuxsLFWYH7Fy+qhxiBvCg4UmYIfjC0BpW24Khl1w gM815JGLFesDNVVleuVrq3nM8OWged2tn1vToIkpamJY1jwsuRqW6OfmhIVYGA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781004518; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HfZFLqeqQlIOrRmqxWdbpHdnUf2EpGxDzqFNGm1Ojr4=; b=MmZ8TjVDRBjtEB1sSST3eGMHYZLxK0TV9rVNMJBlT8XnDkhk8FVP3/qinHuVeXXwIjIoUX SZuGoqDKJ239e0Zxp2nBmfxdL0fqsoBijv7Bx+f4ID/OYpLruMBrSU51T2Lbg8GGqNSEBA MZQ0JYlTgQ1EYBbRBIS0L/Bhfifh/Yc8hiec7Ff/SdPm+TLn3CA9MOp3HxhDs0rPzBi9yC xoGbpk9yvEdffIfdlMbQek8S7YLpb+xjEYuXsfMzzPQb5et57RtHGLtHL6q4SaHSuQaLjh ykd0mTG7qZ0YSNTykYNB/KtrEdmJKTup5evhIsygkxpUrTOO9hYs/qk+Hcd9Wg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZRVt5rPTzYrh for ; Tue, 09 Jun 2026 11:28:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 324fa by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 11:28:38 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: ShengYi Hung Subject: git: 2934783fa80d - main - usb: Add missing unsetup while detaching uchcom List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: aokblast X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 2934783fa80de2854d9527ae11db85c47ac65a91 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 11:28:38 +0000 Message-Id: <6a27f8e6.324fa.4b387331@gitrepo.freebsd.org> The branch main has been updated by aokblast: URL: https://cgit.FreeBSD.org/src/commit/?id=2934783fa80de2854d9527ae11db85c47ac65a91 commit 2934783fa80de2854d9527ae11db85c47ac65a91 Author: ShengYi Hung AuthorDate: 2026-05-29 15:09:52 +0000 Commit: ShengYi Hung CommitDate: 2026-06-09 11:28:27 +0000 usb: Add missing unsetup while detaching uchcom Reviewed by: christos MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57329 --- sys/dev/usb/serial/uchcom.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/dev/usb/serial/uchcom.c b/sys/dev/usb/serial/uchcom.c index fdc5515fa722..ff1ac8897c90 100644 --- a/sys/dev/usb/serial/uchcom.c +++ b/sys/dev/usb/serial/uchcom.c @@ -404,6 +404,7 @@ uchcom_detach(device_t dev) DPRINTFN(11, "\n"); ucom_detach(&sc->sc_super_ucom, &sc->sc_ucom); + usbd_transfer_unsetup(&sc->sc_intr_xfer, 1); usbd_transfer_unsetup(sc->sc_xfer, UCHCOM_N_TRANSFER); device_claim_softc(dev); From nobody Tue Jun 9 11:33:19 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZRcN4wMtz6hpbx for ; Tue, 09 Jun 2026 11:33:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZRcN2TKgz3dlB for ; Tue, 09 Jun 2026 11:33:24 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781004804; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kdxTsI6mp0N66HfmI6/QBILuKWNcsKoNeN7ygvdV0nY=; b=q8/vvLrqICoPcBK4ei3jLQsjo4OSXJiehbJRn2qepfK3JcC2+43D5qof4C1h/T+q5a5x1+ aWW3qIHQHiDoDNTabD+GJrEoX+9J/CSrnlXR6w/RCyGDkFw8eyflWOf0EF1F6RmMbx2vgE bLYc4e5RTFf/dAbBCc9G7qIvt8MeG6WIcd10NsD/j72zwOuqiDNYAs7bR3q37pW28Tq2Vn hdGrevG+KLgrRa8TsoqKsJhO8ESo0aaxh2B/M7BxLx3P5CAEKeZ5kGiICN0TARa+qYR0JA elt7PazymOdbJb2Gmgxw4aQgqtPv9a8G2PaI8MIh9yB3GnBCvyYVlrGdZEUq3Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781004804; a=rsa-sha256; cv=none; b=FFq0md0GXVc/Wm+xnCw7CRp7ES8g3YXRvExitg5RFm+IqKMIlIXSF0pEYkUgkwfrtv9pKO 0JGYH9FKHtZKG/5C9duhrCeMtRxrN3EQNLjvcdJXC7zWKDKZ6cdWcNquKZLl7G0niRnWdY OakP6lMRlD2Rl2zNExk5IZx1q4tttUBssMQlP2kYbo0bZT0DP3QxR0z+5JVIF7qir6zT2f Bw1u7iKw+YXWWWA/TR2beD5yUVbjXsqYdOI5HB8fBqLTMZNyVji0IZKbLvyGDv+1F5XRqj iVMaQUE7bhZ21bT2IZzqit3Mhn1/PTmhg8yfVttET3BudDfVhSv9rCG3m3gKYA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781004804; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kdxTsI6mp0N66HfmI6/QBILuKWNcsKoNeN7ygvdV0nY=; b=PpdXtBypG3O3kO1aDyHX0YC0iidG5sJVQ7/CdfONKTXyOToobb0nz8KknYvNXW6ucYHwpJ Ng+l2BBI0Xk5d5dXwl4eUXbE/ibrMvDkJX3oev9heqFvxWg1DxtRB/diOS4M/MpuhTkiD8 AxNJ7WfyVsMlc9pUIw1USfO0gcy+4+pWoJi9O5JNm9Ythfsni5kLYbV7WlXgcAhTCNaJQC ibqVLetlHo6tnGFbfUoFXM3MhldTF+Np7eVFGNjcXU9IDLqQ9NlgqRPWvvMQAGfolnIo5t zTcdR70DGSXLE2herI2uoAnt+Umbt6UgLAmGn0N2oGPhkRGF2EbUXLY6X4xD8Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZRcN257LzYNm for ; Tue, 09 Jun 2026 11:33:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 36aa4 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 11:33:19 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav Subject: git: 2ab18d3286f5 - main - examples: Update COPTFLAGS in make.conf List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: des X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 2ab18d3286f5e1ea08cd86e234377b673245ec15 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 11:33:19 +0000 Message-Id: <6a27f9ff.36aa4.1ef1580c@gitrepo.freebsd.org> The branch main has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=2ab18d3286f5e1ea08cd86e234377b673245ec15 commit 2ab18d3286f5e1ea08cd86e234377b673245ec15 Author: Dag-Erling Smørgrav AuthorDate: 2026-06-09 11:29:13 +0000 Commit: Dag-Erling Smørgrav CommitDate: 2026-06-09 11:33:01 +0000 examples: Update COPTFLAGS in make.conf We've been using -O2 for about fifteen years. Reported by: Jan Stary MFC after: 1 week --- share/examples/etc/make.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/share/examples/etc/make.conf b/share/examples/etc/make.conf index 61bc132bad57..c771805b95a6 100644 --- a/share/examples/etc/make.conf +++ b/share/examples/etc/make.conf @@ -106,7 +106,7 @@ # There is very little to gain by using higher optimization levels, and doing # so can cause problems. # -#COPTFLAGS= -O -pipe +#COPTFLAGS= -O2 -pipe # # Compare before install. #INSTALL+= -C From nobody Tue Jun 9 11:38:19 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZRk8566Qz6hpMB for ; Tue, 09 Jun 2026 11:38:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZRk84R97z3f1L for ; Tue, 09 Jun 2026 11:38:24 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781005104; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=txG0QpIHitHXNp9yOVxIXaMpBy9DfMc5beujetbGClE=; b=HqR6blC2lqE/zm+YGOGlClHZ7/6CRSj795fRH4atA2Kf/oZ2DprI9UoOVs/RPOj5YJNYj3 ox0bnQZAmTXaI99W+/61aN/7fQjK2Cy6GeEesb8XK/YuF3URCIbwMM+p/2NZPqeWNxiEx6 y0nfX+k8m6gbVLe9APU4MAIw7w/RjCfBTlphH18Lr+TcV5BOhPOWgmpweHPH82boGZUNr9 wNgqjFIaspbACeLI4M8PcdmVCr0JM9VzMRrTKmFtQhLSkLQW9V/PazYg2GpJfry0lqKm2B 2aFPApaawLBqDHJUW5MUIEw0pnbhz0dqTQvvLZgIJBPEiL4CshSCUrqQHAtvAg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781005104; a=rsa-sha256; cv=none; b=vJ7bpBps+7wgDIQqwSJL+erUIG8uW2kIeEdQAmg0i4YegytWg4okINwlwPGycr3DxYYzex /DQh5jvtHB+w7wER5MVXcXji+jAdo0zRvlJtiROQkezT6q9PZj+yXr3bzhBdcnCt5RpDd3 8mVN2kFqS8DScN6MSFjKe2SCSCl81jtmDJf/J/WRbBu44zs0wXdgF8m+lY6gJuWqAi0ztz XtJTprjTDWfXMcBUId0rw6cI+xkLvB8l4vfII1f3aZbDzaLDTqF1CrLFsjphgnaB7eepNZ EO1kwvv2tz1cPg8AyvAnlBHSGwI9b0uwoawb2VtTV2QBRz7sTmGRRqY2dcHlQA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781005104; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=txG0QpIHitHXNp9yOVxIXaMpBy9DfMc5beujetbGClE=; b=IlRYsPSdGGXNuKCOXNWrpMyXIB77gUO80MBFHwmz/faR222BXKGQZfBbsF4IjPitE9zMjv aljXxm7F6kgc/tR+cxbdgMWpEQGOpWlna9qsx7qISt0SQ0upSb/tXnmTHT0kns5s1RpDnz DtYtV6BUGTCquRir5Qmvx9CHMBVmDOYqDSoJuohcIE+Mzp0qzkaqgwyVnQdpE9thT8qmm7 j+MgjTWTiXFAEVcMT54UzPdDOvQP4lxEdoFYMEp6qPmUp/J5Ql+JbgOam0hcaotNGwp+zU eUOlqtW/k2juJavnaQ4nCEZU0mLfcOu4QL1MEEmL3MM+mhgneXs5wzgZhN91nw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZRk83sgYzZ6P for ; Tue, 09 Jun 2026 11:38:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3640b by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 11:38:19 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mariusz Zaborski Subject: git: 97edd37e6279 - main - cap_net: add tests for limits drop List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: oshogbo X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 97edd37e6279d76efee89d466550587246161dc9 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 11:38:19 +0000 Message-Id: <6a27fb2b.3640b.67e68c0e@gitrepo.freebsd.org> The branch main has been updated by oshogbo: URL: https://cgit.FreeBSD.org/src/commit/?id=97edd37e6279d76efee89d466550587246161dc9 commit 97edd37e6279d76efee89d466550587246161dc9 Author: Mariusz Zaborski AuthorDate: 2026-06-09 11:34:13 +0000 Commit: Mariusz Zaborski CommitDate: 2026-06-09 11:34:13 +0000 cap_net: add tests for limits drop Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D56992 --- lib/libcasper/services/cap_net/tests/net_test.c | 235 ++++++++++++++++++++++++ 1 file changed, 235 insertions(+) diff --git a/lib/libcasper/services/cap_net/tests/net_test.c b/lib/libcasper/services/cap_net/tests/net_test.c index 21d620e0f8d8..0fd20d9deae8 100644 --- a/lib/libcasper/services/cap_net/tests/net_test.c +++ b/lib/libcasper/services/cap_net/tests/net_test.c @@ -24,6 +24,7 @@ */ #include +#include #include #include #include @@ -1443,6 +1444,233 @@ ATF_TC_BODY(capnet__limits_deprecated_connecttodns, tc) cap_close(capnet); } +ATF_TC(capnet__limits_name2addr_partial_drops_family); +ATF_TC_HEAD(capnet__limits_name2addr_partial_drops_family, tc) +{ + atf_tc_set_md_var(tc, "require.config", "allow_network_access"); +} +ATF_TC_BODY(capnet__limits_name2addr_partial_drops_family, tc) +{ + cap_channel_t *capnet; + cap_net_limit_t *limit; + int family = AF_INET6; + + capnet = create_network_service(); + + /* Tighten: only AF_INET6 allowed under name2addr. */ + limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); + ATF_REQUIRE(limit != NULL); + cap_net_limit_name2addr_family(limit, &family, 1); + ATF_REQUIRE(cap_net_limit(limit) == 0); + + ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == + ENOTCAPABLE); + + /* Replacement omits "family"; must be rejected. */ + limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); + ATF_REQUIRE(limit != NULL); + cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); + ATF_REQUIRE(cap_net_limit(limit) != 0); + + ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == + ENOTCAPABLE); + + cap_close(capnet); +} + +ATF_TC(capnet__limits_name2addr_partial_drops_hosts); +ATF_TC_HEAD(capnet__limits_name2addr_partial_drops_hosts, tc) +{ + atf_tc_set_md_var(tc, "require.config", "allow_network_access"); +} +ATF_TC_BODY(capnet__limits_name2addr_partial_drops_hosts, tc) +{ + cap_channel_t *capnet; + cap_net_limit_t *limit; + int family = AF_INET; + + capnet = create_network_service(); + + /* Tighten: only TEST_DOMAIN_0 allowed. */ + limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); + ATF_REQUIRE(limit != NULL); + cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); + ATF_REQUIRE(cap_net_limit(limit) == 0); + + ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) == + ENOTCAPABLE); + + /* Replacement omits "hosts"; must be rejected. */ + limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); + ATF_REQUIRE(limit != NULL); + cap_net_limit_name2addr_family(limit, &family, 1); + ATF_REQUIRE(cap_net_limit(limit) != 0); + + ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) == + ENOTCAPABLE); + + cap_close(capnet); +} + +ATF_TC(capnet__limits_addr2name_partial_drops_family); +ATF_TC_HEAD(capnet__limits_addr2name_partial_drops_family, tc) +{ + atf_tc_set_md_var(tc, "require.config", "allow_network_access"); +} +ATF_TC_BODY(capnet__limits_addr2name_partial_drops_family, tc) +{ + cap_channel_t *capnet; + cap_net_limit_t *limit; + struct sockaddr_in ipaddrv4; + int family = AF_INET6; + + capnet = create_network_service(); + + memset(&ipaddrv4, 0, sizeof(ipaddrv4)); + ipaddrv4.sin_family = AF_INET; + inet_pton(AF_INET, TEST_IPV4, &ipaddrv4.sin_addr); + + /* Tighten: only AF_INET6 allowed under addr2name. */ + limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); + ATF_REQUIRE(limit != NULL); + cap_net_limit_addr2name_family(limit, &family, 1); + ATF_REQUIRE(cap_net_limit(limit) == 0); + + ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == + ENOTCAPABLE); + + /* Replacement omits "family". Must be rejected. */ + limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); + ATF_REQUIRE(limit != NULL); + cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, + sizeof(ipaddrv4)); + ATF_REQUIRE(cap_net_limit(limit) != 0); + + ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == + ENOTCAPABLE); + + cap_close(capnet); +} + +ATF_TC(capnet__limits_addr2name_partial_drops_sockaddr); +ATF_TC_HEAD(capnet__limits_addr2name_partial_drops_sockaddr, tc) +{ + atf_tc_set_md_var(tc, "require.config", "allow_network_access"); +} +ATF_TC_BODY(capnet__limits_addr2name_partial_drops_sockaddr, tc) +{ + cap_channel_t *capnet; + cap_net_limit_t *limit; + struct sockaddr_in6 ipaddrv6; + int family = AF_INET6; + + capnet = create_network_service(); + + memset(&ipaddrv6, 0, sizeof(ipaddrv6)); + ipaddrv6.sin6_family = AF_INET6; + inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6.sin6_addr); + + /* Tighten: only TEST_IPV6 allowed under addr2name. */ + limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); + ATF_REQUIRE(limit != NULL); + cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6, + sizeof(ipaddrv6)); + ATF_REQUIRE(cap_net_limit(limit) == 0); + + /* Replacement omits "sockaddr". Must be rejected. */ + limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); + ATF_REQUIRE(limit != NULL); + cap_net_limit_addr2name_family(limit, &family, 1); + ATF_REQUIRE(cap_net_limit(limit) != 0); + + cap_close(capnet); +} + +/* + * The public helpers drop empty sublimits during pack, so the empty-{} + * variant is only reachable via libnv + cap_limit_set() directly. + */ +ATF_TC(capnet__limits_connect_partial_drops_sockaddr); +ATF_TC_HEAD(capnet__limits_connect_partial_drops_sockaddr, tc) +{ + atf_tc_set_md_var(tc, "require.config", "allow_network_access"); +} +ATF_TC_BODY(capnet__limits_connect_partial_drops_sockaddr, tc) +{ + cap_channel_t *capnet; + cap_net_limit_t *limit; + struct sockaddr_in ipv4; + nvlist_t *lnvl; + + capnet = create_network_service(); + + memset(&ipv4, 0, sizeof(ipv4)); + ipv4.sin_family = AF_INET; + ipv4.sin_port = htons(TEST_PORT); + inet_pton(AF_INET, TEST_IPV4, &ipv4.sin_addr); + + /* Tighten: only TEST_IPV4:TEST_PORT allowed under connect. */ + limit = cap_net_limit_init(capnet, CAPNET_CONNECT); + ATF_REQUIRE(limit != NULL); + cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); + ATF_REQUIRE(cap_net_limit(limit) == 0); + + ATF_REQUIRE(test_connect(capnet, TEST_IPV4, TEST_PORT) == 0); + ATF_REQUIRE(test_connect(capnet, "8.8.8.8", TEST_PORT) == ENOTCAPABLE); + + /* Build connect={} (no sockaddr subkey) directly. Must be rejected. */ + lnvl = nvlist_create(0); + nvlist_add_number(lnvl, "mode", CAPNET_CONNECT); + nvlist_add_nvlist(lnvl, "connect", nvlist_create(0)); + ATF_REQUIRE(cap_limit_set(capnet, lnvl) != 0); + + ATF_REQUIRE(test_connect(capnet, "8.8.8.8", TEST_PORT) == ENOTCAPABLE); + + cap_close(capnet); +} + +/* + * The public helpers drop empty sublimits during pack, so the empty-{} + * variant is only reachable via libnv + cap_limit_set() directly. + */ +ATF_TC(capnet__limits_bind_partial_drops_sockaddr); +ATF_TC_HEAD(capnet__limits_bind_partial_drops_sockaddr, tc) +{ + atf_tc_set_md_var(tc, "require.config", "allow_network_access"); +} +ATF_TC_BODY(capnet__limits_bind_partial_drops_sockaddr, tc) +{ + cap_channel_t *capnet; + cap_net_limit_t *limit; + struct sockaddr_in ipv4; + nvlist_t *lnvl; + + capnet = create_network_service(); + + memset(&ipv4, 0, sizeof(ipv4)); + ipv4.sin_family = AF_INET; + inet_pton(AF_INET, TEST_BIND_IPV4, &ipv4.sin_addr); + + /* Tighten: only TEST_BIND_IPV4 allowed under bind. */ + limit = cap_net_limit_init(capnet, CAPNET_BIND); + ATF_REQUIRE(limit != NULL); + cap_net_limit_bind(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); + ATF_REQUIRE(cap_net_limit(limit) == 0); + + ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0); + ATF_REQUIRE(test_bind(capnet, "127.0.0.2") == ENOTCAPABLE); + + /* Build bind={} (no sockaddr subkey) directly. Must be rejected. */ + lnvl = nvlist_create(0); + nvlist_add_number(lnvl, "mode", CAPNET_BIND); + nvlist_add_nvlist(lnvl, "bind", nvlist_create(0)); + ATF_REQUIRE(cap_limit_set(capnet, lnvl) != 0); + + ATF_REQUIRE(test_bind(capnet, "127.0.0.2") == ENOTCAPABLE); + + cap_close(capnet); +} + ATF_TP_ADD_TCS(tp) { @@ -1483,5 +1711,12 @@ ATF_TP_ADD_TCS(tp) ATF_TP_ADD_TC(tp, capnet__limits_connecttodns); ATF_TP_ADD_TC(tp, capnet__limits_deprecated_connecttodns); + ATF_TP_ADD_TC(tp, capnet__limits_name2addr_partial_drops_family); + ATF_TP_ADD_TC(tp, capnet__limits_name2addr_partial_drops_hosts); + ATF_TP_ADD_TC(tp, capnet__limits_addr2name_partial_drops_family); + ATF_TP_ADD_TC(tp, capnet__limits_addr2name_partial_drops_sockaddr); + ATF_TP_ADD_TC(tp, capnet__limits_connect_partial_drops_sockaddr); + ATF_TP_ADD_TC(tp, capnet__limits_bind_partial_drops_sockaddr); + return (atf_no_error()); } From nobody Tue Jun 9 11:51:27 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZS1J4xkjz6hqD4 for ; Tue, 09 Jun 2026 11:51:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZS1J2Yyfz3gmm for ; Tue, 09 Jun 2026 11:51:32 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781005892; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZM5DNKMoVHhQGK9uncOgKe5G2UqRl9AEAMm7cOtVVis=; b=WNhjH3rqAbvAbbRwYuGmQkWEYqYrdOS8i2RgzIXJ/a6cPQEX17GA/4RQ7HiNt1C7cH1ss9 HiRpIr7pibE+WffSR0+dklWNZQwQ9Dny8p+hyQYS2CUCrUS8fLXijTvhS7bQcdB3htxi1n HRezf5A6w8V2I1V49kFLJmjYxeLmtjRwKTMWMKMIm1qPL+3apAaGFzeZDS6GmiACS3qzyj gyFrYnxnZ9eN9z5TO51HEnUHcLlm5GKY8HYf5igjzT+5Av93Riap9u8zGcA2cv8DTgtdAo 6HgHt2PIpXpYW9rPXDm66M6kic0O0MdyHMeD4U08M5sYL+7GlANrIk5snLApxQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781005892; a=rsa-sha256; cv=none; b=bwQEwScpAtP1JS3h6CvhOStqdMWzCBe5P4sqDs4GkmDejl1S5U35qJRumwgmkm+eEahNj4 H+LE7Dx00qBhPZw7hb8GQGFijBr4zlv1O7J22FmSRFDg0wG0ZHk9g1kEkU6mK6qMJXm0e7 IQj6dmepWpKYjMWACmoG86G9v16vhbrrSDlzTtptXj2ApcVYXJLw13fF4bdC/tehqA1a9u QHVxDRvIqvrY3bvILO/KqS1QzAg+UPNGCIaVCySMAwqTfF0idLRLQAO+foGmiwzxYlEl/9 hjjjVttPzcqsdnUVbuNczmfAMGrYBV6u9UBXev87AZ44btPqHwSZinhG6YKvsw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781005892; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZM5DNKMoVHhQGK9uncOgKe5G2UqRl9AEAMm7cOtVVis=; b=DfvF61RAQHt7gsoLEQSiwWxoxfFLffDGk25VUTffBLnEsWafMU+juEE3eVVx80XklFUCoC lfR5FVwos8aiKW468Z0YoiPveYmw22eFN3+pnJU8GDMjt2FiHxS9ClQTpjJ7v8VPqj64Pk hgK8QwnI2aeA9cotmuxR5Y8gFYrpx7ihuel2ggcdyiTgscK4X7kxWXrnwCfMC9R/oxbjSV 9Ahhh4GoooumFxPfGMHzx4wLq9jdP1clf0lnZmHaONpseKv0pPHnR/FErwUa/NenmiFsT7 vUyFM6UiFstueJkXUruQrV2YIGM4tVQLcoGW0OdYkWJ/q+F1/CgdN/BVeix5Dg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZS1J1zclzZMS for ; Tue, 09 Jun 2026 11:51:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3866b by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 11:51:27 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Tai-hwa Liang Subject: git: 8011f6b0d8ba - main - if_axge: remove AXGE_RX_MII_ERR from packet dropping criteria List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: avatar X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 8011f6b0d8ba2ee18a60f3bd719f950081a474b3 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 11:51:27 +0000 Message-Id: <6a27fe3f.3866b.5589aeb1@gitrepo.freebsd.org> The branch main has been updated by avatar: URL: https://cgit.FreeBSD.org/src/commit/?id=8011f6b0d8ba2ee18a60f3bd719f950081a474b3 commit 8011f6b0d8ba2ee18a60f3bd719f950081a474b3 Author: Tai-hwa Liang AuthorDate: 2026-05-15 14:32:03 +0000 Commit: Tai-hwa Liang CommitDate: 2026-06-09 11:51:09 +0000 if_axge: remove AXGE_RX_MII_ERR from packet dropping criteria Packets received with the following configuration are associated with AXGE_RX_MII_ERR, which looks legit since there's no AXGE_RX_CRC_ERR or AXGE_RX_DROP_PKT attached: axge0: on usbus0 miibus0: on axge0 rgephy0: PHY 3 on miibus0 rgephy0: OUI 0x00e04c, model 0x0011, rev. 5 rgephy0: none, 10baseT, 10baseT-FDX, 10baseT-FDX-flow, 100baseTX, 100baseTX-FDX, 100baseTX-FDX-flow, 1000baseT-FDX, 1000baseT-FDX-master, 1000baseT-FDX-flow, 1000baseT-FDX-flow-master, auto, auto-flow Without this, 'dhclient ue0' never gets valid lease as all the DHCP replies are dropped by the driver. This behaviour is align with the reference driver provided by the vendor(ASIX_USB_NIC_Linux_Driver_Source_v3.5.0.tar.bz2). MFC after: 2 weeks --- sys/dev/usb/net/if_axgereg.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/dev/usb/net/if_axgereg.h b/sys/dev/usb/net/if_axgereg.h index 87e662b6cbc1..5cc9edeaf3b8 100644 --- a/sys/dev/usb/net/if_axgereg.h +++ b/sys/dev/usb/net/if_axgereg.h @@ -197,7 +197,7 @@ struct axge_frame_rxhdr { #define AXGE_RXBYTES(x) (((x) & AXGE_RX_LEN_MASK) >> AXGE_RX_LEN_SHIFT) #define AXGE_RX_ERR(x) \ - ((x) & (AXGE_RX_CRC_ERR | AXGE_RX_MII_ERR | AXGE_RX_DROP_PKT)) + ((x) & (AXGE_RX_CRC_ERR | AXGE_RX_DROP_PKT)) struct axge_softc { struct usb_ether sc_ue; From nobody Tue Jun 9 13:02:38 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZTbM1mzVz6fxZY for ; Tue, 09 Jun 2026 13:02:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZTbM0Vt0z3nbd for ; Tue, 09 Jun 2026 13:02:39 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781010159; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1nDpY4kfTK69A8Gfqb+IF3wTuolEaVqmvypVniM0BdY=; b=pJCWnD4MdR1r2K6C3Go6oU7kC4iUsnZODCOrJz2mH34qHfEck51mima0MLyj3hzjsDDyzg CO89YsL5hZnVIw0/3DrcE85BB7W5jH6zDzxoPueTd+IiJw0Si7tucSM+YprQDBTWKyPyrZ lD+BdVs4lYd+JpwwQESRi29WoWI/7vzV6HSzwtsDQrdoKdy2dW/p1WD6ceNV9UztbMDfz+ X45LnpYlHc2kMwGgUrWxh2xEEcdmO0lETw5kxgrqGmL3uG/qHKeI143Skx7Sg1k2a24M9u WUcRyLh4jx0X013YTTBW1BDnunVLE6tr0E6eMEZZ2rVXHC1Mxy80lUOU4mUgbA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781010159; a=rsa-sha256; cv=none; b=aTa8SJ54L/t4zXF7v9c+B3CsLa0uJlTWvTCQ/QQ3Zl6T3tkWCeAk+/fW9WUm9cZrkhSJ02 rWyYEDeaBo6EhCJHmAJsLm0EUHUfcNXVUVVXsRyHl1LeBc+sPb1fyhD7guvdCTAxNBp6iz FagAWoeCT3VAmTXWTkP2GiiPq6AXJy3ktYZTD4uv59gpg981DbRv7p1jOp9GpaWYJA5tYV io0y3GFatqxp2Y2WMQ0kM6B4klTZOhba6rdQF+RzNgjY9sooxOV5qlb5xUxqvBFDsivfaf 2TTcNcgdoiCSDRuiCr9ecooF+8A1+aFTn6xsj+seJnIKmwY+wOxi8yncTCPpjg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781010159; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1nDpY4kfTK69A8Gfqb+IF3wTuolEaVqmvypVniM0BdY=; b=arbiNDIr9dt0E3LXHcmCu9S2kELv2uxEBLSADMrwxfj0U06cvlKTieWqe9d92hKRx9APfW Q5ZewX3wG8PC3hkLxIZtBWFHX97tJ9UOoeCpEJr3Pnj2voNwJh35eNIgrq/5orvRFT1f5u zo9U+llcXuqssY9mlrBKxpJohEpfodq5Mf4CVIBzSdlS/t8jY5cb/TJ0nii+qIdcA/gjtr QIUOhRlsYtUtTniTiBkjP/nRTwcYd6nTnDWRT0BgSQfM+CfNASB29w7o3betEcKb1Yvx+A 9R7sxtd/VWKYe+GaRdX+HC2mSHfNc75Y2M/o1evVXRaGF24VzR0N8z6V+lK7bg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZTbL71JSzc3G for ; Tue, 09 Jun 2026 13:02:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3f0f7 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 13:02:38 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 2caaf8c1c717 - stable/15 - route: Fix `flush` w/o specified address family List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 2caaf8c1c717bcebf14832b4bea5766e393ad683 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 13:02:38 +0000 Message-Id: <6a280eee.3f0f7.5364fdea@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=2caaf8c1c717bcebf14832b4bea5766e393ad683 commit 2caaf8c1c717bcebf14832b4bea5766e393ad683 Author: Ed Maste AuthorDate: 2026-05-29 16:44:09 +0000 Commit: Ed Maste CommitDate: 2026-06-09 13:02:22 +0000 route: Fix `flush` w/o specified address family PR: 291867 Reported by: gavin Reviewed by: pouria, melifaro Sponsored by: The FreeBSD Foundation Fixes: c597432e2297 ("route(8): convert to netlink") Differential Revision: https://reviews.freebsd.org/D57336 (cherry picked from commit 32a7ba251acbfb442665eed40fb4f48c8f2bd710) --- sbin/route/route_netlink.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sbin/route/route_netlink.c b/sbin/route/route_netlink.c index 5dde7501d6b4..74ebb99a9486 100644 --- a/sbin/route/route_netlink.c +++ b/sbin/route/route_netlink.c @@ -888,7 +888,8 @@ flushroutes_fib_nl(int fib, int af) struct snl_msg_info attrs = {}; print_nlmsg(&h, hdr, &attrs); } - if (r.rta_table != (uint32_t)fib || r.rtm_family != af) + if (r.rta_table != (uint32_t)fib || + (af != AF_UNSPEC && r.rtm_family != af)) continue; if ((r.rta_rtflags & RTF_GATEWAY) == 0) continue; From nobody Tue Jun 9 13:40:42 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZVRN0dS4z6g1FH for ; Tue, 09 Jun 2026 13:40:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZVRM6zNlz3qsS for ; Tue, 09 Jun 2026 13:40:47 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781012448; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=sjIPNcxYatknVZwRC9tOi1At3DZvLRfiutlse47SukI=; b=jeQlV+ZUe6qN736dt1kCsPg7lyOVd8ZElIewpxh1GcXtauu4Fxg80sS5OiN1DCAm/m3KUS lm4Fkcl2epkLv5r8yoSldwooI6kFD9jTD++8PpiTguWgZA72XZzKQF5KY4slhOIulyskgb U8K2IKZ9T0ngnUqqZsO+C+2TK0BqXQ01NkeYoPu0dcFKoaJva1WoGJH9Xj4VEZQU27u9Bw EB0fXht5rgtnoCXJ9yOTlMVWpINAXxno3930Z2TE4bV4P4GeyT9EFk74+EPHyrEuXgn5Ko +3E4IAgpZnzDUVir4Tdm8EiUDdOLR2oBxZraDARd2OsBFeWt1379LhckvuCc6g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781012448; a=rsa-sha256; cv=none; b=J9kwTpLHA2LInRDATrSYJWM3eYUnq1eg6zwGmJTX7IzRL6MSR0bLNoFc7XJ7p+bO/BPk6Z qDoRRDoHxIBiUHnWCwZyZnfWrnpW14TR659FpcmS8rurr93S4zK+qubuu0OKJw7GAjR1d4 7kW8kY0Puca6MzssLsXErlJYnt5hKpVbGpkBn6Wi4DAMetRKBtr8n9AREjKLl3/R9+0bNi zdYpJhOfFfKCgnzUmzR76rlAtK+IhepntYkbKXvCiS65B9mr3dStgsbl2jiOQ199wGGZbe 2XlTQE6ExJ2X8Y/PzL6TmhDO0WeVnUNwtcQzyvDp1EkxYTYFtFnwKEB9fDXWGA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781012448; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=sjIPNcxYatknVZwRC9tOi1At3DZvLRfiutlse47SukI=; b=Wx0bSPkuRhFNisW0D2OlPaoRpIDsN9F+OmN/vr7Qodnf4GLUerHADxOMhBT2/gKF6sGuYk hJUjZr+SbeFDnUp1KFVo+yHLEPZm5H5aQFgBRcTUFf6QGixeFM+hDUInjfu7AlYczDSwY6 WOFsu0ls93hueOCKoiZzYoPy0pKIHu2FglmE1KYgVR7mxZ9HSQNluqeg0AmnAWjgqD0zQB Dfipe52Oc47JSxVE9eZI5B/398lTUUM3+tdx1OYa7/W1DdQepqaej4K0OkDRJRdDbfBt3n 57QlASSxk9ANX9dtWd35IEO7eMN649DnamtmspeCMOTQtBeVGzwvVf013pxMSQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZVRM68Y7zdCm for ; Tue, 09 Jun 2026 13:40:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 42fa0 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 13:40:42 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 65e0e06116f4 - stable/15 - elfdump: Decode SHT_LLVM_ADDRSIG section header type List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 65e0e06116f4f55f09c31ff11ee89673a93b29c8 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 13:40:42 +0000 Message-Id: <6a2817da.42fa0.6c72f7b1@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=65e0e06116f4f55f09c31ff11ee89673a93b29c8 commit 65e0e06116f4f55f09c31ff11ee89673a93b29c8 Author: Ed Maste AuthorDate: 2026-05-18 15:43:41 +0000 Commit: Ed Maste CommitDate: 2026-06-09 13:40:28 +0000 elfdump: Decode SHT_LLVM_ADDRSIG section header type Reported by: bz Sponsored by: The FreeBSD Foundation (cherry picked from commit 3c07cfb25283d93f03cdac51158289853d0e17a8) --- usr.bin/elfdump/elfdump.c | 1 + 1 file changed, 1 insertion(+) diff --git a/usr.bin/elfdump/elfdump.c b/usr.bin/elfdump/elfdump.c index 49704cde1b08..3bca46c26cf3 100644 --- a/usr.bin/elfdump/elfdump.c +++ b/usr.bin/elfdump/elfdump.c @@ -354,6 +354,7 @@ sh_types(uint64_t machine, uint64_t sht) { } else if (sht < 0x70000000) { /* 0x60000000-0x6fffffff operating system-specific semantics */ switch (sht) { + case SHT_LLVM_ADDRSIG: return "SHT_LLVM_ADDRSIG"; case 0x6ffffff0: return "XXX:VERSYM"; case SHT_SUNW_dof: return "SHT_SUNW_dof"; case SHT_GNU_HASH: return "SHT_GNU_HASH"; From nobody Tue Jun 9 14:03:43 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZVxr6HSbz6g2wn; Tue, 09 Jun 2026 14:03:44 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R12" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZVxr5p1fz3sxw; Tue, 09 Jun 2026 14:03:44 +0000 (UTC) (envelope-from jhb@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781013824; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Kdl/BNf5/hhyuSosIwJzglIHlwssovOk9lGEJVHWf1o=; b=CZz0rZ5JDYdLNKvVwcu2VJuDEo0mqGuhRT5oymb3qhSDcw9t0FY9euQr64MPaK/FiZ/LSC jJo0gB3x5K8H4xImTY231qFHmF/lYJEpbpKPESKIruUJkDWh5PBNoezm+4xLYiwTA9wgSq ynlbBj3igpgh84tuP3tWZr+Q/HC1i/oWktAUtJcgWOwZh0A5iw0dfutaDzR7J9SGuUFFcf ndDrK/2Q8SFljOA3F3xlF1aNfpcJq1LUWYBRYrbkH+uMI+ODsGLvvljryyEDj/JvA0JEUo t5nCjCfXXDQR+FGF+T9EPbA82Ursf00kdl5aHTy6zDDY3vUn/vKc3uQ5VzrH4A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781013824; a=rsa-sha256; cv=none; b=FfgwP+IlAOhwNdB6I2P1sgugVbJUvTe8ZSAyZEWXWK7qBR+oKq/sQe/jftV90IjZuOT249 NjVglhHbMbT1PVVVjioHh5M7Fzlxwt7K+2oyqUe6sfxy5A3c2y+MBFd6fKODNKJmYKBKj+ 7bccte2E3go3jYOyw9UANLnQQzhKDAPuS9SJizYT1WHkjgg8np6v0+U7i7aNA0CvfxkEu2 /6UUDzfs8nmaWO59xpwsSdY5YUQ/oCZHu8qY4XzuRyu4XBjrwfGrSDLuzY6BL9l0+5z1N+ L+wn12N0yCzs6XAqlTjOgMCvJNy3vVP/Wa2rk8mycTZ7SxRaBRDChINxWnk6rA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781013824; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Kdl/BNf5/hhyuSosIwJzglIHlwssovOk9lGEJVHWf1o=; b=Gzt50X6NhcXVYZHKo0o1oK7/UNPxXlhyEIfvxUpqi99UsqQ31bNGkb0oNQGMa2zOmTpkze 8Vsq5LqXzOE2VJso/RbBYLxPLLBrgiZemDlxO592VNKJ0Y3K5dVeB5CXZqGfSZ8Sv5vQDE wxTYvyuinBJgULydYYepzUXxNwu3ji8u0uEQVTVFPF2OOyINrvri1zlUjd2oNNujK3sJpZ V1+5Drp6rfrIopHhfJe7/tc58Y0pp8F96pXImJ2tiSGJNXJ7DCx7cpTDyxH+5QGkfW/rwx pAnfeDD1U+IqETXPA5ABWCO5LpuRxH8Jz9xO9CuSLDOWSNJ0UgamITKlPSowCQ== Received: from [IPV6:2601:5c0:4202:5670:5830:fff7:274a:e7d2] (unknown [IPv6:2601:5c0:4202:5670:5830:fff7:274a:e7d2]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: jhb) by smtp.freebsd.org (Postfix) with ESMTPSA id 4gZVxr3cKqzLJy; Tue, 09 Jun 2026 14:03:44 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Message-ID: <387ec9ef-32a5-4600-ad88-ec7b04b0f190@FreeBSD.org> Date: Tue, 9 Jun 2026 10:03:43 -0400 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: git: ddf6fad0295a - main - etcupdate: Make nobuild the default Content-Language: en-US To: =?UTF-8?Q?Dag-Erling_Sm=C3=B8rgrav?= , Jessica Clarke Cc: "src-committers@freebsd.org" , "dev-commits-src-all@freebsd.org" , "dev-commits-src-main@freebsd.org" References: <6a22f100.42af1.51deb269@gitrepo.freebsd.org> <8E2A1D1D-F83C-4583-82B4-53B869507627@freebsd.org> <86ecihqdbj.fsf@ltc.des.dev> From: John Baldwin In-Reply-To: <86ecihqdbj.fsf@ltc.des.dev> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit On 6/8/26 11:09, Dag-Erling Smørgrav wrote: > Jessica Clarke writes: >> Dag-Erling Smørgrav writes: >>> commit ddf6fad0295aa92af5eed2a4b2fa0bd02f47d94d >>> Author: Dag-Erling Smørgrav >>> AuthorDate: 2026-06-05 15:53:25 +0000 >>> Commit: Dag-Erling Smørgrav >>> CommitDate: 2026-06-05 15:53:25 +0000 >>> >>> etcupdate: Make nobuild the default >>> >>> The common case for etcupdate is to run it after building and installing >>> the world, in which case we already have an object directory to draw on. >>> Add a -b option to turn nobuild off (opposite of -B), and turn nobuild >>> on by default. >>> >>> MFC after: 1 week >> Changing the default here seems like it might not be appropriate for MFC? > > On the contrary, the reason I'm switching is that the current default is > harmful. Harmful or slow? Certainly it is slower, but AFAIK you still get an updated /etc. Maybe the generated sendmail.mc files are slightly different from the ones you would otherwise get, but those changes are cosmetic (comments only). -- John Baldwin From nobody Tue Jun 9 14:06:09 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZW0f5fDXz6g3CZ; Tue, 09 Jun 2026 14:06:10 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R12" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZW0f50dCz3tB0; Tue, 09 Jun 2026 14:06:10 +0000 (UTC) (envelope-from jhb@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781013970; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=E45XyPOcFqEeumIjSlznwkNE89/vYXY91uX5oao7Zwg=; b=rxb1f/00TqisLnZoc6+qS1qiz6NwJpGNp6FstuQ//EWmxRiINQ6sLqWSfiSG5Qru6Bt1Ef HDnbbu4YVVHvyofZWp0GbyKj4AMIhdtZctdKWBKJxEBhOoeR5dG/+RLz8IPKR3D1bB+ypQ +IhPtu1Lwb62ZxsJVwsWUIViU7aiWbarWn0z56B4PW56iuEDC5KPhDDMue8E/fZbmxeIrr rnR98kTJQ6PDGW19rTbWmSzUiz0gBSOSLgXD47ujQ3tgytROy1tYWs5+wAoNcsXP1uoGDa ecpqsXdtw9DDggz9qrxPWvayFwDcXZK/BddpGU3V6Y1/Svq0MpjvDo4D92d5vw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781013970; a=rsa-sha256; cv=none; b=VB2J2VOrffVm3CeWEhfhIOagWo6hpNWKCdY7FjfoT8vnM4WLmyUa8v+dyw/U8763I8Zqlg nq1efGieBW/SsPvKu6BOPiGGOVcyEQbIgxNTfPFflV8QTfQOjbfqpv3PiGiVlIkwDgOUvq HTLHU6NkRRxU3lvFqs0Mqgal6QhN61nmGAT2w0flC7C1l/n2KeqYA6xOd8AW21oNorMylq YRFL+tsC523sr+ay6dDE8jr6s9n2kevwwD1gbHvxVNDz9Odh446yDxBiBQcdUaXhdayynR 2tHuCh4mlvnEDAa0uReNc0f+ICkv34tJDd4ZZIKT55NWfx3b+Zb7/TfJxWlODA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781013970; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=E45XyPOcFqEeumIjSlznwkNE89/vYXY91uX5oao7Zwg=; b=GDcNlWMmvRGY2ElY3F898TwAT8WJw96kZtJEdsve3JWimXRbto85t9HTReuyDiUgfYUigr 6pOougeV/QKhnBJ4XUbSy7sY4bhw8MWImAyLJS3oJWU6hyHh0sjR1YCqv0nFzDGZMfJYL4 kU4EANvHLXDG+jzCw0WMtdck9WI6UBnqvuYtG+J7XNUzRIZgg2IwIb4Pdyuo+hkDR6dy5C UJsvlZoWidxtwJgRY7qZpksT8Sww3JY2ACxl5h/P2p7Y4l6dh7cNa6Qm7WCbL8agKXqPfp GCh8AVGNO9ffNGK+Tc4Zoe+WRUgKPjmnCWl3XgCh/s/5EIy6f54zTqYb3J7pow== Received: from [IPV6:2601:5c0:4202:5670:4dbd:f02b:35c7:4e56] (unknown [IPv6:2601:5c0:4202:5670:4dbd:f02b:35c7:4e56]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: jhb) by smtp.freebsd.org (Postfix) with ESMTPSA id 4gZW0f2GwMzM9P; Tue, 09 Jun 2026 14:06:10 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Message-ID: <15221817-b23e-4cd2-94a9-edff4d06bb3b@FreeBSD.org> Date: Tue, 9 Jun 2026 10:06:09 -0400 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: git: 5f732742ad5b - main - libc: Add free_sized() and free_aligned_sized() as per C23 Content-Language: en-US To: Robert Clausecker , Konstantin Belousov Cc: Robert Clausecker , src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org, Faraz Vahedi References: <6a25dc0b.4729a.7f7225a7@gitrepo.freebsd.org> From: John Baldwin In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 6/9/26 05:30, Robert Clausecker wrote: > Hi Konstantin, > > Am Tue, Jun 09, 2026 at 04:38:58AM +0300 schrieb Konstantin Belousov: >> On Sun, Jun 07, 2026 at 09:00:59PM +0000, Robert Clausecker wrote: >>> The branch main has been updated by fuz: >>> >>> URL: https://cgit.FreeBSD.org/src/commit/?id=5f732742ad5b3133a860a8969cf2bd13dc9ac358 >>> >>> commit 5f732742ad5b3133a860a8969cf2bd13dc9ac358 >>> Author: Faraz Vahedi >>> AuthorDate: 2026-05-16 18:36:17 +0000 >>> Commit: Robert Clausecker >>> CommitDate: 2026-06-07 20:59:19 +0000 >>> >>> libc: Add free_sized() and free_aligned_sized() as per C23 >>> >> >>> +FBSD_1.9 { >>> + free_sized; >>> + free_aligned_sized; >> >>> + __free_sized; >>> + __free_aligned_sized; >> >> Why these two symbols (from private C namespace) need to be exported? >> And then, why they need to be exported in the public version? >> >>> +}; > > This is for consistency with the other libc allocator symbols, which are also > exported. I suppose this is useful if you e.g. wish to hook or replace the > allocation machinery, giving you access to the originals where desired. That's what RTLD_NEXT is for? -- John Baldwin From nobody Tue Jun 9 14:09:40 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4j1blRz6g3Jc for ; Tue, 09 Jun 2026 14:09:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZW4h5GRXz3tfx for ; Tue, 09 Jun 2026 14:09:40 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014180; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+iyWS350+EGLdCVAOEq1Vpzawos7AGLp2z8qhwn+5WQ=; b=BVTGvRdx5qpNHhQ/dWx+l+9lC4wJK4NIIW6anyIc+Ud4IZYElNdvLxd6t/gj95aWyyRglR FHSSKxg430Vgc9yJUhoiMHoqs8vlhQK/1mjQYILTY8BVxMM9wKayVJXQF04FSNMRRRmJgA /ihUyxYUBNg9C8cc5todS2Wwy7HQ2EjkqARgq4vG7k/CzDlwpuH8GmPtojaN1vptqY1pq2 dkmyoUy12ZVCz8DbMyfJR7njbRgNhgVgDIWxAv1fGzW3lDsEO0dqDsuiFOyUEGEA+o/pZo 5+3M76ttEtFr6bEB2xSudQaanRX1iLr9uBDTF/vak00+STcbBlXTnBVyJCBhVw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781014180; a=rsa-sha256; cv=none; b=opcgSzdlIE8OEwlo0Zgxcd6ELP2m6BtkG7Ty/YW2wfvLm79win/BEg6LOdQSfv+X50I/51 E7e0KNnUknQ/N0UFS/A7AtbldXDcE09kXpwJNFRuVe1HGJucJftPViMHL5COXR10dUajX8 w+ZILPKJFrhPGyRW3OHdILKNg+beXEHMRAwKfJ645W5+jbJfVtqaGOS0GwVnKo5BgvM/W5 TOqZKXvzuk27zYUSrUdfHZdSe8pgeIkQ3C0QzE4/uPq4B5QHyDtoDu2ISk6ldrHZEhswjK 1LtIva6Orq+qGVlSMEjbLv/j2s32tIZr8xquHW8LK+9RUdZXTO1gl1ik8gNYyw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014180; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+iyWS350+EGLdCVAOEq1Vpzawos7AGLp2z8qhwn+5WQ=; b=D2z8W5KrrTdcn02b7xRAsOma44b8R3UM3IH0/BTe6AWjmlSh+TjJC1Pc2sdp0EEDFIIPE1 cXkfI1NZr67yI2QI+jO35KXhdobeKFKJauegQq2UCZK4a2L8ckJIaJamh+ecEVBMdzcet3 nMCT8SIgxu17uVz+Gej0eIMOjs7mtkrKC9SdlTKR5H2ANdfHiX6LEkFsal9lw2nwL41Vl6 FF51E1h6ykrxlhHeQmV/gtc8AXYXL9XfMbvC7wzzHzwuOc94EayufBPadIQpQogmDK503f 3Nryx7ATKZVePOWJlUpDWupTdXNJeiMjnncuSpM8ZXTyQrx+FiUE67//Kaf7Mg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4h4qSvzdrK for ; Tue, 09 Jun 2026 14:09:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 4551c by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 14:09:40 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: beee13213e0a - stable/15 - netlink: Fix interface type match List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: beee13213e0a50e29cd693f16aaf8785e03f6c4d Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 14:09:40 +0000 Message-Id: <6a281ea4.4551c.32e41fad@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=beee13213e0a50e29cd693f16aaf8785e03f6c4d commit beee13213e0a50e29cd693f16aaf8785e03f6c4d Author: Ed Maste AuthorDate: 2026-05-22 13:35:52 +0000 Commit: Ed Maste CommitDate: 2026-06-09 13:40:28 +0000 netlink: Fix interface type match Reviewed by: bz, glebius, pouria Fixes: 7e5bf68495cc ("netlink: add netlink support") Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57167 (cherry picked from commit eff5f220c379d4173fdc0e5ec00380888bf7649a) --- sys/netlink/route/iface.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/netlink/route/iface.c b/sys/netlink/route/iface.c index 0095ba869c51..91d2d266822b 100644 --- a/sys/netlink/route/iface.c +++ b/sys/netlink/route/iface.c @@ -423,7 +423,7 @@ match_iface(if_t ifp, void *_arg) if (attrs->ifi_index != 0 && attrs->ifi_index != if_getindex(ifp)) return (false); - if (attrs->ifi_type != 0 && attrs->ifi_index != if_gettype(ifp)) + if (attrs->ifi_type != 0 && attrs->ifi_type != if_gettype(ifp)) return (false); if (attrs->ifla_ifname != NULL && strcmp(attrs->ifla_ifname, if_name(ifp))) return (false); From nobody Tue Jun 9 14:09:41 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4k1l9tz6g3Dn for ; Tue, 09 Jun 2026 14:09:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZW4j5zvXz3tcM for ; Tue, 09 Jun 2026 14:09:41 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014181; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=buRykqkRMT09mU1Wsx1juOXnat2YpPZlVkvFex0TrsI=; b=K2PajZkFsiCiaB1e4+bcqhyu2tFEyH8hZLUFWOapJnubXgyI5u1txhlFYE9VCR6RzQRdhy /S78YtrEAUAGJFE51HtUySQCG3OyHmP/IC/WRWV4Voskd0aV7j9NLhrDidAHqlyYUXSJdC mUv2WZfHHxA2UL8dlVPIFwWA5gE4NpfYBZeu86TuYGv9K3mWclzMPdVqMt/hXdqMxFIF+D dtDUju5xXVYkHCR2YrmJti/vJtRTpLmvzeAkwxman7Dw455WLVmVJX77IiARgOUNxaawWT fDASLOqTcDRLcvLkvnmR7EzfhfzCG9NL9tKRmVf7bIZuR3628j5sg0Q5dcG7Mw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781014181; a=rsa-sha256; cv=none; b=Jq1O+EcdBKuUoai/Ievu4wiRcFnXC1YngC96e8ElJpHmK1uEsisXGyAIrKPnKCQzMklt8a 4I2tyfZEpkA/gygmURlFyTryVo9dPcfoNoRTc3cCK3E/FLkZmXH6RaXiROcPkjOEOaSwyZ +K3vVHPLZJ+YnPbUeY6F1XKObHKAZJVkus/rLLZgWOZhGi2fKG7FDATGlS28QoObKWHn8l aYGUAo1Wb0jvLOcR+9UtLQmwziq6U+4dm5Z86sqd7rQJxLSsKvGXKMv11Aq3GqH0HU3SQe 37/T93+r3VyTEjR1KIhdUCM6L95tLzKdy8AbP92VQ79FNQjAgX/bxtrPEU4jDg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014181; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=buRykqkRMT09mU1Wsx1juOXnat2YpPZlVkvFex0TrsI=; b=bDCCktSKxtK2NrZYGkaLD6tHV1uQBQt1EIamL62vYhWdKaaWgy061QCBPswGtaldWZsr2g u0IaoNA9ebUsh2OKSBbBBZHAjPJHkSv58s52SGe6CNDTPacppyEv4ZQ+9kqkganmHp1gbK cdVmzmS7mJocU3gW4KX2Mz9bQKCnmE7extkaFCPbTG+ZhIQFmkoDtU5Q+nFq8+PO68kJ7Z RucjLGukhzUKZW+nr3iT0nq/9ifiWTNo/hwprY2cJdY2j47bxkmW/OhmjTPyC1OB+et7v/ 18i41ATea2XqzObNh2y19h2iaw7S8WoBv5Hg9y6avmpXdVcIEAH543Z+FYAUMA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4j5SNHzf17 for ; Tue, 09 Jun 2026 14:09:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 44650 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 14:09:41 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: e22716b6cbfc - stable/15 - netlink: Check for NULL return from npt_alloc() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: e22716b6cbfcb4c9ff1900f19c923fb84aebcae1 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 14:09:41 +0000 Message-Id: <6a281ea5.44650.66ad1466@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=e22716b6cbfcb4c9ff1900f19c923fb84aebcae1 commit e22716b6cbfcb4c9ff1900f19c923fb84aebcae1 Author: Ed Maste AuthorDate: 2026-05-22 14:41:16 +0000 Commit: Ed Maste CommitDate: 2026-06-09 13:40:29 +0000 netlink: Check for NULL return from npt_alloc() Reviewed by: glebius, pouria Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57171 (cherry picked from commit 1dbc104148845434575d1931d47876ae0ca1542f) --- sys/netlink/netlink_message_parser.c | 2 ++ sys/netlink/route/iface_drivers.c | 3 +++ sys/netlink/route/rt.c | 4 ++++ 3 files changed, 9 insertions(+) diff --git a/sys/netlink/netlink_message_parser.c b/sys/netlink/netlink_message_parser.c index 4c41235efaac..37c16ce3024f 100644 --- a/sys/netlink/netlink_message_parser.c +++ b/sys/netlink/netlink_message_parser.c @@ -90,6 +90,8 @@ nlmsg_report_cookie_u32(struct nl_pstate *npt, uint32_t val) { struct nlattr *nla = npt_alloc(npt, sizeof(*nla) + sizeof(uint32_t)); + if (nla == NULL) + return; nla->nla_type = NLMSGERR_ATTR_COOKIE; nla->nla_len = sizeof(*nla) + sizeof(uint32_t); memcpy(nla + 1, &val, sizeof(uint32_t)); diff --git a/sys/netlink/route/iface_drivers.c b/sys/netlink/route/iface_drivers.c index 4f1540740ead..31d2523a479b 100644 --- a/sys/netlink/route/iface_drivers.c +++ b/sys/netlink/route/iface_drivers.c @@ -155,6 +155,9 @@ _nl_store_ifp_cookie(struct nl_pstate *npt, struct ifnet *ifp) sizeof(ifindex) + NL_ITEM_ALIGN(ifname_len + 1); struct nlattr *nla_cookie = npt_alloc(npt, nla_len); + if (nla_cookie == NULL) + return; + /* Nested TLV */ nla_cookie->nla_len = nla_len; nla_cookie->nla_type = NLMSGERR_ATTR_COOKIE; diff --git a/sys/netlink/route/rt.c b/sys/netlink/route/rt.c index a76e00d34502..42ba3307b816 100644 --- a/sys/netlink/route/rt.c +++ b/sys/netlink/route/rt.c @@ -868,6 +868,10 @@ create_nexthop_from_attrs(struct nl_parsed_route *attrs, int num_nhops = attrs->rta_multipath->num_nhops; struct weightened_nhop *wn = npt_alloc(npt, sizeof(*wn) * num_nhops); + if (wn == NULL) { + *perror = ENOMEM; + return (NULL); + } for (int i = 0; i < num_nhops; i++) { struct rta_mpath_nh *mpnh = &attrs->rta_multipath->nhops[i]; From nobody Tue Jun 9 14:09:42 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4l1kKLz6g3C1 for ; Tue, 09 Jun 2026 14:09:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZW4k6fcsz3tpF for ; Tue, 09 Jun 2026 14:09:42 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014182; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ixH9PMi++iMgDF5rC3Hs7C98vi811JPHHjq1HBqixFc=; b=sTao4wCiMb/hq3/gcge867SLoZNB5uNq9s0nGulKptsJtQT2CXzE976+NZBd7tEXbsOEEM QyTIahYoG6xdpSRudAX5xlwLMECd0wDaU+9k+sSHfKMf1tlxC5Yp3ipAfZvU/hV5maD2pB izisqgva99rWc9fJm1yasKiQOJ1vgW5Z1gco8MVGunhSgLUNIo8AIvWixg6FLaT8NmQZ2i IuGNy8SP7o9MYBuSajIvt9FXUlRCfG2FSwgzJiDPetICTOh5xMcWoPq0Y9gW0IdY16EOeA 4wggTAPoebkXeQUeb0TrLnbL0UTpAxTScgt0+/jJ2gxFPoeCPsWiGpoDke+YlQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781014182; a=rsa-sha256; cv=none; b=wrkxyOBxms9syJuiksLCLFFvmP6cCGwouHFgwnD7trdJtqtH0SSos+l3nCS2FL8OCvkSAb K/GZouftU1ErjkrE+JljljR9nCrLpFXxdRPiyEAIb3ulPR1suXhMT7rJh2hvmPSq7aMJpC sSKrhsHYJiFDkpiNIWsbo9C7SjI7wnbV111kr5upoDbLFAazjgtabrrKZDxQ/oDWrNkjAq cNQ14KGq2tpzQ+kaYyU5CEGHXj6QAu9RLy9AWhvUe4DRmuhKjnty4fpa7U/jmLiIFnIYTJ ojHu/AJBMlyIp91BalndHEuwo360OyVrQO+cQDoLm9JN7MRQciyI26N01ZK2MA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014182; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ixH9PMi++iMgDF5rC3Hs7C98vi811JPHHjq1HBqixFc=; b=WImC6VUD0ywndUEYt83a31iTgDAA5BIES7P0JsWQfQGPhyF6RYt45JcFT9DCYuuiOFGykj r+nF9q6gzx49t02digsLL/8U8jDeooL9OE9v2+5IFvckRtuzLp8t8A4VnLEJS6Rlu4A5Cj PMdQInjPfNWnZmY/gIgYxri5rNokEPc9AEfJs7n9TFLC/5tdvAn5GIxveQOTlKgq7lMTqJ pop45qTWAryMru2cHZMWeYTt1pTtse4o26zATEEWnCi14+8PLuWmVOEsddb37+kddbWaNo XpEKtURgdpkAciYnMDS4N7Tko211+u6CUT1OJX+e/ZfmsNCHqfVK5qjh/Bi7qA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4k6FJzzdrM for ; Tue, 09 Jun 2026 14:09:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 45273 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 14:09:42 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 6c81e7622211 - stable/15 - netlink: Avoid potential undefined behaviour List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 6c81e7622211bbe2928fd45422fa55ecfbba8f1b Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 14:09:42 +0000 Message-Id: <6a281ea6.45273.3fdebcfa@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=6c81e7622211bbe2928fd45422fa55ecfbba8f1b commit 6c81e7622211bbe2928fd45422fa55ecfbba8f1b Author: Ed Maste AuthorDate: 2026-05-22 14:55:49 +0000 Commit: Ed Maste CommitDate: 2026-06-09 13:40:29 +0000 netlink: Avoid potential undefined behaviour Taking the address of an OOB array element is UB, even if not dereferenced. Reviewed by: des, bz Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57172 (cherry picked from commit 4d125ed6e7d445d574c11dc35c40ec3013559806) --- sys/netlink/netlink_generic.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/sys/netlink/netlink_generic.c b/sys/netlink/netlink_generic.c index c2f82eed5656..50c12175e14e 100644 --- a/sys/netlink/netlink_generic.c +++ b/sys/netlink/netlink_generic.c @@ -93,12 +93,10 @@ static struct genl_group { static inline struct genl_family * genl_family(uint16_t family_id) { - struct genl_family *gf; - - gf = &families[family_id - GENL_MIN_ID]; KASSERT(family_id - GENL_MIN_ID < MAX_FAMILIES && - gf->family_name != NULL, ("family %u does not exist", family_id)); - return (gf); + families[family_id - GENL_MIN_ID].family_name != NULL, + ("family %u does not exist", family_id)); + return (&families[family_id - GENL_MIN_ID]); } static inline uint16_t From nobody Tue Jun 9 14:09:43 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4m1klrz6g3Pc for ; Tue, 09 Jun 2026 14:09:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZW4m0NTrz3tt4 for ; Tue, 09 Jun 2026 14:09:44 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014184; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=AcqsyiSMDiQYKaLlX3AWoV9Y7JUCnE8PjDMKC5bZRGw=; b=ub8o9qXQ74gYnR5P4IiZlXjBh7w1bFHFrf/ieUR2IYZ3gIrSsDGguoV3tuHaF2NvcNN8UA F5JBHKOIFA8WeFPgUdHqs6Sijf5fMoLvhtCcOZpFIy5P+GOdbb2eOxlPu7ewcXHHPue+YT nZ9BFtJ+KJRxJ7rdROSou8Fbm9rWHu22aYCVbLRFjeY3SfbIipeXeMU/yTka/Shy/DBihQ xpiW2uBqgu+8h1CGJLuPXMN7ohX5P2xPZZ1zJWHMFG0B62xQjqFBzym3aiiSHRfkyAjdfU Z5mEuFqdzXLpHUndQXu24Pq0Garm5Syv9+2Ua7DdZ+dfFx2SkIjFvY9siXd0ew== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781014184; a=rsa-sha256; cv=none; b=GNwRYZcRrTIymawp23BqZU27gQtyMqDfbjV+EHFEYOVKWK8yWWVrA/otXcgTEe9BkzyNzZ RxSwRfFHsZrWxGNEGDPaOuK/QnMxQviEpGLLS9H1oubtmQu403AZGUgfAPIhCjrBGOVSYL GRwVvIreF8RabwrbRWllnOXLVkwr4bZ1km/FfbMXphuOx5OADcNhV/ZI9JiVMoy3QKcfvu ty6/tC5jyePj80UZ1sFMHJ5qbesDdDDfFau4BRCzqCXU9/ORRVk3Zmti1RXwx19PVcEAwF TWCzNs6ISnjKL3jmO1khYG8jOwG+ZGJKlUH8XISxk7zY5C2+thCrKZ2qIxvTFw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014184; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=AcqsyiSMDiQYKaLlX3AWoV9Y7JUCnE8PjDMKC5bZRGw=; b=rH0p534g9J2fHFntfRMnPIaHvq/NUUd7YIlkN6f7fLweBbKH9a/jRZI4KKAppv7BcxiPVn TVJK84HHI9p6Nx0ENOUp3vB02Yni7ZyL0QXliQokBKu7vUS/LzvHvxGxtwOvh8klxs/tDq MnG0qchfnY3kYBAYvC2rms6EZwRFjP3Rg2XEiu9bTlxJAvol1pMZBZhlr5zxC/UR0NFy53 ghWC5N7gUj6wisdRMN4Fz4vBQpgS7mOgAduUFYb3inVZ6iOXjOGF+cn0NflSxTdyK9bt8w Z5+AUtGSx1ontSr+6ZSwT/Ge/dvsPqzyuNodYi0Au2opoYWqX8ycB/PTmQDDWQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4l6zspzdYH for ; Tue, 09 Jun 2026 14:09:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 4384c by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 14:09:43 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 44e81e84181f - stable/15 - netlink: Fix RTM_GETROUTE loop for RT_TABLE_UNSPEC List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 44e81e84181fdf71c5b835e263be77ce45d6a227 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 14:09:43 +0000 Message-Id: <6a281ea7.4384c.36f6fa72@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=44e81e84181fdf71c5b835e263be77ce45d6a227 commit 44e81e84181fdf71c5b835e263be77ce45d6a227 Author: Ed Maste AuthorDate: 2026-05-22 14:27:53 +0000 Commit: Ed Maste CommitDate: 2026-06-09 13:40:29 +0000 netlink: Fix RTM_GETROUTE loop for RT_TABLE_UNSPEC Reviewed by: bz, pouria Fixes: 7e5bf68495cc ("netlink: add netlink support") Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57234 (cherry picked from commit 33acf0f26b490ea4887d820a3f45c56e3913a17d) --- sys/netlink/route/rt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/netlink/route/rt.c b/sys/netlink/route/rt.c index 42ba3307b816..ce62aad1f81b 100644 --- a/sys/netlink/route/rt.c +++ b/sys/netlink/route/rt.c @@ -696,7 +696,7 @@ handle_rtm_dump(struct nlpcb *nlp, uint32_t fibnum, int family, if (fibnum == RT_TABLE_UNSPEC) { for (int i = 0; i < V_rt_numfibs; i++) { - dump_rtable_fib(&wa, fibnum, family); + dump_rtable_fib(&wa, i, family); if (wa.error != 0) break; } From nobody Tue Jun 9 14:09:39 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4n17vfz6g37l for ; Tue, 09 Jun 2026 14:09:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZW4m5qH8z3twP for ; Tue, 09 Jun 2026 14:09:44 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014184; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SHqhG9SMIj3H+cZLNCN4a2jFoU9yIklyBi+r9lH4QnQ=; b=r7WD9pQyJHMOtGMhmQBbW1nNjFwYJ2ULL//hbEkkPfwHmiIzWnRoEMEvfyzdRDL3DURXB+ 1NnwJXyDssUgHI3ZfpPCxbQbofJMUfNt+I1DuKMH3FnuX+TFkc5QUVRi1A74TSDNnkm188 0r0PH7vwa/xwoyaMQH6GhVp6O6XRRNjWah6cdDcad4ueNhIYsls20WFJ7IbrhqC48u6Pv5 afcY+RHqEWy2o9FPoyYMIVCGYg7SZ7vHTt/AusLXFnT3OgpTDAGIVpodP/bNP2ReuOV2Vb CJiqo4Kz1+ifhXkA4KIs4BbacvUjLPZDWqjyJz7nBCv9xHpcFnn+LWCSFjk1aQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781014184; a=rsa-sha256; cv=none; b=EeeKyhRI9nSm1hErraFxXkbJcGbu6GVipJAfsEr0LM1ky99FgGz01iyZ/HFaQRaK1nATX6 DGGf1O7flwWjGsyDAz+imdzIg9FyZ3TYlrPEsHZ2lweFIwXsXBZ3EDTSsofBcD2kJ9AH/O pDOjO+gqVS11f9xneOirwyWF9Lw9yYxJfZVSKsnsUCO6g4f99dzVpFTdQTvpD9aU1oWSVU ZgrYHsPUaS93qlIGUdhBzOYu6A3WKiir/NkOF45xRQs3FiSV0GwJR02+Bra7vCXxL4fLg3 2ASWkQR5ayfeuWBr032m0Tfqbk3buODUr7q02ZpWCIhrwJcblqy/kZ8q+Vt54A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014184; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SHqhG9SMIj3H+cZLNCN4a2jFoU9yIklyBi+r9lH4QnQ=; b=k6nHL1clKIDCcmSNqHdeA5g0ospZeguePPyUPkjXnHR4aF4cHAGCLXAN1FWQF96xJ/Z0l5 vMCZXdtdyuzcqbus/BDTsxtmc6smV4THb0Z5gn0GV65Q1fLnob7f6MgD+d8uoIjgw8wNE/ 9FaTitaK4zHlToDh5npSrUoLp20TdnSxCfNCfpXtAEng60cVg28xanlE3QXDEOdaYmAB0y xtB2/XuNRpTV+pFf41+OHn+95YfReD8SFYAknRkk8SVri96if0Sx07h621xXzF7VzFgodb 1KRnezeUVfDSuCEiynZJ0wu4A/TKyDqZlZkA4uIB4TnKmB41TQw5rRcKRMeNgA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4m58YrzdYK for ; Tue, 09 Jun 2026 14:09:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 45010 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 14:09:39 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 90c11896412d - stable/15 - netlink: Avoid undefined behaviour List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 90c11896412d59c8624c4d05b2f339685fbfd586 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 14:09:39 +0000 Message-Id: <6a281ea3.45010.4edf9e2a@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=90c11896412d59c8624c4d05b2f339685fbfd586 commit 90c11896412d59c8624c4d05b2f339685fbfd586 Author: Ed Maste AuthorDate: 2026-05-22 00:50:00 +0000 Commit: Ed Maste CommitDate: 2026-06-09 13:40:28 +0000 netlink: Avoid undefined behaviour Even though it is not dereferenced, it is UB to take the address of an out of bounds array element. Reviewed by: pouria, bz, des, adrian Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57158 (cherry picked from commit 1a4ad649cb135501f0bee56a4214e8c904ca402e) --- sys/netlink/netlink_generic.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/netlink/netlink_generic.c b/sys/netlink/netlink_generic.c index fb74860e42b3..c2f82eed5656 100644 --- a/sys/netlink/netlink_generic.c +++ b/sys/netlink/netlink_generic.c @@ -127,13 +127,13 @@ genl_handle_message(struct nlmsghdr *hdr, struct nl_pstate *npt) } family_id = hdr->nlmsg_type - GENL_MIN_ID; - gf = &families[family_id]; if (__predict_false(family_id >= MAX_FAMILIES || - gf->family_name == NULL)) { + families[family_id].family_name == NULL)) { NLP_LOG(LOG_DEBUG, nlp, "invalid message type: %d", hdr->nlmsg_type); return (ENOTSUP); } + gf = &families[family_id]; struct genlmsghdr *ghdr = (struct genlmsghdr *)(hdr + 1); From nobody Tue Jun 9 14:09:46 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4p4K9Rz6g3MN for ; Tue, 09 Jun 2026 14:09:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZW4p1s49z3ttX for ; Tue, 09 Jun 2026 14:09:46 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014186; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RjWltcTPsMs62YSt+OthgS2pgJsbr8L2PMxRDIR6eoI=; b=kMEfX4Iebe5Y36Gf4UKgGOkReVyKRsWbH+0itLUgn1nho/7DJSsXWUpnvbu6kESrhKkdT8 jNwkoBGONFaW+eWdoJ2Ig69jjPebOaAmkzkGw95eTQaDxgGWkvkegRirDySEgWT5K9GJdM jXC80sq0p3IZn5S5R0sToW6FANXP5h/YrRc+XvsKKRxGLfjsGc/ey8ICCGZ+iY3h6LFLuA MxTw5tKtfEwqmhR76FmHPOwf/vkDdmMtI9WwYTjZW9mb9ueNlz/w5VSlOeZgKLWtpBUtQa 4wgdYafZSSSLzX3jOxjxWPZ1YsFfm+qVS6ZBeGf6Ks6TRAfnbwRTEMECzmcrbw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781014186; a=rsa-sha256; cv=none; b=iExyJpsH0YnaN3jBl0yPqwnfll7eNAaXpGnTYDuPQjl2XBCCTW+6b10USR7OBGTav2IWQ7 KFn1YquRdTOEObXvqZWElR1ZNt54DwBM7moIgPBJf3WemgR+WvS+clf52WdPRZIw3BdMHg chFC3vw64btbKDuQzp5a6n/RP5Li6p2jkE+9k0BREr/k7lB6yiqhZJ+6gzV1jDjz3Oy/7z 0Y1K48nPghrCRVY5t1zLtZCt7pjW6jq2pdDfdx+iZbq33yoCy5VyYLzZOevK3GYWSP+VmV th0ZRyrfWzHWMttTFhrPT4DqXL1zDS747hMI6GuWOhU5viPoUi3EdaRoJmEGig== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014186; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RjWltcTPsMs62YSt+OthgS2pgJsbr8L2PMxRDIR6eoI=; b=p+g3bBDMC5nKzqHd+P9hZYLM1EHZAidQpDpAxtXJmPahRQDVMDZqvjqkQIgtirhJPFmt5c nJxkyzS8X9tzWq9r5PNSrzSaiYsdPzWm6MeiMugh99J0UemPOIU0Wq+zhPtyDgMcGwQ2NN KUhYwsvFLId4pnwunOgaOuK7j8ZWIwwRMG6Xd79zq8qsuoRF/A8rbBLiQSVdG4nM77Ckof WRBdE/X/HqL7EVtpCXBf8iR5G9jFfncZR5bchSAPe+95FhG3KiCc5Hy+xJVZ0zQcejx3c9 PhGp+dvMwNXF643KXdDBMnP6gtetdY25HPLLYpZ2+iq0HoAf1wQvRwT7x70q6Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4p1TDtzdNM for ; Tue, 09 Jun 2026 14:09:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 4560c by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 14:09:46 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 30d907804d7d - stable/15 - netlink: Check permissions for interface flag changes List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 30d907804d7deb488fd5b43e435bc0f1a7f805a4 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 14:09:46 +0000 Message-Id: <6a281eaa.4560c.4ab0d13@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=30d907804d7deb488fd5b43e435bc0f1a7f805a4 commit 30d907804d7deb488fd5b43e435bc0f1a7f805a4 Author: Ed Maste AuthorDate: 2026-05-29 15:52:03 +0000 Commit: Ed Maste CommitDate: 2026-06-09 13:40:29 +0000 netlink: Check permissions for interface flag changes Reviewed by: pouria, melifaro Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57332 (cherry picked from commit 96dbc9a8de105065b6b1e55702aa648319176587) --- sys/netlink/route/iface_drivers.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/sys/netlink/route/iface_drivers.c b/sys/netlink/route/iface_drivers.c index d26e92044ff5..79daa4215dba 100644 --- a/sys/netlink/route/iface_drivers.c +++ b/sys/netlink/route/iface_drivers.c @@ -83,6 +83,10 @@ _nl_modify_ifp_generic(struct ifnet *ifp, struct nl_parsed_link *lattrs, if ((lattrs->ifi_change & IFF_UP) != 0 || lattrs->ifi_change == 0) { /* Request to up or down the interface */ + if (!nlp_has_priv(npt->nlp, PRIV_NET_SETIFFLAGS)) { + nlmsg_report_err_msg(npt, "Not enough privileges to set flags"); + return (EPERM); + } if (lattrs->ifi_flags & IFF_UP) if_up(ifp); else @@ -104,7 +108,7 @@ _nl_modify_ifp_generic(struct ifnet *ifp, struct nl_parsed_link *lattrs, } if ((lattrs->ifi_change & IFF_PROMISC) != 0 || - lattrs->ifi_change == 0) + lattrs->ifi_change == 0) { /* * When asking for IFF_PROMISC, set permanent flag instead * (IFF_PPROMISC) as we have no way of doing promiscuity @@ -112,7 +116,12 @@ _nl_modify_ifp_generic(struct ifnet *ifp, struct nl_parsed_link *lattrs, * function either sets or unsets IFF_PROMISC, and ifi_change * is usually set to 0xFFFFFFFF. */ + if (!nlp_has_priv(npt->nlp, PRIV_NET_SETIFFLAGS)) { + nlmsg_report_err_msg(npt, "Not enough privileges to set promisc"); + return (EPERM); + } if_setppromisc(ifp, (lattrs->ifi_flags & IFF_PROMISC) != 0); + } if (lattrs->ifla_address != NULL) { if (!nlp_has_priv(npt->nlp, PRIV_NET_SETIFMAC)) { From nobody Tue Jun 9 14:09:45 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4n31kXz6g3Gh for ; Tue, 09 Jun 2026 14:09:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZW4n25SYz3twX for ; Tue, 09 Jun 2026 14:09:45 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014185; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6UdCg+pDk89CkZDq02HuSpYnwcO+NMirgJSeAjq+yII=; b=r/H6PEmz3RNPq7TLc1g0vFEcxnQitM64YD9Vqh5t6Sn7N8BLrBfwYscqTKsj+gWfs8bPqB 1ETLcu1cC4naonmLGiYuPSkG8m2TurizQg5SBIjHM7RYdNTmDbux8VJMgX66gMBO3dGWKo Ue/djqe2LUuCFNsqwoS5nY0b5qH+3PEAmqyTs1NWcaKAwS9A4/hybY3ngfwS1Ysgsklfe7 z0Iz+UE4e7qlWElMYtaS85ViTdUG+X71f/EMAWmwYHWNnwrGuRnwN6H+WnpH/jCFBEoUJA 6Qfud0V3dCEtSdLiYQA8yX0mcWKGqFNm5nJOUSZIaTAG9I2VxYnrKIV0RlyBXQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781014185; a=rsa-sha256; cv=none; b=SGkD2WUOS2BSoR0aHQGGk5cA+8xztdbAmW+JM3t7l7QH1n0g0fCc06AdsBvo1ahiOisy7R XA0FnaX44+FBf1g/XHXE3jM36Hn398US0Q+eTg2I4ehailtnQNpIFhPVEdoAjEp6GDDp4B qvSTeVL0NA8MSi37xFDOknP1sy7rTtEjEei0qJ+zdZcgLcRubhE+TAKKzgUVg3+Nv8r0sR ldaS3XUmb5/cfgCnqxukMZpoY5aiveCto7VgbdT7qYlFvatda/p9ToEj3X9w6yib9nqvbv 1sAVfXuYJUnXwCznM4QulftKN+TLwPE210iAP2YQ/1WYJ75FAD/qnsjEtyxc6g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781014185; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6UdCg+pDk89CkZDq02HuSpYnwcO+NMirgJSeAjq+yII=; b=eNFNvNm6VpjVRPjk1O0I3LRUez68I61pp33sfAy4c99FUTg+iU5HK7LpyXH5T/FUZ7cQfG 63SIQMnh4+tgGysERdfnjVyVwOnjWZelK4EGbY2vhYeM81vLznkuY6AZekPJUTgmIXYSXA DEjDjBj6KnGwjNQnHcmx9DKHRCsxKwKdozl+FgwogfFR/0So6PbPI4hUAXxRSCC9Z4k14m LGy5w47eqtCF0aRzao6L91MCtasK+oCbNBomr5bC/EyqTE9lHKoUlrHaVT7aSu6jGrA24/ rbZs1Eqhu2Xes9ubujWuXiBQUuh2RHk4j5BBG1pvFOlYE70D2UN6Y/UCfmKT1A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZW4n0hs1zdYM for ; Tue, 09 Jun 2026 14:09:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 45d5e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 14:09:45 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: bbf019824592 - stable/15 - netlink: Use early exit pattern in _nl_modify_ifp_generic List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: bbf01982459284f08877eeac493ac272c044318c Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 14:09:45 +0000 Message-Id: <6a281ea9.45d5e.32b73e91@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=bbf01982459284f08877eeac493ac272c044318c commit bbf01982459284f08877eeac493ac272c044318c Author: Ed Maste AuthorDate: 2026-05-29 21:08:51 +0000 Commit: Ed Maste CommitDate: 2026-06-09 13:40:29 +0000 netlink: Use early exit pattern in _nl_modify_ifp_generic No functional change. Reviewed by: pouria, melifaro Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57349 (cherry picked from commit 9ddb6064f815ebdd0cfea4b2e0d3b6f0c98ea072) --- sys/netlink/route/iface_drivers.c | 53 ++++++++++++++++++--------------------- 1 file changed, 25 insertions(+), 28 deletions(-) diff --git a/sys/netlink/route/iface_drivers.c b/sys/netlink/route/iface_drivers.c index 31d2523a479b..d26e92044ff5 100644 --- a/sys/netlink/route/iface_drivers.c +++ b/sys/netlink/route/iface_drivers.c @@ -69,17 +69,16 @@ _nl_modify_ifp_generic(struct ifnet *ifp, struct nl_parsed_link *lattrs, int error; if (lattrs->ifla_ifalias != NULL) { - if (nlp_has_priv(npt->nlp, PRIV_NET_SETIFDESCR)) { - int len = strlen(lattrs->ifla_ifalias) + 1; - char *buf = if_allocdescr(len, M_WAITOK); - - memcpy(buf, lattrs->ifla_ifalias, len); - if_setdescr(ifp, buf); - if_setlastchange(ifp); - } else { + if (!nlp_has_priv(npt->nlp, PRIV_NET_SETIFDESCR)) { nlmsg_report_err_msg(npt, "Not enough privileges to set descr"); return (EPERM); } + int len = strlen(lattrs->ifla_ifalias) + 1; + char *buf = if_allocdescr(len, M_WAITOK); + + memcpy(buf, lattrs->ifla_ifalias, len); + if_setdescr(ifp, buf); + if_setlastchange(ifp); } if ((lattrs->ifi_change & IFF_UP) != 0 || lattrs->ifi_change == 0) { @@ -91,18 +90,17 @@ _nl_modify_ifp_generic(struct ifnet *ifp, struct nl_parsed_link *lattrs, } if (lattrs->ifla_mtu > 0) { - if (nlp_has_priv(npt->nlp, PRIV_NET_SETIFMTU)) { - struct ifreq ifr = { .ifr_mtu = lattrs->ifla_mtu }; - error = ifhwioctl(SIOCSIFMTU, ifp, (char *)&ifr, - curthread); - if (error != 0) { - nlmsg_report_err_msg(npt, "Failed to set mtu"); - return (error); - } - } else { + if (!nlp_has_priv(npt->nlp, PRIV_NET_SETIFMTU)) { nlmsg_report_err_msg(npt, "Not enough privileges to set mtu"); return (EPERM); } + struct ifreq ifr = { .ifr_mtu = lattrs->ifla_mtu }; + error = ifhwioctl(SIOCSIFMTU, ifp, (char *)&ifr, + curthread); + if (error != 0) { + nlmsg_report_err_msg(npt, "Failed to set mtu"); + return (error); + } } if ((lattrs->ifi_change & IFF_PROMISC) != 0 || @@ -117,21 +115,20 @@ _nl_modify_ifp_generic(struct ifnet *ifp, struct nl_parsed_link *lattrs, if_setppromisc(ifp, (lattrs->ifi_flags & IFF_PROMISC) != 0); if (lattrs->ifla_address != NULL) { - if (nlp_has_priv(npt->nlp, PRIV_NET_SETIFMAC)) { - error = if_setlladdr(ifp, - NLA_DATA(lattrs->ifla_address), - NLA_DATA_LEN(lattrs->ifla_address)); - if (error != 0) { - nlmsg_report_err_msg(npt, - "setting IFLA_ADDRESS failed with error code: %d", - error); - return (error); - } - } else { + if (!nlp_has_priv(npt->nlp, PRIV_NET_SETIFMAC)) { nlmsg_report_err_msg(npt, "Not enough privileges to set IFLA_ADDRESS"); return (EPERM); } + error = if_setlladdr(ifp, + NLA_DATA(lattrs->ifla_address), + NLA_DATA_LEN(lattrs->ifla_address)); + if (error != 0) { + nlmsg_report_err_msg(npt, + "setting IFLA_ADDRESS failed with error code: %d", + error); + return (error); + } } return (0); From nobody Tue Jun 9 14:55:47 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZX5v2pG6z6g6yq for ; Tue, 09 Jun 2026 14:55:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZX5v2B60z41nR for ; Tue, 09 Jun 2026 14:55:47 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781016947; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=2nGRMnhsKshsJv56pj+xDynjEeGgon/EieC/JA/zVcU=; b=UTXJhLvaIepo9VnZyakGQ+VaY2mTQ7BBdJ17LhAANUpPRKyBog/gvI/Ryefme2+Igiu8Xx UEtyqeOyYO+kExvJWZiiyo4dgiFAiaoKZ/uAWxfCodFpGOOU+1GXnHLWAcz6+XJJjKMGmW PvOqI1Jx7rVE6PwehsbXjXCUFLMo35Jf9XSimZCPlKDAlhoqmw5J9H5vHCgsBPKQR2LN/w 6fDmylZbskQs4uR693ltVGpcfObDaYQoA178MV6fcl3norFR/mxezkNtKsDyyEOVTteYAC Up9iJwXIkgB1vIiSE0sO2OlFJLCbzTEqNQhYfLHTgj7aDTm3AzysoGD70hSJ0g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781016947; a=rsa-sha256; cv=none; b=oDMa8E98vgGg7MF6Jw84zCybSH12DGsBAXRQ8ClomLgDLrcxioLfdWUr8k8Om7NHu99WSU +QLG3rHfkJUh1OXol8IsfFsBcnetZ3ZM0+LXSGU+GB3UL4Y5j4vXqlzHtlKEXjsBJumUue NnfFZ8S4r0WOPRrLRyfa4l7XcDioPIDXbz5s/hHo12VneA9jxfVPDeE3q7zSfchRIY4wPR wu76B2DGn5Lx5lBEWKX0YOuJ3Yw4vYvCC+WVQz7w6RmWZ9Mm/k0S8yNvRyvRUIg+jlL4em PlkxoJvP/VxxLZ6W77geQsJ74ZkoKUx/VzM0DhqWzUnCtHWr1PEFTgf+RUM8hw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781016947; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=2nGRMnhsKshsJv56pj+xDynjEeGgon/EieC/JA/zVcU=; b=PVP+VIuRXO4VRe8aygwKerTuPtczxwz95oeFHraugCH3kgoNYadFG1GcecI/w/Dft0t9dW sOFq05/k/ofafASmUULoQ60MPLlGZRoBGMB5EUev6nX0CxkAylTBHSt+ePGvMDKqcbxuCd P06ZJBXaSaXTFzyFMzbyawchiIedGAnl72MlDmEKH/QurGvb4QKDPoJwHh4Nr0RldNRAoA ZtgcUK3ERu4w7peahRxU5H4hR13W7NuT7ktXSmE3gDJe8zBrJvEWy81l+UXTpgQENtWmmy l8Yh6TWUKXqq+yMhgFgiIc9Ldzb34/0pgA/MK2UhbCUTjICQosu7loVUz7NbBw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZX5v1lLvzfp7 for ; Tue, 09 Jun 2026 14:55:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1a174 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 14:55:47 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 471b1c4ca19b - stable/15 - smsc: Add missing newline to PHY timeout error printf List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 471b1c4ca19b16693ed410da5023739a60d063f3 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 14:55:47 +0000 Message-Id: <6a282973.1a174.685f6bb8@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=471b1c4ca19b16693ed410da5023739a60d063f3 commit 471b1c4ca19b16693ed410da5023739a60d063f3 Author: Ed Maste AuthorDate: 2026-05-05 23:50:46 +0000 Commit: Ed Maste CommitDate: 2026-06-09 14:55:32 +0000 smsc: Add missing newline to PHY timeout error printf (cherry picked from commit 0979bfb0ec804590a782ea33b787ec0989c1f1a4) --- sys/dev/usb/net/if_smsc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/dev/usb/net/if_smsc.c b/sys/dev/usb/net/if_smsc.c index 0ebbf8482446..498a9ee3f926 100644 --- a/sys/dev/usb/net/if_smsc.c +++ b/sys/dev/usb/net/if_smsc.c @@ -1296,7 +1296,7 @@ smsc_phy_init(struct smsc_softc *sc) } while ((bmcr & BMCR_RESET) && ((ticks - start_ticks) < max_ticks)); if (((usb_ticks_t)(ticks - start_ticks)) >= max_ticks) { - smsc_err_printf(sc, "PHY reset timed-out"); + smsc_err_printf(sc, "PHY reset timed-out\n"); return (EIO); } From nobody Tue Jun 9 14:57:17 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZX7k4WfRz6g7Fd for ; Tue, 09 Jun 2026 14:57:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZX7k3Grkz425q for ; Tue, 09 Jun 2026 14:57:22 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781017042; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+qq9EksFt6bsmq7UffVWT5hsmhEKAe1jDGBFPM8nLgA=; b=ahkb9cL5Mo5I3+nUMBkZT/iozbt2h4Z/xNYDN3SLH+YVPMx9b0+LfY56y/u/Q3ffOQpbo9 c3I1hRN8ZpZReNA3ztmzmB/BHs0CZG2kuJxQkidPr3cVg+iJLsWHAuvCenRD9A2kSkvH89 KrAjapqO2+DFW8X8A8yUTIboOERgUMzW8SAGZb/TJ/FHrkmNbjYft779JywmgP3Qo4f0fz nE86gmAMOEZSJg4WhFLLydGf4mVvwRTixN5THjllodRI6yT/nFak16Vv9Y1rMEJncWkIWe 7nTNPNZ2rWfSAAVdzcLjwYT73iQ6NTs3NIOokgBbGb5UWdKAL722F0vrdDy8aQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781017042; a=rsa-sha256; cv=none; b=ZBY77t5XxqWBafqy6NmDQMfVzfT4kUcIE6w9LRWOyag2qMIltk6NzMsIux1nwiYugtoJv1 RxgkFfAVYt4Y2SrMSfXOtgCOYtEAPvgiVPnJm+PPhTLypLUdW8iKwvaoCa9X9ek2b8HnqX 7eF0qJJdLe9yb2xcU/kEPVk1NULv8Bw9hHg9gArei2400vDmDYK36z0xJpPVkQf7WtEeL1 fNhJu3Gauu4ttKSjCwoEmQt9//5jbvk+HFBWcxCTM/9g2PeTE2DpqgInHgv74OeS/eTQV7 hY8+2QRSNFk9sbTUGrZ8lbNQyj+r0h8DP+x/PqDQeGyHNFj4hx6gUy5m+cEpkg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781017042; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+qq9EksFt6bsmq7UffVWT5hsmhEKAe1jDGBFPM8nLgA=; b=qk3owFn2687jGV+odaZDtJbZpr47laYIxnldLQQikKr+S/hbYw993CIEi7/QBaicyBNuCu pckgXFT7rmXTlJumcFGkljmpK/ZZIIeAvXzTVGQkA4QrLYdBRAgZA1aFm7OOJuUp0A29BH 9Ilv26kLz7CC8+vgJX9e0XkO+3/TgfPqHuAEMObmvPiCQuMXcbJEGePuvYVZPfH2XNU+Y7 madBSENoOrG9IypIki7vHUhhZ9UzUg1lYgA58jV2OhZXtbjxSH6U4NvLTPARV43KzL0fRf A0cQDIJh6kb7xezaTcaDJG77vKSraxdtOHR4q7Rf7b4StmYRapEcZgCCcdrP9A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZX7k2bxhzg1H for ; Tue, 09 Jun 2026 14:57:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 47fea by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 14:57:17 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Tuukka Pasanen From: Ed Maste Subject: git: a7f0ee3c5680 - stable/15 - bsdinstall: Add SPDX-License-Identifier tags List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: a7f0ee3c568083a2e63008f2992880d754ef707e Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 14:57:17 +0000 Message-Id: <6a2829cd.47fea.3d37ce09@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=a7f0ee3c568083a2e63008f2992880d754ef707e commit a7f0ee3c568083a2e63008f2992880d754ef707e Author: Tuukka Pasanen AuthorDate: 2026-02-16 09:10:57 +0000 Commit: Ed Maste CommitDate: 2026-06-09 14:56:44 +0000 bsdinstall: Add SPDX-License-Identifier tags Reviewed by: emaste Sponsored by: The FreeBSD Foundation (cherry picked from commit 80c73c89dc6a156a119350d7c28c6db1f3b741df) --- usr.sbin/bsdinstall/partedit/partedit_efi.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/usr.sbin/bsdinstall/partedit/partedit_efi.c b/usr.sbin/bsdinstall/partedit/partedit_efi.c index 7c4f85a69b8b..21d03c6668ba 100644 --- a/usr.sbin/bsdinstall/partedit/partedit_efi.c +++ b/usr.sbin/bsdinstall/partedit/partedit_efi.c @@ -1,4 +1,6 @@ /* + * SPDX-License-Identifier: BSD-2-Clause + * * Copyright (C) 2016 Cavium Inc. * All rights reserved. * From nobody Tue Jun 9 15:14:16 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZXWL3ssDz6g8S2 for ; Tue, 09 Jun 2026 15:14:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZXWL1c29z43lK for ; Tue, 09 Jun 2026 15:14:22 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781018062; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=8AMImoK+sFsjNwiltow0ZKfKcGCL+Y4COypL5Q/0CFg=; b=mY6E+d6Thy++Ey4yxrZs3zyd36T99HxtpbfjYzsU/EBeHviqhPAxDJQfktSh+ci8hyfiOa jY4KEb4fTsceKBgm9qr3X/yeJfBpUJ0S1hxmKz6wwo6zp7BOtb3bYlHNqzPp71TL3cDqgF Xy+jHYl0IiAP2DzbOvlyu+rLtWI4kautHjRBStTgxCZA5v4yJUV5UYi7YzFTfN84SVpewD iWNShyErWd/xDj+tSKZCr8Y1WMpXc04Jy0kpYpZ9slweLYPc3N59OjWlo7SZGZd5NhExFa YjCS+Q237pDqzI9PynOuNgQBhrs70TX2AHkMmaIq4xlAFLj7S0s00aInQSS1wQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781018062; a=rsa-sha256; cv=none; b=k+pPEGJsBSYNh5QisKCqzJSryzfsg9YBBElJErK32Dj03LbNbyxYX/x2UefnBga4en3Z+9 5sTcXQs1J5vxTEL+SirYRSeRzPx5ABE/7WXlSZkdskdKI9zFLZrzGFCBvuG2hd47Zp8puN VLQwWxJYHjYiTezRw81oz1zbYtJH4SRfudyg4Vb7ZJxtRSTPXE6lhmatZKdamOymR/H92B VuevjjLn1IA67uB745wzZ4h9bYQXKnIOtRcADqtvc4fd0I1QAv69d+izQra0Pjh3sgEhmH Xx8nXsk7YZ6UZ480q46T5AbgGhxBlNAsy3vJWHUeI/8/FXBURIENOMWA7C9bxQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781018062; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=8AMImoK+sFsjNwiltow0ZKfKcGCL+Y4COypL5Q/0CFg=; b=Zauz+GvmHLehC9WtM9DQgF4slL1tl+EbUfedpAU7XsiXlfq4DAun00IuZ3iCkeXWHD6srH krrVXMSnYG5foENcgjvdx90etNP/ACSPuma7lsQeRF3N6f8IX0V0ivnHOSwwd7sXsrTRgq TXdrCcxKHQ58h/dIkPtB44GWYt8VWznvkarXx5LAZw3LfNUG6vIp6x75tT/AMULpBlV/ni /T4aGx9ws91ic6liZ/SF7NBxqcprlgz8FaSbDQKG63or4xnHRoVJO1XdDfoeqFWM032hnS V4u9uis1o/Cm7iVf+r+VRI5cIq74Mp9H2hAdmSgAUw+Rs/9rr5j6qUI/A02F6Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZXWL1B6WzgX8 for ; Tue, 09 Jun 2026 15:14:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1c13c by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 15:14:16 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Christos Margiolis Subject: git: 439b219fed3e - main - devd/snd.conf: Handle absent control device properly List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: christos X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 439b219fed3eea8ad3e1204393a8605826b8bbca Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 15:14:16 +0000 Message-Id: <6a282dc8.1c13c.25daf9e5@gitrepo.freebsd.org> The branch main has been updated by christos: URL: https://cgit.FreeBSD.org/src/commit/?id=439b219fed3eea8ad3e1204393a8605826b8bbca commit 439b219fed3eea8ad3e1204393a8605826b8bbca Author: Christos Margiolis AuthorDate: 2026-06-09 15:10:58 +0000 Commit: Christos Margiolis CommitDate: 2026-06-09 15:10:58 +0000 devd/snd.conf: Handle absent control device properly If virtual_oss is not enabled when these rules run on startup, dmesg will show the following messages: Starting devd. virtual_oss_cmd: Could not open control device: /dev/vdsp.ctl: No such file or directory virtual_oss_cmd: Could not open control device: /dev/vdsp.ctl: No such file or directory Reported by: olce, Mark Millard Sponsored by: The FreeBSD Foundation MFC after: 1 week --- sbin/devd/snd.conf | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/sbin/devd/snd.conf b/sbin/devd/snd.conf index 3fc1cb9f0b0e..ecaec62bc6cc 100644 --- a/sbin/devd/snd.conf +++ b/sbin/devd/snd.conf @@ -7,8 +7,9 @@ notify 0 { # Other audio servers or device switching commands can be used here # instead of virtual_oss(8). - action "/usr/sbin/virtual_oss_cmd \ - /dev/$(sysrc -n virtual_oss_default_control_device) -R /dev/$cdev"; + action "\ + vd=/dev/$(sysrc -n virtual_oss_default_control_device); \ + test -e ${vd} && /usr/sbin/virtual_oss_cmd ${vd} -R /dev/$cdev"; }; notify 0 { @@ -18,8 +19,9 @@ notify 0 { match "cdev" "dsp[0-9]+"; # See comment above. - action "/usr/sbin/virtual_oss_cmd \ - /dev/$(sysrc -n virtual_oss_default_control_device) -P /dev/$cdev"; + action "\ + vd=/dev/$(sysrc -n virtual_oss_default_control_device); \ + test -e ${vd} && /usr/sbin/virtual_oss_cmd ${vd} -P /dev/$cdev"; }; notify 0 { @@ -29,6 +31,7 @@ notify 0 { # No connected devices. Disable both recording and playback to avoid # repeated virtual_oss error messages. - action "/usr/sbin/virtual_oss_cmd \ - /dev/$(sysrc -n virtual_oss_default_control_device) -f /dev/null"; + action "\ + vd=/dev/$(sysrc -n virtual_oss_default_control_device); \ + test -e ${vd} && /usr/sbin/virtual_oss_cmd ${vd} -f /dev/null"; }; From nobody Tue Jun 9 16:04:30 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZYdB4rK3z6gD25 for ; Tue, 09 Jun 2026 16:04:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZYdB2mKGz4FK5 for ; Tue, 09 Jun 2026 16:04:30 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781021070; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=G5Sf7JwKl0sUMExg9o8FyRely9JW7TxyIKnJuG9lIio=; b=TvoE+ukzlmdgKmZZo+fnUGfdAy0H8IHrJdD0Bd8dGEpjvCDdLXIECwJ8vfrD/dMze2HYE7 b/kVyRIKbYidbA5I0sD5ETUBmk0jqbofpOfcXlF+f+acYEuVnd1sN6DpLA5i6NkKCI9ITx HJS3OG4BrDVrPPkB5eQ31mGUSOAtwfzmXIyXEWYGQp0qs9McLzX5qh8olEKS/iQ74gM21b YDJbBsVbJrAo4ylHM5hiPyAlDpxUvUlta7DrbXhnZGANisvzjco8TxF6++EhvIGd5S2/Bi nh5GGZNxxiBzdLoQ+CBtTS8DnzmdGlRJO9hnhqJ23Jw1Gf+CzsUrGHQlX2AQoQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781021070; a=rsa-sha256; cv=none; b=qhGEzAR281hdgIIXjmDW5S/SdV1RZHErdd5bFihdXfr9+JYNBkQRJB8Z2pFOjoHr4BBEv1 LQOIde98t8olVaGvfccYOI2MYwtKj2gcROR2ObOEF0kay4FSn5YWxEOhgcuZd9ThyCSrYp dD8w0hv4fLjmuy+SXPgV635fKHB0C4SnsrLUHPgkXJHhfNvH+EZU5lv33vuAcMGr22d4pJ MbojsToMkwl/ggiNpjwA25CD2oBeYd/LwgJoxQYfgF/4Rasi21DUARs7u6HUNUYtTpMXt2 m9zWAWdM+rzbybW+0XGDliFqWiJDU50xpAPx1OPmAnl2TgzS7HFbfN188ffH4A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781021070; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=G5Sf7JwKl0sUMExg9o8FyRely9JW7TxyIKnJuG9lIio=; b=YIEYa0XUKVzOrEAxwj8GSvBJLua2dK7NdvWdYIWoLBmcLp3stSrRj+vmTm65pSfxdCHnxN GTVQk72j+2DC37+a34Y1ePPp3FML9I76O6X52s49+XG16rpmHix0LJ3+FfxZIXqzwyRYQw MW6H0U4bBNqd50DaP+Wyw2kUiFhq/Q7SJsTz/x3d3rMljTKca2da1dETRYEUKq8W5myqYd s7acRZo2bXHMYjTJGtBltrhYDs4rIdx+hIWuwBmmCI8ltafde+nI26WXR2KsgL4OOAiWIC gz3kVT7MnSR/JlS5BLajZRGtmF3O7uJWNn+v5X6lqHkg91f8VpHsI7vPSmNFHA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZYdB2MTJzhpG for ; Tue, 09 Jun 2026 16:04:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 21df8 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 16:04:30 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Baptiste Daroussin Subject: git: 0211c8722ff2 - main - nuageinit: fix shell command injection in multiple rc.conf.d writes List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bapt X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 0211c8722ff2ac9367565e526e62837745bb2cce Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 16:04:30 +0000 Message-Id: <6a28398e.21df8.2708f907@gitrepo.freebsd.org> The branch main has been updated by bapt: URL: https://cgit.FreeBSD.org/src/commit/?id=0211c8722ff2ac9367565e526e62837745bb2cce commit 0211c8722ff2ac9367565e526e62837745bb2cce Author: Baptiste Daroussin AuthorDate: 2026-06-09 14:16:44 +0000 Commit: Baptiste Daroussin CommitDate: 2026-06-09 16:04:24 +0000 nuageinit: fix shell command injection in multiple rc.conf.d writes --- libexec/nuageinit/nuageinit | 89 ++++++++++++------------------------ libexec/nuageinit/tests/nuageinit.sh | 46 +++++++++---------- 2 files changed, 53 insertions(+), 82 deletions(-) diff --git a/libexec/nuageinit/nuageinit b/libexec/nuageinit/nuageinit index 9a0399ad4862..6e900e01df4e 100755 --- a/libexec/nuageinit/nuageinit +++ b/libexec/nuageinit/nuageinit @@ -240,37 +240,11 @@ local function nameservers(interface, obj) local resolvconf_conf_handler = open_resolvconf_conf() if obj.search then - local with_space = false - - resolvconf_conf_handler:write('search_domains="') - - for _, d in ipairs(obj.search) do - if with_space then - resolvconf_conf_handler:write(" " .. d) - else - resolvconf_conf_handler:write(d) - with_space = true - end - end - - resolvconf_conf_handler:write('"\n') + resolvconf_conf_handler:write("search_domains=" .. nuage.shell_escape(table.concat(obj.search, " ")) .. "\n") end if obj.addresses then - local with_space = false - - resolvconf_conf_handler:write('name_servers="') - - for _, a in ipairs(obj.addresses) do - if with_space then - resolvconf_conf_handler:write(" " .. a) - else - resolvconf_conf_handler:write(a) - with_space = true - end - end - - resolvconf_conf_handler:write('"\n') + resolvconf_conf_handler:write("name_servers=" .. nuage.shell_escape(table.concat(obj.addresses, " ")) .. "\n") end resolvconf_conf_handler:close() @@ -455,18 +429,18 @@ local function network_config(obj) local ifaces = get_ifaces_by_mac() local matched = ifaces[v.match.macaddress] if matched and matched == interface then - network:write("ifconfig_" .. interface .. '_name=' .. v["set-name"] .. '\n') + network:write("ifconfig_" .. interface .. "_name=" .. nuage.shell_escape(v["set-name"]) .. "\n") interface = v["set-name"] end end if v.dhcp4 then - network:write("ifconfig_" .. interface .. '="DHCP"' .. extra_opts .. '\n') + network:write("ifconfig_" .. interface .. "=" .. nuage.shell_escape("DHCP" .. extra_opts) .. "\n") elseif v.addresses then for _, a in pairs(v.addresses) do if a:match("^(%d+)%.(%d+)%.(%d+)%.(%d+)") then - network:write("ifconfig_" .. interface .. '="inet ' .. a .. extra_opts .. '"\n') + network:write("ifconfig_" .. interface .. "=" .. nuage.shell_escape("inet " .. a .. extra_opts) .. "\n") else - network:write("ifconfig_" .. interface .. '_ipv6="inet6 ' .. a .. extra_opts .. '"\n') + network:write("ifconfig_" .. interface .. "_ipv6=" .. nuage.shell_escape("inet6 " .. a .. extra_opts) .. "\n") ipv6[#ipv6 + 1] = interface end end @@ -476,24 +450,22 @@ local function network_config(obj) end if set_defaultrouter and v.gateway4 then set_defaultrouter = false - routing:write('defaultrouter="' .. v.gateway4 .. '"\n') + routing:write("defaultrouter=" .. nuage.shell_escape(v.gateway4) .. "\n") end if v.gateway6 then if set_defaultrouter6 then set_defaultrouter6 = false - routing:write('ipv6_defaultrouter="' .. v.gateway6 .. '"\n') + routing:write("ipv6_defaultrouter=" .. nuage.shell_escape(v.gateway6) .. "\n") end - routing:write("ipv6_route_" .. interface .. '="' .. v.gateway6) - routing:write(" -prefixlen 128 -interface " .. interface .. '"\n') + routing:write("ipv6_route_" .. interface .. "=" .. nuage.shell_escape(v.gateway6 .. " -prefixlen 128 -interface " .. interface) .. "\n") end end end ::next:: end if #ipv6 > 0 then - network:write('ipv6_network_interfaces="') - network:write(table.concat(ipv6, " ") .. '"\n') - network:write('ipv6_default_interface="' .. ipv6[1] .. '"\n') + network:write("ipv6_network_interfaces=" .. nuage.shell_escape(table.concat(ipv6, " ")) .. "\n") + network:write("ipv6_default_interface=" .. nuage.shell_escape(ipv6[1]) .. "\n") end network:close() routing:close() @@ -633,7 +605,7 @@ local function keyboard(obj) warnmsg("unable to open " .. path .. " for writing") return end - f:write('keymap="' .. keymap .. '"\n') + f:write("keymap=" .. nuage.shell_escape(keymap) .. "\n") f:close() end @@ -648,10 +620,14 @@ local function locale(obj) return end if type(obj.locale) == "string" then - f:write("export LANG=" .. obj.locale .. "\n") + f:write("export LANG=" .. nuage.shell_escape(obj.locale) .. "\n") elseif type(obj.locale) == "table" then for k, v in pairs(obj.locale) do - f:write("export " .. k .. "=" .. v .. "\n") + if not k:match("^[a-zA-Z_][a-zA-Z0-9_]*$") then + nuage.warn("locale: invalid variable name '" .. k .. "', skipping") + else + f:write("export " .. k .. "=" .. nuage.shell_escape(v) .. "\n") + end end else nuage.warn("locale: invalid type " .. type(obj.locale) .. ", expecting string or object") @@ -920,14 +896,14 @@ local function config2_network(p) for _, v in pairs(obj["networks"]) do local interface = mylinks[v["link"]] if v["type"] == "ipv4_dhcp" then - network:write("ifconfig_" .. interface .. '="DHCP"\n') + network:write("ifconfig_" .. interface .. "=" .. nuage.shell_escape("DHCP") .. "\n") end if v["type"] == "ipv4" then network:write( - "ifconfig_" .. interface .. '="inet ' .. v["ip_address"] .. " netmask " .. v["netmask"] .. '"\n' + "ifconfig_" .. interface .. "=" .. nuage.shell_escape("inet " .. v["ip_address"] .. " netmask " .. v["netmask"]) .. "\n" ) if v["gateway"] then - routing:write('defaultrouter="' .. v["gateway"] .. '"\n') + routing:write("defaultrouter=" .. nuage.shell_escape(v["gateway"]) .. "\n") end if v["routes"] then for i, r in ipairs(v["routes"]) do @@ -936,11 +912,10 @@ local function config2_network(p) goto next end if r["network"] == "0.0.0.0" then - routing:write('defaultrouter="' .. r["gateway"] .. '"\n') + routing:write("defaultrouter=" .. nuage.shell_escape(r["gateway"]) .. "\n") goto next end - routing:write("route_" .. rname .. '="-net ' .. r["network"] .. " ") - routing:write(r["gateway"] .. " " .. r["netmask"] .. '"\n') + routing:write("route_" .. rname .. "=" .. nuage.shell_escape("-net " .. r["network"] .. " " .. r["gateway"] .. " " .. r["netmask"]) .. "\n") ipv4[#ipv4 + 1] = rname ::next:: end @@ -949,11 +924,10 @@ local function config2_network(p) if v["type"] == "ipv6" then ipv6[#ipv6 + 1] = interface ipv6_routes[#ipv6_routes + 1] = interface - network:write("ifconfig_" .. interface .. '_ipv6="inet6 ' .. v["ip_address"] .. '"\n') + network:write("ifconfig_" .. interface .. "_ipv6=" .. nuage.shell_escape("inet6 " .. v["ip_address"]) .. "\n") if v["gateway"] then - routing:write('ipv6_defaultrouter="' .. v["gateway"] .. '"\n') - routing:write("ipv6_route_" .. interface .. '="' .. v["gateway"]) - routing:write(" -prefixlen 128 -interface " .. interface .. '"\n') + routing:write("ipv6_defaultrouter=" .. nuage.shell_escape(v["gateway"]) .. "\n") + routing:write("ipv6_route_" .. interface .. "=" .. nuage.shell_escape(v["gateway"] .. " -prefixlen 128 -interface " .. interface) .. "\n") end -- TODO compute the prefixlen for the routes --if v["routes"] then @@ -988,17 +962,14 @@ local function config2_network(p) end if #ipv4 > 0 then - routing:write('static_routes="') - routing:write(table.concat(ipv4, " ") .. '"\n') + routing:write("static_routes=" .. nuage.shell_escape(table.concat(ipv4, " ")) .. "\n") end if #ipv6 > 0 then - network:write('ipv6_network_interfaces="') - network:write(table.concat(ipv6, " ") .. '"\n') - network:write('ipv6_default_interface="' .. ipv6[1] .. '"\n') + network:write("ipv6_network_interfaces=" .. nuage.shell_escape(table.concat(ipv6, " ")) .. "\n") + network:write("ipv6_default_interface=" .. nuage.shell_escape(ipv6[1]) .. "\n") end if #ipv6_routes > 0 then - routing:write('ipv6_static_routes="') - routing:write(table.concat(ipv6, " ") .. '"\n') + routing:write("ipv6_static_routes=" .. nuage.shell_escape(table.concat(ipv6, " ")) .. "\n") end network:close() routing:close() diff --git a/libexec/nuageinit/tests/nuageinit.sh b/libexec/nuageinit/tests/nuageinit.sh index 3f3e2843c35d..ce574a350ecc 100644 --- a/libexec/nuageinit/tests/nuageinit.sh +++ b/libexec/nuageinit/tests/nuageinit.sh @@ -223,15 +223,15 @@ network: EOF atf_check /usr/libexec/nuageinit "${PWD}"/media/nuageinit nocloud cat > network << EOF -ifconfig_${myiface}="inet 192.0.2.2/24" -ifconfig_${myiface}_ipv6="inet6 2001:db8::2/64" -ipv6_network_interfaces="${myiface}" -ipv6_default_interface="${myiface}" +ifconfig_${myiface}='inet 192.0.2.2/24' +ifconfig_${myiface}_ipv6='inet6 2001:db8::2/64' +ipv6_network_interfaces='${myiface}' +ipv6_default_interface='${myiface}' EOF cat > routing << EOF -defaultrouter="192.0.2.1" -ipv6_defaultrouter="2001:db8::1" -ipv6_route_${myiface}="2001:db8::1 -prefixlen 128 -interface ${myiface}" +defaultrouter='192.0.2.1' +ipv6_defaultrouter='2001:db8::1' +ipv6_route_${myiface}='2001:db8::1 -prefixlen 128 -interface ${myiface}' EOF atf_check -o file:network cat "${PWD}"/etc/rc.conf.d/network atf_check -o file:routing cat "${PWD}"/etc/rc.conf.d/routing @@ -406,15 +406,15 @@ cat > media/nuageinit/network_data.json << EOF EOF atf_check /usr/libexec/nuageinit "${PWD}"/media/nuageinit config-2 cat > network << EOF -ifconfig_${myiface}="DHCP" -ifconfig_${myiface}_ipv6="inet6 2001:db8::3257:9652/64" -ipv6_network_interfaces="${myiface}" -ipv6_default_interface="${myiface}" +ifconfig_${myiface}='DHCP' +ifconfig_${myiface}_ipv6='inet6 2001:db8::3257:9652/64' +ipv6_network_interfaces='${myiface}' +ipv6_default_interface='${myiface}' EOF cat > routing << EOF -ipv6_defaultrouter="fd00::1" -ipv6_route_${myiface}="fd00::1 -prefixlen 128 -interface ${myiface}" -ipv6_static_routes="${myiface}" +ipv6_defaultrouter='fd00::1' +ipv6_route_${myiface}='fd00::1 -prefixlen 128 -interface ${myiface}' +ipv6_static_routes='${myiface}' EOF atf_check -o file:network cat "${PWD}"/etc/rc.conf.d/network atf_check -o file:routing cat "${PWD}"/etc/rc.conf.d/routing @@ -466,12 +466,12 @@ cat > media/nuageinit/network_data.json << EOF EOF atf_check /usr/libexec/nuageinit "${PWD}"/media/nuageinit config-2 cat > network << EOF -ifconfig_${myiface}="inet 10.184.0.244 netmask 255.255.240.0" +ifconfig_${myiface}='inet 10.184.0.244 netmask 255.255.240.0' EOF cat > routing << EOF -route_cloudinit1_${myiface}="-net 10.0.0.0 11.0.0.1 255.0.0.0" -defaultrouter="23.253.157.1" -static_routes="cloudinit1_${myiface}" +route_cloudinit1_${myiface}='-net 10.0.0.0 11.0.0.1 255.0.0.0' +defaultrouter='23.253.157.1' +static_routes='cloudinit1_${myiface}' EOF atf_check -o file:network cat "${PWD}"/etc/rc.conf.d/network atf_check -o file:routing cat "${PWD}"/etc/rc.conf.d/routing @@ -518,7 +518,7 @@ cat > media/nuageinit/network_data.json << EOF } EOF atf_check /usr/libexec/nuageinit "${PWD}"/media/nuageinit config-2 - atf_check -o inline:'name_servers="9.9.9.9 149.112.112.112"\n' \ + atf_check -o inline:"name_servers='9.9.9.9 149.112.112.112'\n" \ cat "${PWD}"/etc/resolvconf.conf } @@ -1203,7 +1203,7 @@ keyboard: variant: acc EOF atf_check -o empty /usr/libexec/nuageinit "${PWD}"/media/nuageinit config-2 - atf_check -o inline:'keymap="fr.acc"\n' cat etc/rc.conf.d/keymap + atf_check -o inline:"keymap='fr.acc'\n" cat etc/rc.conf.d/keymap true } @@ -1351,7 +1351,7 @@ config2_userdata_locale_body() locale: fr_FR.UTF-8 EOF atf_check -o empty /usr/libexec/nuageinit "${PWD}"/media/nuageinit config-2 - atf_check -o inline:"export LANG=fr_FR.UTF-8\n" cat etc/profile + atf_check -o inline:"export LANG='fr_FR.UTF-8'\n" cat etc/profile cat > media/nuageinit/user_data <; Tue, 09 Jun 2026 16:04:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZYdC3jVbz4FHF for ; Tue, 09 Jun 2026 16:04:31 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781021071; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Q0V3ER2Cu2bxqhg9sqybwxPzqjQfCYwMYFRh1FkmwMM=; b=irDMPtoBS/bjmEaYkWW9OxDfB0CHjipsNcecWEAA8eF9sRXKpKSC1Oy2xDmLwjZdrfn9e+ k87exCFb9acMa15avGxW4HXVkMy0YdJzsSKu1hkVVnc7+03+7Yyn5cFIGuojPNcR5uosW2 3MN0KVymi2RsXrLRycDvVkOExLUfAHiFW8btuOF2XzmPQICuYXA+QJJJhpm6GsdSXQeCrP Bk+H2/hKV0oc8xzxOpF9LH+DmNLRIwskBD9vFC6awVY1GJt/Nb/5QfV1cCb3TV+Ql9vT4G c8XCGipiEXuUYrn4T5Q0WWT9XM0lbbiJqtS987BWHXKq8K7/jxCSkyZCfGBwPw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781021071; a=rsa-sha256; cv=none; b=xz4tD+qimOFbC0ntBpBTpz1ptXvVJ/DjcmP8KQ1fYwZSo49glgQJt7pzOatNjjl0QB74yD kEdfUcsSTlK9QrQjYiec9Bm6UVUVbySoBnZnKNA25FpcdYJpdd/yPYYrtEq0YtPSBydcWr iQ8O+L/eNs94GbhvgI8MJZ5yvXfBXhv98bxFaL7MjumqjHxe96ZnHCLZ5xWutOrL9HF3pV B0gNywvT1ELOVIpkmJgRNGNE9Y7saaGfKbZ0/JK5+lAeRIgpdYlr0yd+4JqQp/8wvW1rRh HKykRRq0gcF4GxutFUL48W8erlPQKW4AuHS42pDmp37o6bBK84Uu1EbJCUhVfw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781021071; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Q0V3ER2Cu2bxqhg9sqybwxPzqjQfCYwMYFRh1FkmwMM=; b=UMwZ9dFfTcnoY/qf7A6GN5lksdrZwzoP3bKRrEqGWMkzcxlNinRLdXIM0dN1ff5KSv5kXB 5iDYTEdwBy6qMkX7f/0x6iT2s5QNyo0qRjMU8SGKJx9LJkLZ4s8pTZO0w08rgPcGAJevpQ GLrwVwOFAOi9C7Lzd+NScbZuVY7JWkpBpusyurKO11CPkYf6keR1srYJdeHSCtD0ca+m5b xqExhSZs8x2KzB8uDHrjES7UkGrE2wKI6BgR3EQugr7efMPCdgHv41eeQkoYj5TKh5VbOj caoUiKoUw30p8HqwQ5cpsK734IEuFjIn1UkVsqRm3EtQzoSLQPsOvJCSQMqo4g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZYdC3FjBzj4w for ; Tue, 09 Jun 2026 16:04:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 22d21 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 16:04:31 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Baptiste Daroussin Subject: git: 09d068e52722 - main - nuageinit: fix shell injection in power_state_change delay and add test List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bapt X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 09d068e52722dee0ed65eb88c5ea5bff4bb2ba06 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 16:04:31 +0000 Message-Id: <6a28398f.22d21.5d3e5e7e@gitrepo.freebsd.org> The branch main has been updated by bapt: URL: https://cgit.FreeBSD.org/src/commit/?id=09d068e52722dee0ed65eb88c5ea5bff4bb2ba06 commit 09d068e52722dee0ed65eb88c5ea5bff4bb2ba06 Author: Baptiste Daroussin AuthorDate: 2026-06-09 14:19:56 +0000 Commit: Baptiste Daroussin CommitDate: 2026-06-09 16:04:25 +0000 nuageinit: fix shell injection in power_state_change delay and add test --- libexec/nuageinit/nuageinit | 2 +- libexec/nuageinit/tests/nuageinit.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/libexec/nuageinit/nuageinit b/libexec/nuageinit/nuageinit index 6e900e01df4e..8ca1a2c558c8 100755 --- a/libexec/nuageinit/nuageinit +++ b/libexec/nuageinit/nuageinit @@ -748,7 +748,7 @@ local function power_state_change(obj) end -- Build shutdown command - local cmd = "shutdown -" .. flag .. " " .. delay + local cmd = "shutdown -" .. flag .. " " .. nuage.shell_escape(delay) if message then cmd = cmd .. " " .. nuage.shell_escape(message) end diff --git a/libexec/nuageinit/tests/nuageinit.sh b/libexec/nuageinit/tests/nuageinit.sh index ce574a350ecc..ab9e697076e1 100644 --- a/libexec/nuageinit/tests/nuageinit.sh +++ b/libexec/nuageinit/tests/nuageinit.sh @@ -1332,7 +1332,7 @@ power_state: timeout: 30 condition: true EOF - atf_check -o inline:"shutdown -r +5 'Rebooting after configuration is complete'\n" \ + atf_check -o inline:"shutdown -r '+5' 'Rebooting after configuration is complete'\n" \ /usr/libexec/nuageinit "${PWD}"/media/nuageinit postnet true } From nobody Tue Jun 9 16:04:32 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZYdD6mBmz6gCWr for ; Tue, 09 Jun 2026 16:04:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZYdD4MYlz4F88 for ; Tue, 09 Jun 2026 16:04:32 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781021072; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wbNoFlNaC34I+VUlfg2fWxYdxyZwHkj+sVHlioyp/Qg=; b=dhXm1UUAQ0+Ks0MxqVMvRhniduoDM1FpknOUtlkPlMO/gU85+H6o3nHlZAHI/VPFtn8En+ qQjs0rtph8Surfo91Imknj1rB0Lf2GAuedxcTCEDYPhSpBmwwnVUoecfSWzZ9eSYU/HWr/ Ch8rj6EZ+Cr90FadmOMoeJlFkx6Y8WkAkKFWr1Ab1d+k1DL1yT43gyYQmT9wHUOLvXSdie R03/wnSnyBpzhLRT45rxul/6VcmRSzS0zAIL03chdBKtatWE4XCCyYLBXrkHX17NnFN+4l 4aaDDSfPZ2wfXMYxEaMA4E7YHZZCXUDbwLvWdDhSZP5OYY77unNl9D0UChpI5A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781021072; a=rsa-sha256; cv=none; b=ocmrmR3B8Hvpu9tfWJAQ8l4Vx4Q4IqKB3f0eRC3j4EIPphQYPEFVD+5Gq8v0jwPub18ZCq wVQDeaR1XH9jg5+8puYxxL4ILZh6dMRVDRQv/SyOMcIh7s10hHmZvaXgXTblaPtkmkcCb5 rzDnc9+tqWnz77sFlfz2LQNsmvQe3udsY4jLad0YmBctjM4ZhZZwsUT1ha+Xqh830o5kuZ kT+VFgu2qyDeIXTj2+zurBqvfoLzNXf9iKlR8t65einZM7Dw3hpFyOxQCKQ3iajLlbYHe5 Wy49RhNkH5wIhtpiqRnTIHxKHnZjgufR1UJZh7419HEpNy4UqKnBd9FwpKfxbA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781021072; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wbNoFlNaC34I+VUlfg2fWxYdxyZwHkj+sVHlioyp/Qg=; b=HP0kLt3fow+cdmPdjJwnFrYMT2Nc9FXwBZjmtQh6tT/CnP3CdjfqycuB29O3slR+fIxfUB nuCbe6yFwFYCJlV75nD+xcB68L/Fiyx10VzuaBLqyYqvidZH5/dVcFPCors8S+q+4Zg6yS QzlqqBOKVTEgyZ5Gve/x9HsXnQjtJ1559kHl5ozlPe7QJ5kx12UawMWeEvtVSb+u/T9sx0 lEDgwvklc5gTtwykDJNdJCjKgKn/YHmjhu1wECd0VFCGEgDBqdaJX79McGLsYY7ZqFBQfO hdetmRrJzJJ+l8wQYFt1vlpWAFpE1u83PbRuLKoc2OX7XemtRvP23BpsjZq9zw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZYdD3wvBzhc3 for ; Tue, 09 Jun 2026 16:04:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 22fa1 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 16:04:32 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Baptiste Daroussin Subject: git: 13fb6dbc738f - main - nuageinit: validate set-name to prevent shell injection in variable names List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bapt X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 13fb6dbc738f4ba30e78a8fb21efa1382c520d33 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 16:04:32 +0000 Message-Id: <6a283990.22fa1.77541917@gitrepo.freebsd.org> The branch main has been updated by bapt: URL: https://cgit.FreeBSD.org/src/commit/?id=13fb6dbc738f4ba30e78a8fb21efa1382c520d33 commit 13fb6dbc738f4ba30e78a8fb21efa1382c520d33 Author: Baptiste Daroussin AuthorDate: 2026-06-09 14:24:56 +0000 Commit: Baptiste Daroussin CommitDate: 2026-06-09 16:04:25 +0000 nuageinit: validate set-name to prevent shell injection in variable names Shell variable names cannot be safely quoted with shell_escape() — only alphanumeric characters are valid. Add validation that set-name only matches [a-zA-Z0-9]+; invalid values are rejected with a warning and the rename is skipped entirely. --- libexec/nuageinit/nuageinit | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/libexec/nuageinit/nuageinit b/libexec/nuageinit/nuageinit index 8ca1a2c558c8..ba26f504effb 100755 --- a/libexec/nuageinit/nuageinit +++ b/libexec/nuageinit/nuageinit @@ -429,8 +429,12 @@ local function network_config(obj) local ifaces = get_ifaces_by_mac() local matched = ifaces[v.match.macaddress] if matched and matched == interface then - network:write("ifconfig_" .. interface .. "_name=" .. nuage.shell_escape(v["set-name"]) .. "\n") - interface = v["set-name"] + if not v["set-name"]:match("^[a-zA-Z0-9]+$") then + nuage.warn("set-name contains invalid characters, ignoring: " .. v["set-name"]) + else + network:write("ifconfig_" .. interface .. "_name=" .. nuage.shell_escape(v["set-name"]) .. "\n") + interface = v["set-name"] + end end end if v.dhcp4 then From nobody Tue Jun 9 16:04:29 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZYdH0c8Dz6gCff for ; Tue, 09 Jun 2026 16:04:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZYdG38h3z4FMj for ; Tue, 09 Jun 2026 16:04:34 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781021074; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=3TJiGReFPV3UXveF+7G88d3wsbfYcSvgsf9Y8AXvo8M=; b=etMwLuaCFvDlqe2t/ImV+2px6IqMsBukKVdcgeO9+YSXBVFTs296v/7jjb1SIdNJ25H7hF 1GaSNP/0IajXGvrfrWs/s8AbSaseTo4khKg9Hi9x0A5zJu3NnKIRAgF7oyq/twVymxLEad ZoSU7A7jgZYYrOYQW4rXjJ0z+B49Tz8zHr9F3p1KQ2xda/n6/GibcPCYBaLPA/69LZveo8 iXr1x94UyjaS5BTIFMFwBEBupaM6BasHXyO64EOTe+iBPt2B+p2KiMouw0M3M7ki/cb+AA Nzi1PI3KPC0Dh9xXyEdU15NFKuN7i6ScfZLHXib9Bk4sCNaEOYKnHDKVqd0Y7w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781021074; a=rsa-sha256; cv=none; b=d4tn0P85rAhSdfqrmJBseVEr00weefAwHZtjwg4qCBToFndawi6mljn4nZgr5w5Gwy+EB7 zcaY1a/cE1LIWZMYS/2yjTG8fz9kTfpsc62dwvVVr3pPd4X8zHy2fUSFzS0mXVMS0MPilj ji6rUE17ABFClYAjXrb3zwUtljwQn4lbjrqiNtRTDGXlWTTPcChw2aqW7j/Kequce/9/JC w/8t27Ms3sgZrv3KlWys+0HRnTWeNKKkFp15KqbdlBaQ6jKmARR6Y4O30jgV8CNJuOyIE1 c9LWauaFrGxGPdYtl1XFPppAKNH/iE0qkQdTM/w4ZT3uOb4I5mmlsZZJ2X6O8A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781021074; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=3TJiGReFPV3UXveF+7G88d3wsbfYcSvgsf9Y8AXvo8M=; b=LRviwBrgtwXKq4/MCXIM0zWVZ+PnRxWJ1neG9E/0hTWUEEZkab2iJKn8mW0O7hKvbJhWON uyKbaevKb4FWTYbX8zNVcb+ZS6XyNQHESeJIn72uA7IyJRs/dZcoCUpnF251TfDWLfRotl 8sQzAdrlaMxu9j9IXqvhkOuJW341pOloXCG+Au9uUxEjXdKBrB+eo3OJZuttRWJGnirf6v zOXjINResr1YE8kNSJlxKC2NGLyjOgWU1VFTnZOIG7SuUh7cXtYxhZdLfJ2kXRs78dJLed rzsmh+E4ziBxYfx13hET29/uFVHu3xt3uIiOfYBKS2diqLWoBom113rWyl+9hw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZYdG27HVzhv3 for ; Tue, 09 Jun 2026 16:04:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 21843 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 16:04:29 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Baptiste Daroussin Subject: git: da3890fdccfa - main - nuageinit: use single-quote shell escaping for hostname in rc.conf.d List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bapt X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: da3890fdccfa7d540ea746182248299b81f95345 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 16:04:29 +0000 Message-Id: <6a28398d.21843.2c5b50cd@gitrepo.freebsd.org> The branch main has been updated by bapt: URL: https://cgit.FreeBSD.org/src/commit/?id=da3890fdccfa7d540ea746182248299b81f95345 commit da3890fdccfa7d540ea746182248299b81f95345 Author: Baptiste Daroussin AuthorDate: 2026-06-09 14:04:18 +0000 Commit: Baptiste Daroussin CommitDate: 2026-06-09 16:04:24 +0000 nuageinit: use single-quote shell escaping for hostname in rc.conf.d The hostname value was written inside double quotes in /etc/rc.conf.d/hostname. POSIX shell performs command substitution inside double quotes, so a hostname containing $() or backticks would be executed when the file is sourced (e.g., by rc(8)). Switch to using the existing shell_escape() helper, which wraps values in single quotes. In POSIX shell, single-quoted strings are completely literal — no expansion or substitution of any kind is performed. While the hostname is already validated to contain only [a-zA-Z0-9.-], this change provides defense-in-depth so the output format is safe regardless of future validation changes. Reported by: Yazdan Soltani --- libexec/nuageinit/nuage.lua | 2 +- libexec/nuageinit/tests/nuage.sh | 2 +- libexec/nuageinit/tests/nuageinit.sh | 12 ++++++------ libexec/nuageinit/tests/sethostname.lua | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/libexec/nuageinit/nuage.lua b/libexec/nuageinit/nuage.lua index cbf92627918c..cbd842460e55 100644 --- a/libexec/nuageinit/nuage.lua +++ b/libexec/nuageinit/nuage.lua @@ -187,7 +187,7 @@ local function sethostname(hostname) warnmsg("Impossible to open " .. hostnamepath .. ":" .. err) return end - f:write('hostname="' .. hostname:gsub('"', '\\"') .. '"\n') + f:write("hostname=" .. shell_escape(hostname) .. "\n") f:close() end diff --git a/libexec/nuageinit/tests/nuage.sh b/libexec/nuageinit/tests/nuage.sh index 97c5224c7813..1e08c990eacd 100644 --- a/libexec/nuageinit/tests/nuage.sh +++ b/libexec/nuageinit/tests/nuage.sh @@ -33,7 +33,7 @@ sethostname_body() if [ ! -f etc/rc.conf.d/hostname ]; then atf_fail "hostname not written" fi - atf_check -o inline:"hostname=\"myhostname\"\n" cat etc/rc.conf.d/hostname + atf_check -o inline:"hostname='myhostname'\n" cat etc/rc.conf.d/hostname } addsshkey_body() diff --git a/libexec/nuageinit/tests/nuageinit.sh b/libexec/nuageinit/tests/nuageinit.sh index 798ac235e122..3f3e2843c35d 100644 --- a/libexec/nuageinit/tests/nuageinit.sh +++ b/libexec/nuageinit/tests/nuageinit.sh @@ -80,13 +80,13 @@ nocloud_body() atf_check -s exit:1 -e match:"nuageinit: error parsing nocloud.*" /usr/libexec/nuageinit "${PWD}"/media/nuageinit/ nocloud printf "instance-id: iid-local01\nlocal-hostname: cloudimg\n" > "${PWD}"/media/nuageinit/meta-data atf_check -s exit:0 /usr/libexec/nuageinit "${PWD}"/media/nuageinit nocloud - atf_check -o inline:"hostname=\"cloudimg\"\n" cat etc/rc.conf.d/hostname + atf_check -o inline:"hostname='cloudimg'\n" cat etc/rc.conf.d/hostname cat > media/nuageinit/meta-data << EOF instance-id: iid-local01 hostname: myhost EOF atf_check -s exit:0 /usr/libexec/nuageinit "${PWD}"/media/nuageinit nocloud - atf_check -o inline:"hostname=\"myhost\"\n" cat etc/rc.conf.d/hostname + atf_check -o inline:"hostname='myhost'\n" cat etc/rc.conf.d/hostname } nocloud_userdata_script_body() @@ -250,7 +250,7 @@ config2_body() } EOF atf_check /usr/libexec/nuageinit "${PWD}"/media/nuageinit config-2 - atf_check -o inline:"hostname=\"cloudimg\"\n" cat etc/rc.conf.d/hostname + atf_check -o inline:"hostname='cloudimg'\n" cat etc/rc.conf.d/hostname } config2_pubkeys_head() @@ -1307,7 +1307,7 @@ echo "multipart script executed" --==BOUNDARY==-- EOF atf_check -o empty /usr/libexec/nuageinit "${PWD}"/media/nuageinit config-2 - atf_check -o inline:"hostname=\"multipart-host\"\n" cat etc/rc.conf.d/hostname + atf_check -o inline:"hostname='multipart-host'\n" cat etc/rc.conf.d/hostname atf_check -o inline:"#!/bin/sh\necho \"multipart script executed\"\n" cat var/cache/nuageinit/multipart_script test -x var/cache/nuageinit/multipart_script || atf_fail "multipart_script not executable" true @@ -1376,13 +1376,13 @@ fqdn: host.domain.tld hostname: host EOF atf_check -o empty /usr/libexec/nuageinit "${PWD}"/media/nuageinit config-2 - atf_check -o inline:"hostname=\"host.domain.tld\"\n" cat ${PWD}/etc/rc.conf.d/hostname + atf_check -o inline:"hostname='host.domain.tld'\n" cat ${PWD}/etc/rc.conf.d/hostname cat > media/nuageinit/user_data <; Tue, 09 Jun 2026 16:39:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZZPK6Jf9z4JfP for ; Tue, 09 Jun 2026 16:39:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781023157; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ymTU2Xd0YUq/+2LAwG7rz57qoKJMAI9bYQbhp+pcruE=; b=pN81mWtDUihLTw+QtmrHLkodqq8ORdSgGpPWB3SlHICC870zBd+SWz8oAfVoqsc3SpwWqZ AdaRF/RimP2Vx/k+Twcf6eTB8Xcjq3/p8oOC9nFEg3JCblPpuBMnd0Nu1820CgV8I6XA4+ MA63wBmGl1xO6M9Mnx899WhREcApCYumKFATPrqrSBMEGTUKLZXNJb4n86VxFH9bD3pj0G miGEPHqWifaPkN4aJkaTsdcX3ehw/rRo+fduKRPF27MwEhthEmTYGLt1xKNEIbnSPcSC7Y ZZ26qMalNc0hUGFAVm4L51zMnfXlGrB1w4UCtEgFh0I3HJiwjRL8mOmfL5RW7Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781023157; a=rsa-sha256; cv=none; b=n2L8vaXaXsLhz9b8c4sSbomRAUjbKkrYWbkFhLu0p30L0SjFrn+u4eBthBInZ5HkeTX0Vh ryj7XxccLTfSvcapAvvb8m7OW2+IqTv9lQFRxN6+tyDBIfjJyNSimBVvm/HHX7oA674BuV 10EIQSeUtN7KpvxPcwow3h+wIkGEsbQMdQsJg7m0xhNOyaSvSisMPcH1YVsicgZGk/gvaU mOzcUpSw9Ap6OHwXioh556m9xzI8V9Gl+TuLmUGTQEyN9iBPt0Mo+avC+WLyEssNzGSzHW o2F5FxXR80defY8RAOLczQteUcRPFdJRvplB7A9yo/XoYVo4MdVZcev0Gm+d/A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781023157; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ymTU2Xd0YUq/+2LAwG7rz57qoKJMAI9bYQbhp+pcruE=; b=Q4qE43bBZLJTls3BqsDwQlFd6LR+vs6cJZfMWW8d+edZREW+YnE+tefRsUwVbjGTZc+rJZ +3L0/ViN5nw4u7C6/7ovkYQXNU9QN/2f7sR3kCCHo8nFw5aXdX0FBy8jNlclJpGyZIKf4R 8Syr+f66a78+b13A411V+tCoPYQ9PR+6xlOzPtJ9Bzo8WF0ZKXGm4xvLZ3ykilSfcXY86q O96ONiLMw06arWuLfmbX9e9eU53W5CObU12jdUN0HVAddQSU8baKG5EwCFM0LuqzYXup0s jGsRoY/KcIJHXDD3zXT8j4OErwtk3zRHkcJk9g5np3JRZmimdaP0LNCBNwxudw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZZPK5cZXzhdJ for ; Tue, 09 Jun 2026 16:39:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 2606b by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 16:39:12 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Ed Maste Subject: git: c289291a6736 - main - tty: Add sysctl knob to globally disable TIOCSTI List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: c289291a6736c01dd68fb8459ec3801859b0a59a Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 16:39:12 +0000 Message-Id: <6a2841b0.2606b.19febe36@gitrepo.freebsd.org> The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=c289291a6736c01dd68fb8459ec3801859b0a59a commit c289291a6736c01dd68fb8459ec3801859b0a59a Author: Ed Maste AuthorDate: 2026-05-25 13:59:40 +0000 Commit: Ed Maste CommitDate: 2026-06-09 16:38:54 +0000 tty: Add sysctl knob to globally disable TIOCSTI Reviewed by: markj Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57233 --- sys/kern/tty.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/sys/kern/tty.c b/sys/kern/tty.c index 3d20d225087c..13147613f7f6 100644 --- a/sys/kern/tty.c +++ b/sys/kern/tty.c @@ -101,6 +101,10 @@ static int tty_drainwait = 5 * 60; SYSCTL_INT(_kern, OID_AUTO, tty_drainwait, CTLFLAG_RWTUN, &tty_drainwait, 0, "Default output drain timeout in seconds"); +static bool tty_tiocsti = true; +SYSCTL_BOOL(_security_bsd, OID_AUTO, tiocsti, CTLFLAG_RWTUN, + &tty_tiocsti, 0, "Allow TIOCSTI ioctl"); + /* * Set TTY buffer sizes. */ @@ -1651,6 +1655,10 @@ tty_set_winsize(struct tty *tp, const struct winsize *wsz) static int tty_sti_check(struct tty *tp, int fflag, struct thread *td) { + /* Check for global disable. */ + if (!tty_tiocsti) + return (EPERM); + /* Root can bypass all of our constraints. */ if (priv_check(td, PRIV_TTY_STI) == 0) return (0); From nobody Tue Jun 9 16:58:30 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZZqc0hGZz6gHLy for ; Tue, 09 Jun 2026 16:58:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZZqb6zHgz4KmF for ; Tue, 09 Jun 2026 16:58:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781024316; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=mTwaRB4CnkNrRsU6djxBBZ4NxhNkK+UaZTb3MkT878s=; b=u2ymOJimiUgdbW+JgH+Cf3uWbQv1uO6j6yM04uo9FCQaVYp8cBlVWdlAibpTYkEpO2uXGg uD3k+KZc2MucHDcX8OW6zftC/uCK5ygjgYXRfOXRoq4VChZ72FMyXrSDlVtTuoHIvFTPSF nQOfaSSBdH0QYmiSBGM4HuvLX7q0gnveS5bBYi9k7ZiDJzdXJkWXMt6aGLPDh9DU7F0+Cc /22aoC9YpMO0uJPQ2Egqd0Iq7v0xKnNyqF03XwHzhygLTkH+fYCkv8a48ZQrKM0zX97GOI ZZE5TJ8VRwpQ4jM+9r+3wNYIymLBe9pZYIx2urLe2/CAut6m9VeMBxKD8O7CDg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781024316; a=rsa-sha256; cv=none; b=UPEc7aLLF/DTpbWB/W7AxxTgOF8s6lD5y0pZSop7kFQ5BpdTrdnH5pPHU5DBH6tyhKk+n8 tkiFPqxo3eN1iFmf/4lppNOOzfI6CHpppvuXK2lM/i2v3xCbjwmuKbAxNINTH0OsGCgc4M YKk4dt52UAEIrq21dlywO6u6mpYs2wdUx318Yq1Jre9nauFGDlxlzdd5INfilHhhxZbIEE kIIiEHWdKAnGv09KOJ4rVzQ0/48dvhRohE1kxs+3a9A+XR/5l9yiC5VBKusvYbnd4cGUum LTzfwjUWWz6COe7KnsZnc6ESXoZeotRU6ij0516y/uEAXuSZfY/mY1ZHxrmjpA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781024316; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=mTwaRB4CnkNrRsU6djxBBZ4NxhNkK+UaZTb3MkT878s=; b=NRD2GPkACUYy0/wB2ECzDpeV0H+037SH1J6aJ3Cjp97xu3OptFzWYBi2Ew+3MkMJIb/C3S SVfAglxW/yDcuRxX9clAAxZc2YabqP63HDPpOwXB+bG34LfK1NrzqaF/tUOWBMg27w/8mA sG0ewjrhCuEaG44W96MzAYS9q/bMKdTCbeoZ8pMIx1a9vaHAHzm0oJeE/l+Lw0TVLTDOlE EIoeewbyA9R1ub7UanYzoeDkn4O3qr2rZlXNTdgNTotxeHNKxgrSy7qBoIXsu+DaLny1DH 4Jf7anfPEptEaX6LIZxAqdh1yiuOBSyNnyQTMSzdPu4f+2RM6dGkndvCKAldSg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZZqb6GwCzjvC for ; Tue, 09 Jun 2026 16:58:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 27c92 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 16:58:30 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 6952ad819d6a - stable/15 - get/setpriority: Add capability mode checks List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 6952ad819d6a7c259ae1f0bd2646a35e4263f0d9 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 16:58:30 +0000 Message-Id: <6a284636.27c92.a23e87e@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=6952ad819d6a7c259ae1f0bd2646a35e4263f0d9 commit 6952ad819d6a7c259ae1f0bd2646a35e4263f0d9 Author: Ed Maste AuthorDate: 2026-05-29 20:48:34 +0000 Commit: Ed Maste CommitDate: 2026-06-09 16:57:58 +0000 get/setpriority: Add capability mode checks Reviewed by: oshogbo Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57345 (cherry picked from commit 72e34b3e3907d5fd63abf7b2246cae80641769b3) --- sys/kern/kern_resource.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c index dcd38c6e6fbe..5850d2708a11 100644 --- a/sys/kern/kern_resource.c +++ b/sys/kern/kern_resource.c @@ -37,6 +37,7 @@ #include #include #include +#include #include #include #include @@ -99,6 +100,13 @@ kern_getpriority(struct thread *td, int which, int who) struct pgrp *pg; int error, low; + if (IN_CAPABILITY_MODE(td)) { + if (which != PRIO_PROCESS) + return (ECAPMODE); + if (who != 0 && who != td->td_proc->p_pid) + return (ECAPMODE); + } + error = 0; low = PRIO_MAX + 1; switch (which) { @@ -189,6 +197,14 @@ kern_setpriority(struct thread *td, int which, int who, int prio) int found = 0, error = 0; curp = td->td_proc; + + if (IN_CAPABILITY_MODE(td)) { + if (which != PRIO_PROCESS) + return (ECAPMODE); + if (who != 0 && who != curp->p_pid) + return (ECAPMODE); + } + switch (which) { case PRIO_PROCESS: if (who == 0) { From nobody Tue Jun 9 18:30:05 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZcs93kMjz6gQPT for ; Tue, 09 Jun 2026 18:30:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZcs931LWz3FTb for ; Tue, 09 Jun 2026 18:30:05 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781029805; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vd4twXNzMlChTgP9JDfWU9614ij0zhOPXMnDlcMwV8A=; b=kvZqeJnZDv3RDdaekeEs4/Xz/6ZOB/WiILyVPEfS4lA2YEVWpoLLBno/hijbu5+wZBGQGl xytv+doQTIpLvECPiu6hQm9XmaXpidNrMua1ns/B+SrNpRZkQTN/DK9JDuFQ6raGIJMzPu Fvk2W+Bxm1hFjBKuk7Chio0JSpz35jmaq/BGPnP3C+eKE8VPib3zCBO1yF/jyKrqeDTWN0 lwfhZ9G06BluVyKJfVUMwqD0SkONBkFzr2p3x4pjY7U2AFoJWnGX5i11aLBqcsumNUqOay kQpisolTV3/wG0SvgrkcZ2iVbq4VDe769g6b9i+e9D3OFGq3BvC/BLLE6HHuRA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781029805; a=rsa-sha256; cv=none; b=mgYYjD24zwB8+hTENeMeuTZOquF8one4N++kGE+mfNjNWy6/jWjdEq0MPbUfVXqjenX2Zn g2RRc6RV5kdIdAjwaF4WyjTWes9l3TlGS2DvpIHMn/crw5Dimt7+7qc8i85U3cnBYqPcwN J4ZUxHiQdsM9VjiD6SvYfkTbuxyKIrAiaeXSKNSQFnxX1/WHEJDuX4n6k5G0bY0ZHAZxS5 nY6r0TI4jXJLAJ10eEisOyt72v4L/qftOFKHAzIz3dcKrPoow4XBFd65shRRe4wsJHF5Gd YV0KxOK4gTH+sDPm0RSe8NwCPJSkxjyScOO4Uxh/6MeDEimHI7SpdnC1DmIzzQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781029805; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vd4twXNzMlChTgP9JDfWU9614ij0zhOPXMnDlcMwV8A=; b=gnRVDitOeBZk76+oFmtR0OghdCGix2HUYHfMIloX5RUMWhzgsrny1n3Qn7PjZFiUEcT2pm hUreiRYSoAXyzglef3kISMNkNGTrf+YS3X7ItM5KLquA6YV8D51f++Ft0nTUptmvgN/IeI AqHGgVZrMf6As0tPw9mEJs4jbvkG+TxJ1Y2Hu1hLW1QJaqoyro6NW3AugQFMRcy0loRB+X ZzVsL0kqU7e+CUIGpZckLnvTofA0xwhIfCBRMSZaeB6n37INiXeBurfBBRCVdQPzbYnL/r l7+QLcfSMTEA/HSmYd3Fkdj2MnSw5ni7jHCXY73ziskQGs1CmRI+nKikJS1dMw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZcs92bkFzmB1 for ; Tue, 09 Jun 2026 18:30:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3a6a8 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 18:30:05 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Ed Maste Subject: git: c94b8eee5bcb - main - vt: Rename sysctl to security.bsd.allow_tiocsti List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: c94b8eee5bcb5f9d116cce9c831933115cfeeb19 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 18:30:05 +0000 Message-Id: <6a285bad.3a6a8.12c8440e@gitrepo.freebsd.org> The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=c94b8eee5bcb5f9d116cce9c831933115cfeeb19 commit c94b8eee5bcb5f9d116cce9c831933115cfeeb19 Author: Ed Maste AuthorDate: 2026-06-09 18:26:42 +0000 Commit: Ed Maste CommitDate: 2026-06-09 18:27:56 +0000 vt: Rename sysctl to security.bsd.allow_tiocsti This is consistent with allow_read_dir and allow_ptrace. PR: 293485 Fixes: c289291a6736 ("tty: Add sysctl knob to globally disable TIOCSTI") Sponsored by: The FreeBSD Foundation --- sys/kern/tty.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/tty.c b/sys/kern/tty.c index 13147613f7f6..ef0137dee80a 100644 --- a/sys/kern/tty.c +++ b/sys/kern/tty.c @@ -102,7 +102,7 @@ SYSCTL_INT(_kern, OID_AUTO, tty_drainwait, CTLFLAG_RWTUN, &tty_drainwait, 0, "Default output drain timeout in seconds"); static bool tty_tiocsti = true; -SYSCTL_BOOL(_security_bsd, OID_AUTO, tiocsti, CTLFLAG_RWTUN, +SYSCTL_BOOL(_security_bsd, OID_AUTO, allow_tiocsti, CTLFLAG_RWTUN, &tty_tiocsti, 0, "Allow TIOCSTI ioctl"); /* From nobody Tue Jun 9 19:07:09 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdh23ZYlz6gSdw for ; Tue, 09 Jun 2026 19:07:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdh22nXbz3JLl for ; Tue, 09 Jun 2026 19:07:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032034; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qtMlQ5rXleDbKaAnbuBRBeJSEjI7N4oJS8IFLPtzISY=; b=IVO0570WgN7s+iXyYva21BOQmV4KPW9ZZvGBLzFVqwrVhCgHuEZy2fPWWt1MktF/efk7iw 22Pm5J/wOTCTIXXdUFlUMqF8TsudEnBtQC5M8SBX3DXQzIzCbf8F9ACbv7SiIzTImbHU4L lvS+Kef2iNqf71fx9NdNRcQ6ZlEBCjkkbFEuQTj4m/qb5Gi4J39UPVhnjjhOL8oo6RzH6+ 7DoTIUrMNN6HpiGN0/Cxy7EO4J/PK4YLRe0HZtSWxViiQNLoiQiRhRHUfwLkIv5BPrXtHd 5tiTCTFcG2xcLAYWorkUzHQQv38lQQZgVIKIN3tWTu8U2wE/7sN7H2anSPIkkA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032034; a=rsa-sha256; cv=none; b=QzK4bXHbCQtqaSgQ01eWs9QyAlDFXus4QlpS7oC1A4teHywx/0bdDK6iopRW3Cl6dP56C1 zDX+PzWhOHcmm7nO3k7BazW9WstpC0cD2xT5NU1SJQUxRSmis8AUr1Mz8JoNiuq9LfsrEp db/3BD18stgsEv79kg2SgRcf2Dewi9wUqSOg11msB4ktNxdcBTiRVNFoRHEAJEAhyvNy5h HZCG23AYFBZYw40BRFHgpcsB32Gj9LF6g8OfQigkcIcsVNVoylEWeL8KcAxqTAYYjkFfEO NQH6fVNWQSdEa8v+GVNEAVz/BjCSaRaJykLUYgDnUETXj9VLK46Uv0cG/znlzg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032034; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qtMlQ5rXleDbKaAnbuBRBeJSEjI7N4oJS8IFLPtzISY=; b=dsI26RKaah8ivOuG+Zn2M1hNBu9Z1cRuTVSO0Boz1Eh563aw/yHvNTrOViR5ZrXl89QMW7 b1iSyfvQHG6X7I98qtMR26+SrpD2wqhsSs+da8jkrHy3avpwEuKtUZVAYcxizWUHjGQBoK 4zfOLvIqzwBMOYeJSLhdkeF0WnKIoncZIvEE2PuQNQB+pXSZhVhoOajO1huc3/dKQkJ3e4 YC/+KEOa2BbYBOR70hqBfBvg91fZdChzQ4oZYw0v0zWxyH7gYmOCxu6KSDPdOKU5h2kMRG 8ASbQ2JXH5H/7MU4eHEgPfwhjfh4SLL0ii0hJ3K3g4kjWgNTugG6T7pNdI/HgQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdh21yYMznFB for ; Tue, 09 Jun 2026 19:07:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c8b4 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:07:09 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org From: Enji Cooper Subject: git: a8688e45ec55..6ecbd3d6800f - vendor/openssl-3.0 - vendor branch updated List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ngie X-Git-Repository: src X-Git-Refname: refs/heads/vendor/openssl-3.0 X-Git-Reftype: branch X-Git-Commit: 6ecbd3d6800f1c273a5ab84088eb0d46504fd10d X-Git-Oldrev: a8688e45ec5509793681275a8631726fdeb5663a X-Git-Newrev: 6ecbd3d6800f1c273a5ab84088eb0d46504fd10d Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:07:09 +0000 Message-Id: <6a28645d.3c8b4.7d005be0@gitrepo.freebsd.org> The branch vendor/openssl-3.0 has been updated by ngie: URL: https://cgit.FreeBSD.org/src/log/?id=a8688e45ec55..6ecbd3d6800f 6ecbd3d6800f openssl: import 3.0.21 From nobody Tue Jun 9 19:16:47 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv40tKZz6gT8Y for ; Tue, 09 Jun 2026 19:16:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdv35JQDz3K0x for ; Tue, 09 Jun 2026 19:16:47 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032607; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4cDynXAn8CHJgtZLhsn/WLG2LLOw+iywLz8YuGelp3w=; b=mh+lzrdut8oAptoKF4kPbFJhl3wBhUCA0gEG+WQrWO2Px1kdkn6J/v8sx6fX5VbrsySugN q4/2N82cos6Zj9gc2GAv2IOxHh4+mqwP6XEOu6KEMRBusIADM1OmQZDO0RDXEs7TkNEkko daP1s6sV8N6eamFXFQJa/H8w9Uhi9XtTy6N1d2xTwdrk8lIcvmhM69BATpG9vdvqNpHKfY +/OKM7KPQ+/FgH8wm8Y30Gw+YRROOOR4v+UQSPhW1/5+2frLh5frxk7+os/ZZ4fRln3zMT oYnGuO48RvFs6boY6nHTE0CztcL1+Iurbg1rV4Cp8aK9LPpz78RjzxQMOmzw9A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032607; a=rsa-sha256; cv=none; b=pBI7xK5ZapNUEFZXROxoPmSjFytkuenAHAmh20Qo7Khg3G2hWVk60oEAD4MCxaQAkULM4w jZ3tVQePPXj+F0aA/xS4dNgwLoKNDcSAX5Fr3F37qv4dZkhDOoo8aYjS6hBSgZ+5mGDsRU 5TIjIYgcCU3Ww68NcXEQfkEwRU15PHu971UOgd+3K47yykeCB6AwvNuwb9zQ0BjNLhnvGb 4RgMIYPS51W9IehU3D2TvBQm0J5POJ+O3H9g2eRtnLcuIUjZbxG6ybYuZjJ5o2BobyTwoX kozcw/4nwIJDWw8lsdQYHaQ1eIXaVGH1+vHknfBMv+J7UvO6p96kFAN479D4oQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032607; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4cDynXAn8CHJgtZLhsn/WLG2LLOw+iywLz8YuGelp3w=; b=dO/2jss03tBDH3j+SKLIbbM3+yMEpgAVYQZodKXB33Xs9J7S7jgSa5j2Fx3bav7h6qIgte zkKak60gF4A4zDax+UaWRv/zDQTFvdCVlt+G1lIe5eh2j/v06N6vPS+b47WL3GE5tn1e0n IjocAO5/SxFModeFtQYEoNWtJ4BuZ8v3Pcs5aF/xxwddBC8jJnPEGU3PZ5BsaXY2+TtFBZ lQRwvBnFRyZuA7CiLjEou6zhOB+L8VjBgjm03yl5eAIFVod2pt6/Wq3jqW/zmIss511MeD QQOnwQxwQjoXr8t7nAsbbpS4lFXewijBSkdm+lbid69Df8q6kiUYDXdzdToSlA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv34RXJznr1 for ; Tue, 09 Jun 2026 19:16:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e490 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:16:47 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: John Baldwin From: Mark Johnston Subject: git: 3444414cb463 - main - ktls: Don't attempt to modify non-anonymous mbufs on the receive path List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 3444414cb4639ef2028abd9b46641e76eadf363d Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:16:47 +0000 Message-Id: <6a28669f.3e490.26fe08e8@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=3444414cb4639ef2028abd9b46641e76eadf363d commit 3444414cb4639ef2028abd9b46641e76eadf363d Author: John Baldwin AuthorDate: 2026-06-03 23:22:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:13:21 +0000 ktls: Don't attempt to modify non-anonymous mbufs on the receive path Normally, data processed on the KTLS receive path is contained in anonymous mbufs that can be modified in place. Either the data originates in receive buffers from a NIC driver, or for loopback connections the data is anonymous-backed mbufs created when writing to a socket. One potential source of non-anonymous mbufs are mbufs created by sendfile(2) which borrow the pages of the underlying file, either via M_EXTPG or EXT_SFBUF that are sent over a loopback connection. For a well-formed loopback TLS session, the sender should only use sendfile(2) if KTLS is enabled. If TLS is fully handled in userspace, the sender must use write(2) or send(2) which allocate anonymous mbufs. If KTLS transmit is enabled, then sendfile(2) on a loopback connection will always use crypto via OCF and will allocate anonymous pages to hold the encrypted data. However, if sendfile(2) is used to send file-backed data directly over a loopback connection where KTLS is not enabled on the sender side, the KTLS receive path can modify the file-backed pages in place overwriting the file's data. One potential fix would be to replace non-anonymous mbufs in a received TLS record with anonymous mbufs (e.g. via m_dup()) before passing the record to OCF. However, there is no legitimate use case for using sendfile(2) over a loopback TLS connection without using KTLS on the sender side, so instead simply fail decryption requests and close the connection if non-anonymous mbufs are encountered in the RX decryption path. Add a test for this that verifies that the original data backing the file descriptor used as the source for sendfile() is unchanged after being processed. Approved by: so Security: FreeBSD-SA-26:26.ktls Security: CVE-2026-45257 Co-authored-by: Drew Gallatin Sponsored by: Chelsio Communications Sponsored by: Netflix --- sys/kern/uipc_ktls.c | 17 +++++++-- sys/sys/ktls.h | 1 + tests/sys/kern/ktls_test.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 108 insertions(+), 3 deletions(-) diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c index 61d1a171c467..155c2e6e54f7 100644 --- a/sys/kern/uipc_ktls.c +++ b/sys/kern/uipc_ktls.c @@ -2396,8 +2396,10 @@ tls13_find_record_type(struct ktls_session *tls, struct mbuf *m, int tls_len, * Check if a mbuf chain is fully decrypted at the given offset and * length. Returns KTLS_MBUF_CRYPTO_ST_DECRYPTED if all data is * decrypted. KTLS_MBUF_CRYPTO_ST_MIXED if there is a mix of encrypted - * and decrypted data. Else KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data - * is encrypted. + * and decrypted data. KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data is + * encrypted. KTLS_MBUF_CRYPTO_ST_SHAREDMBUF if any mbuf points at + * shared data that must not be modified in place (non-anonymous + * M_EXTPG or sendfile M_EXT buffers). */ ktls_mbuf_crypto_st_t ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) @@ -2413,6 +2415,13 @@ ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) offset += len; for (; mb != NULL; mb = mb->m_next) { + if ((mb->m_flags & M_EXTPG) != 0 && + (mb->m_epg_flags & EPG_FLAG_ANON) == 0) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + if ((mb->m_flags & M_EXT) != 0 && + mb->m_ext.ext_type == EXT_SFBUF) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + m_flags_ored |= mb->m_flags; m_flags_anded &= mb->m_flags; @@ -2605,9 +2614,11 @@ ktls_decrypt(struct socket *so) record_type = hdr->tls_type; } break; - default: + case KTLS_MBUF_CRYPTO_ST_SHAREDMBUF: error = EINVAL; break; + default: + __assert_unreachable(); } if (error) { counter_u64_add(ktls_offload_failed_crypto, 1); diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h index 3e3f0b77e4a2..8e5950b8e2b4 100644 --- a/sys/sys/ktls.h +++ b/sys/sys/ktls.h @@ -242,6 +242,7 @@ typedef enum { KTLS_MBUF_CRYPTO_ST_MIXED = 0, KTLS_MBUF_CRYPTO_ST_ENCRYPTED = 1, KTLS_MBUF_CRYPTO_ST_DECRYPTED = -1, + KTLS_MBUF_CRYPTO_ST_SHAREDMBUF = -2, } ktls_mbuf_crypto_st_t; void ktls_check_rx(struct sockbuf *sb); diff --git a/tests/sys/kern/ktls_test.c b/tests/sys/kern/ktls_test.c index 72497196b945..3970083e7f72 100644 --- a/tests/sys/kern/ktls_test.c +++ b/tests/sys/kern/ktls_test.c @@ -30,6 +30,7 @@ #include #include #include +#include #include #include #include @@ -2817,6 +2818,97 @@ ATF_TC_BODY(ktls_listening_socket, tc) ATF_REQUIRE(close(s) == 0); } +/* + * Verify that the KTLS receive path does not overwrite data belonging + * to a file whose payload is transmitted over a loopback connection + * via plain sendfile. + */ +ATF_TC_WITHOUT_HEAD(ktls_receive_loopback_sendfile); +ATF_TC_BODY(ktls_receive_loopback_sendfile, tc) +{ + struct tls_enable en; + struct msghdr msg; + struct sf_hdtr hdtr; + struct iovec iov[2]; + uint64_t seqno; + off_t sbytes; + char cbuf[CMSG_SPACE(sizeof(struct tls_get_record))]; + char *plaintext, *ciphertext, *outbuf; + void *p; + const size_t payload_len = PAGE_SIZE; + ssize_t rv; + size_t len; + int mode, shm, sockets[2]; + socklen_t slen; + + ATF_REQUIRE_KTLS(); + seqno = random(); + build_tls_enable(tc, CRYPTO_AES_NIST_GCM_16, 128 / 8, 0, + TLS_MINOR_VER_TWO, seqno, &en); + + len = tls_header_len(&en) + payload_len + tls_trailer_len(&en); + plaintext = alloc_buffer(payload_len); + ciphertext = malloc(len); + ATF_REQUIRE_INTEQ(len, encrypt_tls_record(tc, &en, TLS_RLTYPE_APP, + seqno, plaintext, payload_len, ciphertext, len, 0)); + + ATF_REQUIRE((shm = shm_open(SHM_ANON, O_RDWR, 0600)) > 0); + ATF_REQUIRE_INTEQ(0, ftruncate(shm, payload_len)); + ATF_REQUIRE((p = mmap(NULL, payload_len, PROT_READ | PROT_WRITE, + MAP_SHARED, shm, 0)) != MAP_FAILED); + memcpy(p, ciphertext + tls_header_len(&en), payload_len); + + ATF_REQUIRE_MSG(socketpair_tcp(sockets), "failed to create sockets"); + ATF_REQUIRE(setsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_ENABLE, &en, + sizeof(en)) == 0); + slen = sizeof(mode); + ATF_REQUIRE_INTEQ(0, getsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_MODE, + &mode, &slen)); + ATF_REQUIRE_INTEQ(TCP_TLS_MODE_SW, mode); + + fd_set_blocking(sockets[0]); + fd_set_blocking(sockets[1]); + + iov[0].iov_base = ciphertext; + iov[0].iov_len = tls_header_len(&en); + iov[1].iov_base = ciphertext + tls_header_len(&en) + payload_len; + iov[1].iov_len = tls_trailer_len(&en); + hdtr.headers = iov; + hdtr.hdr_cnt = 1; + hdtr.trailers = iov + 1; + hdtr.trl_cnt = 1; + debug_hexdump(tc, p, payload_len, "shm buffer before"); + ATF_REQUIRE_INTEQ(0, sendfile(shm, sockets[1], 0, payload_len, &hdtr, + &sbytes, 0)); + ATF_REQUIRE_INTEQ(sbytes, len); + + outbuf = calloc(payload_len, 1); + + memset(&msg, 0, sizeof(msg)); + + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); + + iov[0].iov_base = outbuf; + iov[0].iov_len = payload_len; + msg.msg_iov = iov; + msg.msg_iovlen = 1; + + rv = recvmsg(sockets[0], &msg, 0); + if (rv >= 0) { + ATF_REQUIRE_INTEQ(payload_len, rv); + ATF_REQUIRE_INTEQ(0, memcmp(outbuf, plaintext, payload_len)); + } else + ATF_REQUIRE_ERRNO(EBADMSG, true); + + debug_hexdump(tc, p, payload_len, "shm buffer after"); + ATF_REQUIRE_INTEQ(0, memcmp(p, ciphertext + tls_header_len(&en), + payload_len)); + + close_sockets_ignore_errors(sockets); + (void)close(shm); +} + ATF_TP_ADD_TCS(tp) { /* Transmit tests */ @@ -2843,6 +2935,7 @@ ATF_TP_ADD_TCS(tp) /* Miscellaneous */ ATF_TP_ADD_TC(tp, ktls_sendto_baddst); ATF_TP_ADD_TC(tp, ktls_listening_socket); + ATF_TP_ADD_TC(tp, ktls_receive_loopback_sendfile); return (atf_no_error()); } From nobody Tue Jun 9 19:16:48 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv50CNQz6gTkT for ; Tue, 09 Jun 2026 19:16:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdv45dxbz3JnX for ; Tue, 09 Jun 2026 19:16:48 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032608; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vZXAdpZealDrDhBIaspHQr/0rpivbcy3aHT+QhO6OmM=; b=PkuiBxyivHKpjYDhBiIXPwIK7YY0B+YwqqtXZS08GxqQbZHHDYUO36WGzSNjbGdouViYgq vtNt3Od0ihrP8K10eGgDLsO8bDYRPwMzN2ETpW7JlRQYnbCga4We+puuXPVm+SRDAr8Pam dt6R7WAS+3hzjKG9BdDKR09otNF7NzGfmaHo4YnAbPanYK3S6qvYQkxlJm3XEEgfLMNEiC kCbMLbnj0MbqB2eb78OtiPMFVaA7X50S+XarfaZdAMHIsh3Kve6U2TUjtMEz0vVGn8FdQN iLGnzuBO/h6VvFfzT2DmhHCxtMtlgovstl4NiaUwLlOz0Di9kHqzzQxkEjGkAg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032608; a=rsa-sha256; cv=none; b=vi2pPfVBpL408xV+/NVWgLJCv4fnLFV7fCZNJmWw80CcmscFomD91c+8t2SU44OfVZSdVK fGulrx0L0XfkQr8maRrO3C5rlMO1vKbhkel/55wOartmIGW/Gf57yBldJ1flOSeBR3Tnef lQaTz6HhyLiyCVW6OQ/QBdXHNo5EODoBpZ0HGe6EO8HfXjEDCE2dchwmJQdNThW6WIc54/ WUrm8yY/M+M9VC0b5WGSd+VjkZSuZmZAxrcIJrQS3EL1+0/fw5Pfa/aUsRfTcjvGrS8cUq 3RaOr7jZskp9QwEUCLD5pBAYeqvutg3ONgJXYEA9PkzI6Y5/f59yd1zlaPRaMg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032608; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=vZXAdpZealDrDhBIaspHQr/0rpivbcy3aHT+QhO6OmM=; b=S3VimhBQ9LEBIIvztTCgSVmK0x4/Nc/d5YaGq9Ezi+tNucCqNb0NBMDyTVUPVK/hUbZeMM lmFYRn1UYyBi2Xjh4DPnYZI1zvoWi/7stxoCTlU30M4GRhiFoNRtpSuLfOu3AY6zRDT09R MuxL80liumpmgtMzXaoMVE3v56G2b2hMpLrJUzHPvQJrBuifLkTN4KSPrJDjPDaUGeJ+VJ OKSA3IznZMkmK3sxxCLhgZBEbcwShPiVqjs8vZHk4ddRpJ7HWo7Euw+xZrMlbef7L8QWc6 Cc94IWPnLLdhH5/JVyKvVXUamg6P919b7b6YVElEBbq8TspnRagL6pQRL9hYmQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv45Bs0znr3 for ; Tue, 09 Jun 2026 19:16:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d967 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:16:48 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Christos Margiolis From: Mark Johnston Subject: git: 1bb8212df187 - main - sound: Check for offset overflow in dsp_mmap_single() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 1bb8212df1878845f0a02e0375f1c4847b11e326 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:16:48 +0000 Message-Id: <6a2866a0.3d967.78a9f393@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=1bb8212df1878845f0a02e0375f1c4847b11e326 commit 1bb8212df1878845f0a02e0375f1c4847b11e326 Author: Christos Margiolis AuthorDate: 2026-05-27 15:50:33 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:13:21 +0000 sound: Check for offset overflow in dsp_mmap_single() Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-45258 Reviewed by: markj Sponsored by: The FreeBSD Foundation --- sys/dev/sound/pcm/dsp.c | 3 +++ tests/sys/sound/Makefile | 1 + tests/sys/sound/mmap.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 55 insertions(+) diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index bc92a3fbd530..30bd4ac5184e 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -1920,6 +1920,9 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, struct pcm_channel *wrch, *rdch, *c; int err; + if (*offset >= *offset + size) + return (EINVAL); + /* * https://lists.freebsd.org/pipermail/freebsd-emulation/2007-June/003698.html */ diff --git a/tests/sys/sound/Makefile b/tests/sys/sound/Makefile index ab52a7aad386..f534a8cb17e5 100644 --- a/tests/sys/sound/Makefile +++ b/tests/sys/sound/Makefile @@ -2,6 +2,7 @@ PACKAGE= tests TESTSDIR= ${TESTSBASE}/sys/sound +ATF_TESTS_C+= mmap ATF_TESTS_C+= pcm_read_write ATF_TESTS_C+= polling ATF_TESTS_C+= sndstat diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c new file mode 100644 index 000000000000..53594b7cc962 --- /dev/null +++ b/tests/sys/sound/mmap.c @@ -0,0 +1,51 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2026 The FreeBSD Foundation + */ + +#include +#include + +#include +#include +#include +#include + +#define FMT_ERR(s) s ": %s", strerror(errno) + +ATF_TC(mmap_offset_overflow); +ATF_TC_HEAD(mmap_offset_overflow, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap offset overflow test"); + atf_tc_set_md_var(tc, "require.kmods", "snd_dummy"); +} + +ATF_TC_BODY(mmap_offset_overflow, tc) +{ + uint8_t *buf; + off_t off; + size_t len; + int fd; + + fd = open("/dev/dsp.dummy", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + /* off + len will overflow and wrap back to 0. */ + off = 0xfffffffffffff000; + len = 0x1000; + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, off); + ATF_REQUIRE_MSG(buf == MAP_FAILED, FMT_ERR("mmap")); + + munmap(buf, len); + + close(fd); +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, mmap_offset_overflow); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:16:49 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv62t3cz6gTkV for ; Tue, 09 Jun 2026 19:16:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdv56PWkz3Jnk for ; Tue, 09 Jun 2026 19:16:49 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032609; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wXUXAH5IY83PRAqUvX/9ovUhTIACgbl+FlZjdXuYHiU=; b=OKaoVpkv7kjB9e+Ymsy9VkVtsaAb2hpoJPvNDUArF0frMk+BysAcKyt9U6ZZHRc5iFy5Bn IW3oa0lUp9J5A/NwDxQjePiWVbI3oM98ymcbhaRq9yz4w1wm5OhZQQ+bc/za2P4IX28LW7 L1orGBzF87FvxoJEo5kstTkSpEjCV2fSTKmOuaRQvIrmT8TU8+jSHb8xFPijyXT6nY+Nrn r6OnR4ZxP99XviC3DG7vXGV81W4ZH7pUSV9McjchLGJHxXv8dhdq+gAgY88vsXYOrhL7vg uUslssh6gc2jRl8Kr5GZ8Otzc+NOFtcRX+o+VQ3b1afZUpMsK1fcb8oOULK04Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032609; a=rsa-sha256; cv=none; b=pmvh+lPkykn3ioh3DJ31PqDMXhdRY+E2Q6T8lW+qtiW5No0UQgD15/5WrRTaqk/giyxmIr INzjsVBVFB2kdxwIVT61Jhy1aNufW1m36bopiWAm/hm+KsXoDTVBwk/04yHR2yrdYfHtXt nCFkqqQuBsfXUWmACwcd27Iqfa22Lp7pWncWVZQYAyJw2HEyGXbgTnsGCbkKhjSaywSVDu 7aIHdIcTj1xP0JpWo+iEvh5Ba+pHBD2h3FE68fpkO3vKa3X7ofA3sTcnKDeX30OK6qjj/X ITAi7jQT08ApUEyKJH+YRv88A3cWhSH8hyZOsUOOfEmtmvs0XHhvTfSkVKTYAQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032609; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wXUXAH5IY83PRAqUvX/9ovUhTIACgbl+FlZjdXuYHiU=; b=hLVn3mWLvWDpbMQ9x5f0tR1WqEGpPm7vXaXN4Ji3ZhF2p4YM3sKTB/j1cL3ty+74VbKuxW OQMqiK9yZ9dU6ugj9srv0uXy2no86grv431JGC9HLYI2YzyFqNDuhqDVh675Dut4J901aq DTNxP4VBZGRmc5U8NT/PVFppds+JV/Mx75fRBEX/ehKOs0Z2nZ/1LR6JaRZh7KQz+L/1Wu lx1NCv6tw79zh+c3TUqh8xyq3+kWw/dtgBWf8GTdZowCw6ViQo3deXxAc48m2LrzLjdQUL OWD7v6XgYSeBU5yRDrk8nsS6sRO7znJ0mjsFnFX4Jij4PuYyGNA+MMcU84Iy1w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv55wyWznkP for ; Tue, 09 Jun 2026 19:16:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d645 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:16:49 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 1b775b9ea4c1 - main - sound: Fix software buffer lifetime issues List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 1b775b9ea4c1f4eb375c4309f8d6e90edb269844 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:16:49 +0000 Message-Id: <6a2866a1.3d645.7e672f0c@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=1b775b9ea4c1f4eb375c4309f8d6e90edb269844 commit 1b775b9ea4c1f4eb375c4309f8d6e90edb269844 Author: Mark Johnston AuthorDate: 2026-06-01 21:57:40 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:13:21 +0000 sound: Fix software buffer lifetime issues The channel buffer mapped by dsp_mmap_single() may be freed when the device handle is closed, but the mapping persists beyond that, allowing userspace to read or write memory owned by a different consumer. Fix the problem by adding a reference counter to the sound buffer. Define pager ops for the VM object returned by dsp_mmap_single() and use them to manage the extra reference. Add a regression test. Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-49417 Reported by: Lexpl0it, 75Acol, Liyw979, Rob1n Reviewed by kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57393 --- sys/dev/sound/pcm/buffer.c | 38 ++++++++++++++++++-- sys/dev/sound/pcm/buffer.h | 4 +++ sys/dev/sound/pcm/dsp.c | 89 ++++++++++++++++++++++++++++++++++++++-------- tests/sys/sound/mmap.c | 60 +++++++++++++++++++++++++++++++ 4 files changed, 175 insertions(+), 16 deletions(-) diff --git a/sys/dev/sound/pcm/buffer.c b/sys/dev/sound/pcm/buffer.c index 0c574ae2908c..86278a46a731 100644 --- a/sys/dev/sound/pcm/buffer.c +++ b/sys/dev/sound/pcm/buffer.c @@ -36,6 +36,7 @@ #include "opt_snd.h" #endif +#include #include #include "feeder_if.h" @@ -50,6 +51,7 @@ sndbuf_create(struct pcm_channel *channel, const char *desc) struct snd_dbuf *b; b = malloc(sizeof(*b), M_DEVBUF, M_WAITOK | M_ZERO); + refcount_init(&b->refcount, 1); snprintf(b->name, SNDBUF_NAMELEN, "%s:%s", channel->name, desc); b->channel = channel; @@ -59,8 +61,30 @@ sndbuf_create(struct pcm_channel *channel, const char *desc) void sndbuf_destroy(struct snd_dbuf *b) { - sndbuf_free(b); - free(b, M_DEVBUF); + b->flags |= SNDBUF_F_DETACHED; + sndbuf_rele(b); +} + +void +sndbuf_ref(struct snd_dbuf *b) +{ + unsigned int count __diagused; + + CHN_LOCK(b->channel); + count = refcount_acquire(&b->refcount); + KASSERT(count > 0, ("sndbuf %p refcount 0", b)); + CHN_UNLOCK(b->channel); +} + +void +sndbuf_rele(struct snd_dbuf *b) +{ + if (refcount_release(&b->refcount)) { + sndbuf_free(b); + KASSERT(refcount_load(&b->refcount) == 0, + ("sndbuf %p still referenced", b)); + free(b, M_DEVBUF); + } } static void @@ -177,6 +201,11 @@ sndbuf_resize(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) { + CHN_UNLOCK(b->channel); + return (EBUSY); + } allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); tmpbuf = malloc(allocsize, M_DEVBUF, M_WAITOK); @@ -211,10 +240,15 @@ sndbuf_remalloc(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (blkcnt < 2 || blksz < 16) return EINVAL; + CHN_LOCKASSERT(b->channel); + bufsize = blksz * blkcnt; if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) + return (EBUSY); allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); buf = malloc(allocsize, M_DEVBUF, M_WAITOK); diff --git a/sys/dev/sound/pcm/buffer.h b/sys/dev/sound/pcm/buffer.h index 371ba2dd94ce..fee41db2ff82 100644 --- a/sys/dev/sound/pcm/buffer.h +++ b/sys/dev/sound/pcm/buffer.h @@ -31,6 +31,7 @@ */ #define SNDBUF_F_MANAGED 0x00000001 +#define SNDBUF_F_DETACHED 0x00000002 #define SNDBUF_NAMELEN 48 @@ -53,6 +54,7 @@ struct snd_dbuf { bus_dma_tag_t dmatag; bus_addr_t buf_addr; int dmaflags; + unsigned int refcount; struct selinfo sel; struct pcm_channel *channel; char name[SNDBUF_NAMELEN]; @@ -60,6 +62,8 @@ struct snd_dbuf { struct snd_dbuf *sndbuf_create(struct pcm_channel *channel, const char *desc); void sndbuf_destroy(struct snd_dbuf *b); +void sndbuf_ref(struct snd_dbuf *b); +void sndbuf_rele(struct snd_dbuf *b); int sndbuf_alloc(struct snd_dbuf *b, bus_dma_tag_t dmatag, int dmaflags, unsigned int size); int sndbuf_setup(struct snd_dbuf *b, void *buf, unsigned int size); diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index 30bd4ac5184e..089e193ee8b4 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -77,7 +77,6 @@ static d_read_t dsp_read; static d_write_t dsp_write; static d_ioctl_t dsp_ioctl; static d_poll_t dsp_poll; -static d_mmap_t dsp_mmap; static d_mmap_single_t dsp_mmap_single; static d_kqfilter_t dsp_kqfilter; @@ -89,7 +88,6 @@ struct cdevsw dsp_cdevsw = { .d_ioctl = dsp_ioctl, .d_poll = dsp_poll, .d_kqfilter = dsp_kqfilter, - .d_mmap = dsp_mmap, .d_mmap_single = dsp_mmap_single, .d_name = "dsp", }; @@ -1898,23 +1896,81 @@ dsp_poll(struct cdev *i_dev, int events, struct thread *td) return (ret); } +struct dsp_mmap_handle { + struct cdev *cdev; + struct snd_dbuf *buf; +}; + static int -dsp_mmap(struct cdev *i_dev, vm_ooffset_t offset, vm_paddr_t *paddr, - int nprot, vm_memattr_t *memattr) +dsp_dev_pager_ctor(void *handle, vm_ooffset_t size, vm_prot_t prot, + vm_ooffset_t foff, struct ucred *cred, u_short *color) { + struct dsp_mmap_handle *h = handle; - /* - * offset is in range due to checks in dsp_mmap_single(). - * XXX memattr is not honored. - */ - *paddr = vtophys(offset); + dev_ref(h->cdev); + sndbuf_ref(h->buf); return (0); } +static void +dsp_dev_pager_dtor(void *handle) +{ + struct dsp_mmap_handle *h = handle; + + sndbuf_rele(h->buf); + dev_rel(h->cdev); + free(h, M_DEVBUF); +} + +static int +dsp_dev_pager_fault(vm_object_t object, vm_ooffset_t offset, int prot, + vm_page_t *mres) +{ + struct dsp_mmap_handle *h = object->handle; + vm_page_t m; + uintptr_t addr; + vm_paddr_t paddr; + + addr = (uintptr_t)offset; + if (addr < (uintptr_t)h->buf->buf || + addr >= (uintptr_t)h->buf->buf + h->buf->allocsize) + return (VM_PAGER_ERROR); + paddr = vtophys((void *)addr); + + if (((*mres)->flags & PG_FICTITIOUS) != 0) { + m = *mres; + vm_page_updatefake(m, paddr, object->memattr); + } else { + VM_OBJECT_WUNLOCK(object); + m = vm_page_getfake(paddr, object->memattr); + VM_OBJECT_WLOCK(object); + vm_page_replace(m, object, (*mres)->pindex, *mres); + *mres = m; + } + m->valid = VM_PAGE_BITS_ALL; + return (VM_PAGER_OK); +} + +static void +dsp_dev_pager_path(void *handle, char *path, size_t len) +{ + struct dsp_mmap_handle *h = handle; + + dev_copyname(h->cdev, path, len); +} + +static const struct cdev_pager_ops dsp_dev_pager_ops = { + .cdev_pg_ctor = dsp_dev_pager_ctor, + .cdev_pg_dtor = dsp_dev_pager_dtor, + .cdev_pg_fault = dsp_dev_pager_fault, + .cdev_pg_path = dsp_dev_pager_path, +}; + static int -dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, +dsp_mmap_single(struct cdev *cdev, vm_ooffset_t *offset, vm_size_t size, struct vm_object **object, int nprot) { + struct dsp_mmap_handle *handle; struct dsp_cdevpriv *priv; struct snddev_info *d; struct pcm_channel *wrch, *rdch, *c; @@ -1968,13 +2024,18 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, *offset = (uintptr_t)sndbuf_getbufofs(c->bufsoft, *offset); dsp_unlock_chans(priv, FREAD | FWRITE); - *object = vm_pager_allocate(OBJT_DEVICE, i_dev, - size, nprot, *offset, curthread->td_ucred); + handle = malloc(sizeof(*handle), M_DEVBUF, M_WAITOK); + handle->cdev = cdev; + handle->buf = c->bufsoft; + *object = cdev_pager_allocate(handle, OBJT_DEVICE, &dsp_dev_pager_ops, + size, nprot, *offset, curthread->td_ucred); PCM_GIANT_LEAVE(d); + if (*object == NULL) { + free(handle, M_DEVBUF); + return (EINVAL); + } - if (*object == NULL) - return (EINVAL); return (0); } diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c index 53594b7cc962..b44b16e7f312 100644 --- a/tests/sys/sound/mmap.c +++ b/tests/sys/sound/mmap.c @@ -4,12 +4,14 @@ * Copyright (c) 2026 The FreeBSD Foundation */ +#include #include #include #include #include #include +#include #include #define FMT_ERR(s) s ": %s", strerror(errno) @@ -43,9 +45,67 @@ ATF_TC_BODY(mmap_offset_overflow, tc) close(fd); } +/* + * Verify that a MAP_SHARED mapping of a DSP device's software buffer remains + * valid after the file descriptor is closed. + */ +ATF_TC(mmap_buffer_lifetime); +ATF_TC_HEAD(mmap_buffer_lifetime, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap data survives close()"); + atf_tc_set_md_var(tc, "require.kmods", "snd_dummy"); +} +ATF_TC_BODY(mmap_buffer_lifetime, tc) +{ + audio_buf_info abi; + uint8_t *buf; + size_t len; + int fd, arg; + + fd = open("/dev/dsp.dummy", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + arg = (2 << 16) | 14; /* 2*16KB */ + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_SETFRAGMENT, &arg) == 0, + FMT_ERR("SNDCTL_DSP_SETFRAGMENT")); + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_GETOSPACE, &abi) == 0, + FMT_ERR("SNDCTL_DSP_GETOSPACE")); + + len = abi.bytes; + ATF_REQUIRE_MSG(len >= PAGE_SIZE, "buffer too small: %zu", len); + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + ATF_REQUIRE_MSG(buf != MAP_FAILED, FMT_ERR("mmap")); + + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0, + "mmap data corrupted at offset %zu: want 0 got 0x%02x", + i, buf[i]); + } + + memset(buf, 0xa5, len); + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0xa5, + "mmap data corrupted at offset %zu: want 0xa5 got 0x%02x", + i, buf[i]); + } + + ATF_REQUIRE(close(fd) == 0); + + /* Closing the device causes the buffer to be reset. */ + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0 || buf[i] == 0xa5, + "mmap data corrupted at offset %zu: got 0x%02x", i, buf[i]); + } + memset(buf, 0xa5, len); + + ATF_REQUIRE(munmap(buf, len) == 0); +} + ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, mmap_offset_overflow); + ATF_TP_ADD_TC(tp, mmap_buffer_lifetime); return (atf_no_error()); } From nobody Tue Jun 9 19:16:50 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv73cq5z6gTqr for ; Tue, 09 Jun 2026 19:16:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdv70QDMz3Jj8 for ; Tue, 09 Jun 2026 19:16:51 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032611; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Ta5FepWvmIimlGC8VCQkI9CbxV8ahnI9+asnf3SxRns=; b=LVceMjKcPzwWmtqPYIGW6vGutTAbUKAMKKivu1d85h1HbKbY0qHyKGL7l4I20hKpHQ4y/a y4gOFyxnhkOHUn+yL12HyJaGpIRk7dgalV9tKrcLSV8FkqHQIRSzvHoR6FGgZVQJJNs8On RHXEzpwC+Ks41O63ZXTBbGxyK1jvAOXghrEUDJuYl2SWCMFKWEzyj9kM23REKBrQfhGUMc rXN6DUv+9DzeByzsTa7pImW8P0dG/5jG4gIjR2DAjuvlJ7a8O3uor61X6AjuXAuJKh/jX+ rSQCtj20EzbZnxY9zUlmNaUxX8OS9veQlaKE0kfi5yEnXSdC+opk14NraL1+qQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032611; a=rsa-sha256; cv=none; b=mNXi4HA3ouFYNCVg8B0qMnXoyvZTtkRfS+c16MBrEO/5b+hbRCkSMG1/gPUQbwcDC2gyUa KkRRt6MOl2IPGGanTDekW8afVAtLsx/Mt9ncjHd9j+JnYfLhWSfgp/SttsxPhsu/01qOtr yjIq0OndycWnYoU21og6LCu3VubW+CEB0ctFlBbgN2+C21Eo1eHGBXvJrI1G1wz7fa9jiZ dRhArWmHU4oCinZLZEUqaZWdNrHZ3PMPuD3Lrd7kV/zEOWjkAHdGOzhdzyNENxp8u8nA6r 0CBDt5qoQRC1gdCyOLs80JoLVUIV0PF9Yzn1F18RwrSvfhHDLC+XDAMvaWxsKQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032611; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Ta5FepWvmIimlGC8VCQkI9CbxV8ahnI9+asnf3SxRns=; b=I4CeyBOj3Cp+C9IeGD25/RzI4wLcMjUyXVeQp2OeuGy4DM9zjf0VnniFGtpu8mQf3Yc0xF RPHDmC9+lzxKYkVkkdl7SLLptn5BI+Ed6Wfi+8KqKgePk3uQFXogEq0Okx8NRZRuy84akU MRIIThHkYa1dB290sqHIIggb+hDnVoYI6PgL+JvGA3Kk/UYDk49W0tnA5ZDgFzKdaliaxY qOse3fO5xLo6SuU4UXAmFxJYJCJaIqPWVt3HrveC7Nd5tlqpAzk3JwvS7a0kkzyJQCZUR5 YUtz+e4KzC45PCTfLTXmI9kbfNAICjaheGUsDdkwkiKispvV7MqFtM2UzIJCKg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv66gWlznvh for ; Tue, 09 Jun 2026 19:16:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ea6a by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:16:50 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 1bac7df1baeb - main - in6_mcast: Fix a race in in6p_set_source_filter() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 1bac7df1baebd233d31d086a973a48df18f99e73 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:16:50 +0000 Message-Id: <6a2866a2.3ea6a.722e7f09@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=1bac7df1baebd233d31d086a973a48df18f99e73 commit 1bac7df1baebd233d31d086a973a48df18f99e73 Author: Mark Johnston AuthorDate: 2026-05-29 20:12:24 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:13:21 +0000 in6_mcast: Fix a race in in6p_set_source_filter() We drop the inpcb lock in order to copy in the source list, but this leaves a window where the multicast filter structure might be freed. This can be exploited to obtain root privileges. In the v4 code this race is mitigated by holding the global multicast lock across the gap. Restructure the code to copy in filters before doing anything else, so that there's no need to drop the inpcb lock and reason about the correctness of doing so. Do the same in the v4 code for consistency. Approved by: so Security: FreeBSD-SA-26:29.ip6_multicast Security: CVE-2026-49412 Reported by: Andrew Griffiths Reported by: Maik Münch Reviewed by: glebius Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57347 --- sys/netinet/in_mcast.c | 40 +++++++++++++++++----------------------- sys/netinet6/in6_mcast.c | 41 +++++++++++++++++++---------------------- 2 files changed, 36 insertions(+), 45 deletions(-) diff --git a/sys/netinet/in_mcast.c b/sys/netinet/in_mcast.c index 1e7985ac01d7..340218cf5397 100644 --- a/sys/netinet/in_mcast.c +++ b/sys/netinet/in_mcast.c @@ -2505,6 +2505,7 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct epoch_tracker et; struct __msfilterreq msfr; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in_mfilter *imf; @@ -2517,9 +2518,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) - return (ENOBUFS); - if ((msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE)) return (EINVAL); @@ -2532,13 +2530,24 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr))) return (EINVAL); + if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_inp_unlocked; + gsa->sin.sin_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); /* XXXGL: unsafe ifp */ - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_inp_unlocked; + } IN_MULTI_LOCK(); @@ -2570,25 +2579,9 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in_msource *lims; struct sockaddr_in *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_IGMPV3, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - IN_MULTI_UNLOCK(); - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as imf_leave() @@ -2623,7 +2616,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->imsl_st[1] = imf->imf_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2660,6 +2652,8 @@ out_imf_rollback: out_inp_locked: INP_WUNLOCK(inp); IN_MULTI_UNLOCK(); +out_inp_unlocked: + free(kss, M_TEMP); return (error); } diff --git a/sys/netinet6/in6_mcast.c b/sys/netinet6/in6_mcast.c index 7942faefd568..fad47cb0e69b 100644 --- a/sys/netinet6/in6_mcast.c +++ b/sys/netinet6/in6_mcast.c @@ -2491,6 +2491,7 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct __msfilterreq msfr; struct epoch_tracker et; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in6_mfilter *imf; @@ -2503,9 +2504,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) - return (ENOBUFS); - if (msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE) return (EINVAL); @@ -2518,19 +2516,31 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN6_IS_ADDR_MULTICAST(&gsa->sin6.sin6_addr)) return (EINVAL); + if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_in6p_unlocked; + gsa->sin6.sin6_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_in6p_unlocked; + } (void)in6_setscope(&gsa->sin6.sin6_addr, ifp, NULL); /* * Take the INP write lock. * Check if this socket is a member of this group. */ + IN6_MULTI_LOCK(); imo = in6p_findmoptions(inp); imf = im6o_match_group(imo, ifp, &gsa->sa); if (imf == NULL) { @@ -2555,24 +2565,9 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in6_msource *lims; struct sockaddr_in6 *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_MLD, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as im6f_leave() @@ -2617,7 +2612,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->im6sl_st[1] = imf->im6f_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2652,6 +2646,9 @@ out_im6f_rollback: out_in6p_locked: INP_WUNLOCK(inp); + IN6_MULTI_UNLOCK(); +out_in6p_unlocked: + free(kss, M_TEMP); return (error); } From nobody Tue Jun 9 19:16:52 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv83d7rz6gTRG for ; Tue, 09 Jun 2026 19:16:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdv80gFpz3K5Z for ; Tue, 09 Jun 2026 19:16:52 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032612; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wp+DeS0QYM1R86VII6QdKPIsL3RFlnGfKTIR38wDuDo=; b=vUYeG3ePeSIlTHMMaRG56pR0LZCOUqnKdtU3LfqFpTzyfIlcnoyqS3z9FaPsFPpelCGHTq 3qTV6nrVKtgbVjW7e8wna1z6IsMWqVxptsgGWz26gQVpPud7PlReCNyxs8A7JmpSY57/rR NtS70usQIuHRtkMnukOj+JsPA2I6/0eDQiJool2clybG79OIpfMW5sqbA0QaMpQ3j85EfG dbF9tqWfyE71I6f+9KNQpb/J8yZsoqqw8nu72XKxfXrBwC7R0j51f0fENZG+3vq/xDYDxX cRyhx80KpOcVUNXQb0x2YRVan3us0i41KB66/iuC1wZ2+FfT9YMyGITwLZjWrA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032612; a=rsa-sha256; cv=none; b=dJDQJjgHX6YFT3EREFI+OplJ0OFo8mLtrJW8Hno3yW7mDDD27gx08149gOAS9bN0cwmhQK f8t7Q3HIeLCnd9aPd5x9e15dSjStF8kvYfV5C6mTZdalugcXa/a/OkIi5pX2GkHqkOdz/2 3SiDBZG2dyST6y67LRvkZ7fYiUOCkF2RFiAqOPN7bYfO5i4KERD93B5GHJWhwHZF7xu2at zwJY4NUxgyabW3E68LjgI9vGLIinwV98R2tgT/idNt3CSHsUapewaB7/TvWxHOXUMDeuPo L3DAl4hHF35OKdKXvjUIHiAUx44k5W0sCMu57rxFHDr/XJj2LfiCyOunkHl7nA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032612; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=wp+DeS0QYM1R86VII6QdKPIsL3RFlnGfKTIR38wDuDo=; b=YFhyix5qX/WlVqLDmdfANRYsx1FDaXgWQTeSv5wmexN0AApYLP6y8i5Izj69xgeq+mQBQI Bd/+cAYQIgAlLuMldfIEjP2GAGTopoXXU5fI6PSqV3ZljMcTW82aLHLhrNAygAjJJJFW1w rPPCPxE42AbwCXkdF+M23EpU5LrROni8YCVp0+Mw1twkrVEVJKYCjKaHiJEqVtRRsdLumR N5rM1kSoagbH8kkqFjB7WqpNK9A7iGBYSSwFck1hwbewLDcOV/9PKzWq+M3ozu0dT4WfD2 tBYyNd4i4JdRV05CFE+N273GA5kr6OrGupsGudmbxozOjjbOPEvBbuEolVRRsw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv80Cgqznsx for ; Tue, 09 Jun 2026 19:16:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3f41b by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:16:52 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: d39be1b1b50d - main - linux: Correct the issetugid check in copyout_auxargs List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: d39be1b1b50df91ad7ab62b25a4a30343e94cba5 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:16:52 +0000 Message-Id: <6a2866a4.3f41b.c77be12@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=d39be1b1b50df91ad7ab62b25a4a30343e94cba5 commit d39be1b1b50df91ad7ab62b25a4a30343e94cba5 Author: Mark Johnston AuthorDate: 2026-05-29 21:41:35 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:13:21 +0000 linux: Correct the issetugid check in copyout_auxargs The runtime linker in glibc relies on the AT_SECURE auxv entry to know whether the executable is set-ugid, if so then various dangerous functionality such as LD_PRELOAD is disabled. The check added in commit 669414e4fb74 failed to take into account the fact that during execve, P_SUGID may not yet be set for a set-ugid process. Correct the test. Approved by: so Security: FreeBSD-SA-26:30.linux Security: CVE-2026-49413 Reported by: Minseong Kim Fixes: 669414e4fb74 ("Implement AT_SECURE properly.") Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57350 --- sys/compat/linux/linux_elf.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/sys/compat/linux/linux_elf.c b/sys/compat/linux/linux_elf.c index c9eb6aea8373..6c9f785c97e7 100644 --- a/sys/compat/linux/linux_elf.c +++ b/sys/compat/linux/linux_elf.c @@ -492,11 +492,9 @@ __linuxN(copyout_auxargs)(struct image_params *imgp, uintptr_t base) struct thread *td = curthread; Elf_Auxargs *args; Elf_Auxinfo *aarray, *pos; - struct proc *p; int error, issetugid; - p = imgp->proc; - issetugid = p->p_flag & P_SUGID ? 1 : 0; + issetugid = imgp->credential_setid ? 1 : 0; args = imgp->auxargs; aarray = pos = malloc(LINUX_AT_COUNT * sizeof(*pos), M_TEMP, M_WAITOK | M_ZERO); From nobody Tue Jun 9 19:16:46 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv80gLjz6gTP7 for ; Tue, 09 Jun 2026 19:16:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdv741zcz3K34 for ; Tue, 09 Jun 2026 19:16:51 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032611; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=NoPzJW6VSg7nxL1PqxOoRTRGXe1YH9VKuP4Z9hncdh4=; b=qa8KSdihqL1gxiH2cb3dDTkhVn8ZxV0bDhWdyIR6cCG1lfoehGvE5RImHnYYSTCHdr9Ric 9TkNcg3/PuS7bhR5dfAdENlsuCseZMgDt4gMNYYWnuHXIh4iH9rI+bqiDF1Qb7BoXaW6At ybCKZBlvFnHEm/XYDIhV7SQ2GR714hNg4P+EXM9ZDswJa1nXv5Ezk1p07p6o3a3e1Z1ggm rVVfEiwQREERCTHWlwmnIoyyBHC2nxcQ9MsPWMdeVwa7fbg5PF9Yb3kEDCvV1rodcD3v+t TsnCiapNsZP7LHKX352hMH6NEZ5LT+IkvNcNnM8Cmmsy3ryB/feXn4t2CXIvew== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032611; a=rsa-sha256; cv=none; b=x/wojoqX389jwmvdL3T1ukrr7Dr6Lo+Ihhldx9at9BtthEgJQjhLQYoJYeMRiKeGKELnbk UjIfUBC6pwP4asuLQHmzjdxAg1Dvce97f4U4Q2Zb5B051fjdxr/xjgWNFzLc0ZOwynsZjp C4kYKbI/G0sAeKY9kTjuNvqW5AklyfAmIEBqKsnfLTgmRdpZCJQdZYlCwFvSebcyCfpCVr XIMMVJhfIJOv1EXnjl+nJYjRhnwsLZRNjyaeNxq26fAzIueFHGrsY7Ei/mJZ1BBzhAsD1J 4WAl6oCwl1JXpE2Q2I4kB9ZrbJIzSsXC8EkBfmXNPp+wzYCRA8yzRBPRKhkDtA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032611; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=NoPzJW6VSg7nxL1PqxOoRTRGXe1YH9VKuP4Z9hncdh4=; b=PbtWTfg4KI19S1eWE4oq3IAq3GwZg7bfbON1FVcw/T7bZj87S8D83aa0zX1cePiRaEy4VA ETmFjZbbWdyMZaEx6fvyl+QddJjr/0/xL5a0DwL1QdltZR431ec5U/9yLBVxdJElfbWQf2 xypsrvs98kFVIQyDiGo85jZQVPUTt+sT1LrXWffMO6x6/qZN2f4IUyuQUc2WwY/EgIqz3j yF43/vFRQc2HgGr3CjZigpgCpCyw61fp5pWZn7HZo+Jegqr3iUxzy1+xQQ9lowea8OCHdZ q/kzFvHwGUCOhmNOGWP6niv4J0hb88mS56aK91JQLn6DnoPJLhpw8iaiHf9LrQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv73Z11znkQ for ; Tue, 09 Jun 2026 19:16:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e418 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:16:46 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: bf1e2c07977d - main - thr_kill2: Respect p_cansignal() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: bf1e2c07977d6b987f7a976bb9e5b6bdd1ad3986 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:16:46 +0000 Message-Id: <6a28669e.3e418.2a65013f@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=bf1e2c07977d6b987f7a976bb9e5b6bdd1ad3986 commit bf1e2c07977d6b987f7a976bb9e5b6bdd1ad3986 Author: Mark Johnston AuthorDate: 2026-05-25 15:12:57 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:13:21 +0000 thr_kill2: Respect p_cansignal() Approved by: so Security: FreeBSD-SA-26:25.thr Security: CVE-2026-45256 Reported by: Igor Gabriel Sousa e Souza Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li, and Ke Xu from Tsinghua University using GLM-5.1 from Z.ai Reviewed by: emaste, kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57237 --- sys/kern/kern_thr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/kern_thr.c b/sys/kern/kern_thr.c index 4329959a2ef4..4a439eee0210 100644 --- a/sys/kern/kern_thr.c +++ b/sys/kern/kern_thr.c @@ -506,7 +506,7 @@ sys_thr_kill2(struct thread *td, struct thr_kill2_args *uap) p = ttd->td_proc; AUDIT_ARG_PROCESS(p); error = p_cansignal(td, p, uap->sig); - if (uap->sig == 0) + if (error != 0 || uap->sig == 0) ; else if (!_SIG_VALID(uap->sig)) error = EINVAL; From nobody Tue Jun 9 19:16:53 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv94dSmz6gTkX for ; Tue, 09 Jun 2026 19:16:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdv91n5qz3KCl for ; Tue, 09 Jun 2026 19:16:53 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032613; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oJ+a+ziRBrZgWPEc04lOPSOvYvPvXlToxTMCjfrZxyw=; b=oLFpqTMKbYOdg0Vtzg9HRGKWLcKzXmLhBEmRaE2NxA8G0mDRbPFxt4k+EZ6QPZ4/8uc4Ij 6OuidThPPG/DnyaBcAHoXhwtVgB7rTc48EqVBibF7KE1nU2vFwZsdDGhUsnIOOVIZyhKS2 74JpFzPyfYJdeV90t8N1+rodtVh00FxJJ0wk9cu7XzHClcGDqH/an4iL94PDenwEdakXnH cpyzpC/7xMyGOTTJEkUu+N0m37WYlHDAZbXbhIylUer4fLeMbS9QfNbXOMQSHxO2tDbyTM v7n9uHKn3GGT6NDr0IbRCxmjJ5Fmo5fic6NYySrmQMtb4fefPYZzbLqEwjMB2w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032613; a=rsa-sha256; cv=none; b=FaN1rU+R78SZMB//ub1anfGSZ3KVrNnbVc4Me+XCgHH2B0kwYy5NioesBMUKLJhOYjhtR8 6KN3RWsnqUZTr7Fy3Pq+RKK1xuCAqgGXBqnVtSqcsdV3Od9RQVt9Otxti4Njazh95jHW3t 8bsfvskSi3yXz21BEWw94Ddd/cNAE1W39DYVPspvfAijdseIOI8TPY2h9QZfUfTvDs0S7k ftlTS1PqvqiYcEk3MbVcpZf9j2VtAkV72ZVn35J94bFIaUkKphGAu3eP9NdsVlqWHi+lxP Ns1WSdC5c58yRJNB+YVoV0h05eLDIfN+1rOcKylyobn88XOgdhzAZkjvskYa5Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032613; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oJ+a+ziRBrZgWPEc04lOPSOvYvPvXlToxTMCjfrZxyw=; b=nROGZXZPN56eiNzy+/LhEUhY8l5hiS1cNpnNiwGegxLWF8eCkzW+JQpIL/3ZCvTh7o+YbP O+VevItyW4F+tUWVhZn6oAmhQFFXZS/Bg62YjGRAG2ta9m28fmTnJ720961lEZWgBcruEO Ki+DcRIthOFxh9PYiBTkuDTHDlDOB4yoskk+mCck9b7Wd0HqMRpqFUh5bwOIGYOrsdp11p lr7RVcTlLGbrHje0pR3MxAIsLQsTaauc50W4T+YdlHPz5sn9qJKfIhGAcF/XrdEPIyqreF EXkpj7hNyE6NouGoiw0RGEWCwAAVfZttAsf0fghst+ZR8YsBHD7mjRMItN/nKg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdv9135mznsy for ; Tue, 09 Jun 2026 19:16:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e783 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:16:53 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Andrew Turner From: Mark Johnston Subject: git: 9c0a62df50de - main - arm64: Workaround the following errata List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 9c0a62df50de990230a48827ca0bb85b41d4e839 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:16:53 +0000 Message-Id: <6a2866a5.3e783.5975154@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=9c0a62df50de990230a48827ca0bb85b41d4e839 commit 9c0a62df50de990230a48827ca0bb85b41d4e839 Author: Andrew Turner AuthorDate: 2026-05-28 09:25:30 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:13:21 +0000 arm64: Workaround the following errata - ARM C1-Premium erratum 4193780 - ARM C1-Ultra erratum 4193780 - ARM Cortex-A76 erratum 4193800 - ARM Cortex-A76AE erratum 4193801 - ARM Cortex-A77 erratum 4193798 - ARM Cortex-A78 erratum 4193791 - ARM Cortex-A78AE erratum 4193793 - ARM Cortex-A78C erratum 4193794 - ARM Cortex-A710 erratum 4193788 - ARM Cortex-X1 erratum 4193791 - ARM Cortex-X1C erratum 4193792 - ARM Cortex-X2 erratum 4193788 - ARM Cortex-X3 erratum 4193786 - ARM Cortex-X4 erratum 4118414 - ARM Cortex-X925 erratum 4193781 - ARM Neoverse-N1 erratum 4193800 - ARM Neoverse-N2 erratum 4193789 - ARM Neoverse-V1 erratum 4193790 - ARM Neoverse-V2 erratum 4193787 - ARM Neoverse-V3 erratum 4193784 - ARM Neoverse-V3AE erratum 4193784 These are all variants on an erratum where TLBI+DSB instructions on one CPU may incorrectly complete early leading to stores to an updated address using an incorrect translation on another CPU. In all cases the workaround is to add a second TLBI+DSB. Approved by: so Security: FreeBSD-SA-26:31.arm64 Security: CVE-2025-10263 Sponsored by: Arm Ltd --- sys/arm64/arm64/pmap.c | 60 ++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 51 insertions(+), 9 deletions(-) diff --git a/sys/arm64/arm64/pmap.c b/sys/arm64/arm64/pmap.c index 1fb9ac2011aa..2eabdef6d27c 100644 --- a/sys/arm64/arm64/pmap.c +++ b/sys/arm64/arm64/pmap.c @@ -1769,20 +1769,62 @@ static cpu_feat_en pmap_multiple_tlbi_check(const struct cpu_feat *feat __unused, u_int midr) { /* - * Cortex-A55 erratum 2441007 (Cat B rare) + * ARM C1-Premium erratum 4193780 + * ARM C1-Ultra erratum 4193780 + * ARM Cortex-A76 erratum 4193800 + * ARM Cortex-A76AE erratum 4193801 + * ARM Cortex-A77 erratum 4193798 + * ARM Cortex-A78 erratum 4193791 + * ARM Cortex-A78AE erratum 4193793 + * ARM Cortex-A78C erratum 4193794 + * ARM Cortex-A710 erratum 4193788 + * ARM Cortex-X1 erratum 4193791 + * ARM Cortex-X1C erratum 4193792 + * ARM Cortex-X2 erratum 4193788 + * ARM Cortex-X3 erratum 4193786 + * ARM Cortex-X4 erratum 4118414 + * ARM Cortex-X925 erratum 4193781 + * ARM Neoverse-N1 erratum 4193800 + * ARM Neoverse-N2 erratum 4193789 + * ARM Neoverse-V1 erratum 4193790 + * ARM Neoverse-V2 erratum 4193787 + * ARM Neoverse-V3 erratum 4193784 + * ARM Neoverse-V3AE erratum 4193784 * Present in all revisions */ - if (CPU_IMPL(midr) == CPU_IMPL_ARM && - CPU_PART(midr) == CPU_PART_CORTEX_A55) - return (FEAT_DEFAULT_DISABLE); + if (CPU_IMPL(midr) == CPU_IMPL_ARM) { + switch(CPU_PART(midr)) { + case CPU_PART_C1_PREMIUM: + case CPU_PART_C1_ULTRA: + case CPU_PART_CORTEX_A76: + case CPU_PART_CORTEX_A76AE: + case CPU_PART_CORTEX_A77: + case CPU_PART_CORTEX_A78: + case CPU_PART_CORTEX_A78AE: + case CPU_PART_CORTEX_A78C: + case CPU_PART_CORTEX_A710: + case CPU_PART_CORTEX_X1: + case CPU_PART_CORTEX_X1C: + case CPU_PART_CORTEX_X2: + case CPU_PART_CORTEX_X3: + case CPU_PART_CORTEX_X4: + case CPU_PART_CORTEX_X925: + case CPU_PART_NEOVERSE_N1: + case CPU_PART_NEOVERSE_N2: + case CPU_PART_NEOVERSE_V1: + case CPU_PART_NEOVERSE_V2: + case CPU_PART_NEOVERSE_V3: + case CPU_PART_NEOVERSE_V3AE: + return (FEAT_DEFAULT_ENABLE); + } + } /* - * Cortex-A76 erratum 1286807 (Cat B rare) - * Present in r0p0 - r3p0 - * Fixed in r3p1 + * Cortex-A55 erratum 2441007 (Cat B rare) + * Present in all revisions */ - if (midr_check_var_part_range(midr, CPU_IMPL_ARM, CPU_PART_CORTEX_A76, - 0, 0, 3, 0)) + if (CPU_IMPL(midr) == CPU_IMPL_ARM && + CPU_PART(midr) == CPU_PART_CORTEX_A55) return (FEAT_DEFAULT_DISABLE); /* From nobody Tue Jun 9 19:16:54 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvB4Fd2z6gTww for ; Tue, 09 Jun 2026 19:16:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdvB26gyz3KM6 for ; Tue, 09 Jun 2026 19:16:54 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032614; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=G1TY7JfverA6gSr5EVGOhFOZ8ClVc/oyTVmdSm6ooxo=; b=FQFboJh8s2RAI20jexNanS+ldW9HOaiDU8g66bwmBaLo0qgoGyX5LDRI6manzIdwkreJO5 n/2n7ZDCguvamx+RCr6E/d51QZKlVsZKPms94TZSD2HNgjjRKNaB5LLwuqo5cf2ahNfraF +vpFxnTlJvSkGcojh80SRWWSjwWH1bWr2Mtug+953TLuDDGdmjZ/XqKDiygCto87JLYhoL DiXc7dgZSnH1FVhRJr7nxm/UeXrcv/XHNG3sXn/GDg59tzbsmW6ZcxYDnuogxoS/qQAF2I /LkoQ9ZWYk642+KUqEdeqxN1klXZICiZQPFXv+D6zAZc0/mvF+zYmh40iMTEFw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032614; a=rsa-sha256; cv=none; b=HObJbueyRb672kpwogJ/WHIGWHpT+2tZ7KuMRhxvy2x4SbZixRQizavgJTbM1YczBkEOXL wA3AzJ5A5Vb0L5ehrlDpMDSXbnEd1VuSXf5ZDp9W5c35VlXiyNytDFzYwCID0Lke9Jdk0B nwjJ9IMBoQHOYPI8aM0X0t7diV4w0vtumHy5VOu+pkVhvazJw3EKxa17Zg93pAcjbveRTy XXaA6cwq/OPKMyGZDkAtz4nyx7QfYqZX6K4TrqwPtVc1H1+ell/DD/696dLJelsvMSh8Oa Euc6aPWd1l6olqf50Babit2XQw26veYPjI/pRuVDImGgdTorWzzxJNF13mXTBg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032614; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=G1TY7JfverA6gSr5EVGOhFOZ8ClVc/oyTVmdSm6ooxo=; b=c125Qd0E+V1sz3i4gvojWR6Bluk5/x+5y0idw7rdEPDn/Ep8RYXLUZdZFgniKSg1GqxnQs +ZtgCt6IWFdKzNjHvnnWP/0sKKm0LUa57Zs1WLhoyzikCTjCg+a615rEp0Rb4D7lmV+eVP g1uL2A9SzqZedz0neeDLt9aSFGE5/hlwlcDpQwi8XEvUIAQ+sgru5KqLdARRcWBYQ4vvqz lcjmXbjrkkMM3teStOTk+OFqVa9tH+/ZKYdSqwhINOTgk4qfVwfRBMmA3OuO/xLQifHTlT ln4PX4WLnncvzdfObV5r3OjtK8NLv4b7sdO9oB8sTcgSZz/23tTxg4V1HSpSkw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvB1hLHznkR for ; Tue, 09 Jun 2026 19:16:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c4ea by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:16:54 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: ebb0ea9f4f59 - main - imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: ebb0ea9f4f599be267641e630ea48279e4f531d1 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:16:54 +0000 Message-Id: <6a2866a6.3c4ea.331031a9@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=ebb0ea9f4f599be267641e630ea48279e4f531d1 commit ebb0ea9f4f599be267641e630ea48279e4f531d1 Author: Mark Johnston AuthorDate: 2026-06-02 20:29:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:13:21 +0000 imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images Otherwise an unprivileged user can disable randomization of the base address for PIEs even if they are setugid. Add a regression test. Approved by: so Security: FreeBSD-SA-26:32.elf Security: CVE-2026-49414 Reported by: David Berard Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57397 --- sys/kern/imgact_elf.c | 55 ++++++++--------- tests/sys/kern/Makefile | 2 + tests/sys/kern/aslr.c | 157 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 187 insertions(+), 27 deletions(-) diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c index 46908f01097b..65e0e6089dca 100644 --- a/sys/kern/imgact_elf.c +++ b/sys/kern/imgact_elf.c @@ -1269,11 +1269,39 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) error = ENOEXEC; goto ret; } + + /* + * Avoid a possible deadlock if the current address space is destroyed + * and that address space maps the locked vnode. In the common case, + * the locked vnode's v_usecount is decremented but remains greater + * than zero. Consequently, the vnode lock is not needed by vrele(). + * However, in cases where the vnode lock is external, such as nullfs, + * v_usecount may become zero. + * + * The VV_TEXT flag prevents modifications to the executable while + * the vnode is unlocked. + */ + VOP_UNLOCK(imgp->vp); + + /* + * Decide whether to enable randomization of user mappings. First, + * reset user preferences for the setid binaries. Then, account for the + * support of randomization by the ABI, by user preferences, and make + * special treatment for PIE binaries. + */ + if (imgp->credential_setid) { + PROC_LOCK(imgp->proc); + imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | + P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); + PROC_UNLOCK(imgp->proc); + } + sv = brand_info->sysvec; if (hdr->e_type == ET_DYN) { if ((brand_info->flags & BI_CAN_EXEC_DYN) == 0) { uprintf("Cannot execute shared object\n"); error = ENOEXEC; + (void)vn_lock(imgp->vp, LK_SHARED | LK_RETRY); goto ret; } /* @@ -1292,33 +1320,6 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) imgp->et_dyn_addr = __elfN(pie_base); } } - - /* - * Avoid a possible deadlock if the current address space is destroyed - * and that address space maps the locked vnode. In the common case, - * the locked vnode's v_usecount is decremented but remains greater - * than zero. Consequently, the vnode lock is not needed by vrele(). - * However, in cases where the vnode lock is external, such as nullfs, - * v_usecount may become zero. - * - * The VV_TEXT flag prevents modifications to the executable while - * the vnode is unlocked. - */ - VOP_UNLOCK(imgp->vp); - - /* - * Decide whether to enable randomization of user mappings. - * First, reset user preferences for the setid binaries. - * Then, account for the support of the randomization by the - * ABI, by user preferences, and make special treatment for - * PIE binaries. - */ - if (imgp->credential_setid) { - PROC_LOCK(imgp->proc); - imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | - P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); - PROC_UNLOCK(imgp->proc); - } if ((sv->sv_flags & SV_ASLR) == 0 || (imgp->proc->p_flag2 & P2_ASLR_DISABLE) != 0 || (fctl0 & NT_FREEBSD_FCTL_ASLR_DISABLE) != 0) { diff --git a/tests/sys/kern/Makefile b/tests/sys/kern/Makefile index dcaeb8d2f1fa..fb267f1a2782 100644 --- a/tests/sys/kern/Makefile +++ b/tests/sys/kern/Makefile @@ -7,6 +7,7 @@ TESTSRC= ${SRCTOP}/contrib/netbsd-tests/kernel TESTSDIR= ${TESTSBASE}/sys/kern +ATF_TESTS_C+= aslr ATF_TESTS_C+= basic_signal ATF_TESTS_C+= copy_file_range .if ${MACHINE_ARCH} != "i386" && ${MACHINE_ARCH} != "powerpc" @@ -91,6 +92,7 @@ PROGS+= coredump_phnum_helper PROGS+= pdeathsig_helper PROGS+= sendfile_helper +LIBADD.aslr+= util LIBADD.copy_file_range+= md LIBADD.jail_lookup_root+= jail util LIBADD.jaildesc+= pthread diff --git a/tests/sys/kern/aslr.c b/tests/sys/kern/aslr.c new file mode 100644 index 000000000000..13038054603c --- /dev/null +++ b/tests/sys/kern/aslr.c @@ -0,0 +1,157 @@ +/* + * Copyright (c) 2026 The FreeBSD Foundation + * + * This software was developed by Mark Johnston under sponsorship from the + * FreeBSD Foundation. + */ + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include + +/* + * Spawn an unprivileged child with ASLR force-disabled, which then execs + * /sbin/ping (setuid root). + */ +static pid_t +spawn_ping(const atf_tc_t *tc) +{ + const char *user; + struct passwd *passwd; + pid_t child; + int arg, error; + + user = atf_tc_get_config_var(tc, "unprivileged_user"); + passwd = getpwnam(user); + ATF_REQUIRE(passwd != NULL); + + child = fork(); + ATF_REQUIRE(child >= 0); + if (child == 0) { + if (seteuid(passwd->pw_uid) != 0) + _exit(1); + + arg = PROC_ASLR_FORCE_DISABLE; + error = procctl(P_PID, getpid(), PROC_ASLR_CTL, &arg); + if (error != 0) + _exit(2); + + execl("/sbin/ping", "ping", "127.0.0.1", NULL); + _exit(127); + } + usleep(500000); /* XXX-MJ */ + + return (child); +} + +/* + * Return the base address of the first mapping backed by the specified + * executable in the given process, or 0 if not found. + */ +static uint64_t +text_base(pid_t pid, const char *path) +{ + struct kinfo_vmentry *vmmap; + uint64_t base; + int cnt; + + base = 0; + vmmap = kinfo_getvmmap(pid, &cnt); + if (vmmap == NULL) + return (0); + for (int i = 0; i < cnt; i++) { + if (vmmap[i].kve_type == KVME_TYPE_VNODE && + strcmp(vmmap[i].kve_path, path) == 0) { + base = vmmap[i].kve_start; + break; + } + } + free(vmmap); + return (base); +} + +/* + * Make sure that ASLR can't be disabled for a setuid executable by an + * unprivileged user. + */ +ATF_TC(aslr_setuid); +ATF_TC_HEAD(aslr_setuid, tc) +{ + atf_tc_set_md_var(tc, "require.user", "root"); + atf_tc_set_md_var(tc, "require.config", "unprivileged_user"); +} +ATF_TC_BODY(aslr_setuid, tc) +{ + struct stat sb; + uint64_t bases[5]; + pid_t child, pid; + int arg, error, st; + + if (!atf_tc_has_config_var(tc, "unprivileged_user")) + atf_tc_skip("unprivileged_user not set"); + + error = stat("/sbin/ping", &sb); + ATF_REQUIRE(error == 0); + ATF_REQUIRE_MSG(sb.st_uid == 0 && (sb.st_mode & S_ISUID) != 0, + "/sbin/ping is not setuid root"); + + child = spawn_ping(tc); + bases[0] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[0] != 0, + "failed to find /sbin/ping text segment"); + + arg = 0; + error = procctl(P_PID, child, PROC_ASLR_STATUS, &arg); + ATF_REQUIRE_MSG(error == 0, "procctl ASLR_STATUS failed: %s", + strerror(errno)); + ATF_REQUIRE_MSG((arg & PROC_ASLR_ACTIVE) != 0, + "ASLR is not active for setuid child"); + ATF_REQUIRE_MSG((arg & ~PROC_ASLR_ACTIVE) == PROC_ASLR_NOFORCE, + "expected NOFORCE for setuid child, got %d", + arg & ~PROC_ASLR_ACTIVE); + + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + + for (size_t i = 1; i < nitems(bases); i++) { + child = spawn_ping(tc); + bases[i] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[i] != 0, + "failed to find /sbin/ping text segment"); + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + } + + /* Verify that the text base is different across all runs. */ + for (size_t i = 0; i < nitems(bases); i++) { + for (size_t j = i + 1; j < nitems(bases); j++) { + ATF_REQUIRE_MSG(bases[i] != bases[j], + "ping text base collision 0x%jx", + (uintmax_t)bases[i]); + } + } +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, aslr_setuid); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:16:55 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvD03qLz6gTp6 for ; Tue, 09 Jun 2026 19:16:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdvC3TPKz3K5v for ; Tue, 09 Jun 2026 19:16:55 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032615; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SQJE4/JTdnTO3bREziqsB4aZmNN5zBcquAnJbdBFAjo=; b=vfEjl8dxZN9eQ4J5PvDPGgwf/OhXdEjD+i1EI4xSsANqr3HcppZSm4Zpp5Mdd6tMypnVkF gW/9H6aSbcMOVVbpErcSqcakEH51BHRJ+EQYx9BkcjSlRGIKArzh5MEpcwegIBFiZ0PRsC XEyozsv3g/+zOeVdhJRwg4eEes+TrUpmQ+w/LQxYd7HcS4yf0rh++SPbb0YogcIhIYvgif lZSjv4a7/GU0NyRCV7EYyhtO6K9LBIpaVoSyzXmR1ys2fqZKyAePMuuPiwQw4kvRX4yux+ ZLNpt7MYm6htLXLLl7gP9FhTbIuTesZnEf0mrt0ZdKpL82SJKy9VuPPlX0jK9A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032615; a=rsa-sha256; cv=none; b=E0VfyRWe+pbclzRd+JrlhnnOygOLVjPJWmweTu113/Lfsy5ip4ZZEbcZ/fciR01GYD+no7 VI312AeA0fErlV15TkAfEZPtYuQpBlYOzab+9S6AAnEJ+dyezrB7F8cIt8VSAE77KIy1tW witkFhDruN+uliQ4r+StfDCuKQ5gtFbBqNXEkYSRiRntxks/dOl0zXPmuTYdJ7K7yTfceB EERqgWU4Tru/vqWs66bA4doZDirab/H0jLlgWu4vYFlBfDcdfxaB9oxuW7qT2VKhfCOkNx 1GPnyqECdIJx3qYLhPyd+lHvrs2v8ZLSkqu51hSLKpkNUoeYtz5SdirSwkwyow== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032615; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SQJE4/JTdnTO3bREziqsB4aZmNN5zBcquAnJbdBFAjo=; b=HBigalOz07iylIEdvX+vuy1AXij6jspNXZj69RsSZX1+zhWxlTNlsQhmZPUjieoHSq5Ksp m1gRcXjivZtXu/ajiVkdJMZ3a061q3OXVvnj7lMLbPOsyaXk7LYyAu5NquCOhTXaLTgdf0 kXoOLoGKI+UxK9EkT2nd5Z0vsVUaLVZaWZtRQJrJ+WnS7WnShrIGM8DdtJop4HVJ2wMByL M+VQ5oZMQXWVHuUEje6aBl881LQG6L/qaju/tAGzhBBYmrX8XF7v3d6sqwk2Rdi1UgFWnj q8AY1WPXt0hz1Tkrc5067avn2YxASTkEVZdrhDj4ggf0uM8tKTFO5ssWPo7P9w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvC2RSTzmsW for ; Tue, 09 Jun 2026 19:16:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c8db by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:16:55 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: e508c3431d8e - main - openssl: Fix multiple vulnerabilities List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: e508c3431d8e1ace6118e150837a0d0d67f1672a Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:16:55 +0000 Message-Id: <6a2866a7.3c8db.5b7489e4@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=e508c3431d8e1ace6118e150837a0d0d67f1672a commit e508c3431d8e1ace6118e150837a0d0d67f1672a Author: Gordon Tetlow AuthorDate: 2026-04-29 08:23:24 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:13:21 +0000 openssl: Fix multiple vulnerabilities This is a rollup commit from upstream to fix: Reject oversized inputs in ASN1_mbstring_ncopy() cms: kek_unwrap_key: Fix out-of-bounds read in check-byte validation cms: kek_unwrap_key: test for fix out-of-bounds read in check-byte validation Avoid length truncation in ASN1_STRING_set pkcs12: verify that the pbmac1 key length is safe Reject potentially forged encrypted CMS AuthEnvelopedData messages QUIC stack must limit the number of PATH_CHALLENGE frames processed in RX Fix NULL dereference in QUIC address validation Fix potential NULL dereference processing CMS PasswordRecipientInfo Fix potential NULL dereference in OSSL_CRMF_ENCRYPTEDVALUE_decrypt() Enforce implicit rejection for CMS/PKCS#7 decryption Use the correct issuer when validating rootCAKeyUpdate Match the local q DHX parameter against the peer's q Apply the buffered IV on the AES-OCB EVP_Cipher() path Fix handling of empty-ciphertext messages in AES-GCM-SIV and AES-SIV Fix possible use-after-free in OpenSSL PKCS7_verify() Approved by: so Obtained from: OpenSSL Security: FreeBSD-SA-26:35.openssl Security: CVE-2026-7383 Security: CVE-2026-9076 Security: CVE-2026-34180 Security: CVE-2026-34181 Security: CVE-2026-34182 Security: CVE-2026-34183 Security: CVE-2026-42764 Security: CVE-2026-42766 Security: CVE-2026-42767 Security: CVE-2026-42768 Security: CVE-2026-42769 Security: CVE-2026-42770 Security: CVE-2026-45445 Security: CVE-2026-45446 Security: CVE-2026-45447 --- crypto/openssl/crypto/asn1/a_mbstr.c | 31 ++++- crypto/openssl/crypto/asn1/tasn_dec.c | 24 ++-- crypto/openssl/crypto/cmp/cmp_genm.c | 6 +- crypto/openssl/crypto/cms/cms_enc.c | 10 +- crypto/openssl/crypto/cms/cms_env.c | 7 -- crypto/openssl/crypto/cms/cms_pwri.c | 13 +- crypto/openssl/crypto/crmf/crmf_lib.c | 10 +- crypto/openssl/crypto/pkcs12/p12_mutl.c | 8 +- crypto/openssl/crypto/pkcs7/pk7_doit.c | 7 -- crypto/openssl/crypto/pkcs7/pk7_smime.c | 9 +- crypto/openssl/doc/man3/CMS_decrypt.pod | 4 +- crypto/openssl/doc/man3/PKCS7_decrypt.pod | 10 +- crypto/openssl/include/internal/quic_cfq.h | 1 + crypto/openssl/include/internal/quic_channel.h | 1 + crypto/openssl/include/internal/quic_fifd.h | 1 + .../ciphers/cipher_aes_gcm_siv_hw.c | 27 ++-- .../implementations/ciphers/cipher_aes_ocb.c | 13 ++ .../implementations/ciphers/cipher_aes_siv.c | 3 + .../providers/implementations/exchange/dh_exch.c | 5 +- crypto/openssl/ssl/quic/quic_cfq.c | 15 +++ crypto/openssl/ssl/quic/quic_channel.c | 6 + crypto/openssl/ssl/quic/quic_channel_local.h | 39 ++++++ crypto/openssl/ssl/quic/quic_fifd.c | 43 +++++++ crypto/openssl/ssl/quic/quic_port.c | 6 +- crypto/openssl/ssl/quic/quic_rx_depack.c | 60 +++++---- crypto/openssl/ssl/quic/quic_txp.c | 2 + crypto/openssl/test/cmsapitest.c | 48 ++++++- crypto/openssl/test/evp_extra_test.c | 140 +++++++++++++++++++++ crypto/openssl/test/recipes/80-test_cmsapi.t | 3 +- .../80-test_cmsapi_data/cms_pwri_kek_oob.der | Bin 0 -> 193 bytes crypto/openssl/test/recipes/80-test_pkcs12.t | 13 +- .../pbmac1_256_256.bad-key-len.p12 | Bin 0 -> 2803 bytes .../pbmac1_256_256.good-shorter-key-len.p12 | Bin 0 -> 2803 bytes 33 files changed, 472 insertions(+), 93 deletions(-) diff --git a/crypto/openssl/crypto/asn1/a_mbstr.c b/crypto/openssl/crypto/asn1/a_mbstr.c index 2270e63d51d4..962e19b2ceaa 100644 --- a/crypto/openssl/crypto/asn1/a_mbstr.c +++ b/crypto/openssl/crypto/asn1/a_mbstr.c @@ -174,11 +174,27 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, break; case MBSTRING_BMP: + if (nchar > INT_MAX / 2) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 1; cpyfunc = cpy_bmp; break; case MBSTRING_UNIV: + if (nchar > INT_MAX / 4) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 2; cpyfunc = cpy_univ; break; @@ -186,8 +202,11 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_UTF8: outlen = 0; ret = traverse_string(in, len, inform, out_utf8, &outlen); - if (ret < 0) { - ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); + if (ret < 0) { /* error already raised in out_utf8() */ + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } return -1; } cpyfunc = cpy_utf8; @@ -270,9 +289,15 @@ static int out_utf8(unsigned long value, void *arg) int *outlen, len; len = UTF8_putc(NULL, -1, value); - if (len <= 0) + if (len <= 0) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); return len; + } outlen = arg; + if (*outlen > INT_MAX - len) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + return -1; + } *outlen += len; return 1; } diff --git a/crypto/openssl/crypto/asn1/tasn_dec.c b/crypto/openssl/crypto/asn1/tasn_dec.c index 91c2e524f55b..e9532b9f48f7 100644 --- a/crypto/openssl/crypto/asn1/tasn_dec.c +++ b/crypto/openssl/crypto/asn1/tasn_dec.c @@ -54,7 +54,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it); /* Table to convert tags to bit values, used for MSTRING type */ @@ -855,19 +855,24 @@ err: /* Translate ASN1 content octets into a structure */ -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it) { ASN1_VALUE **opval = NULL; ASN1_STRING *stmp; ASN1_TYPE *typ = NULL; int ret = 0; + int ilen = (int)len; const ASN1_PRIMITIVE_FUNCS *pf; ASN1_INTEGER **tint; pf = it->funcs; - if (pf && pf->prim_c2i) - return pf->prim_c2i(pval, cont, len, utype, free_cont, it); + if (pf && pf->prim_c2i) { + if (len == (long)ilen) + return pf->prim_c2i(pval, cont, ilen, utype, free_cont, it); + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + return 0; + } /* If ANY type clear type and set pointer to internal value */ if (it->utype == V_ASN1_ANY) { if (*pval == NULL) { @@ -885,7 +890,8 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, } switch (utype) { case V_ASN1_OBJECT: - if (!ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) + if (len != (long)ilen + || !ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, ilen)) goto err; break; @@ -940,6 +946,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_SET: case V_ASN1_SEQUENCE: default: + if (len != (long)ilen) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + goto err; + } if (utype == V_ASN1_BMPSTRING && (len & 1)) { ERR_raise(ERR_LIB_ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); goto err; @@ -970,10 +980,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, } /* If we've already allocated a buffer use it */ if (*free_cont) { - ASN1_STRING_set0(stmp, (unsigned char *)cont /* UGLY CAST! */, len); + ASN1_STRING_set0(stmp, (unsigned char *)cont /* UGLY CAST! */, ilen); *free_cont = 0; } else { - if (!ASN1_STRING_set(stmp, cont, len)) { + if (!ASN1_STRING_set(stmp, cont, ilen)) { ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); ASN1_STRING_free(stmp); *pval = NULL; diff --git a/crypto/openssl/crypto/cmp/cmp_genm.c b/crypto/openssl/crypto/cmp/cmp_genm.c index bcc121f14695..ec1f03d20c1a 100644 --- a/crypto/openssl/crypto/cmp/cmp_genm.c +++ b/crypto/openssl/crypto/cmp/cmp_genm.c @@ -202,7 +202,7 @@ static int selfsigned_verify_cb(int ok, X509_STORE_CTX *store_ctx) for (i = 0; i < sk_X509_num(trust); i++) { issuer = sk_X509_value(trust, i); if ((*check_issued)(store_ctx, cert, issuer)) { - if (X509_add_cert(chain, cert, X509_ADD_FLAG_UP_REF)) + if (X509_add_cert(chain, issuer, X509_ADD_FLAG_UP_REF)) ok = 1; break; } @@ -235,6 +235,7 @@ static int verify_ss_cert(OSSL_LIB_CTX *libctx, const char *propq, if ((csc = X509_STORE_CTX_new_ex(libctx, propq)) == NULL || !X509_STORE_CTX_init(csc, ts, target, untrusted)) goto err; + X509_STORE_CTX_set_flags(csc, X509_V_FLAG_CHECK_SS_SIGNATURE); X509_STORE_CTX_set_verify_cb(csc, selfsigned_verify_cb); ok = X509_verify_cert(csc) > 0; @@ -253,7 +254,8 @@ verify_ss_cert_trans(OSSL_CMP_CTX *ctx, X509 *trusted /* may be NULL */, int res = 0; if (trusted != NULL) { - X509_VERIFY_PARAM *vpm = X509_STORE_get0_param(ts); + X509_VERIFY_PARAM *vpm = (ts == NULL) ? NULL + : X509_STORE_get0_param(ts); if ((ts = X509_STORE_new()) == NULL) return 0; diff --git a/crypto/openssl/crypto/cms/cms_enc.c b/crypto/openssl/crypto/cms/cms_enc.c index 08afb5ab114b..ba7082cebd72 100644 --- a/crypto/openssl/crypto/cms/cms_enc.c +++ b/crypto/openssl/crypto/cms/cms_enc.c @@ -109,13 +109,15 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, goto err; } piv = aparams.iv; - if (ec->taglen > 0 - && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, - ec->taglen, ec->tag) - <= 0) { + + if (ec->taglen < 4 || ec->taglen > 16 + || EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, (int)ec->taglen, ec->tag) <= 0) { ERR_raise(ERR_LIB_CMS, CMS_R_CIPHER_AEAD_SET_TAG_ERROR); goto err; } + } else if (auth) { + ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM); + goto err; } } len = EVP_CIPHER_CTX_get_key_length(ctx); diff --git a/crypto/openssl/crypto/cms/cms_env.c b/crypto/openssl/crypto/cms/cms_env.c index 0828d157fad6..70dd59c06169 100644 --- a/crypto/openssl/crypto/cms/cms_env.c +++ b/crypto/openssl/crypto/cms/cms_env.c @@ -619,13 +619,6 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, if (!ossl_cms_env_asn1_ctrl(ri, 1)) goto err; - if (EVP_PKEY_is_a(pkey, "RSA")) - /* upper layer CMS code incorrectly assumes that a successful RSA - * decryption means that the key matches ciphertext (which never - * was the case, implicit rejection or not), so to make it work - * disable implicit rejection for RSA keys */ - EVP_PKEY_CTX_ctrl_str(ktri->pctx, "rsa_pkcs1_implicit_rejection", "0"); - if (evp_pkey_decrypt_alloc(ktri->pctx, &ek, &eklen, fixlen, ktri->encryptedKey->data, ktri->encryptedKey->length) diff --git a/crypto/openssl/crypto/cms/cms_pwri.c b/crypto/openssl/crypto/cms/cms_pwri.c index d62dbbde881b..faf6a164669b 100644 --- a/crypto/openssl/crypto/cms/cms_pwri.c +++ b/crypto/openssl/crypto/cms/cms_pwri.c @@ -200,18 +200,18 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen, EVP_CIPHER_CTX *ctx) { - size_t blocklen = EVP_CIPHER_CTX_get_block_size(ctx); + int blocklen = EVP_CIPHER_CTX_get_block_size(ctx); unsigned char *tmp; int outl, rv = 0; - if (blocklen == 0) + if (blocklen < 4) return 0; - if (inlen < 2 * blocklen) { + if (inlen < 2 * (size_t)blocklen) { /* too small */ return 0; } - if (inlen % blocklen) { + if (inlen > INT_MAX || inlen % blocklen) { /* Invalid size */ return 0; } @@ -367,6 +367,11 @@ int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, /* Finish password based key derivation to setup key in "ctx" */ + if (algtmp == NULL) { + ERR_raise_data(ERR_LIB_CMS, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER, + "Missing KeyDerivationAlgorithm"); + goto err; + } if (!EVP_PBE_CipherInit_ex(algtmp->algorithm, (char *)pwri->pass, (int)pwri->passlen, algtmp->parameter, kekctx, en_de, diff --git a/crypto/openssl/crypto/crmf/crmf_lib.c b/crypto/openssl/crypto/crmf/crmf_lib.c index d5c8983b2fd4..34477d52662d 100644 --- a/crypto/openssl/crypto/crmf/crmf_lib.c +++ b/crypto/openssl/crypto/crmf/crmf_lib.c @@ -766,6 +766,7 @@ unsigned char *OSSL_CRMF_ENCRYPTEDVALUE_decrypt(const OSSL_CRMF_ENCRYPTEDVALUE * EVP_CIPHER *cipher = NULL; /* used cipher */ int cikeysize = 0; /* key size from cipher */ unsigned char *iv = NULL; /* initial vector for symmetric encryption */ + int iv_len; /* iv length */ unsigned char *out = NULL; /* decryption output buffer */ int n, ret = 0; EVP_PKEY_CTX *pkctx = NULL; /* private key context */ @@ -820,11 +821,12 @@ unsigned char *OSSL_CRMF_ENCRYPTEDVALUE_decrypt(const OSSL_CRMF_ENCRYPTEDVALUE * } else { goto end; } - if ((iv = OPENSSL_malloc(EVP_CIPHER_get_iv_length(cipher))) == NULL) + iv_len = EVP_CIPHER_get_iv_length(cipher); + if ((iv = OPENSSL_malloc(iv_len)) == NULL) goto end; - if (ASN1_TYPE_get_octetstring(enc->symmAlg->parameter, iv, - EVP_CIPHER_get_iv_length(cipher)) - != EVP_CIPHER_get_iv_length(cipher)) { + if (enc->symmAlg->parameter == NULL + || ASN1_TYPE_get_octetstring(enc->symmAlg->parameter, iv, iv_len) + != iv_len) { ERR_raise(ERR_LIB_CRMF, CRMF_R_MALFORMED_IV); goto end; } diff --git a/crypto/openssl/crypto/pkcs12/p12_mutl.c b/crypto/openssl/crypto/pkcs12/p12_mutl.c index 01956252df76..15072e12f26b 100644 --- a/crypto/openssl/crypto/pkcs12/p12_mutl.c +++ b/crypto/openssl/crypto/pkcs12/p12_mutl.c @@ -144,11 +144,13 @@ static int PBMAC1_PBKDF2_HMAC(OSSL_LIB_CTX *ctx, const char *propq, } pbkdf2_salt = pbkdf2_param->salt->value.octet_string; - /* RFC 9579 specifies missing key length as invalid */ + /* RFC 9879 specifies missing key length as invalid */ if (pbkdf2_param->keylength != NULL) keylen = ASN1_INTEGER_get(pbkdf2_param->keylength); - if (keylen <= 0 || keylen > EVP_MAX_MD_SIZE) { - ERR_raise(ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR); + /* RFC 9879 specifies too short key length as untrustworthy too */ + if (keylen < 20 || keylen > EVP_MAX_MD_SIZE) { + ERR_raise_data(ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR, + "Invalid Key length (%d is not in the range 20..64)", keylen); goto err; } diff --git a/crypto/openssl/crypto/pkcs7/pk7_doit.c b/crypto/openssl/crypto/pkcs7/pk7_doit.c index d6513cf3a379..1ec7895fc197 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_doit.c +++ b/crypto/openssl/crypto/pkcs7/pk7_doit.c @@ -203,13 +203,6 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, if (EVP_PKEY_decrypt_init(pctx) <= 0) goto err; - if (EVP_PKEY_is_a(pkey, "RSA")) - /* upper layer pkcs7 code incorrectly assumes that a successful RSA - * decryption means that the key matches ciphertext (which never - * was the case, implicit rejection or not), so to make it work - * disable implicit rejection for RSA keys */ - EVP_PKEY_CTX_ctrl_str(pctx, "rsa_pkcs1_implicit_rejection", "0"); - ret = evp_pkey_decrypt_alloc(pctx, &ek, &eklen, fixlen, ri->enc_key->data, ri->enc_key->length); if (ret <= 0) diff --git a/crypto/openssl/crypto/pkcs7/pk7_smime.c b/crypto/openssl/crypto/pkcs7/pk7_smime.c index 97f20058979f..dc003ee2affd 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_smime.c +++ b/crypto/openssl/crypto/pkcs7/pk7_smime.c @@ -222,6 +222,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, int i, j = 0, k, ret = 0; BIO *p7bio = NULL; BIO *tmpout = NULL; + BIO *next = NULL; const PKCS7_CTX *p7_ctx; if (p7 == NULL) { @@ -352,9 +353,11 @@ err: BIO_free(tmpout); X509_STORE_CTX_free(cert_ctx); OPENSSL_free(buf); - if (indata != NULL) - BIO_pop(p7bio); - BIO_free_all(p7bio); + while (p7bio != NULL && p7bio != indata) { + next = BIO_pop(p7bio); + BIO_free(p7bio); + p7bio = next; + } sk_X509_free(signers); sk_X509_free(untrusted); return ret; diff --git a/crypto/openssl/doc/man3/CMS_decrypt.pod b/crypto/openssl/doc/man3/CMS_decrypt.pod index 121b74a30a10..66a94287b6f5 100644 --- a/crypto/openssl/doc/man3/CMS_decrypt.pod +++ b/crypto/openssl/doc/man3/CMS_decrypt.pod @@ -68,7 +68,7 @@ then the above behaviour is modified and an error B returned if no recipient encrypted key can be decrypted B generating a random content encryption key. Applications should use this flag with B especially in automated gateways as it can leave them -open to attack. +open to attack. See L for more details. It is possible to determine the correct recipient key by other means (for example looking them up in a database) and setting them in the CMS structure @@ -103,7 +103,7 @@ mentioned in CMS_verify() also applies to CMS_decrypt(). =head1 SEE ALSO -L, L +L, L, L =head1 HISTORY diff --git a/crypto/openssl/doc/man3/PKCS7_decrypt.pod b/crypto/openssl/doc/man3/PKCS7_decrypt.pod index aea15937ab86..cfb5b3f87376 100644 --- a/crypto/openssl/doc/man3/PKCS7_decrypt.pod +++ b/crypto/openssl/doc/man3/PKCS7_decrypt.pod @@ -22,6 +22,14 @@ B is an optional set of flags. Although the recipients certificate is not needed to decrypt the data it is needed to locate the appropriate (of possible several) recipients in the PKCS#7 structure. +When RSA PKCS#1 v1.5 Key Transport is in use, the invoked EVP_PKEY_decrypt() +will use implicit rejection mechanism. It always returns the result of RSA +decryption of the symmetric key to avoid Marvin attack. This result is +deterministic and can happen to match the symmetric cipher used for the content +encryption. In case when the certificate is not provided, the last +RecipientInfo producing the key looking valid will be used. It may cause +getting garbage content on decryption. + The following flags can be passed in the B parameter. If the B flag is set MIME headers for type B are deleted @@ -43,7 +51,7 @@ mentioned in PKCS7_sign() also applies to PKCS7_verify(). =head1 SEE ALSO -L, L +L, L, L =head1 COPYRIGHT diff --git a/crypto/openssl/include/internal/quic_cfq.h b/crypto/openssl/include/internal/quic_cfq.h index 0b2a3a4cb2d6..96c8d89eb600 100644 --- a/crypto/openssl/include/internal/quic_cfq.h +++ b/crypto/openssl/include/internal/quic_cfq.h @@ -149,6 +149,7 @@ QUIC_CFQ_ITEM *ossl_quic_cfq_get_priority_head(const QUIC_CFQ *cfq, QUIC_CFQ_ITEM *ossl_quic_cfq_item_get_priority_next(const QUIC_CFQ_ITEM *item, uint32_t pn_space); +int ossl_quic_cfq_discard_unreliable(QUIC_CFQ *cfq, QUIC_CFQ_ITEM *item); #endif #endif diff --git a/crypto/openssl/include/internal/quic_channel.h b/crypto/openssl/include/internal/quic_channel.h index b917b966abeb..cfaeab728178 100644 --- a/crypto/openssl/include/internal/quic_channel.h +++ b/crypto/openssl/include/internal/quic_channel.h @@ -468,6 +468,7 @@ int ossl_quic_bind_channel(QUIC_CHANNEL *ch, const BIO_ADDR *peer, const QUIC_CONN_ID *scid, const QUIC_CONN_ID *dcid, const QUIC_CONN_ID *odcid); +void ossl_ch_reset_rx_state(QUIC_CHANNEL *ch); #endif #endif diff --git a/crypto/openssl/include/internal/quic_fifd.h b/crypto/openssl/include/internal/quic_fifd.h index 4ea7a2e0d226..afa330cbc4a2 100644 --- a/crypto/openssl/include/internal/quic_fifd.h +++ b/crypto/openssl/include/internal/quic_fifd.h @@ -83,6 +83,7 @@ int ossl_quic_fifd_pkt_commit(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *pkt); void ossl_quic_fifd_set_qlog_cb(QUIC_FIFD *fifd, QLOG *(*get_qlog_cb)(void *arg), void *arg); +void ossl_quic_fifd_pkt_discard_unreliable(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *tpkt); #endif #endif diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c index d0b6ae4b070d..5bdc567b4bb1 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c @@ -58,6 +58,9 @@ static int aes_gcm_siv_initkey(void *vctx) memset(&data, 0, sizeof(data)); memcpy(&data.block[sizeof(data.counter)], ctx->nonce, NONCE_SIZE); + ctx->generated_tag = 0; + memset(ctx->tag, 0, TAG_SIZE); + /* msg_auth_key is always 16 bytes in size, regardless of AES128/AES256 */ /* counter is stored little-endian */ for (i = 0; i < BLOCK_SIZE; i += 8) { @@ -134,17 +137,6 @@ static int aes_gcm_siv_aad(PROV_AES_GCM_SIV_CTX *ctx, return 1; } -static int aes_gcm_siv_finish(PROV_AES_GCM_SIV_CTX *ctx) -{ - int ret = 0; - - if (ctx->enc) - return ctx->generated_tag; - ret = !CRYPTO_memcmp(ctx->tag, ctx->user_tag, sizeof(ctx->tag)); - ret &= ctx->have_user_tag; - return ret; -} - static int aes_gcm_siv_encrypt(PROV_AES_GCM_SIV_CTX *ctx, const unsigned char *in, unsigned char *out, size_t len) { @@ -271,6 +263,19 @@ static int aes_gcm_siv_decrypt(PROV_AES_GCM_SIV_CTX *ctx, const unsigned char *i return !error; } +static int aes_gcm_siv_finish(PROV_AES_GCM_SIV_CTX *ctx) +{ + int ret = 0; + + if (ctx->enc) + return ctx->generated_tag; + if (!ctx->generated_tag) + aes_gcm_siv_decrypt(ctx, NULL, NULL, 0); + ret = !CRYPTO_memcmp(ctx->tag, ctx->user_tag, sizeof(ctx->tag)); + ret &= ctx->have_user_tag; + return ret; +} + static int aes_gcm_siv_cipher(void *vctx, unsigned char *out, const unsigned char *in, size_t len) { diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c index b724c425e392..99254cb49a88 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c @@ -514,6 +514,19 @@ static int aes_ocb_cipher(void *vctx, unsigned char *out, size_t *outl, return 0; } + /* + * Mirror the streaming handler: refuse if the key has not been set, + * and push the buffered IV into the OCB context before any data is + * processed. Without this, CRYPTO_ocb128_encrypt/decrypt runs with + * Offset_0 = 0 regardless of the caller's IV -- catastrophic + * (key, nonce) reuse, and a subsequent EVP_*Final_ex() emits a tag + * that is a function of (key, iv) only. + */ + if (!ctx->key_set || !update_iv(ctx)) { + ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); + return 0; + } + if (!aes_generic_ocb_cipher(ctx, in, out, inl)) { ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); return 0; diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c index 96f26757abe2..754e0757cda3 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c @@ -192,6 +192,7 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; const OSSL_PARAM *p; unsigned int speed = 0; + SIV128_CONTEXT *sctx = &ctx->siv; if (ossl_param_is_empty(params)) return 1; @@ -226,6 +227,8 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (keylen != ctx->keylen) return 0; } + sctx->final_ret = -1; + return 1; } diff --git a/crypto/openssl/providers/implementations/exchange/dh_exch.c b/crypto/openssl/providers/implementations/exchange/dh_exch.c index 94d4254ed5d2..2bfefc0aedf4 100644 --- a/crypto/openssl/providers/implementations/exchange/dh_exch.c +++ b/crypto/openssl/providers/implementations/exchange/dh_exch.c @@ -146,12 +146,15 @@ static int dh_init(void *vpdhctx, void *vdh, const OSSL_PARAM params[]) static int dh_match_params(DH *priv, DH *peer) { int ret; + int ignore_q = 1; FFC_PARAMS *dhparams_priv = ossl_dh_get0_params(priv); FFC_PARAMS *dhparams_peer = ossl_dh_get0_params(peer); + if (dhparams_priv != NULL && dhparams_priv->q != NULL) + ignore_q = 0; ret = dhparams_priv != NULL && dhparams_peer != NULL - && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, 1); + && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, ignore_q); if (!ret) ERR_raise(ERR_LIB_PROV, PROV_R_MISMATCHING_DOMAIN_PARAMETERS); return ret; diff --git a/crypto/openssl/ssl/quic/quic_cfq.c b/crypto/openssl/ssl/quic/quic_cfq.c index 3c59234ff0ff..16818e55f57d 100644 --- a/crypto/openssl/ssl/quic/quic_cfq.c +++ b/crypto/openssl/ssl/quic/quic_cfq.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#include "internal/quic_channel.h" #include "internal/quic_cfq.h" #include "internal/numbers.h" @@ -307,6 +308,20 @@ void ossl_quic_cfq_mark_lost(QUIC_CFQ *cfq, QUIC_CFQ_ITEM *item, } } +int ossl_quic_cfq_discard_unreliable(QUIC_CFQ *cfq, QUIC_CFQ_ITEM *item) +{ + int discarded; + + if (ossl_quic_cfq_item_is_unreliable(item)) { + ossl_quic_cfq_release(cfq, item); + discarded = 1; + } else { + discarded = 0; + } + + return discarded; +} + /* * Releases a CFQ item. The item may be in either state (NEW or TX) prior to the * call. The QUIC_CFQ_ITEM pointer must not be used following this call. diff --git a/crypto/openssl/ssl/quic/quic_channel.c b/crypto/openssl/ssl/quic/quic_channel.c index 13692e5bd09e..5f81a8560d5f 100644 --- a/crypto/openssl/ssl/quic/quic_channel.c +++ b/crypto/openssl/ssl/quic/quic_channel.c @@ -2213,6 +2213,12 @@ static void ch_rx_check_forged_pkt_limit(QUIC_CHANNEL *ch) "forgery limit"); } +void ossl_ch_reset_rx_state(QUIC_CHANNEL *ch) +{ + ch->did_crypto_frame = 0; + ch->seen_path_challenge = 0; +} + /* Process queued incoming packets and handle frames, if any. */ static int ch_rx(QUIC_CHANNEL *ch, int channel_only, int *notify_other_threads) { diff --git a/crypto/openssl/ssl/quic/quic_channel_local.h b/crypto/openssl/ssl/quic/quic_channel_local.h index ae443fccca1e..e40b4901cbc7 100644 --- a/crypto/openssl/ssl/quic/quic_channel_local.h +++ b/crypto/openssl/ssl/quic/quic_channel_local.h @@ -12,6 +12,28 @@ #include "internal/quic_stream_map.h" #include "internal/quic_tls.h" +/* + * This is a part of PATH_CHALLENGE flood [1] mitigation. This limits the + * number of PATH_CHALLENGE frames QUIC stack is willing to process for + * connection. Local QUIC stack creates PATH_RESPONSE frame for PATH_CHALLENGE + * frame it receives from remote peer. The response frame is put Control Frame + * Queue waiting to be dispatched. The PATH_RESPONSE frame is removed from CFQ + * after it is dispatched. The QUIC_PATH_RESPONSE_QLEN limits the number of + * PATH_RESPONSE frames waiting to be dispatched. No new PATH_RESPONSE frames + * are inserted into CFQ if queue limit is exceeded. + * + * QUIC implementations use different limits for PATH_RESPONSE queue lengths: + * quic-go defines maxPathResponses as 256 + * quiche from cloadflare sets DEFAULT_MAX_PATH_CHALLENGE_RX_QUEUE_LEN to 3 + * t-quic from tencent chooses MAX_PATH_CHALS_RECV to be 8 + * + * OpenSSL here introduces QUIC_PATH_RESPONSE_QLEN as 32. + * + * [1] https://www.ietf.org/archive/id/draft-chen-quic-logical-vuln-mitigations-00.txt + * (section 4.2) + */ +#define QUIC_PATH_RESPONSE_QLEN 32 + /* * QUIC Channel Structure * ====================== @@ -457,6 +479,18 @@ struct quic_channel_st { /* Has qlog been requested? */ unsigned int is_tserver_ch : 1; + /* + * RFC 9000 Section 9.2.1 says: + * However, an endpoint SHOULD NOT send multiple + * PATH_CHALLENGE frames in a single packet. + * The counter here allows us to detect multiple presence + * of PATH_CHALLENGE frame in packet. We process only the + * first PATH_CHALLENGE frame found in packet. Remaining PATH_CHALLENGE + * frames are ignored. + * seen_path_challenge flag is always reset before + * ossl_quic_handle_frames() gets called. + */ + unsigned int seen_path_challenge : 1; /* Saved error stack in case permanent error was encountered */ ERR_STATE *err_state; @@ -467,6 +501,11 @@ struct quic_channel_st { /* Title for qlog purposes. We own this copy. */ char *qlog_title; + /* + * number of path responses waiting to be dispatched + * from control frame queue (CFQ) + */ + unsigned int path_response_limit; }; #endif diff --git a/crypto/openssl/ssl/quic/quic_fifd.c b/crypto/openssl/ssl/quic/quic_fifd.c index 03b8cebd3057..e80483b501d7 100644 --- a/crypto/openssl/ssl/quic/quic_fifd.c +++ b/crypto/openssl/ssl/quic/quic_fifd.c @@ -310,3 +310,46 @@ void ossl_quic_fifd_set_qlog_cb(QUIC_FIFD *fifd, QLOG *(*get_qlog_cb)(void *arg) fifd->get_qlog_cb = get_qlog_cb; fifd->get_qlog_cb_arg = get_qlog_cb_arg; } + +static void txpim_pkt_remove_cfq_item(QUIC_TXPIM_PKT *pkt, QUIC_CFQ_ITEM *cfq_item) +{ + QUIC_CFQ_ITEM *prev = cfq_item->pkt_prev; + + if (prev != NULL) { + prev->pkt_next = cfq_item->pkt_next; + } else { + pkt->retx_head = cfq_item->pkt_next; + } + + if (cfq_item->pkt_next != NULL) + cfq_item->pkt_next->pkt_prev = prev; + + cfq_item->pkt_prev = NULL; + cfq_item->pkt_next = NULL; +} + +void ossl_quic_fifd_pkt_discard_unreliable(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *pkt) +{ + QUIC_CFQ_ITEM *cfq_item, *cfq_next; + + /* + * The packet has been written to network. We can discard frames we don't + * retransmit when loss is detected. + */ + cfq_item = pkt->retx_head; + while (cfq_item != NULL) { + /* + * Discarded items are moved to free list. If item + * got moved to free list we must also remove it from + * cfq list kept in pkt, so ACKM does not find it when + * receives an ACK for pkt. + */ + if (ossl_quic_cfq_discard_unreliable(fifd->cfq, cfq_item)) { + cfq_next = cfq_item->pkt_next; + txpim_pkt_remove_cfq_item(pkt, cfq_item); + cfq_item = cfq_next; + } else { + cfq_item = cfq_item->pkt_next; + } + } +} diff --git a/crypto/openssl/ssl/quic/quic_port.c b/crypto/openssl/ssl/quic/quic_port.c index 1e247e1ec624..dc79485b96a5 100644 --- a/crypto/openssl/ssl/quic/quic_port.c +++ b/crypto/openssl/ssl/quic/quic_port.c @@ -1666,8 +1666,10 @@ static void port_default_packet_handler(QUIC_URXE *e, void *arg, * forget qrx so channel can create a new one * with valid initial encryption level keys. */ - qrx_src = qrx; - qrx = NULL; + if (qrx != NULL) { + qrx_src = qrx; + qrx = NULL; + } } port_bind_channel(port, &e->peer, &scid, &hdr.dst_conn_id, diff --git a/crypto/openssl/ssl/quic/quic_rx_depack.c b/crypto/openssl/ssl/quic/quic_rx_depack.c index 786af9b4c221..1bdb43b7d639 100644 --- a/crypto/openssl/ssl/quic/quic_rx_depack.c +++ b/crypto/openssl/ssl/quic/quic_rx_depack.c @@ -931,6 +931,12 @@ static int depack_do_frame_retire_conn_id(PACKET *pkt, static void free_path_response(unsigned char *buf, size_t buf_len, void *arg) { + QUIC_CHANNEL *ch = (QUIC_CHANNEL *)arg; + + assert(ch->path_response_limit > 0); + + ch->path_response_limit--; + OPENSSL_free(buf); } @@ -951,33 +957,39 @@ static int depack_do_frame_path_challenge(PACKET *pkt, return 0; } - /* - * RFC 9000 s. 8.2.2: On receiving a PATH_CHALLENGE frame, an endpoint MUST - * respond by echoing the data contained in the PATH_CHALLENGE frame in a - * PATH_RESPONSE frame. - * - * TODO(QUIC FUTURE): We should try to avoid allocation here in the future. - */ - encoded_len = sizeof(uint64_t) + 1; - if ((encoded = OPENSSL_malloc(encoded_len)) == NULL) - goto err; + if (ch->seen_path_challenge == 0 + && ch->path_response_limit < QUIC_PATH_RESPONSE_QLEN) { + /* + * RFC 9000 s. 8.2.2: On receiving a PATH_CHALLENGE frame, an endpoint + * MUST respond by echoing the data contained in the PATH_CHALLENGE + * frame in a PATH_RESPONSE frame. + * + * TODO(QUIC FUTURE): We should try to avoid allocation here in the + * future. + */ + encoded_len = sizeof(uint64_t) + 1; + if ((encoded = OPENSSL_malloc(encoded_len)) == NULL) + goto err; - if (!WPACKET_init_static_len(&wpkt, encoded, encoded_len, 0)) - goto err; + if (!WPACKET_init_static_len(&wpkt, encoded, encoded_len, 0)) + goto err; - if (!ossl_quic_wire_encode_frame_path_response(&wpkt, frame_data)) { - WPACKET_cleanup(&wpkt); - goto err; - } + if (!ossl_quic_wire_encode_frame_path_response(&wpkt, frame_data)) { + WPACKET_cleanup(&wpkt); + goto err; + } - WPACKET_finish(&wpkt); + WPACKET_finish(&wpkt); - if (!ossl_quic_cfq_add_frame(ch->cfq, 0, QUIC_PN_SPACE_APP, - OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, - QUIC_CFQ_ITEM_FLAG_UNRELIABLE, - encoded, encoded_len, - free_path_response, NULL)) - goto err; + if (!ossl_quic_cfq_add_frame(ch->cfq, 0, QUIC_PN_SPACE_APP, + OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, + QUIC_CFQ_ITEM_FLAG_UNRELIABLE, + encoded, encoded_len, + free_path_response, ch)) + goto err; + ch->seen_path_challenge = 1; + ch->path_response_limit++; + } return 1; @@ -1432,7 +1444,7 @@ int ossl_quic_handle_frames(QUIC_CHANNEL *ch, OSSL_QRX_PKT *qpacket) if (ch == NULL) return 0; - ch->did_crypto_frame = 0; + ossl_ch_reset_rx_state(ch); /* Initialize |ackm_data| (and reinitialize |ok|)*/ memset(&ackm_data, 0, sizeof(ackm_data)); diff --git a/crypto/openssl/ssl/quic/quic_txp.c b/crypto/openssl/ssl/quic/quic_txp.c index 44aaad868d2f..b2565c1a9fee 100644 --- a/crypto/openssl/ssl/quic/quic_txp.c +++ b/crypto/openssl/ssl/quic/quic_txp.c @@ -3133,6 +3133,8 @@ static int txp_pkt_commit(OSSL_QUIC_TX_PACKETISER *txp, --probe_info->pto[pn_space]; } + ossl_quic_fifd_pkt_discard_unreliable(&txp->fifd, tpkt); + return rc; } diff --git a/crypto/openssl/test/cmsapitest.c b/crypto/openssl/test/cmsapitest.c index 0752d14df09c..d908bc6fc4c4 100644 --- a/crypto/openssl/test/cmsapitest.c +++ b/crypto/openssl/test/cmsapitest.c @@ -21,6 +21,7 @@ static X509 *cert = NULL; static EVP_PKEY *privkey = NULL; static char *derin = NULL; static char *too_long_iv_cms_in = NULL; +static char *pwri_kek_oob_der_in = NULL; static int test_encrypt_decrypt(const EVP_CIPHER *cipher) { @@ -512,7 +513,48 @@ end: return ret; } -OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile\n") +/* + * CMS EnvelopedData with a single PasswordRecipientInfo using + * id-alg-PWRI-KEK and an AES-128-CFB key encryption cipher + * (1-byte effective block size). The encryptedKey OCTET STRING is + * only two bytes long, so the wrapped key buffer is shorter than + * the seven octets read by the check-byte test in kek_unwrap_key(). + * Prior to CVE-2026-9076 this triggered an out-of-bounds heap read; + * CMS_decrypt() must now fail cleanly. + */ +static int test_pwri_kek_unwrap_short_encrypted_key(void) +{ + BIO *in = NULL; + CMS_ContentInfo *cms = NULL; + unsigned long err = 0; + int ret = 0; + + if (!TEST_ptr(in = BIO_new_file(pwri_kek_oob_der_in, "rb")) + || !TEST_ptr(cms = d2i_CMS_bio(in, NULL))) + goto end; + + /* + * The unwrap is attempted eagerly inside CMS_decrypt_set1_password(). + * It must fail cleanly (no OOB read) and report CMS_R_UNWRAP_FAILURE. + */ + if (!TEST_false(CMS_decrypt_set1_password(cms, + (unsigned char *)"password", -1))) + goto end; + + err = ERR_peek_last_error(); + if (!TEST_int_eq(ERR_GET_LIB(err), ERR_LIB_CMS) + || !TEST_int_eq(ERR_GET_REASON(err), CMS_R_UNWRAP_FAILURE)) + goto end; + + ERR_clear_error(); + ret = 1; +end: + CMS_ContentInfo_free(cms); + BIO_free(in); + return ret; +} + +OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile tooLongIVpem pwriKekOobDer\n") int setup_tests(void) { @@ -527,7 +569,8 @@ int setup_tests(void) if (!TEST_ptr(certin = test_get_argument(0)) || !TEST_ptr(privkeyin = test_get_argument(1)) || !TEST_ptr(derin = test_get_argument(2)) - || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3))) + || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3)) + || !TEST_ptr(pwri_kek_oob_der_in = test_get_argument(4))) *** 235 LINES SKIPPED *** From nobody Tue Jun 9 19:16:56 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvD6Q02z6gTp9 for ; Tue, 09 Jun 2026 19:16:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdvD3lgdz3KDV for ; Tue, 09 Jun 2026 19:16:56 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032616; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lcJ4CtYBqb/Uu7VGniZLls+1cYGGQA8jr3J2NGZ1aPM=; b=tGRi5ne6B2o5hpWSa+89/2DCp+5uC9zjHczusPgqxrumW37JJoP4WtFBK+gwjK442hxEJ4 Z0yxRmAPrZ68+3yTn4/SwRCRJCQ8j13+6D+m/xU0oR5O/GAlRPpsZUl/ocaoLIi9UAgjP2 1Vg9+0uitBj2uDU4W0OVI5PaLIkZRo9F3wYnfyFA5nptwktpeN6okPV+UrE9GCRmhVB9WQ L8dhGzMCxG4if5Z+Abd6/qm31NyDDP9pB2z+6g1UUzP/RMtSAHzNhIkKDjtLvsfrrUol8r XR8BmQ3uN1b+CTc7jg16T4dL7te4lsB+RrT6Kx4pcATr3YWvQSFvxCwxxNNqTg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032616; a=rsa-sha256; cv=none; b=kWWogeilaOgQ+te/ACxL+PmQ5KCR1RrrN6c9qWKAgTxyDhZ0IA4lsWpnj0DL8rG3bT8JyO 5snmCNnDk8FkJjZpwG6hGrtdV3x8yUaYxpqKj25as0wSnrpp/VHEJ6E0lLUKhxkgPkRmCZ 6Ft+F7i/5B+fw7CgGSAHym9AYYGED/WNI6Q0mHru+XGMyWSRxavzH+/gq0akt/cJpAV1TI k25f1oU1y8t60F/NDrZO/oNnunQBCk78Pn2swLyK7p6MvLgX7HAWfWMnCKnYEqJc8wAOPe onOpmZ4vCZcGobAi5iaKS42b7XePcIyocNX6fUKNHUTuz2xwJLOndMJ0Z1I7aw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032616; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lcJ4CtYBqb/Uu7VGniZLls+1cYGGQA8jr3J2NGZ1aPM=; b=lYh5Q36Z6otftymMeS+cuRnCKohPuu/A42K7IYdfNrNYizT93jvII9qkCpTt51MQw/s0QW dupdcHfLmxpXKb3jI5jQ3v2n1VW7b6dOMlXQ5FzK51Nmr/tQjqUcnnceeGluhPhdJ2eMxa JZCK+86aP/NwDgKadaelf0PD563Ih8LQBxoItaENZ0HSn92VQedilIBpTEz+C0XyXc4pw9 B9o90kN+Ty8z8k7JlwKCJncOPnPNcqtgc2tUWTmM7HW7FrHS8UcdtkMpwmBygOeu+t97G0 vj1Qy7YsebrIyAD8+dYHTHywPck3ygVjQTopOVsbbJXw3wV1tKomFEba38tcEA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvD35qvznt1 for ; Tue, 09 Jun 2026 19:16:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e495 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:16:56 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: 980ba4177b69 - main - ldns: Fix query response validation List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 980ba4177b69655726485daa5ff3e931f19aa738 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:16:56 +0000 Message-Id: <6a2866a8.3e495.33ee7e98@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=980ba4177b69655726485daa5ff3e931f19aa738 commit 980ba4177b69655726485daa5ff3e931f19aa738 Author: Gordon Tetlow AuthorDate: 2026-06-07 15:09:39 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:13:21 +0000 ldns: Fix query response validation Approved by: so Security: FreeBSD-SA-26:36.ldns Security: CVE-2026-10846 --- contrib/ldns/error.c | 6 ++++ contrib/ldns/ldns/error.h | 5 ++- contrib/ldns/net.c | 92 +++++++++++++++++++++++++++++++++++++++++++++-- 3 files changed, 100 insertions(+), 3 deletions(-) diff --git a/contrib/ldns/error.c b/contrib/ldns/error.c index 5723aea9b4c2..4fc05d6d0d8f 100644 --- a/contrib/ldns/error.c +++ b/contrib/ldns/error.c @@ -191,6 +191,12 @@ ldns_lookup_table ldns_error_str[] = { "at least 2 bytes of option data" }, { LDNS_STATUS_EQUAL_RR, "An identical RR already existed in the zone" }, + { LDNS_STATUS_ID_DID_NOT_MATCH, + "Response ID did not match the query ID" }, + { LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + "The query section MUST contain exactly one question" }, + { LDNS_STATUS_QUERY_DID_NOT_MATCH, + "The question in the response did not match the query" }, { 0, NULL } }; diff --git a/contrib/ldns/ldns/error.h b/contrib/ldns/ldns/error.h index a76eb2ecab5d..41d64cc0815f 100644 --- a/contrib/ldns/ldns/error.h +++ b/contrib/ldns/ldns/error.h @@ -144,7 +144,10 @@ enum ldns_enum_status { LDNS_STATUS_INVALID_SVCPARAM_VALUE, LDNS_STATUS_NOT_EDE, LDNS_STATUS_EDE_OPTION_MALFORMED, - LDNS_STATUS_EQUAL_RR + LDNS_STATUS_EQUAL_RR, + LDNS_STATUS_ID_DID_NOT_MATCH, + LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + LDNS_STATUS_QUERY_DID_NOT_MATCH }; typedef enum ldns_enum_status ldns_status; diff --git a/contrib/ldns/net.c b/contrib/ldns/net.c index e944d018b357..4c1f405419fb 100644 --- a/contrib/ldns/net.c +++ b/contrib/ldns/net.c @@ -441,6 +441,50 @@ ldns_udp_bgsend2(ldns_buffer *qbin, return ldns_udp_bgsend_from(qbin, to, tolen, NULL, 0, timeout); } +/** helper sockaddr compare function. returns -1, 0 or 1. */ +static int +ldns_sockaddr_cmp(const struct sockaddr_storage* addr1, socklen_t len1, + const struct sockaddr_storage* addr2, socklen_t len2) +{ + struct sockaddr_in* p1_in = (struct sockaddr_in*)addr1; + struct sockaddr_in* p2_in = (struct sockaddr_in*)addr2; + struct sockaddr_in6* p1_in6 = (struct sockaddr_in6*)addr1; + struct sockaddr_in6* p2_in6 = (struct sockaddr_in6*)addr2; + if(len1 < len2) + return -1; + if(len1 > len2) + return 1; + assert(len1 == len2); + if( p1_in->sin_family < p2_in->sin_family) + return -1; + if( p1_in->sin_family > p2_in->sin_family) + return 1; + assert( p1_in->sin_family == p2_in->sin_family ); + /* compare ip4 */ + if( p1_in->sin_family == AF_INET ) { + /* just order it, ntohs not required */ + if(p1_in->sin_port < p2_in->sin_port) + return -1; + if(p1_in->sin_port > p2_in->sin_port) + return 1; + assert(p1_in->sin_port == p2_in->sin_port); + return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, + sizeof(p1_in->sin_addr)); + } else if (p1_in6->sin6_family == AF_INET6) { + /* just order it, ntohs not required */ + if(p1_in6->sin6_port < p2_in6->sin6_port) + return -1; + if(p1_in6->sin6_port > p2_in6->sin6_port) + return 1; + assert(p1_in6->sin6_port == p2_in6->sin6_port); + return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr, + sizeof(p1_in6->sin6_addr)); + } else { + /* eek unknown type, perform this comparison for sanity. */ + return memcmp(addr1, addr2, len1); + } +} + static ldns_status ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to , socklen_t tolen, @@ -449,6 +493,8 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, { int sockfd; uint8_t *answer; + struct sockaddr_storage reply_addr; + socklen_t reply_addr_len; sockfd = ldns_udp_bgsend_from(qbin, to, tolen, from, fromlen, timeout); @@ -467,13 +513,21 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, * but returns a 'NETWORK_ERROR' much like a timeout. */ ldns_sock_nonblock(sockfd); - answer = ldns_udp_read_wire(sockfd, answer_size, NULL, NULL); + reply_addr_len = sizeof(reply_addr); + memset(&reply_addr, 0, reply_addr_len); + answer = ldns_udp_read_wire(sockfd, answer_size, &reply_addr, + &reply_addr_len); close_socket(sockfd); if (!answer) { /* oops */ return LDNS_STATUS_NETWORK_ERR; } + /* Check that the reply came from the to addr. */ + if(ldns_sockaddr_cmp(to, tolen, &reply_addr, reply_addr_len) != 0) { + free(answer); + return LDNS_STATUS_NETWORK_ERR; + } *result = answer; return LDNS_STATUS_OK; @@ -512,6 +566,10 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf assert(r != NULL); + /* The query should at least have one question */ + if(ldns_buffer_limit(qb) < 6 || ldns_buffer_read_u16_at(qb, 4) != 1) + return LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + status = LDNS_STATUS_OK; rtt = ldns_resolver_rtt(r); ns_array = ldns_resolver_nameservers(r); @@ -599,6 +657,16 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf ldns_resolver_set_nameserver_rtt(r, i, LDNS_RESOLV_RTT_INF); status = send_status; } + if(reply_bytes && ldns_buffer_limit(qb) >= 2) { + uint16_t txid = ldns_buffer_read_u16_at(qb, 0); + if(reply_size < 2 || + ldns_read_uint16(reply_bytes) != txid) { + status = LDNS_STATUS_ID_DID_NOT_MATCH; + LDNS_FREE(reply_bytes); + reply_bytes = NULL; + reply_size = 0; + } + } /* obey the fail directive */ if (!reply_bytes) { @@ -608,7 +676,7 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf LDNS_FREE(src); } LDNS_FREE(ns); - return LDNS_STATUS_ERR; + return status ? status : LDNS_STATUS_ERR; } else { LDNS_FREE(ns); continue; @@ -670,6 +738,26 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf #endif /* HAVE_SSL */ LDNS_FREE(reply_bytes); + if (reply) { + ldns_pkt *query = NULL; + + if(ldns_pkt_qdcount(reply) != 1) { + status = LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + ldns_pkt_free(reply); + reply = NULL; + + } else if(ldns_wire2pkt(&query + , ldns_buffer_begin(qb) + , ldns_buffer_position(qb)) != LDNS_STATUS_OK + || ldns_pkt_qdcount(query) != 1 + || ldns_rr_compare(ldns_rr_list_rr(ldns_pkt_question(query),0) + ,ldns_rr_list_rr(ldns_pkt_question(reply),0))){ + status = LDNS_STATUS_QUERY_DID_NOT_MATCH; + ldns_pkt_free(reply); + reply = NULL; + } + ldns_pkt_free(query); + } if (result) { *result = reply; } From nobody Tue Jun 9 19:17:27 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvr33PSz6gV5K for ; Tue, 09 Jun 2026 19:17:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdvq6f86z3L80 for ; Tue, 09 Jun 2026 19:17:27 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032648; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=06QOUsk2ZHn2APSqPNzKP3SHypri6oeQACQ1p5GrGi4=; b=o5Q73a3fQL0Ii+WBy7nrfatZ5DjgcMP9hht0DLQRDtYbodttvlJgLp3l5HYWYMoLvbGwkL kE4EbeKhA8cfAcP2jlFkZMV+mq8IzdlVAuJ9TnNsQlemf7qp83xlKvpnYwGvIpPsIk4KJN KbR84U4ww58AZ3ae72J2gQ4NfDWUHzGzMJR0ZDoB3WjiUW7sQwxA7uJlCZ6Q0l9zM2JLUN zLKl4aeNsEMCg8YWNGId/OBNxEe4EF88KMla2eiz+0pFbemAJqU1lKJBlaQdrrNrSEhgD1 pXN2q6EgJGm5zn80rL163M2Xch+K2Ev/MlMsvQ//KoYvIq+hoksY+B8zd45bog== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032648; a=rsa-sha256; cv=none; b=r/OcN3/FJC2LpQ2kCAfBTiYOJP2E8t3JHOODiFs4Jd+2/5gdlWv3UOhfiAim+pmJpTpCaZ qMjnarV5G0BVnBCzKEufPEMVWpA0QEDOPaLLJetoiLBvmCEnci1RIScAYgZ44fpVEsIEYB h5ROTfxjNuwKVsDzXqsKDj4Kn55GY8gfqN1AAIZsyJ591QpaCBdHprvsaSAGAJfRv4OMAO Vd2nIM9eBZ4ExqRH4fek8xnNoTja4S09RwGx0nvwbjdd3FwCwLQEFTM7bLi/MlatjoyxJ4 z4eKKrh9CSorDa4lkIX/iuIC8CegaX9+m6ferOSN8/680dqmC9gN1FFmTwcfng== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032648; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=06QOUsk2ZHn2APSqPNzKP3SHypri6oeQACQ1p5GrGi4=; b=PUcWvOK59qQY1m6MHhfqR7jnEzcdUEPdWaOYe7jns3LfS5XvPMD73yK61w5J0Oo+q7RZhD 15w3nRj4XdebR5QHlRxZx1SZwM5+OFd4rulHLEa3JH3WY6IsblGyVhhufJnqA+L8aFPS/w tkpn0hoaPKi+T1Dek+kmc3ptG/G6fYhZoYn+l7YUcM2otOgEX1ublgVS21xB8wzpq50HFF i5rndPiViQnrV3+GR19+cltfAk6logSHhYkljjDRMMdBurGtl+Wqb+pKZ8eB/hwO1f2/Qs G/5b7vgn33pYJ6lZiMVLJgfWanUZ2JqD6TWJ+wWdZ26L7ZVdrsdd/cbvYc3fSw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvq6B6zznt2 for ; Tue, 09 Jun 2026 19:17:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e51d by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:27 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: afa0c67a1ba3 - stable/15 - thr_kill2: Respect p_cansignal() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: afa0c67a1ba368a98600d4f059190b1d2dc9fff3 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:27 +0000 Message-Id: <6a2866c7.3e51d.bbc6999@gitrepo.freebsd.org> The branch stable/15 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=afa0c67a1ba368a98600d4f059190b1d2dc9fff3 commit afa0c67a1ba368a98600d4f059190b1d2dc9fff3 Author: Mark Johnston AuthorDate: 2026-05-25 15:12:57 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:24 +0000 thr_kill2: Respect p_cansignal() Approved by: so Security: FreeBSD-SA-26:25.thr Security: CVE-2026-45256 Reported by: Igor Gabriel Sousa e Souza Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li, and Ke Xu from Tsinghua University using GLM-5.1 from Z.ai Reviewed by: emaste, kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57237 --- sys/kern/kern_thr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/kern_thr.c b/sys/kern/kern_thr.c index 4329959a2ef4..4a439eee0210 100644 --- a/sys/kern/kern_thr.c +++ b/sys/kern/kern_thr.c @@ -506,7 +506,7 @@ sys_thr_kill2(struct thread *td, struct thr_kill2_args *uap) p = ttd->td_proc; AUDIT_ARG_PROCESS(p); error = p_cansignal(td, p, uap->sig); - if (uap->sig == 0) + if (error != 0 || uap->sig == 0) ; else if (!_SIG_VALID(uap->sig)) error = EINVAL; From nobody Tue Jun 9 19:17:31 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvv3Hjmz6gTpX for ; Tue, 09 Jun 2026 19:17:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdvv1WSpz3LSN for ; Tue, 09 Jun 2026 19:17:31 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032651; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=QnfMywaxd/XHxjs5Y216yHTVGxiQBfVWZclq7hiZG48=; b=SaN6sxL+x0RLiCC+DVOM4i9C0uy0dAQMjxtVczTZKh1o6HNnJNnHCyrk8hGe51yvCIC/9d yW22oLYBmtfsTQ7QOX5gKc3ivYSTN4tztwHDbltF1M/seEnLF2fJPgvwDBRa/s63uMpJ+n F7V0mKl83S1ZgOD2rsbKgOMbGW1CG2Cl27LacA/30FDPD+7WyQYMyyad1erVl5RnEcLBXZ 6b9VSwie2ZmfSwZX0qRJeNwShtYdavZ0WTxPaClF4XvuAVV/D1bWPFSMQ+KYQ+O4ScLreJ beOvxZUbvpLmTpg/vS6ql4CEpMuFFWCCNa5Y39H8GOtmQ6aQf6GzBnai+Knaxg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032651; a=rsa-sha256; cv=none; b=GBmyDUkIeOmsSLjHyYiqK/v1KkPOlGdRKlF5ijGtTVFDMXQNoculBCWvsYYjQwFZ52f4Ba eYpSK4n28F0b7CqaYz7eXOyrKTIf/lqpejg72xEjbwp6xUnhdXWSZQH45qa2WK6OLNLTfu edB7Y/tYsF3NOVZtxtErs73OyYbT+592VSPgLlo+LJ05Kh1dAc1sNjVkGxXvUopY8VFrH2 Rv9lveBCsr1d0BZipWeARKQ45qF8bfpCwHqMbXXoVZ5tmrHhqq5AYjdDVivmN/GYoQb8DL IoHhtjboEs2qcM4f5+GJeGjvBBOoxgy2PqxnOs0N3+QmXUlOOcX2A1AC3gS3gg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032651; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=QnfMywaxd/XHxjs5Y216yHTVGxiQBfVWZclq7hiZG48=; b=XBWSmXIkgYc6C60yj4HVEC4WbO3ab7MdlxFOK6Tz//Birg1uxNAYsbKOS3rPEfUXzqtGZY yJAC1ry/xBS5PB14Pa2iUeH/LKDQNaRyOblGHBBVcJYuvXmrG1tD3usb9WYk1RF1RhF8cf BpLdrdt1Sh0+dv9ZF+79rFtrdMMzmH3lJiMmVmTvKNaimcyFRYg3gkclf2qscKq23NFSSz 8AG2ERXshWK+/x+alzTbr5SUrXTOi+jRHt8fyNb+sbOJEON/Hnar8J6ZTrfPuMSPAi8ZLE Gsl8AeiNVvVfLxVibgozi2s8/8IB22cMDjjr6gkApe1/JhRXXfZEZLzh//WDSA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvv13Jfznvl for ; Tue, 09 Jun 2026 19:17:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d96c by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:31 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 7628e1ddfd52 - stable/15 - sound: Fix software buffer lifetime issues List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 7628e1ddfd529c13c5d23dfb32c67e5f6d6e4265 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:31 +0000 Message-Id: <6a2866cb.3d96c.19bd7087@gitrepo.freebsd.org> The branch stable/15 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=7628e1ddfd529c13c5d23dfb32c67e5f6d6e4265 commit 7628e1ddfd529c13c5d23dfb32c67e5f6d6e4265 Author: Mark Johnston AuthorDate: 2026-06-01 21:57:40 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:24 +0000 sound: Fix software buffer lifetime issues The channel buffer mapped by dsp_mmap_single() may be freed when the device handle is closed, but the mapping persists beyond that, allowing userspace to read or write memory owned by a different consumer. Fix the problem by adding a reference counter to the sound buffer. Define pager ops for the VM object returned by dsp_mmap_single() and use them to manage the extra reference. Add a regression test. Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-49417 Reported by: Lexpl0it, 75Acol, Liyw979, Rob1n Reviewed by kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57393 --- sys/dev/sound/pcm/buffer.c | 38 ++++++++++++++++++-- sys/dev/sound/pcm/buffer.h | 4 +++ sys/dev/sound/pcm/dsp.c | 89 ++++++++++++++++++++++++++++++++++++++-------- tests/sys/sound/mmap.c | 60 +++++++++++++++++++++++++++++++ 4 files changed, 175 insertions(+), 16 deletions(-) diff --git a/sys/dev/sound/pcm/buffer.c b/sys/dev/sound/pcm/buffer.c index 0c574ae2908c..86278a46a731 100644 --- a/sys/dev/sound/pcm/buffer.c +++ b/sys/dev/sound/pcm/buffer.c @@ -36,6 +36,7 @@ #include "opt_snd.h" #endif +#include #include #include "feeder_if.h" @@ -50,6 +51,7 @@ sndbuf_create(struct pcm_channel *channel, const char *desc) struct snd_dbuf *b; b = malloc(sizeof(*b), M_DEVBUF, M_WAITOK | M_ZERO); + refcount_init(&b->refcount, 1); snprintf(b->name, SNDBUF_NAMELEN, "%s:%s", channel->name, desc); b->channel = channel; @@ -59,8 +61,30 @@ sndbuf_create(struct pcm_channel *channel, const char *desc) void sndbuf_destroy(struct snd_dbuf *b) { - sndbuf_free(b); - free(b, M_DEVBUF); + b->flags |= SNDBUF_F_DETACHED; + sndbuf_rele(b); +} + +void +sndbuf_ref(struct snd_dbuf *b) +{ + unsigned int count __diagused; + + CHN_LOCK(b->channel); + count = refcount_acquire(&b->refcount); + KASSERT(count > 0, ("sndbuf %p refcount 0", b)); + CHN_UNLOCK(b->channel); +} + +void +sndbuf_rele(struct snd_dbuf *b) +{ + if (refcount_release(&b->refcount)) { + sndbuf_free(b); + KASSERT(refcount_load(&b->refcount) == 0, + ("sndbuf %p still referenced", b)); + free(b, M_DEVBUF); + } } static void @@ -177,6 +201,11 @@ sndbuf_resize(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) { + CHN_UNLOCK(b->channel); + return (EBUSY); + } allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); tmpbuf = malloc(allocsize, M_DEVBUF, M_WAITOK); @@ -211,10 +240,15 @@ sndbuf_remalloc(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (blkcnt < 2 || blksz < 16) return EINVAL; + CHN_LOCKASSERT(b->channel); + bufsize = blksz * blkcnt; if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) + return (EBUSY); allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); buf = malloc(allocsize, M_DEVBUF, M_WAITOK); diff --git a/sys/dev/sound/pcm/buffer.h b/sys/dev/sound/pcm/buffer.h index 371ba2dd94ce..fee41db2ff82 100644 --- a/sys/dev/sound/pcm/buffer.h +++ b/sys/dev/sound/pcm/buffer.h @@ -31,6 +31,7 @@ */ #define SNDBUF_F_MANAGED 0x00000001 +#define SNDBUF_F_DETACHED 0x00000002 #define SNDBUF_NAMELEN 48 @@ -53,6 +54,7 @@ struct snd_dbuf { bus_dma_tag_t dmatag; bus_addr_t buf_addr; int dmaflags; + unsigned int refcount; struct selinfo sel; struct pcm_channel *channel; char name[SNDBUF_NAMELEN]; @@ -60,6 +62,8 @@ struct snd_dbuf { struct snd_dbuf *sndbuf_create(struct pcm_channel *channel, const char *desc); void sndbuf_destroy(struct snd_dbuf *b); +void sndbuf_ref(struct snd_dbuf *b); +void sndbuf_rele(struct snd_dbuf *b); int sndbuf_alloc(struct snd_dbuf *b, bus_dma_tag_t dmatag, int dmaflags, unsigned int size); int sndbuf_setup(struct snd_dbuf *b, void *buf, unsigned int size); diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index a37fe842ba76..7e4b4ae2df24 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -77,7 +77,6 @@ static d_read_t dsp_read; static d_write_t dsp_write; static d_ioctl_t dsp_ioctl; static d_poll_t dsp_poll; -static d_mmap_t dsp_mmap; static d_mmap_single_t dsp_mmap_single; static d_kqfilter_t dsp_kqfilter; @@ -89,7 +88,6 @@ struct cdevsw dsp_cdevsw = { .d_ioctl = dsp_ioctl, .d_poll = dsp_poll, .d_kqfilter = dsp_kqfilter, - .d_mmap = dsp_mmap, .d_mmap_single = dsp_mmap_single, .d_name = "dsp", }; @@ -1898,23 +1896,81 @@ dsp_poll(struct cdev *i_dev, int events, struct thread *td) return (ret); } +struct dsp_mmap_handle { + struct cdev *cdev; + struct snd_dbuf *buf; +}; + static int -dsp_mmap(struct cdev *i_dev, vm_ooffset_t offset, vm_paddr_t *paddr, - int nprot, vm_memattr_t *memattr) +dsp_dev_pager_ctor(void *handle, vm_ooffset_t size, vm_prot_t prot, + vm_ooffset_t foff, struct ucred *cred, u_short *color) { + struct dsp_mmap_handle *h = handle; - /* - * offset is in range due to checks in dsp_mmap_single(). - * XXX memattr is not honored. - */ - *paddr = vtophys(offset); + dev_ref(h->cdev); + sndbuf_ref(h->buf); return (0); } +static void +dsp_dev_pager_dtor(void *handle) +{ + struct dsp_mmap_handle *h = handle; + + sndbuf_rele(h->buf); + dev_rel(h->cdev); + free(h, M_DEVBUF); +} + +static int +dsp_dev_pager_fault(vm_object_t object, vm_ooffset_t offset, int prot, + vm_page_t *mres) +{ + struct dsp_mmap_handle *h = object->handle; + vm_page_t m; + uintptr_t addr; + vm_paddr_t paddr; + + addr = (uintptr_t)offset; + if (addr < (uintptr_t)h->buf->buf || + addr >= (uintptr_t)h->buf->buf + h->buf->allocsize) + return (VM_PAGER_ERROR); + paddr = vtophys((void *)addr); + + if (((*mres)->flags & PG_FICTITIOUS) != 0) { + m = *mres; + vm_page_updatefake(m, paddr, object->memattr); + } else { + VM_OBJECT_WUNLOCK(object); + m = vm_page_getfake(paddr, object->memattr); + VM_OBJECT_WLOCK(object); + vm_page_replace(m, object, (*mres)->pindex, *mres); + *mres = m; + } + m->valid = VM_PAGE_BITS_ALL; + return (VM_PAGER_OK); +} + +static void +dsp_dev_pager_path(void *handle, char *path, size_t len) +{ + struct dsp_mmap_handle *h = handle; + + dev_copyname(h->cdev, path, len); +} + +static const struct cdev_pager_ops dsp_dev_pager_ops = { + .cdev_pg_ctor = dsp_dev_pager_ctor, + .cdev_pg_dtor = dsp_dev_pager_dtor, + .cdev_pg_fault = dsp_dev_pager_fault, + .cdev_pg_path = dsp_dev_pager_path, +}; + static int -dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, +dsp_mmap_single(struct cdev *cdev, vm_ooffset_t *offset, vm_size_t size, struct vm_object **object, int nprot) { + struct dsp_mmap_handle *handle; struct dsp_cdevpriv *priv; struct snddev_info *d; struct pcm_channel *wrch, *rdch, *c; @@ -1968,13 +2024,18 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, *offset = (uintptr_t)sndbuf_getbufofs(c->bufsoft, *offset); dsp_unlock_chans(priv, FREAD | FWRITE); - *object = vm_pager_allocate(OBJT_DEVICE, i_dev, - size, nprot, *offset, curthread->td_ucred); + handle = malloc(sizeof(*handle), M_DEVBUF, M_WAITOK); + handle->cdev = cdev; + handle->buf = c->bufsoft; + *object = cdev_pager_allocate(handle, OBJT_DEVICE, &dsp_dev_pager_ops, + size, nprot, *offset, curthread->td_ucred); PCM_GIANT_LEAVE(d); + if (*object == NULL) { + free(handle, M_DEVBUF); + return (EINVAL); + } - if (*object == NULL) - return (EINVAL); return (0); } diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c index 53594b7cc962..b44b16e7f312 100644 --- a/tests/sys/sound/mmap.c +++ b/tests/sys/sound/mmap.c @@ -4,12 +4,14 @@ * Copyright (c) 2026 The FreeBSD Foundation */ +#include #include #include #include #include #include +#include #include #define FMT_ERR(s) s ": %s", strerror(errno) @@ -43,9 +45,67 @@ ATF_TC_BODY(mmap_offset_overflow, tc) close(fd); } +/* + * Verify that a MAP_SHARED mapping of a DSP device's software buffer remains + * valid after the file descriptor is closed. + */ +ATF_TC(mmap_buffer_lifetime); +ATF_TC_HEAD(mmap_buffer_lifetime, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap data survives close()"); + atf_tc_set_md_var(tc, "require.kmods", "snd_dummy"); +} +ATF_TC_BODY(mmap_buffer_lifetime, tc) +{ + audio_buf_info abi; + uint8_t *buf; + size_t len; + int fd, arg; + + fd = open("/dev/dsp.dummy", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + arg = (2 << 16) | 14; /* 2*16KB */ + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_SETFRAGMENT, &arg) == 0, + FMT_ERR("SNDCTL_DSP_SETFRAGMENT")); + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_GETOSPACE, &abi) == 0, + FMT_ERR("SNDCTL_DSP_GETOSPACE")); + + len = abi.bytes; + ATF_REQUIRE_MSG(len >= PAGE_SIZE, "buffer too small: %zu", len); + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + ATF_REQUIRE_MSG(buf != MAP_FAILED, FMT_ERR("mmap")); + + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0, + "mmap data corrupted at offset %zu: want 0 got 0x%02x", + i, buf[i]); + } + + memset(buf, 0xa5, len); + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0xa5, + "mmap data corrupted at offset %zu: want 0xa5 got 0x%02x", + i, buf[i]); + } + + ATF_REQUIRE(close(fd) == 0); + + /* Closing the device causes the buffer to be reset. */ + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0 || buf[i] == 0xa5, + "mmap data corrupted at offset %zu: got 0x%02x", i, buf[i]); + } + memset(buf, 0xa5, len); + + ATF_REQUIRE(munmap(buf, len) == 0); +} + ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, mmap_offset_overflow); + ATF_TP_ADD_TC(tp, mmap_buffer_lifetime); return (atf_no_error()); } From nobody Tue Jun 9 19:17:28 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvs3X8yz6gTvT for ; Tue, 09 Jun 2026 19:17:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdvs0G2pz3LK5 for ; Tue, 09 Jun 2026 19:17:29 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032649; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CLK9k+aer17dbm0ueLbnMlgOpkTHJ3z4be+f5CVCYXQ=; b=HGZ/uKyJli2Na9S29go9qYD4BAC2LBBT04sNy2CortNFO4qwjtHB45Cd4aDvXcwbzPiOeG GklxffjiNC+UBBavb+/WhdfTAZlnGG+LCH6l8Q2IVmW5x1ue9BZzVt35VY6q9RTJtItz1/ dA61CwBrigG7DUlve+0cARcFio7KcTPGLLcz6jwGeKF/OhodEQzlejpTU7QXpDuULtjlzW Y8VdWSz/Q+GeNtoEQ8BTRy8cT6WIllWLlr7SILV3ak5+m2Jg7KkfApRTUFnHHGSEoXEW3H HGvdA2/SJw8WgyHijlhhyR+Ecb6BKUoq3DEgTtcIthaD6gZnRR6hGYmCtzexGw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032649; a=rsa-sha256; cv=none; b=wT7DQpjpg6FbgauxZYSdzsD2GjiknRR9EhX810JGqeXBzQslGEo8nToz/0q3sAgteoGCUU ZZfUr5Pa8keN+W/JGPWQAA7fdreBsbovVrg6u1wWtgc7ECOSZGJK5r7dZnHeg0Az5WPiGg +6qMVc8tCTFP9+ZFOdU6vn0U0X5wMXeXdJ9ATSCzvtlrNsLIGiXIOTt/IHJa5wm0+a+4fY ipwVtzDZh5T1RwOqXVh2SraVVFiT5UcDYO2aSFmkRPA4NOOTHPK8XdCeKWYm+BBqQnxS/r bciS31PeNp1IiOX8Px0HMf29+dm8uHV70FNqa6qu7f0A+rj8r471ZWAHjpzc0g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032649; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CLK9k+aer17dbm0ueLbnMlgOpkTHJ3z4be+f5CVCYXQ=; b=S5ENYuTtakck6aQSAxcLktEZjGEs8Jsk3Et1C8IwAY2MuKFCwixPQXDWGWSCpkJYuWZgSb DG4VAG1MXGYoQuu29fZ1Acz2AQNSesEa0A7xfKTna5b4WLzZl3+BlBJs37oqMl5Uoz+Ii6 PL0D8n1M5t56m04Y17W0o1hv42djBHlOi4OwLplyMIwCkx08uHFUwv/4UaGMx5Mg+/N9zw wrvtzMFpU+kpVMB3HLhiJx2oyAI7GCMsk3MSHyl/WS9EuKUjtKDPb/teSTJ+vxjLeOHIN8 htGKWQMNBsKRgxYp3VM7rwevgE4E/IG5n6Q47Bci5CfiLgsC6aFa65tM59mcdw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvr6vqqznFb for ; Tue, 09 Jun 2026 19:17:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c4ee by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:28 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: John Baldwin From: Mark Johnston Subject: git: a51345704403 - stable/15 - ktls: Don't attempt to modify non-anonymous mbufs on the receive path List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: a513457044031a86cec5aa07755f1dbc3b78c497 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:28 +0000 Message-Id: <6a2866c8.3c4ee.14365509@gitrepo.freebsd.org> The branch stable/15 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=a513457044031a86cec5aa07755f1dbc3b78c497 commit a513457044031a86cec5aa07755f1dbc3b78c497 Author: John Baldwin AuthorDate: 2026-06-03 23:22:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:24 +0000 ktls: Don't attempt to modify non-anonymous mbufs on the receive path Normally, data processed on the KTLS receive path is contained in anonymous mbufs that can be modified in place. Either the data originates in receive buffers from a NIC driver, or for loopback connections the data is anonymous-backed mbufs created when writing to a socket. One potential source of non-anonymous mbufs are mbufs created by sendfile(2) which borrow the pages of the underlying file, either via M_EXTPG or EXT_SFBUF that are sent over a loopback connection. For a well-formed loopback TLS session, the sender should only use sendfile(2) if KTLS is enabled. If TLS is fully handled in userspace, the sender must use write(2) or send(2) which allocate anonymous mbufs. If KTLS transmit is enabled, then sendfile(2) on a loopback connection will always use crypto via OCF and will allocate anonymous pages to hold the encrypted data. However, if sendfile(2) is used to send file-backed data directly over a loopback connection where KTLS is not enabled on the sender side, the KTLS receive path can modify the file-backed pages in place overwriting the file's data. One potential fix would be to replace non-anonymous mbufs in a received TLS record with anonymous mbufs (e.g. via m_dup()) before passing the record to OCF. However, there is no legitimate use case for using sendfile(2) over a loopback TLS connection without using KTLS on the sender side, so instead simply fail decryption requests and close the connection if non-anonymous mbufs are encountered in the RX decryption path. Add a test for this that verifies that the original data backing the file descriptor used as the source for sendfile() is unchanged after being processed. Approved by: so Security: FreeBSD-SA-26:26.ktls Security: CVE-2026-45257 Co-authored-by: Drew Gallatin Sponsored by: Chelsio Communications Sponsored by: Netflix --- sys/kern/uipc_ktls.c | 17 +++++++-- sys/sys/ktls.h | 1 + tests/sys/kern/ktls_test.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 108 insertions(+), 3 deletions(-) diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c index 35009ad77722..5f7d061bfb55 100644 --- a/sys/kern/uipc_ktls.c +++ b/sys/kern/uipc_ktls.c @@ -2419,8 +2419,10 @@ tls13_find_record_type(struct ktls_session *tls, struct mbuf *m, int tls_len, * Check if a mbuf chain is fully decrypted at the given offset and * length. Returns KTLS_MBUF_CRYPTO_ST_DECRYPTED if all data is * decrypted. KTLS_MBUF_CRYPTO_ST_MIXED if there is a mix of encrypted - * and decrypted data. Else KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data - * is encrypted. + * and decrypted data. KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data is + * encrypted. KTLS_MBUF_CRYPTO_ST_SHAREDMBUF if any mbuf points at + * shared data that must not be modified in place (non-anonymous + * M_EXTPG or sendfile M_EXT buffers). */ ktls_mbuf_crypto_st_t ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) @@ -2436,6 +2438,13 @@ ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) offset += len; for (; mb != NULL; mb = mb->m_next) { + if ((mb->m_flags & M_EXTPG) != 0 && + (mb->m_epg_flags & EPG_FLAG_ANON) == 0) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + if ((mb->m_flags & M_EXT) != 0 && + mb->m_ext.ext_type == EXT_SFBUF) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + m_flags_ored |= mb->m_flags; m_flags_anded &= mb->m_flags; @@ -2636,9 +2645,11 @@ ktls_decrypt(struct socket *so) record_type = hdr->tls_type; } break; - default: + case KTLS_MBUF_CRYPTO_ST_SHAREDMBUF: error = EINVAL; break; + default: + __assert_unreachable(); } if (error) { counter_u64_add(ktls_offload_failed_crypto, 1); diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h index 6c7e7d3c5ee3..fc9c0316654e 100644 --- a/sys/sys/ktls.h +++ b/sys/sys/ktls.h @@ -241,6 +241,7 @@ typedef enum { KTLS_MBUF_CRYPTO_ST_MIXED = 0, KTLS_MBUF_CRYPTO_ST_ENCRYPTED = 1, KTLS_MBUF_CRYPTO_ST_DECRYPTED = -1, + KTLS_MBUF_CRYPTO_ST_SHAREDMBUF = -2, } ktls_mbuf_crypto_st_t; void ktls_check_rx(struct sockbuf *sb); diff --git a/tests/sys/kern/ktls_test.c b/tests/sys/kern/ktls_test.c index 72497196b945..3970083e7f72 100644 --- a/tests/sys/kern/ktls_test.c +++ b/tests/sys/kern/ktls_test.c @@ -30,6 +30,7 @@ #include #include #include +#include #include #include #include @@ -2817,6 +2818,97 @@ ATF_TC_BODY(ktls_listening_socket, tc) ATF_REQUIRE(close(s) == 0); } +/* + * Verify that the KTLS receive path does not overwrite data belonging + * to a file whose payload is transmitted over a loopback connection + * via plain sendfile. + */ +ATF_TC_WITHOUT_HEAD(ktls_receive_loopback_sendfile); +ATF_TC_BODY(ktls_receive_loopback_sendfile, tc) +{ + struct tls_enable en; + struct msghdr msg; + struct sf_hdtr hdtr; + struct iovec iov[2]; + uint64_t seqno; + off_t sbytes; + char cbuf[CMSG_SPACE(sizeof(struct tls_get_record))]; + char *plaintext, *ciphertext, *outbuf; + void *p; + const size_t payload_len = PAGE_SIZE; + ssize_t rv; + size_t len; + int mode, shm, sockets[2]; + socklen_t slen; + + ATF_REQUIRE_KTLS(); + seqno = random(); + build_tls_enable(tc, CRYPTO_AES_NIST_GCM_16, 128 / 8, 0, + TLS_MINOR_VER_TWO, seqno, &en); + + len = tls_header_len(&en) + payload_len + tls_trailer_len(&en); + plaintext = alloc_buffer(payload_len); + ciphertext = malloc(len); + ATF_REQUIRE_INTEQ(len, encrypt_tls_record(tc, &en, TLS_RLTYPE_APP, + seqno, plaintext, payload_len, ciphertext, len, 0)); + + ATF_REQUIRE((shm = shm_open(SHM_ANON, O_RDWR, 0600)) > 0); + ATF_REQUIRE_INTEQ(0, ftruncate(shm, payload_len)); + ATF_REQUIRE((p = mmap(NULL, payload_len, PROT_READ | PROT_WRITE, + MAP_SHARED, shm, 0)) != MAP_FAILED); + memcpy(p, ciphertext + tls_header_len(&en), payload_len); + + ATF_REQUIRE_MSG(socketpair_tcp(sockets), "failed to create sockets"); + ATF_REQUIRE(setsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_ENABLE, &en, + sizeof(en)) == 0); + slen = sizeof(mode); + ATF_REQUIRE_INTEQ(0, getsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_MODE, + &mode, &slen)); + ATF_REQUIRE_INTEQ(TCP_TLS_MODE_SW, mode); + + fd_set_blocking(sockets[0]); + fd_set_blocking(sockets[1]); + + iov[0].iov_base = ciphertext; + iov[0].iov_len = tls_header_len(&en); + iov[1].iov_base = ciphertext + tls_header_len(&en) + payload_len; + iov[1].iov_len = tls_trailer_len(&en); + hdtr.headers = iov; + hdtr.hdr_cnt = 1; + hdtr.trailers = iov + 1; + hdtr.trl_cnt = 1; + debug_hexdump(tc, p, payload_len, "shm buffer before"); + ATF_REQUIRE_INTEQ(0, sendfile(shm, sockets[1], 0, payload_len, &hdtr, + &sbytes, 0)); + ATF_REQUIRE_INTEQ(sbytes, len); + + outbuf = calloc(payload_len, 1); + + memset(&msg, 0, sizeof(msg)); + + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); + + iov[0].iov_base = outbuf; + iov[0].iov_len = payload_len; + msg.msg_iov = iov; + msg.msg_iovlen = 1; + + rv = recvmsg(sockets[0], &msg, 0); + if (rv >= 0) { + ATF_REQUIRE_INTEQ(payload_len, rv); + ATF_REQUIRE_INTEQ(0, memcmp(outbuf, plaintext, payload_len)); + } else + ATF_REQUIRE_ERRNO(EBADMSG, true); + + debug_hexdump(tc, p, payload_len, "shm buffer after"); + ATF_REQUIRE_INTEQ(0, memcmp(p, ciphertext + tls_header_len(&en), + payload_len)); + + close_sockets_ignore_errors(sockets); + (void)close(shm); +} + ATF_TP_ADD_TCS(tp) { /* Transmit tests */ @@ -2843,6 +2935,7 @@ ATF_TP_ADD_TCS(tp) /* Miscellaneous */ ATF_TP_ADD_TC(tp, ktls_sendto_baddst); ATF_TP_ADD_TC(tp, ktls_listening_socket); + ATF_TP_ADD_TC(tp, ktls_receive_loopback_sendfile); return (atf_no_error()); } From nobody Tue Jun 9 19:17:30 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvt51nMz6gTxL for ; Tue, 09 Jun 2026 19:17:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdvt1Qzfz3LVB for ; Tue, 09 Jun 2026 19:17:30 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032650; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=w71Do/Klozv+n+bPE2dzFrggeCdlaPIjIcp7madEckE=; b=jW0WbA7E1x7Ls8efMPmyDhVocFFQyt3yQpwKkvQ0SYpHJAwbfcn3wwYUESrXhkgeqTEWdJ WiilDQSNoSl9q4AU8IZmE82eV50bcUDt4vAivnztmt3Y5rb7CYOMfrbpYR0I3DCF4wrjCy j+vN9IqS905jIkQalzepThM5iBrNnrXWsqBbrp/J6OEowzB5vph/A7NDyVQo/HvVLzIeKh FChOw4/06oujdT0H4f2ont1k1C6g48Edg/cwCvehsZ9U8BCcdbj1Bg/lU5JJoaG7Ub5kNA 4QumkwlnzUSHSRGVyBlKQeMIZDoDoTywShNwzjsOlWeTHiOtxo+zI0piGKJ+Nw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032650; a=rsa-sha256; cv=none; b=HFarDu+leTYHaEr+z42e7CtUvfnAfjevija67K5h46R7fGLfWtOsGvjQq/fNlJ08sZ7Fnh tERt7f1nHDRK3uTAqPLAeEGVZspm67Jea6STcKEffDRybr/0oS0PcivKCTlC/rN9kiuVA+ BlyJjXhgtyCkQ6s/xQG3QWGP2LpwnikUHXCdkjZy6HgLPf6WvwLiI3ifh8amTUQpk6Zs+9 Qnl7mtCeTJE247dAO3M8MQH4aTIvriZWF/ba/tCwViTi1f+rvpOUqc1hpy5TWQG6/uV7j6 P1bxrt2SV1kxOyR+yoF94xzZ0H7sCp83V4NxamaRJHEy1bZjmAZysjIIPe+18w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032650; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=w71Do/Klozv+n+bPE2dzFrggeCdlaPIjIcp7madEckE=; b=M5sF5ee0GA+WaRn7a5CVbPr3/WYEdkWr30pguD6KddHjw8+zr1TgBFJ0owBO0LT8xj1Mr0 gtTXsg+FFmKrH9WpLM0F5PHSXebZYL6cpyhC0dQ+AjBqcK4Je+Hf8vtNfeFNLprGEdFat3 WqrFb+VYNwCNckw69ryt9dkhliek8IkSSvSyEPelt1V3ituvL+1Na4zzHEeMLWOIyADL+4 WMMsM/rs0YCfP+Y1xMFHlRDUEvl7MbFdcmVI1jvZKkVT9Du+PHxf6+2GwOpCojqLXfOAbs g9qA/ukCcUNijJiE6nampoLTWmK0NXgHawEzuLb8l1Xzn08cbABAXiV0ACZHdg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvt0KfxzmsY for ; Tue, 09 Jun 2026 19:17:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e41c by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:30 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Christos Margiolis From: Mark Johnston Subject: git: a6a8b2759f52 - stable/15 - sound: Check for offset overflow in dsp_mmap_single() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: a6a8b2759f526aca1cae535f1390f8ccf9661da1 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:30 +0000 Message-Id: <6a2866ca.3e41c.654b548b@gitrepo.freebsd.org> The branch stable/15 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=a6a8b2759f526aca1cae535f1390f8ccf9661da1 commit a6a8b2759f526aca1cae535f1390f8ccf9661da1 Author: Christos Margiolis AuthorDate: 2026-05-27 15:50:33 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:24 +0000 sound: Check for offset overflow in dsp_mmap_single() Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-45258 Reviewed by: markj Sponsored by: The FreeBSD Foundation --- sys/dev/sound/pcm/dsp.c | 3 +++ tests/sys/sound/Makefile | 1 + tests/sys/sound/mmap.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 55 insertions(+) diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index 8a2ce2422bef..a37fe842ba76 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -1920,6 +1920,9 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, struct pcm_channel *wrch, *rdch, *c; int err; + if (*offset >= *offset + size) + return (EINVAL); + /* * https://lists.freebsd.org/pipermail/freebsd-emulation/2007-June/003698.html */ diff --git a/tests/sys/sound/Makefile b/tests/sys/sound/Makefile index ab52a7aad386..f534a8cb17e5 100644 --- a/tests/sys/sound/Makefile +++ b/tests/sys/sound/Makefile @@ -2,6 +2,7 @@ PACKAGE= tests TESTSDIR= ${TESTSBASE}/sys/sound +ATF_TESTS_C+= mmap ATF_TESTS_C+= pcm_read_write ATF_TESTS_C+= polling ATF_TESTS_C+= sndstat diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c new file mode 100644 index 000000000000..53594b7cc962 --- /dev/null +++ b/tests/sys/sound/mmap.c @@ -0,0 +1,51 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2026 The FreeBSD Foundation + */ + +#include +#include + +#include +#include +#include +#include + +#define FMT_ERR(s) s ": %s", strerror(errno) + +ATF_TC(mmap_offset_overflow); +ATF_TC_HEAD(mmap_offset_overflow, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap offset overflow test"); + atf_tc_set_md_var(tc, "require.kmods", "snd_dummy"); +} + +ATF_TC_BODY(mmap_offset_overflow, tc) +{ + uint8_t *buf; + off_t off; + size_t len; + int fd; + + fd = open("/dev/dsp.dummy", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + /* off + len will overflow and wrap back to 0. */ + off = 0xfffffffffffff000; + len = 0x1000; + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, off); + ATF_REQUIRE_MSG(buf == MAP_FAILED, FMT_ERR("mmap")); + + munmap(buf, len); + + close(fd); +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, mmap_offset_overflow); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:17:32 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvx1Rtfz6gV0h for ; Tue, 09 Jun 2026 19:17:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdvw2RzQz3LXn for ; Tue, 09 Jun 2026 19:17:32 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032652; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TSCgFtBAPAQpUR2ZL4VM597WefYXLfNujq1VeaWiPfc=; b=UuaMJjOlrFOnIRi0OzsCluwZaRYkVDDw8yOyGRiYMjopbtERrSgn6lbZJICCQoQO1xfkJL 4At8be4AtFabLCDzUAXy1/wMvuRM1DqpFjJv2217oEgycbqX7c0NVCfIAFQSmpRamCyP/f 48tsS3WxeiqWh8boaYHj0XKNAN+m/gMFk1A8QZu+jpn8fosHo3ywTTdLEtJy/+pI6EVCyW 2ldZuTA8nbqufBXOOM0sZvs/fJjvEIzSw6KnOnvoN0KAO1XqoBXds3evgSMr2kjAhk23lR GgRbV5Anxk822BLOv0XQLzjUj0eEoOOU0SNsAY4Wj4BHwVGL6CO/ouWEL5+r+w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032652; a=rsa-sha256; cv=none; b=Etife7KLCX621G9PXKnOBF7ERBSBmJMcLhBueGHWnKhHAm95pGQhgdaHquBmESvSDleV/b sKhehH8AUjDGmacXZsVh4PWxJp0+wb17jjRT0v99ApRyF9Vi5lJOJPOiP1MsuI+FEfL7m9 uBltxcUjSFlgODDUCSQ73E3XzXAtpc+K8uPYSKdZ+g8ciw+tZFjmtuObrCMzhm49zCotRR HFj+8WeMJOcL9sluDq4YUC6NjwXfbZELrKsc+kY57A2N1Q75QZtwa5Y874n1bE77hg/cjZ l7v/nEbjsahlf3hCtwAQtRI965maERwQGosxVLHoxIJ+7+Bt7NkJGtTxFaupTw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032652; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TSCgFtBAPAQpUR2ZL4VM597WefYXLfNujq1VeaWiPfc=; b=HDZNWWI9jipqCxh0uQ9nBkibEXzVUbcA49KYwnPce09kihg/9p9n297i9CAg0/sLBaYLRl PMiFoOg4Zr3OgsGC1A+X2OSqgubtVJcWe8v7ZSzLd6ZAeJZnM4F5M7WQekUk5V1pLy9o5p VQ1wKC+jCyGS3CPiYzK/es+Rn0dns5NjuexOVQTgq6EKbueVllACSisIoo98etUpPpQiLO Xq4dQpL0HFjD8YSA5XG6+SpTs0KSp2sMZDzTaNG+lDSdFyqEqwLBm2Yn9/oD3M1ArZmngT H7P7iNU4p0c3N2wnFHb03m1aPpge1PqvoIdp1gBM8l3Cm+/8t8+RDrHAxzFjaQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvw1jLRznt4 for ; Tue, 09 Jun 2026 19:17:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3eb1d by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:32 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: ce2b95932ec2 - stable/15 - in6_mcast: Fix a race in in6p_set_source_filter() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: ce2b95932ec2b2196c608b095586a9b1332472d1 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:32 +0000 Message-Id: <6a2866cc.3eb1d.3fa3d8c6@gitrepo.freebsd.org> The branch stable/15 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=ce2b95932ec2b2196c608b095586a9b1332472d1 commit ce2b95932ec2b2196c608b095586a9b1332472d1 Author: Mark Johnston AuthorDate: 2026-05-29 20:12:24 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:24 +0000 in6_mcast: Fix a race in in6p_set_source_filter() We drop the inpcb lock in order to copy in the source list, but this leaves a window where the multicast filter structure might be freed. This can be exploited to obtain root privileges. In the v4 code this race is mitigated by holding the global multicast lock across the gap. Restructure the code to copy in filters before doing anything else, so that there's no need to drop the inpcb lock and reason about the correctness of doing so. Do the same in the v4 code for consistency. Approved by: so Security: FreeBSD-SA-26:29.ip6_multicast Security: CVE-2026-49412 Reported by: Andrew Griffiths Reported by: Maik Münch Reviewed by: glebius Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57347 --- sys/netinet/in_mcast.c | 40 +++++++++++++++++----------------------- sys/netinet6/in6_mcast.c | 41 +++++++++++++++++++---------------------- 2 files changed, 36 insertions(+), 45 deletions(-) diff --git a/sys/netinet/in_mcast.c b/sys/netinet/in_mcast.c index 3206828aacff..b5636c29daeb 100644 --- a/sys/netinet/in_mcast.c +++ b/sys/netinet/in_mcast.c @@ -2524,6 +2524,7 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct epoch_tracker et; struct __msfilterreq msfr; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in_mfilter *imf; @@ -2536,9 +2537,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) - return (ENOBUFS); - if ((msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE)) return (EINVAL); @@ -2551,13 +2549,24 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr))) return (EINVAL); + if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_inp_unlocked; + gsa->sin.sin_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); /* XXXGL: unsafe ifp */ - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_inp_unlocked; + } IN_MULTI_LOCK(); @@ -2589,25 +2598,9 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in_msource *lims; struct sockaddr_in *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_IGMPV3, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - IN_MULTI_UNLOCK(); - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as imf_leave() @@ -2642,7 +2635,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->imsl_st[1] = imf->imf_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2679,6 +2671,8 @@ out_imf_rollback: out_inp_locked: INP_WUNLOCK(inp); IN_MULTI_UNLOCK(); +out_inp_unlocked: + free(kss, M_TEMP); return (error); } diff --git a/sys/netinet6/in6_mcast.c b/sys/netinet6/in6_mcast.c index a6186568ecb2..4ec9f36cd9ac 100644 --- a/sys/netinet6/in6_mcast.c +++ b/sys/netinet6/in6_mcast.c @@ -2489,6 +2489,7 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct __msfilterreq msfr; struct epoch_tracker et; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in6_mfilter *imf; @@ -2501,9 +2502,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) - return (ENOBUFS); - if (msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE) return (EINVAL); @@ -2516,19 +2514,31 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN6_IS_ADDR_MULTICAST(&gsa->sin6.sin6_addr)) return (EINVAL); + if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_in6p_unlocked; + gsa->sin6.sin6_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_in6p_unlocked; + } (void)in6_setscope(&gsa->sin6.sin6_addr, ifp, NULL); /* * Take the INP write lock. * Check if this socket is a member of this group. */ + IN6_MULTI_LOCK(); imo = in6p_findmoptions(inp); imf = im6o_match_group(imo, ifp, &gsa->sa); if (imf == NULL) { @@ -2553,24 +2563,9 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in6_msource *lims; struct sockaddr_in6 *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_MLD, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as im6f_leave() @@ -2615,7 +2610,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->im6sl_st[1] = imf->im6f_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2650,6 +2644,9 @@ out_im6f_rollback: out_in6p_locked: INP_WUNLOCK(inp); + IN6_MULTI_UNLOCK(); +out_in6p_unlocked: + free(kss, M_TEMP); return (error); } From nobody Tue Jun 9 19:17:34 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvz1rh2z6gTph for ; Tue, 09 Jun 2026 19:17:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdvy3QShz3LN9 for ; Tue, 09 Jun 2026 19:17:34 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032654; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=3A7LTvWozkDzAIHlcUCS3Lahl4OXX/29YtnXS4CDaEM=; b=QxBr3Z57aZu4ovxcSSvvvF9xTLxsnD56VrGLKjAIv8cv4X8UFjyjltUrLhDojqxgXJBvz5 mCRHsaBL7djqdSgAl5nSGLnhz+428ySukT3K0vErDjlqv20kxUeyDewDqXTzC8BfckSkxx FSMbtd+G4GaRLE/ASMx7YniGxtFxdH/zw0O3dagtMi9UsNws01mg+TnNRwO/zv7J09prAk hTKk0EhN/7BJ7mANLzUOHW0IDu/rZX5h4JJGqd2KVqRH3pnOu0fscSNxqb0adKJJxy19UR DF9UgDx3aJ6BR6qAycv3LIJuzEik2RUeby/CkcKumxMxxSggXKaeB/adL28H9g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032654; a=rsa-sha256; cv=none; b=NBeLKX7+g9Wz/NFd92y1jZ/ndsCD8Fy9VyCn5snYJaE298WH4aiW/BNb3M27fAIcoG37Fu LoT0rgFTC7DUVHP2drxQJUNJI2JlpncS3MJauAgKY+JbPq6bTQkgWEDo9fbukqlJIOcrLZ kN1PUlt9rI+aNS97f8xMr0FY1BPrhMqrl6F15fBhY5boohjiJkRxHGWJiZGtolKh4reQ6a TNDVepY4WsYw9wsRz6t/UmEpj0tXtygA7O3JE0VythFnzT7eVtWHBNScGSP5godzDgJQ8G 7vrOi+Zw1T5RbH6CQk7/inMDaCxFSi4IXqjNB0E6ctTosK1iZBt6OiRCs3XgHA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032654; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=3A7LTvWozkDzAIHlcUCS3Lahl4OXX/29YtnXS4CDaEM=; b=YY3TUfD7Q/gSh35vOSWFn+MgEkEFFJuP8gtiMCddsFRyTykBY5rugcDdclTl41LQObHzae 1pEAps4dQ6IiruQjK1Ez6hV74yIXjZ/P/fqef9GhxjTuVtmwCNn5qKrpkLtmkhi7nQ3/NB YAVNqdmK+gGSiJlsGmrHHWz6iF+1PWfb4jPFwArJ57N8UYpwJQJG2VxjQHsDN/P/bmhvj1 OFIWufFRNnXr4PvVkr46sxsZ+6GXQjlA6bhubnmSiv1E3iFe9NbXAzC0IYzg5U7Hlzp2Fq eAxg95sE3stGpX7fhYy5kXS9Gi8J4sSPVDCy9QhP1Ui53G2d2397dA+coH1azQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvy2kF2znrB for ; Tue, 09 Jun 2026 19:17:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3cd7a by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:34 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Andrew Turner From: Mark Johnston Subject: git: 9d9d6c6e6081 - stable/15 - arm64: Workaround the following errata List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 9d9d6c6e608166a9385422c904b585007379f9ce Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:34 +0000 Message-Id: <6a2866ce.3cd7a.4e209bcb@gitrepo.freebsd.org> The branch stable/15 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=9d9d6c6e608166a9385422c904b585007379f9ce commit 9d9d6c6e608166a9385422c904b585007379f9ce Author: Andrew Turner AuthorDate: 2026-05-28 09:25:30 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:24 +0000 arm64: Workaround the following errata - ARM C1-Premium erratum 4193780 - ARM C1-Ultra erratum 4193780 - ARM Cortex-A76 erratum 4193800 - ARM Cortex-A76AE erratum 4193801 - ARM Cortex-A77 erratum 4193798 - ARM Cortex-A78 erratum 4193791 - ARM Cortex-A78AE erratum 4193793 - ARM Cortex-A78C erratum 4193794 - ARM Cortex-A710 erratum 4193788 - ARM Cortex-X1 erratum 4193791 - ARM Cortex-X1C erratum 4193792 - ARM Cortex-X2 erratum 4193788 - ARM Cortex-X3 erratum 4193786 - ARM Cortex-X4 erratum 4118414 - ARM Cortex-X925 erratum 4193781 - ARM Neoverse-N1 erratum 4193800 - ARM Neoverse-N2 erratum 4193789 - ARM Neoverse-V1 erratum 4193790 - ARM Neoverse-V2 erratum 4193787 - ARM Neoverse-V3 erratum 4193784 - ARM Neoverse-V3AE erratum 4193784 These are all variants on an erratum where TLBI+DSB instructions on one CPU may incorrectly complete early leading to stores to an updated address using an incorrect translation on another CPU. In all cases the workaround is to add a second TLBI+DSB. Approved by: so Security: FreeBSD-SA-26:31.arm64 Security: CVE-2025-10263 Sponsored by: Arm Ltd --- sys/arm64/arm64/pmap.c | 60 ++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 51 insertions(+), 9 deletions(-) diff --git a/sys/arm64/arm64/pmap.c b/sys/arm64/arm64/pmap.c index aa0b0e829f7a..12ab8750c77a 100644 --- a/sys/arm64/arm64/pmap.c +++ b/sys/arm64/arm64/pmap.c @@ -1743,20 +1743,62 @@ static cpu_feat_en pmap_multiple_tlbi_check(const struct cpu_feat *feat __unused, u_int midr) { /* - * Cortex-A55 erratum 2441007 (Cat B rare) + * ARM C1-Premium erratum 4193780 + * ARM C1-Ultra erratum 4193780 + * ARM Cortex-A76 erratum 4193800 + * ARM Cortex-A76AE erratum 4193801 + * ARM Cortex-A77 erratum 4193798 + * ARM Cortex-A78 erratum 4193791 + * ARM Cortex-A78AE erratum 4193793 + * ARM Cortex-A78C erratum 4193794 + * ARM Cortex-A710 erratum 4193788 + * ARM Cortex-X1 erratum 4193791 + * ARM Cortex-X1C erratum 4193792 + * ARM Cortex-X2 erratum 4193788 + * ARM Cortex-X3 erratum 4193786 + * ARM Cortex-X4 erratum 4118414 + * ARM Cortex-X925 erratum 4193781 + * ARM Neoverse-N1 erratum 4193800 + * ARM Neoverse-N2 erratum 4193789 + * ARM Neoverse-V1 erratum 4193790 + * ARM Neoverse-V2 erratum 4193787 + * ARM Neoverse-V3 erratum 4193784 + * ARM Neoverse-V3AE erratum 4193784 * Present in all revisions */ - if (CPU_IMPL(midr) == CPU_IMPL_ARM && - CPU_PART(midr) == CPU_PART_CORTEX_A55) - return (FEAT_DEFAULT_DISABLE); + if (CPU_IMPL(midr) == CPU_IMPL_ARM) { + switch(CPU_PART(midr)) { + case CPU_PART_C1_PREMIUM: + case CPU_PART_C1_ULTRA: + case CPU_PART_CORTEX_A76: + case CPU_PART_CORTEX_A76AE: + case CPU_PART_CORTEX_A77: + case CPU_PART_CORTEX_A78: + case CPU_PART_CORTEX_A78AE: + case CPU_PART_CORTEX_A78C: + case CPU_PART_CORTEX_A710: + case CPU_PART_CORTEX_X1: + case CPU_PART_CORTEX_X1C: + case CPU_PART_CORTEX_X2: + case CPU_PART_CORTEX_X3: + case CPU_PART_CORTEX_X4: + case CPU_PART_CORTEX_X925: + case CPU_PART_NEOVERSE_N1: + case CPU_PART_NEOVERSE_N2: + case CPU_PART_NEOVERSE_V1: + case CPU_PART_NEOVERSE_V2: + case CPU_PART_NEOVERSE_V3: + case CPU_PART_NEOVERSE_V3AE: + return (FEAT_DEFAULT_ENABLE); + } + } /* - * Cortex-A76 erratum 1286807 (Cat B rare) - * Present in r0p0 - r3p0 - * Fixed in r3p1 + * Cortex-A55 erratum 2441007 (Cat B rare) + * Present in all revisions */ - if (midr_check_var_part_range(midr, CPU_IMPL_ARM, CPU_PART_CORTEX_A76, - 0, 0, 3, 0)) + if (CPU_IMPL(midr) == CPU_IMPL_ARM && + CPU_PART(midr) == CPU_PART_CORTEX_A55) return (FEAT_DEFAULT_DISABLE); /* From nobody Tue Jun 9 19:17:33 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvy2wrNz6gV1K for ; Tue, 09 Jun 2026 19:17:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdvx4JgQz3LSp for ; Tue, 09 Jun 2026 19:17:33 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032653; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cDmL4q+PNmWxCb3i7zPY+LpNC2NSIxKEB9dLDR7iX5U=; b=Rs/2iFPKoR0NBkGFAyjn89SIBOrqcDrDzbRZb1q0C5Oz3FPjrmZbjw9auAoX+JWhcp/J28 SH2t89NVk2amm1SC/kZmy26I7geLiArhZhACSM0ULGtJhXKcu5r5rlUKEZ81bFc73sm42g KeitRRF7OpPs0Z36SyqQi7heZ7Va7fdWXhEPe1MROTRkGq1cqts2oZiqdDIjWJhCIJ7Y92 gFAv1GCZtOtc2NK2WmFQPvpE0m4/pxZT8ezk8af2oqR011t1YtaVAhS0J221S1tc8dq7SC EOpAzqn4V5kGiUD1cn3oQTFSlainiDX2AkB6SvU9MQ0IKcvqAb9WydWmuRQ+tg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032653; a=rsa-sha256; cv=none; b=qhOg4vmFmIxsSb3qvk3dP1k18sRRyfazpE3JLNq12jEupTG6jjOm9Lanc4cG0N8w25p16h uVuyLJqjg0s3s1VYpb4xejnTbapLpOv6tuOREey+CEivcAzEi+i+ER1448JSgFmbsr4wcq W/wEKTvE0ipuhmAskwOUKpfFnyVchPNACRjdkXwuxYugDhzoDF39BuW0mra+y8MI7xcXkP VCQCF20Ox7sKM2+YMtBXl0I2L/KFJci5DRLdv/ldpSZe6jYd9FzlIKo+pZJ+pVRJ9IMYWG Ij9DC8jwyBzBuAH29U3uIa8t9MdvcgmLnRbv8aEde/5FnFgcGL8tqIJE9T9EfA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032653; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cDmL4q+PNmWxCb3i7zPY+LpNC2NSIxKEB9dLDR7iX5U=; b=Q+svQnYt7Ad50sPSQj9QrHLK/qDaTaVYhTRw3BjhcV9T8IulL/c9xE9uKval8cM+Fr9hoT EfoJYCyn/j+EKLkpo1x5YRrYqhv0WKcv0EXoyb5Lvh+WqyE5rg+3SLKnBSiFQJZJGubGSs SePy29nzPatcuU6BT8B1FNcoJscT1Gf2I+d/tTC0Govlz9fcBHoTwkqzvXo4YXAXCpHpKC GzfFCf5lJpPdkZOSiKEaDs3rRz1U5akwxnuzjF9BIsYCB6FuCWuUfmdglPhX5rKBxc1QWw n+eqPsbj2u/3PTfXb1XQ4uG9Q2Wg9wi3fMjuJoYYjKvyphh0KgJdbIQz+7Z0bg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvx2Jm8znkW for ; Tue, 09 Jun 2026 19:17:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3cd76 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:33 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 3ac9726c4269 - stable/15 - linux: Correct the issetugid check in copyout_auxargs List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 3ac9726c42693822c538367fd80f45b606a59ddf Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:33 +0000 Message-Id: <6a2866cd.3cd76.55b07417@gitrepo.freebsd.org> The branch stable/15 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=3ac9726c42693822c538367fd80f45b606a59ddf commit 3ac9726c42693822c538367fd80f45b606a59ddf Author: Mark Johnston AuthorDate: 2026-05-29 21:41:35 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:24 +0000 linux: Correct the issetugid check in copyout_auxargs The runtime linker in glibc relies on the AT_SECURE auxv entry to know whether the executable is set-ugid, if so then various dangerous functionality such as LD_PRELOAD is disabled. The check added in commit 669414e4fb74 failed to take into account the fact that during execve, P_SUGID may not yet be set for a set-ugid process. Correct the test. Approved by: so Security: FreeBSD-SA-26:30.linux Security: CVE-2026-49413 Reported by: Minseong Kim Fixes: 669414e4fb74 ("Implement AT_SECURE properly.") Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57350 --- sys/compat/linux/linux_elf.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/sys/compat/linux/linux_elf.c b/sys/compat/linux/linux_elf.c index c9eb6aea8373..6c9f785c97e7 100644 --- a/sys/compat/linux/linux_elf.c +++ b/sys/compat/linux/linux_elf.c @@ -492,11 +492,9 @@ __linuxN(copyout_auxargs)(struct image_params *imgp, uintptr_t base) struct thread *td = curthread; Elf_Auxargs *args; Elf_Auxinfo *aarray, *pos; - struct proc *p; int error, issetugid; - p = imgp->proc; - issetugid = p->p_flag & P_SUGID ? 1 : 0; + issetugid = imgp->credential_setid ? 1 : 0; args = imgp->auxargs; aarray = pos = malloc(LINUX_AT_COUNT * sizeof(*pos), M_TEMP, M_WAITOK | M_ZERO); From nobody Tue Jun 9 19:17:36 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdw115H3z6gTlm for ; Tue, 09 Jun 2026 19:17:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdw04Whnz3Lbw for ; Tue, 09 Jun 2026 19:17:36 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032656; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=E2eMaBnDEo1Mj6XyqGImUdYbhlz3Rs4iLuS4ar75Q0Q=; b=UUHNPeIJsvBruSs+w7TJlvRMt1zh4DDorWwbEDT/RM9dUqHE9DuKZBdk4X+/ywGXa2o5R0 a/P01TqQBbU4Y0xndtCpWOne8wbgK6gGspWSARyWxujhqcPue6sxYnqvh2D26L0tISC5Ze pJZvzOJ57tSbld9eVWypTspGXG12WRQHSnsxo+jWuTR4XcF/Td1fwc5VgnlG2EY4DSKY42 XxobadtIazJ5v1Ab+FmX4D6r1TLWGBaXo36JiX5PgkGKKsWcWEBqCMPxFlahJEVm2BTiZk jWmIiJTVfhtbsrswyK+qUihA0dPLj1sxEqCQUOAEkfvi/heI3r6uKbITj5Q+Qg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032656; a=rsa-sha256; cv=none; b=Ic6+BnULfZQr7KlQQMBLdg8QlXWeO6WXYvlRqs2QmUsxW9uEorUVLdR0BNjpPAeWJ0ZdbB 8r7G3QsduW+qRZo04Hrzpb0s9H/7gdwywz3uA8ZjNcBjIPLnoyFRh9jhTbd3BRSDHK8UOg eJ8NSsah6zmTirBaPuqUBp1mdOQdhPbxiThA+omWYfBlfHZNbptCM0p/QnB6O/Jl953Vti 7big3ML3b0LL+rdBlSRQlscUzy74M8noldbfB0pfijchoOjjIGziOVcPQi8Wp4VOBi4lsJ L9tcljWIOlOD4LmAClcHoZ46gCsfN4Tzu1qILXmnp0/G18agtHubb9p8lIslwA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032656; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=E2eMaBnDEo1Mj6XyqGImUdYbhlz3Rs4iLuS4ar75Q0Q=; b=EAiSIsQEWr2NIuI9yAruFpnjlQTRdhEjSZrvkkYnI0YcFWlVkQipgCihDt/X/tNaQMAMqp 36M5qjIp9nNytAnMbx0Eo4E+A6wKIaoFfKo7Oi6aolX7CNx5JE1pfOLS/hvp4AoF7m0cGv //LrJP+WU9wbK95G2gKYydeNmzGigW9fy131KX7c5QdImgu8wAsEg7M0myNlvZaCdKa91j 0k18oNgpitW6FxWGNFdluIiTHw2rrf16J8Q2LYgRq/W0Gm83yiq2UcCvy7pXlDWu2NswXk MiNOurZZOW6px2YLWzVgLkv8L3t1PlRz/r6W9vM1o4W5fPxAvt25tQtE3A7xbg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdw03ns1znvn for ; Tue, 09 Jun 2026 19:17:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e82d by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:36 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: 865c8ff56693 - stable/15 - openssl: Fix multiple vulnerabilities List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 865c8ff56693db508513599cf1e03e9c612cbce2 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:36 +0000 Message-Id: <6a2866d0.3e82d.354576fe@gitrepo.freebsd.org> The branch stable/15 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=865c8ff56693db508513599cf1e03e9c612cbce2 commit 865c8ff56693db508513599cf1e03e9c612cbce2 Author: Gordon Tetlow AuthorDate: 2026-04-29 08:23:24 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:25 +0000 openssl: Fix multiple vulnerabilities This is a rollup commit from upstream to fix: Reject oversized inputs in ASN1_mbstring_ncopy() cms: kek_unwrap_key: Fix out-of-bounds read in check-byte validation cms: kek_unwrap_key: test for fix out-of-bounds read in check-byte validation Avoid length truncation in ASN1_STRING_set pkcs12: verify that the pbmac1 key length is safe Reject potentially forged encrypted CMS AuthEnvelopedData messages QUIC stack must limit the number of PATH_CHALLENGE frames processed in RX Fix NULL dereference in QUIC address validation Fix potential NULL dereference processing CMS PasswordRecipientInfo Fix potential NULL dereference in OSSL_CRMF_ENCRYPTEDVALUE_decrypt() Enforce implicit rejection for CMS/PKCS#7 decryption Use the correct issuer when validating rootCAKeyUpdate Match the local q DHX parameter against the peer's q Apply the buffered IV on the AES-OCB EVP_Cipher() path Fix handling of empty-ciphertext messages in AES-GCM-SIV and AES-SIV Fix possible use-after-free in OpenSSL PKCS7_verify() Approved by: so Obtained from: OpenSSL Security: FreeBSD-SA-26:35.openssl Security: CVE-2026-7383 Security: CVE-2026-9076 Security: CVE-2026-34180 Security: CVE-2026-34181 Security: CVE-2026-34182 Security: CVE-2026-34183 Security: CVE-2026-42764 Security: CVE-2026-42766 Security: CVE-2026-42767 Security: CVE-2026-42768 Security: CVE-2026-42769 Security: CVE-2026-42770 Security: CVE-2026-45445 Security: CVE-2026-45446 Security: CVE-2026-45447 --- crypto/openssl/crypto/asn1/a_mbstr.c | 31 ++++- crypto/openssl/crypto/asn1/tasn_dec.c | 24 ++-- crypto/openssl/crypto/cmp/cmp_genm.c | 6 +- crypto/openssl/crypto/cms/cms_enc.c | 10 +- crypto/openssl/crypto/cms/cms_env.c | 7 -- crypto/openssl/crypto/cms/cms_pwri.c | 13 +- crypto/openssl/crypto/crmf/crmf_lib.c | 10 +- crypto/openssl/crypto/pkcs12/p12_mutl.c | 8 +- crypto/openssl/crypto/pkcs7/pk7_doit.c | 7 -- crypto/openssl/crypto/pkcs7/pk7_smime.c | 9 +- crypto/openssl/doc/man3/CMS_decrypt.pod | 4 +- crypto/openssl/doc/man3/PKCS7_decrypt.pod | 10 +- crypto/openssl/include/internal/quic_cfq.h | 1 + crypto/openssl/include/internal/quic_channel.h | 1 + crypto/openssl/include/internal/quic_fifd.h | 1 + .../ciphers/cipher_aes_gcm_siv_hw.c | 27 ++-- .../implementations/ciphers/cipher_aes_ocb.c | 13 ++ .../implementations/ciphers/cipher_aes_siv.c | 3 + .../providers/implementations/exchange/dh_exch.c | 5 +- crypto/openssl/ssl/quic/quic_cfq.c | 15 +++ crypto/openssl/ssl/quic/quic_channel.c | 6 + crypto/openssl/ssl/quic/quic_channel_local.h | 39 ++++++ crypto/openssl/ssl/quic/quic_fifd.c | 43 +++++++ crypto/openssl/ssl/quic/quic_port.c | 6 +- crypto/openssl/ssl/quic/quic_rx_depack.c | 60 +++++---- crypto/openssl/ssl/quic/quic_txp.c | 2 + crypto/openssl/test/cmsapitest.c | 48 ++++++- crypto/openssl/test/evp_extra_test.c | 140 +++++++++++++++++++++ crypto/openssl/test/recipes/80-test_cmsapi.t | 3 +- .../80-test_cmsapi_data/cms_pwri_kek_oob.der | Bin 0 -> 193 bytes crypto/openssl/test/recipes/80-test_pkcs12.t | 13 +- .../pbmac1_256_256.bad-key-len.p12 | Bin 0 -> 2803 bytes .../pbmac1_256_256.good-shorter-key-len.p12 | Bin 0 -> 2803 bytes 33 files changed, 472 insertions(+), 93 deletions(-) diff --git a/crypto/openssl/crypto/asn1/a_mbstr.c b/crypto/openssl/crypto/asn1/a_mbstr.c index 2270e63d51d4..962e19b2ceaa 100644 --- a/crypto/openssl/crypto/asn1/a_mbstr.c +++ b/crypto/openssl/crypto/asn1/a_mbstr.c @@ -174,11 +174,27 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, break; case MBSTRING_BMP: + if (nchar > INT_MAX / 2) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 1; cpyfunc = cpy_bmp; break; case MBSTRING_UNIV: + if (nchar > INT_MAX / 4) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 2; cpyfunc = cpy_univ; break; @@ -186,8 +202,11 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_UTF8: outlen = 0; ret = traverse_string(in, len, inform, out_utf8, &outlen); - if (ret < 0) { - ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); + if (ret < 0) { /* error already raised in out_utf8() */ + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } return -1; } cpyfunc = cpy_utf8; @@ -270,9 +289,15 @@ static int out_utf8(unsigned long value, void *arg) int *outlen, len; len = UTF8_putc(NULL, -1, value); - if (len <= 0) + if (len <= 0) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); return len; + } outlen = arg; + if (*outlen > INT_MAX - len) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + return -1; + } *outlen += len; return 1; } diff --git a/crypto/openssl/crypto/asn1/tasn_dec.c b/crypto/openssl/crypto/asn1/tasn_dec.c index 91c2e524f55b..e9532b9f48f7 100644 --- a/crypto/openssl/crypto/asn1/tasn_dec.c +++ b/crypto/openssl/crypto/asn1/tasn_dec.c @@ -54,7 +54,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it); /* Table to convert tags to bit values, used for MSTRING type */ @@ -855,19 +855,24 @@ err: /* Translate ASN1 content octets into a structure */ -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it) { ASN1_VALUE **opval = NULL; ASN1_STRING *stmp; ASN1_TYPE *typ = NULL; int ret = 0; + int ilen = (int)len; const ASN1_PRIMITIVE_FUNCS *pf; ASN1_INTEGER **tint; pf = it->funcs; - if (pf && pf->prim_c2i) - return pf->prim_c2i(pval, cont, len, utype, free_cont, it); + if (pf && pf->prim_c2i) { + if (len == (long)ilen) + return pf->prim_c2i(pval, cont, ilen, utype, free_cont, it); + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + return 0; + } /* If ANY type clear type and set pointer to internal value */ if (it->utype == V_ASN1_ANY) { if (*pval == NULL) { @@ -885,7 +890,8 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, } switch (utype) { case V_ASN1_OBJECT: - if (!ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) + if (len != (long)ilen + || !ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, ilen)) goto err; break; @@ -940,6 +946,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_SET: case V_ASN1_SEQUENCE: default: + if (len != (long)ilen) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + goto err; + } if (utype == V_ASN1_BMPSTRING && (len & 1)) { ERR_raise(ERR_LIB_ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); goto err; @@ -970,10 +980,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, } /* If we've already allocated a buffer use it */ if (*free_cont) { - ASN1_STRING_set0(stmp, (unsigned char *)cont /* UGLY CAST! */, len); + ASN1_STRING_set0(stmp, (unsigned char *)cont /* UGLY CAST! */, ilen); *free_cont = 0; } else { - if (!ASN1_STRING_set(stmp, cont, len)) { + if (!ASN1_STRING_set(stmp, cont, ilen)) { ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); ASN1_STRING_free(stmp); *pval = NULL; diff --git a/crypto/openssl/crypto/cmp/cmp_genm.c b/crypto/openssl/crypto/cmp/cmp_genm.c index bcc121f14695..ec1f03d20c1a 100644 --- a/crypto/openssl/crypto/cmp/cmp_genm.c +++ b/crypto/openssl/crypto/cmp/cmp_genm.c @@ -202,7 +202,7 @@ static int selfsigned_verify_cb(int ok, X509_STORE_CTX *store_ctx) for (i = 0; i < sk_X509_num(trust); i++) { issuer = sk_X509_value(trust, i); if ((*check_issued)(store_ctx, cert, issuer)) { - if (X509_add_cert(chain, cert, X509_ADD_FLAG_UP_REF)) + if (X509_add_cert(chain, issuer, X509_ADD_FLAG_UP_REF)) ok = 1; break; } @@ -235,6 +235,7 @@ static int verify_ss_cert(OSSL_LIB_CTX *libctx, const char *propq, if ((csc = X509_STORE_CTX_new_ex(libctx, propq)) == NULL || !X509_STORE_CTX_init(csc, ts, target, untrusted)) goto err; + X509_STORE_CTX_set_flags(csc, X509_V_FLAG_CHECK_SS_SIGNATURE); X509_STORE_CTX_set_verify_cb(csc, selfsigned_verify_cb); ok = X509_verify_cert(csc) > 0; @@ -253,7 +254,8 @@ verify_ss_cert_trans(OSSL_CMP_CTX *ctx, X509 *trusted /* may be NULL */, int res = 0; if (trusted != NULL) { - X509_VERIFY_PARAM *vpm = X509_STORE_get0_param(ts); + X509_VERIFY_PARAM *vpm = (ts == NULL) ? NULL + : X509_STORE_get0_param(ts); if ((ts = X509_STORE_new()) == NULL) return 0; diff --git a/crypto/openssl/crypto/cms/cms_enc.c b/crypto/openssl/crypto/cms/cms_enc.c index 08afb5ab114b..ba7082cebd72 100644 --- a/crypto/openssl/crypto/cms/cms_enc.c +++ b/crypto/openssl/crypto/cms/cms_enc.c @@ -109,13 +109,15 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, goto err; } piv = aparams.iv; - if (ec->taglen > 0 - && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, - ec->taglen, ec->tag) - <= 0) { + + if (ec->taglen < 4 || ec->taglen > 16 + || EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, (int)ec->taglen, ec->tag) <= 0) { ERR_raise(ERR_LIB_CMS, CMS_R_CIPHER_AEAD_SET_TAG_ERROR); goto err; } + } else if (auth) { + ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM); + goto err; } } len = EVP_CIPHER_CTX_get_key_length(ctx); diff --git a/crypto/openssl/crypto/cms/cms_env.c b/crypto/openssl/crypto/cms/cms_env.c index 0828d157fad6..70dd59c06169 100644 --- a/crypto/openssl/crypto/cms/cms_env.c +++ b/crypto/openssl/crypto/cms/cms_env.c @@ -619,13 +619,6 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, if (!ossl_cms_env_asn1_ctrl(ri, 1)) goto err; - if (EVP_PKEY_is_a(pkey, "RSA")) - /* upper layer CMS code incorrectly assumes that a successful RSA - * decryption means that the key matches ciphertext (which never - * was the case, implicit rejection or not), so to make it work - * disable implicit rejection for RSA keys */ - EVP_PKEY_CTX_ctrl_str(ktri->pctx, "rsa_pkcs1_implicit_rejection", "0"); - if (evp_pkey_decrypt_alloc(ktri->pctx, &ek, &eklen, fixlen, ktri->encryptedKey->data, ktri->encryptedKey->length) diff --git a/crypto/openssl/crypto/cms/cms_pwri.c b/crypto/openssl/crypto/cms/cms_pwri.c index d62dbbde881b..faf6a164669b 100644 --- a/crypto/openssl/crypto/cms/cms_pwri.c +++ b/crypto/openssl/crypto/cms/cms_pwri.c @@ -200,18 +200,18 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen, EVP_CIPHER_CTX *ctx) { - size_t blocklen = EVP_CIPHER_CTX_get_block_size(ctx); + int blocklen = EVP_CIPHER_CTX_get_block_size(ctx); unsigned char *tmp; int outl, rv = 0; - if (blocklen == 0) + if (blocklen < 4) return 0; - if (inlen < 2 * blocklen) { + if (inlen < 2 * (size_t)blocklen) { /* too small */ return 0; } - if (inlen % blocklen) { + if (inlen > INT_MAX || inlen % blocklen) { /* Invalid size */ return 0; } @@ -367,6 +367,11 @@ int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, /* Finish password based key derivation to setup key in "ctx" */ + if (algtmp == NULL) { + ERR_raise_data(ERR_LIB_CMS, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER, + "Missing KeyDerivationAlgorithm"); + goto err; + } if (!EVP_PBE_CipherInit_ex(algtmp->algorithm, (char *)pwri->pass, (int)pwri->passlen, algtmp->parameter, kekctx, en_de, diff --git a/crypto/openssl/crypto/crmf/crmf_lib.c b/crypto/openssl/crypto/crmf/crmf_lib.c index d5c8983b2fd4..34477d52662d 100644 --- a/crypto/openssl/crypto/crmf/crmf_lib.c +++ b/crypto/openssl/crypto/crmf/crmf_lib.c @@ -766,6 +766,7 @@ unsigned char *OSSL_CRMF_ENCRYPTEDVALUE_decrypt(const OSSL_CRMF_ENCRYPTEDVALUE * EVP_CIPHER *cipher = NULL; /* used cipher */ int cikeysize = 0; /* key size from cipher */ unsigned char *iv = NULL; /* initial vector for symmetric encryption */ + int iv_len; /* iv length */ unsigned char *out = NULL; /* decryption output buffer */ int n, ret = 0; EVP_PKEY_CTX *pkctx = NULL; /* private key context */ @@ -820,11 +821,12 @@ unsigned char *OSSL_CRMF_ENCRYPTEDVALUE_decrypt(const OSSL_CRMF_ENCRYPTEDVALUE * } else { goto end; } - if ((iv = OPENSSL_malloc(EVP_CIPHER_get_iv_length(cipher))) == NULL) + iv_len = EVP_CIPHER_get_iv_length(cipher); + if ((iv = OPENSSL_malloc(iv_len)) == NULL) goto end; - if (ASN1_TYPE_get_octetstring(enc->symmAlg->parameter, iv, - EVP_CIPHER_get_iv_length(cipher)) - != EVP_CIPHER_get_iv_length(cipher)) { + if (enc->symmAlg->parameter == NULL + || ASN1_TYPE_get_octetstring(enc->symmAlg->parameter, iv, iv_len) + != iv_len) { ERR_raise(ERR_LIB_CRMF, CRMF_R_MALFORMED_IV); goto end; } diff --git a/crypto/openssl/crypto/pkcs12/p12_mutl.c b/crypto/openssl/crypto/pkcs12/p12_mutl.c index 01956252df76..15072e12f26b 100644 --- a/crypto/openssl/crypto/pkcs12/p12_mutl.c +++ b/crypto/openssl/crypto/pkcs12/p12_mutl.c @@ -144,11 +144,13 @@ static int PBMAC1_PBKDF2_HMAC(OSSL_LIB_CTX *ctx, const char *propq, } pbkdf2_salt = pbkdf2_param->salt->value.octet_string; - /* RFC 9579 specifies missing key length as invalid */ + /* RFC 9879 specifies missing key length as invalid */ if (pbkdf2_param->keylength != NULL) keylen = ASN1_INTEGER_get(pbkdf2_param->keylength); - if (keylen <= 0 || keylen > EVP_MAX_MD_SIZE) { - ERR_raise(ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR); + /* RFC 9879 specifies too short key length as untrustworthy too */ + if (keylen < 20 || keylen > EVP_MAX_MD_SIZE) { + ERR_raise_data(ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR, + "Invalid Key length (%d is not in the range 20..64)", keylen); goto err; } diff --git a/crypto/openssl/crypto/pkcs7/pk7_doit.c b/crypto/openssl/crypto/pkcs7/pk7_doit.c index d6513cf3a379..1ec7895fc197 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_doit.c +++ b/crypto/openssl/crypto/pkcs7/pk7_doit.c @@ -203,13 +203,6 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, if (EVP_PKEY_decrypt_init(pctx) <= 0) goto err; - if (EVP_PKEY_is_a(pkey, "RSA")) - /* upper layer pkcs7 code incorrectly assumes that a successful RSA - * decryption means that the key matches ciphertext (which never - * was the case, implicit rejection or not), so to make it work - * disable implicit rejection for RSA keys */ - EVP_PKEY_CTX_ctrl_str(pctx, "rsa_pkcs1_implicit_rejection", "0"); - ret = evp_pkey_decrypt_alloc(pctx, &ek, &eklen, fixlen, ri->enc_key->data, ri->enc_key->length); if (ret <= 0) diff --git a/crypto/openssl/crypto/pkcs7/pk7_smime.c b/crypto/openssl/crypto/pkcs7/pk7_smime.c index 97f20058979f..dc003ee2affd 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_smime.c +++ b/crypto/openssl/crypto/pkcs7/pk7_smime.c @@ -222,6 +222,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, int i, j = 0, k, ret = 0; BIO *p7bio = NULL; BIO *tmpout = NULL; + BIO *next = NULL; const PKCS7_CTX *p7_ctx; if (p7 == NULL) { @@ -352,9 +353,11 @@ err: BIO_free(tmpout); X509_STORE_CTX_free(cert_ctx); OPENSSL_free(buf); - if (indata != NULL) - BIO_pop(p7bio); - BIO_free_all(p7bio); + while (p7bio != NULL && p7bio != indata) { + next = BIO_pop(p7bio); + BIO_free(p7bio); + p7bio = next; + } sk_X509_free(signers); sk_X509_free(untrusted); return ret; diff --git a/crypto/openssl/doc/man3/CMS_decrypt.pod b/crypto/openssl/doc/man3/CMS_decrypt.pod index 121b74a30a10..66a94287b6f5 100644 --- a/crypto/openssl/doc/man3/CMS_decrypt.pod +++ b/crypto/openssl/doc/man3/CMS_decrypt.pod @@ -68,7 +68,7 @@ then the above behaviour is modified and an error B returned if no recipient encrypted key can be decrypted B generating a random content encryption key. Applications should use this flag with B especially in automated gateways as it can leave them -open to attack. +open to attack. See L for more details. It is possible to determine the correct recipient key by other means (for example looking them up in a database) and setting them in the CMS structure @@ -103,7 +103,7 @@ mentioned in CMS_verify() also applies to CMS_decrypt(). =head1 SEE ALSO -L, L +L, L, L =head1 HISTORY diff --git a/crypto/openssl/doc/man3/PKCS7_decrypt.pod b/crypto/openssl/doc/man3/PKCS7_decrypt.pod index aea15937ab86..cfb5b3f87376 100644 --- a/crypto/openssl/doc/man3/PKCS7_decrypt.pod +++ b/crypto/openssl/doc/man3/PKCS7_decrypt.pod @@ -22,6 +22,14 @@ B is an optional set of flags. Although the recipients certificate is not needed to decrypt the data it is needed to locate the appropriate (of possible several) recipients in the PKCS#7 structure. +When RSA PKCS#1 v1.5 Key Transport is in use, the invoked EVP_PKEY_decrypt() +will use implicit rejection mechanism. It always returns the result of RSA +decryption of the symmetric key to avoid Marvin attack. This result is +deterministic and can happen to match the symmetric cipher used for the content +encryption. In case when the certificate is not provided, the last +RecipientInfo producing the key looking valid will be used. It may cause +getting garbage content on decryption. + The following flags can be passed in the B parameter. If the B flag is set MIME headers for type B are deleted @@ -43,7 +51,7 @@ mentioned in PKCS7_sign() also applies to PKCS7_verify(). =head1 SEE ALSO -L, L +L, L, L =head1 COPYRIGHT diff --git a/crypto/openssl/include/internal/quic_cfq.h b/crypto/openssl/include/internal/quic_cfq.h index 0b2a3a4cb2d6..96c8d89eb600 100644 --- a/crypto/openssl/include/internal/quic_cfq.h +++ b/crypto/openssl/include/internal/quic_cfq.h @@ -149,6 +149,7 @@ QUIC_CFQ_ITEM *ossl_quic_cfq_get_priority_head(const QUIC_CFQ *cfq, QUIC_CFQ_ITEM *ossl_quic_cfq_item_get_priority_next(const QUIC_CFQ_ITEM *item, uint32_t pn_space); +int ossl_quic_cfq_discard_unreliable(QUIC_CFQ *cfq, QUIC_CFQ_ITEM *item); #endif #endif diff --git a/crypto/openssl/include/internal/quic_channel.h b/crypto/openssl/include/internal/quic_channel.h index b917b966abeb..cfaeab728178 100644 --- a/crypto/openssl/include/internal/quic_channel.h +++ b/crypto/openssl/include/internal/quic_channel.h @@ -468,6 +468,7 @@ int ossl_quic_bind_channel(QUIC_CHANNEL *ch, const BIO_ADDR *peer, const QUIC_CONN_ID *scid, const QUIC_CONN_ID *dcid, const QUIC_CONN_ID *odcid); +void ossl_ch_reset_rx_state(QUIC_CHANNEL *ch); #endif #endif diff --git a/crypto/openssl/include/internal/quic_fifd.h b/crypto/openssl/include/internal/quic_fifd.h index 4ea7a2e0d226..afa330cbc4a2 100644 --- a/crypto/openssl/include/internal/quic_fifd.h +++ b/crypto/openssl/include/internal/quic_fifd.h @@ -83,6 +83,7 @@ int ossl_quic_fifd_pkt_commit(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *pkt); void ossl_quic_fifd_set_qlog_cb(QUIC_FIFD *fifd, QLOG *(*get_qlog_cb)(void *arg), void *arg); +void ossl_quic_fifd_pkt_discard_unreliable(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *tpkt); #endif #endif diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c index d0b6ae4b070d..5bdc567b4bb1 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c @@ -58,6 +58,9 @@ static int aes_gcm_siv_initkey(void *vctx) memset(&data, 0, sizeof(data)); memcpy(&data.block[sizeof(data.counter)], ctx->nonce, NONCE_SIZE); + ctx->generated_tag = 0; + memset(ctx->tag, 0, TAG_SIZE); + /* msg_auth_key is always 16 bytes in size, regardless of AES128/AES256 */ /* counter is stored little-endian */ for (i = 0; i < BLOCK_SIZE; i += 8) { @@ -134,17 +137,6 @@ static int aes_gcm_siv_aad(PROV_AES_GCM_SIV_CTX *ctx, return 1; } -static int aes_gcm_siv_finish(PROV_AES_GCM_SIV_CTX *ctx) -{ - int ret = 0; - - if (ctx->enc) - return ctx->generated_tag; - ret = !CRYPTO_memcmp(ctx->tag, ctx->user_tag, sizeof(ctx->tag)); - ret &= ctx->have_user_tag; - return ret; -} - static int aes_gcm_siv_encrypt(PROV_AES_GCM_SIV_CTX *ctx, const unsigned char *in, unsigned char *out, size_t len) { @@ -271,6 +263,19 @@ static int aes_gcm_siv_decrypt(PROV_AES_GCM_SIV_CTX *ctx, const unsigned char *i return !error; } +static int aes_gcm_siv_finish(PROV_AES_GCM_SIV_CTX *ctx) +{ + int ret = 0; + + if (ctx->enc) + return ctx->generated_tag; + if (!ctx->generated_tag) + aes_gcm_siv_decrypt(ctx, NULL, NULL, 0); + ret = !CRYPTO_memcmp(ctx->tag, ctx->user_tag, sizeof(ctx->tag)); + ret &= ctx->have_user_tag; + return ret; +} + static int aes_gcm_siv_cipher(void *vctx, unsigned char *out, const unsigned char *in, size_t len) { diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c index b724c425e392..99254cb49a88 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c @@ -514,6 +514,19 @@ static int aes_ocb_cipher(void *vctx, unsigned char *out, size_t *outl, return 0; } + /* + * Mirror the streaming handler: refuse if the key has not been set, + * and push the buffered IV into the OCB context before any data is + * processed. Without this, CRYPTO_ocb128_encrypt/decrypt runs with + * Offset_0 = 0 regardless of the caller's IV -- catastrophic + * (key, nonce) reuse, and a subsequent EVP_*Final_ex() emits a tag + * that is a function of (key, iv) only. + */ + if (!ctx->key_set || !update_iv(ctx)) { + ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); + return 0; + } + if (!aes_generic_ocb_cipher(ctx, in, out, inl)) { ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); return 0; diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c index 96f26757abe2..754e0757cda3 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c @@ -192,6 +192,7 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; const OSSL_PARAM *p; unsigned int speed = 0; + SIV128_CONTEXT *sctx = &ctx->siv; if (ossl_param_is_empty(params)) return 1; @@ -226,6 +227,8 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (keylen != ctx->keylen) return 0; } + sctx->final_ret = -1; + return 1; } diff --git a/crypto/openssl/providers/implementations/exchange/dh_exch.c b/crypto/openssl/providers/implementations/exchange/dh_exch.c index 94d4254ed5d2..2bfefc0aedf4 100644 --- a/crypto/openssl/providers/implementations/exchange/dh_exch.c +++ b/crypto/openssl/providers/implementations/exchange/dh_exch.c @@ -146,12 +146,15 @@ static int dh_init(void *vpdhctx, void *vdh, const OSSL_PARAM params[]) static int dh_match_params(DH *priv, DH *peer) { int ret; + int ignore_q = 1; FFC_PARAMS *dhparams_priv = ossl_dh_get0_params(priv); FFC_PARAMS *dhparams_peer = ossl_dh_get0_params(peer); + if (dhparams_priv != NULL && dhparams_priv->q != NULL) + ignore_q = 0; ret = dhparams_priv != NULL && dhparams_peer != NULL - && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, 1); + && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, ignore_q); if (!ret) ERR_raise(ERR_LIB_PROV, PROV_R_MISMATCHING_DOMAIN_PARAMETERS); return ret; diff --git a/crypto/openssl/ssl/quic/quic_cfq.c b/crypto/openssl/ssl/quic/quic_cfq.c index 3c59234ff0ff..16818e55f57d 100644 --- a/crypto/openssl/ssl/quic/quic_cfq.c +++ b/crypto/openssl/ssl/quic/quic_cfq.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#include "internal/quic_channel.h" #include "internal/quic_cfq.h" #include "internal/numbers.h" @@ -307,6 +308,20 @@ void ossl_quic_cfq_mark_lost(QUIC_CFQ *cfq, QUIC_CFQ_ITEM *item, } } +int ossl_quic_cfq_discard_unreliable(QUIC_CFQ *cfq, QUIC_CFQ_ITEM *item) +{ + int discarded; + + if (ossl_quic_cfq_item_is_unreliable(item)) { + ossl_quic_cfq_release(cfq, item); + discarded = 1; + } else { + discarded = 0; + } + + return discarded; +} + /* * Releases a CFQ item. The item may be in either state (NEW or TX) prior to the * call. The QUIC_CFQ_ITEM pointer must not be used following this call. diff --git a/crypto/openssl/ssl/quic/quic_channel.c b/crypto/openssl/ssl/quic/quic_channel.c index 13692e5bd09e..5f81a8560d5f 100644 --- a/crypto/openssl/ssl/quic/quic_channel.c +++ b/crypto/openssl/ssl/quic/quic_channel.c @@ -2213,6 +2213,12 @@ static void ch_rx_check_forged_pkt_limit(QUIC_CHANNEL *ch) "forgery limit"); } +void ossl_ch_reset_rx_state(QUIC_CHANNEL *ch) +{ + ch->did_crypto_frame = 0; + ch->seen_path_challenge = 0; +} + /* Process queued incoming packets and handle frames, if any. */ static int ch_rx(QUIC_CHANNEL *ch, int channel_only, int *notify_other_threads) { diff --git a/crypto/openssl/ssl/quic/quic_channel_local.h b/crypto/openssl/ssl/quic/quic_channel_local.h index ae443fccca1e..e40b4901cbc7 100644 --- a/crypto/openssl/ssl/quic/quic_channel_local.h +++ b/crypto/openssl/ssl/quic/quic_channel_local.h @@ -12,6 +12,28 @@ #include "internal/quic_stream_map.h" #include "internal/quic_tls.h" +/* + * This is a part of PATH_CHALLENGE flood [1] mitigation. This limits the + * number of PATH_CHALLENGE frames QUIC stack is willing to process for + * connection. Local QUIC stack creates PATH_RESPONSE frame for PATH_CHALLENGE + * frame it receives from remote peer. The response frame is put Control Frame + * Queue waiting to be dispatched. The PATH_RESPONSE frame is removed from CFQ + * after it is dispatched. The QUIC_PATH_RESPONSE_QLEN limits the number of + * PATH_RESPONSE frames waiting to be dispatched. No new PATH_RESPONSE frames + * are inserted into CFQ if queue limit is exceeded. + * + * QUIC implementations use different limits for PATH_RESPONSE queue lengths: + * quic-go defines maxPathResponses as 256 + * quiche from cloadflare sets DEFAULT_MAX_PATH_CHALLENGE_RX_QUEUE_LEN to 3 + * t-quic from tencent chooses MAX_PATH_CHALS_RECV to be 8 + * + * OpenSSL here introduces QUIC_PATH_RESPONSE_QLEN as 32. + * + * [1] https://www.ietf.org/archive/id/draft-chen-quic-logical-vuln-mitigations-00.txt + * (section 4.2) + */ +#define QUIC_PATH_RESPONSE_QLEN 32 + /* * QUIC Channel Structure * ====================== @@ -457,6 +479,18 @@ struct quic_channel_st { /* Has qlog been requested? */ unsigned int is_tserver_ch : 1; + /* + * RFC 9000 Section 9.2.1 says: + * However, an endpoint SHOULD NOT send multiple + * PATH_CHALLENGE frames in a single packet. + * The counter here allows us to detect multiple presence + * of PATH_CHALLENGE frame in packet. We process only the + * first PATH_CHALLENGE frame found in packet. Remaining PATH_CHALLENGE + * frames are ignored. + * seen_path_challenge flag is always reset before + * ossl_quic_handle_frames() gets called. + */ + unsigned int seen_path_challenge : 1; /* Saved error stack in case permanent error was encountered */ ERR_STATE *err_state; @@ -467,6 +501,11 @@ struct quic_channel_st { /* Title for qlog purposes. We own this copy. */ char *qlog_title; + /* + * number of path responses waiting to be dispatched + * from control frame queue (CFQ) + */ + unsigned int path_response_limit; }; #endif diff --git a/crypto/openssl/ssl/quic/quic_fifd.c b/crypto/openssl/ssl/quic/quic_fifd.c index 03b8cebd3057..e80483b501d7 100644 --- a/crypto/openssl/ssl/quic/quic_fifd.c +++ b/crypto/openssl/ssl/quic/quic_fifd.c @@ -310,3 +310,46 @@ void ossl_quic_fifd_set_qlog_cb(QUIC_FIFD *fifd, QLOG *(*get_qlog_cb)(void *arg) fifd->get_qlog_cb = get_qlog_cb; fifd->get_qlog_cb_arg = get_qlog_cb_arg; } + +static void txpim_pkt_remove_cfq_item(QUIC_TXPIM_PKT *pkt, QUIC_CFQ_ITEM *cfq_item) +{ + QUIC_CFQ_ITEM *prev = cfq_item->pkt_prev; + + if (prev != NULL) { + prev->pkt_next = cfq_item->pkt_next; + } else { + pkt->retx_head = cfq_item->pkt_next; + } + + if (cfq_item->pkt_next != NULL) + cfq_item->pkt_next->pkt_prev = prev; + + cfq_item->pkt_prev = NULL; + cfq_item->pkt_next = NULL; +} + +void ossl_quic_fifd_pkt_discard_unreliable(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *pkt) +{ + QUIC_CFQ_ITEM *cfq_item, *cfq_next; + + /* + * The packet has been written to network. We can discard frames we don't + * retransmit when loss is detected. + */ + cfq_item = pkt->retx_head; + while (cfq_item != NULL) { + /* + * Discarded items are moved to free list. If item + * got moved to free list we must also remove it from + * cfq list kept in pkt, so ACKM does not find it when + * receives an ACK for pkt. + */ + if (ossl_quic_cfq_discard_unreliable(fifd->cfq, cfq_item)) { + cfq_next = cfq_item->pkt_next; + txpim_pkt_remove_cfq_item(pkt, cfq_item); + cfq_item = cfq_next; + } else { + cfq_item = cfq_item->pkt_next; + } + } +} diff --git a/crypto/openssl/ssl/quic/quic_port.c b/crypto/openssl/ssl/quic/quic_port.c index 1e247e1ec624..dc79485b96a5 100644 --- a/crypto/openssl/ssl/quic/quic_port.c +++ b/crypto/openssl/ssl/quic/quic_port.c @@ -1666,8 +1666,10 @@ static void port_default_packet_handler(QUIC_URXE *e, void *arg, * forget qrx so channel can create a new one * with valid initial encryption level keys. */ - qrx_src = qrx; - qrx = NULL; + if (qrx != NULL) { + qrx_src = qrx; + qrx = NULL; + } } port_bind_channel(port, &e->peer, &scid, &hdr.dst_conn_id, diff --git a/crypto/openssl/ssl/quic/quic_rx_depack.c b/crypto/openssl/ssl/quic/quic_rx_depack.c index 786af9b4c221..1bdb43b7d639 100644 --- a/crypto/openssl/ssl/quic/quic_rx_depack.c +++ b/crypto/openssl/ssl/quic/quic_rx_depack.c @@ -931,6 +931,12 @@ static int depack_do_frame_retire_conn_id(PACKET *pkt, static void free_path_response(unsigned char *buf, size_t buf_len, void *arg) { + QUIC_CHANNEL *ch = (QUIC_CHANNEL *)arg; + + assert(ch->path_response_limit > 0); + + ch->path_response_limit--; + OPENSSL_free(buf); } @@ -951,33 +957,39 @@ static int depack_do_frame_path_challenge(PACKET *pkt, return 0; } - /* - * RFC 9000 s. 8.2.2: On receiving a PATH_CHALLENGE frame, an endpoint MUST - * respond by echoing the data contained in the PATH_CHALLENGE frame in a - * PATH_RESPONSE frame. - * - * TODO(QUIC FUTURE): We should try to avoid allocation here in the future. - */ - encoded_len = sizeof(uint64_t) + 1; - if ((encoded = OPENSSL_malloc(encoded_len)) == NULL) - goto err; + if (ch->seen_path_challenge == 0 + && ch->path_response_limit < QUIC_PATH_RESPONSE_QLEN) { + /* + * RFC 9000 s. 8.2.2: On receiving a PATH_CHALLENGE frame, an endpoint + * MUST respond by echoing the data contained in the PATH_CHALLENGE + * frame in a PATH_RESPONSE frame. + * + * TODO(QUIC FUTURE): We should try to avoid allocation here in the + * future. + */ + encoded_len = sizeof(uint64_t) + 1; + if ((encoded = OPENSSL_malloc(encoded_len)) == NULL) + goto err; - if (!WPACKET_init_static_len(&wpkt, encoded, encoded_len, 0)) - goto err; + if (!WPACKET_init_static_len(&wpkt, encoded, encoded_len, 0)) + goto err; - if (!ossl_quic_wire_encode_frame_path_response(&wpkt, frame_data)) { - WPACKET_cleanup(&wpkt); - goto err; - } + if (!ossl_quic_wire_encode_frame_path_response(&wpkt, frame_data)) { + WPACKET_cleanup(&wpkt); + goto err; + } - WPACKET_finish(&wpkt); + WPACKET_finish(&wpkt); - if (!ossl_quic_cfq_add_frame(ch->cfq, 0, QUIC_PN_SPACE_APP, - OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, - QUIC_CFQ_ITEM_FLAG_UNRELIABLE, - encoded, encoded_len, - free_path_response, NULL)) - goto err; + if (!ossl_quic_cfq_add_frame(ch->cfq, 0, QUIC_PN_SPACE_APP, + OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, + QUIC_CFQ_ITEM_FLAG_UNRELIABLE, + encoded, encoded_len, + free_path_response, ch)) + goto err; + ch->seen_path_challenge = 1; + ch->path_response_limit++; + } return 1; @@ -1432,7 +1444,7 @@ int ossl_quic_handle_frames(QUIC_CHANNEL *ch, OSSL_QRX_PKT *qpacket) if (ch == NULL) return 0; - ch->did_crypto_frame = 0; + ossl_ch_reset_rx_state(ch); /* Initialize |ackm_data| (and reinitialize |ok|)*/ memset(&ackm_data, 0, sizeof(ackm_data)); diff --git a/crypto/openssl/ssl/quic/quic_txp.c b/crypto/openssl/ssl/quic/quic_txp.c index 44aaad868d2f..b2565c1a9fee 100644 --- a/crypto/openssl/ssl/quic/quic_txp.c +++ b/crypto/openssl/ssl/quic/quic_txp.c @@ -3133,6 +3133,8 @@ static int txp_pkt_commit(OSSL_QUIC_TX_PACKETISER *txp, --probe_info->pto[pn_space]; } + ossl_quic_fifd_pkt_discard_unreliable(&txp->fifd, tpkt); + return rc; } diff --git a/crypto/openssl/test/cmsapitest.c b/crypto/openssl/test/cmsapitest.c index 0752d14df09c..d908bc6fc4c4 100644 --- a/crypto/openssl/test/cmsapitest.c +++ b/crypto/openssl/test/cmsapitest.c @@ -21,6 +21,7 @@ static X509 *cert = NULL; static EVP_PKEY *privkey = NULL; static char *derin = NULL; static char *too_long_iv_cms_in = NULL; +static char *pwri_kek_oob_der_in = NULL; static int test_encrypt_decrypt(const EVP_CIPHER *cipher) { @@ -512,7 +513,48 @@ end: return ret; } -OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile\n") +/* + * CMS EnvelopedData with a single PasswordRecipientInfo using + * id-alg-PWRI-KEK and an AES-128-CFB key encryption cipher + * (1-byte effective block size). The encryptedKey OCTET STRING is + * only two bytes long, so the wrapped key buffer is shorter than + * the seven octets read by the check-byte test in kek_unwrap_key(). + * Prior to CVE-2026-9076 this triggered an out-of-bounds heap read; + * CMS_decrypt() must now fail cleanly. + */ +static int test_pwri_kek_unwrap_short_encrypted_key(void) +{ + BIO *in = NULL; + CMS_ContentInfo *cms = NULL; + unsigned long err = 0; + int ret = 0; + + if (!TEST_ptr(in = BIO_new_file(pwri_kek_oob_der_in, "rb")) + || !TEST_ptr(cms = d2i_CMS_bio(in, NULL))) + goto end; + + /* + * The unwrap is attempted eagerly inside CMS_decrypt_set1_password(). + * It must fail cleanly (no OOB read) and report CMS_R_UNWRAP_FAILURE. + */ + if (!TEST_false(CMS_decrypt_set1_password(cms, + (unsigned char *)"password", -1))) + goto end; + + err = ERR_peek_last_error(); + if (!TEST_int_eq(ERR_GET_LIB(err), ERR_LIB_CMS) + || !TEST_int_eq(ERR_GET_REASON(err), CMS_R_UNWRAP_FAILURE)) + goto end; + + ERR_clear_error(); + ret = 1; +end: + CMS_ContentInfo_free(cms); + BIO_free(in); + return ret; +} + +OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile tooLongIVpem pwriKekOobDer\n") int setup_tests(void) { @@ -527,7 +569,8 @@ int setup_tests(void) if (!TEST_ptr(certin = test_get_argument(0)) || !TEST_ptr(privkeyin = test_get_argument(1)) || !TEST_ptr(derin = test_get_argument(2)) - || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3))) + || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3)) + || !TEST_ptr(pwri_kek_oob_der_in = test_get_argument(4))) *** 235 LINES SKIPPED *** From nobody Tue Jun 9 19:17:37 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdw21xR7z6gV1W for ; Tue, 09 Jun 2026 19:17:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdw15BD3z3LWm for ; Tue, 09 Jun 2026 19:17:37 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032657; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TY+HykSouYlZggLD78WfhyYm5RKqNHCrpj1Mee6u+g8=; b=xV8mbXm+30A3t1r2VSy51rLgLl2yJGuCp0KM3CkDVem1WemAdOMW4/EDe5RY4StmLJ8CIH 5nHgFRpwUaY3r2X3t0BJQ9nGPsp1nms8cQY5AoHemwWgs5XfNucs9xo5Zudyqt/mTVulkq m/frUpp4zLs1hhDF2I1YTTC5zRhbLhl+dSt18heZ5cE82fR12dIzbLNRINDicrJFMpv3Tq +8VjFXoXj8mwY4k/74Yhm6d7i8+Emo2fen/H9pfoRqlbN6TvAmsnYxnu3oQBbQeJDic4LV 25fxm/IsjWoSkqFXadVjrqEv36nBedDRlWuALxjkl2fLFK9EdImXaRfV9/EQFg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032657; a=rsa-sha256; cv=none; b=iymL6GP+oCqiX9ZLowf33JafOhaxHlfNwOcNx39S/BkhHujoSJi9VdoCr+y76ikdgqHVHf /pXIGmwQGqIYN1WWFtKBzBH783j54YE2GB4yVSVrBfnXlrj/Hr44TYA5WraxfQArFiy/8w qpmzJt8DO0Ghg3II9NXGGdKC9nd2kGPjD0CdMrj/aLdgIHbcdtD+sulste4n86JQ2PQgw4 dTyVedDu1G08AXN0jmtWoiTiT0iMvhsUleswQ7LgYCZFXqmQXpYl1skva7Nx6F0KwgCE/m 02h8eZvzNAW7ZSg1BLmLsDl1tGzLqFQUrRogpnfm2nTkA6cwzGraMTMhBgHbog== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032657; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TY+HykSouYlZggLD78WfhyYm5RKqNHCrpj1Mee6u+g8=; b=Y5wPK+8aQIHwWWnBhS5XX5hyjUxrYWXJ/mO0GRXxMo2G+hOAlN8I85heQQ0sUgRnwS5Vlt SHnG0bmXFgi8zdMZXsSeg9dZ5wGbPiClqDB+MvQA12QCxcnEcS9QIPe3/qtnULacbavZgb UDY+o4qkduGGSkpBMt9zhNM/qwFmrSyWE06SegS7IgB9kuoKPypQCVCK8NIJlFU8ql5zqw NE6oeSmMB0ME1g/eS3fewEKGanLDhhUav3ofw/JtgetrdcmDKMrzThzshjUd5sWkouUMxd gcq/x3hq+g7Bd5ykJDQryV+LpEmjJP2Pwub7mdZcFhNCzELxurAd2b5czAg6/A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdw14MF1znFg for ; Tue, 09 Jun 2026 19:17:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e788 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:37 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: 20bfab98f8ae - stable/15 - ldns: Fix query response validation List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 20bfab98f8ae58261bd180bdc49a17eff1b08eb9 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:37 +0000 Message-Id: <6a2866d1.3e788.4633d0c6@gitrepo.freebsd.org> The branch stable/15 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=20bfab98f8ae58261bd180bdc49a17eff1b08eb9 commit 20bfab98f8ae58261bd180bdc49a17eff1b08eb9 Author: Gordon Tetlow AuthorDate: 2026-06-07 15:09:39 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:25 +0000 ldns: Fix query response validation Approved by: so Security: FreeBSD-SA-26:36.ldns Security: CVE-2026-10846 --- contrib/ldns/error.c | 6 ++++ contrib/ldns/ldns/error.h | 5 ++- contrib/ldns/net.c | 92 +++++++++++++++++++++++++++++++++++++++++++++-- 3 files changed, 100 insertions(+), 3 deletions(-) diff --git a/contrib/ldns/error.c b/contrib/ldns/error.c index 5723aea9b4c2..4fc05d6d0d8f 100644 --- a/contrib/ldns/error.c +++ b/contrib/ldns/error.c @@ -191,6 +191,12 @@ ldns_lookup_table ldns_error_str[] = { "at least 2 bytes of option data" }, { LDNS_STATUS_EQUAL_RR, "An identical RR already existed in the zone" }, + { LDNS_STATUS_ID_DID_NOT_MATCH, + "Response ID did not match the query ID" }, + { LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + "The query section MUST contain exactly one question" }, + { LDNS_STATUS_QUERY_DID_NOT_MATCH, + "The question in the response did not match the query" }, { 0, NULL } }; diff --git a/contrib/ldns/ldns/error.h b/contrib/ldns/ldns/error.h index a76eb2ecab5d..41d64cc0815f 100644 --- a/contrib/ldns/ldns/error.h +++ b/contrib/ldns/ldns/error.h @@ -144,7 +144,10 @@ enum ldns_enum_status { LDNS_STATUS_INVALID_SVCPARAM_VALUE, LDNS_STATUS_NOT_EDE, LDNS_STATUS_EDE_OPTION_MALFORMED, - LDNS_STATUS_EQUAL_RR + LDNS_STATUS_EQUAL_RR, + LDNS_STATUS_ID_DID_NOT_MATCH, + LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + LDNS_STATUS_QUERY_DID_NOT_MATCH }; typedef enum ldns_enum_status ldns_status; diff --git a/contrib/ldns/net.c b/contrib/ldns/net.c index e944d018b357..4c1f405419fb 100644 --- a/contrib/ldns/net.c +++ b/contrib/ldns/net.c @@ -441,6 +441,50 @@ ldns_udp_bgsend2(ldns_buffer *qbin, return ldns_udp_bgsend_from(qbin, to, tolen, NULL, 0, timeout); } +/** helper sockaddr compare function. returns -1, 0 or 1. */ +static int +ldns_sockaddr_cmp(const struct sockaddr_storage* addr1, socklen_t len1, + const struct sockaddr_storage* addr2, socklen_t len2) +{ + struct sockaddr_in* p1_in = (struct sockaddr_in*)addr1; + struct sockaddr_in* p2_in = (struct sockaddr_in*)addr2; + struct sockaddr_in6* p1_in6 = (struct sockaddr_in6*)addr1; + struct sockaddr_in6* p2_in6 = (struct sockaddr_in6*)addr2; + if(len1 < len2) + return -1; + if(len1 > len2) + return 1; + assert(len1 == len2); + if( p1_in->sin_family < p2_in->sin_family) + return -1; + if( p1_in->sin_family > p2_in->sin_family) + return 1; + assert( p1_in->sin_family == p2_in->sin_family ); + /* compare ip4 */ + if( p1_in->sin_family == AF_INET ) { + /* just order it, ntohs not required */ + if(p1_in->sin_port < p2_in->sin_port) + return -1; + if(p1_in->sin_port > p2_in->sin_port) + return 1; + assert(p1_in->sin_port == p2_in->sin_port); + return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, + sizeof(p1_in->sin_addr)); + } else if (p1_in6->sin6_family == AF_INET6) { + /* just order it, ntohs not required */ + if(p1_in6->sin6_port < p2_in6->sin6_port) + return -1; + if(p1_in6->sin6_port > p2_in6->sin6_port) + return 1; + assert(p1_in6->sin6_port == p2_in6->sin6_port); + return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr, + sizeof(p1_in6->sin6_addr)); + } else { + /* eek unknown type, perform this comparison for sanity. */ + return memcmp(addr1, addr2, len1); + } +} + static ldns_status ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to , socklen_t tolen, @@ -449,6 +493,8 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, { int sockfd; uint8_t *answer; + struct sockaddr_storage reply_addr; + socklen_t reply_addr_len; sockfd = ldns_udp_bgsend_from(qbin, to, tolen, from, fromlen, timeout); @@ -467,13 +513,21 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, * but returns a 'NETWORK_ERROR' much like a timeout. */ ldns_sock_nonblock(sockfd); - answer = ldns_udp_read_wire(sockfd, answer_size, NULL, NULL); + reply_addr_len = sizeof(reply_addr); + memset(&reply_addr, 0, reply_addr_len); + answer = ldns_udp_read_wire(sockfd, answer_size, &reply_addr, + &reply_addr_len); close_socket(sockfd); if (!answer) { /* oops */ return LDNS_STATUS_NETWORK_ERR; } + /* Check that the reply came from the to addr. */ + if(ldns_sockaddr_cmp(to, tolen, &reply_addr, reply_addr_len) != 0) { + free(answer); + return LDNS_STATUS_NETWORK_ERR; + } *result = answer; return LDNS_STATUS_OK; @@ -512,6 +566,10 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf assert(r != NULL); + /* The query should at least have one question */ + if(ldns_buffer_limit(qb) < 6 || ldns_buffer_read_u16_at(qb, 4) != 1) + return LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + status = LDNS_STATUS_OK; rtt = ldns_resolver_rtt(r); ns_array = ldns_resolver_nameservers(r); @@ -599,6 +657,16 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf ldns_resolver_set_nameserver_rtt(r, i, LDNS_RESOLV_RTT_INF); status = send_status; } + if(reply_bytes && ldns_buffer_limit(qb) >= 2) { + uint16_t txid = ldns_buffer_read_u16_at(qb, 0); + if(reply_size < 2 || + ldns_read_uint16(reply_bytes) != txid) { + status = LDNS_STATUS_ID_DID_NOT_MATCH; + LDNS_FREE(reply_bytes); + reply_bytes = NULL; + reply_size = 0; + } + } /* obey the fail directive */ if (!reply_bytes) { @@ -608,7 +676,7 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf LDNS_FREE(src); } LDNS_FREE(ns); - return LDNS_STATUS_ERR; + return status ? status : LDNS_STATUS_ERR; } else { LDNS_FREE(ns); continue; @@ -670,6 +738,26 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf #endif /* HAVE_SSL */ LDNS_FREE(reply_bytes); + if (reply) { + ldns_pkt *query = NULL; + + if(ldns_pkt_qdcount(reply) != 1) { + status = LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + ldns_pkt_free(reply); + reply = NULL; + + } else if(ldns_wire2pkt(&query + , ldns_buffer_begin(qb) + , ldns_buffer_position(qb)) != LDNS_STATUS_OK + || ldns_pkt_qdcount(query) != 1 + || ldns_rr_compare(ldns_rr_list_rr(ldns_pkt_question(query),0) + ,ldns_rr_list_rr(ldns_pkt_question(reply),0))){ + status = LDNS_STATUS_QUERY_DID_NOT_MATCH; + ldns_pkt_free(reply); + reply = NULL; + } + ldns_pkt_free(query); + } if (result) { *result = reply; } From nobody Tue Jun 9 19:17:35 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdw02dj6z6gV1S for ; Tue, 09 Jun 2026 19:17:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdvz3sz7z3LWN for ; Tue, 09 Jun 2026 19:17:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032655; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=LTJpqSx6B7uktGyKFXFy1Ypt0BqOccxRNTlAman7y5c=; b=OQmA8sj08+4LCb2ddiNDFUDlupmM1lRyAJNIRmLtG1ruEz97JZybu4jneTDi4B6Xr9XFJ5 4ptbnwgAcoU2LxdIhLPv1L58PfBLP6IsLipurtGEoc2lW2tEvxKN6BxLJa4hJN/y3cmkaM 8OWqaDy7nQHhsC83qWPT7Jp+0je0TmWVbaPMamRXbVBv9GAeQeOrikNppkpWvr3nhf11wk gml0zO/oJmi41KNjowqDVGN4aq+HDYLQ20ARgvzcAgeN2DMFXOrCkUt7avWzpLLlC2vnax EtTIwTqgeBNglPAmVQHVMgR/00st4I9Ep4UESRcXRAPmJEi4dhW4Mlmxq4AMlQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032655; a=rsa-sha256; cv=none; b=SwsiEdM4hHk+H35Bq456yNGcxlHSuaHi61i1Z0J/NFM+SvTKNVIT4S0M0fhWexa3dI5qVB wvaUvn5dC9W2U6wVgz9yf2NKftGQu1wo+lwcVK60JQNrgnkHCiTUNfoX1QJsZFFQOcpUuy yrH5lPjfGGHnbmAk9SrQuX3rnzQxB7NacNxY4CgrgNfzNs2gMyeU9ziCvK0xrC3Y9bjciM IpcJWVmU/P0PVsOfz1cWOsLqXvumlEyRaUoolQy801R/m9Ft1qykFLxVDbKNqY/6tPFlah I1pnSnxB2Q5G9L/skTAjeLFiADd+Pz3LmsT8hJnrw+VHcL4BsLftUc+XPcdiiA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032655; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=LTJpqSx6B7uktGyKFXFy1Ypt0BqOccxRNTlAman7y5c=; b=Bb1dt3WvW9f60/rFoV1a2EJ1YCQcd8yQ36ft8xPrk/fP6ATOPrqDeZXNjlCMAHWxZ8u0GL OlosX6gOG0GUuE/4/2gt8hja04pJ1LRSTOyFEFmugVBJyCouqNML8ffTDvdm2v9V0UFF4r pNagjPbUldSWeVrv/83lcgfFK4YNckpGO4gDjZB8+H8eFGvjijcbCHDBL+m9oWS7diJLRy tuGjxgDujWi+UcgngP8WCXH//3CJijEwsTCYekbNn1mmKSJP43fRdbfiKfYQnYOMZEIcA8 Nqk0JWpTW/9Efb0d0wSSYFINvr/wNIYVqdhVNcAGZXG8ZNTroJL0k+xhtzF8cg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdvz38YgznCN for ; Tue, 09 Jun 2026 19:17:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e5a5 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:35 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: e1cdc49846c1 - stable/15 - imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: e1cdc49846c1ddd3fba7c586ad98d168962e2a82 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:35 +0000 Message-Id: <6a2866cf.3e5a5.1458f5b2@gitrepo.freebsd.org> The branch stable/15 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=e1cdc49846c1ddd3fba7c586ad98d168962e2a82 commit e1cdc49846c1ddd3fba7c586ad98d168962e2a82 Author: Mark Johnston AuthorDate: 2026-06-02 20:29:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:25 +0000 imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images Otherwise an unprivileged user can disable randomization of the base address for PIEs even if they are setugid. Add a regression test. Approved by: so Security: FreeBSD-SA-26:32.elf Security: CVE-2026-49414 Reported by: David Berard Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57397 --- sys/kern/imgact_elf.c | 55 ++++++++--------- tests/sys/kern/Makefile | 2 + tests/sys/kern/aslr.c | 157 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 187 insertions(+), 27 deletions(-) diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c index 31102522ef35..15a3472731d6 100644 --- a/sys/kern/imgact_elf.c +++ b/sys/kern/imgact_elf.c @@ -1272,11 +1272,39 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) error = ENOEXEC; goto ret; } + + /* + * Avoid a possible deadlock if the current address space is destroyed + * and that address space maps the locked vnode. In the common case, + * the locked vnode's v_usecount is decremented but remains greater + * than zero. Consequently, the vnode lock is not needed by vrele(). + * However, in cases where the vnode lock is external, such as nullfs, + * v_usecount may become zero. + * + * The VV_TEXT flag prevents modifications to the executable while + * the vnode is unlocked. + */ + VOP_UNLOCK(imgp->vp); + + /* + * Decide whether to enable randomization of user mappings. First, + * reset user preferences for the setid binaries. Then, account for the + * support of randomization by the ABI, by user preferences, and make + * special treatment for PIE binaries. + */ + if (imgp->credential_setid) { + PROC_LOCK(imgp->proc); + imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | + P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); + PROC_UNLOCK(imgp->proc); + } + sv = brand_info->sysvec; if (hdr->e_type == ET_DYN) { if ((brand_info->flags & BI_CAN_EXEC_DYN) == 0) { uprintf("Cannot execute shared object\n"); error = ENOEXEC; + (void)vn_lock(imgp->vp, LK_SHARED | LK_RETRY); goto ret; } /* @@ -1295,33 +1323,6 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) imgp->et_dyn_addr = __elfN(pie_base); } } - - /* - * Avoid a possible deadlock if the current address space is destroyed - * and that address space maps the locked vnode. In the common case, - * the locked vnode's v_usecount is decremented but remains greater - * than zero. Consequently, the vnode lock is not needed by vrele(). - * However, in cases where the vnode lock is external, such as nullfs, - * v_usecount may become zero. - * - * The VV_TEXT flag prevents modifications to the executable while - * the vnode is unlocked. - */ - VOP_UNLOCK(imgp->vp); - - /* - * Decide whether to enable randomization of user mappings. - * First, reset user preferences for the setid binaries. - * Then, account for the support of the randomization by the - * ABI, by user preferences, and make special treatment for - * PIE binaries. - */ - if (imgp->credential_setid) { - PROC_LOCK(imgp->proc); - imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | - P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); - PROC_UNLOCK(imgp->proc); - } if ((sv->sv_flags & SV_ASLR) == 0 || (imgp->proc->p_flag2 & P2_ASLR_DISABLE) != 0 || (fctl0 & NT_FREEBSD_FCTL_ASLR_DISABLE) != 0) { diff --git a/tests/sys/kern/Makefile b/tests/sys/kern/Makefile index ca6f863fbb7d..b85e7ec53196 100644 --- a/tests/sys/kern/Makefile +++ b/tests/sys/kern/Makefile @@ -7,6 +7,7 @@ TESTSRC= ${SRCTOP}/contrib/netbsd-tests/kernel TESTSDIR= ${TESTSBASE}/sys/kern +ATF_TESTS_C+= aslr ATF_TESTS_C+= basic_signal ATF_TESTS_C+= copy_file_range .if ${MACHINE_ARCH} != "i386" && ${MACHINE_ARCH} != "powerpc" && \ @@ -91,6 +92,7 @@ PROGS+= coredump_phnum_helper PROGS+= pdeathsig_helper PROGS+= sendfile_helper +LIBADD.aslr+= util LIBADD.copy_file_range+= md LIBADD.jail_lookup_root+= jail util LIBADD.jaildesc+= pthread diff --git a/tests/sys/kern/aslr.c b/tests/sys/kern/aslr.c new file mode 100644 index 000000000000..13038054603c --- /dev/null +++ b/tests/sys/kern/aslr.c @@ -0,0 +1,157 @@ +/* + * Copyright (c) 2026 The FreeBSD Foundation + * + * This software was developed by Mark Johnston under sponsorship from the + * FreeBSD Foundation. + */ + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include + +/* + * Spawn an unprivileged child with ASLR force-disabled, which then execs + * /sbin/ping (setuid root). + */ +static pid_t +spawn_ping(const atf_tc_t *tc) +{ + const char *user; + struct passwd *passwd; + pid_t child; + int arg, error; + + user = atf_tc_get_config_var(tc, "unprivileged_user"); + passwd = getpwnam(user); + ATF_REQUIRE(passwd != NULL); + + child = fork(); + ATF_REQUIRE(child >= 0); + if (child == 0) { + if (seteuid(passwd->pw_uid) != 0) + _exit(1); + + arg = PROC_ASLR_FORCE_DISABLE; + error = procctl(P_PID, getpid(), PROC_ASLR_CTL, &arg); + if (error != 0) + _exit(2); + + execl("/sbin/ping", "ping", "127.0.0.1", NULL); + _exit(127); + } + usleep(500000); /* XXX-MJ */ + + return (child); +} + +/* + * Return the base address of the first mapping backed by the specified + * executable in the given process, or 0 if not found. + */ +static uint64_t +text_base(pid_t pid, const char *path) +{ + struct kinfo_vmentry *vmmap; + uint64_t base; + int cnt; + + base = 0; + vmmap = kinfo_getvmmap(pid, &cnt); + if (vmmap == NULL) + return (0); + for (int i = 0; i < cnt; i++) { + if (vmmap[i].kve_type == KVME_TYPE_VNODE && + strcmp(vmmap[i].kve_path, path) == 0) { + base = vmmap[i].kve_start; + break; + } + } + free(vmmap); + return (base); +} + +/* + * Make sure that ASLR can't be disabled for a setuid executable by an + * unprivileged user. + */ +ATF_TC(aslr_setuid); +ATF_TC_HEAD(aslr_setuid, tc) +{ + atf_tc_set_md_var(tc, "require.user", "root"); + atf_tc_set_md_var(tc, "require.config", "unprivileged_user"); +} +ATF_TC_BODY(aslr_setuid, tc) +{ + struct stat sb; + uint64_t bases[5]; + pid_t child, pid; + int arg, error, st; + + if (!atf_tc_has_config_var(tc, "unprivileged_user")) + atf_tc_skip("unprivileged_user not set"); + + error = stat("/sbin/ping", &sb); + ATF_REQUIRE(error == 0); + ATF_REQUIRE_MSG(sb.st_uid == 0 && (sb.st_mode & S_ISUID) != 0, + "/sbin/ping is not setuid root"); + + child = spawn_ping(tc); + bases[0] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[0] != 0, + "failed to find /sbin/ping text segment"); + + arg = 0; + error = procctl(P_PID, child, PROC_ASLR_STATUS, &arg); + ATF_REQUIRE_MSG(error == 0, "procctl ASLR_STATUS failed: %s", + strerror(errno)); + ATF_REQUIRE_MSG((arg & PROC_ASLR_ACTIVE) != 0, + "ASLR is not active for setuid child"); + ATF_REQUIRE_MSG((arg & ~PROC_ASLR_ACTIVE) == PROC_ASLR_NOFORCE, + "expected NOFORCE for setuid child, got %d", + arg & ~PROC_ASLR_ACTIVE); + + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + + for (size_t i = 1; i < nitems(bases); i++) { + child = spawn_ping(tc); + bases[i] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[i] != 0, + "failed to find /sbin/ping text segment"); + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + } + + /* Verify that the text base is different across all runs. */ + for (size_t i = 0; i < nitems(bases); i++) { + for (size_t j = i + 1; j < nitems(bases); j++) { + ATF_REQUIRE_MSG(bases[i] != bases[j], + "ping text base collision 0x%jx", + (uintmax_t)bases[i]); + } + } +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, aslr_setuid); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:17:45 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdw947Wyz6gTps for ; Tue, 09 Jun 2026 19:17:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdw92mHpz3LjF for ; Tue, 09 Jun 2026 19:17:45 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032665; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=mE+RgwWB2s8veGrz+2gAV+scjjq9PJOyER3LG2SJiPI=; b=bxvfzsEl00St9yTDNNq0fba79FUiqMqaKvbYlQ+1sXsSaqc+qmMxex1JrUAtTo1JHXhN1w WLMCL3fOTFrpNtfsf/dCpr8gmjolCnMJWaHCQ8It6FegyFOFF3rVDniLKuJOVSBy2HAMby vYgtjBA/Y/lo4lLg1ipUhoYXFCZzqzraQIbhWKW2HH0WD+l6dzjh5E4hc7TXKuSeO6TFIj tR9DovzzruMbZsf/Pq06EWf1+dXH495FfeJ+RxeccsqqFymhXZ7nviJYeOEIrY7DJpioty zhWA54HGGbZOImmDN0Y0oXNIP9LZuOiW8sL0ZGLJVAjd37BntfkoL1wZ/qd3wQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032665; a=rsa-sha256; cv=none; b=wARYr3iAdFZLLeIDqDz7GANJe9LqnGBBA/omHWC4TXW6JwQQLlu76cBVXVqNkQsydv8hx1 qujdfwLoO59TqX2ZVfad4LXjpxUHe4K1LDVqxM3DyofGX10+1FjvuzhyVauyJdvxZtpElb BYWFIMSc8hHgzuDylF23Du1bSo1MRgi3NYBDxSDHlXR2J85FBaKsgcOqgfb76SPVp78HX7 KyyWZioRSJ3aFCxdfDkIWGyqLz7u+g0lsqcj7+haIpUXNgLugLHK7et9/aqVdTVtw34xcH rLnV62TnDycjPX1dkGGESeIc16u32UwAXrIGKxc8G54sr+CTUepZTqrqBlc6tQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032665; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=mE+RgwWB2s8veGrz+2gAV+scjjq9PJOyER3LG2SJiPI=; b=DKSG7Kb4RQo9BaCP8yMIIWuQZaWAD6PGWI1WO3FC8jtVRsN4YQIg/JM9X2Wnh0oCSsaRBH AerLRD1ALE8xrinvO1nmqIlk01DNvu79MZFusf+9Gowur09EynVjzSKiAeDceetf9GatWS +Jy7PHyjknTRb2V8cNRyy9wVkgdLCL5bvAc4QejLmgdqcX5/Bd5oul5E8mdrMwTngccyfM FfHFq9de/IzjcqBDK52sKlIYZuRTfl0mb/iiloflOLMuJRyzZAWyy6SfSJZO4GU2CWX/nS Bt86Ioxz9xyCUgEV3/nosaKy8SBzo6qaRpze97BXIJB8sxeor40NJ328OOwnow== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdw92Bjyznvp for ; Tue, 09 Jun 2026 19:17:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e832 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:45 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 72ad7baa99c7 - stable/14 - thr_kill2: Respect p_cansignal() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 72ad7baa99c774916b04a086f4a404c62b52e852 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:45 +0000 Message-Id: <6a2866d9.3e832.1087b012@gitrepo.freebsd.org> The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=72ad7baa99c774916b04a086f4a404c62b52e852 commit 72ad7baa99c774916b04a086f4a404c62b52e852 Author: Mark Johnston AuthorDate: 2026-05-25 15:12:57 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:21 +0000 thr_kill2: Respect p_cansignal() Approved by: so Security: FreeBSD-SA-26:25.thr Security: CVE-2026-45256 Reported by: Igor Gabriel Sousa e Souza Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li, and Ke Xu from Tsinghua University using GLM-5.1 from Z.ai Reviewed by: emaste, kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57237 --- sys/kern/kern_thr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/kern_thr.c b/sys/kern/kern_thr.c index 1b5f0b1a33ad..11ceea58e849 100644 --- a/sys/kern/kern_thr.c +++ b/sys/kern/kern_thr.c @@ -499,7 +499,7 @@ sys_thr_kill2(struct thread *td, struct thr_kill2_args *uap) p = ttd->td_proc; AUDIT_ARG_PROCESS(p); error = p_cansignal(td, p, uap->sig); - if (uap->sig == 0) + if (error != 0 || uap->sig == 0) ; else if (!_SIG_VALID(uap->sig)) error = EINVAL; From nobody Tue Jun 9 19:17:46 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwC07Spz6gTy5 for ; Tue, 09 Jun 2026 19:17:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdwB3mK9z3LmK for ; Tue, 09 Jun 2026 19:17:46 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032666; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RtXaf338Tz15LuacecngWMf7/rd8s4ct1Dr8P7FRH34=; b=aZpD5O+mc8b0LspxjFd7pWKZklOdqZMt+waIRZfJp4hquzMndsbwKmjNbxbTOmOeU6OASx yrXiwv9SEJxFUKbkmVWmeLDtF+Y6+C7zihqZ8lhKnq8f4XKqnfy14zLVS4LoxYT56l/Z99 6Vs3jARFVQSmke5jFT0Ngawp0PFyLJ/7X+WiCIGo/2C1WyxVH/wk8Pnz8dxJpaFXCFovDp 8o9GL5exDDMoZFrouPiAMAYeCH8BImgkWdBcCeI3zMYTRk7sBtHZmyE+fx/FQn58tjfzjA /V3Qmn4OLnupbfpiz6luda3lh54UYHVaUcIBypLsYxEqjODnHO8vp3yoP+5VOg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032666; a=rsa-sha256; cv=none; b=QGwrkBcDJ+52NpMQbowLLuitLINwl1fic8adJNW0cWY3+Eq+yQ0OEE9YonhwnaIbpcMxw6 EyZI+4xAwjc7GpZdtGpd2HHfWmEHZ2/o2IGeXnT1sy5+wi6XhZTe0KFH4slUl3cKcVswec 32TZckM99EOZcMgcSwEvN8K/Ex4dNB/buwjSmMydVkzBNjj3Pfc+5Cq/yFP+mHQDi3HuL7 eULQuDiEaZ9nWXXkmkn0DErJmRbgqHLt+Cb2Z1AhqqNrULlMvZ9oOkDztE1FxAgn0av5Qh pKS8794BhHLLHyMRtAHBF6xPqXiK2WOB2egPPXXG6UFbVLt06rS6v1OX2qVUYg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032666; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RtXaf338Tz15LuacecngWMf7/rd8s4ct1Dr8P7FRH34=; b=N1Ar+kN2VszldmvpRJzOvWvTRYLOgrDNuK/htGuIV4yrT6uK9RG8ws7kGbHIYRe3O5R/89 J5ju6q188COezWGejILLPhoV9l0s9zgrCEPoZzmETXXmIOxuX5sRLAHlatyUnLrDkjniBF rgyYc01pyW0TQYb15Ipn/Sjc5joga2QsBOK9pMS0ATzBuOdFpoXBXfRuHDbv6/0cd+UY9A Cc7qGTUXDPxWp7QDySVstUhyFjpC0JY+1zfYPl+j72EvtmlEqZnG3UAosALVpf17zRfyjl ZvH28EfX0v8SKGfDYNfIBKDzE6zc/6hTrh3T0cGpKCm/gq/RBC66ANSaTK0yQw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwB32MjznFh for ; Tue, 09 Jun 2026 19:17:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3f41f by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:46 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: John Baldwin From: Mark Johnston Subject: git: 333bdd7e9427 - stable/14 - ktls: Don't attempt to modify non-anonymous mbufs on the receive path List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 333bdd7e942783680aa1cff5bfa347d173e84adc Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:46 +0000 Message-Id: <6a2866da.3f41f.6cde323@gitrepo.freebsd.org> The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=333bdd7e942783680aa1cff5bfa347d173e84adc commit 333bdd7e942783680aa1cff5bfa347d173e84adc Author: John Baldwin AuthorDate: 2026-06-03 23:22:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:21 +0000 ktls: Don't attempt to modify non-anonymous mbufs on the receive path Normally, data processed on the KTLS receive path is contained in anonymous mbufs that can be modified in place. Either the data originates in receive buffers from a NIC driver, or for loopback connections the data is anonymous-backed mbufs created when writing to a socket. One potential source of non-anonymous mbufs are mbufs created by sendfile(2) which borrow the pages of the underlying file, either via M_EXTPG or EXT_SFBUF that are sent over a loopback connection. For a well-formed loopback TLS session, the sender should only use sendfile(2) if KTLS is enabled. If TLS is fully handled in userspace, the sender must use write(2) or send(2) which allocate anonymous mbufs. If KTLS transmit is enabled, then sendfile(2) on a loopback connection will always use crypto via OCF and will allocate anonymous pages to hold the encrypted data. However, if sendfile(2) is used to send file-backed data directly over a loopback connection where KTLS is not enabled on the sender side, the KTLS receive path can modify the file-backed pages in place overwriting the file's data. One potential fix would be to replace non-anonymous mbufs in a received TLS record with anonymous mbufs (e.g. via m_dup()) before passing the record to OCF. However, there is no legitimate use case for using sendfile(2) over a loopback TLS connection without using KTLS on the sender side, so instead simply fail decryption requests and close the connection if non-anonymous mbufs are encountered in the RX decryption path. Add a test for this that verifies that the original data backing the file descriptor used as the source for sendfile() is unchanged after being processed. Approved by: so Security: FreeBSD-SA-26:26.ktls Security: CVE-2026-45257 Co-authored-by: Drew Gallatin Sponsored by: Chelsio Communications Sponsored by: Netflix --- sys/kern/uipc_ktls.c | 17 +++++++-- sys/sys/ktls.h | 1 + tests/sys/kern/ktls_test.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 108 insertions(+), 3 deletions(-) diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c index 64150086658a..dc370d033a7a 100644 --- a/sys/kern/uipc_ktls.c +++ b/sys/kern/uipc_ktls.c @@ -2337,8 +2337,10 @@ tls13_find_record_type(struct ktls_session *tls, struct mbuf *m, int tls_len, * Check if a mbuf chain is fully decrypted at the given offset and * length. Returns KTLS_MBUF_CRYPTO_ST_DECRYPTED if all data is * decrypted. KTLS_MBUF_CRYPTO_ST_MIXED if there is a mix of encrypted - * and decrypted data. Else KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data - * is encrypted. + * and decrypted data. KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data is + * encrypted. KTLS_MBUF_CRYPTO_ST_SHAREDMBUF if any mbuf points at + * shared data that must not be modified in place (non-anonymous + * M_EXTPG or sendfile M_EXT buffers). */ ktls_mbuf_crypto_st_t ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) @@ -2354,6 +2356,13 @@ ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) offset += len; for (; mb != NULL; mb = mb->m_next) { + if ((mb->m_flags & M_EXTPG) != 0 && + (mb->m_epg_flags & EPG_FLAG_ANON) == 0) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + if ((mb->m_flags & M_EXT) != 0 && + mb->m_ext.ext_type == EXT_SFBUF) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + m_flags_ored |= mb->m_flags; m_flags_anded &= mb->m_flags; @@ -2554,9 +2563,11 @@ ktls_decrypt(struct socket *so) record_type = hdr->tls_type; } break; - default: + case KTLS_MBUF_CRYPTO_ST_SHAREDMBUF: error = EINVAL; break; + default: + __assert_unreachable(); } if (error) { counter_u64_add(ktls_offload_failed_crypto, 1); diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h index 693864394ffe..0fdf4c4ceac7 100644 --- a/sys/sys/ktls.h +++ b/sys/sys/ktls.h @@ -210,6 +210,7 @@ typedef enum { KTLS_MBUF_CRYPTO_ST_MIXED = 0, KTLS_MBUF_CRYPTO_ST_ENCRYPTED = 1, KTLS_MBUF_CRYPTO_ST_DECRYPTED = -1, + KTLS_MBUF_CRYPTO_ST_SHAREDMBUF = -2, } ktls_mbuf_crypto_st_t; void ktls_check_rx(struct sockbuf *sb); diff --git a/tests/sys/kern/ktls_test.c b/tests/sys/kern/ktls_test.c index 72497196b945..3970083e7f72 100644 --- a/tests/sys/kern/ktls_test.c +++ b/tests/sys/kern/ktls_test.c @@ -30,6 +30,7 @@ #include #include #include +#include #include #include #include @@ -2817,6 +2818,97 @@ ATF_TC_BODY(ktls_listening_socket, tc) ATF_REQUIRE(close(s) == 0); } +/* + * Verify that the KTLS receive path does not overwrite data belonging + * to a file whose payload is transmitted over a loopback connection + * via plain sendfile. + */ +ATF_TC_WITHOUT_HEAD(ktls_receive_loopback_sendfile); +ATF_TC_BODY(ktls_receive_loopback_sendfile, tc) +{ + struct tls_enable en; + struct msghdr msg; + struct sf_hdtr hdtr; + struct iovec iov[2]; + uint64_t seqno; + off_t sbytes; + char cbuf[CMSG_SPACE(sizeof(struct tls_get_record))]; + char *plaintext, *ciphertext, *outbuf; + void *p; + const size_t payload_len = PAGE_SIZE; + ssize_t rv; + size_t len; + int mode, shm, sockets[2]; + socklen_t slen; + + ATF_REQUIRE_KTLS(); + seqno = random(); + build_tls_enable(tc, CRYPTO_AES_NIST_GCM_16, 128 / 8, 0, + TLS_MINOR_VER_TWO, seqno, &en); + + len = tls_header_len(&en) + payload_len + tls_trailer_len(&en); + plaintext = alloc_buffer(payload_len); + ciphertext = malloc(len); + ATF_REQUIRE_INTEQ(len, encrypt_tls_record(tc, &en, TLS_RLTYPE_APP, + seqno, plaintext, payload_len, ciphertext, len, 0)); + + ATF_REQUIRE((shm = shm_open(SHM_ANON, O_RDWR, 0600)) > 0); + ATF_REQUIRE_INTEQ(0, ftruncate(shm, payload_len)); + ATF_REQUIRE((p = mmap(NULL, payload_len, PROT_READ | PROT_WRITE, + MAP_SHARED, shm, 0)) != MAP_FAILED); + memcpy(p, ciphertext + tls_header_len(&en), payload_len); + + ATF_REQUIRE_MSG(socketpair_tcp(sockets), "failed to create sockets"); + ATF_REQUIRE(setsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_ENABLE, &en, + sizeof(en)) == 0); + slen = sizeof(mode); + ATF_REQUIRE_INTEQ(0, getsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_MODE, + &mode, &slen)); + ATF_REQUIRE_INTEQ(TCP_TLS_MODE_SW, mode); + + fd_set_blocking(sockets[0]); + fd_set_blocking(sockets[1]); + + iov[0].iov_base = ciphertext; + iov[0].iov_len = tls_header_len(&en); + iov[1].iov_base = ciphertext + tls_header_len(&en) + payload_len; + iov[1].iov_len = tls_trailer_len(&en); + hdtr.headers = iov; + hdtr.hdr_cnt = 1; + hdtr.trailers = iov + 1; + hdtr.trl_cnt = 1; + debug_hexdump(tc, p, payload_len, "shm buffer before"); + ATF_REQUIRE_INTEQ(0, sendfile(shm, sockets[1], 0, payload_len, &hdtr, + &sbytes, 0)); + ATF_REQUIRE_INTEQ(sbytes, len); + + outbuf = calloc(payload_len, 1); + + memset(&msg, 0, sizeof(msg)); + + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); + + iov[0].iov_base = outbuf; + iov[0].iov_len = payload_len; + msg.msg_iov = iov; + msg.msg_iovlen = 1; + + rv = recvmsg(sockets[0], &msg, 0); + if (rv >= 0) { + ATF_REQUIRE_INTEQ(payload_len, rv); + ATF_REQUIRE_INTEQ(0, memcmp(outbuf, plaintext, payload_len)); + } else + ATF_REQUIRE_ERRNO(EBADMSG, true); + + debug_hexdump(tc, p, payload_len, "shm buffer after"); + ATF_REQUIRE_INTEQ(0, memcmp(p, ciphertext + tls_header_len(&en), + payload_len)); + + close_sockets_ignore_errors(sockets); + (void)close(shm); +} + ATF_TP_ADD_TCS(tp) { /* Transmit tests */ @@ -2843,6 +2935,7 @@ ATF_TP_ADD_TCS(tp) /* Miscellaneous */ ATF_TP_ADD_TC(tp, ktls_sendto_baddst); ATF_TP_ADD_TC(tp, ktls_listening_socket); + ATF_TP_ADD_TC(tp, ktls_receive_loopback_sendfile); return (atf_no_error()); } From nobody Tue Jun 9 19:17:48 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwF5pB4z6gTq1 for ; Tue, 09 Jun 2026 19:17:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdwD566Tz3LvY for ; Tue, 09 Jun 2026 19:17:48 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032668; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=aoX8i6YtZQIB1QNrANSpc2JFo3iSDXSOxjBJyCAe+YE=; b=pc5fVB3XqPLdtw2a1NwysghdpQj0+RVcxWE9ob+u1SIaqz3c3U0sKxj2jPWuMS2qUgSlic c78q5c/JpaIcHsVhMkwGytzLQKraWn/IIAA1PRivC/LojWHDwXfId0pfUWO3pItOz5sVoA 7VZBmQnmcxhej8GWV/aYklpSut9mK26cb4hvgLGIZPTsMLdc0zOftMOTibdPxT2QRwHXow keqQBcEbZoeylOyYtpjEAUTGjNeQITZpNh1dHB8+BK613SeE/1KrwFDGi3X0jMtIYUmRx5 UTM9ITbUmolHbnqx3GSuI5emyG8cXr3vwekc2dzTJhpTAXf6d8JUy5ukrbSMOg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032668; a=rsa-sha256; cv=none; b=tN4oKYhqvJqB8xynBiGDkTvlgKAMaIve3lL19UsFDkA2TcM9aClvlkzPylc4bnEoBIeO/l b4LIfQR/hUlxP3r913BCTVOg5thYHVpp2otxI/NZB4ERpIpqciu1inarQSeOSzNyGEFbpS 6s7fnSYaeyUe5xvQMfyt2KtwGqSWi63TeW64ld2bPJ7UrUWG1V5WlpyZ7tLHcIaxY9ZnOc O3SDFqddmmoQlTTUUsD1PSDmdTa6H/X/ZoBPT1bwSEth/wDyOSaRMUQzjJm0eOsIaYri1l jFSV9Cv6GK1DyWw11mJzyWk/dRLJR1b5YpzA0//VPn574hmJ8wm2ln4G5zQihw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032668; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=aoX8i6YtZQIB1QNrANSpc2JFo3iSDXSOxjBJyCAe+YE=; b=bOKca1JybconPMMQ7lzGTWwu2xB/NMonDwrOd2WB0S/EeXPk1Bxz2G97akPHLVWTPtcT3B i2jEag4FietAEopavddMhn56lemhSaSb2YL09QJjZV/jR+e5CpDlwtnS/VE+dUBkTo7Nwd yUGCG4+72dktJMPdCUA13+tD6ZLAlwOir/c8A1GLIiygF9jXBM2xm9rVmcbKiKMCK2ZzQ7 N4r0ni6WnWABe+occqQjLv2uqW2QfESC9y6rJGRikvTzWYMtnjycqxvOV6yEFQ1OebAqfj Jgmkg9BDqFPkAksDtv22CEpXEVZPRhMURDwivldmsopf1PYYRVFldTk9BrI8Cg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwD4ZbKznFk for ; Tue, 09 Jun 2026 19:17:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e526 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:48 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: f8f9050d61dd - stable/14 - sound: Fix software buffer lifetime issues List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: f8f9050d61dd0687be17165d044e91d9c02eb101 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:48 +0000 Message-Id: <6a2866dc.3e526.2c8d7dac@gitrepo.freebsd.org> The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=f8f9050d61dd0687be17165d044e91d9c02eb101 commit f8f9050d61dd0687be17165d044e91d9c02eb101 Author: Mark Johnston AuthorDate: 2026-06-01 21:57:40 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:21 +0000 sound: Fix software buffer lifetime issues The channel buffer mapped by dsp_mmap_single() may be freed when the device handle is closed, but the mapping persists beyond that, allowing userspace to read or write memory owned by a different consumer. Fix the problem by adding a reference counter to the sound buffer. Define pager ops for the VM object returned by dsp_mmap_single() and use them to manage the extra reference. Add a regression test. Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-49417 Reported by: Lexpl0it, 75Acol, Liyw979, Rob1n Reviewed by kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57393 --- sys/dev/sound/pcm/buffer.c | 38 ++++++++++++++++++++-- sys/dev/sound/pcm/buffer.h | 4 +++ sys/dev/sound/pcm/dsp.c | 80 ++++++++++++++++++++++++++++++++++++++-------- tests/sys/sound/mmap.c | 60 ++++++++++++++++++++++++++++++++++ 4 files changed, 166 insertions(+), 16 deletions(-) diff --git a/sys/dev/sound/pcm/buffer.c b/sys/dev/sound/pcm/buffer.c index de535ec2dcba..ddcf14fbc1c2 100644 --- a/sys/dev/sound/pcm/buffer.c +++ b/sys/dev/sound/pcm/buffer.c @@ -32,6 +32,7 @@ #include "opt_snd.h" #endif +#include #include #include "feeder_if.h" @@ -46,6 +47,7 @@ sndbuf_create(device_t dev, char *drv, char *desc, struct pcm_channel *channel) struct snd_dbuf *b; b = malloc(sizeof(*b), M_DEVBUF, M_WAITOK | M_ZERO); + refcount_init(&b->refcount, 1); snprintf(b->name, SNDBUF_NAMELEN, "%s:%s", drv, desc); b->dev = dev; b->channel = channel; @@ -56,8 +58,30 @@ sndbuf_create(device_t dev, char *drv, char *desc, struct pcm_channel *channel) void sndbuf_destroy(struct snd_dbuf *b) { - sndbuf_free(b); - free(b, M_DEVBUF); + b->flags |= SNDBUF_F_DETACHED; + sndbuf_rele(b); +} + +void +sndbuf_ref(struct snd_dbuf *b) +{ + unsigned int count __diagused; + + CHN_LOCK(b->channel); + count = refcount_acquire(&b->refcount); + KASSERT(count > 0, ("sndbuf %p refcount 0", b)); + CHN_UNLOCK(b->channel); +} + +void +sndbuf_rele(struct snd_dbuf *b) +{ + if (refcount_release(&b->refcount)) { + sndbuf_free(b); + KASSERT(refcount_load(&b->refcount) == 0, + ("sndbuf %p still referenced", b)); + free(b, M_DEVBUF); + } } bus_addr_t @@ -183,6 +207,11 @@ sndbuf_resize(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) { + CHN_UNLOCK(b->channel); + return (EBUSY); + } allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); tmpbuf = malloc(allocsize, M_DEVBUF, M_WAITOK); @@ -218,10 +247,15 @@ sndbuf_remalloc(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (blkcnt < 2 || blksz < 16) return EINVAL; + CHN_LOCKASSERT(b->channel); + bufsize = blksz * blkcnt; if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) + return (EBUSY); allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); buf = malloc(allocsize, M_DEVBUF, M_WAITOK); diff --git a/sys/dev/sound/pcm/buffer.h b/sys/dev/sound/pcm/buffer.h index ddf4083ec19f..99bc6c0611d2 100644 --- a/sys/dev/sound/pcm/buffer.h +++ b/sys/dev/sound/pcm/buffer.h @@ -27,6 +27,7 @@ */ #define SNDBUF_F_MANAGED 0x00000008 +#define SNDBUF_F_DETACHED 0x00000010 #define SNDBUF_NAMELEN 48 @@ -50,6 +51,7 @@ struct snd_dbuf { bus_dma_tag_t dmatag; bus_addr_t buf_addr; int dmaflags; + unsigned int refcount; struct selinfo sel; struct pcm_channel *channel; char name[SNDBUF_NAMELEN]; @@ -57,6 +59,8 @@ struct snd_dbuf { struct snd_dbuf *sndbuf_create(device_t dev, char *drv, char *desc, struct pcm_channel *channel); void sndbuf_destroy(struct snd_dbuf *b); +void sndbuf_ref(struct snd_dbuf *b); +void sndbuf_rele(struct snd_dbuf *b); void sndbuf_dump(struct snd_dbuf *b, char *s, u_int32_t what); diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index 75293ae9bd8a..4d69f176225c 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -79,7 +79,6 @@ static d_read_t dsp_read; static d_write_t dsp_write; static d_ioctl_t dsp_ioctl; static d_poll_t dsp_poll; -static d_mmap_t dsp_mmap; static d_mmap_single_t dsp_mmap_single; struct cdevsw dsp_cdevsw = { @@ -89,7 +88,6 @@ struct cdevsw dsp_cdevsw = { .d_write = dsp_write, .d_ioctl = dsp_ioctl, .d_poll = dsp_poll, - .d_mmap = dsp_mmap, .d_mmap_single = dsp_mmap_single, .d_name = "dsp", }; @@ -1932,23 +1930,72 @@ dsp_poll(struct cdev *i_dev, int events, struct thread *td) return (ret); } +struct dsp_mmap_handle { + struct cdev *cdev; + struct snd_dbuf *buf; +}; + static int -dsp_mmap(struct cdev *i_dev, vm_ooffset_t offset, vm_paddr_t *paddr, - int nprot, vm_memattr_t *memattr) +dsp_dev_pager_ctor(void *handle, vm_ooffset_t size, vm_prot_t prot, + vm_ooffset_t foff, struct ucred *cred, u_short *color) { + struct dsp_mmap_handle *h = handle; - /* - * offset is in range due to checks in dsp_mmap_single(). - * XXX memattr is not honored. - */ - *paddr = vtophys(offset); + dev_ref(h->cdev); + sndbuf_ref(h->buf); return (0); } +static void +dsp_dev_pager_dtor(void *handle) +{ + struct dsp_mmap_handle *h = handle; + + sndbuf_rele(h->buf); + dev_rel(h->cdev); + free(h, M_DEVBUF); +} + static int -dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, +dsp_dev_pager_fault(vm_object_t object, vm_ooffset_t offset, int prot, + vm_page_t *mres) +{ + struct dsp_mmap_handle *h = object->handle; + vm_page_t m; + uintptr_t addr; + vm_paddr_t paddr; + + addr = (uintptr_t)offset; + if (addr < (uintptr_t)h->buf->buf || + addr >= (uintptr_t)h->buf->buf + h->buf->allocsize) + return (VM_PAGER_ERROR); + paddr = vtophys((void *)addr); + + if (((*mres)->flags & PG_FICTITIOUS) != 0) { + m = *mres; + vm_page_updatefake(m, paddr, object->memattr); + } else { + VM_OBJECT_WUNLOCK(object); + m = vm_page_getfake(paddr, object->memattr); + VM_OBJECT_WLOCK(object); + vm_page_replace(m, object, (*mres)->pindex, *mres); + *mres = m; + } + m->valid = VM_PAGE_BITS_ALL; + return (VM_PAGER_OK); +} + +static const struct cdev_pager_ops dsp_dev_pager_ops = { + .cdev_pg_ctor = dsp_dev_pager_ctor, + .cdev_pg_dtor = dsp_dev_pager_dtor, + .cdev_pg_fault = dsp_dev_pager_fault, +}; + +static int +dsp_mmap_single(struct cdev *cdev, vm_ooffset_t *offset, vm_size_t size, struct vm_object **object, int nprot) { + struct dsp_mmap_handle *handle; struct dsp_cdevpriv *priv; struct snddev_info *d; struct pcm_channel *wrch, *rdch, *c; @@ -2011,13 +2058,18 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, *offset = (uintptr_t)sndbuf_getbufofs(c->bufsoft, *offset); dsp_unlock_chans(priv, FREAD | FWRITE); - *object = vm_pager_allocate(OBJT_DEVICE, i_dev, - size, nprot, *offset, curthread->td_ucred); + handle = malloc(sizeof(*handle), M_DEVBUF, M_WAITOK); + handle->cdev = cdev; + handle->buf = c->bufsoft; + *object = cdev_pager_allocate(handle, OBJT_DEVICE, &dsp_dev_pager_ops, + size, nprot, *offset, curthread->td_ucred); PCM_GIANT_LEAVE(d); + if (*object == NULL) { + free(handle, M_DEVBUF); + return (EINVAL); + } - if (*object == NULL) - return (EINVAL); return (0); } diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c index ab203a39194c..f775c0f8da8a 100644 --- a/tests/sys/sound/mmap.c +++ b/tests/sys/sound/mmap.c @@ -4,12 +4,14 @@ * Copyright (c) 2026 The FreeBSD Foundation */ +#include #include #include #include #include #include +#include #include #define FMT_ERR(s) s ": %s", strerror(errno) @@ -43,9 +45,67 @@ ATF_TC_BODY(mmap_offset_overflow, tc) close(fd); } +/* + * Verify that a MAP_SHARED mapping of a DSP device's software buffer remains + * valid after the file descriptor is closed. + */ +ATF_TC(mmap_buffer_lifetime); +ATF_TC_HEAD(mmap_buffer_lifetime, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap data survives close()"); + atf_tc_set_md_var(tc, "require.kmods", "snd_dummy"); +} +ATF_TC_BODY(mmap_buffer_lifetime, tc) +{ + audio_buf_info abi; + uint8_t *buf; + size_t len; + int fd, arg; + + fd = open("/dev/dsp0", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + arg = (2 << 16) | 14; /* 2*16KB */ + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_SETFRAGMENT, &arg) == 0, + FMT_ERR("SNDCTL_DSP_SETFRAGMENT")); + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_GETOSPACE, &abi) == 0, + FMT_ERR("SNDCTL_DSP_GETOSPACE")); + + len = abi.bytes; + ATF_REQUIRE_MSG(len >= PAGE_SIZE, "buffer too small: %zu", len); + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + ATF_REQUIRE_MSG(buf != MAP_FAILED, FMT_ERR("mmap")); + + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0, + "mmap data corrupted at offset %zu: want 0 got 0x%02x", + i, buf[i]); + } + + memset(buf, 0xa5, len); + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0xa5, + "mmap data corrupted at offset %zu: want 0xa5 got 0x%02x", + i, buf[i]); + } + + ATF_REQUIRE(close(fd) == 0); + + /* Closing the device causes the buffer to be reset. */ + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0 || buf[i] == 0xa5, + "mmap data corrupted at offset %zu: got 0x%02x", i, buf[i]); + } + memset(buf, 0xa5, len); + + ATF_REQUIRE(munmap(buf, len) == 0); +} + ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, mmap_offset_overflow); + ATF_TP_ADD_TC(tp, mmap_buffer_lifetime); return (atf_no_error()); } From nobody Tue Jun 9 19:17:47 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwD2Cr0z6gV6j for ; Tue, 09 Jun 2026 19:17:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdwC4MyMz3LmV for ; Tue, 09 Jun 2026 19:17:47 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032667; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bFstC+NCWfTnSLp3D4iv44Nnjz4QdALuSuLhgi8odzQ=; b=xF+5eCwcjBg5tUcLWtSQ0DdHONXG5mZp+KG3TCSCFmfB7EHIT/cvIxmsHAIKXmU0ci7I/l qjzlwzsBh47npObN+NzaeuhBJTmCdhKnIJL9Ze6ioDGGUZqtEL0VlVmLt8P+5iwyYhkcJj qB+u/cOJ3x3g9a8S6tXqjd2LbyXHlQ5/c3Lld8sCQAqgMM8ZoZ2y0SBec5/9lf343wc3gM L4PltVN3AdJNKMcx4EztGBAkhuS4zBTwdD0I6ZVaDSObu5mX7aufyScDBXyXgVW4nCboUs g4dS8TJhTv1457s19nuceYsl4UwaH4g52p7RrUi0YKiquHUYwaUkTkbw9iCYFQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032667; a=rsa-sha256; cv=none; b=yj668zneE23lclk0GFS6HW5YGOi23PXb+zMgQUwizWVMoeX1xDiAKqIZqC2KNCjqsn+HuD moOOV1Jo1v6CZP0ugXq8+EbwU4kBtXe4P14D5SW7zD3SVZ5543/+8kQTl+u1QtOytT7ztZ SWmlcg4AFKRIGK1G7oM3bwxC9NOWniEDPwKn98fIb6HPM/JHdfTLXhmJvtvSBfcXF2JJwB oCdof9i0+Zy2PfYELlGA2vjsOHFeisBOP+YGvhaU07bZ/mUTeL61gpl2zWge3NbUlKMup4 /4IQuH+O+ksOuRAwRcBxLbnAMJc8G4NKDyrXX+YvbI9plToJKK1vLzNmF7svMA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032667; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bFstC+NCWfTnSLp3D4iv44Nnjz4QdALuSuLhgi8odzQ=; b=H6KM7v5LzwkVNtY1YZQvq58PfjFSmvFVoMNy5f6HVV1RkccbJtHlkKDa65EfcChR/5GBQW MMU9RK2b16Y+TV0qRFCvg4hYZgO5mvmaL9DHtIo+1IfCjL0wmEUkmX61yYkIHEMn3soS5C 54iuFDeC1fwODZWYzBgtvYSkY4mM7EXtzIvBHtdISfE8M08f3VsDmm5wAkRjWA9DLadMvi mRvE385oRU7XC9FggxC6CVYgeaj0/wlYiSAOBGFsZ8QfPvFD04U/4dFdLiGQDqui44HviS PdPQaDv3Yl1BqC8DPYj8EkrPDU0I4yh2ynVX/u0uYrPUl73gAvSoc0pxFyDs3Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwC3q1Xznvs for ; Tue, 09 Jun 2026 19:17:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e521 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:47 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Christos Margiolis From: Mark Johnston Subject: git: 144f59e06f9b - stable/14 - sound: Check for offset overflow in dsp_mmap_single() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 144f59e06f9bff4afb56370a9d03965ab158058f Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:47 +0000 Message-Id: <6a2866db.3e521.5867a12d@gitrepo.freebsd.org> The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=144f59e06f9bff4afb56370a9d03965ab158058f commit 144f59e06f9bff4afb56370a9d03965ab158058f Author: Christos Margiolis AuthorDate: 2026-05-27 15:50:33 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:21 +0000 sound: Check for offset overflow in dsp_mmap_single() Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-45258 Reviewed by: markj Sponsored by: The FreeBSD Foundation --- sys/dev/sound/pcm/dsp.c | 3 +++ tests/sys/sound/Makefile | 1 + tests/sys/sound/mmap.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 55 insertions(+) diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index 1856a348ac12..75293ae9bd8a 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -1954,6 +1954,9 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, struct pcm_channel *wrch, *rdch, *c; int err; + if (*offset >= *offset + size) + return (EINVAL); + /* * Reject PROT_EXEC by default. It just doesn't makes sense. * Unfortunately, we have to give up this one due to linux_mmap diff --git a/tests/sys/sound/Makefile b/tests/sys/sound/Makefile index 74a0765a0540..ce156ae8c4cf 100644 --- a/tests/sys/sound/Makefile +++ b/tests/sys/sound/Makefile @@ -2,6 +2,7 @@ PACKAGE= tests TESTSDIR= ${TESTSBASE}/sys/sound +ATF_TESTS_C+= mmap ATF_TESTS_C+= pcm_read_write ATF_TESTS_C+= sndstat diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c new file mode 100644 index 000000000000..ab203a39194c --- /dev/null +++ b/tests/sys/sound/mmap.c @@ -0,0 +1,51 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2026 The FreeBSD Foundation + */ + +#include +#include + +#include +#include +#include +#include + +#define FMT_ERR(s) s ": %s", strerror(errno) + +ATF_TC(mmap_offset_overflow); +ATF_TC_HEAD(mmap_offset_overflow, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap offset overflow test"); + atf_tc_set_md_var(tc, "require.kmods", "snd_dummy"); +} + +ATF_TC_BODY(mmap_offset_overflow, tc) +{ + uint8_t *buf; + off_t off; + size_t len; + int fd; + + fd = open("/dev/dsp0", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + /* off + len will overflow and wrap back to 0. */ + off = 0xfffffffffffff000; + len = 0x1000; + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, off); + ATF_REQUIRE_MSG(buf == MAP_FAILED, FMT_ERR("mmap")); + + munmap(buf, len); + + close(fd); +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, mmap_offset_overflow); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:17:49 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwG1YXLz6gTwf for ; Tue, 09 Jun 2026 19:17:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdwF5qnpz3M2w for ; Tue, 09 Jun 2026 19:17:49 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032669; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Q9WTZ/UT3xOh+W5gityrZKUdjESZ/rKXuh+FoPQJ39Q=; b=wI5CwVvUSOrTDNSRnet1aooEYsleyPLh/QIk+EuZsFXqsIjw1tUxb4+Ie0haeqpEsX5VtK CUCNQhNR03SZmRhcwdvnVAszKqI3LBmvijEwXdgCzqSkspy4NcNsEMVt4jwzFd9Bd32v/H 1N7XK6eUmfI04nAIvqarpWKRzwnROtBKzKWAcWSYzbbQm1zQaZaWLcpu4hHJ5dHKrS7NwT d8ZjYZAZn34jIlFwdXVQkyQYSr96ji7S0KkPptLcrFRLgT1T8LCBmhL5FzJ5iZvSDNsk1q nSax0xbEEhcfx/9M+6bD9NZQKMnop9NmUUekcXijCrbBpsexbAy1SmqWz8OWiw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032669; a=rsa-sha256; cv=none; b=YrpXjFRi7s+nMxKEiGoOwoNkMgH9c1ILZ1s/q/q3eWYD6YvPtgwsPzumUvCaJB2XjpH9wE ro/kg37Xd2Q7LlkOcQwIrYaAL85p6zqyK8JlSAldi2JKT207IR5e5/S8m3w3PgrcUH5by4 nzIZaB76ZzZQi8/QxLuZjqMjh1HpWiHxtbo3wulcxQj8FZMbo5iFnscpuyXMpN2jreHJhp fVCDcwHaKVL1H+DwA8V0+lWDWod6kXzVXiRprPAB/92UA0MFuUP0Q3QrEog2Qn6XRPSO+M 1rdtrAc/eBkyfmFM0PmTW9qAqGZbwHhVPoKXH4k8CrHm0f4R8ZuQYtFyG7lYNA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032669; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Q9WTZ/UT3xOh+W5gityrZKUdjESZ/rKXuh+FoPQJ39Q=; b=N9hLNKqLQ4KItR2LhNtDxNbDRoc6GM+qGtguxx7ZUqg39xAIAm2qWcO1SlWTSbdt6Nx1bQ EUMprhBaIeyPrkCSa8YPoT0m20W3ib4xeSFxS9L64E6DDfkH6Bs/a7egb+iCnwIvKuhphn /f+T5JzFui7/e//a/5eazCZgVowuneJFta6BdxRnl654RC/vJWna1GxxRkDa0ClCqCPtwU pqkWZE9BuTtCh/HNdeGPnEOQbufKo38PA7mI9zm+xS6Zy+pPCFpHhPtOQKqsI8Ggn4Fo7W 23so5rew5vVn6KQ6PUUNjI9FQ/UHlbW0/KhaoIwaRblQh8VeNuoYT2G5BWObew== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwF5MHQznFl for ; Tue, 09 Jun 2026 19:17:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ebbb by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:49 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 522182827ea1 - stable/14 - in6_mcast: Fix a race in in6p_set_source_filter() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 522182827ea173e07668b1ac40a8173c620bb99e Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:49 +0000 Message-Id: <6a2866dd.3ebbb.42687757@gitrepo.freebsd.org> The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=522182827ea173e07668b1ac40a8173c620bb99e commit 522182827ea173e07668b1ac40a8173c620bb99e Author: Mark Johnston AuthorDate: 2026-05-29 20:12:24 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:21 +0000 in6_mcast: Fix a race in in6p_set_source_filter() We drop the inpcb lock in order to copy in the source list, but this leaves a window where the multicast filter structure might be freed. This can be exploited to obtain root privileges. In the v4 code this race is mitigated by holding the global multicast lock across the gap. Restructure the code to copy in filters before doing anything else, so that there's no need to drop the inpcb lock and reason about the correctness of doing so. Do the same in the v4 code for consistency. Approved by: so Security: FreeBSD-SA-26:29.ip6_multicast Security: CVE-2026-49412 Reported by: Andrew Griffiths Reported by: Maik Münch Reviewed by: glebius Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57347 --- sys/netinet/in_mcast.c | 40 +++++++++++++++++----------------------- sys/netinet6/in6_mcast.c | 41 +++++++++++++++++++---------------------- 2 files changed, 36 insertions(+), 45 deletions(-) diff --git a/sys/netinet/in_mcast.c b/sys/netinet/in_mcast.c index b0be48b65437..4fd00bac3ae4 100644 --- a/sys/netinet/in_mcast.c +++ b/sys/netinet/in_mcast.c @@ -2524,6 +2524,7 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct epoch_tracker et; struct __msfilterreq msfr; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in_mfilter *imf; @@ -2536,9 +2537,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) - return (ENOBUFS); - if ((msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE)) return (EINVAL); @@ -2551,13 +2549,24 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr))) return (EINVAL); + if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_inp_unlocked; + gsa->sin.sin_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); /* XXXGL: unsafe ifp */ - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_inp_unlocked; + } IN_MULTI_LOCK(); @@ -2589,25 +2598,9 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in_msource *lims; struct sockaddr_in *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_IGMPV3, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - IN_MULTI_UNLOCK(); - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as imf_leave() @@ -2642,7 +2635,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->imsl_st[1] = imf->imf_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2679,6 +2671,8 @@ out_imf_rollback: out_inp_locked: INP_WUNLOCK(inp); IN_MULTI_UNLOCK(); +out_inp_unlocked: + free(kss, M_TEMP); return (error); } diff --git a/sys/netinet6/in6_mcast.c b/sys/netinet6/in6_mcast.c index a6186568ecb2..4ec9f36cd9ac 100644 --- a/sys/netinet6/in6_mcast.c +++ b/sys/netinet6/in6_mcast.c @@ -2489,6 +2489,7 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct __msfilterreq msfr; struct epoch_tracker et; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in6_mfilter *imf; @@ -2501,9 +2502,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) - return (ENOBUFS); - if (msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE) return (EINVAL); @@ -2516,19 +2514,31 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN6_IS_ADDR_MULTICAST(&gsa->sin6.sin6_addr)) return (EINVAL); + if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_in6p_unlocked; + gsa->sin6.sin6_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_in6p_unlocked; + } (void)in6_setscope(&gsa->sin6.sin6_addr, ifp, NULL); /* * Take the INP write lock. * Check if this socket is a member of this group. */ + IN6_MULTI_LOCK(); imo = in6p_findmoptions(inp); imf = im6o_match_group(imo, ifp, &gsa->sa); if (imf == NULL) { @@ -2553,24 +2563,9 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in6_msource *lims; struct sockaddr_in6 *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_MLD, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as im6f_leave() @@ -2615,7 +2610,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->im6sl_st[1] = imf->im6f_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2650,6 +2644,9 @@ out_im6f_rollback: out_in6p_locked: INP_WUNLOCK(inp); + IN6_MULTI_UNLOCK(); +out_in6p_unlocked: + free(kss, M_TEMP); return (error); } From nobody Tue Jun 9 19:17:50 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwH5TsZz6gV27 for ; Tue, 09 Jun 2026 19:17:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdwG6rYwz3Lpv for ; Tue, 09 Jun 2026 19:17:50 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032671; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=DMuuq5oXY0Q8a4eOwL7uwXqFO5zOZFF3IKxrvuQz1n8=; b=t/IrFdy3wUjaoi9qF3l6TBiUca5NrRykC5X1DYOTqXdpQRMeCb7u0R7FX5ljwZYClF0GLo ZwFdUpvdfPIeMZYl6d8NHy8fdovQ6tMTbS7b4zGVwDqzOIzDfq5MeTWbcKYE6pt7CKb8ZS ZUAUgarpWT3CxXxyuvIXvRjwASQtIVgTe8jTCrDrKS9h8ZANX44cxCihNQUlxMH5vogrdk pFOwmkQiFynrfYNLUTyP5RTKanukOZadlPERIl+5FPwjyu9CZ8dxMzegpK4LuYsPF4rLw1 I7235mF31heQ8AgQZo3NhgXLE1Y3t70+pbcnUStmxU7wtaRsLiU8GwXzd0OSOw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032671; a=rsa-sha256; cv=none; b=xcE8C7ZvkuzAw8hfzq7JVOuZljc6fvxL8pcTQdFsM7mGLae+IgoJdMG/kdgVak4ywLJJdZ i1G1ACzZrbiP8aAsrpdQwjuKkdxJrP81+FMmm08XEzoikX0TM/lE4JJ0Hyymb++nCq43bU P7K2RNH/yj2UsnMW/7bwQjxFlrjsCN9fkyNvt22SFKbV3P4CEVcK2Iu9COki/gJ5LVjPlm KVoxOgH5rXE+8VPM/0TpFYVM61Uh5JBlDopyI82PdaZrn/R26Omc0tYdODBRQ+8aUNUgAc PImycZPT2VptCQLOczmCwUcjCOzzrZ20QD2okALBPTBZL+PbmOVdparx9jDVCw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032671; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=DMuuq5oXY0Q8a4eOwL7uwXqFO5zOZFF3IKxrvuQz1n8=; b=rBbsNEX/8PwTjiRfU0aQLTIBMZ0pmkdBejVgqR3MbXgMaHwVtcw22xFA9YKae37HUs2415 N7qProzhBfe/0Nrzx4cqEkGU9O56AmaKgSKxap2uAc5wNy8nhymgKgA42VDM1IjeE+q2m4 kInji/qTX2J12IVfSHdl4pGnLXNu6JCzKCb201AWjviZE3U9wdPRF9dnmglPNcvLzth5Wk WNMj+Fvlh2WNN4eCHZI1SBV+7hlqWi+uCjOYIvU/kQov/wAZYnqbrtrxpYGRtJd+59pORG 4QbtPvunsNi9AFeCUuEbWxE3LYbzEONAkaIUTz9tL1Ck5A9+dmuuI0Imjkjqeg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwG67mmznrK for ; Tue, 09 Jun 2026 19:17:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c4f3 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:50 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: ff411cc40cd4 - stable/14 - linux: Correct the issetugid check in copyout_auxargs List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: ff411cc40cd4001b4ce40c83480df527f30c2dfc Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:50 +0000 Message-Id: <6a2866de.3c4f3.7adb7dad@gitrepo.freebsd.org> The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=ff411cc40cd4001b4ce40c83480df527f30c2dfc commit ff411cc40cd4001b4ce40c83480df527f30c2dfc Author: Mark Johnston AuthorDate: 2026-05-29 21:41:35 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:21 +0000 linux: Correct the issetugid check in copyout_auxargs The runtime linker in glibc relies on the AT_SECURE auxv entry to know whether the executable is set-ugid, if so then various dangerous functionality such as LD_PRELOAD is disabled. The check added in commit 669414e4fb74 failed to take into account the fact that during execve, P_SUGID may not yet be set for a set-ugid process. Correct the test. Approved by: so Security: FreeBSD-SA-26:30.linux Security: CVE-2026-49413 Reported by: Minseong Kim Fixes: 669414e4fb74 ("Implement AT_SECURE properly.") Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57350 --- sys/compat/linux/linux_elf.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/sys/compat/linux/linux_elf.c b/sys/compat/linux/linux_elf.c index c9eb6aea8373..6c9f785c97e7 100644 --- a/sys/compat/linux/linux_elf.c +++ b/sys/compat/linux/linux_elf.c @@ -492,11 +492,9 @@ __linuxN(copyout_auxargs)(struct image_params *imgp, uintptr_t base) struct thread *td = curthread; Elf_Auxargs *args; Elf_Auxinfo *aarray, *pos; - struct proc *p; int error, issetugid; - p = imgp->proc; - issetugid = p->p_flag & P_SUGID ? 1 : 0; + issetugid = imgp->credential_setid ? 1 : 0; args = imgp->auxargs; aarray = pos = malloc(LINUX_AT_COUNT * sizeof(*pos), M_TEMP, M_WAITOK | M_ZERO); From nobody Tue Jun 9 19:17:51 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwJ5CPHz6gV3Y for ; Tue, 09 Jun 2026 19:17:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdwJ0JW3z3M5F for ; Tue, 09 Jun 2026 19:17:52 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032672; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=5DeNZll9V/edpH+3f3Q3UsygWnYvdkuQVC8gI7gPgAs=; b=KAgA5FkrhyX2kh1ulB34+iFg0nouSCWFqZ8PsgQLCNXs9DCdpgzeOMtX/qgY/zBK24p//x lZA3Af7VDYoxZGvEEKV+CnUAK+sKRzIcxZOhJ0VEUQzWYouFXbuM0dkQB9r1ezOkx6SY1R ZJDN7H7xR1uxBx8iyItT2NJ59kdsMGMp2peILrrw67OWhRSMAUNGx1OLTlxA5R9rmUT4pe DM+8Yb9vEPh4mjqIZb0XjpPi9HH5i0dWwRqHBxxTqoFDwG0HNR1MgCBXuAFecHvV+hm6KB nyBF4odXByuEpTDRsmOZyir34ruSKrQS7il6B7TIRmBmj4GncYfVDroMjo7Fwg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032672; a=rsa-sha256; cv=none; b=TI9yudNT1GD3Qc+mnqXlu8kW/YN1xkBp39xX6hFlg/QG/BniENN7Dt/GcDWIJoifZIOfjU R0cNykwdRhldI2EFD7UvifnEq9n7tcyJdC1kcwT6fX4+ImWOJxHdadVB1PYyzYZbCsGbWX N1JiYFE3nl9PmDXJl1IEH8ArrXVuDk3yeEiGRWE4kSS+VNvEINf4GwFD/NFASPgeotiPn8 0cHceQw4TFQMDKehog9MlAqWLZ3BTDgqb/en8/ZRAziDXDUwiMFjlp1nwxnzfBX3+PJV2V 9icBwhR1UqLpNpn/V1H02pMt23DbTLFzhOuKKohI4YmSWTTBOhh89S8Q5RDSDA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032672; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=5DeNZll9V/edpH+3f3Q3UsygWnYvdkuQVC8gI7gPgAs=; b=M2WFQhUgOpxn6eVMbEuMUls8X/s466LplDYtvIdcG62YsFQM4V0zP+qWpKZnu7ILuPcOLI dk8q0JMSBXW3GYAP+/zFPhCSV5UwTFdeq7Zpy7KasdwofFxYYc9F7vpf+KRpN0dGgmMqut KAHj5WlrSxsKkEHBN3Oyp+Bkr2VqSNabkHCiZl+4vfYugFiBIV01cU3Tmk+9XP0G0kHGEM a9vouqQ1cXvRuF/QIOpYlfNLmiKCDdcdX8sKfEjHn9RAycTChM5pFBjgPD1zPRqjBx14yg Jc9Gp9lrlxd9sL71jsrGJezD2Sspyg71M3/Qqf9VZfYUL6T1zg+sIiDKtIRhvw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwH6x9JznCP for ; Tue, 09 Jun 2026 19:17:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e5a9 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:51 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Andrew Turner From: Mark Johnston Subject: git: e99aa8682dba - stable/14 - arm64: Workaround the following errata List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: e99aa8682dba0ebd04c50cbe9a57213557ecd130 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:51 +0000 Message-Id: <6a2866df.3e5a9.97b4941@gitrepo.freebsd.org> The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=e99aa8682dba0ebd04c50cbe9a57213557ecd130 commit e99aa8682dba0ebd04c50cbe9a57213557ecd130 Author: Andrew Turner AuthorDate: 2026-05-28 09:25:30 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:22 +0000 arm64: Workaround the following errata - ARM C1-Premium erratum 4193780 - ARM C1-Ultra erratum 4193780 - ARM Cortex-A76 erratum 4193800 - ARM Cortex-A76AE erratum 4193801 - ARM Cortex-A77 erratum 4193798 - ARM Cortex-A78 erratum 4193791 - ARM Cortex-A78AE erratum 4193793 - ARM Cortex-A78C erratum 4193794 - ARM Cortex-A710 erratum 4193788 - ARM Cortex-X1 erratum 4193791 - ARM Cortex-X1C erratum 4193792 - ARM Cortex-X2 erratum 4193788 - ARM Cortex-X3 erratum 4193786 - ARM Cortex-X4 erratum 4118414 - ARM Cortex-X925 erratum 4193781 - ARM Neoverse-N1 erratum 4193800 - ARM Neoverse-N2 erratum 4193789 - ARM Neoverse-V1 erratum 4193790 - ARM Neoverse-V2 erratum 4193787 - ARM Neoverse-V3 erratum 4193784 - ARM Neoverse-V3AE erratum 4193784 These are all variants on an erratum where TLBI+DSB instructions on one CPU may incorrectly complete early leading to stores to an updated address using an incorrect translation on another CPU. In all cases the workaround is to add a second TLBI+DSB. Approved by: so Security: FreeBSD-SA-26:31.arm64 Security: CVE-2025-10263 Sponsored by: Arm Ltd --- sys/arm64/arm64/pmap.c | 60 ++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 51 insertions(+), 9 deletions(-) diff --git a/sys/arm64/arm64/pmap.c b/sys/arm64/arm64/pmap.c index 7c38ecfe16a2..4d597deb6d67 100644 --- a/sys/arm64/arm64/pmap.c +++ b/sys/arm64/arm64/pmap.c @@ -1547,20 +1547,62 @@ static cpu_feat_en pmap_multiple_tlbi_check(const struct cpu_feat *feat __unused, u_int midr) { /* - * Cortex-A55 erratum 2441007 (Cat B rare) + * ARM C1-Premium erratum 4193780 + * ARM C1-Ultra erratum 4193780 + * ARM Cortex-A76 erratum 4193800 + * ARM Cortex-A76AE erratum 4193801 + * ARM Cortex-A77 erratum 4193798 + * ARM Cortex-A78 erratum 4193791 + * ARM Cortex-A78AE erratum 4193793 + * ARM Cortex-A78C erratum 4193794 + * ARM Cortex-A710 erratum 4193788 + * ARM Cortex-X1 erratum 4193791 + * ARM Cortex-X1C erratum 4193792 + * ARM Cortex-X2 erratum 4193788 + * ARM Cortex-X3 erratum 4193786 + * ARM Cortex-X4 erratum 4118414 + * ARM Cortex-X925 erratum 4193781 + * ARM Neoverse-N1 erratum 4193800 + * ARM Neoverse-N2 erratum 4193789 + * ARM Neoverse-V1 erratum 4193790 + * ARM Neoverse-V2 erratum 4193787 + * ARM Neoverse-V3 erratum 4193784 + * ARM Neoverse-V3AE erratum 4193784 * Present in all revisions */ - if (CPU_IMPL(midr) == CPU_IMPL_ARM && - CPU_PART(midr) == CPU_PART_CORTEX_A55) - return (FEAT_DEFAULT_DISABLE); + if (CPU_IMPL(midr) == CPU_IMPL_ARM) { + switch(CPU_PART(midr)) { + case CPU_PART_C1_PREMIUM: + case CPU_PART_C1_ULTRA: + case CPU_PART_CORTEX_A76: + case CPU_PART_CORTEX_A76AE: + case CPU_PART_CORTEX_A77: + case CPU_PART_CORTEX_A78: + case CPU_PART_CORTEX_A78AE: + case CPU_PART_CORTEX_A78C: + case CPU_PART_CORTEX_A710: + case CPU_PART_CORTEX_X1: + case CPU_PART_CORTEX_X1C: + case CPU_PART_CORTEX_X2: + case CPU_PART_CORTEX_X3: + case CPU_PART_CORTEX_X4: + case CPU_PART_CORTEX_X925: + case CPU_PART_NEOVERSE_N1: + case CPU_PART_NEOVERSE_N2: + case CPU_PART_NEOVERSE_V1: + case CPU_PART_NEOVERSE_V2: + case CPU_PART_NEOVERSE_V3: + case CPU_PART_NEOVERSE_V3AE: + return (FEAT_DEFAULT_ENABLE); + } + } /* - * Cortex-A76 erratum 1286807 (Cat B rare) - * Present in r0p0 - r3p0 - * Fixed in r3p1 + * Cortex-A55 erratum 2441007 (Cat B rare) + * Present in all revisions */ - if (midr_check_var_part_range(midr, CPU_IMPL_ARM, CPU_PART_CORTEX_A76, - 0, 0, 3, 0)) + if (CPU_IMPL(midr) == CPU_IMPL_ARM && + CPU_PART(midr) == CPU_PART_CORTEX_A55) return (FEAT_DEFAULT_DISABLE); /* From nobody Tue Jun 9 19:17:53 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwK4c2Bz6gV6p for ; Tue, 09 Jun 2026 19:17:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdwK179Zz3M9y for ; Tue, 09 Jun 2026 19:17:53 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032673; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hPjykpwUnmlIfngvWuctUqt4qCz7+QnseXLhwZqQlpM=; b=rO1LD2250/2fiAkwqOIQS/WEdgbwoyy5OVKB0c8+jSxK1v43YbEl9pz5m/EtJG+Lj7PLg1 8fSSZp/xWtf7/gf6Dp2g4ImM4/QgWzoo0MwSSKiA091BL73IcHiR9UIWxN4LPUXJgen9zo NaiGis5jhDIxjabzTU7jAr0/ablYtPoKm2Cp7B4emB+myb1eMCcXtqgWrQyiMHZpGsQruE 83PYLTJJPavYiSA5WfrfPYeW9T4DhHANJF8Xmxt2p4mRQkNSFKVDspcRIOjABnewNNfU9M epoa0F8cRLPlOHrt/eahNGpKGxTqjn1A7i3nwN+LM57qXRKH4ZhKDZ7QIDgxYw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032673; a=rsa-sha256; cv=none; b=AYu8IwHh8uW4jkz+WZYiJ5u4PF5htil92ZJONx3YEpVU5ajv6XuEt90lYiBNzRcRV4qZ7k Lstm295VrX2e5Vy8JaAWRdTTKwi34fr2jYiCRgekWnxuEuNS8wHs5JIlCzpTFakBsnTfi5 bUS/WQk+Elzqob85v6KJSq3dE1XbyCBllqG7o/Z+C95zlDwdMEorKd0AIt9jOoj9CQ7zqc LMEMFbpw1g/XbMMLDf0DpPZJtL8xeEB1wdVloO+/2D51N9LR1zRl601Tv+psGAept2DT4F m8yzAAUhqxvmutX2AKplm0lhgnyLnWBx8h4vBDBSIWToy3CperaIa8V2uVH9xA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032673; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hPjykpwUnmlIfngvWuctUqt4qCz7+QnseXLhwZqQlpM=; b=O1vmD9RrX/gl0Y54StTq0wQiwcmGzlO+Kmk+OsMfJRpd+upWRjjAp/AzpRPSVrMKhcWFnr EGB4xdVJvWns3LDlqWNrBWu2PfF7VkNvuks5XX/Y7URvKzShHXePtCrhAa4Xsn3tWgZVwX 9TLCBeCuXxN/KmB+AC5LgUhlg+mJd9BCC8K2x9xlJE6gKkt0D8PjcRepuxW9ZoL6APUTNi UWs3QfI9PWFV3VLACVjntabN4s0mS3sUFD7VBdIK2eRpq0d2dxMNRXO41NjdNxDVh6kosZ Zog6lKfE8lwwETtMmCq0brCs+xwn/Kw6E+pfThSOCVgIWlgRW+nmsXn8LQUGvQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwK0Nbnznkb for ; Tue, 09 Jun 2026 19:17:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3f424 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:53 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: e417948e6139 - stable/14 - imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: e417948e6139cc69ebff46ecb747695db82cd14a Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:53 +0000 Message-Id: <6a2866e1.3f424.4b1ac774@gitrepo.freebsd.org> The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=e417948e6139cc69ebff46ecb747695db82cd14a commit e417948e6139cc69ebff46ecb747695db82cd14a Author: Mark Johnston AuthorDate: 2026-06-02 20:29:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:22 +0000 imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images Otherwise an unprivileged user can disable randomization of the base address for PIEs even if they are setugid. Add a regression test. Approved by: so Security: FreeBSD-SA-26:32.elf Security: CVE-2026-49414 Reported by: David Berard Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57397 --- sys/kern/imgact_elf.c | 55 ++++++++--------- tests/sys/kern/Makefile | 2 + tests/sys/kern/aslr.c | 157 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 187 insertions(+), 27 deletions(-) diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c index 5261e94846a0..ff482ca5d658 100644 --- a/sys/kern/imgact_elf.c +++ b/sys/kern/imgact_elf.c @@ -1230,11 +1230,39 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) error = ENOEXEC; goto ret; } + + /* + * Avoid a possible deadlock if the current address space is destroyed + * and that address space maps the locked vnode. In the common case, + * the locked vnode's v_usecount is decremented but remains greater + * than zero. Consequently, the vnode lock is not needed by vrele(). + * However, in cases where the vnode lock is external, such as nullfs, + * v_usecount may become zero. + * + * The VV_TEXT flag prevents modifications to the executable while + * the vnode is unlocked. + */ + VOP_UNLOCK(imgp->vp); + + /* + * Decide whether to enable randomization of user mappings. First, + * reset user preferences for the setid binaries. Then, account for the + * support of randomization by the ABI, by user preferences, and make + * special treatment for PIE binaries. + */ + if (imgp->credential_setid) { + PROC_LOCK(imgp->proc); + imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | + P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); + PROC_UNLOCK(imgp->proc); + } + sv = brand_info->sysvec; if (hdr->e_type == ET_DYN) { if ((brand_info->flags & BI_CAN_EXEC_DYN) == 0) { uprintf("Cannot execute shared object\n"); error = ENOEXEC; + (void)vn_lock(imgp->vp, LK_SHARED | LK_RETRY); goto ret; } /* @@ -1253,33 +1281,6 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) imgp->et_dyn_addr = __elfN(pie_base); } } - - /* - * Avoid a possible deadlock if the current address space is destroyed - * and that address space maps the locked vnode. In the common case, - * the locked vnode's v_usecount is decremented but remains greater - * than zero. Consequently, the vnode lock is not needed by vrele(). - * However, in cases where the vnode lock is external, such as nullfs, - * v_usecount may become zero. - * - * The VV_TEXT flag prevents modifications to the executable while - * the vnode is unlocked. - */ - VOP_UNLOCK(imgp->vp); - - /* - * Decide whether to enable randomization of user mappings. - * First, reset user preferences for the setid binaries. - * Then, account for the support of the randomization by the - * ABI, by user preferences, and make special treatment for - * PIE binaries. - */ - if (imgp->credential_setid) { - PROC_LOCK(imgp->proc); - imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | - P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); - PROC_UNLOCK(imgp->proc); - } if ((sv->sv_flags & SV_ASLR) == 0 || (imgp->proc->p_flag2 & P2_ASLR_DISABLE) != 0 || (fctl0 & NT_FREEBSD_FCTL_ASLR_DISABLE) != 0) { diff --git a/tests/sys/kern/Makefile b/tests/sys/kern/Makefile index c455b40747e8..9f0c29736257 100644 --- a/tests/sys/kern/Makefile +++ b/tests/sys/kern/Makefile @@ -8,6 +8,7 @@ TESTSRC= ${SRCTOP}/contrib/netbsd-tests/kernel TESTSDIR= ${TESTSBASE}/sys/kern +ATF_TESTS_C+= aslr ATF_TESTS_C+= basic_signal ATF_TESTS_C+= copy_file_range .if ${MACHINE_ARCH} != "i386" && ${MACHINE_ARCH} != "powerpc" && \ @@ -79,6 +80,7 @@ PROGS+= coredump_phnum_helper PROGS+= pdeathsig_helper PROGS+= sendfile_helper +LIBADD.aslr+= util LIBADD.copy_file_range+= md LIBADD.jail_lookup_root+= jail util CFLAGS.sys_getrandom+= -I${SRCTOP}/sys/contrib/zstd/lib diff --git a/tests/sys/kern/aslr.c b/tests/sys/kern/aslr.c new file mode 100644 index 000000000000..13038054603c --- /dev/null +++ b/tests/sys/kern/aslr.c @@ -0,0 +1,157 @@ +/* + * Copyright (c) 2026 The FreeBSD Foundation + * + * This software was developed by Mark Johnston under sponsorship from the + * FreeBSD Foundation. + */ + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include + +/* + * Spawn an unprivileged child with ASLR force-disabled, which then execs + * /sbin/ping (setuid root). + */ +static pid_t +spawn_ping(const atf_tc_t *tc) +{ + const char *user; + struct passwd *passwd; + pid_t child; + int arg, error; + + user = atf_tc_get_config_var(tc, "unprivileged_user"); + passwd = getpwnam(user); + ATF_REQUIRE(passwd != NULL); + + child = fork(); + ATF_REQUIRE(child >= 0); + if (child == 0) { + if (seteuid(passwd->pw_uid) != 0) + _exit(1); + + arg = PROC_ASLR_FORCE_DISABLE; + error = procctl(P_PID, getpid(), PROC_ASLR_CTL, &arg); + if (error != 0) + _exit(2); + + execl("/sbin/ping", "ping", "127.0.0.1", NULL); + _exit(127); + } + usleep(500000); /* XXX-MJ */ + + return (child); +} + +/* + * Return the base address of the first mapping backed by the specified + * executable in the given process, or 0 if not found. + */ +static uint64_t +text_base(pid_t pid, const char *path) +{ + struct kinfo_vmentry *vmmap; + uint64_t base; + int cnt; + + base = 0; + vmmap = kinfo_getvmmap(pid, &cnt); + if (vmmap == NULL) + return (0); + for (int i = 0; i < cnt; i++) { + if (vmmap[i].kve_type == KVME_TYPE_VNODE && + strcmp(vmmap[i].kve_path, path) == 0) { + base = vmmap[i].kve_start; + break; + } + } + free(vmmap); + return (base); +} + +/* + * Make sure that ASLR can't be disabled for a setuid executable by an + * unprivileged user. + */ +ATF_TC(aslr_setuid); +ATF_TC_HEAD(aslr_setuid, tc) +{ + atf_tc_set_md_var(tc, "require.user", "root"); + atf_tc_set_md_var(tc, "require.config", "unprivileged_user"); +} +ATF_TC_BODY(aslr_setuid, tc) +{ + struct stat sb; + uint64_t bases[5]; + pid_t child, pid; + int arg, error, st; + + if (!atf_tc_has_config_var(tc, "unprivileged_user")) + atf_tc_skip("unprivileged_user not set"); + + error = stat("/sbin/ping", &sb); + ATF_REQUIRE(error == 0); + ATF_REQUIRE_MSG(sb.st_uid == 0 && (sb.st_mode & S_ISUID) != 0, + "/sbin/ping is not setuid root"); + + child = spawn_ping(tc); + bases[0] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[0] != 0, + "failed to find /sbin/ping text segment"); + + arg = 0; + error = procctl(P_PID, child, PROC_ASLR_STATUS, &arg); + ATF_REQUIRE_MSG(error == 0, "procctl ASLR_STATUS failed: %s", + strerror(errno)); + ATF_REQUIRE_MSG((arg & PROC_ASLR_ACTIVE) != 0, + "ASLR is not active for setuid child"); + ATF_REQUIRE_MSG((arg & ~PROC_ASLR_ACTIVE) == PROC_ASLR_NOFORCE, + "expected NOFORCE for setuid child, got %d", + arg & ~PROC_ASLR_ACTIVE); + + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + + for (size_t i = 1; i < nitems(bases); i++) { + child = spawn_ping(tc); + bases[i] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[i] != 0, + "failed to find /sbin/ping text segment"); + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + } + + /* Verify that the text base is different across all runs. */ + for (size_t i = 0; i < nitems(bases); i++) { + for (size_t j = i + 1; j < nitems(bases); j++) { + ATF_REQUIRE_MSG(bases[i] != bases[j], + "ping text base collision 0x%jx", + (uintmax_t)bases[i]); + } + } +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, aslr_setuid); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:17:54 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwL4HG9z6gTsX for ; Tue, 09 Jun 2026 19:17:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdwL1j18z3MGr for ; Tue, 09 Jun 2026 19:17:54 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032674; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Y9fXkiGYScb6EJYTur9kyzRngpFcy6OOMIXUsUi30NE=; b=qFvIHEi9K6zvTjCfP/aen5s8ARUTv4JRM8QgOyiyt4gOkIBSoMEhZm/CL3nCPjF96miKtz 2b5Sy8HMfiu+px06Powu70mHMV9igSiVuShXv3IQJDY12lRK/d3bukUjuSQi5W4R5O9s8c 0HLsq7dBH69FdhRu2XHN+T06bPLkp8YO2NkiKLKU93YnDas3L9J0zPvkZby+JUR7nik5dy Eb+0vfcQOi0bWfRGF7Omjd7if92r1glA+18LYkQa3f20rDxgKdHxYAjmyCTUbqruxEpH4L zTrSASdMSGw9rk/9lGc+pTak68V6sm/j+SMLnuB1wPfl0idEvGCZKui1d8ZppQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032674; a=rsa-sha256; cv=none; b=iQtw8AbqKjTjq/2K+EFPYKVyHXHRaOKic7cCpH+MtH8tEc0vtMEkALosuprCmQSZClKKPD FxarM8EN0FbRBP1ZbArgYocutGB4QHjKc4lJ9OUZ0SxopXfOyRGETLY6WQvcRrI+cD8srN MPDyw6hyrhEz+uOKPlSTJd2VI4KKHLLsb8htrC5drms7g1C0xu8XSV2YqVvMcH3NqqjJWO 4kXCAe3WdVfk+Ho5mgrZv6KuwB57s9Zxu8Pele/rIJt78Q3LRR/DsQG7hImuAIrA5UxdiO Mzbtgw8PBEjObcTzO8BzjI6ZKpWA4LTygjPQHzB0Vw33B/BzMfHtof+mxrrKOA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032674; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Y9fXkiGYScb6EJYTur9kyzRngpFcy6OOMIXUsUi30NE=; b=Lo3zacPuldPBTWX98iDvetVke84WiirBRXic+3x1Sd7lLSq1g9Rx36S6jQ3RdCElBZ3BMD Ch2b3RD6+XeJLw2F7nX9Nj7pgdu9+pVZ8SBu2t9KePA4XtDb7fqL1VSabxWJMwkZP/kGq9 5awE4Kk8JsdNv7khIHrgIpCTLbNk+Dqk4Jf2FJkzGuPuaPCqAVE9dchoOZPpRxCjKiTNvQ I1si0tbMTdTD5DHzoxtCdTbvVdLWbwBxHn3v2bMkXkCtbhxOuHXZ7O0parretU3SmaBg7T 33AlFdaovZQx4D81ktwOHDVLuW4pi+YcNDPNtVcmFjrklQMx7LqnAeAYFSs1hQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwL1FcXzn9b for ; Tue, 09 Jun 2026 19:17:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e5ae by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:54 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: ec6bfa889b83 - stable/14 - openssl: Fix multiple vulnerabilities List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: ec6bfa889b839645961113344186b85ed8477f48 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:54 +0000 Message-Id: <6a2866e2.3e5ae.3e394f0d@gitrepo.freebsd.org> The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=ec6bfa889b839645961113344186b85ed8477f48 commit ec6bfa889b839645961113344186b85ed8477f48 Author: Gordon Tetlow AuthorDate: 2026-06-07 03:24:17 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:22 +0000 openssl: Fix multiple vulnerabilities This is a rollup commit from upstream to fix: Reject oversized inputs in ASN1_mbstring_ncopy() cms: kek_unwrap_key: Fix out-of-bounds read in check-byte validation cms: kek_unwrap_key: test for fix out-of-bounds read in check-byte validation Avoid length truncation in ASN1_STRING_set Reject potentially forged encrypted CMS AuthEnvelopedData messages Fix potential NULL dereference processing CMS PasswordRecipientInfo Match the local q DHX parameter against the peer's q Apply the buffered IV on the AES-OCB EVP_Cipher() path Fix handling of empty-ciphertext messages in AES-GCM-SIV and AES-SIV Fix possible use-after-free in OpenSSL PKCS7_verify() Approved by: so Obtained from: OpenSSL Security: FreeBSD-SA-26:35.openssl Security: CVE-2026-7383 Security: CVE-2026-9076 Security: CVE-2026-34180 Security: CVE-2026-34182 Security: CVE-2026-42766 Security: CVE-2026-42770 Security: CVE-2026-45445 Security: CVE-2026-45446 Security: CVE-2026-45447 --- crypto/openssl/crypto/asn1/a_mbstr.c | 31 ++++++++++- crypto/openssl/crypto/asn1/tasn_dec.c | 24 +++++--- crypto/openssl/crypto/cms/cms_enc.c | 18 ++++-- crypto/openssl/crypto/cms/cms_env.c | 6 +- crypto/openssl/crypto/cms/cms_err.c | 4 +- crypto/openssl/crypto/cms/cms_local.h | 2 +- crypto/openssl/crypto/cms/cms_pwri.c | 15 ++++- crypto/openssl/crypto/err/openssl.txt | 3 +- crypto/openssl/crypto/pkcs7/pk7_smime.c | 9 +-- crypto/openssl/include/crypto/cmserr.h | 2 +- crypto/openssl/include/openssl/cmserr.h | 4 +- .../implementations/ciphers/cipher_aes_ocb.c | 13 +++++ .../implementations/ciphers/cipher_aes_siv.c | 3 + .../providers/implementations/exchange/dh_exch.c | 5 +- .../cms-msg/enveloped-content-type-for-aes-gcm.pem | 7 +++ crypto/openssl/test/cmsapitest.c | 54 +++++++++++++++++- crypto/openssl/test/evp_extra_test.c | 61 +++++++++++++++++++++ crypto/openssl/test/recipes/80-test_cms.t | 12 +++- crypto/openssl/test/recipes/80-test_cmsapi.t | 3 +- .../80-test_cmsapi_data/cms_pwri_kek_oob.der | Bin 0 -> 193 bytes 20 files changed, 239 insertions(+), 37 deletions(-) diff --git a/crypto/openssl/crypto/asn1/a_mbstr.c b/crypto/openssl/crypto/asn1/a_mbstr.c index 531e01d33257..9329e5795a9e 100644 --- a/crypto/openssl/crypto/asn1/a_mbstr.c +++ b/crypto/openssl/crypto/asn1/a_mbstr.c @@ -174,11 +174,27 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, break; case MBSTRING_BMP: + if (nchar > INT_MAX / 2) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 1; cpyfunc = cpy_bmp; break; case MBSTRING_UNIV: + if (nchar > INT_MAX / 4) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 2; cpyfunc = cpy_univ; break; @@ -186,8 +202,11 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_UTF8: outlen = 0; ret = traverse_string(in, len, inform, out_utf8, &outlen); - if (ret < 0) { - ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); + if (ret < 0) { /* error already raised in out_utf8() */ + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } return -1; } cpyfunc = cpy_utf8; @@ -271,9 +290,15 @@ static int out_utf8(unsigned long value, void *arg) int *outlen, len; len = UTF8_putc(NULL, -1, value); - if (len <= 0) + if (len <= 0) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); return len; + } outlen = arg; + if (*outlen > INT_MAX - len) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + return -1; + } *outlen += len; return 1; } diff --git a/crypto/openssl/crypto/asn1/tasn_dec.c b/crypto/openssl/crypto/asn1/tasn_dec.c index 9138ad381f7d..4cbc6275cc35 100644 --- a/crypto/openssl/crypto/asn1/tasn_dec.c +++ b/crypto/openssl/crypto/asn1/tasn_dec.c @@ -54,7 +54,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it); /* Table to convert tags to bit values, used for MSTRING type */ @@ -855,19 +855,24 @@ err: /* Translate ASN1 content octets into a structure */ -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it) { ASN1_VALUE **opval = NULL; ASN1_STRING *stmp; ASN1_TYPE *typ = NULL; int ret = 0; + int ilen = (int)len; const ASN1_PRIMITIVE_FUNCS *pf; ASN1_INTEGER **tint; pf = it->funcs; - if (pf && pf->prim_c2i) - return pf->prim_c2i(pval, cont, len, utype, free_cont, it); + if (pf && pf->prim_c2i) { + if (len == (long)ilen) + return pf->prim_c2i(pval, cont, ilen, utype, free_cont, it); + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + return 0; + } /* If ANY type clear type and set pointer to internal value */ if (it->utype == V_ASN1_ANY) { if (*pval == NULL) { @@ -885,7 +890,8 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, } switch (utype) { case V_ASN1_OBJECT: - if (!ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) + if (len != (long)ilen + || !ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, ilen)) goto err; break; @@ -940,6 +946,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_SET: case V_ASN1_SEQUENCE: default: + if (len != (long)ilen) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + goto err; + } if (utype == V_ASN1_BMPSTRING && (len & 1)) { ERR_raise(ERR_LIB_ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); goto err; @@ -964,10 +974,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, if (*free_cont) { OPENSSL_free(stmp->data); stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */ - stmp->length = len; + stmp->length = ilen; *free_cont = 0; } else { - if (!ASN1_STRING_set(stmp, cont, len)) { + if (!ASN1_STRING_set(stmp, cont, ilen)) { ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); ASN1_STRING_free(stmp); *pval = NULL; diff --git a/crypto/openssl/crypto/cms/cms_enc.c b/crypto/openssl/crypto/cms/cms_enc.c index 8c1a15aeda71..367617576175 100644 --- a/crypto/openssl/crypto/cms/cms_enc.c +++ b/crypto/openssl/crypto/cms/cms_enc.c @@ -23,7 +23,7 @@ /* Return BIO based on EncryptedContentInfo and key */ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, - const CMS_CTX *cms_ctx) + const CMS_CTX *cms_ctx, int auth) { BIO *b; EVP_CIPHER_CTX *ctx; @@ -104,14 +104,20 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, goto err; } if ((EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)) { + if (!auth) { + ERR_raise(ERR_LIB_CMS, CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA); + goto err; + } piv = aparams.iv; - if (ec->taglen > 0 - && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, - ec->taglen, ec->tag) - <= 0) { + + if (ec->taglen < 4 || ec->taglen > 16 + || EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, (int)ec->taglen, ec->tag) <= 0) { ERR_raise(ERR_LIB_CMS, CMS_R_CIPHER_AEAD_SET_TAG_ERROR); goto err; } + } else if (auth) { + ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM); + goto err; } } len = EVP_CIPHER_CTX_get_key_length(ctx); @@ -263,5 +269,5 @@ BIO *ossl_cms_EncryptedData_init_bio(const CMS_ContentInfo *cms) if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs) enc->version = 2; return ossl_cms_EncryptedContent_init_bio(enc->encryptedContentInfo, - ossl_cms_get0_cmsctx(cms)); + ossl_cms_get0_cmsctx(cms), 0); } diff --git a/crypto/openssl/crypto/cms/cms_env.c b/crypto/openssl/crypto/cms/cms_env.c index 2326253b6743..d2eace4fef5d 100644 --- a/crypto/openssl/crypto/cms/cms_env.c +++ b/crypto/openssl/crypto/cms/cms_env.c @@ -1099,7 +1099,7 @@ static BIO *cms_EnvelopedData_Decryption_init_bio(CMS_ContentInfo *cms) { CMS_EncryptedContentInfo *ec = cms->d.envelopedData->encryptedContentInfo; BIO *contentBio = ossl_cms_EncryptedContent_init_bio(ec, - ossl_cms_get0_cmsctx(cms)); + ossl_cms_get0_cmsctx(cms), 0); EVP_CIPHER_CTX *ctx = NULL; if (contentBio == NULL) @@ -1137,7 +1137,7 @@ static BIO *cms_EnvelopedData_Encryption_init_bio(CMS_ContentInfo *cms) /* Get BIO first to set up key */ ec = env->encryptedContentInfo; - ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms)); + ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms), 0); /* If error end of processing */ if (!ret) @@ -1189,7 +1189,7 @@ BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms) ec->tag = aenv->mac->data; ec->taglen = aenv->mac->length; } - ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms)); + ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms), 1); /* If error or no cipher end of processing */ if (ret == NULL || ec->cipher == NULL) diff --git a/crypto/openssl/crypto/cms/cms_err.c b/crypto/openssl/crypto/cms/cms_err.c index 37e52963e16d..bc922d0ee03d 100644 --- a/crypto/openssl/crypto/cms/cms_err.c +++ b/crypto/openssl/crypto/cms/cms_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -25,6 +25,8 @@ static const ERR_STRING_DATA CMS_str_reasons[] = { "certificate has no keyid" }, { ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error" }, + { ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA), + "cipher aead in enveloped data" }, { ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_AEAD_SET_TAG_ERROR), "cipher aead set tag error" }, { ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_GET_TAG), "cipher get tag" }, diff --git a/crypto/openssl/crypto/cms/cms_local.h b/crypto/openssl/crypto/cms/cms_local.h index a92a67fa8b24..d80689f64d68 100644 --- a/crypto/openssl/crypto/cms/cms_local.h +++ b/crypto/openssl/crypto/cms/cms_local.h @@ -429,7 +429,7 @@ int ossl_cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert); int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert); BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, - const CMS_CTX *ctx); + const CMS_CTX *ctx, int auth); BIO *ossl_cms_EncryptedData_init_bio(const CMS_ContentInfo *cms); int ossl_cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, const EVP_CIPHER *cipher, diff --git a/crypto/openssl/crypto/cms/cms_pwri.c b/crypto/openssl/crypto/cms/cms_pwri.c index 46313f2bfe2c..8b0ea233fd6d 100644 --- a/crypto/openssl/crypto/cms/cms_pwri.c +++ b/crypto/openssl/crypto/cms/cms_pwri.c @@ -189,14 +189,18 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen, EVP_CIPHER_CTX *ctx) { - size_t blocklen = EVP_CIPHER_CTX_get_block_size(ctx); + int blocklen = EVP_CIPHER_CTX_get_block_size(ctx); unsigned char *tmp; int outl, rv = 0; - if (inlen < 2 * blocklen) { + + if (blocklen < 4) + return 0; + + if (inlen < 2 * (size_t)blocklen) { /* too small */ return 0; } - if (inlen % blocklen) { + if (inlen > INT_MAX || inlen % blocklen) { /* Invalid size */ return 0; } @@ -350,6 +354,11 @@ int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, /* Finish password based key derivation to setup key in "ctx" */ + if (algtmp == NULL) { + ERR_raise_data(ERR_LIB_CMS, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER, + "Missing KeyDerivationAlgorithm"); + goto err; + } if (!EVP_PBE_CipherInit_ex(algtmp->algorithm, (char *)pwri->pass, (int)pwri->passlen, algtmp->parameter, kekctx, en_de, diff --git a/crypto/openssl/crypto/err/openssl.txt b/crypto/openssl/crypto/err/openssl.txt index 756fafdfa24a..dc4e3f310f08 100644 --- a/crypto/openssl/crypto/err/openssl.txt +++ b/crypto/openssl/crypto/err/openssl.txt @@ -1,4 +1,4 @@ -# Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -284,6 +284,7 @@ CMS_R_ATTRIBUTE_ERROR:161:attribute error CMS_R_CERTIFICATE_ALREADY_PRESENT:175:certificate already present CMS_R_CERTIFICATE_HAS_NO_KEYID:160:certificate has no keyid CMS_R_CERTIFICATE_VERIFY_ERROR:100:certificate verify error +CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA:182:cipher aead in enveloped data CMS_R_CIPHER_AEAD_SET_TAG_ERROR:184:cipher aead set tag error CMS_R_CIPHER_GET_TAG:185:cipher get tag CMS_R_CIPHER_INITIALISATION_ERROR:101:cipher initialisation error diff --git a/crypto/openssl/crypto/pkcs7/pk7_smime.c b/crypto/openssl/crypto/pkcs7/pk7_smime.c index 001b96d31183..fadf543e9db7 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_smime.c +++ b/crypto/openssl/crypto/pkcs7/pk7_smime.c @@ -218,6 +218,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, int i, j = 0, k, ret = 0; BIO *p7bio = NULL; BIO *tmpin = NULL, *tmpout = NULL; + BIO *next = NULL; const PKCS7_CTX *p7_ctx; if (p7 == NULL) { @@ -366,11 +367,11 @@ err: BIO_free(tmpout); X509_STORE_CTX_free(cert_ctx); OPENSSL_free(buf); - if (tmpin == indata) { - if (indata) - BIO_pop(p7bio); + while (p7bio != NULL && p7bio != indata) { + next = BIO_pop(p7bio); + BIO_free(p7bio); + p7bio = next; } - BIO_free_all(p7bio); sk_X509_free(signers); return ret; } diff --git a/crypto/openssl/include/crypto/cmserr.h b/crypto/openssl/include/crypto/cmserr.h index f9fd933682e5..8b896822d091 100644 --- a/crypto/openssl/include/crypto/cmserr.h +++ b/crypto/openssl/include/crypto/cmserr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/openssl/include/openssl/cmserr.h b/crypto/openssl/include/openssl/cmserr.h index c584b90574e2..6c0baf2362fc 100644 --- a/crypto/openssl/include/openssl/cmserr.h +++ b/crypto/openssl/include/openssl/cmserr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -17,7 +17,6 @@ #include #ifndef OPENSSL_NO_CMS - /* * CMS reason codes. */ @@ -26,6 +25,7 @@ #define CMS_R_CERTIFICATE_ALREADY_PRESENT 175 #define CMS_R_CERTIFICATE_HAS_NO_KEYID 160 #define CMS_R_CERTIFICATE_VERIFY_ERROR 100 +#define CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA 182 #define CMS_R_CIPHER_AEAD_SET_TAG_ERROR 184 #define CMS_R_CIPHER_GET_TAG 185 #define CMS_R_CIPHER_INITIALISATION_ERROR 101 diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c index 8a8eddf36eec..70c0703ddb7c 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c @@ -516,6 +516,19 @@ static int aes_ocb_cipher(void *vctx, unsigned char *out, size_t *outl, return 0; } + /* + * Mirror the streaming handler: refuse if the key has not been set, + * and push the buffered IV into the OCB context before any data is + * processed. Without this, CRYPTO_ocb128_encrypt/decrypt runs with + * Offset_0 = 0 regardless of the caller's IV -- catastrophic + * (key, nonce) reuse, and a subsequent EVP_*Final_ex() emits a tag + * that is a function of (key, iv) only. + */ + if (!ctx->key_set || !update_iv(ctx)) { + ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); + return 0; + } + if (!aes_generic_ocb_cipher(ctx, in, out, inl)) { ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); return 0; diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c index 510c1581b593..c3facacfbcf4 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c @@ -203,6 +203,7 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; const OSSL_PARAM *p; unsigned int speed = 0; + SIV128_CONTEXT *sctx = &ctx->siv; if (params == NULL) return 1; @@ -237,6 +238,8 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (keylen != ctx->keylen) return 0; } + sctx->final_ret = -1; + return 1; } diff --git a/crypto/openssl/providers/implementations/exchange/dh_exch.c b/crypto/openssl/providers/implementations/exchange/dh_exch.c index bb2d355c8143..668602a5e523 100644 --- a/crypto/openssl/providers/implementations/exchange/dh_exch.c +++ b/crypto/openssl/providers/implementations/exchange/dh_exch.c @@ -113,12 +113,15 @@ static int dh_init(void *vpdhctx, void *vdh, const OSSL_PARAM params[]) static int dh_match_params(DH *priv, DH *peer) { int ret; + int ignore_q = 1; FFC_PARAMS *dhparams_priv = ossl_dh_get0_params(priv); FFC_PARAMS *dhparams_peer = ossl_dh_get0_params(peer); + if (dhparams_priv != NULL && dhparams_priv->q != NULL) + ignore_q = 0; ret = dhparams_priv != NULL && dhparams_peer != NULL - && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, 1); + && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, ignore_q); if (!ret) ERR_raise(ERR_LIB_PROV, PROV_R_MISMATCHING_DOMAIN_PARAMETERS); return ret; diff --git a/crypto/openssl/test/cms-msg/enveloped-content-type-for-aes-gcm.pem b/crypto/openssl/test/cms-msg/enveloped-content-type-for-aes-gcm.pem new file mode 100644 index 000000000000..b0610a7ec8a2 --- /dev/null +++ b/crypto/openssl/test/cms-msg/enveloped-content-type-for-aes-gcm.pem @@ -0,0 +1,7 @@ +-----BEGIN PKCS7----- +MIAGCSqGSIb3DQEHA6CAMIACAQIxNqI0AgEEMAgEBkMwRkVFMDALBglghkgBZQME +AQUEGPN0q9rM3neSiY7HIADpnqWym33mRZC4JDCABgkqhkiG9w0BBwEwHgYJYIZI +AWUDBAEGMBEEDIExQGiHZFSYa0ZBqQIBEKCABGNap+JL1B21Mq7ojKPzVuxtRkg3 +LWt8khnK1EzfmV7e64l5KnTdjq9+gfbwOfbuhTavfBI7VK/ZtpH3HII4fCOe37kV +mju8/YnYeRq2KcxESmJBySV/veMwxqmHGAw71JyHpg4AAAAAAAAAAAAA +-----END PKCS7----- diff --git a/crypto/openssl/test/cmsapitest.c b/crypto/openssl/test/cmsapitest.c index 7e74c5daf221..0a7e536bbe75 100644 --- a/crypto/openssl/test/cmsapitest.c +++ b/crypto/openssl/test/cmsapitest.c @@ -20,6 +20,7 @@ static X509 *cert = NULL; static EVP_PKEY *privkey = NULL; static char *derin = NULL; static char *too_long_iv_cms_in = NULL; +static char *pwri_kek_oob_der_in = NULL; static int test_encrypt_decrypt(const EVP_CIPHER *cipher) { @@ -45,6 +46,12 @@ static int test_encrypt_decrypt(const EVP_CIPHER *cipher) CMS_TEXT))) goto end; + if (!(EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) + && !TEST_ptr(contentbio = CMS_EnvelopedData_decrypt(content->d.envelopedData, + NULL, privkey, cert, NULL, + CMS_TEXT, NULL, NULL))) + goto end; + /* Check we got the message we first started with */ if (!TEST_int_eq(BIO_gets(outmsgbio, buf, sizeof(buf)), strlen(msg)) || !TEST_int_eq(strcmp(buf, msg), 0)) @@ -484,7 +491,48 @@ end: return ret; } -OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile\n") +/* + * CMS EnvelopedData with a single PasswordRecipientInfo using + * id-alg-PWRI-KEK and an AES-128-CFB key encryption cipher + * (1-byte effective block size). The encryptedKey OCTET STRING is + * only two bytes long, so the wrapped key buffer is shorter than + * the seven octets read by the check-byte test in kek_unwrap_key(). + * Prior to CVE-2026-9076 this triggered an out-of-bounds heap read; + * CMS_decrypt() must now fail cleanly. + */ +static int test_pwri_kek_unwrap_short_encrypted_key(void) +{ + BIO *in = NULL; + CMS_ContentInfo *cms = NULL; + unsigned long err = 0; + int ret = 0; + + if (!TEST_ptr(in = BIO_new_file(pwri_kek_oob_der_in, "rb")) + || !TEST_ptr(cms = d2i_CMS_bio(in, NULL))) + goto end; + + /* + * The unwrap is attempted eagerly inside CMS_decrypt_set1_password(). + * It must fail cleanly (no OOB read) and report CMS_R_UNWRAP_FAILURE. + */ + if (!TEST_false(CMS_decrypt_set1_password(cms, + (unsigned char *)"password", -1))) + goto end; + + err = ERR_peek_last_error(); + if (!TEST_int_eq(ERR_GET_LIB(err), ERR_LIB_CMS) + || !TEST_int_eq(ERR_GET_REASON(err), CMS_R_UNWRAP_FAILURE)) + goto end; + + ERR_clear_error(); + ret = 1; +end: + CMS_ContentInfo_free(cms); + BIO_free(in); + return ret; +} + +OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile tooLongIVpem pwriKekOobDer\n") int setup_tests(void) { @@ -499,7 +547,8 @@ int setup_tests(void) if (!TEST_ptr(certin = test_get_argument(0)) || !TEST_ptr(privkeyin = test_get_argument(1)) || !TEST_ptr(derin = test_get_argument(2)) - || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3))) + || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3)) + || !TEST_ptr(pwri_kek_oob_der_in = test_get_argument(4))) return 0; certbio = BIO_new_file(certin, "r"); @@ -535,6 +584,7 @@ int setup_tests(void) ADD_TEST(test_encrypted_data_aead); ADD_ALL_TESTS(test_d2i_CMS_decode, 2); ADD_TEST(test_cms_aesgcm_iv_too_long); + ADD_TEST(test_pwri_kek_unwrap_short_encrypted_key); return 1; } diff --git a/crypto/openssl/test/evp_extra_test.c b/crypto/openssl/test/evp_extra_test.c index 1b0f0711cb57..7bd41db115ca 100644 --- a/crypto/openssl/test/evp_extra_test.c +++ b/crypto/openssl/test/evp_extra_test.c @@ -5414,6 +5414,64 @@ static int test_aes_rc4_keylen_change_cve_2023_5363(void) } #endif +/* + * AES-SIV reuse-without-rekey: + * msg1: legit non-empty CT, tag verifies, final_ret=0 + * msg2: no reinit (or reinit with key=NULL), set forged tag, + * AAD only, DecryptFinal -> does stale final_ret leak through? + */ +static int test_aes_siv_ctx_reuse(void) +{ + unsigned char key[32] = { 7 }; /* AES-128-SIV => 2*16 */ + unsigned char pt[9] = "payload!"; + unsigned char ct[9], tagbuf[16], out[16], zero16[16] = { 0 }; + unsigned char aad[14] = "forged header"; + int outl, ret = 0; + EVP_CIPHER_CTX *e = NULL, *d = NULL; + EVP_CIPHER *c = EVP_CIPHER_fetch(NULL, "AES-128-SIV", NULL); + + if (c == NULL) { + return TEST_skip("AES-128-SIV cipher is not available"); + } + + /* produce a valid (ct,tag) for msg1 */ + e = EVP_CIPHER_CTX_new(); + if (!TEST_ptr(e) + || !TEST_true(EVP_EncryptInit_ex2(e, c, key, NULL, NULL)) + || !TEST_true(EVP_EncryptUpdate(e, NULL, &outl, (unsigned char *)"hdr1", 4)) + || !TEST_true(EVP_EncryptUpdate(e, ct, &outl, pt, sizeof(pt))) + || !TEST_true(EVP_EncryptFinal_ex(e, out, &outl)) + || !TEST_true(EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_AEAD_GET_TAG, 16, tagbuf))) { + EVP_CIPHER_CTX_free(e); + goto err; + } + EVP_CIPHER_CTX_free(e); + + /* msg1 decrypt */ + d = EVP_CIPHER_CTX_new(); + if (!TEST_ptr(d) + || !TEST_true(EVP_DecryptInit_ex2(d, c, key, NULL, NULL)) + || !TEST_true(EVP_CIPHER_CTX_ctrl(d, EVP_CTRL_AEAD_SET_TAG, 16, tagbuf)) + || !TEST_true(EVP_DecryptUpdate(d, NULL, &outl, (unsigned char *)"hdr1", 4)) + || !TEST_true(EVP_DecryptUpdate(d, out, &outl, ct, sizeof(ct))) + || !TEST_true(EVP_DecryptFinal_ex(d, out, &outl))) + goto err; + + /* msg2 on SAME ctx, reinit with key=NULL => initkey skipped, final_ret should be reset */ + if (!TEST_true(EVP_DecryptInit_ex2(d, NULL, NULL, NULL, NULL)) + || !TEST_true(EVP_CIPHER_CTX_ctrl(d, EVP_CTRL_AEAD_SET_TAG, 16, zero16)) + || !TEST_true(EVP_DecryptUpdate(d, NULL, &outl, aad, sizeof(aad))) /* forged AAD */ + || !TEST_false(EVP_DecryptFinal_ex(d, out, &outl))) + goto err; + + ret = 1; + +err: + EVP_CIPHER_CTX_free(d); + EVP_CIPHER_free(c); + return ret; +} + static int test_invalid_ctx_for_digest(void) { int ret; @@ -5637,6 +5695,9 @@ int setup_tests(void) ADD_TEST(test_aes_rc4_keylen_change_cve_2023_5363); #endif + /* Test case for CVE-2026-45446 */ + ADD_TEST(test_aes_siv_ctx_reuse); + ADD_TEST(test_invalid_ctx_for_digest); ADD_TEST(test_evp_cipher_negative_length); diff --git a/crypto/openssl/test/recipes/80-test_cms.t b/crypto/openssl/test/recipes/80-test_cms.t index b6ee61464409..f573651e26bc 100644 --- a/crypto/openssl/test/recipes/80-test_cms.t +++ b/crypto/openssl/test/recipes/80-test_cms.t @@ -51,7 +51,7 @@ my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib) $no_rc2 = 1 if disabled("legacy"); -plan tests => 23; +plan tests => 24; ok(run(test(["pkcs7_test"])), "test pkcs7"); @@ -1054,6 +1054,16 @@ ok(!run(app(['openssl', 'cms', '-verify', ])), "issue#19643"); +# Check that users get error when using incorrect envelope type for AEAD algorithms +ok(!run(app(['openssl', 'cms', '-decrypt', + '-inform', 'PEM', '-stream', + '-secretkey', '000102030405060708090A0B0C0D0E0F', + '-secretkeyid', 'C0FEE0', + '-in', srctop_file("test/cms-msg", + "enveloped-content-type-for-aes-gcm.pem") + ])), + "Error AES-GCM in enveloped content type"); + # Check that kari encryption with originator does not segfault with({ exit_checker => sub { return shift == 3; } }, sub { diff --git a/crypto/openssl/test/recipes/80-test_cmsapi.t b/crypto/openssl/test/recipes/80-test_cmsapi.t index 8d9371e005c0..3d1dae846464 100644 --- a/crypto/openssl/test/recipes/80-test_cmsapi.t +++ b/crypto/openssl/test/recipes/80-test_cmsapi.t @@ -19,5 +19,6 @@ plan tests => 1; ok(run(test(["cmsapitest", srctop_file("test", "certs", "servercert.pem"), srctop_file("test", "certs", "serverkey.pem"), srctop_file("test", "recipes", "80-test_cmsapi_data", "encryptedData.der"), - srctop_file("test", "recipes", "80-test_cmsapi_data", "encDataWithTooLongIV.pem")])), + srctop_file("test", "recipes", "80-test_cmsapi_data", "encDataWithTooLongIV.pem"), + srctop_file("test", "recipes", "80-test_cmsapi_data", "cms_pwri_kek_oob.der")])), "running cmsapitest"); diff --git a/crypto/openssl/test/recipes/80-test_cmsapi_data/cms_pwri_kek_oob.der b/crypto/openssl/test/recipes/80-test_cmsapi_data/cms_pwri_kek_oob.der new file mode 100644 index 000000000000..c3ef3abd10e6 Binary files /dev/null and b/crypto/openssl/test/recipes/80-test_cmsapi_data/cms_pwri_kek_oob.der differ From nobody Tue Jun 9 19:17:55 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwM6D5Sz6gV6v for ; Tue, 09 Jun 2026 19:17:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdwM2C3pz3MDY for ; Tue, 09 Jun 2026 19:17:55 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032675; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=W2kjtUYkj9f2Kj2uVZl7NSwR6d0I8JiUo+TdlkscwiQ=; b=NeMHZs4wOUzTd2Z7sf9DrYbshCQPxHNgkZDn2Z88RI6pA+cKys99VYloiiWsU4jINrRuBg F3NOV68Rg6hCI9f95pig7amVjjJ4u4/x1DiVaEBoNRDwmdBi02cgxzyZOae3ymHO0ZkMB1 dhZV0LCkeNPPnI8eXVUmVLOSJENXZ8Rg2rhFMUJV+ETfyQ644eh4EVN940TaxdhPtLBUI+ JK1xGLlXJF1rEenrUy8XAWqySl6o/zJUAt/+3zCOO5juOURiIzPNvQPl3axWoaQrMV6ckv VthKI7J7fr/E9AtHpuN3hhqWGCYL+K04qk/LkL+pL1Q3AMv/vOuXkB2Hrha9ag== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032675; a=rsa-sha256; cv=none; b=eENW2MpexyQHkLsCmzfbhe15koWLgmdv4uSEvSokjEKCD9kx+V9pDzCHGAH78azwsW6MK0 Onm0qYNMPgIhgw30SbBQFPpN4wUBNMjPSHzCXHzXEW5nekhaK8djBfgVU3MJQXRrWM+9gx hROQ9SwJNLKyzNrJOVWUKi63CTD7FAcwZpJ0Rva6xlaff5exy6tJBEGsr2EI/99aT0fRB9 /m87iSBV8YpbeychB4bfw0Hvgv8TKhG+glhJrtxoQiQ+oTDnrdHtcPZ8CIkrsazLW5/wMk vH7X6l5B32C0DsSfqSyaNVUb8RZRs0hCwEqRGn9wK1zc95aIzwBN/43gVBGADg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032675; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=W2kjtUYkj9f2Kj2uVZl7NSwR6d0I8JiUo+TdlkscwiQ=; b=LLsQWsPRvivmjz/skpuXyVmz48Bum5c9BB5e6RDbRl4DMXHBiv+Y72F2Oi1deFxjst8vBV 77rrCSExGdA8WsuMS877Fi8Z9P2dkBJ9ozEc9oFCUAEyCwaYZrgqoI6dj4HsBDVtg4aPdB DQxGDCovQx4gsSdqqEkcld8ji0fvhoMyyCRscXnUxB/o9P+uCkzUhy3Au0M3QzJNgHOe0r EmrafwmH0grl+q/tOMi2PIMarsnRat5QSiz8PsTc8Kso9InsPeztn10hv4hHkOzDzvUoAZ iBEGlhvq+eO0+96wwObo2lRfnx875CG/9DuHudc7s5Hr97JfGwxi44y+yMWfmg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdwM1l52znt9 for ; Tue, 09 Jun 2026 19:17:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e3ba by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:17:55 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: 5719a342555b - stable/14 - ldns: Fix query response validation List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 5719a342555bc56b552db27b1852193968b86323 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:17:55 +0000 Message-Id: <6a2866e3.3e3ba.e0dcf93@gitrepo.freebsd.org> The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=5719a342555bc56b552db27b1852193968b86323 commit 5719a342555bc56b552db27b1852193968b86323 Author: Gordon Tetlow AuthorDate: 2026-06-07 15:27:56 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 19:15:22 +0000 ldns: Fix query response validation Approved by: so Security: FreeBSD-SA-26:36.ldns Security: CVE-2026-10846 --- contrib/ldns/error.c | 6 ++++ contrib/ldns/ldns/error.h | 5 ++- contrib/ldns/net.c | 92 +++++++++++++++++++++++++++++++++++++++++++++-- 3 files changed, 100 insertions(+), 3 deletions(-) diff --git a/contrib/ldns/error.c b/contrib/ldns/error.c index 5723aea9b4c2..4fc05d6d0d8f 100644 --- a/contrib/ldns/error.c +++ b/contrib/ldns/error.c @@ -191,6 +191,12 @@ ldns_lookup_table ldns_error_str[] = { "at least 2 bytes of option data" }, { LDNS_STATUS_EQUAL_RR, "An identical RR already existed in the zone" }, + { LDNS_STATUS_ID_DID_NOT_MATCH, + "Response ID did not match the query ID" }, + { LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + "The query section MUST contain exactly one question" }, + { LDNS_STATUS_QUERY_DID_NOT_MATCH, + "The question in the response did not match the query" }, { 0, NULL } }; diff --git a/contrib/ldns/ldns/error.h b/contrib/ldns/ldns/error.h index a76eb2ecab5d..41d64cc0815f 100644 --- a/contrib/ldns/ldns/error.h +++ b/contrib/ldns/ldns/error.h @@ -144,7 +144,10 @@ enum ldns_enum_status { LDNS_STATUS_INVALID_SVCPARAM_VALUE, LDNS_STATUS_NOT_EDE, LDNS_STATUS_EDE_OPTION_MALFORMED, - LDNS_STATUS_EQUAL_RR + LDNS_STATUS_EQUAL_RR, + LDNS_STATUS_ID_DID_NOT_MATCH, + LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + LDNS_STATUS_QUERY_DID_NOT_MATCH }; typedef enum ldns_enum_status ldns_status; diff --git a/contrib/ldns/net.c b/contrib/ldns/net.c index e944d018b357..4c1f405419fb 100644 --- a/contrib/ldns/net.c +++ b/contrib/ldns/net.c @@ -441,6 +441,50 @@ ldns_udp_bgsend2(ldns_buffer *qbin, return ldns_udp_bgsend_from(qbin, to, tolen, NULL, 0, timeout); } +/** helper sockaddr compare function. returns -1, 0 or 1. */ +static int +ldns_sockaddr_cmp(const struct sockaddr_storage* addr1, socklen_t len1, + const struct sockaddr_storage* addr2, socklen_t len2) +{ + struct sockaddr_in* p1_in = (struct sockaddr_in*)addr1; + struct sockaddr_in* p2_in = (struct sockaddr_in*)addr2; + struct sockaddr_in6* p1_in6 = (struct sockaddr_in6*)addr1; + struct sockaddr_in6* p2_in6 = (struct sockaddr_in6*)addr2; + if(len1 < len2) + return -1; + if(len1 > len2) + return 1; + assert(len1 == len2); + if( p1_in->sin_family < p2_in->sin_family) + return -1; + if( p1_in->sin_family > p2_in->sin_family) + return 1; + assert( p1_in->sin_family == p2_in->sin_family ); + /* compare ip4 */ + if( p1_in->sin_family == AF_INET ) { + /* just order it, ntohs not required */ + if(p1_in->sin_port < p2_in->sin_port) + return -1; + if(p1_in->sin_port > p2_in->sin_port) + return 1; + assert(p1_in->sin_port == p2_in->sin_port); + return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, + sizeof(p1_in->sin_addr)); + } else if (p1_in6->sin6_family == AF_INET6) { + /* just order it, ntohs not required */ + if(p1_in6->sin6_port < p2_in6->sin6_port) + return -1; + if(p1_in6->sin6_port > p2_in6->sin6_port) + return 1; + assert(p1_in6->sin6_port == p2_in6->sin6_port); + return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr, + sizeof(p1_in6->sin6_addr)); + } else { + /* eek unknown type, perform this comparison for sanity. */ + return memcmp(addr1, addr2, len1); + } +} + static ldns_status ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to , socklen_t tolen, @@ -449,6 +493,8 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, { int sockfd; uint8_t *answer; + struct sockaddr_storage reply_addr; + socklen_t reply_addr_len; sockfd = ldns_udp_bgsend_from(qbin, to, tolen, from, fromlen, timeout); @@ -467,13 +513,21 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, * but returns a 'NETWORK_ERROR' much like a timeout. */ ldns_sock_nonblock(sockfd); - answer = ldns_udp_read_wire(sockfd, answer_size, NULL, NULL); + reply_addr_len = sizeof(reply_addr); + memset(&reply_addr, 0, reply_addr_len); + answer = ldns_udp_read_wire(sockfd, answer_size, &reply_addr, + &reply_addr_len); close_socket(sockfd); if (!answer) { /* oops */ return LDNS_STATUS_NETWORK_ERR; } + /* Check that the reply came from the to addr. */ + if(ldns_sockaddr_cmp(to, tolen, &reply_addr, reply_addr_len) != 0) { + free(answer); + return LDNS_STATUS_NETWORK_ERR; + } *result = answer; return LDNS_STATUS_OK; @@ -512,6 +566,10 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf assert(r != NULL); + /* The query should at least have one question */ + if(ldns_buffer_limit(qb) < 6 || ldns_buffer_read_u16_at(qb, 4) != 1) + return LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + status = LDNS_STATUS_OK; rtt = ldns_resolver_rtt(r); ns_array = ldns_resolver_nameservers(r); @@ -599,6 +657,16 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf ldns_resolver_set_nameserver_rtt(r, i, LDNS_RESOLV_RTT_INF); status = send_status; } + if(reply_bytes && ldns_buffer_limit(qb) >= 2) { + uint16_t txid = ldns_buffer_read_u16_at(qb, 0); + if(reply_size < 2 || + ldns_read_uint16(reply_bytes) != txid) { + status = LDNS_STATUS_ID_DID_NOT_MATCH; + LDNS_FREE(reply_bytes); + reply_bytes = NULL; + reply_size = 0; + } + } /* obey the fail directive */ if (!reply_bytes) { @@ -608,7 +676,7 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf LDNS_FREE(src); } LDNS_FREE(ns); - return LDNS_STATUS_ERR; + return status ? status : LDNS_STATUS_ERR; } else { LDNS_FREE(ns); continue; @@ -670,6 +738,26 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf #endif /* HAVE_SSL */ LDNS_FREE(reply_bytes); + if (reply) { + ldns_pkt *query = NULL; + + if(ldns_pkt_qdcount(reply) != 1) { + status = LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + ldns_pkt_free(reply); + reply = NULL; + + } else if(ldns_wire2pkt(&query + , ldns_buffer_begin(qb) + , ldns_buffer_position(qb)) != LDNS_STATUS_OK + || ldns_pkt_qdcount(query) != 1 + || ldns_rr_compare(ldns_rr_list_rr(ldns_pkt_question(query),0) + ,ldns_rr_list_rr(ldns_pkt_question(reply),0))){ + status = LDNS_STATUS_QUERY_DID_NOT_MATCH; + ldns_pkt_free(reply); + reply = NULL; + } + ldns_pkt_free(query); + } if (result) { *result = reply; } From nobody Tue Jun 9 19:18:25 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdx52hf6z6gTyy for ; Tue, 09 Jun 2026 19:18:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdx51Dfpz3NFw for ; Tue, 09 Jun 2026 19:18:33 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032713; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=PaFrZJevbkljy+ln7F2aN2JKm7t4ITiTZqMZ59+34iA=; b=HDo4zO59WVy4G8miwT/017WH5rvu5Qj3gTvJ64wgt9hcTquR4JhumyB7hiLMKMw8CVsFJA VimVJGMVT2KWIRSMr+ZVUCI47jZzEMIQRyzUSh1Tsa8sJjdsNHRwJXgUELm2sPtnzkzU+E DwIrR8LtFKkAB4YpHz7Y2NY1axrCSdjkJDU0qvbjIe68Kk746h5MfDkvBQSzbx/4hJikI6 HqDQ8ihyi56Fh3bBfPMn6Yv2YJkXG2euSLcU7tLd/dSOONdq7K+e902kyTaD6RUuZvb9xu d152GBfVyoB/W/q8QVOPNa4MUzI1ZM8/m0lUor7FYJkcKAEmF40Dizh7uaIC5A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032713; a=rsa-sha256; cv=none; b=CgfKmzhyo/uzyzJEPPCT0JQbz0KCqh3ZvQouFo5UCJfSV0Uwx7xkoEQl6TXkSJCyhafcUh U/zAnfOjDwGNpabhiO8LQ084RNoYNKF930uRGhdbacXywtQOdaRzBTPakSlshDRE6VvGnr j+iXTwVxkNbBvraXXdGBoB85rI6fkC654lHDswntvUziqPpLqskekjngZS1N1+0thn7y1d U5XoMUbwI/xY+TdE279liQSvLLDCGHynAsx2w7GLqu6InoHOmcheHBuhj7Q+CRLrixC7mO qjWp8dFioa6mwNE1y+aWqYW2B87C0YHVKcpmlDvDXDh9/ruoQPBDwiQ9nGTd7w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032713; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=PaFrZJevbkljy+ln7F2aN2JKm7t4ITiTZqMZ59+34iA=; b=HHd//dVK+IM4H3CfSLLVABZ8kzarpQJNHcsulxn48frdKLW+nPnywUZ8GC0P3ebEIqjxNI 6vV5/S2wkvq/H+dpBeosIIULKAdVVo4RvkxmuMGY+/R8pg2F6Wj4cYv+zx9f5LTOZtGPUr Rs0PuUQQ5tK50HUFW2z5rftwfXMd29U5mv1O9A3iwMESa3xbhJwrqz4jORDgEIBvkXhDuI ThuaUvaiYajI2sCyXoDFkJH1QU9cN54k1Oa4JsiCtzInfmELgyIfzD73BQ+iEbM+RQVWdV QKd/uU4uvcC7rqtNMCIEUYaIfqlh5XVCXr4eymDroSefdiNgYGQU6mUw5wmFPw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdx50WnJznrP for ; Tue, 09 Jun 2026 19:18:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e986 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:25 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Enji Cooper From: Mark Johnston Subject: git: d95a8c20f3bc - releng/14.3 - crypto/openssl: Update to 3.0.20 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: d95a8c20f3bccf1cebfef97328aebd8108c0ae8b Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:25 +0000 Message-Id: <6a286701.3e986.40b6f61b@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=d95a8c20f3bccf1cebfef97328aebd8108c0ae8b commit d95a8c20f3bccf1cebfef97328aebd8108c0ae8b Author: Enji Cooper AuthorDate: 2025-05-28 02:34:44 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 15:53:08 +0000 crypto/openssl: Update to 3.0.20 This particular change contains all functional and security fixes made between 3.0.16 and 3.0.20. OSSL_HTTP_get(): Reset redirection_url in each iteration (cherry picked from commit 4b286fc6d5f1762a17180ab86b5cf7debf78d020) crypto/openssl: make vendor imports easier/less error prone (cherry picked from commit d03be8cf3346dae1e438ded3aae4453045b77486) crypto/openssl: apply polish to new vendor import process (cherry picked from commit 79f62601c73d875123b9c800e688f3c4b70e0b73) crypto/openssl: fix importing new versions from pristine trees (cherry picked from commit 026e3d12ba24188fbe84207e55195defb31bf81a) crypto/openssl: remove autogenerated files (cherry picked from commit 913d1916e3e265098fdd87d9b9f6c12a930c71bc) OpenSSL: update build artifacts to match 3.0.16 release (cherry picked from commit aed5a47b3a8a105f1452554a176a7d6c0a750854) OpenSSL: install .pc files from the exporters subdir (cherry picked from commit 9a64f277bf5b422d1ebb3d960f8f6a5920dc3131) crypto/openssl: update from 3.0.16 to 3.0.20 (cherry picked from commit 27ac9d336f715b4ce91bf447f73d5c3621d099ce) Approved by: so Security: FreeBSD-EN-26:15.openssl Security: CVE-2026-2673 Security: CVE-2026-28387 Security: CVE-2026-28388 Security: CVE-2026-28389 Security: CVE-2026-31789 Security: CVE-2026-31790 --- crypto/.gitignore | 78 + crypto/openssl/ACKNOWLEDGEMENTS.md | 4 +- crypto/openssl/BSDmakefile | 101 + crypto/openssl/CHANGES.md | 781 +- crypto/openssl/Configurations/10-main.conf | 3 +- crypto/openssl/Configurations/50-nonstop.conf | 2 + crypto/openssl/Configurations/unix-Makefile.tmpl | 17 +- .../openssl/Configurations/windows-makefile.tmpl | 5 +- crypto/openssl/Configure | 7 +- crypto/openssl/INSTALL.md | 4 +- crypto/openssl/NEWS.md | 460 +- crypto/openssl/NOTES-WINDOWS.md | 5 + crypto/openssl/README-ENGINES.md | 2 +- crypto/openssl/README.md | 9 +- crypto/openssl/VERSION.dat | 4 +- crypto/openssl/apps/CA.pl | 383 + crypto/openssl/apps/CA.pl.in | 260 +- crypto/openssl/apps/asn1parse.c | 72 +- crypto/openssl/apps/ca.c | 742 +- crypto/openssl/apps/ciphers.c | 55 +- crypto/openssl/apps/cmp.c | 1163 +- crypto/openssl/apps/cms.c | 491 +- crypto/openssl/apps/crl.c | 124 +- crypto/openssl/apps/crl2pkcs7.c | 36 +- crypto/openssl/apps/dgst.c | 141 +- crypto/openssl/apps/dhparam.c | 152 +- crypto/openssl/apps/dsa.c | 78 +- crypto/openssl/apps/dsaparam.c | 64 +- crypto/openssl/apps/ec.c | 78 +- crypto/openssl/apps/ecparam.c | 127 +- crypto/openssl/apps/enc.c | 180 +- crypto/openssl/apps/engine.c | 112 +- crypto/openssl/apps/errstr.c | 17 +- crypto/openssl/apps/fipsinstall.c | 192 +- crypto/openssl/apps/gendsa.c | 39 +- crypto/openssl/apps/genpkey.c | 67 +- crypto/openssl/apps/genrsa.c | 57 +- crypto/openssl/apps/include/app_libctx.h | 4 +- crypto/openssl/apps/include/app_params.h | 1 - crypto/openssl/apps/include/apps.h | 262 +- crypto/openssl/apps/include/apps_ui.h | 5 +- crypto/openssl/apps/include/cmp_mock_srv.h | 18 +- crypto/openssl/apps/include/engine_loader.h | 8 +- crypto/openssl/apps/include/fmt.h | 32 +- crypto/openssl/apps/include/function.h | 17 +- crypto/openssl/apps/include/http_server.h | 86 +- crypto/openssl/apps/include/names.h | 2 +- crypto/openssl/apps/include/opt.h | 544 +- crypto/openssl/apps/include/platform.h | 12 +- crypto/openssl/apps/include/s_apps.h | 56 +- crypto/openssl/apps/include/vms_term_sock.h | 12 +- crypto/openssl/apps/info.c | 36 +- crypto/openssl/apps/kdf.c | 45 +- crypto/openssl/apps/lib/app_libctx.c | 3 +- crypto/openssl/apps/lib/app_params.c | 7 +- crypto/openssl/apps/lib/app_provider.c | 5 +- crypto/openssl/apps/lib/app_rand.c | 7 +- crypto/openssl/apps/lib/app_x509.c | 54 +- crypto/openssl/apps/lib/apps.c | 825 +- crypto/openssl/apps/lib/apps_ui.c | 39 +- crypto/openssl/apps/lib/cmp_mock_srv.c | 121 +- crypto/openssl/apps/lib/columns.c | 1 - crypto/openssl/apps/lib/engine.c | 15 +- crypto/openssl/apps/lib/engine_loader.c | 38 +- crypto/openssl/apps/lib/http_server.c | 126 +- crypto/openssl/apps/lib/names.c | 2 +- crypto/openssl/apps/lib/opt.c | 271 +- crypto/openssl/apps/lib/s_cb.c | 625 +- crypto/openssl/apps/lib/s_socket.c | 119 +- crypto/openssl/apps/lib/tlssrp_depr.c | 47 +- crypto/openssl/apps/lib/vms_decc_argv.c | 2 +- crypto/openssl/apps/lib/vms_term_sock.c | 517 +- crypto/openssl/apps/lib/win32_init.c | 31 +- crypto/openssl/apps/list.c | 484 +- crypto/openssl/apps/mac.c | 42 +- crypto/openssl/apps/nseq.c | 22 +- crypto/openssl/apps/ocsp.c | 487 +- crypto/openssl/apps/openssl.c | 58 +- crypto/openssl/apps/passwd.c | 253 +- crypto/openssl/apps/pkcs12.c | 342 +- crypto/openssl/apps/pkcs7.c | 39 +- crypto/openssl/apps/pkcs8.c | 88 +- crypto/openssl/apps/pkey.c | 100 +- crypto/openssl/apps/pkeyparam.c | 32 +- crypto/openssl/apps/pkeyutl.c | 244 +- crypto/openssl/apps/prime.c | 39 +- crypto/openssl/apps/progs.c | 2 +- crypto/openssl/apps/progs.h | 2 +- crypto/openssl/apps/progs.pl | 11 +- crypto/openssl/apps/rand.c | 28 +- crypto/openssl/apps/rehash.c | 169 +- crypto/openssl/apps/req.c | 450 +- crypto/openssl/apps/rsa.c | 103 +- crypto/openssl/apps/rsautl.c | 91 +- crypto/openssl/apps/s_client.c | 1742 +- crypto/openssl/apps/s_server.c | 929 +- crypto/openssl/apps/s_time.c | 164 +- crypto/openssl/apps/sess_id.c | 42 +- crypto/openssl/apps/smime.c | 208 +- crypto/openssl/apps/speed.c | 1256 +- crypto/openssl/apps/spkac.c | 56 +- crypto/openssl/apps/srp.c | 196 +- crypto/openssl/apps/storeutl.c | 181 +- crypto/openssl/apps/testdsa.h | 1490 +- crypto/openssl/apps/testrsa.h | 4912 +++- crypto/openssl/apps/timeouts.h | 8 +- crypto/openssl/apps/ts.c | 269 +- crypto/openssl/apps/verify.c | 137 +- crypto/openssl/apps/version.c | 53 +- crypto/openssl/apps/vms_decc_init.c | 73 +- crypto/openssl/apps/x509.c | 389 +- crypto/openssl/configdata.pm.in | 4 +- crypto/openssl/crypto/LPdir_nyi.c | 2 +- crypto/openssl/crypto/LPdir_unix.c | 23 +- crypto/openssl/crypto/LPdir_vms.c | 24 +- crypto/openssl/crypto/LPdir_win.c | 35 +- crypto/openssl/crypto/LPdir_win32.c | 2 + crypto/openssl/crypto/LPdir_wince.c | 2 + crypto/openssl/crypto/aes/aes_cbc.c | 8 +- crypto/openssl/crypto/aes/aes_cfb.c | 18 +- crypto/openssl/crypto/aes/aes_core.c | 3589 ++- crypto/openssl/crypto/aes/aes_ecb.c | 2 +- crypto/openssl/crypto/aes/aes_ige.c | 56 +- crypto/openssl/crypto/aes/aes_local.h | 51 +- crypto/openssl/crypto/aes/aes_misc.c | 6 +- crypto/openssl/crypto/aes/aes_ofb.c | 6 +- crypto/openssl/crypto/aes/aes_wrap.c | 12 +- crypto/openssl/crypto/aes/aes_x86core.c | 594 +- crypto/openssl/crypto/aes/asm/aes-s390x.pl | 5 +- crypto/openssl/crypto/aes/asm/aesv8-armx.pl | 8 +- crypto/openssl/crypto/aria/aria.c | 337 +- crypto/openssl/crypto/arm_arch.h | 165 +- crypto/openssl/crypto/armcap.c | 154 +- crypto/openssl/crypto/asn1/a_bitstr.c | 12 +- crypto/openssl/crypto/asn1/a_d2i_fp.c | 40 +- crypto/openssl/crypto/asn1/a_digest.c | 9 +- crypto/openssl/crypto/asn1/a_dup.c | 6 +- crypto/openssl/crypto/asn1/a_gentm.c | 8 +- crypto/openssl/crypto/asn1/a_i2d_fp.c | 4 +- crypto/openssl/crypto/asn1/a_int.c | 33 +- crypto/openssl/crypto/asn1/a_mbstr.c | 58 +- crypto/openssl/crypto/asn1/a_object.c | 32 +- crypto/openssl/crypto/asn1/a_octet.c | 4 +- crypto/openssl/crypto/asn1/a_print.c | 3 +- crypto/openssl/crypto/asn1/a_sign.c | 43 +- crypto/openssl/crypto/asn1/a_strex.c | 91 +- crypto/openssl/crypto/asn1/a_strnid.c | 16 +- crypto/openssl/crypto/asn1/a_time.c | 53 +- crypto/openssl/crypto/asn1/a_type.c | 12 +- crypto/openssl/crypto/asn1/a_utctm.c | 2 +- crypto/openssl/crypto/asn1/a_utf8.c | 4 +- crypto/openssl/crypto/asn1/a_verify.c | 27 +- crypto/openssl/crypto/asn1/ameth_lib.c | 172 +- crypto/openssl/crypto/asn1/asn1_err.c | 366 +- crypto/openssl/crypto/asn1/asn1_gen.c | 103 +- crypto/openssl/crypto/asn1/asn1_item_list.h | 4 +- crypto/openssl/crypto/asn1/asn1_lib.c | 12 +- crypto/openssl/crypto/asn1/asn1_local.h | 28 +- crypto/openssl/crypto/asn1/asn1_parse.c | 74 +- crypto/openssl/crypto/asn1/asn_mime.c | 123 +- crypto/openssl/crypto/asn1/asn_mstbl.c | 12 +- crypto/openssl/crypto/asn1/asn_pack.c | 4 +- crypto/openssl/crypto/asn1/bio_asn1.c | 44 +- crypto/openssl/crypto/asn1/bio_ndef.c | 17 +- crypto/openssl/crypto/asn1/d2i_param.c | 2 +- crypto/openssl/crypto/asn1/d2i_pr.c | 41 +- crypto/openssl/crypto/asn1/d2i_pu.c | 4 +- crypto/openssl/crypto/asn1/evp_asn1.c | 26 +- crypto/openssl/crypto/asn1/f_int.c | 7 +- crypto/openssl/crypto/asn1/f_string.c | 4 +- crypto/openssl/crypto/asn1/i2d_evp.c | 34 +- crypto/openssl/crypto/asn1/n_pkey.c | 23 +- crypto/openssl/crypto/asn1/nsseq.c | 6 +- crypto/openssl/crypto/asn1/p5_pbe.c | 19 +- crypto/openssl/crypto/asn1/p5_pbev2.c | 55 +- crypto/openssl/crypto/asn1/p5_scrypt.c | 67 +- crypto/openssl/crypto/asn1/p8_pkey.c | 22 +- crypto/openssl/crypto/asn1/standard_methods.h | 1 - crypto/openssl/crypto/asn1/t_bitst.c | 4 +- crypto/openssl/crypto/asn1/t_pkey.c | 19 +- crypto/openssl/crypto/asn1/t_spki.c | 6 +- crypto/openssl/crypto/asn1/tasn_dec.c | 227 +- crypto/openssl/crypto/asn1/tasn_enc.c | 56 +- crypto/openssl/crypto/asn1/tasn_new.c | 30 +- crypto/openssl/crypto/asn1/tasn_prn.c | 92 +- crypto/openssl/crypto/asn1/tasn_scn.c | 2 +- crypto/openssl/crypto/asn1/tasn_typ.c | 26 +- crypto/openssl/crypto/asn1/tasn_utl.c | 22 +- crypto/openssl/crypto/asn1/tbl_standard.h | 85 +- crypto/openssl/crypto/asn1/x_algor.c | 21 +- crypto/openssl/crypto/asn1/x_bignum.c | 29 +- crypto/openssl/crypto/asn1/x_int64.c | 87 +- crypto/openssl/crypto/asn1/x_long.c | 25 +- crypto/openssl/crypto/asn1/x_sig.c | 8 +- crypto/openssl/crypto/asn1/x_spki.c | 10 +- crypto/openssl/crypto/asn1/x_val.c | 4 +- crypto/openssl/crypto/asn1_dsa.c | 61 +- crypto/openssl/crypto/async/arch/async_null.c | 1 - crypto/openssl/crypto/async/arch/async_null.h | 13 +- crypto/openssl/crypto/async/arch/async_posix.c | 6 +- crypto/openssl/crypto/async/arch/async_posix.h | 51 +- crypto/openssl/crypto/async/arch/async_win.c | 10 +- crypto/openssl/crypto/async/arch/async_win.h | 30 +- crypto/openssl/crypto/async/async.c | 29 +- crypto/openssl/crypto/async/async_err.c | 16 +- crypto/openssl/crypto/async/async_local.h | 9 +- crypto/openssl/crypto/async/async_wait.c | 48 +- crypto/openssl/crypto/bf/bf_cfb64.c | 8 +- crypto/openssl/crypto/bf/bf_ecb.c | 2 +- crypto/openssl/crypto/bf/bf_enc.c | 12 +- crypto/openssl/crypto/bf/bf_local.h | 134 +- crypto/openssl/crypto/bf/bf_ofb64.c | 8 +- crypto/openssl/crypto/bf/bf_pi.h | 1548 +- crypto/openssl/crypto/bio/bf_buff.c | 23 +- crypto/openssl/crypto/bio/bf_lbuf.c | 20 +- crypto/openssl/crypto/bio/bf_prefix.c | 14 +- crypto/openssl/crypto/bio/bf_readbuff.c | 64 +- crypto/openssl/crypto/bio/bio_addr.c | 162 +- crypto/openssl/crypto/bio/bio_cb.c | 22 +- crypto/openssl/crypto/bio/bio_dump.c | 26 +- crypto/openssl/crypto/bio/bio_err.c | 114 +- crypto/openssl/crypto/bio/bio_lib.c | 46 +- crypto/openssl/crypto/bio/bio_local.h | 153 +- crypto/openssl/crypto/bio/bio_meth.c | 46 +- crypto/openssl/crypto/bio/bio_print.c | 173 +- crypto/openssl/crypto/bio/bio_sock.c | 213 +- crypto/openssl/crypto/bio/bio_sock2.c | 87 +- crypto/openssl/crypto/bio/bss_acpt.c | 140 +- crypto/openssl/crypto/bio/bss_bio.c | 68 +- crypto/openssl/crypto/bio/bss_conn.c | 192 +- crypto/openssl/crypto/bio/bss_core.c | 8 +- crypto/openssl/crypto/bio/bss_dgram.c | 833 +- crypto/openssl/crypto/bio/bss_fd.c | 46 +- crypto/openssl/crypto/bio/bss_file.c | 88 +- crypto/openssl/crypto/bio/bss_log.c | 206 +- crypto/openssl/crypto/bio/bss_mem.c | 14 +- crypto/openssl/crypto/bio/bss_null.c | 2 +- crypto/openssl/crypto/bio/bss_sock.c | 101 +- crypto/openssl/crypto/bio/ossl_core_bio.c | 4 +- crypto/openssl/crypto/bn/asm/armv4-gf2m.pl | 4 +- crypto/openssl/crypto/bn/asm/rsaz-avx512.pl | 4 +- crypto/openssl/crypto/bn/asm/sparcv9-mont.pl | 4 +- crypto/openssl/crypto/bn/asm/x86_64-gcc.c | 306 +- crypto/openssl/crypto/bn/bn_add.c | 3 +- crypto/openssl/crypto/bn/bn_asm.c | 457 +- crypto/openssl/crypto/bn/bn_blind.c | 35 +- crypto/openssl/crypto/bn/bn_const.c | 253 +- crypto/openssl/crypto/bn/bn_conv.c | 14 +- crypto/openssl/crypto/bn/bn_ctx.c | 37 +- crypto/openssl/crypto/bn/bn_depr.c | 16 +- crypto/openssl/crypto/bn/bn_dh.c | 1135 +- crypto/openssl/crypto/bn/bn_div.c | 160 +- crypto/openssl/crypto/bn/bn_err.c | 54 +- crypto/openssl/crypto/bn/bn_exp.c | 344 +- crypto/openssl/crypto/bn/bn_exp2.c | 29 +- crypto/openssl/crypto/bn/bn_gcd.c | 35 +- crypto/openssl/crypto/bn/bn_gf2m.c | 158 +- crypto/openssl/crypto/bn/bn_intern.c | 14 +- crypto/openssl/crypto/bn/bn_kron.c | 6 +- crypto/openssl/crypto/bn/bn_lib.c | 74 +- crypto/openssl/crypto/bn/bn_local.h | 820 +- crypto/openssl/crypto/bn/bn_mod.c | 20 +- crypto/openssl/crypto/bn/bn_mont.c | 69 +- crypto/openssl/crypto/bn/bn_mpi.c | 3 +- crypto/openssl/crypto/bn/bn_mul.c | 69 +- crypto/openssl/crypto/bn/bn_nist.c | 432 +- crypto/openssl/crypto/bn/bn_ppc.c | 8 +- crypto/openssl/crypto/bn/bn_prime.c | 70 +- crypto/openssl/crypto/bn/bn_print.c | 6 +- crypto/openssl/crypto/bn/bn_rand.c | 78 +- crypto/openssl/crypto/bn/bn_recp.c | 12 +- crypto/openssl/crypto/bn/bn_rsa_fips186_4.c | 45 +- crypto/openssl/crypto/bn/bn_shift.c | 8 +- crypto/openssl/crypto/bn/bn_sparc.c | 65 +- crypto/openssl/crypto/bn/bn_sqr.c | 16 +- crypto/openssl/crypto/bn/bn_sqrt.c | 13 +- crypto/openssl/crypto/bn/bn_srp.c | 26 +- crypto/openssl/crypto/bn/bn_word.c | 3 +- crypto/openssl/crypto/bn/bn_x931p.c | 25 +- crypto/openssl/crypto/bn/rsaz_exp.c | 40 +- crypto/openssl/crypto/bn/rsaz_exp.h | 67 +- crypto/openssl/crypto/bn/rsaz_exp_x2.c | 182 +- crypto/openssl/crypto/bsearch.c | 12 +- crypto/openssl/crypto/buffer/buf_err.c | 2 +- crypto/openssl/crypto/camellia/camellia.c | 426 +- crypto/openssl/crypto/camellia/cmll_cbc.c | 8 +- crypto/openssl/crypto/camellia/cmll_cfb.c | 18 +- crypto/openssl/crypto/camellia/cmll_ctr.c | 10 +- crypto/openssl/crypto/camellia/cmll_ecb.c | 2 +- crypto/openssl/crypto/camellia/cmll_local.h | 18 +- crypto/openssl/crypto/camellia/cmll_misc.c | 6 +- crypto/openssl/crypto/camellia/cmll_ofb.c | 6 +- crypto/openssl/crypto/cast/c_cfb64.c | 8 +- crypto/openssl/crypto/cast/c_ecb.c | 2 +- crypto/openssl/crypto/cast/c_enc.c | 4 +- crypto/openssl/crypto/cast/c_ofb64.c | 8 +- crypto/openssl/crypto/cast/c_skey.c | 15 +- crypto/openssl/crypto/cast/cast_local.h | 321 +- crypto/openssl/crypto/cast/cast_s.h | 2560 +- crypto/openssl/crypto/chacha/chacha_enc.c | 45 +- crypto/openssl/crypto/chacha/chacha_ppc.c | 24 +- crypto/openssl/crypto/cmac/cmac.c | 3 +- crypto/openssl/crypto/cmp/cmp_asn.c | 189 +- crypto/openssl/crypto/cmp/cmp_client.c | 207 +- crypto/openssl/crypto/cmp/cmp_ctx.c | 208 +- crypto/openssl/crypto/cmp/cmp_err.c | 302 +- crypto/openssl/crypto/cmp/cmp_hdr.c | 50 +- crypto/openssl/crypto/cmp/cmp_http.c | 36 +- crypto/openssl/crypto/cmp/cmp_local.h | 212 +- crypto/openssl/crypto/cmp/cmp_msg.c | 275 +- crypto/openssl/crypto/cmp/cmp_protect.c | 48 +- crypto/openssl/crypto/cmp/cmp_server.c | 128 +- crypto/openssl/crypto/cmp/cmp_status.c | 59 +- crypto/openssl/crypto/cmp/cmp_util.c | 76 +- crypto/openssl/crypto/cmp/cmp_vfy.c | 200 +- crypto/openssl/crypto/cms/cms_asn1.c | 301 +- crypto/openssl/crypto/cms/cms_att.c | 88 +- crypto/openssl/crypto/cms/cms_cd.c | 8 +- crypto/openssl/crypto/cms/cms_dd.c | 13 +- crypto/openssl/crypto/cms/cms_dh.c | 43 +- crypto/openssl/crypto/cms/cms_ec.c | 42 +- crypto/openssl/crypto/cms/cms_enc.c | 32 +- crypto/openssl/crypto/cms/cms_env.c | 192 +- crypto/openssl/crypto/cms/cms_err.c | 304 +- crypto/openssl/crypto/cms/cms_ess.c | 59 +- crypto/openssl/crypto/cms/cms_io.c | 30 +- crypto/openssl/crypto/cms/cms_kari.c | 110 +- crypto/openssl/crypto/cms/cms_lib.c | 41 +- crypto/openssl/crypto/cms/cms_local.h | 86 +- crypto/openssl/crypto/cms/cms_pwri.c | 66 +- crypto/openssl/crypto/cms/cms_rsa.c | 43 +- crypto/openssl/crypto/cms/cms_sd.c | 152 +- crypto/openssl/crypto/cms/cms_smime.c | 143 +- crypto/openssl/crypto/comp/c_zlib.c | 174 +- crypto/openssl/crypto/comp/comp_err.c | 22 +- crypto/openssl/crypto/comp/comp_lib.c | 6 +- crypto/openssl/crypto/comp/comp_local.h | 22 +- crypto/openssl/crypto/conf/conf_api.c | 6 +- crypto/openssl/crypto/conf/conf_def.c | 78 +- crypto/openssl/crypto/conf/conf_err.c | 90 +- crypto/openssl/crypto/conf/conf_lib.c | 27 +- crypto/openssl/crypto/conf/conf_mod.c | 67 +- crypto/openssl/crypto/conf/conf_sap.c | 6 +- crypto/openssl/crypto/conf/conf_ssl.c | 13 +- crypto/openssl/crypto/context.c | 38 +- crypto/openssl/crypto/core_algorithm.c | 52 +- crypto/openssl/crypto/core_fetch.c | 34 +- crypto/openssl/crypto/core_namemap.c | 75 +- crypto/openssl/crypto/cpt_err.c | 82 +- crypto/openssl/crypto/cpuid.c | 41 +- crypto/openssl/crypto/crmf/crmf_asn.c | 81 +- crypto/openssl/crypto/crmf/crmf_err.c | 88 +- crypto/openssl/crypto/crmf/crmf_lib.c | 236 +- crypto/openssl/crypto/crmf/crmf_local.h | 25 +- crypto/openssl/crypto/crmf/crmf_pbm.c | 29 +- crypto/openssl/crypto/cryptlib.c | 112 +- crypto/openssl/crypto/ct/ct_b64.c | 16 +- crypto/openssl/crypto/ct/ct_err.c | 62 +- crypto/openssl/crypto/ct/ct_local.h | 97 +- crypto/openssl/crypto/ct/ct_log.c | 27 +- crypto/openssl/crypto/ct/ct_oct.c | 22 +- crypto/openssl/crypto/ct/ct_policy.c | 13 +- crypto/openssl/crypto/ct/ct_prn.c | 16 +- crypto/openssl/crypto/ct/ct_sct.c | 11 +- crypto/openssl/crypto/ct/ct_sct_ctx.c | 13 +- crypto/openssl/crypto/ct/ct_vfy.c | 9 +- crypto/openssl/crypto/ct/ct_x509v3.c | 62 +- crypto/openssl/crypto/ctype.c | 414 +- crypto/openssl/crypto/der_writer.c | 23 +- crypto/openssl/crypto/des/cbc_cksm.c | 4 +- crypto/openssl/crypto/des/cbc_enc.c | 2 + crypto/openssl/crypto/des/cfb64ede.c | 16 +- crypto/openssl/crypto/des/cfb64enc.c | 8 +- crypto/openssl/crypto/des/cfb_enc.c | 13 +- crypto/openssl/crypto/des/des_enc.c | 144 +- crypto/openssl/crypto/des/des_local.h | 381 +- crypto/openssl/crypto/des/ecb3_enc.c | 4 +- crypto/openssl/crypto/des/ecb_enc.c | 3 +- crypto/openssl/crypto/des/fcrypt.c | 154 +- crypto/openssl/crypto/des/fcrypt_b.c | 52 +- crypto/openssl/crypto/des/ncbc_enc.c | 6 +- crypto/openssl/crypto/des/ofb64ede.c | 10 +- crypto/openssl/crypto/des/ofb64enc.c | 8 +- crypto/openssl/crypto/des/ofb_enc.c | 8 +- crypto/openssl/crypto/des/pcbc_enc.c | 4 +- crypto/openssl/crypto/des/qud_cksm.c | 22 +- crypto/openssl/crypto/des/set_key.c | 725 +- crypto/openssl/crypto/des/spr.h | 640 +- crypto/openssl/crypto/des/xcbc_enc.c | 6 +- crypto/openssl/crypto/dh/dh_ameth.c | 48 +- crypto/openssl/crypto/dh/dh_asn1.c | 38 +- crypto/openssl/crypto/dh/dh_backend.c | 21 +- crypto/openssl/crypto/dh/dh_check.c | 8 +- crypto/openssl/crypto/dh/dh_depr.c | 2 +- crypto/openssl/crypto/dh/dh_err.c | 92 +- crypto/openssl/crypto/dh/dh_gen.c | 18 +- crypto/openssl/crypto/dh/dh_group_params.c | 5 +- crypto/openssl/crypto/dh/dh_kdf.c | 26 +- crypto/openssl/crypto/dh/dh_key.c | 59 +- crypto/openssl/crypto/dh/dh_lib.c | 16 +- crypto/openssl/crypto/dh/dh_local.h | 24 +- crypto/openssl/crypto/dh/dh_meth.c | 28 +- crypto/openssl/crypto/dh/dh_pmeth.c | 53 +- crypto/openssl/crypto/dh/dh_rfc5114.c | 34 +- crypto/openssl/crypto/dllmain.c | 7 +- crypto/openssl/crypto/dsa/dsa_ameth.c | 157 +- crypto/openssl/crypto/dsa/dsa_asn1.c | 30 +- crypto/openssl/crypto/dsa/dsa_backend.c | 24 +- crypto/openssl/crypto/dsa/dsa_check.c | 8 +- crypto/openssl/crypto/dsa/dsa_depr.c | 10 +- crypto/openssl/crypto/dsa/dsa_err.c | 50 +- crypto/openssl/crypto/dsa/dsa_gen.c | 24 +- crypto/openssl/crypto/dsa/dsa_key.c | 18 +- crypto/openssl/crypto/dsa/dsa_lib.c | 19 +- crypto/openssl/crypto/dsa/dsa_local.h | 38 +- crypto/openssl/crypto/dsa/dsa_meth.c | 52 +- crypto/openssl/crypto/dsa/dsa_ossl.c | 70 +- crypto/openssl/crypto/dsa/dsa_pmeth.c | 39 +- crypto/openssl/crypto/dsa/dsa_sign.c | 14 +- crypto/openssl/crypto/dsa/dsa_vrf.c | 2 +- crypto/openssl/crypto/dso/dso_dl.c | 59 +- crypto/openssl/crypto/dso/dso_dlfcn.c | 132 +- crypto/openssl/crypto/dso/dso_err.c | 56 +- crypto/openssl/crypto/dso/dso_lib.c | 8 +- crypto/openssl/crypto/dso/dso_local.h | 16 +- crypto/openssl/crypto/dso/dso_vms.c | 162 +- crypto/openssl/crypto/dso/dso_win32.c | 160 +- crypto/openssl/crypto/ebcdic.c | 110 +- crypto/openssl/crypto/ec/curve25519.c | 5131 ++-- .../crypto/ec/curve448/arch_32/arch_intrinsics.h | 8 +- crypto/openssl/crypto/ec/curve448/arch_32/f_impl.h | 18 +- .../openssl/crypto/ec/curve448/arch_32/f_impl32.c | 10 +- .../crypto/ec/curve448/arch_64/arch_intrinsics.h | 12 +- crypto/openssl/crypto/ec/curve448/arch_64/f_impl.h | 15 +- .../openssl/crypto/ec/curve448/arch_64/f_impl64.c | 8 +- crypto/openssl/crypto/ec/curve448/curve448.c | 222 +- crypto/openssl/crypto/ec/curve448/curve448_local.h | 22 +- .../openssl/crypto/ec/curve448/curve448_tables.c | 3028 +-- crypto/openssl/crypto/ec/curve448/curve448utils.h | 44 +- crypto/openssl/crypto/ec/curve448/ed448.h | 102 +- crypto/openssl/crypto/ec/curve448/eddsa.c | 232 +- crypto/openssl/crypto/ec/curve448/f_generic.c | 25 +- crypto/openssl/crypto/ec/curve448/field.h | 87 +- crypto/openssl/crypto/ec/curve448/point_448.h | 101 +- crypto/openssl/crypto/ec/curve448/scalar.c | 82 +- crypto/openssl/crypto/ec/curve448/word.h | 48 +- crypto/openssl/crypto/ec/ec2_oct.c | 34 +- crypto/openssl/crypto/ec/ec2_smpl.c | 122 +- crypto/openssl/crypto/ec/ec_ameth.c | 89 +- crypto/openssl/crypto/ec/ec_asn1.c | 150 +- crypto/openssl/crypto/ec/ec_backend.c | 93 +- crypto/openssl/crypto/ec/ec_check.c | 14 +- crypto/openssl/crypto/ec/ec_curve.c | 1560 +- crypto/openssl/crypto/ec/ec_cvt.c | 4 +- crypto/openssl/crypto/ec/ec_deprecated.c | 8 +- crypto/openssl/crypto/ec/ec_err.c | 212 +- crypto/openssl/crypto/ec/ec_key.c | 44 +- crypto/openssl/crypto/ec/ec_kmeth.c | 147 +- crypto/openssl/crypto/ec/ec_lib.c | 188 +- crypto/openssl/crypto/ec/ec_local.h | 496 +- crypto/openssl/crypto/ec/ec_mult.c | 113 +- crypto/openssl/crypto/ec/ec_oct.c | 34 +- crypto/openssl/crypto/ec/ec_pmeth.c | 29 +- crypto/openssl/crypto/ec/ec_print.c | 6 +- crypto/openssl/crypto/ec/ecdh_kdf.c | 22 +- crypto/openssl/crypto/ec/ecdh_ossl.c | 9 +- crypto/openssl/crypto/ec/ecdsa_ossl.c | 51 +- crypto/openssl/crypto/ec/ecdsa_sign.c | 13 +- crypto/openssl/crypto/ec/ecdsa_vrf.c | 6 +- crypto/openssl/crypto/ec/eck_prn.c | 23 +- crypto/openssl/crypto/ec/ecp_mont.c | 32 +- crypto/openssl/crypto/ec/ecp_nist.c | 28 +- crypto/openssl/crypto/ec/ecp_nistp224.c | 602 +- crypto/openssl/crypto/ec/ecp_nistp256.c | 789 +- crypto/openssl/crypto/ec/ecp_nistp521.c | 940 +- crypto/openssl/crypto/ec/ecp_nistputil.c | 62 +- crypto/openssl/crypto/ec/ecp_nistz256.c | 363 +- crypto/openssl/crypto/ec/ecp_nistz256_table.c | 24407 +++++++++++-------- crypto/openssl/crypto/ec/ecp_oct.c | 31 +- crypto/openssl/crypto/ec/ecp_ppc.c | 8 +- crypto/openssl/crypto/ec/ecp_s390x_nistp.c | 323 +- crypto/openssl/crypto/ec/ecp_smpl.c | 169 +- crypto/openssl/crypto/ec/ecx_backend.c | 32 +- crypto/openssl/crypto/ec/ecx_backend.h | 18 +- crypto/openssl/crypto/ec/ecx_key.c | 2 +- crypto/openssl/crypto/ec/ecx_meth.c | 229 +- crypto/openssl/crypto/ec/ecx_s390x.c | 28 +- crypto/openssl/crypto/encode_decode/decoder_err.c | 14 +- crypto/openssl/crypto/encode_decode/decoder_lib.c | 363 +- crypto/openssl/crypto/encode_decode/decoder_meth.c | 90 +- crypto/openssl/crypto/encode_decode/decoder_pkey.c | 173 +- crypto/openssl/crypto/encode_decode/encoder_err.c | 14 +- crypto/openssl/crypto/encode_decode/encoder_lib.c | 218 +- .../openssl/crypto/encode_decode/encoder_local.h | 12 +- crypto/openssl/crypto/encode_decode/encoder_meth.c | 100 +- crypto/openssl/crypto/encode_decode/encoder_pkey.c | 98 +- crypto/openssl/crypto/engine/eng_all.c | 4 +- crypto/openssl/crypto/engine/eng_cnf.c | 13 +- crypto/openssl/crypto/engine/eng_ctrl.c | 28 +- crypto/openssl/crypto/engine/eng_dyn.c | 116 +- crypto/openssl/crypto/engine/eng_err.c | 128 +- crypto/openssl/crypto/engine/eng_fat.c | 2 +- crypto/openssl/crypto/engine/eng_lib.c | 4 +- crypto/openssl/crypto/engine/eng_list.c | 13 +- crypto/openssl/crypto/engine/eng_local.h | 48 +- crypto/openssl/crypto/engine/eng_openssl.c | 126 +- crypto/openssl/crypto/engine/eng_pkey.c | 20 +- crypto/openssl/crypto/engine/eng_rdrand.c | 30 +- crypto/openssl/crypto/engine/eng_table.c | 46 +- crypto/openssl/crypto/engine/tb_asnmth.c | 22 +- crypto/openssl/crypto/engine/tb_cipher.c | 10 +- crypto/openssl/crypto/engine/tb_dh.c | 10 +- crypto/openssl/crypto/engine/tb_digest.c | 10 +- crypto/openssl/crypto/engine/tb_dsa.c | 10 +- crypto/openssl/crypto/engine/tb_eckey.c | 10 +- crypto/openssl/crypto/engine/tb_pkmeth.c | 10 +- crypto/openssl/crypto/engine/tb_rand.c | 10 +- crypto/openssl/crypto/engine/tb_rsa.c | 10 +- crypto/openssl/crypto/err/err.c | 238 +- crypto/openssl/crypto/err/err_all.c | 48 +- crypto/openssl/crypto/err/err_all_legacy.c | 112 +- crypto/openssl/crypto/err/err_local.h | 15 +- crypto/openssl/crypto/err/err_prn.c | 12 +- crypto/openssl/crypto/ess/ess_asn1.c | 24 +- crypto/openssl/crypto/ess/ess_err.c | 38 +- crypto/openssl/crypto/ess/ess_lib.c | 51 +- crypto/openssl/crypto/evp/asymcipher.c | 93 +- crypto/openssl/crypto/evp/bio_b64.c | 69 +- crypto/openssl/crypto/evp/bio_enc.c | 56 +- crypto/openssl/crypto/evp/bio_md.c | 8 +- crypto/openssl/crypto/evp/bio_ok.c | 72 +- crypto/openssl/crypto/evp/c_allc.c | 8 +- crypto/openssl/crypto/evp/cmeth_lib.c | 57 +- crypto/openssl/crypto/evp/ctrl_params_translate.c | 1357 +- crypto/openssl/crypto/evp/dh_ctrl.c | 46 +- crypto/openssl/crypto/evp/dh_support.c | 15 +- crypto/openssl/crypto/evp/digest.c | 161 +- crypto/openssl/crypto/evp/dsa_ctrl.c | 18 +- crypto/openssl/crypto/evp/e_aes.c | 1624 +- crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c | 447 +- crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha256.c | 440 +- crypto/openssl/crypto/evp/e_aria.c | 358 +- crypto/openssl/crypto/evp/e_bf.c | 20 +- crypto/openssl/crypto/evp/e_camellia.c | 240 +- crypto/openssl/crypto/evp/e_cast.c | 22 +- crypto/openssl/crypto/evp/e_chacha20_poly1305.c | 268 +- crypto/openssl/crypto/evp/e_des.c | 128 +- crypto/openssl/crypto/evp/e_des3.c | 192 +- crypto/openssl/crypto/evp/e_idea.c | 34 +- crypto/openssl/crypto/evp/e_null.c | 8 +- crypto/openssl/crypto/evp/e_old.c | 16 +- crypto/openssl/crypto/evp/e_rc2.c | 53 +- crypto/openssl/crypto/evp/e_rc4.c | 22 +- crypto/openssl/crypto/evp/e_rc4_hmac_md5.c | 161 +- crypto/openssl/crypto/evp/e_rc5.c | 26 +- crypto/openssl/crypto/evp/e_seed.c | 10 +- crypto/openssl/crypto/evp/e_sm4.c | 44 +- crypto/openssl/crypto/evp/e_xcbc_d.c | 34 +- crypto/openssl/crypto/evp/ec_ctrl.c | 39 +- crypto/openssl/crypto/evp/ec_support.c | 194 +- crypto/openssl/crypto/evp/encode.c | 342 +- crypto/openssl/crypto/evp/evp_cnf.c | 7 +- crypto/openssl/crypto/evp/evp_enc.c | 265 +- crypto/openssl/crypto/evp/evp_err.c | 358 +- crypto/openssl/crypto/evp/evp_fetch.c | 175 +- crypto/openssl/crypto/evp/evp_key.c | 22 +- crypto/openssl/crypto/evp/evp_lib.c | 174 +- crypto/openssl/crypto/evp/evp_local.h | 183 +- crypto/openssl/crypto/evp/evp_pbe.c | 124 +- crypto/openssl/crypto/evp/evp_pkey.c | 40 +- crypto/openssl/crypto/evp/evp_rand.c | 115 +- crypto/openssl/crypto/evp/evp_utils.c | 70 +- crypto/openssl/crypto/evp/exchange.c | 115 +- crypto/openssl/crypto/evp/kdf_lib.c | 10 +- crypto/openssl/crypto/evp/kdf_meth.c | 27 +- crypto/openssl/crypto/evp/kem.c | 67 +- crypto/openssl/crypto/evp/keymgmt_lib.c | 72 +- crypto/openssl/crypto/evp/keymgmt_meth.c | 102 +- crypto/openssl/crypto/evp/legacy_blake2.c | 6 +- crypto/openssl/crypto/evp/legacy_md5_sha1.c | 6 +- crypto/openssl/crypto/evp/legacy_mdc2.c | 2 +- crypto/openssl/crypto/evp/legacy_meth.h | 55 +- crypto/openssl/crypto/evp/legacy_ripemd.c | 2 +- crypto/openssl/crypto/evp/legacy_sha.c | 130 +- crypto/openssl/crypto/evp/legacy_wp.c | 2 +- crypto/openssl/crypto/evp/m_sigver.c | 164 +- crypto/openssl/crypto/evp/mac_lib.c | 37 +- crypto/openssl/crypto/evp/mac_meth.c | 27 +- crypto/openssl/crypto/evp/names.c | 50 +- crypto/openssl/crypto/evp/p5_crpt.c | 24 +- crypto/openssl/crypto/evp/p5_crpt2.c | 69 +- crypto/openssl/crypto/evp/p_dec.c | 7 +- crypto/openssl/crypto/evp/p_enc.c | 7 +- crypto/openssl/crypto/evp/p_lib.c | 569 +- crypto/openssl/crypto/evp/p_open.c | 6 +- crypto/openssl/crypto/evp/p_seal.c | 13 +- crypto/openssl/crypto/evp/p_sign.c | 8 +- crypto/openssl/crypto/evp/p_verify.c | 8 +- crypto/openssl/crypto/evp/pbe_scrypt.c | 32 +- crypto/openssl/crypto/evp/pmeth_check.c | 25 +- crypto/openssl/crypto/evp/pmeth_gn.c | 61 +- crypto/openssl/crypto/evp/pmeth_lib.c | 726 +- crypto/openssl/crypto/evp/signature.c | 127 +- crypto/openssl/crypto/ex_data.c | 45 +- crypto/openssl/crypto/ffc/ffc_backend.c | 16 +- crypto/openssl/crypto/ffc/ffc_dh.c | 64 +- crypto/openssl/crypto/ffc/ffc_key_generate.c | 2 +- crypto/openssl/crypto/ffc/ffc_key_validate.c | 10 +- crypto/openssl/crypto/ffc/ffc_params.c | 62 +- crypto/openssl/crypto/ffc/ffc_params_generate.c | 186 +- crypto/openssl/crypto/ffc/ffc_params_validate.c | 46 +- crypto/openssl/crypto/getenv.c | 18 +- crypto/openssl/crypto/hmac/hmac.c | 32 +- crypto/openssl/crypto/hmac/hmac_local.h | 4 +- crypto/openssl/crypto/http/http_client.c | 344 +- crypto/openssl/crypto/http/http_err.c | 106 +- crypto/openssl/crypto/http/http_lib.c | 46 +- crypto/openssl/crypto/idea/i_cbc.c | 4 +- crypto/openssl/crypto/idea/i_cfb64.c | 7 +- crypto/openssl/crypto/idea/i_ecb.c | 2 +- crypto/openssl/crypto/idea/i_ofb64.c | 7 +- crypto/openssl/crypto/idea/idea_local.h | 179 +- crypto/openssl/crypto/info.c | 169 +- crypto/openssl/crypto/init.c | 162 +- crypto/openssl/crypto/initthread.c | 19 +- crypto/openssl/crypto/lhash/lh_stats.c | 14 +- crypto/openssl/crypto/lhash/lhash.c | 23 +- crypto/openssl/crypto/lhash/lhash_local.h | 4 +- crypto/openssl/crypto/md2/md2_dgst.c | 296 +- crypto/openssl/crypto/md4/md4_dgst.c | 16 +- crypto/openssl/crypto/md4/md4_local.h | 63 +- crypto/openssl/crypto/md4/md4_one.c | 2 +- crypto/openssl/crypto/md5/md5_dgst.c | 16 +- crypto/openssl/crypto/md5/md5_local.h | 96 +- crypto/openssl/crypto/md5/md5_one.c | 2 +- crypto/openssl/crypto/mdc2/mdc2dgst.c | 16 +- crypto/openssl/crypto/mem.c | 95 +- crypto/openssl/crypto/mem_sec.c | 131 +- crypto/openssl/crypto/mips_arch.h | 48 +- crypto/openssl/crypto/modes/asm/ghash-armv4.pl | 4 +- crypto/openssl/crypto/modes/cbc128.c | 38 +- crypto/openssl/crypto/modes/ccm128.c | 108 +- crypto/openssl/crypto/modes/cfb128.c | 64 +- crypto/openssl/crypto/modes/ctr128.c | 38 +- crypto/openssl/crypto/modes/cts128.c | 86 +- crypto/openssl/crypto/modes/gcm128.c | 638 +- crypto/openssl/crypto/modes/ocb128.c | 67 +- crypto/openssl/crypto/modes/ofb128.c | 20 +- crypto/openssl/crypto/modes/siv128.c | 61 +- crypto/openssl/crypto/modes/wrap128.c | 49 +- crypto/openssl/crypto/modes/xts128.c | 22 +- crypto/openssl/crypto/o_dir.c | 2 + crypto/openssl/crypto/o_fopen.c | 46 +- crypto/openssl/crypto/o_str.c | 90 +- crypto/openssl/crypto/o_time.c | 20 +- crypto/openssl/crypto/objects/o_names.c | 44 +- crypto/openssl/crypto/objects/obj_compat.h | 62 +- crypto/openssl/crypto/objects/obj_dat.c | 38 +- crypto/openssl/crypto/objects/obj_dat.h | 2 +- crypto/openssl/crypto/objects/obj_err.c | 10 +- crypto/openssl/crypto/objects/obj_lib.c | 6 +- crypto/openssl/crypto/ocsp/ocsp_asn.c | 90 +- crypto/openssl/crypto/ocsp/ocsp_cl.c | 42 +- crypto/openssl/crypto/ocsp/ocsp_err.c | 90 +- crypto/openssl/crypto/ocsp/ocsp_ext.c | 77 +- crypto/openssl/crypto/ocsp/ocsp_http.c | 16 +- crypto/openssl/crypto/ocsp/ocsp_lib.c | 12 +- crypto/openssl/crypto/ocsp/ocsp_local.h | 94 +- crypto/openssl/crypto/ocsp/ocsp_prn.c | 61 +- crypto/openssl/crypto/ocsp/ocsp_srv.c | 61 +- crypto/openssl/crypto/ocsp/ocsp_vfy.c | 50 +- crypto/openssl/crypto/ocsp/v3_ocsp.c | 60 +- crypto/openssl/crypto/packet.c | 48 +- crypto/openssl/crypto/param_build.c | 162 +- crypto/openssl/crypto/param_build_set.c | 20 +- crypto/openssl/crypto/params.c | 153 +- crypto/openssl/crypto/params_dup.c | 39 +- crypto/openssl/crypto/params_from_text.c | 24 +- crypto/openssl/crypto/passphrase.c | 73 +- crypto/openssl/crypto/pem/pem_all.c | 35 +- crypto/openssl/crypto/pem/pem_err.c | 90 +- crypto/openssl/crypto/pem/pem_info.c | 61 +- crypto/openssl/crypto/pem/pem_lib.c | 122 +- crypto/openssl/crypto/pem/pem_local.h | 145 +- crypto/openssl/crypto/pem/pem_oth.c | 2 +- crypto/openssl/crypto/pem/pem_pk8.c | 74 +- crypto/openssl/crypto/pem/pem_pkey.c | 115 +- crypto/openssl/crypto/pem/pem_sign.c | 6 +- crypto/openssl/crypto/pem/pvkfmt.c | 112 +- crypto/openssl/crypto/perlasm/sparcv9_modes.pl | 10 +- crypto/openssl/crypto/perlasm/x86_64-xlate.pl | 5 +- crypto/openssl/crypto/pkcs12/p12_add.c | 45 +- crypto/openssl/crypto/pkcs12/p12_asn.c | 46 +- crypto/openssl/crypto/pkcs12/p12_attr.c | 33 +- crypto/openssl/crypto/pkcs12/p12_crpt.c | 25 +- crypto/openssl/crypto/pkcs12/p12_crt.c | 86 +- crypto/openssl/crypto/pkcs12/p12_decr.c | 81 +- crypto/openssl/crypto/pkcs12/p12_init.c | 3 +- crypto/openssl/crypto/pkcs12/p12_key.c | 58 +- crypto/openssl/crypto/pkcs12/p12_kiss.c | 31 +- crypto/openssl/crypto/pkcs12/p12_local.h | 6 +- crypto/openssl/crypto/pkcs12/p12_mutl.c | 59 +- crypto/openssl/crypto/pkcs12/p12_npas.c | 20 +- crypto/openssl/crypto/pkcs12/p12_p8d.c | 11 +- crypto/openssl/crypto/pkcs12/p12_p8e.c | 31 +- crypto/openssl/crypto/pkcs12/p12_sbag.c | 97 +- crypto/openssl/crypto/pkcs12/p12_utl.c | 83 +- crypto/openssl/crypto/pkcs12/pk12err.c | 64 +- crypto/openssl/crypto/pkcs7/bio_pk7.c | 2 +- crypto/openssl/crypto/pkcs7/pk7_asn1.c | 125 +- crypto/openssl/crypto/pkcs7/pk7_attr.c | 16 +- crypto/openssl/crypto/pkcs7/pk7_doit.c | 121 +- crypto/openssl/crypto/pkcs7/pk7_lib.c | 60 +- crypto/openssl/crypto/pkcs7/pk7_mime.c | 12 +- crypto/openssl/crypto/pkcs7/pk7_smime.c | 59 +- crypto/openssl/crypto/pkcs7/pkcs7err.c | 138 +- crypto/openssl/crypto/poly1305/poly1305.c | 102 +- crypto/openssl/crypto/poly1305/poly1305_base2_44.c | 29 +- crypto/openssl/crypto/poly1305/poly1305_ieee754.c | 279 +- crypto/openssl/crypto/poly1305/poly1305_ppc.c | 24 +- crypto/openssl/crypto/ppccap.c | 110 +- crypto/openssl/crypto/property/defn_cache.c | 19 +- crypto/openssl/crypto/property/property.c | 80 +- crypto/openssl/crypto/property/property_err.c | 36 +- crypto/openssl/crypto/property/property_local.h | 18 +- crypto/openssl/crypto/property/property_parse.c | 139 +- crypto/openssl/crypto/property/property_query.c | 22 +- crypto/openssl/crypto/property/property_string.c | 37 +- crypto/openssl/crypto/provider.c | 24 +- crypto/openssl/crypto/provider_child.c | 55 +- crypto/openssl/crypto/provider_conf.c | 56 +- crypto/openssl/crypto/provider_core.c | 267 +- crypto/openssl/crypto/provider_local.h | 8 +- crypto/openssl/crypto/provider_predefined.c | 4 +- crypto/openssl/crypto/punycode.c | 27 +- crypto/openssl/crypto/rand/prov_seed.c | 18 +- crypto/openssl/crypto/rand/rand_deprecated.c | 8 +- crypto/openssl/crypto/rand/rand_egd.c | 103 +- crypto/openssl/crypto/rand/rand_err.c | 156 +- crypto/openssl/crypto/rand/rand_lib.c | 182 +- crypto/openssl/crypto/rand/rand_local.h | 30 +- crypto/openssl/crypto/rand/rand_meth.c | 2 +- crypto/openssl/crypto/rand/rand_pool.c | 15 +- crypto/openssl/crypto/rand/randfile.c | 97 +- crypto/openssl/crypto/rc2/rc2_cbc.c | 30 +- crypto/openssl/crypto/rc2/rc2_ecb.c | 2 +- crypto/openssl/crypto/rc2/rc2_local.h | 250 +- crypto/openssl/crypto/rc2/rc2_skey.c | 284 +- crypto/openssl/crypto/rc2/rc2cfb64.c | 8 +- crypto/openssl/crypto/rc2/rc2ofb64.c | 8 +- crypto/openssl/crypto/rc4/rc4_enc.c | 16 +- crypto/openssl/crypto/rc4/rc4_local.h | 6 +- crypto/openssl/crypto/rc4/rc4_skey.c | 15 +- crypto/openssl/crypto/rc5/rc5_ecb.c | 2 +- crypto/openssl/crypto/rc5/rc5_enc.c | 4 +- crypto/openssl/crypto/rc5/rc5_local.h | 330 +- crypto/openssl/crypto/rc5/rc5_skey.c | 5 +- crypto/openssl/crypto/rc5/rc5cfb64.c | 8 +- crypto/openssl/crypto/rc5/rc5ofb64.c | 8 +- crypto/openssl/crypto/ripemd/rmd_dgst.c | 19 +- crypto/openssl/crypto/ripemd/rmd_local.h | 112 +- crypto/openssl/crypto/ripemd/rmdconst.h | 360 +- crypto/openssl/crypto/rsa/rsa_acvp_test_params.c | 29 +- crypto/openssl/crypto/rsa/rsa_ameth.c | 274 +- crypto/openssl/crypto/rsa/rsa_asn1.c | 51 +- crypto/openssl/crypto/rsa/rsa_backend.c | 119 +- crypto/openssl/crypto/rsa/rsa_chk.c | 12 +- crypto/openssl/crypto/rsa/rsa_crpt.c | 18 +- crypto/openssl/crypto/rsa/rsa_depr.c | 4 +- crypto/openssl/crypto/rsa/rsa_err.c | 274 +- crypto/openssl/crypto/rsa/rsa_gen.c | 45 +- crypto/openssl/crypto/rsa/rsa_lib.c | 159 +- crypto/openssl/crypto/rsa/rsa_local.h | 72 +- crypto/openssl/crypto/rsa/rsa_meth.c | 132 +- crypto/openssl/crypto/rsa/rsa_mp.c | 4 +- crypto/openssl/crypto/rsa/rsa_none.c | 4 +- crypto/openssl/crypto/rsa/rsa_oaep.c | 52 +- crypto/openssl/crypto/rsa/rsa_ossl.c | 126 +- crypto/openssl/crypto/rsa/rsa_pk1.c | 72 +- crypto/openssl/crypto/rsa/rsa_pmeth.c | 104 +- crypto/openssl/crypto/rsa/rsa_pss.c | 64 +- crypto/openssl/crypto/rsa/rsa_saos.c | 17 +- crypto/openssl/crypto/rsa/rsa_schemes.c | 22 +- crypto/openssl/crypto/rsa/rsa_sign.c | 243 +- crypto/openssl/crypto/rsa/rsa_sp800_56b_check.c | 121 +- crypto/openssl/crypto/rsa/rsa_sp800_56b_gen.c | 24 +- crypto/openssl/crypto/rsa/rsa_x931.c | 5 +- crypto/openssl/crypto/rsa/rsa_x931g.c | 32 +- crypto/openssl/crypto/s390x_arch.h | 178 +- crypto/openssl/crypto/s390xcap.c | 704 +- crypto/openssl/crypto/s390xcpuid.pl | 8 +- crypto/openssl/crypto/seed/seed.c | 752 +- crypto/openssl/crypto/seed/seed_cbc.c | 8 +- crypto/openssl/crypto/seed/seed_cfb.c | 8 +- crypto/openssl/crypto/seed/seed_ecb.c | 2 +- crypto/openssl/crypto/seed/seed_local.h | 123 +- crypto/openssl/crypto/seed/seed_ofb.c | 6 +- crypto/openssl/crypto/self_test_core.c | 32 +- crypto/openssl/crypto/sha/asm/keccak1600-s390x.pl | 3 +- crypto/openssl/crypto/sha/keccak1600.c | 271 +- crypto/openssl/crypto/sha/sha256.c | 120 +- crypto/openssl/crypto/sha/sha3.c | 2 +- crypto/openssl/crypto/sha/sha512.c | 219 +- crypto/openssl/crypto/sha/sha_local.h | 251 +- crypto/openssl/crypto/sha/sha_ppc.c | 6 +- crypto/openssl/crypto/siphash/siphash.c | 61 +- crypto/openssl/crypto/sm2/sm2_crypt.c | 80 +- crypto/openssl/crypto/sm2/sm2_err.c | 42 +- crypto/openssl/crypto/sm2/sm2_key.c | 8 +- crypto/openssl/crypto/sm2/sm2_sign.c | 142 +- crypto/openssl/crypto/sm3/legacy_sm3.c | 3 +- crypto/openssl/crypto/sm3/sm3.c | 6 +- crypto/openssl/crypto/sm3/sm3_local.h | 90 +- crypto/openssl/crypto/sm4/sm4.c | 42 +- crypto/openssl/crypto/sparcv9cap.c | 85 +- crypto/openssl/crypto/sparse_array.c | 28 +- crypto/openssl/crypto/srp/srp_lib.c | 71 +- crypto/openssl/crypto/srp/srp_vfy.c | 117 +- crypto/openssl/crypto/stack/stack.c | 25 +- crypto/openssl/crypto/store/store_err.c | 92 +- crypto/openssl/crypto/store/store_lib.c | 217 +- crypto/openssl/crypto/store/store_local.h | 24 +- crypto/openssl/crypto/store/store_meth.c | 74 +- crypto/openssl/crypto/store/store_register.c | 52 +- crypto/openssl/crypto/store/store_result.c | 114 +- crypto/openssl/crypto/store/store_strings.c | 12 +- crypto/openssl/crypto/threads_none.c | 25 +- crypto/openssl/crypto/threads_pthread.c | 94 +- crypto/openssl/crypto/threads_win.c | 56 +- crypto/openssl/crypto/trace.c | 131 +- crypto/openssl/crypto/ts/ts_asn1.c | 64 +- crypto/openssl/crypto/ts/ts_conf.c | 108 +- crypto/openssl/crypto/ts/ts_err.c | 122 +- crypto/openssl/crypto/ts/ts_lib.c | 4 +- crypto/openssl/crypto/ts/ts_local.h | 18 +- crypto/openssl/crypto/ts/ts_req_print.c | 2 +- crypto/openssl/crypto/ts/ts_rsp_print.c | 41 +- crypto/openssl/crypto/ts/ts_rsp_sign.c | 172 +- crypto/openssl/crypto/ts/ts_rsp_verify.c | 104 +- crypto/openssl/crypto/ts/ts_verify_ctx.c | 6 +- crypto/openssl/crypto/txt_db/txt_db.c | 22 +- crypto/openssl/crypto/ui/ui_err.c | 36 +- crypto/openssl/crypto/ui/ui_lib.c | 260 +- crypto/openssl/crypto/ui/ui_local.h | 56 +- crypto/openssl/crypto/ui/ui_null.c | 10 +- crypto/openssl/crypto/ui/ui_openssl.c | 536 +- crypto/openssl/crypto/ui/ui_util.c | 65 +- crypto/openssl/crypto/uid.c | 34 +- crypto/openssl/crypto/vms_rms.h | 86 +- crypto/openssl/crypto/whrlpool/wp_block.c | 811 +- crypto/openssl/crypto/whrlpool/wp_dgst.c | 20 +- crypto/openssl/crypto/x509/by_dir.c | 76 +- crypto/openssl/crypto/x509/by_file.c | 66 +- crypto/openssl/crypto/x509/by_store.c | 175 +- crypto/openssl/crypto/x509/pcy_cache.c | 24 +- crypto/openssl/crypto/x509/pcy_data.c | 2 +- crypto/openssl/crypto/x509/pcy_lib.c | 19 +- crypto/openssl/crypto/x509/pcy_local.h | 34 +- crypto/openssl/crypto/x509/pcy_map.c | 10 +- crypto/openssl/crypto/x509/pcy_node.c | 28 +- crypto/openssl/crypto/x509/pcy_tree.c | 107 +- crypto/openssl/crypto/x509/standard_exts.h | 5 - crypto/openssl/crypto/x509/t_crl.c | 7 +- crypto/openssl/crypto/x509/t_req.c | 24 +- crypto/openssl/crypto/x509/t_x509.c | 75 +- crypto/openssl/crypto/x509/v3_addr.c | 306 +- crypto/openssl/crypto/x509/v3_admis.c | 52 +- crypto/openssl/crypto/x509/v3_admis.h | 28 +- crypto/openssl/crypto/x509/v3_akeya.c | 6 +- crypto/openssl/crypto/x509/v3_akid.c | 30 +- crypto/openssl/crypto/x509/v3_asid.c | 213 +- crypto/openssl/crypto/x509/v3_bcons.c | 28 +- crypto/openssl/crypto/x509/v3_bitst.c | 54 +- crypto/openssl/crypto/x509/v3_conf.c | 77 +- crypto/openssl/crypto/x509/v3_cpols.c | 93 +- crypto/openssl/crypto/x509/v3_crld.c | 135 +- crypto/openssl/crypto/x509/v3_enum.c | 30 +- crypto/openssl/crypto/x509/v3_extku.c | 23 +- crypto/openssl/crypto/x509/v3_genn.c | 45 +- crypto/openssl/crypto/x509/v3_ia5.c | 6 +- crypto/openssl/crypto/x509/v3_info.c | 47 +- crypto/openssl/crypto/x509/v3_int.c | 2 +- crypto/openssl/crypto/x509/v3_ist.c | 37 +- crypto/openssl/crypto/x509/v3_lib.c | 29 +- crypto/openssl/crypto/x509/v3_ncons.c | 98 +- crypto/openssl/crypto/x509/v3_pci.c | 65 +- crypto/openssl/crypto/x509/v3_pcia.c | 14 +- crypto/openssl/crypto/x509/v3_pcons.c | 30 +- crypto/openssl/crypto/x509/v3_pku.c | 12 +- crypto/openssl/crypto/x509/v3_pmaps.c | 27 +- crypto/openssl/crypto/x509/v3_prn.c | 29 +- crypto/openssl/crypto/x509/v3_purp.c | 136 +- crypto/openssl/crypto/x509/v3_san.c | 229 +- crypto/openssl/crypto/x509/v3_skid.c | 15 +- crypto/openssl/crypto/x509/v3_sxnet.c | 28 +- crypto/openssl/crypto/x509/v3_tlsf.c | 29 +- crypto/openssl/crypto/x509/v3_utf8.c | 11 +- crypto/openssl/crypto/x509/v3_utl.c | 166 +- crypto/openssl/crypto/x509/v3err.c | 236 +- crypto/openssl/crypto/x509/x509_att.c | 93 +- crypto/openssl/crypto/x509/x509_cmp.c | 48 +- crypto/openssl/crypto/x509/x509_d2.c | 15 +- crypto/openssl/crypto/x509/x509_err.c | 134 +- crypto/openssl/crypto/x509/x509_ext.c | 35 +- crypto/openssl/crypto/x509/x509_local.h | 118 +- crypto/openssl/crypto/x509/x509_lu.c | 98 +- crypto/openssl/crypto/x509/x509_meth.c | 27 +- crypto/openssl/crypto/x509/x509_obj.c | 19 +- crypto/openssl/crypto/x509/x509_r2x.c | 9 +- crypto/openssl/crypto/x509/x509_req.c | 32 +- crypto/openssl/crypto/x509/x509_set.c | 14 +- crypto/openssl/crypto/x509/x509_trust.c | 56 +- crypto/openssl/crypto/x509/x509_txt.c | 3 +- crypto/openssl/crypto/x509/x509_v3.c | 22 +- crypto/openssl/crypto/x509/x509_vfy.c | 355 +- crypto/openssl/crypto/x509/x509_vpm.c | 157 +- crypto/openssl/crypto/x509/x509cset.c | 2 +- crypto/openssl/crypto/x509/x509name.c | 54 +- crypto/openssl/crypto/x509/x509type.c | 2 +- crypto/openssl/crypto/x509/x_all.c | 144 +- crypto/openssl/crypto/x509/x_attrib.c | 6 +- crypto/openssl/crypto/x509/x_crl.c | 109 +- crypto/openssl/crypto/x509/x_exten.c | 9 +- crypto/openssl/crypto/x509/x_name.c | 127 +- crypto/openssl/crypto/x509/x_pubkey.c | 147 +- crypto/openssl/crypto/x509/x_req.c | 84 +- crypto/openssl/crypto/x509/x_x509.c | 64 +- crypto/openssl/crypto/x509/x_x509a.c | 14 +- crypto/openssl/demos/bio/client-arg.c | 2 +- crypto/openssl/demos/bio/client-conf.c | 4 +- crypto/openssl/demos/bio/saccept.c | 13 +- crypto/openssl/demos/bio/sconnect.c | 11 +- crypto/openssl/demos/bio/server-arg.c | 13 +- crypto/openssl/demos/bio/server-cmod.c | 11 +- crypto/openssl/demos/bio/server-conf.c | 13 +- crypto/openssl/demos/cipher/aesccm.c | 13 +- crypto/openssl/demos/cipher/aesgcm.c | 10 +- crypto/openssl/demos/cipher/aeskeywrap.c | 99 +- *** 688302 LINES SKIPPED *** From nobody Tue Jun 9 19:18:34 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdx65kcDz6gVBN for ; Tue, 09 Jun 2026 19:18:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdx61sh0z3Mrv for ; Tue, 09 Jun 2026 19:18:34 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032714; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=31dIqwq5DLkFKDGLKyIjlnjpqZHbLGS9PdTXBtiU8ms=; b=T4kPhNAokx5FK9LRFt2z4a/qUEujVm4vde2jEcnkpsbvTPFDJ5SIZrmUK7AC/+1dLiyKOc zyzePrsBBNXWAll/o+H6BLxldMq/PKcv9pP4a8/SgboSsmHT7KG4b+tAzuzjo1SxRQHjLt CGsDSsetYymI3owcCmpQSaXzCtiPTqXhNSrQNMEKMg8ZNS3IK75piZyVMvGkxOjOOa6KOz /Lz3ITpUaSxaGS3zxWld2ZA5A9/mbS87Mz/b2DOoisJWkTtetZ8N1aEWXVUDTWqae9XZia SwLRuxEMPvBiCnP0LQmvo0GWQ5ewUtRNCSDAgHvi13cVbNYoNa7DTyQLGpmS7Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032714; a=rsa-sha256; cv=none; b=NCrcgaw88VjkU2q7M2KKeoj7O3uhy0fsuvmy3p4EMXC7NvuNMEY+XTuWwKN/9QgmV8QD9u lp4ikLsfl8MiCrd+mXFJ5AO3mC2xbfpNc43F6f98qFilvdwidtdl6KLS9T12lrh0+5YTk0 1VDXtQkgLnePKRlop1ZuMQYmnLHGdOg0YZWw811TLODhVKG7v93E8l5rFaYdtNoCWdQ8r7 bg61kja3NhHeKK18Xosp1VnVKgvk6h9B38nG3wVfRjjXsHJGoCmjH6eIcHfNIftNTIptHg Tgajw+qocD3yA9437b/eafMx+ICkzcZ47aLICP2iF8Yek/TaYR/ADug4F14H0g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032714; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=31dIqwq5DLkFKDGLKyIjlnjpqZHbLGS9PdTXBtiU8ms=; b=FNGLETdrbaPBqrnPQy04+pwA23e+nx/Fp0EQEvu54gwiKStjmj8yVGhYZY9+Z8p+abhmyw +0I6nLRuZpLPabKjka0s38dJhs1dudmpemhvhVqmBiP+R6aZfjN6Jidq3mNTyIdLhI+Xh4 5pnweanpRp17fw1evswfBah2Jw/OX065AE1mOPVHsIPmVCechcZRKNoa6gMoqzoxZg3p+v vMwPacZzlLEeS579aKp9JoTQIdnw/4fxIvmTjotyYFUTFqH5iURXHe14QAY8aB2Yu80KDq WA3zHyxhwfSZlV1n85HL2juVSXVcek9ACafpKPU4GYh2GeREnqUVDjF1En7YXA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdx61FW4zn9d for ; Tue, 09 Jun 2026 19:18:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3cd7f by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:34 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: fa5581c379fe - releng/14.3 - thr_kill2: Respect p_cansignal() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: fa5581c379fec9855e88df49534a973752bbec3f Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:34 +0000 Message-Id: <6a28670a.3cd7f.6c4f2f81@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=fa5581c379fec9855e88df49534a973752bbec3f commit fa5581c379fec9855e88df49534a973752bbec3f Author: Mark Johnston AuthorDate: 2026-05-25 15:12:57 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 15:53:09 +0000 thr_kill2: Respect p_cansignal() Approved by: so Security: FreeBSD-SA-26:25.thr Security: CVE-2026-45256 Reported by: Igor Gabriel Sousa e Souza Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li, and Ke Xu from Tsinghua University using GLM-5.1 from Z.ai Reviewed by: emaste, kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57237 --- sys/kern/kern_thr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/kern_thr.c b/sys/kern/kern_thr.c index 0ab4cb5f7970..de6b141a918b 100644 --- a/sys/kern/kern_thr.c +++ b/sys/kern/kern_thr.c @@ -477,7 +477,7 @@ sys_thr_kill2(struct thread *td, struct thr_kill2_args *uap) p = ttd->td_proc; AUDIT_ARG_PROCESS(p); error = p_cansignal(td, p, uap->sig); - if (uap->sig == 0) + if (error != 0 || uap->sig == 0) ; else if (!_SIG_VALID(uap->sig)) error = EINVAL; From nobody Tue Jun 9 19:18:35 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdx75RxMz6gV01 for ; Tue, 09 Jun 2026 19:18:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdx72s6Gz3NY7 for ; Tue, 09 Jun 2026 19:18:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032715; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WO/7ucM/N+hHn1OOihc5IvrzY+sbUZBLMNvZ+aFk2MA=; b=VM1z+u2VS3+3qaJwt1x3wc8H/rfeY/AR1LFeovwqRmTNEq8tq+1TV61/fvWRWbZJfN8KP8 5Vrr/5+q1++r3AKZAAKr+YtCEx6855ywh1VqLMMh4Mvsk59bQ7PPsc6uuEvtfSpBIU6ozM PH2IgmGyko5V+avaqBC025ySTZM/D/2y2NpoGO+iwBLUN8txPVpPmVVOsJ8gfxVLRznBHW NQZixPKsQaRY9nqwFWfPbGkDD3lKxVywzbGjmEWPaIs5JmLWCkzKw236UxzE2isFLVYJFk DUTn/ZlGQrB+0+svY9GWcBG9T6Sgt4ip0C0q+2o7FrT23fjcqxyw1ZIUbeuRRA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032715; a=rsa-sha256; cv=none; b=OABOJEibyQrLYpiklRHOMKJ13cleRGNZdxHdSVErfphFvfCoNiNmXBX37N0w43TsgGYL/I OdixdFgI4z3cYbfjHAqInsgH2AirhfXg5sn3niJfbg6BEOWTHEn/Fc6LyWFFkgSBVoKa0a r+Wfx7SdNjbXbX4ipLBFYJTg8IH6dPuc5id7le0XsBCE505a9KVsVHspgCCjvpXhnvjm0c Jl3/ngb7lwRnkmyj80jOHTUfRBg/PCKIoWh/zQChx+cMYa+FD19n1+7SoFK1J/d7p83qJE lD+9eYIVq8YNYgYyUvmfxbaNqEZiRvCCsYj9i0/ozd89nMCIqYpT3Cnz+1nRkA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032715; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WO/7ucM/N+hHn1OOihc5IvrzY+sbUZBLMNvZ+aFk2MA=; b=lVfuJXL2nOVgLx/hwiO8SL3PmqeoK57M3jWPpArwmA0RosvEPUF2WsSDg7Y9rBP7GUiw0M K51FY9svo4pdJNbJ2VXHs/0phdmWQYP3ysH9S6vSdWKOZiiHGzYuAHyqN/tBAB48735SUe dwkOfnqK+DmHs8hlV6ZLGz/Di2HnDlg7cSirCR/YDwQXr8loySfkp0X3ru8PuSkzl6t7Qa pLfSx/9RozGFE7IBeIeD/zF2GCjHpqOE35+35wtStQf88MMJVj76yJxPKTz9hr+jBC+M8V HNl+sB0l2nrveICpouOIAfiAq9A+uRV3ZOq+IA79nxSe+1HNwiDEs2GG2qsv6Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdx724CsznrR for ; Tue, 09 Jun 2026 19:18:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e78d by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:35 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: John Baldwin From: Mark Johnston Subject: git: af3398862ac0 - releng/14.3 - ktls: Don't attempt to modify non-anonymous mbufs on the receive path List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: af3398862ac05421ec07eb134da394755c565356 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:35 +0000 Message-Id: <6a28670b.3e78d.438a569f@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=af3398862ac05421ec07eb134da394755c565356 commit af3398862ac05421ec07eb134da394755c565356 Author: John Baldwin AuthorDate: 2026-06-03 23:22:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 15:53:09 +0000 ktls: Don't attempt to modify non-anonymous mbufs on the receive path Normally, data processed on the KTLS receive path is contained in anonymous mbufs that can be modified in place. Either the data originates in receive buffers from a NIC driver, or for loopback connections the data is anonymous-backed mbufs created when writing to a socket. One potential source of non-anonymous mbufs are mbufs created by sendfile(2) which borrow the pages of the underlying file, either via M_EXTPG or EXT_SFBUF that are sent over a loopback connection. For a well-formed loopback TLS session, the sender should only use sendfile(2) if KTLS is enabled. If TLS is fully handled in userspace, the sender must use write(2) or send(2) which allocate anonymous mbufs. If KTLS transmit is enabled, then sendfile(2) on a loopback connection will always use crypto via OCF and will allocate anonymous pages to hold the encrypted data. However, if sendfile(2) is used to send file-backed data directly over a loopback connection where KTLS is not enabled on the sender side, the KTLS receive path can modify the file-backed pages in place overwriting the file's data. One potential fix would be to replace non-anonymous mbufs in a received TLS record with anonymous mbufs (e.g. via m_dup()) before passing the record to OCF. However, there is no legitimate use case for using sendfile(2) over a loopback TLS connection without using KTLS on the sender side, so instead simply fail decryption requests and close the connection if non-anonymous mbufs are encountered in the RX decryption path. Add a test for this that verifies that the original data backing the file descriptor used as the source for sendfile() is unchanged after being processed. Approved by: so Security: FreeBSD-SA-26:26.ktls Security: CVE-2026-45257 Co-authored-by: Drew Gallatin Sponsored by: Chelsio Communications Sponsored by: Netflix --- sys/kern/uipc_ktls.c | 17 +++++++-- sys/sys/ktls.h | 1 + tests/sys/kern/ktls_test.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 108 insertions(+), 3 deletions(-) diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c index 294a196db60d..ff1a94c57673 100644 --- a/sys/kern/uipc_ktls.c +++ b/sys/kern/uipc_ktls.c @@ -2329,8 +2329,10 @@ tls13_find_record_type(struct ktls_session *tls, struct mbuf *m, int tls_len, * Check if a mbuf chain is fully decrypted at the given offset and * length. Returns KTLS_MBUF_CRYPTO_ST_DECRYPTED if all data is * decrypted. KTLS_MBUF_CRYPTO_ST_MIXED if there is a mix of encrypted - * and decrypted data. Else KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data - * is encrypted. + * and decrypted data. KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data is + * encrypted. KTLS_MBUF_CRYPTO_ST_SHAREDMBUF if any mbuf points at + * shared data that must not be modified in place (non-anonymous + * M_EXTPG or sendfile M_EXT buffers). */ ktls_mbuf_crypto_st_t ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) @@ -2346,6 +2348,13 @@ ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) offset += len; for (; mb != NULL; mb = mb->m_next) { + if ((mb->m_flags & M_EXTPG) != 0 && + (mb->m_epg_flags & EPG_FLAG_ANON) == 0) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + if ((mb->m_flags & M_EXT) != 0 && + mb->m_ext.ext_type == EXT_SFBUF) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + m_flags_ored |= mb->m_flags; m_flags_anded &= mb->m_flags; @@ -2546,9 +2555,11 @@ ktls_decrypt(struct socket *so) record_type = hdr->tls_type; } break; - default: + case KTLS_MBUF_CRYPTO_ST_SHAREDMBUF: error = EINVAL; break; + default: + __assert_unreachable(); } if (error) { counter_u64_add(ktls_offload_failed_crypto, 1); diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h index 693864394ffe..0fdf4c4ceac7 100644 --- a/sys/sys/ktls.h +++ b/sys/sys/ktls.h @@ -210,6 +210,7 @@ typedef enum { KTLS_MBUF_CRYPTO_ST_MIXED = 0, KTLS_MBUF_CRYPTO_ST_ENCRYPTED = 1, KTLS_MBUF_CRYPTO_ST_DECRYPTED = -1, + KTLS_MBUF_CRYPTO_ST_SHAREDMBUF = -2, } ktls_mbuf_crypto_st_t; void ktls_check_rx(struct sockbuf *sb); diff --git a/tests/sys/kern/ktls_test.c b/tests/sys/kern/ktls_test.c index 72497196b945..3970083e7f72 100644 --- a/tests/sys/kern/ktls_test.c +++ b/tests/sys/kern/ktls_test.c @@ -30,6 +30,7 @@ #include #include #include +#include #include #include #include @@ -2817,6 +2818,97 @@ ATF_TC_BODY(ktls_listening_socket, tc) ATF_REQUIRE(close(s) == 0); } +/* + * Verify that the KTLS receive path does not overwrite data belonging + * to a file whose payload is transmitted over a loopback connection + * via plain sendfile. + */ +ATF_TC_WITHOUT_HEAD(ktls_receive_loopback_sendfile); +ATF_TC_BODY(ktls_receive_loopback_sendfile, tc) +{ + struct tls_enable en; + struct msghdr msg; + struct sf_hdtr hdtr; + struct iovec iov[2]; + uint64_t seqno; + off_t sbytes; + char cbuf[CMSG_SPACE(sizeof(struct tls_get_record))]; + char *plaintext, *ciphertext, *outbuf; + void *p; + const size_t payload_len = PAGE_SIZE; + ssize_t rv; + size_t len; + int mode, shm, sockets[2]; + socklen_t slen; + + ATF_REQUIRE_KTLS(); + seqno = random(); + build_tls_enable(tc, CRYPTO_AES_NIST_GCM_16, 128 / 8, 0, + TLS_MINOR_VER_TWO, seqno, &en); + + len = tls_header_len(&en) + payload_len + tls_trailer_len(&en); + plaintext = alloc_buffer(payload_len); + ciphertext = malloc(len); + ATF_REQUIRE_INTEQ(len, encrypt_tls_record(tc, &en, TLS_RLTYPE_APP, + seqno, plaintext, payload_len, ciphertext, len, 0)); + + ATF_REQUIRE((shm = shm_open(SHM_ANON, O_RDWR, 0600)) > 0); + ATF_REQUIRE_INTEQ(0, ftruncate(shm, payload_len)); + ATF_REQUIRE((p = mmap(NULL, payload_len, PROT_READ | PROT_WRITE, + MAP_SHARED, shm, 0)) != MAP_FAILED); + memcpy(p, ciphertext + tls_header_len(&en), payload_len); + + ATF_REQUIRE_MSG(socketpair_tcp(sockets), "failed to create sockets"); + ATF_REQUIRE(setsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_ENABLE, &en, + sizeof(en)) == 0); + slen = sizeof(mode); + ATF_REQUIRE_INTEQ(0, getsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_MODE, + &mode, &slen)); + ATF_REQUIRE_INTEQ(TCP_TLS_MODE_SW, mode); + + fd_set_blocking(sockets[0]); + fd_set_blocking(sockets[1]); + + iov[0].iov_base = ciphertext; + iov[0].iov_len = tls_header_len(&en); + iov[1].iov_base = ciphertext + tls_header_len(&en) + payload_len; + iov[1].iov_len = tls_trailer_len(&en); + hdtr.headers = iov; + hdtr.hdr_cnt = 1; + hdtr.trailers = iov + 1; + hdtr.trl_cnt = 1; + debug_hexdump(tc, p, payload_len, "shm buffer before"); + ATF_REQUIRE_INTEQ(0, sendfile(shm, sockets[1], 0, payload_len, &hdtr, + &sbytes, 0)); + ATF_REQUIRE_INTEQ(sbytes, len); + + outbuf = calloc(payload_len, 1); + + memset(&msg, 0, sizeof(msg)); + + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); + + iov[0].iov_base = outbuf; + iov[0].iov_len = payload_len; + msg.msg_iov = iov; + msg.msg_iovlen = 1; + + rv = recvmsg(sockets[0], &msg, 0); + if (rv >= 0) { + ATF_REQUIRE_INTEQ(payload_len, rv); + ATF_REQUIRE_INTEQ(0, memcmp(outbuf, plaintext, payload_len)); + } else + ATF_REQUIRE_ERRNO(EBADMSG, true); + + debug_hexdump(tc, p, payload_len, "shm buffer after"); + ATF_REQUIRE_INTEQ(0, memcmp(p, ciphertext + tls_header_len(&en), + payload_len)); + + close_sockets_ignore_errors(sockets); + (void)close(shm); +} + ATF_TP_ADD_TCS(tp) { /* Transmit tests */ @@ -2843,6 +2935,7 @@ ATF_TP_ADD_TCS(tp) /* Miscellaneous */ ATF_TP_ADD_TC(tp, ktls_sendto_baddst); ATF_TP_ADD_TC(tp, ktls_listening_socket); + ATF_TP_ADD_TC(tp, ktls_receive_loopback_sendfile); return (atf_no_error()); } From nobody Tue Jun 9 19:18:36 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdx86Cgqz6gV8F for ; Tue, 09 Jun 2026 19:18:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdx83WB6z3NMf for ; Tue, 09 Jun 2026 19:18:36 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032716; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=++E2IW/9ovZSy7BAZlUUgCg4/Zdz9UNSs26ogQEkqCw=; b=cQAv4MUqQk/OaVB+pKPsrkq7oBbzjRgVhVAT5YiPNDUioyjSeQrRabwVC39pnltnmxg/Q9 QJYuLVnUG/ZEEXDtcUzDsDDa9hpW/ngsvfwruDaN5b7QR2VdCkHEm2xLsnHxbiJGuI1Aix hqXpvVgJ5l3pXnIRzm+k67jLdJiV06I5SJ/2CDMpizOmi2crfBYdbxswPjK4/CqKNLYd71 kexQRQic5nLN7VtW+Nxpr/Fw8Ib4bkYJeCI7y/n2c2hpNBME9zxslqoTCMj9zBVPh4PXxg v5LIHsDQR+Q/GYjHhY4kGwV0noxa5f+7brOMUTDhJiVkYuRbYvo89nynE3dAUA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032716; a=rsa-sha256; cv=none; b=M7a9S7ZZxwLt2ahGnJwNuRpZuv99KTuhp2ZB9DEzxmrpZ3bw3VAEaS4tJNEp8xIXbaHhNs VW3z/oL4c9zcvX5X6ADhAJZ/pQ1td0C471+Usr20u/xBKjrXOoQM/O5WuDcfP7QoNou/Re Fo5Ahq9GZOkoHyC1CbDDE8akgC7hhACK6edeYhmPaNorPx52bkdNJNqPTdNS+Xf6j2/LhK hmpcp2z9dOH2P7/kBUwtLREQCg09CxEVRFlUU+w8wjzS2Eajj8ycnnhKkS6GbdhYD7TAjB ZKZcLSXykdTXhnLEkGgEodR8S20HvMgLBTrm5W6q6e1cO8dpeayu9lGygsJV8w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032716; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=++E2IW/9ovZSy7BAZlUUgCg4/Zdz9UNSs26ogQEkqCw=; b=K1G2C9WzSywk/vPjHDeOfZgxn3Tmps5qDsIzev/sjEzogAdix49TZbzlbrq6vE7NRcofcm yGRiuCOZLJLOFlzfF9u6wj+kUlnVZ9aU+LzP8lq3AL5dFmgm1t1FNYgRbJOUKhQAHjaK6z RjWdimYwaxPKw6pfFHBMDSU9i9uDhtKp3IV1CF1ZrTjDTdLA7v6saNZuPg5oOWmOT3jN7I MCx4SfOcVMBnmRKd+WwLhwr09Igrt6ngQoTcudu+Xh/E7wbCTLiJ01CIARxkzBth/9UExr Ul6zeOP99Dl2JXNI5vKcpSIucRM3Q8oLrt/02YCAFbVwocnIY1iePD9wGpWEFQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdx82rvpznxv for ; Tue, 09 Jun 2026 19:18:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e836 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:36 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Christos Margiolis From: Mark Johnston Subject: git: 644ce0e7dffa - releng/14.3 - sound: Check for offset overflow in dsp_mmap_single() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: 644ce0e7dffa22503afee6b3d5b830b31947bada Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:36 +0000 Message-Id: <6a28670c.3e836.15b71248@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=644ce0e7dffa22503afee6b3d5b830b31947bada commit 644ce0e7dffa22503afee6b3d5b830b31947bada Author: Christos Margiolis AuthorDate: 2026-05-27 15:50:33 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 17:23:12 +0000 sound: Check for offset overflow in dsp_mmap_single() Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-45258 Reviewed by: markj Sponsored by: The FreeBSD Foundation --- sys/dev/sound/pcm/dsp.c | 3 +++ tests/sys/sound/Makefile | 1 + tests/sys/sound/mmap.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 54 insertions(+) diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index 8ee3d1d3f2a8..f2254f925940 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -1843,6 +1843,9 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, struct pcm_channel *wrch, *rdch, *c; int err; + if (*offset >= *offset + size) + return (EINVAL); + /* * Reject PROT_EXEC by default. It just doesn't makes sense. * Unfortunately, we have to give up this one due to linux_mmap diff --git a/tests/sys/sound/Makefile b/tests/sys/sound/Makefile index 74a0765a0540..ce156ae8c4cf 100644 --- a/tests/sys/sound/Makefile +++ b/tests/sys/sound/Makefile @@ -2,6 +2,7 @@ PACKAGE= tests TESTSDIR= ${TESTSBASE}/sys/sound +ATF_TESTS_C+= mmap ATF_TESTS_C+= pcm_read_write ATF_TESTS_C+= sndstat diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c new file mode 100644 index 000000000000..33440529eb10 --- /dev/null +++ b/tests/sys/sound/mmap.c @@ -0,0 +1,50 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2026 The FreeBSD Foundation + */ + +#include +#include + +#include +#include +#include +#include + +#define FMT_ERR(s) s ": %s", strerror(errno) + +ATF_TC(mmap_offset_overflow); +ATF_TC_HEAD(mmap_offset_overflow, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap offset overflow test"); +} + +ATF_TC_BODY(mmap_offset_overflow, tc) +{ + uint8_t *buf; + off_t off; + size_t len; + int fd; + + fd = open("/dev/dsp0", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + /* off + len will overflow and wrap back to 0. */ + off = 0xfffffffffffff000; + len = 0x1000; + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, off); + ATF_REQUIRE_MSG(buf == MAP_FAILED, FMT_ERR("mmap")); + + munmap(buf, len); + + close(fd); +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, mmap_offset_overflow); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:18:37 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxB2Vdvz6gV2c for ; Tue, 09 Jun 2026 19:18:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdx94tpzz3Nbj for ; Tue, 09 Jun 2026 19:18:37 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032717; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=stff5ZzCRZslNDHRqBGkx1H9UcEPueWQU1wDE9Xcw4U=; b=es/MNKwnDqBVVj0hDEDQOYYyW6rBamoKvxGv2Y9sjgoPf1WdN3Vi5e8EGfKVLp3GD1kN58 OXAlcK0UQXczbMTe2TGTMe692PU1bRgOuwIgNmzOkjGDz+pPxHXeWfSn9oABK8PMnfCfky 7PcT1iItKiJXO/jgPLmY/MDUoyeVxwpBZJl5Ggs2RQlcAeJ8isPRMNQs5yGpZ0wTjJwoTb SPwv/fGZaGs/Ju5j4vrKkaH9iC1SRfXwd0unaQeNMJm4JEeQ64rv84ueQ/+ogK+RhO3sCc HJmbljIRENRtPkZI/5A4h4eR9tlfM3u130s/kF2WHm9c6qWefr0BDHBZc2IF0w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032717; a=rsa-sha256; cv=none; b=foExhC13iVvFmhNTDPglXHcac1P7YWc5VTH6/DHk+08Q9nfXQZQBw6evVEiEadxBKX/wdh xM0sUrnwUd+6LfCT7+LxEOQkX8WKt+MnfiiS+sn28m1i51eG5BvIcDqUZtNS3fPftDJYqS /RxNd3StyaHJhJYG4qosj/h4TcwHb4x2aoA/AhRdEnYFGvRgdm8ygQ15RJrLKWIvST5C8h wQNJBjm5FqtmINg46a49QEErfN1i95zkG6PIZpjxyR2wxJGlBiKxQhBHAljuGI7piNZWWe 121dhfVXkAe2njaEzleA8Hi/5wo/Gzt3vV0gul0B8fAXtooyVf00eMizg6JrfA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032717; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=stff5ZzCRZslNDHRqBGkx1H9UcEPueWQU1wDE9Xcw4U=; b=VjV7ZjZQuwHnKn18XD5QEx0GuxSyQQxNjvrlLg+Ja/yiyjZoCchuAU3JFaaNCovSFGdA5b oMMaUPpqLYvRvu2njksUkKq3QeazxeiKQZb5yhDunA7pehW5ppoOPvUiRS2BuD9dmZXS/5 320krA0ha/4ORY3r7g8AtgUeoJjNuebgd0Lo8EYLtIOumvl/Fu3uRQR5Qdov43u21M9XGW 4B3llRkckoVXMDXPSgZy3DaaZnXly7Adyj2BMgNDpVH2cEA+r+NmgxVYSkwpQZ98VxW+Do Gw011HSpBb0//a1uwzuVfm+uFxsfmqUOZq3HWvzoKx7CFZYhrtyd4a51r9wuOA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdx93cn4znvw for ; Tue, 09 Jun 2026 19:18:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d649 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:37 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: de5fd56985c3 - releng/14.3 - sound: Fix software buffer lifetime issues List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: de5fd56985c380ec617a10e480a27eb192b1b074 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:37 +0000 Message-Id: <6a28670d.3d649.7725752d@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=de5fd56985c380ec617a10e480a27eb192b1b074 commit de5fd56985c380ec617a10e480a27eb192b1b074 Author: Mark Johnston AuthorDate: 2026-06-01 21:57:40 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 17:48:04 +0000 sound: Fix software buffer lifetime issues The channel buffer mapped by dsp_mmap_single() may be freed when the device handle is closed, but the mapping persists beyond that, allowing userspace to read or write memory owned by a different consumer. Fix the problem by adding a reference counter to the sound buffer. Define pager ops for the VM object returned by dsp_mmap_single() and use them to manage the extra reference. Add a regression test. Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-49417 Reported by: Lexpl0it, 75Acol, Liyw979, Rob1n Reviewed by kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57393 --- sys/dev/sound/pcm/buffer.c | 38 ++++++++++++++++++++-- sys/dev/sound/pcm/buffer.h | 4 +++ sys/dev/sound/pcm/dsp.c | 80 ++++++++++++++++++++++++++++++++++++++-------- tests/sys/sound/mmap.c | 59 ++++++++++++++++++++++++++++++++++ 4 files changed, 165 insertions(+), 16 deletions(-) diff --git a/sys/dev/sound/pcm/buffer.c b/sys/dev/sound/pcm/buffer.c index de535ec2dcba..ddcf14fbc1c2 100644 --- a/sys/dev/sound/pcm/buffer.c +++ b/sys/dev/sound/pcm/buffer.c @@ -32,6 +32,7 @@ #include "opt_snd.h" #endif +#include #include #include "feeder_if.h" @@ -46,6 +47,7 @@ sndbuf_create(device_t dev, char *drv, char *desc, struct pcm_channel *channel) struct snd_dbuf *b; b = malloc(sizeof(*b), M_DEVBUF, M_WAITOK | M_ZERO); + refcount_init(&b->refcount, 1); snprintf(b->name, SNDBUF_NAMELEN, "%s:%s", drv, desc); b->dev = dev; b->channel = channel; @@ -56,8 +58,30 @@ sndbuf_create(device_t dev, char *drv, char *desc, struct pcm_channel *channel) void sndbuf_destroy(struct snd_dbuf *b) { - sndbuf_free(b); - free(b, M_DEVBUF); + b->flags |= SNDBUF_F_DETACHED; + sndbuf_rele(b); +} + +void +sndbuf_ref(struct snd_dbuf *b) +{ + unsigned int count __diagused; + + CHN_LOCK(b->channel); + count = refcount_acquire(&b->refcount); + KASSERT(count > 0, ("sndbuf %p refcount 0", b)); + CHN_UNLOCK(b->channel); +} + +void +sndbuf_rele(struct snd_dbuf *b) +{ + if (refcount_release(&b->refcount)) { + sndbuf_free(b); + KASSERT(refcount_load(&b->refcount) == 0, + ("sndbuf %p still referenced", b)); + free(b, M_DEVBUF); + } } bus_addr_t @@ -183,6 +207,11 @@ sndbuf_resize(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) { + CHN_UNLOCK(b->channel); + return (EBUSY); + } allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); tmpbuf = malloc(allocsize, M_DEVBUF, M_WAITOK); @@ -218,10 +247,15 @@ sndbuf_remalloc(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (blkcnt < 2 || blksz < 16) return EINVAL; + CHN_LOCKASSERT(b->channel); + bufsize = blksz * blkcnt; if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) + return (EBUSY); allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); buf = malloc(allocsize, M_DEVBUF, M_WAITOK); diff --git a/sys/dev/sound/pcm/buffer.h b/sys/dev/sound/pcm/buffer.h index ddf4083ec19f..99bc6c0611d2 100644 --- a/sys/dev/sound/pcm/buffer.h +++ b/sys/dev/sound/pcm/buffer.h @@ -27,6 +27,7 @@ */ #define SNDBUF_F_MANAGED 0x00000008 +#define SNDBUF_F_DETACHED 0x00000010 #define SNDBUF_NAMELEN 48 @@ -50,6 +51,7 @@ struct snd_dbuf { bus_dma_tag_t dmatag; bus_addr_t buf_addr; int dmaflags; + unsigned int refcount; struct selinfo sel; struct pcm_channel *channel; char name[SNDBUF_NAMELEN]; @@ -57,6 +59,8 @@ struct snd_dbuf { struct snd_dbuf *sndbuf_create(device_t dev, char *drv, char *desc, struct pcm_channel *channel); void sndbuf_destroy(struct snd_dbuf *b); +void sndbuf_ref(struct snd_dbuf *b); +void sndbuf_rele(struct snd_dbuf *b); void sndbuf_dump(struct snd_dbuf *b, char *s, u_int32_t what); diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index f2254f925940..21d1407ac882 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -74,7 +74,6 @@ static d_read_t dsp_read; static d_write_t dsp_write; static d_ioctl_t dsp_ioctl; static d_poll_t dsp_poll; -static d_mmap_t dsp_mmap; static d_mmap_single_t dsp_mmap_single; struct cdevsw dsp_cdevsw = { @@ -84,7 +83,6 @@ struct cdevsw dsp_cdevsw = { .d_write = dsp_write, .d_ioctl = dsp_ioctl, .d_poll = dsp_poll, - .d_mmap = dsp_mmap, .d_mmap_single = dsp_mmap_single, .d_name = "dsp", }; @@ -1821,23 +1819,72 @@ dsp_poll(struct cdev *i_dev, int events, struct thread *td) return (ret); } +struct dsp_mmap_handle { + struct cdev *cdev; + struct snd_dbuf *buf; +}; + static int -dsp_mmap(struct cdev *i_dev, vm_ooffset_t offset, vm_paddr_t *paddr, - int nprot, vm_memattr_t *memattr) +dsp_dev_pager_ctor(void *handle, vm_ooffset_t size, vm_prot_t prot, + vm_ooffset_t foff, struct ucred *cred, u_short *color) { + struct dsp_mmap_handle *h = handle; - /* - * offset is in range due to checks in dsp_mmap_single(). - * XXX memattr is not honored. - */ - *paddr = vtophys(offset); + dev_ref(h->cdev); + sndbuf_ref(h->buf); return (0); } +static void +dsp_dev_pager_dtor(void *handle) +{ + struct dsp_mmap_handle *h = handle; + + sndbuf_rele(h->buf); + dev_rel(h->cdev); + free(h, M_DEVBUF); +} + static int -dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, +dsp_dev_pager_fault(vm_object_t object, vm_ooffset_t offset, int prot, + vm_page_t *mres) +{ + struct dsp_mmap_handle *h = object->handle; + vm_page_t m; + uintptr_t addr; + vm_paddr_t paddr; + + addr = (uintptr_t)offset; + if (addr < (uintptr_t)h->buf->buf || + addr >= (uintptr_t)h->buf->buf + h->buf->allocsize) + return (VM_PAGER_ERROR); + paddr = vtophys((void *)addr); + + if (((*mres)->flags & PG_FICTITIOUS) != 0) { + m = *mres; + vm_page_updatefake(m, paddr, object->memattr); + } else { + VM_OBJECT_WUNLOCK(object); + m = vm_page_getfake(paddr, object->memattr); + VM_OBJECT_WLOCK(object); + vm_page_replace(m, object, (*mres)->pindex, *mres); + *mres = m; + } + m->valid = VM_PAGE_BITS_ALL; + return (VM_PAGER_OK); +} + +static const struct cdev_pager_ops dsp_dev_pager_ops = { + .cdev_pg_ctor = dsp_dev_pager_ctor, + .cdev_pg_dtor = dsp_dev_pager_dtor, + .cdev_pg_fault = dsp_dev_pager_fault, +}; + +static int +dsp_mmap_single(struct cdev *cdev, vm_ooffset_t *offset, vm_size_t size, struct vm_object **object, int nprot) { + struct dsp_mmap_handle *handle; struct dsp_cdevpriv *priv; struct snddev_info *d; struct pcm_channel *wrch, *rdch, *c; @@ -1900,13 +1947,18 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, *offset = (uintptr_t)sndbuf_getbufofs(c->bufsoft, *offset); dsp_unlock_chans(priv, SD_F_PRIO_RD | SD_F_PRIO_WR); - *object = vm_pager_allocate(OBJT_DEVICE, i_dev, - size, nprot, *offset, curthread->td_ucred); + handle = malloc(sizeof(*handle), M_DEVBUF, M_WAITOK); + handle->cdev = cdev; + handle->buf = c->bufsoft; + *object = cdev_pager_allocate(handle, OBJT_DEVICE, &dsp_dev_pager_ops, + size, nprot, *offset, curthread->td_ucred); PCM_GIANT_LEAVE(d); + if (*object == NULL) { + free(handle, M_DEVBUF); + return (EINVAL); + } - if (*object == NULL) - return (EINVAL); return (0); } diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c index 33440529eb10..ee35986831c2 100644 --- a/tests/sys/sound/mmap.c +++ b/tests/sys/sound/mmap.c @@ -4,12 +4,14 @@ * Copyright (c) 2026 The FreeBSD Foundation */ +#include #include #include #include #include #include +#include #include #define FMT_ERR(s) s ": %s", strerror(errno) @@ -42,9 +44,66 @@ ATF_TC_BODY(mmap_offset_overflow, tc) close(fd); } +/* + * Verify that a MAP_SHARED mapping of a DSP device's software buffer remains + * valid after the file descriptor is closed. + */ +ATF_TC(mmap_buffer_lifetime); +ATF_TC_HEAD(mmap_buffer_lifetime, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap data survives close()"); +} +ATF_TC_BODY(mmap_buffer_lifetime, tc) +{ + audio_buf_info abi; + uint8_t *buf; + size_t len; + int fd, arg; + + fd = open("/dev/dsp0", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + arg = (2 << 16) | 14; /* 2*16KB */ + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_SETFRAGMENT, &arg) == 0, + FMT_ERR("SNDCTL_DSP_SETFRAGMENT")); + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_GETOSPACE, &abi) == 0, + FMT_ERR("SNDCTL_DSP_GETOSPACE")); + + len = abi.bytes; + ATF_REQUIRE_MSG(len >= PAGE_SIZE, "buffer too small: %zu", len); + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + ATF_REQUIRE_MSG(buf != MAP_FAILED, FMT_ERR("mmap")); + + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0, + "mmap data corrupted at offset %zu: want 0 got 0x%02x", + i, buf[i]); + } + + memset(buf, 0xa5, len); + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0xa5, + "mmap data corrupted at offset %zu: want 0xa5 got 0x%02x", + i, buf[i]); + } + + ATF_REQUIRE(close(fd) == 0); + + /* Closing the device causes the buffer to be reset. */ + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0 || buf[i] == 0xa5, + "mmap data corrupted at offset %zu: got 0x%02x", i, buf[i]); + } + memset(buf, 0xa5, len); + + ATF_REQUIRE(munmap(buf, len) == 0); +} + ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, mmap_offset_overflow); + ATF_TP_ADD_TC(tp, mmap_buffer_lifetime); return (atf_no_error()); } From nobody Tue Jun 9 19:18:38 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxB6XLhz6gV2d for ; Tue, 09 Jun 2026 19:18:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxB5FH7z3NW6 for ; Tue, 09 Jun 2026 19:18:38 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032718; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Iwk0uXqvAtWcKGSiPIo/1qA6X5kTiHpUeKsUGAR4IOQ=; b=lBO0btCYGPbydO/tXbkDnJrATMaXdQ5JTgc12lDZZ3nL4rYVSeWUEpqQ3yRzg2guVXDSba TmxKgULvf1aBnpPB5TC5duhvcpxaZDF32c0ay3IeJv3AxH0FKh6MwVrKajnfkD3MuaNI01 fLo8deEiRRIHvBsexlaLCkt88jcu4dzsT3fXDLIaX6VDNrhlEiWK4YHtinebvfUg/Oot/O JMNSElpuRKeLnalchcAMpfQGUCTI5wbTUqFzJ9zxcQ11B/NG1/9t34xdjFP8W5uEpUPIPy uRxczGxUwow4vpPgUD0mRBi9TPK1Ug6oIKiVg0HvoQ8lBigIRUCt5FBbhGsPoQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032718; a=rsa-sha256; cv=none; b=RFqN2E/IuqCr/8enHTiuKBoQo9gxSI4w3VRlE91Et1QaC3z+P7rMUZi4f769h0Y6pnFlq1 xW8B3F2rmBJ2N9f+zIki5deZW/VT8u4hPfABNNiQdibUq1RlFrofcxiarb2kTZ8vrj6c8l 6M/8QTZ5773WlQwRTUdP9Pz4Mo0M6Xc9UjswkfXpmEh98+7dp/pLLLY/DX8up6+L2VcY8N E4IbewFCzzAMiAw1C/uvHLUNjkjn0xJ/H9pWD802s4ZOx1qvqfFYEswPYPgwCBWyLwp6fv ebU+WagDBJR281BEzOr0MG6w46Ihahkz/tSoK6+/55q5zNRZ0LnrRK6IMxUIDA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032718; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Iwk0uXqvAtWcKGSiPIo/1qA6X5kTiHpUeKsUGAR4IOQ=; b=LBB3PtqgQPYSkCkaN/JEPenIHfos7jvM4bvsAzYzwSp9nxkIsluM1fyz30e9JhdaMcOtEd yPwnztqM5LyfyumOPn+wNDyZH3botdhiGRM+DRKY9suV9gxBs07WAZljmdFWLNaWf+tpY6 8uEs2DqL5ylFEsdkWC6xS4mo6qtc6ZeSeZacHYBQJB7VgDRcixPYjnNfTXPA4tL6HS0BkW VTYTdAGVsN5ENkN0Iz+8jqGV6Tl9X6my2GcHbXInQAUKXJmLvKnQs6zi0JyaUXS0GlENJG AIfdwDQK/9lwMz1KhFdkAgAJd+RwhnbuUgyY/RSjOH++BI1pGQorwP860d8zmQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxB4QnMznCR for ; Tue, 09 Jun 2026 19:18:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ef34 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:38 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Ed Maste From: Mark Johnston Subject: git: f56e8cb94df6 - releng/14.3 - sigqueue: In capability mode, only allow signalling self List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: f56e8cb94df666e548c8e1e4e5bd74c8040817f3 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:38 +0000 Message-Id: <6a28670e.3ef34.6a513e51@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=f56e8cb94df666e548c8e1e4e5bd74c8040817f3 commit f56e8cb94df666e548c8e1e4e5bd74c8040817f3 Author: Ed Maste AuthorDate: 2026-05-26 13:24:36 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 17:48:17 +0000 sigqueue: In capability mode, only allow signalling self This is copied from the check in kern_kill. Approved by: so Security: FreeBSD-SA-26:28.capsicum Security: CVE-2026-45259 Reviewed by: markj, oshogbo Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57244 (cherry picked from commit b9d16b7fd2fa6bc4b3e8364804cbdc1b76ebe8a5) (cherry picked from commit defd9b86ef995ce70363eae9b323d616bda865be) (cherry picked from commit d11ff01b3aec336128e6babbff7a421fbce82015) --- contrib/capsicum-test/capmode.cc | 12 +++++++++--- sys/kern/kern_sig.c | 10 ++++++++++ 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/contrib/capsicum-test/capmode.cc b/contrib/capsicum-test/capmode.cc index f32d9e038744..12921bb53c72 100644 --- a/contrib/capsicum-test/capmode.cc +++ b/contrib/capsicum-test/capmode.cc @@ -747,8 +747,8 @@ FORK_TEST(Capmode, NewThread) { close(thread_pipe[1]); } -static volatile sig_atomic_t had_signal = 0; -static void handle_signal(int) { had_signal = 1; } +static volatile sig_atomic_t signal_cnt = 0; +static void handle_signal(int) { signal_cnt++; } FORK_TEST(Capmode, SelfKill) { pid_t me = getpid(); @@ -766,7 +766,13 @@ FORK_TEST(Capmode, SelfKill) { // Can only kill(2) to own pid. EXPECT_CAPMODE(kill(child, SIGUSR1)); EXPECT_OK(kill(me, SIGUSR1)); - EXPECT_EQ(1, had_signal); + EXPECT_EQ(1, signal_cnt); + + union sigval sv; + sv.sival_int = 0x1234; + EXPECT_CAPMODE(sigqueue(child, SIGUSR1, sv)); + EXPECT_OK(sigqueue(me, SIGUSR1, sv)); + EXPECT_EQ(2, signal_cnt); signal(SIGUSR1, original); } diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 3ef9d093b29e..eda533d73522 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -2041,6 +2041,16 @@ kern_sigqueue(struct thread *td, pid_t pid, int signumf, union sigval *value) if (pid <= 0) return (EINVAL); + /* + * A process in capability mode can send signals only to itself. + */ + if (pid != td->td_proc->p_pid) { + if (CAP_TRACING(td)) + ktrcapfail(CAPFAIL_SIGNAL, &signum); + if (IN_CAPABILITY_MODE(td)) + return (ECAPMODE); + } + if ((signumf & __SIGQUEUE_TID) == 0) { if ((p = pfind_any(pid)) == NULL) return (ESRCH); From nobody Tue Jun 9 19:18:39 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxD1b2Fz6gV49 for ; Tue, 09 Jun 2026 19:18:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxC5GJrz3NQN for ; Tue, 09 Jun 2026 19:18:39 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032719; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6Et6GRrtMVwZr7qEsduNlaOxmVkcpytz/DDz0h8DFRI=; b=YJR/hCJ84u4DKbMFbvGpv/Zin99w3R/AxF4OXvOL0GjldAKOpQaI5dvMxejTqwy+imagH4 o0P/DGsXh11YPOyZNE0n6BPW2WHpS7Z/b3/pd8j9eeJ58cKUv5AxWRm6Tfj4cF+L2fNho8 osN2ZUjD1Qny8JG7pLdNGzVojc/v/66hYfy6oP6u8BmmWZdDoCtIk8zrEZNScH2ALBR3TY hsSf2Kh9yIOHn0ntxGUyJCiC8H5wSWcHDTTAzRJT41fwXaQXrCtGq0HaUwm8XNbu475RzJ ROXtnVhtQL/AFf6B6rF/MwtUMtqDOS+eRP60xvcZ7RoE86SuzjyWetk4j87c1Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032719; a=rsa-sha256; cv=none; b=X9600dsfzVGsBpMuI1gy5zUg6nJUMF4Ow6kLVt05Sw9app7H5KpiYOWA/KQER/oTPHkAJj XppvJYivWMpy8+XpEMCObecSVuA+TeKVaCy++MNUOyZ8WTlWlQivGQluvNU5L3pv+P8jH5 EVWQPqAju//LpaKsmZrlTtxcPj/d19oq+H0DGLCrMHAE5YpQI01Po13WDVEc20Y9EdIUDX U5zp3Z+mkUvgnzaJpuC16R9rDPFDI+QQbzgxo1PX08mbaRv1PaSm5lYAwdv/CBwFTtQ54x fQd6je7YpZrMFMnPRLOFWdKz85iAkvjbS3CWX1PboVaEBQqf+hIP2N/K/geD2g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032719; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6Et6GRrtMVwZr7qEsduNlaOxmVkcpytz/DDz0h8DFRI=; b=d+4RZS7GJdEMo6DcPVsi210mXj90DEFek5hGhAVvHMsQZODX6senq0NreHC0ocnuzpZFLS 0j10I36y9WDUkUthYkAcshasWdRNrxizd+ppuDaQEbqUojtnEj+yQTF01Msl6NijRvSRcL fvYHCPaoxAHpAlXwRXpo8aE2iMMKnIesuJHc6tQyF3N71CmcL5sIsyXFAujMuvZHY2Y/qc QAIkvlHCY/HiZjePTp7uTnGho1D/sfwYFJ+RT5hn1fG8k3LKc/A6zG6IIKaYtir7Otva/o OxZEtJeZ8z/EiKLqNSgPJR9CalANuKS+jSR806inf8RpWFE7O6T8xLQcZGrTAw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxC4pH8znCS for ; Tue, 09 Jun 2026 19:18:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e52a by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:39 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: e6859453de61 - releng/14.3 - in6_mcast: Fix a race in in6p_set_source_filter() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: e6859453de61e683b77b0172e98e06181d82a930 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:39 +0000 Message-Id: <6a28670f.3e52a.437f5186@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=e6859453de61e683b77b0172e98e06181d82a930 commit e6859453de61e683b77b0172e98e06181d82a930 Author: Mark Johnston AuthorDate: 2026-05-29 20:12:24 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 17:48:17 +0000 in6_mcast: Fix a race in in6p_set_source_filter() We drop the inpcb lock in order to copy in the source list, but this leaves a window where the multicast filter structure might be freed. This can be exploited to obtain root privileges. In the v4 code this race is mitigated by holding the global multicast lock across the gap. Restructure the code to copy in filters before doing anything else, so that there's no need to drop the inpcb lock and reason about the correctness of doing so. Do the same in the v4 code for consistency. Approved by: so Security: FreeBSD-SA-26:29.ip6_multicast Security: CVE-2026-49412 Reported by: Andrew Griffiths Reported by: Maik Münch Reviewed by: glebius Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57347 --- sys/netinet/in_mcast.c | 39 +++++++++++++++++---------------------- sys/netinet6/in6_mcast.c | 41 +++++++++++++++++++---------------------- 2 files changed, 36 insertions(+), 44 deletions(-) diff --git a/sys/netinet/in_mcast.c b/sys/netinet/in_mcast.c index 3dc4fa271683..4fd00bac3ae4 100644 --- a/sys/netinet/in_mcast.c +++ b/sys/netinet/in_mcast.c @@ -2524,6 +2524,7 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct epoch_tracker et; struct __msfilterreq msfr; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in_mfilter *imf; @@ -2536,9 +2537,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) - return (ENOBUFS); - if ((msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE)) return (EINVAL); @@ -2551,13 +2549,24 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr))) return (EINVAL); + if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_inp_unlocked; + gsa->sin.sin_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); /* XXXGL: unsafe ifp */ - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_inp_unlocked; + } IN_MULTI_LOCK(); @@ -2589,24 +2598,9 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in_msource *lims; struct sockaddr_in *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_IGMPV3, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as imf_leave() @@ -2641,7 +2635,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->imsl_st[1] = imf->imf_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2678,6 +2671,8 @@ out_imf_rollback: out_inp_locked: INP_WUNLOCK(inp); IN_MULTI_UNLOCK(); +out_inp_unlocked: + free(kss, M_TEMP); return (error); } diff --git a/sys/netinet6/in6_mcast.c b/sys/netinet6/in6_mcast.c index a6186568ecb2..4ec9f36cd9ac 100644 --- a/sys/netinet6/in6_mcast.c +++ b/sys/netinet6/in6_mcast.c @@ -2489,6 +2489,7 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct __msfilterreq msfr; struct epoch_tracker et; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in6_mfilter *imf; @@ -2501,9 +2502,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) - return (ENOBUFS); - if (msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE) return (EINVAL); @@ -2516,19 +2514,31 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN6_IS_ADDR_MULTICAST(&gsa->sin6.sin6_addr)) return (EINVAL); + if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_in6p_unlocked; + gsa->sin6.sin6_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_in6p_unlocked; + } (void)in6_setscope(&gsa->sin6.sin6_addr, ifp, NULL); /* * Take the INP write lock. * Check if this socket is a member of this group. */ + IN6_MULTI_LOCK(); imo = in6p_findmoptions(inp); imf = im6o_match_group(imo, ifp, &gsa->sa); if (imf == NULL) { @@ -2553,24 +2563,9 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in6_msource *lims; struct sockaddr_in6 *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_MLD, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as im6f_leave() @@ -2615,7 +2610,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->im6sl_st[1] = imf->im6f_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2650,6 +2644,9 @@ out_im6f_rollback: out_in6p_locked: INP_WUNLOCK(inp); + IN6_MULTI_UNLOCK(); +out_in6p_unlocked: + free(kss, M_TEMP); return (error); } From nobody Tue Jun 9 19:18:40 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxF4gzVz6gV0B for ; Tue, 09 Jun 2026 19:18:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxD6Bxcz3NT8 for ; Tue, 09 Jun 2026 19:18:40 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032720; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=M/+kbOepM/mfvAXmK+IvMTvDQlQKLImFA8ZtGWWGPmA=; b=yf6/98yFqJ8AyFIxRUyXHPcOuETGLlU5SE0shkBdtyQiRZHf1m5vntyQzERhBYTmfNd99L Ol4ojpkUOgpyanHHlprMidvAecG0A039qf0nfu7n+r63f5d06Mir6HsTlO1DhJcgyS3IS8 t0eFlcIftr05j9g5mpAX/KI4eKAdCxpodfB+9siw8vle4oIZ7Q54/+pR6lZ05MetEsXxVL z8v7TjpRoTX+fuUfzk6OmNlSsgXl+UCkvXZDpSSbbH9mzDkHMA7Hi6mgEy79iy/Wo4g3ep KefWlufeywI1hWQd0ixXbiaFZ33i/OtD6nPz6CtPiO8pg6EpuNJMWMGbjnO6Bg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032720; a=rsa-sha256; cv=none; b=B+jEF7UY6zp6G9kgGOiB1cGjuA+K5gqmrXjy0qYq4G4hMP2BjH7w03oAk666qAr/wnZUi/ /c+G7H1K7N0E47osr7efiIi0M4xQS11P9AlTkfF+6TFDAuoZ0Fwwd91AN+loMFsFfrIvRB 1JlOofybJFw3rhCMk/DWyENlrNRxl7fY8NTU3iBznLzyIDlLQl7oQzNfh5y5DOZ7iXU0Bg 1RC+NHydkxkQkssYeUbW/6qJjzpFcKfcTMxSh6/2BWB0ibFy1fo23sMHnmZsUazLA1esOv 3BmYy9F03FVZ1Ta/J94TajfyR/dmlUz3XFdRa3StnZFMFqLXWxSkZ9hYujI+OQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032720; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=M/+kbOepM/mfvAXmK+IvMTvDQlQKLImFA8ZtGWWGPmA=; b=leMyxgBjrzkipCFa3pCM7kE0M1+C4cqSClyuakySn2N3INX/+2I3zDaNZ+rntqNeqYk5Nb y5WaG6DEc4Nthi7V1cO5AMxpSgDVFERTScr8U4BL5uFinO4FZXjgjRxD8pAfmpYsGM4EJk 1W5l/N3weOXMABhpDVpk5anhWjBV9cAKtyEdcchmQVN2Fyp4ai27bfcwUZezNys4F3STT7 fV6mE5gHjcEpDjlNcxHvOUc8gVqjwrr0RseJL70GJRrN8jO68EBOk9jGNo4cNFXXEG3sdD SUTlMRfjybfgu8erSdH0lsdoQMFu82foeOijA1dbB2OwoDPGWPZFhvv6bpWSww== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxD5ZjDzn9g for ; Tue, 09 Jun 2026 19:18:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e421 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:40 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 0dcf9bba4b9f - releng/14.3 - linux: Correct the issetugid check in copyout_auxargs List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: 0dcf9bba4b9fe7f2f0356095f21b2cb86be02e1d Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:40 +0000 Message-Id: <6a286710.3e421.50d410a@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=0dcf9bba4b9fe7f2f0356095f21b2cb86be02e1d commit 0dcf9bba4b9fe7f2f0356095f21b2cb86be02e1d Author: Mark Johnston AuthorDate: 2026-05-29 21:41:35 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 17:48:17 +0000 linux: Correct the issetugid check in copyout_auxargs The runtime linker in glibc relies on the AT_SECURE auxv entry to know whether the executable is set-ugid, if so then various dangerous functionality such as LD_PRELOAD is disabled. The check added in commit 669414e4fb74 failed to take into account the fact that during execve, P_SUGID may not yet be set for a set-ugid process. Correct the test. Approved by: so Security: FreeBSD-SA-26:30.linux Security: CVE-2026-49413 Reported by: Minseong Kim Fixes: 669414e4fb74 ("Implement AT_SECURE properly.") Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57350 --- sys/compat/linux/linux_elf.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/sys/compat/linux/linux_elf.c b/sys/compat/linux/linux_elf.c index c9eb6aea8373..6c9f785c97e7 100644 --- a/sys/compat/linux/linux_elf.c +++ b/sys/compat/linux/linux_elf.c @@ -492,11 +492,9 @@ __linuxN(copyout_auxargs)(struct image_params *imgp, uintptr_t base) struct thread *td = curthread; Elf_Auxargs *args; Elf_Auxinfo *aarray, *pos; - struct proc *p; int error, issetugid; - p = imgp->proc; - issetugid = p->p_flag & P_SUGID ? 1 : 0; + issetugid = imgp->credential_setid ? 1 : 0; args = imgp->auxargs; aarray = pos = malloc(LINUX_AT_COUNT * sizeof(*pos), M_TEMP, M_WAITOK | M_ZERO); From nobody Tue Jun 9 19:18:41 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxG3NjWz6gTt6 for ; Tue, 09 Jun 2026 19:18:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxF6rB5z3NQl for ; Tue, 09 Jun 2026 19:18:41 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032722; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UdYHrbgIEhyENyND0buDUUW93oJVie+LngaRFRBJDCM=; b=xg4Xw6AgYi3xieTRsTBG0y3Ah1Knj0qY9WcWy0UqhhtM3wKJQwlErEs36/YdtTEy5/kKxy aEJOKqYa1T/0xoXHLBmaQx3N6WDCi+yhJgCbXK4ip1iQykJvxsBWVTeMt+0yIKap4evloj mIM+PHYjRwaoJGo5D5rxAcmA2kc41ve4vdTAbcglMDulqGES/vHB/U1HDC7X2QquEgkrum euRLyx0sxON7etJ1DoZEZdyBUVBFq1GVly/erYHBG2CnFzNqW4Fo8s4J01tqUNdcKmESQK dO0OKcOObItSS8Z0hZZCWdMEypLq4LOCxX6jVD+9QJXgcFoQQXC17GUlvCWJGQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032722; a=rsa-sha256; cv=none; b=PmdVekRTe0zW9j3UmQS1Oq0LqF9+uRsMJMzCWAcydY/Yj1C22XXCYgE4/4DJyjKM2j8tce iIBJgjk0kWO83uG29Eq5IkvBROXtzMxQIzJ90YhOap5xgOv8v69rgUtW52I0t/jZOBu7rN NtSpEoCdulDfcn1qPkcUwV7y/tM4WgPCuafkKiTq12TdC+VTx05FPwHA/zgMGbwlze5tk9 Xq7z+vroFPyF9HGI2qZM/UnBsJpLlRSEnqZ1b3QordcqE5cQknfJR4KoOLMLq9Qx4LwCQ8 B07I8DU0YcAjvhcuerqaW9TOo5oI3I0J20j6zRQdL+4vHSR8esOWal04UHP9vw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032722; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UdYHrbgIEhyENyND0buDUUW93oJVie+LngaRFRBJDCM=; b=B0UmWRVTUKiXQOo30B3z4aEXZ1LeTagmEREtKa93ZOClkI02ot0rVa8P27PLGpWX1/5nld UVf9CguxlBbMjDPd2OUfzM9Hyb8tZgQL4EN1TEeF7pjit0bxRL9R7zwZViDFnNik2HBNnf 5yzSS+7qiILuxwGAcvD1bKuLzFRtGh4lLKYVGRvrp8tZLDH2nvV1jOUoGIbilo8foWmxtF iplc26+dNSHLpXJi5MdZsELrXSQr9FiA1GW4yIU6548AocYuW9sEhper8MSILkqnp8pWMS dGLn55Z04pVABskxvlk4tutFtdOuvnqx5KUGz6ZMO8xR+ujiPeI1tf9WCckUjA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxF6Mlbznkg for ; Tue, 09 Jun 2026 19:18:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c5f2 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:41 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Andrew Turner From: Mark Johnston Subject: git: 61d0cea4c00f - releng/14.3 - arm64: Workaround the following errata List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: 61d0cea4c00fd48ca9cedfd788a58105948aff78 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:41 +0000 Message-Id: <6a286711.3c5f2.51d4f2ed@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=61d0cea4c00fd48ca9cedfd788a58105948aff78 commit 61d0cea4c00fd48ca9cedfd788a58105948aff78 Author: Andrew Turner AuthorDate: 2026-05-29 08:31:10 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 17:48:17 +0000 arm64: Workaround the following errata - ARM C1-Premium erratum 4193780 - ARM C1-Ultra erratum 4193780 - ARM Cortex-A76 erratum 4193800 - ARM Cortex-A76AE erratum 4193801 - ARM Cortex-A77 erratum 4193798 - ARM Cortex-A78 erratum 4193791 - ARM Cortex-A78AE erratum 4193793 - ARM Cortex-A78C erratum 4193794 - ARM Cortex-A710 erratum 4193788 - ARM Cortex-X1 erratum 4193791 - ARM Cortex-X1C erratum 4193792 - ARM Cortex-X2 erratum 4193788 - ARM Cortex-X3 erratum 4193786 - ARM Cortex-X4 erratum 4118414 - ARM Cortex-X925 erratum 4193781 - ARM Neoverse-N1 erratum 4193800 - ARM Neoverse-N2 erratum 4193789 - ARM Neoverse-V1 erratum 4193790 - ARM Neoverse-V2 erratum 4193787 - ARM Neoverse-V3 erratum 4193784 - ARM Neoverse-V3AE erratum 4193784 These are all variants on an erratum where TLBI+DSB instructions on one CPU may incorrectly complete early leading to stores to an updated address using an incorrect translation on another CPU. In all cases the workaround is to add a second TLBI+DSB. Sponsored by: Arm Ltd arm64: Add more CPU MIDR values Found in Linux and https://github.com/arm-software/data Sponsored by: Arm Ltd Differential Revision: https://reviews.freebsd.org/D50726 (cherry picked from commit 124b5dbf5c09a17251b75f6b96c9ab7b218eee7f) (cherry picked from commit 935f00c4ddf6c0e90752e7017e1d8d165e0796a1) arm64: Add the new C1 CPU IDs Add the Arm C1-Nano, C1-Pro, C1-Premium, and C1-Ultra CPUs from their Technical Reference Manuals. Sponsored by: Arm Ltd (cherry picked from commit 8fee6b9ecc84d3602a461f1cd33df91e50849cdf) (cherry picked from commit 25ff471f0bbcf5b489678e9f94877386366dc521) Approved by: so Security: FreeBSD-SA-26:31.arm64 Security: CVE-2025-10263 --- sys/arm64/arm64/pmap.c | 79 +++++++++++++++++++++++++++++++++++++++++++++++++ sys/arm64/include/cpu.h | 24 ++++++++++++++- 2 files changed, 102 insertions(+), 1 deletion(-) diff --git a/sys/arm64/arm64/pmap.c b/sys/arm64/arm64/pmap.c index a5d037d7b71c..91b4942b4345 100644 --- a/sys/arm64/arm64/pmap.c +++ b/sys/arm64/arm64/pmap.c @@ -183,6 +183,8 @@ #define PMAP_SAN_PTE_BITS (ATTR_DEFAULT | ATTR_S1_XN | \ ATTR_S1_IDX(VM_MEMATTR_WRITE_BACK) | ATTR_S1_AP(ATTR_S1_AP_RW)) +static bool __read_mostly pmap_multiple_tlbi = false; + struct pmap_large_md_page { struct rwlock pv_lock; struct md_page pv_page; @@ -1534,6 +1536,71 @@ pmap_init_pv_table(void) } } + +static void +pmap_init_multiple_tlbi(void *dummy __unused) +{ + u_int cpu, midr; + + CPU_FOREACH(cpu) { + midr = pcpu_find(cpu)->pc_midr; + + /* + * ARM C1-Premium erratum 4193780 + * ARM C1-Ultra erratum 4193780 + * ARM Cortex-A76 erratum 4193800 + * ARM Cortex-A76AE erratum 4193801 + * ARM Cortex-A77 erratum 4193798 + * ARM Cortex-A78 erratum 4193791 + * ARM Cortex-A78AE erratum 4193793 + * ARM Cortex-A78C erratum 4193794 + * ARM Cortex-A710 erratum 4193788 + * ARM Cortex-X1 erratum 4193791 + * ARM Cortex-X1C erratum 4193792 + * ARM Cortex-X2 erratum 4193788 + * ARM Cortex-X3 erratum 4193786 + * ARM Cortex-X4 erratum 4118414 + * ARM Cortex-X925 erratum 4193781 + * ARM Neoverse-N1 erratum 4193800 + * ARM Neoverse-N2 erratum 4193789 + * ARM Neoverse-V1 erratum 4193790 + * ARM Neoverse-V2 erratum 4193787 + * ARM Neoverse-V3 erratum 4193784 + * ARM Neoverse-V3AE erratum 4193784 + * Present in all revisions + */ + if (CPU_IMPL(midr) == CPU_IMPL_ARM) { + switch(CPU_PART(midr)) { + case CPU_PART_C1_PREMIUM: + case CPU_PART_C1_ULTRA: + case CPU_PART_CORTEX_A76: + case CPU_PART_CORTEX_A76AE: + case CPU_PART_CORTEX_A77: + case CPU_PART_CORTEX_A78: + case CPU_PART_CORTEX_A78AE: + case CPU_PART_CORTEX_A78C: + case CPU_PART_CORTEX_A710: + case CPU_PART_CORTEX_X1: + case CPU_PART_CORTEX_X1C: + case CPU_PART_CORTEX_X2: + case CPU_PART_CORTEX_X3: + case CPU_PART_CORTEX_X4: + case CPU_PART_CORTEX_X925: + case CPU_PART_NEOVERSE_N1: + case CPU_PART_NEOVERSE_N2: + case CPU_PART_NEOVERSE_V1: + case CPU_PART_NEOVERSE_V2: + case CPU_PART_NEOVERSE_V3: + case CPU_PART_NEOVERSE_V3AE: + pmap_multiple_tlbi = true; + return; + } + } + } +} +SYSINIT(pmap_init_multiple_tlbi, SI_SUB_CPU, SI_ORDER_ANY, + pmap_init_multiple_tlbi, NULL); + /* * Initialize the pmap module. * @@ -1652,6 +1719,10 @@ pmap_s1_invalidate_page(pmap_t pmap, vm_offset_t va, bool final_only) r |= ASID_TO_OPERAND(COOKIE_TO_ASID(pmap->pm_cookie)); pmap_s1_invalidate_user(r, final_only); } + if (pmap_multiple_tlbi) { + dsb(ish); + __asm __volatile("tlbi vale1is, xzr" ::: "memory"); + } dsb(ish); isb(); } @@ -1699,6 +1770,10 @@ pmap_s1_invalidate_range(pmap_t pmap, vm_offset_t sva, vm_offset_t eva, for (r = start; r < end; r += TLBI_VA_L3_INCR) pmap_s1_invalidate_user(r, final_only); } + if (pmap_multiple_tlbi) { + dsb(ish); + __asm __volatile("tlbi vale1is, xzr" ::: "memory"); + } dsb(ish); isb(); } @@ -1740,6 +1815,10 @@ pmap_s1_invalidate_all(pmap_t pmap) r = ASID_TO_OPERAND(COOKIE_TO_ASID(pmap->pm_cookie)); __asm __volatile("tlbi aside1is, %0" : : "r" (r)); } + if (pmap_multiple_tlbi) { + dsb(ish); + __asm __volatile("tlbi vale1is, xzr" ::: "memory"); + } dsb(ish); isb(); } diff --git a/sys/arm64/include/cpu.h b/sys/arm64/include/cpu.h index 0701a75d17f7..dbb92d75dd85 100644 --- a/sys/arm64/include/cpu.h +++ b/sys/arm64/include/cpu.h @@ -77,6 +77,7 @@ #define CPU_IMPL_CAVIUM 0x43 #define CPU_IMPL_DEC 0x44 #define CPU_IMPL_FUJITSU 0x46 +#define CPU_IMPL_HISILICON 0x48 #define CPU_IMPL_INFINEON 0x49 #define CPU_IMPL_FREESCALE 0x4D #define CPU_IMPL_NVIDIA 0x4E @@ -86,6 +87,7 @@ #define CPU_IMPL_APPLE 0x61 #define CPU_IMPL_INTEL 0x69 #define CPU_IMPL_AMPERE 0xC0 +#define CPU_IMPL_MICROSOFT 0x6D /* ARM Part numbers */ #define CPU_PART_FOUNDATION 0xD00 @@ -105,6 +107,7 @@ #define CPU_PART_AEM_V8 0xD0F #define CPU_PART_NEOVERSE_V1 0xD40 #define CPU_PART_CORTEX_A78 0xD41 +#define CPU_PART_CORTEX_A78AE 0xD42 #define CPU_PART_CORTEX_A65AE 0xD43 #define CPU_PART_CORTEX_X1 0xD44 #define CPU_PART_CORTEX_A510 0xD46 @@ -117,6 +120,18 @@ #define CPU_PART_CORTEX_A715 0xD4D #define CPU_PART_CORTEX_X3 0xD4E #define CPU_PART_NEOVERSE_V2 0xD4F +#define CPU_PART_CORTEX_A520 0xD80 +#define CPU_PART_CORTEX_A720 0xD81 +#define CPU_PART_CORTEX_X4 0xD82 +#define CPU_PART_NEOVERSE_V3AE 0xD83 +#define CPU_PART_NEOVERSE_V3 0xD84 +#define CPU_PART_CORTEX_X925 0xD85 +#define CPU_PART_CORTEX_A725 0xD87 +#define CPU_PART_C1_NANO 0xD8A +#define CPU_PART_C1_PRO 0xD8B +#define CPU_PART_C1_ULTRA 0xD8C +#define CPU_PART_NEOVERSE_N3 0xD8E +#define CPU_PART_C1_PREMIUM 0xD90 /* Cavium Part numbers */ #define CPU_PART_THUNDERX 0x0A1 @@ -129,9 +144,16 @@ #define CPU_REV_THUNDERX2_0 0x00 -/* APM / Ampere Part Number */ +/* APM (now Ampere) Part number */ #define CPU_PART_EMAG8180 0x000 +/* Ampere Part numbers */ +#define CPU_PART_AMPERE1 0xAC3 +#define CPU_PART_AMPERE1A 0xAC4 + +/* Microsoft Part numbers */ +#define CPU_PART_AZURE_COBALT_100 0xD49 + /* Qualcomm */ #define CPU_PART_KRYO400_GOLD 0x804 #define CPU_PART_KRYO400_SILVER 0x805 From nobody Tue Jun 9 19:18:44 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxJ544Jz6gVJ3 for ; Tue, 09 Jun 2026 19:18:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxJ1R02z3NZg for ; Tue, 09 Jun 2026 19:18:44 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032724; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4sK3XWSRFQ8gjXFbYQt74mwM/vFV86RviLpTYqFQwdM=; b=TjOP891gK7eD7LhcOMYhLgUiIQbnRW3JgGApXxDbZBCxULEvi8Dzc7CauIjD2dFqrnAHQB vBjOrvSqwRofC/p2zii+vQeyXau4dC23k7SAZMnEUHjF0/F8Huu0EU7uavA6Jh9Xy3IQYy 0Qs6iQsBd2GTBxn9zDyaCLpk+MGfIhDFzbLtxNs7qHeYr3dFRXhPYx8YQfeP3iUCmGL1eQ yzSaUQ5ohb8BDJfYP3yObybDXqhVQqjOKEdOdkAm3CYpz5SBJIc7VX9d4t2umnFfDWDTZr coOydOcnpsKBX0/AoqIxVhJPqRP5OMF5bPpZKvs3qFnHSOcDVg21cKVucaDFQQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032724; a=rsa-sha256; cv=none; b=clJjEo6yxOs5+yERlN/aKoB21iyzmF9GAnjvr9ld3nuD4wE4H4fq0b8rp8qYpQ3Ex4xbcM 7fhHaV7Ox2E27Z2lGPwx7gutWtxqePLuG8PIEeWG+W3rS0ROGqbuTU6cQDDRKeOqLT1Cve SrnTl2tAyv2JuNJ34ZltepIIcMYeS9ypmsA1Fcs9PYbK//bp9S54NitErnyDBWZjTBcD/O b6lonXRGoqvM6QKJwFIQs8fQ3svwhBr0xJLybDU4crgdvK2k86wkhaf/TimhrB5UfghXM3 e3JIkjpKGYZoXuf7+ND2LpoLh0nr9LUgHBF8xPLG9vNt8vpcKxQO1nxJa2Q8TQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032724; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4sK3XWSRFQ8gjXFbYQt74mwM/vFV86RviLpTYqFQwdM=; b=it+W+PBJ6XCYiun2T8n1nFvkaEGNA3+YiKKAMo2x9DtJoNf7bEXBT1MWflomzBY4yttdmg +AdhWUiWKBPo9hchSgNJayqVFqwFOOuA23b7QI4Btm9J+sOcwPty0z8t7oPx5sb84ZaQF4 qPx9DtaR1iI6igO+L/vgWtcUl50esXCAkClhjnByAWrOaGSJgNTL4Xot53UCaWUo770u8e RIgoJN59rb8xgWVp7J5nD28QWjNhlXKk6xoxK9rRazzYR6JsE5ziwFgG2TMYLYee0msWpE tGJ2yLYgK4JtORU/rA7BZ6ez0kXvO8qjGHRdXVwPnPYY3uY8uxkqUbf22Zmg4Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxJ0ypWznrX for ; Tue, 09 Jun 2026 19:18:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ecbe by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:44 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav From: Mark Johnston Subject: git: a68c183e0ad2 - releng/14.3 - unbound: Apply upstream patches List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: a68c183e0ad2ceefa2a1ea8f8c8d1d1937c36c0d Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:44 +0000 Message-Id: <6a286714.3ecbe.66468ba6@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=a68c183e0ad2ceefa2a1ea8f8c8d1d1937c36c0d commit a68c183e0ad2ceefa2a1ea8f8c8d1d1937c36c0d Author: Dag-Erling Smørgrav AuthorDate: 2026-05-29 22:21:50 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 17:48:17 +0000 unbound: Apply upstream patches - Use the same EDE removal logic when encoding errors as when encoding replies. - Fix CVE-2026-33278, Possible remote code execution during DNSSEC validation. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-42944, Heap overflow and crash with multiple nsid, cookie, padding EDNS options. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-42959, Crash during DNSSEC validation of malicious content. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-32792, Packet of death with DNSCrypt. Thanks to Andrew Griffiths from 'calif.io' for the report. - Fix CVE-2026-40622, "Ghost domain name" variant. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-41292, Parsing a long list of incoming EDNS options degrades performance. Thanks to GitHub user 'N0zoM1z0', also Qifan Zhang from Palo Alto Networks, for the report. - Fix CVE-2026-42534, Jostle logic bypass degrades resolution performance. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-42923, Degradation of service with unbounded NSEC3 hash calculations. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-42960, Possible cache poisoning attack while following delegation. Thanks to TaoFei Guo from Peking University, Yang Luo and JianJun Chen, Tsinghua University, for the report. - Fix CVE-2026-44390, Unbounded name compression in certain cases causes degradation of service. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-44608, Use after free and crash in RPZ code. Thanks to Qifan Zhang, Palo Alto Networks, for the report. Approved by: so Security: FreeBSD-SA-26:33.unbound Security: CVE-2026-33278 Security: CVE-2026-42944 Security: CVE-2026-42959 Security: CVE-2026-32792 Security: CVE-2026-40622 Security: CVE-2026-41292 Security: CVE-2026-42534 Security: CVE-2026-42923 Security: CVE-2026-42960 Security: CVE-2026-44390 Security: CVE-2026-44608 --- contrib/unbound/dnscrypt/dnscrypt.c | 2 +- contrib/unbound/iterator/iter_scrub.c | 8 +++- contrib/unbound/services/cache/dns.c | 8 +++- contrib/unbound/services/cache/rrset.c | 10 +++++ contrib/unbound/services/mesh.c | 14 +++++-- contrib/unbound/services/mesh.h | 6 +++ contrib/unbound/services/rpz.c | 10 +++-- contrib/unbound/util/data/msgencode.c | 54 ++++++++++++++++-------- contrib/unbound/util/data/msgencode.h | 4 +- contrib/unbound/util/data/msgparse.c | 19 ++++++--- contrib/unbound/util/data/msgparse.h | 4 ++ contrib/unbound/validator/val_neg.c | 28 ++++++++++++- contrib/unbound/validator/val_nsec3.c | 76 +++++++++++++++++++++++++++++++--- contrib/unbound/validator/val_nsec3.h | 6 +++ contrib/unbound/validator/val_utils.c | 4 +- 15 files changed, 209 insertions(+), 44 deletions(-) diff --git a/contrib/unbound/dnscrypt/dnscrypt.c b/contrib/unbound/dnscrypt/dnscrypt.c index 4902447fda01..173484cdf0b1 100644 --- a/contrib/unbound/dnscrypt/dnscrypt.c +++ b/contrib/unbound/dnscrypt/dnscrypt.c @@ -361,7 +361,7 @@ dnscrypt_server_uncurve(struct dnsc_env* env, len -= DNSCRYPT_QUERY_HEADER_SIZE; - while (*sldns_buffer_at(buffer, --len) == 0) + while (len>0 && *sldns_buffer_at(buffer, --len) == 0) ; if (*sldns_buffer_at(buffer, len) != 0x80) { diff --git a/contrib/unbound/iterator/iter_scrub.c b/contrib/unbound/iterator/iter_scrub.c index b02b4dc484bf..0d2c82524ce0 100644 --- a/contrib/unbound/iterator/iter_scrub.c +++ b/contrib/unbound/iterator/iter_scrub.c @@ -725,7 +725,13 @@ scrub_normalize(sldns_buffer* pkt, struct msg_parse* msg, rrset->rrset_all_next = NULL; return 1; } - mark_additional_rrset(pkt, msg, rrset); + /* Only mark glue as allowed for type NS in the authority + * section. Other RR types do not get glue for them, it + * is allowed from the answer section, but not authority + * so that a message can not have address records cached + * as a side effect to the query. */ + if(rrset->type==LDNS_RR_TYPE_NS) + mark_additional_rrset(pkt, msg, rrset); prev = rrset; rrset = rrset->rrset_all_next; } diff --git a/contrib/unbound/services/cache/dns.c b/contrib/unbound/services/cache/dns.c index 7ab63bacf492..0e748c8addc4 100644 --- a/contrib/unbound/services/cache/dns.c +++ b/contrib/unbound/services/cache/dns.c @@ -675,10 +675,16 @@ struct dns_msg* dns_msg_deepcopy_region(struct dns_msg* origin, struct regional* region) { size_t i; + struct ub_packed_rrset_key** saved_rrsets; struct dns_msg* res = NULL; + size_t rep_alloc_size = sizeof(struct reply_info) + - sizeof(struct rrset_ref); /* this is the size of res->rep + allocated in gen_dns_msg() */ res = gen_dns_msg(region, &origin->qinfo, origin->rep->rrset_count); if(!res) return NULL; - *res->rep = *origin->rep; + saved_rrsets = res->rep->rrsets; /* save rrsets alloc by gen_dns_msg */ + memcpy(res->rep, origin->rep, rep_alloc_size); + res->rep->rrsets = saved_rrsets; if(origin->rep->reason_bogus_str) { res->rep->reason_bogus_str = regional_strdup(region, origin->rep->reason_bogus_str); diff --git a/contrib/unbound/services/cache/rrset.c b/contrib/unbound/services/cache/rrset.c index a05ae5a56b78..d807a2440e37 100644 --- a/contrib/unbound/services/cache/rrset.c +++ b/contrib/unbound/services/cache/rrset.c @@ -147,6 +147,16 @@ need_to_update_rrset(void* nd, void* cd, time_t timenow, int equal, int ns) if(equal && cached->ttl >= timenow && cached->security == sec_status_bogus) return 0; + /* ghost-domain: never let an NS overwrite extend lifetime + * past the entry it replaces, regardless of trust. */ + if(ns && !TTL_IS_EXPIRED(cached->ttl, timenow) && + newd->ttl > cached->ttl) { + size_t i; + newd->ttl = cached->ttl; + for(i=0; i<(newd->count+newd->rrsig_count); i++) + if(newd->rr_ttl[i] > newd->ttl) + newd->rr_ttl[i] = newd->ttl; + } return 1; } /* o item in cache has expired */ diff --git a/contrib/unbound/services/mesh.c b/contrib/unbound/services/mesh.c index d512ab3d32d4..498ebaf87cdf 100644 --- a/contrib/unbound/services/mesh.c +++ b/contrib/unbound/services/mesh.c @@ -277,12 +277,14 @@ int mesh_make_new_space(struct mesh_area* mesh, sldns_buffer* qbuf) if(mesh->num_reply_states < mesh->max_reply_states) return 1; /* try to kick out a jostle-list item */ - if(m && m->reply_list && m->list_select == mesh_jostle_list) { + if(m && m->list_select == mesh_jostle_list) { /* how old is it? */ struct timeval age; - timeval_subtract(&age, mesh->env->now_tv, - &m->reply_list->start_time); - if(timeval_smaller(&mesh->jostle_max, &age)) { + if(m->has_first_reply_time) + timeval_subtract(&age, mesh->env->now_tv, + &m->first_reply_time); + if(!m->has_first_reply_time || + timeval_smaller(&mesh->jostle_max, &age)) { /* its a goner */ log_nametypeclass(VERB_ALGO, "query jostled out to " "make space for a new one", @@ -1734,6 +1736,10 @@ int mesh_state_add_reply(struct mesh_state* s, struct edns_data* edns, r->qid = qid; r->qflags = qflags; r->start_time = *s->s.env->now_tv; + if(s->reply_list == NULL && !s->has_first_reply_time) { + s->first_reply_time = r->start_time; + s->has_first_reply_time = 1; + } r->next = s->reply_list; r->qname = regional_alloc_init(s->s.region, qinfo->qname, s->s.qinfo.qname_len); diff --git a/contrib/unbound/services/mesh.h b/contrib/unbound/services/mesh.h index 26ececbe6210..569b3ef7c9d1 100644 --- a/contrib/unbound/services/mesh.h +++ b/contrib/unbound/services/mesh.h @@ -176,6 +176,12 @@ struct mesh_state { struct module_qstate s; /** the list of replies to clients for the results */ struct mesh_reply* reply_list; + /** if it has a first reply time */ + int has_first_reply_time; + /** wall-clock time the first client reply was attached; + * used by mesh_make_new_space() so duplicate retransmits + * cannot reset jostle aging. */ + struct timeval first_reply_time; /** the list of callbacks for the results */ struct mesh_cb* cb_list; /** set of superstates (that want this state's result) diff --git a/contrib/unbound/services/rpz.c b/contrib/unbound/services/rpz.c index 3b92ee53837e..e7f21a8cbf17 100644 --- a/contrib/unbound/services/rpz.c +++ b/contrib/unbound/services/rpz.c @@ -2449,6 +2449,7 @@ rpz_callback_from_iterator_module(struct module_qstate* ms, struct iter_qstate* { struct auth_zones* az; struct auth_zone* a; + struct dns_msg* ret = NULL; struct clientip_synthesized_rr* raddr = NULL; struct rpz* r = NULL; struct local_zone* z = NULL; @@ -2492,13 +2493,11 @@ rpz_callback_from_iterator_module(struct module_qstate* ms, struct iter_qstate* z = rpz_delegation_point_zone_lookup(is->dp, r->nsdname_zones, is->qchase.qclass, &match); if(z != NULL) { - lock_rw_unlock(&a->lock); break; } raddr = rpz_delegation_point_ipbased_trigger_lookup(r, is); if(raddr != NULL) { - lock_rw_unlock(&a->lock); break; } lock_rw_unlock(&a->lock); @@ -2513,9 +2512,12 @@ rpz_callback_from_iterator_module(struct module_qstate* ms, struct iter_qstate* if(z) { lock_rw_unlock(&z->lock); } - return rpz_apply_nsip_trigger(ms, &is->qchase, r, raddr, a); + ret = rpz_apply_nsip_trigger(ms, &is->qchase, r, raddr, a); + } else { + ret = rpz_apply_nsdname_trigger(ms, &is->qchase, r, z, &match, a); } - return rpz_apply_nsdname_trigger(ms, &is->qchase, r, z, &match, a); + lock_rw_unlock(&a->lock); + return ret; } struct dns_msg* rpz_callback_from_iterator_cname(struct module_qstate* ms, diff --git a/contrib/unbound/util/data/msgencode.c b/contrib/unbound/util/data/msgencode.c index 6d116fb52d6d..812df8ed4026 100644 --- a/contrib/unbound/util/data/msgencode.c +++ b/contrib/unbound/util/data/msgencode.c @@ -352,7 +352,6 @@ compress_any_dname(uint8_t* dname, sldns_buffer* pkt, int labs, (p = compress_tree_lookup(tree, dname, labs, &insertpt))) { if(!write_compressed_dname(pkt, dname, labs, p)) return RETVAL_TRUNC; - (*compress_count)++; } else { if(!dname_buffer_write(pkt, dname)) return RETVAL_TRUNC; @@ -360,6 +359,7 @@ compress_any_dname(uint8_t* dname, sldns_buffer* pkt, int labs, if(*compress_count < MAX_COMPRESSION_PER_MESSAGE && !compress_tree_store(dname, labs, pos, region, p, insertpt)) return RETVAL_OUTMEM; + (*compress_count)++; return RETVAL_OK; } @@ -804,7 +804,7 @@ reply_info_encode(struct query_info* qinfo, struct reply_info* rep, return 1; } -uint16_t +size_t calc_edns_field_size(struct edns_data* edns) { size_t rdatalen = 0; @@ -840,7 +840,7 @@ calc_edns_option_size(struct edns_data* edns, uint16_t code) } uint16_t -calc_ede_option_size(struct edns_data* edns, uint16_t* txt_size) +calc_ede_option_size(struct edns_data* edns, size_t* txt_size) { size_t rdatalen = 0; struct edns_option* opt; @@ -942,6 +942,10 @@ attach_edns_record_max_msg_sz(sldns_buffer* pkt, struct edns_data* edns, padding_option = opt; continue; } + if(sldns_buffer_position(pkt) + opt->opt_len + 4 > max_msg_sz) + break; /* no space for it */ + if(!sldns_buffer_available(pkt, 4 + opt->opt_len)) + break; sldns_buffer_write_u16(pkt, opt->opt_code); sldns_buffer_write_u16(pkt, opt->opt_len); if(opt->opt_len != 0) @@ -952,12 +956,18 @@ attach_edns_record_max_msg_sz(sldns_buffer* pkt, struct edns_data* edns, padding_option = opt; continue; } + if(sldns_buffer_position(pkt) + opt->opt_len + 4 > max_msg_sz) + break; /* no space for it */ + if(!sldns_buffer_available(pkt, 4 + opt->opt_len)) + break; sldns_buffer_write_u16(pkt, opt->opt_code); sldns_buffer_write_u16(pkt, opt->opt_len); if(opt->opt_len != 0) sldns_buffer_write(pkt, opt->opt_data, opt->opt_len); } - if (padding_option && edns->padding_block_size ) { + if (padding_option && edns->padding_block_size && + sldns_buffer_position(pkt)+4 <= max_msg_sz && + sldns_buffer_available(pkt, 4) /* if there is space for it */) { size_t pad_pos = sldns_buffer_position(pkt); size_t msg_sz = ((pad_pos + 3) / edns->padding_block_size + 1) * edns->padding_block_size; @@ -1001,7 +1011,7 @@ reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, { uint16_t flags; unsigned int attach_edns = 0; - uint16_t edns_field_size, ede_size, ede_txt_size; + size_t edns_field_size, ede_size, ede_txt_size; if(!cached || rep->authoritative) { /* original flags, copy RD and CD bits from query. */ @@ -1028,12 +1038,12 @@ reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, * calculate sizes once here */ edns_field_size = calc_edns_field_size(edns); ede_size = calc_ede_option_size(edns, &ede_txt_size); - if(sldns_buffer_capacity(pkt) < udpsize) + if(sldns_buffer_capacity(pkt) < (size_t)udpsize) udpsize = sldns_buffer_capacity(pkt); if(!edns || !edns->edns_present) { attach_edns = 0; /* EDEs are optional, try to fit anything else before them */ - } else if(udpsize < LDNS_HEADER_SIZE + edns_field_size - ede_size) { + } else if((size_t)udpsize < (size_t)LDNS_HEADER_SIZE + edns_field_size - ede_size) { /* packet too small to contain edns, omit it. */ attach_edns = 0; } else { @@ -1047,13 +1057,13 @@ reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, return 0; } if(attach_edns) { - if(udpsize >= sldns_buffer_limit(pkt) + edns_field_size) + if((size_t)udpsize >= sldns_buffer_limit(pkt) + edns_field_size) attach_edns_record_max_msg_sz(pkt, edns, udpsize); - else if(udpsize >= sldns_buffer_limit(pkt) + edns_field_size - ede_txt_size) { + else if((size_t)udpsize >= sldns_buffer_limit(pkt) + edns_field_size - ede_txt_size) { ede_trim_text(&edns->opt_list_inplace_cb_out); ede_trim_text(&edns->opt_list_out); attach_edns_record_max_msg_sz(pkt, edns, udpsize); - } else if(udpsize >= sldns_buffer_limit(pkt) + edns_field_size - ede_size) { + } else if((size_t)udpsize >= sldns_buffer_limit(pkt) + edns_field_size - ede_size) { edns_opt_list_remove(&edns->opt_list_inplace_cb_out, LDNS_EDNS_EDE); edns_opt_list_remove(&edns->opt_list_out, LDNS_EDNS_EDE); attach_edns_record_max_msg_sz(pkt, edns, udpsize); @@ -1115,22 +1125,30 @@ extended_error_encode(sldns_buffer* buf, uint16_t rcode, sldns_buffer_write_u16(buf, qinfo->qclass); } sldns_buffer_flip(buf); - if(edns) { + if(edns && edns->edns_present) { + size_t edns_field_size, ede_size, ede_txt_size; struct edns_data es = *edns; es.edns_version = EDNS_ADVERTISED_VERSION; es.udp_size = EDNS_ADVERTISED_SIZE; es.ext_rcode = (uint8_t)(rcode >> 4); es.bits &= EDNS_DO; - if(sldns_buffer_limit(buf) + calc_edns_field_size(&es) > - edns->udp_size) { + /* EDEs are optional. If space is a concern try in order: + * - removing any EXTRA-TEXT fields from explicit EDEs, or + * - removing all EDEs, + * to see if EDNS can fit. */ + edns_field_size = calc_edns_field_size(&es); + ede_size = calc_ede_option_size(&es, &ede_txt_size); + if((size_t)edns->udp_size >= sldns_buffer_limit(buf) + edns_field_size) + attach_edns_record_max_msg_sz(buf, &es, edns->udp_size); + else if((size_t)edns->udp_size >= sldns_buffer_limit(buf) + edns_field_size - ede_txt_size) { + ede_trim_text(&es.opt_list_inplace_cb_out); + ede_trim_text(&es.opt_list_out); + attach_edns_record_max_msg_sz(buf, &es, edns->udp_size); + } else if((size_t)edns->udp_size >= sldns_buffer_limit(buf) + edns_field_size - ede_size) { edns_opt_list_remove(&es.opt_list_inplace_cb_out, LDNS_EDNS_EDE); edns_opt_list_remove(&es.opt_list_out, LDNS_EDNS_EDE); - if(sldns_buffer_limit(buf) + calc_edns_field_size(&es) > - edns->udp_size) { - return; - } + attach_edns_record_max_msg_sz(buf, &es, edns->udp_size); } - attach_edns_record(buf, &es); } } diff --git a/contrib/unbound/util/data/msgencode.h b/contrib/unbound/util/data/msgencode.h index 6aff06099ee9..f6297b78e419 100644 --- a/contrib/unbound/util/data/msgencode.h +++ b/contrib/unbound/util/data/msgencode.h @@ -106,7 +106,7 @@ void qinfo_query_encode(struct sldns_buffer* pkt, struct query_info* qinfo); * @param edns: edns data or NULL. * @return octets to reserve for EDNS. */ -uint16_t calc_edns_field_size(struct edns_data* edns); +size_t calc_edns_field_size(struct edns_data* edns); /** * Calculate the size of a specific EDNS option in packet. @@ -127,7 +127,7 @@ uint16_t calc_edns_option_size(struct edns_data* edns, uint16_t code); * extra text. * @return octets the option will take up. */ -uint16_t calc_ede_option_size(struct edns_data* edns, uint16_t* txt_size); +uint16_t calc_ede_option_size(struct edns_data* edns, size_t* txt_size); /** * Attach EDNS record to buffer. Buffer has complete packet. There must diff --git a/contrib/unbound/util/data/msgparse.c b/contrib/unbound/util/data/msgparse.c index 6963d850171e..169709b7e3c0 100644 --- a/contrib/unbound/util/data/msgparse.c +++ b/contrib/unbound/util/data/msgparse.c @@ -53,6 +53,8 @@ #include "sldns/parseutil.h" #include "sldns/wire2str.h" +#define MAX_PARSED_EDNS_OPTIONS 100 + /** smart comparison of (compressed, valid) dnames from packet */ static int smart_compare(sldns_buffer* pkt, uint8_t* dnow, @@ -950,6 +952,7 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, struct comm_reply* repinfo, uint32_t now, struct regional* region, struct cookie_secrets* cookie_secrets) { + int i = 0, nsid_seen = 0, cookie_seen = 0, padding_seen = 0; /* To respond with a Keepalive option, the client connection must have * received one message with a TCP Keepalive EDNS option, and that * option must have 0 length data. Subsequent messages sent on that @@ -969,7 +972,7 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, /* while still more options, and have code+len to read */ /* ignores partial content (i.e. rdata len 3) */ - while(rdata_len >= 4) { + while(rdata_len >= 4 && i < MAX_PARSED_EDNS_OPTIONS) { uint16_t opt_code = sldns_read_uint16(rdata_ptr); uint16_t opt_len = sldns_read_uint16(rdata_ptr+2); uint8_t server_cookie[40]; @@ -984,8 +987,9 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, /* handle parse time edns options here */ switch(opt_code) { case LDNS_EDNS_NSID: - if (!cfg || !cfg->nsid) + if (!cfg || !cfg->nsid || nsid_seen) break; + nsid_seen = 1; if(!edns_opt_list_append(&edns->opt_list_out, LDNS_EDNS_NSID, cfg->nsid_len, cfg->nsid, region)) { @@ -1027,8 +1031,9 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, case LDNS_EDNS_PADDING: if(!cfg || !cfg->pad_responses || - !c || c->type != comm_tcp ||!c->ssl) + !c || c->type != comm_tcp ||!c->ssl || padding_seen) break; + padding_seen = 1; if(!edns_opt_list_append(&edns->opt_list_out, LDNS_EDNS_PADDING, 0, NULL, region)) { @@ -1039,8 +1044,9 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, break; case LDNS_EDNS_COOKIE: - if(!cfg || !cfg->do_answer_cookie || !repinfo) + if(!cfg || !cfg->do_answer_cookie || !repinfo || cookie_seen) break; + cookie_seen = 1; if(opt_len != 8 && (opt_len < 16 || opt_len > 40)) { verbose(VERB_ALGO, "worker request: " "badly formatted cookie"); @@ -1146,6 +1152,7 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, } rdata_ptr += opt_len; rdata_len -= opt_len; + i++; } return LDNS_RCODE_NOERROR; } @@ -1160,6 +1167,7 @@ parse_extract_edns_from_response_msg(struct msg_parse* msg, struct rrset_parse* found_prev = 0; size_t rdata_len; uint8_t* rdata_ptr; + int i = 0; /* since the class encodes the UDP size, we cannot use hash table to * find the EDNS OPT record. Scan the packet. */ while(rrset) { @@ -1219,7 +1227,7 @@ parse_extract_edns_from_response_msg(struct msg_parse* msg, /* while still more options, and have code+len to read */ /* ignores partial content (i.e. rdata len 3) */ - while(rdata_len >= 4) { + while(rdata_len >= 4 && i < MAX_PARSED_EDNS_OPTIONS) { uint16_t opt_code = sldns_read_uint16(rdata_ptr); uint16_t opt_len = sldns_read_uint16(rdata_ptr+2); rdata_ptr += 4; @@ -1234,6 +1242,7 @@ parse_extract_edns_from_response_msg(struct msg_parse* msg, } rdata_ptr += opt_len; rdata_len -= opt_len; + i++; } /* ignore rrsigs */ return LDNS_RCODE_NOERROR; diff --git a/contrib/unbound/util/data/msgparse.h b/contrib/unbound/util/data/msgparse.h index 62f0d5aacd80..55d8229b8d40 100644 --- a/contrib/unbound/util/data/msgparse.h +++ b/contrib/unbound/util/data/msgparse.h @@ -98,6 +98,10 @@ extern time_t SERVE_EXPIRED_REPLY_TTL; /** If we serve the original TTL or decrementing TTLs */ extern int SERVE_ORIGINAL_TTL; +/** Check if TTL is expired. 0 TTL is considered expired. + * Used mainly to identify parts of the code that do this comparison. */ +#define TTL_IS_EXPIRED(ttl, now) ((ttl) <= (now)) + /** * Data stored in scratch pad memory during parsing. * Stores the data that will enter into the msgreply and packet result. diff --git a/contrib/unbound/validator/val_neg.c b/contrib/unbound/validator/val_neg.c index b5b678fdea68..3998b12010fe 100644 --- a/contrib/unbound/validator/val_neg.c +++ b/contrib/unbound/validator/val_neg.c @@ -62,6 +62,13 @@ #include "sldns/rrdef.h" #include "sldns/sbuffer.h" +/** + * The maximum salt length that the negative cache is willing to use. + * Larger salt increases the computation time, while recommendations are + * for zero salt length for zones. + */ +#define MAX_SALT_LENGTH 64 + int val_neg_data_compare(const void* a, const void* b) { struct val_neg_data* x = (struct val_neg_data*)a; @@ -826,7 +833,11 @@ void neg_insert_data(struct val_neg_cache* neg, (slen != 0 && zone->nsec3_salt && s && memcmp(zone->nsec3_salt, s, slen) != 0))) { - if(slen > 0) { + if(slen > MAX_SALT_LENGTH) { + /* RFC 9276 s3.1: operators SHOULD NOT use a salt; large + * salts inflate per-hash block count. Decline to cache. */ + return; + } else if(slen > 0) { uint8_t* sa = memdup(s, slen); if(sa) { free(zone->nsec3_salt); @@ -1169,6 +1180,15 @@ neg_find_nsec3_ce(struct val_neg_zone* zone, uint8_t* qname, size_t qname_len, uint8_t hashce[NSEC3_SHA_LEN]; uint8_t b32[257]; size_t celen, b32len; + int hashmax = MAX_NSEC3_CALCULATIONS; + if(qlabs > hashmax) { + /* strip leading labels so the walk costs at most + * MAX_NSEC3_CALCULATIONS hashes, mirroring val_nsec3.c */ + while(qlabs > hashmax) { + dname_remove_label(&qname, &qname_len); + qlabs--; + } + } *nclen = 0; while(qlabs > 0) { @@ -1269,6 +1289,12 @@ neg_nsec3_proof_ds(struct val_neg_zone* zone, uint8_t* qname, size_t qname_len, if(!zone->nsec3_hash) return NULL; /* not nsec3 zone */ + if(!topname && qlabs > zone->labs + 1) + return NULL; /* iterator caller; opt-out proof would be discarded + * at the !topname check below anyway. + * The qlabs check allows the exact-match for + * the one-label-below-zone case. */ + if(!(data=neg_find_nsec3_ce(zone, qname, qname_len, qlabs, buf, hashnc, &nclen))) { return NULL; diff --git a/contrib/unbound/validator/val_nsec3.c b/contrib/unbound/validator/val_nsec3.c index 998fcc4e38ee..62effde2093f 100644 --- a/contrib/unbound/validator/val_nsec3.c +++ b/contrib/unbound/validator/val_nsec3.c @@ -59,11 +59,6 @@ #include "sldns/sbuffer.h" #include "util/config_file.h" -/** - * Max number of NSEC3 calculations at once, suspend query for later. - * 8 is low enough and allows for cases where multiple proofs are needed. - */ -#define MAX_NSEC3_CALCULATIONS 8 /** * When all allowed NSEC3 calculations at once resulted in error treat as * bogus. NSEC3 hash errors are not cached and this helps breaks loops with @@ -456,6 +451,67 @@ filter_init(struct nsec3_filter* filter, struct ub_packed_rrset_key** list, } } +/** Check if the NSEC3s have the same parameter set. */ +static int +param_set_same(struct nsec3_filter* flt, char** reason) +{ + size_t rrsetnum; + int rrnum; + struct ub_packed_rrset_key* rrset; + int have_params = 0; + int first_algo = 0; + size_t first_iter = 0; + uint8_t* first_salt = NULL; + size_t first_saltlen = 0; + + /* If the NSEC3 parameter sets have distinct values, then they are + * from different NSEC3 chains, and we do not want that. */ + for(rrset=filter_first(flt, &rrsetnum, &rrnum); rrset; + rrset=filter_next(flt, &rrsetnum, &rrnum)) { + if(!have_params) { + first_algo = nsec3_get_algo(rrset, rrnum); + first_iter = nsec3_get_iter(rrset, rrnum); + if(!nsec3_get_salt(rrset, rrnum, &first_salt, + &first_saltlen)) { + verbose(VERB_ALGO, "NSEC3 salt malformed"); + if(reason) + *reason = "NSEC3 salt malformed"; + return 0; + } + have_params = 1; + } else { + uint8_t* salt = NULL; + size_t saltlen = 0; + if(nsec3_get_algo(rrset, rrnum) != first_algo) { + verbose(VERB_ALGO, "NSEC3 algorithm mismatch"); + if(reason) + *reason = "NSEC3 algorithm mismatch"; + return 0; + } + if(nsec3_get_iter(rrset, rrnum) != first_iter) { + verbose(VERB_ALGO, "NSEC3 iterations mismatch"); + if(reason) + *reason = "NSEC3 iterations mismatch"; + return 0; + } + if(!nsec3_get_salt(rrset, rrnum, &salt, &saltlen)) { + verbose(VERB_ALGO, "NSEC3 salt malformed"); + if(reason) + *reason = "NSEC3 salt malformed"; + return 0; + } + if(saltlen != first_saltlen || + memcmp(salt, first_salt, saltlen) != 0) { + verbose(VERB_ALGO, "NSEC3 salt mismatch"); + if(reason) + *reason = "NSEC3 salt mismatch"; + return 0; + } + } + } + return 1; +} + /** * Find max iteration count using config settings and key size * @param ve: validator environment with iteration count config settings. @@ -1192,6 +1248,8 @@ nsec3_prove_nameerror(struct module_env* env, struct val_env* ve, filter_init(&flt, list, num, qinfo); /* init RR iterator */ if(!flt.zone) return sec_status_bogus; /* no RRs */ + if(!param_set_same(&flt, NULL)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ log_nametypeclass(VERB_ALGO, "start nsec3 nameerror proof, zone", @@ -1378,6 +1436,8 @@ nsec3_prove_nodata(struct module_env* env, struct val_env* ve, filter_init(&flt, list, num, qinfo); /* init RR iterator */ if(!flt.zone) return sec_status_bogus; /* no RRs */ + if(!param_set_same(&flt, NULL)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ return nsec3_do_prove_nodata(env, &flt, ct, qinfo, calc); @@ -1401,6 +1461,8 @@ nsec3_prove_wildcard(struct module_env* env, struct val_env* ve, filter_init(&flt, list, num, qinfo); /* init RR iterator */ if(!flt.zone) return sec_status_bogus; /* no RRs */ + if(!param_set_same(&flt, NULL)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ @@ -1503,6 +1565,8 @@ nsec3_prove_nods(struct module_env* env, struct val_env* ve, *reason = "no NSEC3 records"; return sec_status_bogus; /* no RRs */ } + if(!param_set_same(&flt, reason)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ @@ -1596,6 +1660,8 @@ nsec3_prove_nxornodata(struct module_env* env, struct val_env* ve, filter_init(&flt, list, num, qinfo); /* init RR iterator */ if(!flt.zone) return sec_status_bogus; /* no RRs */ + if(!param_set_same(&flt, NULL)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ diff --git a/contrib/unbound/validator/val_nsec3.h b/contrib/unbound/validator/val_nsec3.h index f668a270ff12..a13e92991106 100644 --- a/contrib/unbound/validator/val_nsec3.h +++ b/contrib/unbound/validator/val_nsec3.h @@ -98,6 +98,12 @@ struct sldns_buffer; /** The SHA1 hash algorithm for NSEC3 */ #define NSEC3_HASH_SHA1 0x01 +/** + * Max number of NSEC3 calculations at once, suspend query for later. + * 8 is low enough and allows for cases where multiple proofs are needed. + */ +#define MAX_NSEC3_CALCULATIONS 8 + /** * Cache table for NSEC3 hashes. * It keeps a *pointer* to the region its items are allocated. diff --git a/contrib/unbound/validator/val_utils.c b/contrib/unbound/validator/val_utils.c index 549264d76a1f..4495695ac853 100644 --- a/contrib/unbound/validator/val_utils.c +++ b/contrib/unbound/validator/val_utils.c @@ -1066,10 +1066,10 @@ val_fill_reply(struct reply_info* chase, struct reply_info* orig, if(query_dname_compare(name, orig->rrsets[i]->rk.dname) == 0) chase->rrsets[chase->an_numrrsets - +orig->ns_numrrsets+chase->ar_numrrsets++] + +chase->ns_numrrsets+chase->ar_numrrsets++] = orig->rrsets[i]; } else if(rrset_has_signer(orig->rrsets[i], name, len)) { - chase->rrsets[chase->an_numrrsets+orig->ns_numrrsets+ + chase->rrsets[chase->an_numrrsets+chase->ns_numrrsets+ chase->ar_numrrsets++] = orig->rrsets[i]; } } From nobody Tue Jun 9 19:18:43 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxH2blWz6gV7g for ; Tue, 09 Jun 2026 19:18:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxH0f1mz3NQn for ; Tue, 09 Jun 2026 19:18:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032723; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=YhpEGzp54tdNlmb1iTT10dfrTrulswQ57odUcqjDUEM=; b=f0cxb6ZdMQZYln+P3fsQTG5BFH8MYmDMDhg/WUgVs8vITcRvIbJjK9iVmnLsUP/nFu63mH /bLRaAXOT5BeRY5U0L+zG0id5s84n9wg6xQVzKaOrNkJRIVbnm0CXpZFdAorrRwde3XuWc u33qK8SJ0OA1kYcqk75sQWYGhIQgHeX4cWL0OM2azEAEeZkqwtlmnMzZRL4aaaW7OiSwYY jpN9bykQsqLxlMVLy2P9flhtggAGZe7/Qj5lh6noQDEoR0p6bqnVfkvlZLAk4k5/CNVOUL Yd1KMn4F4bvgftFvPo+gDB5eIMj/h7VKFdhYOH5Ep11S1n9u3aHDgJuFbt16JQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032723; a=rsa-sha256; cv=none; b=UioQwpe9fN1l0j4PBARo501c0ziEN8bZmqiUzoq5kmc1PzgTV7MWmtSjR0jwOwOhNOcAwp AAy28c3wmWiAtx/moHuFippIopPURx4BCYOg3r3RyXJnXUkkA/3NbTZc+ht8TtULZDwmEZ ply6YEgMzplo76V7FNJjTUkUvTSIdz5fSSXfaXSx8otz2AuVqs6erPRqjAhUeXLlX0HJvX B0xO295ECxUS1xfStHOT3Ut+1MuZLSQ+vRwpVrjJb+WmM4X43rLHBTn+3ZZCzx+01E8wHp nOnp5IahpDR+eTU+ta8F/bHb6DQQ/GUyyA+XFanBYTskWeuyicUgBTXJuKrqWQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032723; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=YhpEGzp54tdNlmb1iTT10dfrTrulswQ57odUcqjDUEM=; b=gw7j1lF4cN+wHYAGODr3Ctpq8VrcothbjMAmV7zpUTp3EUBkjIHr2FJ3ALvFd1ITdb51gt ag9SNTCM9lW5BOQ63kb6vmD7VJIBvl9PWDBds/jALmqy8JFDxMTxM1vRfrOrBTrt3m6tze Rd6fZLojYv2vHSUhXBeXyMUBSDIOkhGXTmRkFd2EKcs/VU2C4yk437cdK7NB5O4pHkTfwo Hzv4ghBJPRywuuZwPTI40xc2STRVx7DrjUSSqgD75BAJGVk6chRwtkyW8/rOL0vcYXylEC Pw62Fq6rU5tOPQyHXqg5kZmAsxyKNHQXbc6EfDL7Ade1fKWz32LPgwZYM+lVSQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxH04C3znrV for ; Tue, 09 Jun 2026 19:18:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d4d5 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:43 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 744f62ccbf82 - releng/14.3 - imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: 744f62ccbf823fc8d9dfdb2ffb91723c9e9fe7da Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:43 +0000 Message-Id: <6a286713.3d4d5.717e4e@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=744f62ccbf823fc8d9dfdb2ffb91723c9e9fe7da commit 744f62ccbf823fc8d9dfdb2ffb91723c9e9fe7da Author: Mark Johnston AuthorDate: 2026-06-02 20:29:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 17:48:17 +0000 imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images Otherwise an unprivileged user can disable randomization of the base address for PIEs even if they are setugid. Add a regression test. Approved by: so Security: FreeBSD-SA-26:32.elf Security: CVE-2026-49414 Reported by: David Berard Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57397 --- sys/kern/imgact_elf.c | 55 ++++++++--------- tests/sys/kern/Makefile | 2 + tests/sys/kern/aslr.c | 157 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 187 insertions(+), 27 deletions(-) diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c index 0a09bb9e3891..e419a2894689 100644 --- a/sys/kern/imgact_elf.c +++ b/sys/kern/imgact_elf.c @@ -1230,11 +1230,39 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) error = ENOEXEC; goto ret; } + + /* + * Avoid a possible deadlock if the current address space is destroyed + * and that address space maps the locked vnode. In the common case, + * the locked vnode's v_usecount is decremented but remains greater + * than zero. Consequently, the vnode lock is not needed by vrele(). + * However, in cases where the vnode lock is external, such as nullfs, + * v_usecount may become zero. + * + * The VV_TEXT flag prevents modifications to the executable while + * the vnode is unlocked. + */ + VOP_UNLOCK(imgp->vp); + + /* + * Decide whether to enable randomization of user mappings. First, + * reset user preferences for the setid binaries. Then, account for the + * support of randomization by the ABI, by user preferences, and make + * special treatment for PIE binaries. + */ + if (imgp->credential_setid) { + PROC_LOCK(imgp->proc); + imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | + P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); + PROC_UNLOCK(imgp->proc); + } + sv = brand_info->sysvec; if (hdr->e_type == ET_DYN) { if ((brand_info->flags & BI_CAN_EXEC_DYN) == 0) { uprintf("Cannot execute shared object\n"); error = ENOEXEC; + (void)vn_lock(imgp->vp, LK_SHARED | LK_RETRY); goto ret; } /* @@ -1253,33 +1281,6 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) imgp->et_dyn_addr = __elfN(pie_base); } } - - /* - * Avoid a possible deadlock if the current address space is destroyed - * and that address space maps the locked vnode. In the common case, - * the locked vnode's v_usecount is decremented but remains greater - * than zero. Consequently, the vnode lock is not needed by vrele(). - * However, in cases where the vnode lock is external, such as nullfs, - * v_usecount may become zero. - * - * The VV_TEXT flag prevents modifications to the executable while - * the vnode is unlocked. - */ - VOP_UNLOCK(imgp->vp); - - /* - * Decide whether to enable randomization of user mappings. - * First, reset user preferences for the setid binaries. - * Then, account for the support of the randomization by the - * ABI, by user preferences, and make special treatment for - * PIE binaries. - */ - if (imgp->credential_setid) { - PROC_LOCK(imgp->proc); - imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | - P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); - PROC_UNLOCK(imgp->proc); - } if ((sv->sv_flags & SV_ASLR) == 0 || (imgp->proc->p_flag2 & P2_ASLR_DISABLE) != 0 || (fctl0 & NT_FREEBSD_FCTL_ASLR_DISABLE) != 0) { diff --git a/tests/sys/kern/Makefile b/tests/sys/kern/Makefile index f06f58f1eae6..82bac2aa8b80 100644 --- a/tests/sys/kern/Makefile +++ b/tests/sys/kern/Makefile @@ -8,6 +8,7 @@ TESTSRC= ${SRCTOP}/contrib/netbsd-tests/kernel TESTSDIR= ${TESTSBASE}/sys/kern +ATF_TESTS_C+= aslr ATF_TESTS_C+= basic_signal .if ${MACHINE_ARCH} != "i386" && ${MACHINE_ARCH} != "powerpc" && \ ${MACHINE_ARCH} != "powerpcspe" @@ -72,6 +73,7 @@ PROGS+= coredump_phnum_helper PROGS+= pdeathsig_helper PROGS+= sendfile_helper +LIBADD.aslr+= util LIBADD.jail_lookup_root+= jail util CFLAGS.sys_getrandom+= -I${SRCTOP}/sys/contrib/zstd/lib LIBADD.sys_getrandom+= zstd diff --git a/tests/sys/kern/aslr.c b/tests/sys/kern/aslr.c new file mode 100644 index 000000000000..13038054603c --- /dev/null +++ b/tests/sys/kern/aslr.c @@ -0,0 +1,157 @@ +/* + * Copyright (c) 2026 The FreeBSD Foundation + * + * This software was developed by Mark Johnston under sponsorship from the + * FreeBSD Foundation. + */ + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include + +/* + * Spawn an unprivileged child with ASLR force-disabled, which then execs + * /sbin/ping (setuid root). + */ +static pid_t +spawn_ping(const atf_tc_t *tc) +{ + const char *user; + struct passwd *passwd; + pid_t child; + int arg, error; + + user = atf_tc_get_config_var(tc, "unprivileged_user"); + passwd = getpwnam(user); + ATF_REQUIRE(passwd != NULL); + + child = fork(); + ATF_REQUIRE(child >= 0); + if (child == 0) { + if (seteuid(passwd->pw_uid) != 0) + _exit(1); + + arg = PROC_ASLR_FORCE_DISABLE; + error = procctl(P_PID, getpid(), PROC_ASLR_CTL, &arg); + if (error != 0) + _exit(2); + + execl("/sbin/ping", "ping", "127.0.0.1", NULL); + _exit(127); + } + usleep(500000); /* XXX-MJ */ + + return (child); +} + +/* + * Return the base address of the first mapping backed by the specified + * executable in the given process, or 0 if not found. + */ +static uint64_t +text_base(pid_t pid, const char *path) +{ + struct kinfo_vmentry *vmmap; + uint64_t base; + int cnt; + + base = 0; + vmmap = kinfo_getvmmap(pid, &cnt); + if (vmmap == NULL) + return (0); + for (int i = 0; i < cnt; i++) { + if (vmmap[i].kve_type == KVME_TYPE_VNODE && + strcmp(vmmap[i].kve_path, path) == 0) { + base = vmmap[i].kve_start; + break; + } + } + free(vmmap); + return (base); +} + +/* + * Make sure that ASLR can't be disabled for a setuid executable by an + * unprivileged user. + */ +ATF_TC(aslr_setuid); +ATF_TC_HEAD(aslr_setuid, tc) +{ + atf_tc_set_md_var(tc, "require.user", "root"); + atf_tc_set_md_var(tc, "require.config", "unprivileged_user"); +} +ATF_TC_BODY(aslr_setuid, tc) +{ + struct stat sb; + uint64_t bases[5]; + pid_t child, pid; + int arg, error, st; + + if (!atf_tc_has_config_var(tc, "unprivileged_user")) + atf_tc_skip("unprivileged_user not set"); + + error = stat("/sbin/ping", &sb); + ATF_REQUIRE(error == 0); + ATF_REQUIRE_MSG(sb.st_uid == 0 && (sb.st_mode & S_ISUID) != 0, + "/sbin/ping is not setuid root"); + + child = spawn_ping(tc); + bases[0] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[0] != 0, + "failed to find /sbin/ping text segment"); + + arg = 0; + error = procctl(P_PID, child, PROC_ASLR_STATUS, &arg); + ATF_REQUIRE_MSG(error == 0, "procctl ASLR_STATUS failed: %s", + strerror(errno)); + ATF_REQUIRE_MSG((arg & PROC_ASLR_ACTIVE) != 0, + "ASLR is not active for setuid child"); + ATF_REQUIRE_MSG((arg & ~PROC_ASLR_ACTIVE) == PROC_ASLR_NOFORCE, + "expected NOFORCE for setuid child, got %d", + arg & ~PROC_ASLR_ACTIVE); + + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + + for (size_t i = 1; i < nitems(bases); i++) { + child = spawn_ping(tc); + bases[i] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[i] != 0, + "failed to find /sbin/ping text segment"); + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + } + + /* Verify that the text base is different across all runs. */ + for (size_t i = 0; i < nitems(bases); i++) { + for (size_t j = i + 1; j < nitems(bases); j++) { + ATF_REQUIRE_MSG(bases[i] != bases[j], + "ping text base collision 0x%jx", + (uintmax_t)bases[i]); + } + } +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, aslr_setuid); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:18:45 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxK6g7bz6gVJ5 for ; Tue, 09 Jun 2026 19:18:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxK4jGbz3NXg for ; Tue, 09 Jun 2026 19:18:45 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032725; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=8T64V+cVozIuVIbsYw8Y/dylPScn7H7MORmdJcqxDvU=; b=almRP8BPchRWMEfVYQMVnKGSbI/79WniYzMcVPDFtPw6SWS+AMaZ9gSgMOhgi62ZD5hs11 Niqyf/wAYaMQqXeAVlsLiFSpXEeq4WhVyP7vZZxYlFFOWpnpXZW6i+TaQZP66VURSARLD1 KZW4S81934ZXxmVkIfY0AnXK1zscuROslgK5YbwFd1CvgeueM4Uo8sizkXM0hyI3tLaT4V nKlhqP+Sgqjo5NCiutzZQj9LRcDM2Gawk1bFuBnXb48nrzTFkF4rqZYlDd9yRS29D8ESgP uVHkEXDOLw8YwAIvyHWQF/ntOehZvwHyKFPHxoHJ+q36ASn66HoI+ovghLJNiQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032725; a=rsa-sha256; cv=none; b=SPTxmhPFYILrDeTuWswWk/3VPF0bbnpKYX5GjGuMyvU/oTY1Yn2ldRBFGCbNNzUr8Pn2gl pdwYt6FgNhH2mx0pR40T8UZparWi9XhqyHVD8dwat9NEFEfNJb7iFhk4nvPrg+pu8xlcRx pzkZ5v8LFwTp5Vtkc5LISp/xwxbWmfjbxMcmeyssSv66ALat7FIhhH9Fp+UfB/imEpihNm ISsNBnUu44N3d+hSUs/4WvR8dNpvB+kEsaZifpX06JS7SF6LVKwGZPGdlKRDBJnF8H6G85 /pnTAR4ICB+cZTyDBLEjCByp6AeDxR2hBL01+LUdeNo8myVpzK+HR9ESjNB3Fw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032725; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=8T64V+cVozIuVIbsYw8Y/dylPScn7H7MORmdJcqxDvU=; b=L9Px3MKDEriianU2+Bz5ns8yVItyv5zPohfXKBRr/pkTK224hQUnia9BABOfS40+cY2kl0 81vRdOZ8Ut7P5FLowAUrrRiK6se5ynGg57vvjgw8oos8tipzyRKtycgeJ+KymBLgYhftyp 0A26dykLlftpbpSqYbMe0eGutyEj2bvhp25V6mT+2ZtuXkQ0yRpFmmquELHCBBE4J0kIHF O2itH+8TaGSSPpQGKTiUgeeclWPYDV7e40oEiXCX+OtS6xZediJ/sa5xoYk5rNBrK9DGT9 aCpgS3wLGP679cHWYSmaQbTQAybj6TtzOgH/VeJ2JbhdUUncvTid3+WmRQZ24g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxK1ljRznkj for ; Tue, 09 Jun 2026 19:18:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d972 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:45 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Ed Maste From: Mark Johnston Subject: git: 9cba21c2de16 - releng/14.3 - vt: Avoid integer overflow in CONS_HISTORY ioctl List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: 9cba21c2de1668717a77833ad1533416babe131a Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:45 +0000 Message-Id: <6a286715.3d972.2875afcb@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=9cba21c2de1668717a77833ad1533416babe131a commit 9cba21c2de1668717a77833ad1533416babe131a Author: Ed Maste AuthorDate: 2026-05-26 16:19:47 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 17:48:17 +0000 vt: Avoid integer overflow in CONS_HISTORY ioctl Approved by: so Security: FreeBSD-SA-26:34.vt Security: CVE-2026-49416 Reviewed by: markj, vexeduxr Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57250 (cherry picked from commit 0ae946e7223df5ef3f7980af1d774d7f593f6421) (cherry picked from commit deaaddf1d3c4283649945553ad7e3208c8424308) (cherry picked from commit b5a4f4bfbc95d5d5361da708728f7f4a6db2ee60) --- sys/dev/vt/vt_buf.c | 9 ++++----- sys/dev/vt/vt_core.c | 6 ++++-- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/sys/dev/vt/vt_buf.c b/sys/dev/vt/vt_buf.c index ea27ea8a5ebf..0fd301bb662a 100644 --- a/sys/dev/vt/vt_buf.c +++ b/sys/dev/vt/vt_buf.c @@ -500,7 +500,6 @@ vtbuf_grow(struct vt_buf *vb, const term_pos_t *p, unsigned int history_size) { term_char_t *old, *new, **rows, **oldrows, **copyrows, *row, *oldrow; unsigned int w, h, c, r, old_history_size; - size_t bufsize, rowssize; int history_full; const teken_attr_t *a; term_char_t ch; @@ -511,10 +510,10 @@ vtbuf_grow(struct vt_buf *vb, const term_pos_t *p, unsigned int history_size) history_size = MAX(history_size, p->tp_row); /* Allocate new buffer. */ - bufsize = history_size * p->tp_col * sizeof(term_char_t); - new = malloc(bufsize, M_VTBUF, M_WAITOK | M_ZERO); - rowssize = history_size * sizeof(term_pos_t *); - rows = malloc(rowssize, M_VTBUF, M_WAITOK | M_ZERO); + new = mallocarray(history_size, p->tp_col * sizeof(term_char_t), + M_VTBUF, M_WAITOK | M_ZERO); + rows = mallocarray(history_size, sizeof(term_pos_t *), M_VTBUF, + M_WAITOK | M_ZERO); /* Toggle it. */ VTBUF_LOCK(vb); diff --git a/sys/dev/vt/vt_core.c b/sys/dev/vt/vt_core.c index 50f12512a81c..547bee8be86a 100644 --- a/sys/dev/vt/vt_core.c +++ b/sys/dev/vt/vt_core.c @@ -41,6 +41,7 @@ #include #include #include +#include #include #include #include @@ -2771,8 +2772,9 @@ skip_thunk: /* XXX */ return (0); case CONS_HISTORY: - if (*(int *)data < 0) - return EINVAL; + if (*(int *)data < 0 || + *(int *)data > UINT_MAX / USHRT_MAX / sizeof(term_char_t)) + return (EINVAL); if (*(int *)data != vw->vw_buf.vb_history_size) vtbuf_sethistory_size(&vw->vw_buf, *(int *)data); return (0); From nobody Tue Jun 9 19:18:46 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxL59ZZz6gVJ7 for ; Tue, 09 Jun 2026 19:18:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxL2y3xz3NV0 for ; Tue, 09 Jun 2026 19:18:46 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032726; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xRnnQj9cFGpJzvDGRYPt0fN6suV5rwn5mmfdxu667DM=; b=gubU8GalxuXmVpeBCju4xcZJpYquH0L7SaAdd6g8e8rnuKeoBEODVkZnpuBqyTcdIkAr0A 4sxhuL3Xj9164sh1LQQ8crfzocaAVrPEg0Mo4oBCLwfXAEm1cL/o19Isgwb+a5NvYOp+xp RUDTKGARhm7rGgmsiRQ6ucBaIGJTi+WJUtRD6MnI05tJBcFmzRK5jjxzoKLiw7y3fiNfTK BW9LObeAAQ47c4sOPHwTXgiZ/RZJhxxze2OisDvwk3XfHdFCSIdLAtmX0XhISfGfyCVXy3 GP5WNupTfW+B4zdMa6WinvWe0uO+EmOY4/ZoEf0oc6Vh3VOFtftHnq0/W6F8lA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032726; a=rsa-sha256; cv=none; b=c++SdFJm/hM4rFbGA9zgTYWgFjbvbVwH/EvUb9KOZQmSAfwnd+KGiJU2deKu4+/e0J0gs0 D0yNImcg6XPVqmWNi/1EIzit4MXc3WslyjtsOwRS3JEamYxGIeNxr9Bk7SK4xfd/j7CxQ4 Uu4rLtt7jlpfbPS590sVbjFruRlCCI1rtPn+QT+g69E7wyAbZHEVheLftMobjWNmOhuBNv oKSiAqAugxWxtHoLragiCiLjTBaOei8rzGcYmCyV6D/FCvo0DeoCxZa//fCbcx1C4NYd2c t4S0VOVauIZ3rs6zJ0nys6bY2hNIACmp9pzDd8It7LXEaqxdQbjrB22Hfc4syg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032726; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xRnnQj9cFGpJzvDGRYPt0fN6suV5rwn5mmfdxu667DM=; b=p+BllcD3b7kI9+c9tF92UKgIfYqo43dBNbdil0Xj+RBHyLMpYqluglziyhRq7hRfNTIH3Q KEt9MzuhhHoSZJWJzh9PmVOckqFgCTj9pu+jyzN9ErUgMW7N1/W7/G3Lh7R3RccSEgDoH7 HmD8UbB/H9nzF3D8Z0tj4dhUBoR6LQrsIc1Nico0CgGyGNur5KmJorZNfkK85z2ZY8Px1E PVcVa1VQMrEB3gwykjB34dG+2heUl1WYLma2A1t041Xskz+lxwnN4fmdOfB4LfMRGw7Lw6 xqvHpy2PG1v8Cdf/SfgO3ZrT3evSVHHqSteEzUE5hBf/nE89CZYyHNHvRGlR9g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxL2R91znxy for ; Tue, 09 Jun 2026 19:18:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3eb21 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:46 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: dd3096b4efe6 - releng/14.3 - openssl: Fix multiple vulnerabilities List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: dd3096b4efe6e6b821624ede869a182e7936fc80 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:46 +0000 Message-Id: <6a286716.3eb21.365af0c4@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=dd3096b4efe6e6b821624ede869a182e7936fc80 commit dd3096b4efe6e6b821624ede869a182e7936fc80 Author: Gordon Tetlow AuthorDate: 2026-06-07 03:24:17 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 17:48:17 +0000 openssl: Fix multiple vulnerabilities This is a rollup commit from upstream to fix: Reject oversized inputs in ASN1_mbstring_ncopy() cms: kek_unwrap_key: Fix out-of-bounds read in check-byte validation cms: kek_unwrap_key: test for fix out-of-bounds read in check-byte validation Avoid length truncation in ASN1_STRING_set Reject potentially forged encrypted CMS AuthEnvelopedData messages Fix potential NULL dereference processing CMS PasswordRecipientInfo Match the local q DHX parameter against the peer's q Apply the buffered IV on the AES-OCB EVP_Cipher() path Fix handling of empty-ciphertext messages in AES-GCM-SIV and AES-SIV Fix possible use-after-free in OpenSSL PKCS7_verify() Approved by: so Obtained from: OpenSSL Security: FreeBSD-SA-26:35.openssl Security: CVE-2026-7383 Security: CVE-2026-9076 Security: CVE-2026-34180 Security: CVE-2026-34182 Security: CVE-2026-42766 Security: CVE-2026-42770 Security: CVE-2026-45445 Security: CVE-2026-45446 Security: CVE-2026-45447 --- crypto/openssl/crypto/asn1/a_mbstr.c | 31 ++++++++++- crypto/openssl/crypto/asn1/tasn_dec.c | 24 +++++--- crypto/openssl/crypto/cms/cms_enc.c | 18 ++++-- crypto/openssl/crypto/cms/cms_env.c | 6 +- crypto/openssl/crypto/cms/cms_err.c | 4 +- crypto/openssl/crypto/cms/cms_local.h | 2 +- crypto/openssl/crypto/cms/cms_pwri.c | 15 ++++- crypto/openssl/crypto/err/openssl.txt | 3 +- crypto/openssl/crypto/pkcs7/pk7_smime.c | 9 +-- crypto/openssl/include/crypto/cmserr.h | 2 +- crypto/openssl/include/openssl/cmserr.h | 4 +- .../implementations/ciphers/cipher_aes_ocb.c | 13 +++++ .../implementations/ciphers/cipher_aes_siv.c | 3 + .../providers/implementations/exchange/dh_exch.c | 5 +- .../cms-msg/enveloped-content-type-for-aes-gcm.pem | 7 +++ crypto/openssl/test/cmsapitest.c | 54 +++++++++++++++++- crypto/openssl/test/evp_extra_test.c | 61 +++++++++++++++++++++ crypto/openssl/test/recipes/80-test_cms.t | 12 +++- crypto/openssl/test/recipes/80-test_cmsapi.t | 3 +- .../80-test_cmsapi_data/cms_pwri_kek_oob.der | Bin 0 -> 193 bytes 20 files changed, 239 insertions(+), 37 deletions(-) diff --git a/crypto/openssl/crypto/asn1/a_mbstr.c b/crypto/openssl/crypto/asn1/a_mbstr.c index 531e01d33257..9329e5795a9e 100644 --- a/crypto/openssl/crypto/asn1/a_mbstr.c +++ b/crypto/openssl/crypto/asn1/a_mbstr.c @@ -174,11 +174,27 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, break; case MBSTRING_BMP: + if (nchar > INT_MAX / 2) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 1; cpyfunc = cpy_bmp; break; case MBSTRING_UNIV: + if (nchar > INT_MAX / 4) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 2; cpyfunc = cpy_univ; break; @@ -186,8 +202,11 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_UTF8: outlen = 0; ret = traverse_string(in, len, inform, out_utf8, &outlen); - if (ret < 0) { - ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); + if (ret < 0) { /* error already raised in out_utf8() */ + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } return -1; } cpyfunc = cpy_utf8; @@ -271,9 +290,15 @@ static int out_utf8(unsigned long value, void *arg) int *outlen, len; len = UTF8_putc(NULL, -1, value); - if (len <= 0) + if (len <= 0) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); return len; + } outlen = arg; + if (*outlen > INT_MAX - len) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + return -1; + } *outlen += len; return 1; } diff --git a/crypto/openssl/crypto/asn1/tasn_dec.c b/crypto/openssl/crypto/asn1/tasn_dec.c index 9138ad381f7d..4cbc6275cc35 100644 --- a/crypto/openssl/crypto/asn1/tasn_dec.c +++ b/crypto/openssl/crypto/asn1/tasn_dec.c @@ -54,7 +54,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it); /* Table to convert tags to bit values, used for MSTRING type */ @@ -855,19 +855,24 @@ err: /* Translate ASN1 content octets into a structure */ -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it) { ASN1_VALUE **opval = NULL; ASN1_STRING *stmp; ASN1_TYPE *typ = NULL; int ret = 0; + int ilen = (int)len; const ASN1_PRIMITIVE_FUNCS *pf; ASN1_INTEGER **tint; pf = it->funcs; - if (pf && pf->prim_c2i) - return pf->prim_c2i(pval, cont, len, utype, free_cont, it); + if (pf && pf->prim_c2i) { + if (len == (long)ilen) + return pf->prim_c2i(pval, cont, ilen, utype, free_cont, it); + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + return 0; + } /* If ANY type clear type and set pointer to internal value */ if (it->utype == V_ASN1_ANY) { if (*pval == NULL) { @@ -885,7 +890,8 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, } switch (utype) { case V_ASN1_OBJECT: - if (!ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) + if (len != (long)ilen + || !ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, ilen)) goto err; break; @@ -940,6 +946,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_SET: case V_ASN1_SEQUENCE: default: + if (len != (long)ilen) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + goto err; + } if (utype == V_ASN1_BMPSTRING && (len & 1)) { ERR_raise(ERR_LIB_ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); goto err; @@ -964,10 +974,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, if (*free_cont) { OPENSSL_free(stmp->data); stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */ - stmp->length = len; + stmp->length = ilen; *free_cont = 0; } else { - if (!ASN1_STRING_set(stmp, cont, len)) { + if (!ASN1_STRING_set(stmp, cont, ilen)) { ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); ASN1_STRING_free(stmp); *pval = NULL; diff --git a/crypto/openssl/crypto/cms/cms_enc.c b/crypto/openssl/crypto/cms/cms_enc.c index 8c1a15aeda71..367617576175 100644 --- a/crypto/openssl/crypto/cms/cms_enc.c +++ b/crypto/openssl/crypto/cms/cms_enc.c @@ -23,7 +23,7 @@ /* Return BIO based on EncryptedContentInfo and key */ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, - const CMS_CTX *cms_ctx) + const CMS_CTX *cms_ctx, int auth) { BIO *b; EVP_CIPHER_CTX *ctx; @@ -104,14 +104,20 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, goto err; } if ((EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)) { + if (!auth) { + ERR_raise(ERR_LIB_CMS, CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA); + goto err; + } piv = aparams.iv; - if (ec->taglen > 0 - && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, - ec->taglen, ec->tag) - <= 0) { + + if (ec->taglen < 4 || ec->taglen > 16 + || EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, (int)ec->taglen, ec->tag) <= 0) { ERR_raise(ERR_LIB_CMS, CMS_R_CIPHER_AEAD_SET_TAG_ERROR); goto err; } + } else if (auth) { + ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM); + goto err; } } len = EVP_CIPHER_CTX_get_key_length(ctx); @@ -263,5 +269,5 @@ BIO *ossl_cms_EncryptedData_init_bio(const CMS_ContentInfo *cms) if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs) enc->version = 2; return ossl_cms_EncryptedContent_init_bio(enc->encryptedContentInfo, - ossl_cms_get0_cmsctx(cms)); + ossl_cms_get0_cmsctx(cms), 0); } diff --git a/crypto/openssl/crypto/cms/cms_env.c b/crypto/openssl/crypto/cms/cms_env.c index 2326253b6743..d2eace4fef5d 100644 --- a/crypto/openssl/crypto/cms/cms_env.c +++ b/crypto/openssl/crypto/cms/cms_env.c @@ -1099,7 +1099,7 @@ static BIO *cms_EnvelopedData_Decryption_init_bio(CMS_ContentInfo *cms) { CMS_EncryptedContentInfo *ec = cms->d.envelopedData->encryptedContentInfo; BIO *contentBio = ossl_cms_EncryptedContent_init_bio(ec, - ossl_cms_get0_cmsctx(cms)); + ossl_cms_get0_cmsctx(cms), 0); EVP_CIPHER_CTX *ctx = NULL; if (contentBio == NULL) @@ -1137,7 +1137,7 @@ static BIO *cms_EnvelopedData_Encryption_init_bio(CMS_ContentInfo *cms) /* Get BIO first to set up key */ ec = env->encryptedContentInfo; - ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms)); + ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms), 0); /* If error end of processing */ if (!ret) @@ -1189,7 +1189,7 @@ BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms) ec->tag = aenv->mac->data; ec->taglen = aenv->mac->length; } - ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms)); + ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms), 1); /* If error or no cipher end of processing */ if (ret == NULL || ec->cipher == NULL) diff --git a/crypto/openssl/crypto/cms/cms_err.c b/crypto/openssl/crypto/cms/cms_err.c index 37e52963e16d..bc922d0ee03d 100644 --- a/crypto/openssl/crypto/cms/cms_err.c +++ b/crypto/openssl/crypto/cms/cms_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -25,6 +25,8 @@ static const ERR_STRING_DATA CMS_str_reasons[] = { "certificate has no keyid" }, { ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error" }, + { ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA), + "cipher aead in enveloped data" }, { ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_AEAD_SET_TAG_ERROR), "cipher aead set tag error" }, { ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_GET_TAG), "cipher get tag" }, diff --git a/crypto/openssl/crypto/cms/cms_local.h b/crypto/openssl/crypto/cms/cms_local.h index a92a67fa8b24..d80689f64d68 100644 --- a/crypto/openssl/crypto/cms/cms_local.h +++ b/crypto/openssl/crypto/cms/cms_local.h @@ -429,7 +429,7 @@ int ossl_cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert); int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert); BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, - const CMS_CTX *ctx); + const CMS_CTX *ctx, int auth); BIO *ossl_cms_EncryptedData_init_bio(const CMS_ContentInfo *cms); int ossl_cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, const EVP_CIPHER *cipher, diff --git a/crypto/openssl/crypto/cms/cms_pwri.c b/crypto/openssl/crypto/cms/cms_pwri.c index 46313f2bfe2c..8b0ea233fd6d 100644 --- a/crypto/openssl/crypto/cms/cms_pwri.c +++ b/crypto/openssl/crypto/cms/cms_pwri.c @@ -189,14 +189,18 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen, EVP_CIPHER_CTX *ctx) { - size_t blocklen = EVP_CIPHER_CTX_get_block_size(ctx); + int blocklen = EVP_CIPHER_CTX_get_block_size(ctx); unsigned char *tmp; int outl, rv = 0; - if (inlen < 2 * blocklen) { + + if (blocklen < 4) + return 0; + + if (inlen < 2 * (size_t)blocklen) { /* too small */ return 0; } - if (inlen % blocklen) { + if (inlen > INT_MAX || inlen % blocklen) { /* Invalid size */ return 0; } @@ -350,6 +354,11 @@ int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, /* Finish password based key derivation to setup key in "ctx" */ + if (algtmp == NULL) { + ERR_raise_data(ERR_LIB_CMS, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER, + "Missing KeyDerivationAlgorithm"); + goto err; + } if (!EVP_PBE_CipherInit_ex(algtmp->algorithm, (char *)pwri->pass, (int)pwri->passlen, algtmp->parameter, kekctx, en_de, diff --git a/crypto/openssl/crypto/err/openssl.txt b/crypto/openssl/crypto/err/openssl.txt index 756fafdfa24a..dc4e3f310f08 100644 --- a/crypto/openssl/crypto/err/openssl.txt +++ b/crypto/openssl/crypto/err/openssl.txt @@ -1,4 +1,4 @@ -# Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -284,6 +284,7 @@ CMS_R_ATTRIBUTE_ERROR:161:attribute error CMS_R_CERTIFICATE_ALREADY_PRESENT:175:certificate already present CMS_R_CERTIFICATE_HAS_NO_KEYID:160:certificate has no keyid CMS_R_CERTIFICATE_VERIFY_ERROR:100:certificate verify error +CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA:182:cipher aead in enveloped data CMS_R_CIPHER_AEAD_SET_TAG_ERROR:184:cipher aead set tag error CMS_R_CIPHER_GET_TAG:185:cipher get tag CMS_R_CIPHER_INITIALISATION_ERROR:101:cipher initialisation error diff --git a/crypto/openssl/crypto/pkcs7/pk7_smime.c b/crypto/openssl/crypto/pkcs7/pk7_smime.c index 001b96d31183..fadf543e9db7 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_smime.c +++ b/crypto/openssl/crypto/pkcs7/pk7_smime.c @@ -218,6 +218,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, int i, j = 0, k, ret = 0; BIO *p7bio = NULL; BIO *tmpin = NULL, *tmpout = NULL; + BIO *next = NULL; const PKCS7_CTX *p7_ctx; if (p7 == NULL) { @@ -366,11 +367,11 @@ err: BIO_free(tmpout); X509_STORE_CTX_free(cert_ctx); OPENSSL_free(buf); - if (tmpin == indata) { - if (indata) - BIO_pop(p7bio); + while (p7bio != NULL && p7bio != indata) { + next = BIO_pop(p7bio); + BIO_free(p7bio); + p7bio = next; } - BIO_free_all(p7bio); sk_X509_free(signers); return ret; } diff --git a/crypto/openssl/include/crypto/cmserr.h b/crypto/openssl/include/crypto/cmserr.h index f9fd933682e5..8b896822d091 100644 --- a/crypto/openssl/include/crypto/cmserr.h +++ b/crypto/openssl/include/crypto/cmserr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/openssl/include/openssl/cmserr.h b/crypto/openssl/include/openssl/cmserr.h index c584b90574e2..6c0baf2362fc 100644 --- a/crypto/openssl/include/openssl/cmserr.h +++ b/crypto/openssl/include/openssl/cmserr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -17,7 +17,6 @@ #include #ifndef OPENSSL_NO_CMS - /* * CMS reason codes. */ @@ -26,6 +25,7 @@ #define CMS_R_CERTIFICATE_ALREADY_PRESENT 175 #define CMS_R_CERTIFICATE_HAS_NO_KEYID 160 #define CMS_R_CERTIFICATE_VERIFY_ERROR 100 +#define CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA 182 #define CMS_R_CIPHER_AEAD_SET_TAG_ERROR 184 #define CMS_R_CIPHER_GET_TAG 185 #define CMS_R_CIPHER_INITIALISATION_ERROR 101 diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c index 8a8eddf36eec..70c0703ddb7c 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c @@ -516,6 +516,19 @@ static int aes_ocb_cipher(void *vctx, unsigned char *out, size_t *outl, return 0; } + /* + * Mirror the streaming handler: refuse if the key has not been set, + * and push the buffered IV into the OCB context before any data is + * processed. Without this, CRYPTO_ocb128_encrypt/decrypt runs with + * Offset_0 = 0 regardless of the caller's IV -- catastrophic + * (key, nonce) reuse, and a subsequent EVP_*Final_ex() emits a tag + * that is a function of (key, iv) only. + */ + if (!ctx->key_set || !update_iv(ctx)) { + ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); + return 0; + } + if (!aes_generic_ocb_cipher(ctx, in, out, inl)) { ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); return 0; diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c index 510c1581b593..c3facacfbcf4 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c @@ -203,6 +203,7 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; const OSSL_PARAM *p; unsigned int speed = 0; + SIV128_CONTEXT *sctx = &ctx->siv; if (params == NULL) return 1; @@ -237,6 +238,8 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (keylen != ctx->keylen) return 0; } + sctx->final_ret = -1; + return 1; } diff --git a/crypto/openssl/providers/implementations/exchange/dh_exch.c b/crypto/openssl/providers/implementations/exchange/dh_exch.c index bb2d355c8143..668602a5e523 100644 --- a/crypto/openssl/providers/implementations/exchange/dh_exch.c +++ b/crypto/openssl/providers/implementations/exchange/dh_exch.c @@ -113,12 +113,15 @@ static int dh_init(void *vpdhctx, void *vdh, const OSSL_PARAM params[]) static int dh_match_params(DH *priv, DH *peer) { int ret; + int ignore_q = 1; FFC_PARAMS *dhparams_priv = ossl_dh_get0_params(priv); FFC_PARAMS *dhparams_peer = ossl_dh_get0_params(peer); + if (dhparams_priv != NULL && dhparams_priv->q != NULL) + ignore_q = 0; ret = dhparams_priv != NULL && dhparams_peer != NULL - && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, 1); + && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, ignore_q); if (!ret) ERR_raise(ERR_LIB_PROV, PROV_R_MISMATCHING_DOMAIN_PARAMETERS); return ret; diff --git a/crypto/openssl/test/cms-msg/enveloped-content-type-for-aes-gcm.pem b/crypto/openssl/test/cms-msg/enveloped-content-type-for-aes-gcm.pem new file mode 100644 index 000000000000..b0610a7ec8a2 --- /dev/null +++ b/crypto/openssl/test/cms-msg/enveloped-content-type-for-aes-gcm.pem @@ -0,0 +1,7 @@ +-----BEGIN PKCS7----- +MIAGCSqGSIb3DQEHA6CAMIACAQIxNqI0AgEEMAgEBkMwRkVFMDALBglghkgBZQME +AQUEGPN0q9rM3neSiY7HIADpnqWym33mRZC4JDCABgkqhkiG9w0BBwEwHgYJYIZI +AWUDBAEGMBEEDIExQGiHZFSYa0ZBqQIBEKCABGNap+JL1B21Mq7ojKPzVuxtRkg3 +LWt8khnK1EzfmV7e64l5KnTdjq9+gfbwOfbuhTavfBI7VK/ZtpH3HII4fCOe37kV +mju8/YnYeRq2KcxESmJBySV/veMwxqmHGAw71JyHpg4AAAAAAAAAAAAA +-----END PKCS7----- diff --git a/crypto/openssl/test/cmsapitest.c b/crypto/openssl/test/cmsapitest.c index 7e74c5daf221..0a7e536bbe75 100644 --- a/crypto/openssl/test/cmsapitest.c +++ b/crypto/openssl/test/cmsapitest.c @@ -20,6 +20,7 @@ static X509 *cert = NULL; static EVP_PKEY *privkey = NULL; static char *derin = NULL; static char *too_long_iv_cms_in = NULL; +static char *pwri_kek_oob_der_in = NULL; static int test_encrypt_decrypt(const EVP_CIPHER *cipher) { @@ -45,6 +46,12 @@ static int test_encrypt_decrypt(const EVP_CIPHER *cipher) CMS_TEXT))) goto end; + if (!(EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) + && !TEST_ptr(contentbio = CMS_EnvelopedData_decrypt(content->d.envelopedData, + NULL, privkey, cert, NULL, + CMS_TEXT, NULL, NULL))) + goto end; + /* Check we got the message we first started with */ if (!TEST_int_eq(BIO_gets(outmsgbio, buf, sizeof(buf)), strlen(msg)) || !TEST_int_eq(strcmp(buf, msg), 0)) @@ -484,7 +491,48 @@ end: return ret; } -OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile\n") +/* + * CMS EnvelopedData with a single PasswordRecipientInfo using + * id-alg-PWRI-KEK and an AES-128-CFB key encryption cipher + * (1-byte effective block size). The encryptedKey OCTET STRING is + * only two bytes long, so the wrapped key buffer is shorter than + * the seven octets read by the check-byte test in kek_unwrap_key(). + * Prior to CVE-2026-9076 this triggered an out-of-bounds heap read; + * CMS_decrypt() must now fail cleanly. + */ +static int test_pwri_kek_unwrap_short_encrypted_key(void) +{ + BIO *in = NULL; + CMS_ContentInfo *cms = NULL; + unsigned long err = 0; + int ret = 0; + + if (!TEST_ptr(in = BIO_new_file(pwri_kek_oob_der_in, "rb")) + || !TEST_ptr(cms = d2i_CMS_bio(in, NULL))) + goto end; + + /* + * The unwrap is attempted eagerly inside CMS_decrypt_set1_password(). + * It must fail cleanly (no OOB read) and report CMS_R_UNWRAP_FAILURE. + */ + if (!TEST_false(CMS_decrypt_set1_password(cms, + (unsigned char *)"password", -1))) + goto end; + + err = ERR_peek_last_error(); + if (!TEST_int_eq(ERR_GET_LIB(err), ERR_LIB_CMS) + || !TEST_int_eq(ERR_GET_REASON(err), CMS_R_UNWRAP_FAILURE)) + goto end; + + ERR_clear_error(); + ret = 1; +end: + CMS_ContentInfo_free(cms); + BIO_free(in); + return ret; +} + +OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile tooLongIVpem pwriKekOobDer\n") int setup_tests(void) { @@ -499,7 +547,8 @@ int setup_tests(void) if (!TEST_ptr(certin = test_get_argument(0)) || !TEST_ptr(privkeyin = test_get_argument(1)) || !TEST_ptr(derin = test_get_argument(2)) - || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3))) + || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3)) + || !TEST_ptr(pwri_kek_oob_der_in = test_get_argument(4))) return 0; certbio = BIO_new_file(certin, "r"); @@ -535,6 +584,7 @@ int setup_tests(void) ADD_TEST(test_encrypted_data_aead); ADD_ALL_TESTS(test_d2i_CMS_decode, 2); ADD_TEST(test_cms_aesgcm_iv_too_long); + ADD_TEST(test_pwri_kek_unwrap_short_encrypted_key); return 1; } diff --git a/crypto/openssl/test/evp_extra_test.c b/crypto/openssl/test/evp_extra_test.c index 1b0f0711cb57..7bd41db115ca 100644 --- a/crypto/openssl/test/evp_extra_test.c +++ b/crypto/openssl/test/evp_extra_test.c @@ -5414,6 +5414,64 @@ static int test_aes_rc4_keylen_change_cve_2023_5363(void) } #endif +/* + * AES-SIV reuse-without-rekey: + * msg1: legit non-empty CT, tag verifies, final_ret=0 + * msg2: no reinit (or reinit with key=NULL), set forged tag, + * AAD only, DecryptFinal -> does stale final_ret leak through? + */ +static int test_aes_siv_ctx_reuse(void) +{ + unsigned char key[32] = { 7 }; /* AES-128-SIV => 2*16 */ + unsigned char pt[9] = "payload!"; + unsigned char ct[9], tagbuf[16], out[16], zero16[16] = { 0 }; + unsigned char aad[14] = "forged header"; + int outl, ret = 0; + EVP_CIPHER_CTX *e = NULL, *d = NULL; + EVP_CIPHER *c = EVP_CIPHER_fetch(NULL, "AES-128-SIV", NULL); + + if (c == NULL) { + return TEST_skip("AES-128-SIV cipher is not available"); + } + + /* produce a valid (ct,tag) for msg1 */ + e = EVP_CIPHER_CTX_new(); + if (!TEST_ptr(e) + || !TEST_true(EVP_EncryptInit_ex2(e, c, key, NULL, NULL)) + || !TEST_true(EVP_EncryptUpdate(e, NULL, &outl, (unsigned char *)"hdr1", 4)) + || !TEST_true(EVP_EncryptUpdate(e, ct, &outl, pt, sizeof(pt))) + || !TEST_true(EVP_EncryptFinal_ex(e, out, &outl)) + || !TEST_true(EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_AEAD_GET_TAG, 16, tagbuf))) { + EVP_CIPHER_CTX_free(e); + goto err; + } + EVP_CIPHER_CTX_free(e); + + /* msg1 decrypt */ + d = EVP_CIPHER_CTX_new(); + if (!TEST_ptr(d) + || !TEST_true(EVP_DecryptInit_ex2(d, c, key, NULL, NULL)) + || !TEST_true(EVP_CIPHER_CTX_ctrl(d, EVP_CTRL_AEAD_SET_TAG, 16, tagbuf)) + || !TEST_true(EVP_DecryptUpdate(d, NULL, &outl, (unsigned char *)"hdr1", 4)) + || !TEST_true(EVP_DecryptUpdate(d, out, &outl, ct, sizeof(ct))) + || !TEST_true(EVP_DecryptFinal_ex(d, out, &outl))) + goto err; + + /* msg2 on SAME ctx, reinit with key=NULL => initkey skipped, final_ret should be reset */ + if (!TEST_true(EVP_DecryptInit_ex2(d, NULL, NULL, NULL, NULL)) + || !TEST_true(EVP_CIPHER_CTX_ctrl(d, EVP_CTRL_AEAD_SET_TAG, 16, zero16)) + || !TEST_true(EVP_DecryptUpdate(d, NULL, &outl, aad, sizeof(aad))) /* forged AAD */ + || !TEST_false(EVP_DecryptFinal_ex(d, out, &outl))) + goto err; + + ret = 1; + +err: + EVP_CIPHER_CTX_free(d); + EVP_CIPHER_free(c); + return ret; +} + static int test_invalid_ctx_for_digest(void) { int ret; @@ -5637,6 +5695,9 @@ int setup_tests(void) ADD_TEST(test_aes_rc4_keylen_change_cve_2023_5363); #endif + /* Test case for CVE-2026-45446 */ + ADD_TEST(test_aes_siv_ctx_reuse); + ADD_TEST(test_invalid_ctx_for_digest); ADD_TEST(test_evp_cipher_negative_length); diff --git a/crypto/openssl/test/recipes/80-test_cms.t b/crypto/openssl/test/recipes/80-test_cms.t index b6ee61464409..f573651e26bc 100644 --- a/crypto/openssl/test/recipes/80-test_cms.t +++ b/crypto/openssl/test/recipes/80-test_cms.t @@ -51,7 +51,7 @@ my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib) $no_rc2 = 1 if disabled("legacy"); -plan tests => 23; +plan tests => 24; ok(run(test(["pkcs7_test"])), "test pkcs7"); @@ -1054,6 +1054,16 @@ ok(!run(app(['openssl', 'cms', '-verify', ])), "issue#19643"); +# Check that users get error when using incorrect envelope type for AEAD algorithms +ok(!run(app(['openssl', 'cms', '-decrypt', + '-inform', 'PEM', '-stream', + '-secretkey', '000102030405060708090A0B0C0D0E0F', + '-secretkeyid', 'C0FEE0', + '-in', srctop_file("test/cms-msg", + "enveloped-content-type-for-aes-gcm.pem") + ])), + "Error AES-GCM in enveloped content type"); + # Check that kari encryption with originator does not segfault with({ exit_checker => sub { return shift == 3; } }, sub { diff --git a/crypto/openssl/test/recipes/80-test_cmsapi.t b/crypto/openssl/test/recipes/80-test_cmsapi.t index 8d9371e005c0..3d1dae846464 100644 --- a/crypto/openssl/test/recipes/80-test_cmsapi.t +++ b/crypto/openssl/test/recipes/80-test_cmsapi.t @@ -19,5 +19,6 @@ plan tests => 1; ok(run(test(["cmsapitest", srctop_file("test", "certs", "servercert.pem"), srctop_file("test", "certs", "serverkey.pem"), srctop_file("test", "recipes", "80-test_cmsapi_data", "encryptedData.der"), - srctop_file("test", "recipes", "80-test_cmsapi_data", "encDataWithTooLongIV.pem")])), + srctop_file("test", "recipes", "80-test_cmsapi_data", "encDataWithTooLongIV.pem"), + srctop_file("test", "recipes", "80-test_cmsapi_data", "cms_pwri_kek_oob.der")])), "running cmsapitest"); diff --git a/crypto/openssl/test/recipes/80-test_cmsapi_data/cms_pwri_kek_oob.der b/crypto/openssl/test/recipes/80-test_cmsapi_data/cms_pwri_kek_oob.der new file mode 100644 index 000000000000..c3ef3abd10e6 Binary files /dev/null and b/crypto/openssl/test/recipes/80-test_cmsapi_data/cms_pwri_kek_oob.der differ From nobody Tue Jun 9 19:18:48 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxN6P2Wz6gVFY for ; Tue, 09 Jun 2026 19:18:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxN4XzRz3Nnq for ; Tue, 09 Jun 2026 19:18:48 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032728; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6aWZWmSr0PoiqSInru6wWOaoVIqHrsyD0nnSabR7ed4=; b=t6/29Sc8h06HtkfOcXdAP3wAd4CAmfS6bZQKk8cZnWe+jUbWIxdZ7PIKXV9rEYMPYFClAK Hz4rwVoBy5W9/kXqnhYqOJKUAazv9REXWfKVqD8GXT7FimpFDBpF+JgmD5L673HA8+oDIA EwpgJQbUP1smBl2SvsQTrwHvN8r8Bong6AJR4s8ZMLIa2xzLKxHSLXTWmqcsvcOHXc6lnU hZKRlm4ZhCrXN0YgSL4hE050mAn+ZTRoIBF6h+Ltv0paqiFcXLExMKDSRo5tnG5KjPb6DG nuuMPYz8RkwyNOfJE+l9IRXM3OnhSCuZ7TjYuyrOVnjs5d4F/1sX3pBUm5khHQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032728; a=rsa-sha256; cv=none; b=s3S1iyUyRi6bSsjQyKDPS1whTUY42csicMrBM3eT7TNY+uQ7uzXQ6eNmxgiNgNJ/PQ/zgv raDbMjY37vnDkvbGMD4yJ1Ps7gNJ4NpN9L6q+i8bgdOK4cJCiQEm4y7fBlaEock0m0Ssoa ZYDmefvZybWVyzX1v8NsrIndYoyzhS8tA/jhaUwl4VwOB46yI1tBsbG5IzblvOf+yZYMLW wEjVOG3yGOP0VziPJ/3rIjGsqBd8/My0fhk8V6bir+h4AZRo9lGLAaHyWrveZGif7LA2vG jMIpxy6iEvIYHQq1Fnx9eTjq2asCpheY5JVRPhDkohr+CIeYehYBX0clkGClIw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032728; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=6aWZWmSr0PoiqSInru6wWOaoVIqHrsyD0nnSabR7ed4=; b=IaQnsat2CPPMCIOYqhsWKdX0qPPTmXuzWhtHbTtGaLzlz2d4t1IJA4ZidU/j9yESOa17LW nfTpVB/JC/wX78cCFsOA/sVvUk/hJQ9BnCNwR502ogynt+UrLXB7GTRKe8MprBvX4LXLzk Vh6nSdUt2iTITR45yd3XLPWuNrc3tXJEbZhGWGw3KD3xeWtDJPqnQzL3gNI9Lq0Sn7+wvV QPqA3z2qXVApjoXOoYClrAAoH31WEKs7178e/+1upwVvDpkMQkneI75Y3Dl0C0QdUnUsd6 D997Ce7fYWyG/lGzdAszF8+cXd/55fM8ZUaJhyOD7BDg30BwN+9qvmxCGWpHhQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxN3z65zny1 for ; Tue, 09 Jun 2026 19:18:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c5f7 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:48 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 0b1dfc94785e - releng/14.3 - Add UPDATING entries and bump version List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: 0b1dfc94785e1ae263e9334a07fbe2a1ef98c0c9 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:48 +0000 Message-Id: <6a286718.3c5f7.5414a565@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=0b1dfc94785e1ae263e9334a07fbe2a1ef98c0c9 commit 0b1dfc94785e1ae263e9334a07fbe2a1ef98c0c9 Author: Mark Johnston AuthorDate: 2026-06-07 17:34:10 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:24:16 +0000 Add UPDATING entries and bump version Approved by: so --- UPDATING | 41 +++++++++++++++++++++++++++++++++++++++++ sys/conf/newvers.sh | 2 +- 2 files changed, 42 insertions(+), 1 deletion(-) diff --git a/UPDATING b/UPDATING index 8abe8c180b1f..54f8fba0e6a2 100644 --- a/UPDATING +++ b/UPDATING @@ -12,6 +12,47 @@ Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before updating system packages and/or ports. +20260609: + 14.3-RELEASE-p15 EN-26:15.openssl + SA-26:25.thr + SA-26:26.ktls + SA-26:27.sound + SA-26:28.capsicum + SA-26:29.ip6_multicast + SA-26:30.linux + SA-26:31.arm64 + SA-26:32.elf + SA-26:33.unbound + SA-26:34.vt + SA-26:35.openssl + SA-26:36.ldns + + Update OpenSSL to 3.0.20 and 3.5.6. [EN-26:15.openssl] + + Missing permission check in thr_kill2(2). [SA-26:25.thr] + + Arbitrary file overwrite via the KTLS receive path. [SA-26:26.ktls] + + Multiple vulnerabilities in the sound(4) mmap path. [SA-26:27.sound] + + sigqueue(2) missing capability mode restriction. [SA-26:28.capsicum] + + Use-after-free bug in the IPV6_MSFILTER socket option handler. [SA-26:29.ip6_multicast] + + Flaw in Linuxulator execution of setugid binaries. [SA-26:30.linux] + + Arm CPU errata may bypass page table permission changes. [SA-26:31.arm64] + + ASLR bypass for setuid executables via procctl(2). [SA-26:32.elf] + + Multiple vulnerabilities in unbound. [SA-26:33.unbound] + + Integer overflow in vt(4) CONS_HISTORY ioctl. [SA-26:34.vt] + + Multiple vulnerabilities in OpenSSL. [SA-26:35.openssl] + + Insufficient response validation in the ldns stub resolver. [SA-26:36.ldns] + 20260520: 14.3-RELEASE-p14 SA-26:18.setcred SA-26:19.file diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 1c3b6a33dd3b..0617bc4d8e1a 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -53,7 +53,7 @@ TYPE="FreeBSD" REVISION="14.3" -BRANCH="RELEASE-p14" +BRANCH="RELEASE-p15" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From nobody Tue Jun 9 19:18:47 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxM64sXz6gV8Y for ; Tue, 09 Jun 2026 19:18:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxM3bdLz3NfX for ; Tue, 09 Jun 2026 19:18:47 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032727; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cUjpku+uswLgiLA5gpUDWiRzR/iyliW1k17zKPepWkU=; b=pKu6bml2Eg0Vk5jMnu9zbNJND73/y5GD7dbV0TKEcM6ZahzIhDX96okUJQ2cmNNfj5NpmD ay4h6z+VmGFSHeeFUH170yJXSsOOTjGBHj5WugOyQSVe4Pt0mmRzCTrLycJWHK2FckbTv2 kzqF52a0XghhIY3x2F8HJM5Xr0b2dFHgt5K8g4Gyjbx4QkauHqZIhOqpsqeVlX6XiS9ppl 9gjhdESDZIavN4/aTHUVi8mKmyhCdZnyk40WU1WsRuODn60VWO5qXpwp9X6l/k+ykITSkf rsHs/q7ruKpWBrmzvLZvnXKDel+gi/8TJ/NLpSHMAefvAsOaXTV9lZTl48Pzxw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032727; a=rsa-sha256; cv=none; b=vU1N15xAo+Emu5K/pJwZ8YbDlckPFY1AY/rdye7Ng/tUkPNgvRuNDfea0HM5YtfphbDafX lPiagUgjczOBgX+DP1tYwMpzyyBnN8QtAO3L/IpMoIecOAlka27/fS0u+tfXn++7HLCDnT oJi/ybOvwRN0rQ6jKPdJgPUpJiByyN7qHUC3qzEOZ35Tsj+yg2cD/sjtCJfOGibEITy3ol 95jvZxr+a7R4xDPUxP8cpyVRsrsDdaIoj0aZ9jLnIr0QfA+U2ch4O4HKVNnS5TafT3jmo9 CjDjwqTjHHHye+tc4lyDImphb6+CnFrTcF2v0GmbVboIrdWZK3DobYajeFnDFg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032727; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cUjpku+uswLgiLA5gpUDWiRzR/iyliW1k17zKPepWkU=; b=Q3+wfZ5ne8GnE/F3n1+SVX5QDVv8eJQxUhON+kEj4YrqaR+FxBOd8xaUmwCbmUgtu0pUGK AFE+J+hNZGjZqaSw1WkL/AWGWFTfem22Xr29hzYdYnStP0obgGhB5dqHcwvUxFzbEoSfk+ dCGjEstjwIojMcYEM+NOyujFOXCU/wGGJzh/3CZefS9NKGC9pEevcuA918DNd3UIAvYtH6 hYf/GcDWkEC9PiIaGWDbLiGIVTq6+aHNce44D/9yd5VqHGAVttk7malByAK1GtdcHKrSz6 BAOle8gavOUPVU21cB0Uks5r/3ZAleiDkO4b6FYTc78xDBUQQceiFiQ6Wimq7g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxM3CQjznFy for ; Tue, 09 Jun 2026 19:18:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e83b by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:47 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: f61d7fc2ba85 - releng/14.3 - ldns: Fix query response validation List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.3 X-Git-Reftype: branch X-Git-Commit: f61d7fc2ba857cdce154a7c3964d8ee3f400e838 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:47 +0000 Message-Id: <6a286717.3e83b.ad3fac6@gitrepo.freebsd.org> The branch releng/14.3 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=f61d7fc2ba857cdce154a7c3964d8ee3f400e838 commit f61d7fc2ba857cdce154a7c3964d8ee3f400e838 Author: Gordon Tetlow AuthorDate: 2026-06-07 15:49:47 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 17:48:17 +0000 ldns: Fix query response validation Approved by: so Security: FreeBSD-SA-26:36.ldns Security: CVE-2026-10846 --- contrib/ldns/error.c | 13 +++++++ contrib/ldns/ldns/error.h | 8 ++++- contrib/ldns/net.c | 92 +++++++++++++++++++++++++++++++++++++++++++++-- 3 files changed, 110 insertions(+), 3 deletions(-) diff --git a/contrib/ldns/error.c b/contrib/ldns/error.c index e3fd12112789..4fc05d6d0d8f 100644 --- a/contrib/ldns/error.c +++ b/contrib/ldns/error.c @@ -184,6 +184,19 @@ ldns_lookup_table ldns_error_str[] = { { LDNS_STATUS_INVALID_SVCPARAM_VALUE, "Invalid wireformat of a value " "in the ServiceParam rdata field of SVCB or HTTPS RR" }, + { LDNS_STATUS_NOT_EDE, + "The EDNS option is not an extended error code" }, + { LDNS_STATUS_EDE_OPTION_MALFORMED, + "The extended error code option is malformed, expected " + "at least 2 bytes of option data" }, + { LDNS_STATUS_EQUAL_RR, + "An identical RR already existed in the zone" }, + { LDNS_STATUS_ID_DID_NOT_MATCH, + "Response ID did not match the query ID" }, + { LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + "The query section MUST contain exactly one question" }, + { LDNS_STATUS_QUERY_DID_NOT_MATCH, + "The question in the response did not match the query" }, { 0, NULL } }; diff --git a/contrib/ldns/ldns/error.h b/contrib/ldns/ldns/error.h index 2429b7703dfa..41d64cc0815f 100644 --- a/contrib/ldns/ldns/error.h +++ b/contrib/ldns/ldns/error.h @@ -141,7 +141,13 @@ enum ldns_enum_status { LDNS_STATUS_RESERVED_SVCPARAM_KEY, LDNS_STATUS_NO_SVCPARAM_VALUE_EXPECTED, LDNS_STATUS_SVCPARAM_KEY_MORE_THAN_ONCE, - LDNS_STATUS_INVALID_SVCPARAM_VALUE + LDNS_STATUS_INVALID_SVCPARAM_VALUE, + LDNS_STATUS_NOT_EDE, + LDNS_STATUS_EDE_OPTION_MALFORMED, + LDNS_STATUS_EQUAL_RR, + LDNS_STATUS_ID_DID_NOT_MATCH, + LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + LDNS_STATUS_QUERY_DID_NOT_MATCH }; typedef enum ldns_enum_status ldns_status; diff --git a/contrib/ldns/net.c b/contrib/ldns/net.c index 57d4dff24dbe..215c0cac891c 100644 --- a/contrib/ldns/net.c +++ b/contrib/ldns/net.c @@ -441,6 +441,50 @@ ldns_udp_bgsend2(ldns_buffer *qbin, return ldns_udp_bgsend_from(qbin, to, tolen, NULL, 0, timeout); } +/** helper sockaddr compare function. returns -1, 0 or 1. */ +static int +ldns_sockaddr_cmp(const struct sockaddr_storage* addr1, socklen_t len1, + const struct sockaddr_storage* addr2, socklen_t len2) +{ + struct sockaddr_in* p1_in = (struct sockaddr_in*)addr1; + struct sockaddr_in* p2_in = (struct sockaddr_in*)addr2; + struct sockaddr_in6* p1_in6 = (struct sockaddr_in6*)addr1; + struct sockaddr_in6* p2_in6 = (struct sockaddr_in6*)addr2; + if(len1 < len2) + return -1; + if(len1 > len2) + return 1; + assert(len1 == len2); + if( p1_in->sin_family < p2_in->sin_family) + return -1; + if( p1_in->sin_family > p2_in->sin_family) + return 1; + assert( p1_in->sin_family == p2_in->sin_family ); + /* compare ip4 */ + if( p1_in->sin_family == AF_INET ) { + /* just order it, ntohs not required */ + if(p1_in->sin_port < p2_in->sin_port) + return -1; + if(p1_in->sin_port > p2_in->sin_port) + return 1; + assert(p1_in->sin_port == p2_in->sin_port); + return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, + sizeof(p1_in->sin_addr)); + } else if (p1_in6->sin6_family == AF_INET6) { + /* just order it, ntohs not required */ + if(p1_in6->sin6_port < p2_in6->sin6_port) + return -1; + if(p1_in6->sin6_port > p2_in6->sin6_port) + return 1; + assert(p1_in6->sin6_port == p2_in6->sin6_port); + return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr, + sizeof(p1_in6->sin6_addr)); + } else { + /* eek unknown type, perform this comparison for sanity. */ + return memcmp(addr1, addr2, len1); + } +} + static ldns_status ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to , socklen_t tolen, @@ -449,6 +493,8 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, { int sockfd; uint8_t *answer; + struct sockaddr_storage reply_addr; + socklen_t reply_addr_len; sockfd = ldns_udp_bgsend_from(qbin, to, tolen, from, fromlen, timeout); @@ -467,13 +513,21 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, * but returns a 'NETWORK_ERROR' much like a timeout. */ ldns_sock_nonblock(sockfd); - answer = ldns_udp_read_wire(sockfd, answer_size, NULL, NULL); + reply_addr_len = sizeof(reply_addr); + memset(&reply_addr, 0, reply_addr_len); + answer = ldns_udp_read_wire(sockfd, answer_size, &reply_addr, + &reply_addr_len); close_socket(sockfd); if (!answer) { /* oops */ return LDNS_STATUS_NETWORK_ERR; } + /* Check that the reply came from the to addr. */ + if(ldns_sockaddr_cmp(to, tolen, &reply_addr, reply_addr_len) != 0) { + free(answer); + return LDNS_STATUS_NETWORK_ERR; + } *result = answer; return LDNS_STATUS_OK; @@ -512,6 +566,10 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf assert(r != NULL); + /* The query should at least have one question */ + if(ldns_buffer_limit(qb) < 6 || ldns_buffer_read_u16_at(qb, 4) != 1) + return LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + status = LDNS_STATUS_OK; rtt = ldns_resolver_rtt(r); ns_array = ldns_resolver_nameservers(r); @@ -599,6 +657,16 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf ldns_resolver_set_nameserver_rtt(r, i, LDNS_RESOLV_RTT_INF); status = send_status; } + if(reply_bytes && ldns_buffer_limit(qb) >= 2) { + uint16_t txid = ldns_buffer_read_u16_at(qb, 0); + if(reply_size < 2 || + ldns_read_uint16(reply_bytes) != txid) { + status = LDNS_STATUS_ID_DID_NOT_MATCH; + LDNS_FREE(reply_bytes); + reply_bytes = NULL; + reply_size = 0; + } + } /* obey the fail directive */ if (!reply_bytes) { @@ -608,7 +676,7 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf LDNS_FREE(src); } LDNS_FREE(ns); - return LDNS_STATUS_ERR; + return status ? status : LDNS_STATUS_ERR; } else { LDNS_FREE(ns); continue; @@ -670,6 +738,26 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf #endif /* HAVE_SSL */ LDNS_FREE(reply_bytes); + if (reply) { + ldns_pkt *query = NULL; + + if(ldns_pkt_qdcount(reply) != 1) { + status = LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + ldns_pkt_free(reply); + reply = NULL; + + } else if(ldns_wire2pkt(&query + , ldns_buffer_begin(qb) + , ldns_buffer_position(qb)) != LDNS_STATUS_OK + || ldns_pkt_qdcount(query) != 1 + || ldns_rr_compare(ldns_rr_list_rr(ldns_pkt_question(query),0) + ,ldns_rr_list_rr(ldns_pkt_question(reply),0))){ + status = LDNS_STATUS_QUERY_DID_NOT_MATCH; + ldns_pkt_free(reply); + reply = NULL; + } + ldns_pkt_free(query); + } if (result) { *result = reply; } From nobody Tue Jun 9 19:19:04 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxj0J5gz6gVCC for ; Tue, 09 Jun 2026 19:19:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxh44fdz3PJm for ; Tue, 09 Jun 2026 19:19:04 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032744; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Lpx9yt/yENKhQKZvxDrYdQzHoEJT3z9SNZmLUb1IN0A=; b=BbDrcsgoPujB7LkVB6zIdTNzSAJ3XxdmkiMFDjM5f/ANt7eXfrPPc6qIgxdKwJyXM/Viv0 SHp0C+pHw66/7srS7ZF41NT2gkjchuuRpU7T7ySzPFfuE/TVr3m24P3tDkadCYpbSJjmLB cXt334cenxacA+TbWLeOtfmNPUsBLiEyBEbmSSOFkRkIukZG8bprlnPdjb6fRLs+A8lPnO zaI9eoC2BTgmN9yEgdhMrRGL8MAnQj7jrDtQE7smb1UTn4I/b+AhmxlOpmtw5a001h3HBp SU4pyckrMm5lnH7xoq6F0acS0rv3IW7ogMLJkas0gWsdnJIGbzK+A3TT2QIIRA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032744; a=rsa-sha256; cv=none; b=udNAhi/XtZG7R73MKe1d4NQOlO5OEinLvMfne7mnv6pvlLBQ/RXGrE8xHSc5vd6Kth0NFs HGnvsesVnOpXsc0Se5LLNmhJCk7ooIGivisaq2VFMVf40evV769qmNj5GHWZR6SQKfaea0 DfejPtk8obFFhKmqftReAyGV/zFIL9dvqlxqGh0QxaIoEwAmOL8Gqr8sLl+fr7H/PsJ5Kb yBEzUnhW2PRB3TuLKUAezIe0ohZd6HOVAG959xAGMvnG593aZFX3bd0J5WDm/BZUZtKWUa vTToIzwf2B9SBBFxuFbopOvMhSEMzSNoHTvGF3quB7oeNI3M7FNymzaa8kFHWg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032744; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Lpx9yt/yENKhQKZvxDrYdQzHoEJT3z9SNZmLUb1IN0A=; b=CQHennTDY/ZbIiuTygVaQh9FOUS5w0u8o4Fx/TsvpNBIFgGXMi+XxozMAy/ACORftmytQQ W8UVyaxjmhyy27B6PkTPde1xGmNfJNFujrB2/HS2CfTnmusI66/saVtZMOVfsf7VVf9tK/ wi7xXg05E6zp+JbXTlVqIZZEDrbUOJLFadZM8q1Vs4w6WwU6WCArCXBWz5IVr4ZvVKDUB2 1KAEIkA7IgYB0DK67N86ib7DkIyHpmJrHA3xNvvkMcIPs2BF/Ellkq5UAmElLqpRIq6iqO vfb/jJaEC1DsyngcO5mrXA2jOxgjaeVTrUAUQDyMK8gJVFbP0dI1ON/rBw7GJw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxh3PXfznrZ for ; Tue, 09 Jun 2026 19:19:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3eb22 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:04 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 31f6086db8fe - releng/14.4 - thr_kill2: Respect p_cansignal() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: 31f6086db8fe92e7c7a079a648c08960aed2916c Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:04 +0000 Message-Id: <6a286728.3eb22.27b66355@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=31f6086db8fe92e7c7a079a648c08960aed2916c commit 31f6086db8fe92e7c7a079a648c08960aed2916c Author: Mark Johnston AuthorDate: 2026-05-25 15:12:57 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 15:53:43 +0000 thr_kill2: Respect p_cansignal() Approved by: so Security: FreeBSD-SA-26:25.thr Security: CVE-2026-45256 Reported by: Igor Gabriel Sousa e Souza Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li, and Ke Xu from Tsinghua University using GLM-5.1 from Z.ai Reviewed by: emaste, kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57237 --- sys/kern/kern_thr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/kern_thr.c b/sys/kern/kern_thr.c index 1b5f0b1a33ad..11ceea58e849 100644 --- a/sys/kern/kern_thr.c +++ b/sys/kern/kern_thr.c @@ -499,7 +499,7 @@ sys_thr_kill2(struct thread *td, struct thr_kill2_args *uap) p = ttd->td_proc; AUDIT_ARG_PROCESS(p); error = p_cansignal(td, p, uap->sig); - if (uap->sig == 0) + if (error != 0 || uap->sig == 0) ; else if (!_SIG_VALID(uap->sig)) error = EINVAL; From nobody Tue Jun 9 19:18:58 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxh20ZFz6gVNr for ; Tue, 09 Jun 2026 19:19:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxg3mqlz3PNn for ; Tue, 09 Jun 2026 19:19:03 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032743; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/Ak1aLesszcutpzOqDj1SAizkdo+McbT7FQFhNDo/TY=; b=GTGYdYCzle2oEG7EanVDh6ErHsald4DgNCKd25R6QWyaRbJybinnCTHGfGPOYE9/mTvzD2 LO0TEX/BuwcuCV3La7+Rhqahtj9pjE3K0o6kwjuLd8/ZgZZ5jAvaxSrHnzEhQ4uTEy7oDO Zifp2ED/J2hn9VlY0GilpOz4UE27gTyqN+nFE5uElZlFQuP8khn0ugRVsItyzxbs6CfnZc MlenfsxEsO0fwtEJLp2kImuM94ilXdVDQcjywtnW9m/j1R9gISFTTqw/39JEBk53Qrou1N RlmqrCLdG2eq0CKB2fNvZ9/ena3KbCN9I1oLaCTwRQ/1BW/c3oVUDdkaUBN5+g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032743; a=rsa-sha256; cv=none; b=J+pbvIVlW1x2h35T5u+gVwa9pFyqp8baqI7ylh6EfKSyX1FW6jFjTzAXMTmhDpuGuMHlvJ m8MZmuIvnXI2RgwHXLTb22mSiK0L012gr9szcPbSgz116i4v0lwTVLWK8E6RgUezDR/z1M Z85SCObHXTRHLQ7I3JxMUosIxAWg2yNg2hSwSY5pME7Hj+or7M7pGjRBtYN9yCV8eY8Isn 811h8D3VO+rIeJ9J2Chkx3L422X14p6uo2pKYrpkBnOCAmmxDiOmaAmgX6xbMRiZWcjpCK G5VMabjeJrcyuJMLSJqAXNCCd42XuI2xy/EbRroZUu9tFtYmujvbVFBU/PVFdQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032743; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=/Ak1aLesszcutpzOqDj1SAizkdo+McbT7FQFhNDo/TY=; b=KhyppaSmgU8yxc4rfbeXXgOvptDjGck0zHJgAOi+dP83OuMkQH0uY6mus+saV26HhzMaNO omux8M7yOdd3coxrilNJDjbyjrwNKXmiyeykcW9LCkMYa7ihqLd46H08uByASnfYmmQqiR TXpfpJkekuMuyiC986/41i6h/11LTSDZOnLGIIrMlkTO7CNH+Ag0GfnQO+XUdLMbDv2mCJ girCKukdikWYuv1pJ8r6D9TR94wT4wydriZxYk0Nt14CZaaCQ8MBAh483kD31QFYitP4AK b1PKSIzJKz/CHGKbuUthbw3urExpdM1NxM2DvJL+Z+6gNFd+iwSKFohCPfVjuw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxg37XVznrY for ; Tue, 09 Jun 2026 19:19:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e840 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:18:58 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Enji Cooper From: Mark Johnston Subject: git: 1bfe60bae8b8 - releng/14.4 - crypto/openssl: Update to 3.0.20 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: 1bfe60bae8b85cc63307d9f6b295c30f1684a2c9 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:18:58 +0000 Message-Id: <6a286722.3e840.7a6fc5da@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=1bfe60bae8b85cc63307d9f6b295c30f1684a2c9 commit 1bfe60bae8b85cc63307d9f6b295c30f1684a2c9 Author: Enji Cooper AuthorDate: 2026-04-13 00:10:02 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 15:53:43 +0000 crypto/openssl: Update to 3.0.20 This particular change contains all functional and security fixes made between 3.0.16 and 3.0.20. (cherry picked from commit 27ac9d336f715b4ce91bf447f73d5c3621d099ce) Approved by: so Security: FreeBSD-EN-26:15.openssl Security: CVE-2026-28387 Security: CVE-2026-28388 Security: CVE-2026-28389 Security: CVE-2026-31789 Security: CVE-2026-31790 --- crypto/openssl/ACKNOWLEDGEMENTS.md | 4 +- crypto/openssl/CHANGES.md | 781 +- crypto/openssl/Configurations/10-main.conf | 3 +- crypto/openssl/Configurations/50-nonstop.conf | 2 + crypto/openssl/Configurations/unix-Makefile.tmpl | 17 +- .../openssl/Configurations/windows-makefile.tmpl | 5 +- crypto/openssl/Configure | 7 +- crypto/openssl/INSTALL.md | 4 +- crypto/openssl/NEWS.md | 460 +- crypto/openssl/NOTES-WINDOWS.md | 5 + crypto/openssl/README-ENGINES.md | 2 +- crypto/openssl/README.md | 9 +- crypto/openssl/VERSION.dat | 4 +- crypto/openssl/apps/CA.pl | 383 + crypto/openssl/apps/CA.pl.in | 260 +- crypto/openssl/apps/asn1parse.c | 72 +- crypto/openssl/apps/ca.c | 742 +- crypto/openssl/apps/ciphers.c | 55 +- crypto/openssl/apps/cmp.c | 1163 +- crypto/openssl/apps/cms.c | 491 +- crypto/openssl/apps/crl.c | 124 +- crypto/openssl/apps/crl2pkcs7.c | 36 +- crypto/openssl/apps/dgst.c | 141 +- crypto/openssl/apps/dhparam.c | 152 +- crypto/openssl/apps/dsa.c | 78 +- crypto/openssl/apps/dsaparam.c | 64 +- crypto/openssl/apps/ec.c | 78 +- crypto/openssl/apps/ecparam.c | 127 +- crypto/openssl/apps/enc.c | 180 +- crypto/openssl/apps/engine.c | 112 +- crypto/openssl/apps/errstr.c | 17 +- crypto/openssl/apps/fipsinstall.c | 192 +- crypto/openssl/apps/gendsa.c | 39 +- crypto/openssl/apps/genpkey.c | 67 +- crypto/openssl/apps/genrsa.c | 57 +- crypto/openssl/apps/include/app_libctx.h | 4 +- crypto/openssl/apps/include/app_params.h | 1 - crypto/openssl/apps/include/apps.h | 262 +- crypto/openssl/apps/include/apps_ui.h | 5 +- crypto/openssl/apps/include/cmp_mock_srv.h | 18 +- crypto/openssl/apps/include/engine_loader.h | 8 +- crypto/openssl/apps/include/fmt.h | 32 +- crypto/openssl/apps/include/function.h | 17 +- crypto/openssl/apps/include/http_server.h | 86 +- crypto/openssl/apps/include/names.h | 2 +- crypto/openssl/apps/include/opt.h | 544 +- crypto/openssl/apps/include/platform.h | 12 +- crypto/openssl/apps/include/s_apps.h | 56 +- crypto/openssl/apps/include/vms_term_sock.h | 12 +- crypto/openssl/apps/info.c | 36 +- crypto/openssl/apps/kdf.c | 45 +- crypto/openssl/apps/lib/app_libctx.c | 3 +- crypto/openssl/apps/lib/app_params.c | 7 +- crypto/openssl/apps/lib/app_provider.c | 5 +- crypto/openssl/apps/lib/app_rand.c | 7 +- crypto/openssl/apps/lib/app_x509.c | 54 +- crypto/openssl/apps/lib/apps.c | 825 +- crypto/openssl/apps/lib/apps_ui.c | 39 +- crypto/openssl/apps/lib/cmp_mock_srv.c | 121 +- crypto/openssl/apps/lib/columns.c | 1 - crypto/openssl/apps/lib/engine.c | 15 +- crypto/openssl/apps/lib/engine_loader.c | 38 +- crypto/openssl/apps/lib/http_server.c | 126 +- crypto/openssl/apps/lib/names.c | 2 +- crypto/openssl/apps/lib/opt.c | 271 +- crypto/openssl/apps/lib/s_cb.c | 625 +- crypto/openssl/apps/lib/s_socket.c | 119 +- crypto/openssl/apps/lib/tlssrp_depr.c | 47 +- crypto/openssl/apps/lib/vms_decc_argv.c | 2 +- crypto/openssl/apps/lib/vms_term_sock.c | 517 +- crypto/openssl/apps/lib/win32_init.c | 31 +- crypto/openssl/apps/list.c | 484 +- crypto/openssl/apps/mac.c | 42 +- crypto/openssl/apps/nseq.c | 22 +- crypto/openssl/apps/ocsp.c | 487 +- crypto/openssl/apps/openssl.c | 58 +- crypto/openssl/apps/passwd.c | 253 +- crypto/openssl/apps/pkcs12.c | 342 +- crypto/openssl/apps/pkcs7.c | 39 +- crypto/openssl/apps/pkcs8.c | 88 +- crypto/openssl/apps/pkey.c | 100 +- crypto/openssl/apps/pkeyparam.c | 32 +- crypto/openssl/apps/pkeyutl.c | 244 +- crypto/openssl/apps/prime.c | 39 +- crypto/openssl/apps/progs.pl | 11 +- crypto/openssl/apps/rand.c | 28 +- crypto/openssl/apps/rehash.c | 169 +- crypto/openssl/apps/req.c | 450 +- crypto/openssl/apps/rsa.c | 103 +- crypto/openssl/apps/rsautl.c | 91 +- crypto/openssl/apps/s_client.c | 1742 +- crypto/openssl/apps/s_server.c | 929 +- crypto/openssl/apps/s_time.c | 164 +- crypto/openssl/apps/sess_id.c | 42 +- crypto/openssl/apps/smime.c | 208 +- crypto/openssl/apps/speed.c | 1256 +- crypto/openssl/apps/spkac.c | 56 +- crypto/openssl/apps/srp.c | 196 +- crypto/openssl/apps/storeutl.c | 181 +- crypto/openssl/apps/testdsa.h | 1490 +- crypto/openssl/apps/testrsa.h | 4912 +++- crypto/openssl/apps/timeouts.h | 8 +- crypto/openssl/apps/ts.c | 269 +- crypto/openssl/apps/verify.c | 137 +- crypto/openssl/apps/version.c | 53 +- crypto/openssl/apps/vms_decc_init.c | 73 +- crypto/openssl/apps/x509.c | 389 +- crypto/openssl/configdata.pm.in | 4 +- crypto/openssl/crypto/LPdir_nyi.c | 2 +- crypto/openssl/crypto/LPdir_unix.c | 23 +- crypto/openssl/crypto/LPdir_vms.c | 24 +- crypto/openssl/crypto/LPdir_win.c | 35 +- crypto/openssl/crypto/LPdir_win32.c | 2 + crypto/openssl/crypto/LPdir_wince.c | 2 + crypto/openssl/crypto/aes/aes_cbc.c | 8 +- crypto/openssl/crypto/aes/aes_cfb.c | 18 +- crypto/openssl/crypto/aes/aes_core.c | 3589 ++- crypto/openssl/crypto/aes/aes_ecb.c | 2 +- crypto/openssl/crypto/aes/aes_ige.c | 56 +- crypto/openssl/crypto/aes/aes_local.h | 51 +- crypto/openssl/crypto/aes/aes_misc.c | 6 +- crypto/openssl/crypto/aes/aes_ofb.c | 6 +- crypto/openssl/crypto/aes/aes_wrap.c | 12 +- crypto/openssl/crypto/aes/aes_x86core.c | 594 +- crypto/openssl/crypto/aes/asm/aes-s390x.pl | 5 +- crypto/openssl/crypto/aes/asm/aesv8-armx.pl | 8 +- crypto/openssl/crypto/aria/aria.c | 337 +- crypto/openssl/crypto/arm_arch.h | 165 +- crypto/openssl/crypto/armcap.c | 154 +- crypto/openssl/crypto/asn1/a_bitstr.c | 12 +- crypto/openssl/crypto/asn1/a_d2i_fp.c | 40 +- crypto/openssl/crypto/asn1/a_digest.c | 9 +- crypto/openssl/crypto/asn1/a_dup.c | 6 +- crypto/openssl/crypto/asn1/a_gentm.c | 8 +- crypto/openssl/crypto/asn1/a_i2d_fp.c | 4 +- crypto/openssl/crypto/asn1/a_int.c | 33 +- crypto/openssl/crypto/asn1/a_mbstr.c | 58 +- crypto/openssl/crypto/asn1/a_object.c | 32 +- crypto/openssl/crypto/asn1/a_octet.c | 4 +- crypto/openssl/crypto/asn1/a_print.c | 3 +- crypto/openssl/crypto/asn1/a_sign.c | 43 +- crypto/openssl/crypto/asn1/a_strex.c | 91 +- crypto/openssl/crypto/asn1/a_strnid.c | 16 +- crypto/openssl/crypto/asn1/a_time.c | 53 +- crypto/openssl/crypto/asn1/a_type.c | 12 +- crypto/openssl/crypto/asn1/a_utctm.c | 2 +- crypto/openssl/crypto/asn1/a_utf8.c | 4 +- crypto/openssl/crypto/asn1/a_verify.c | 27 +- crypto/openssl/crypto/asn1/ameth_lib.c | 172 +- crypto/openssl/crypto/asn1/asn1_err.c | 366 +- crypto/openssl/crypto/asn1/asn1_gen.c | 103 +- crypto/openssl/crypto/asn1/asn1_item_list.h | 4 +- crypto/openssl/crypto/asn1/asn1_lib.c | 12 +- crypto/openssl/crypto/asn1/asn1_local.h | 28 +- crypto/openssl/crypto/asn1/asn1_parse.c | 74 +- crypto/openssl/crypto/asn1/asn_mime.c | 123 +- crypto/openssl/crypto/asn1/asn_mstbl.c | 12 +- crypto/openssl/crypto/asn1/asn_pack.c | 4 +- crypto/openssl/crypto/asn1/bio_asn1.c | 44 +- crypto/openssl/crypto/asn1/bio_ndef.c | 17 +- crypto/openssl/crypto/asn1/d2i_param.c | 2 +- crypto/openssl/crypto/asn1/d2i_pr.c | 41 +- crypto/openssl/crypto/asn1/d2i_pu.c | 4 +- crypto/openssl/crypto/asn1/evp_asn1.c | 26 +- crypto/openssl/crypto/asn1/f_int.c | 7 +- crypto/openssl/crypto/asn1/f_string.c | 4 +- crypto/openssl/crypto/asn1/i2d_evp.c | 34 +- crypto/openssl/crypto/asn1/n_pkey.c | 23 +- crypto/openssl/crypto/asn1/nsseq.c | 6 +- crypto/openssl/crypto/asn1/p5_pbe.c | 19 +- crypto/openssl/crypto/asn1/p5_pbev2.c | 55 +- crypto/openssl/crypto/asn1/p5_scrypt.c | 67 +- crypto/openssl/crypto/asn1/p8_pkey.c | 22 +- crypto/openssl/crypto/asn1/standard_methods.h | 1 - crypto/openssl/crypto/asn1/t_bitst.c | 4 +- crypto/openssl/crypto/asn1/t_pkey.c | 19 +- crypto/openssl/crypto/asn1/t_spki.c | 6 +- crypto/openssl/crypto/asn1/tasn_dec.c | 227 +- crypto/openssl/crypto/asn1/tasn_enc.c | 56 +- crypto/openssl/crypto/asn1/tasn_new.c | 30 +- crypto/openssl/crypto/asn1/tasn_prn.c | 92 +- crypto/openssl/crypto/asn1/tasn_scn.c | 2 +- crypto/openssl/crypto/asn1/tasn_typ.c | 26 +- crypto/openssl/crypto/asn1/tasn_utl.c | 22 +- crypto/openssl/crypto/asn1/tbl_standard.h | 85 +- crypto/openssl/crypto/asn1/x_algor.c | 21 +- crypto/openssl/crypto/asn1/x_bignum.c | 29 +- crypto/openssl/crypto/asn1/x_int64.c | 87 +- crypto/openssl/crypto/asn1/x_long.c | 25 +- crypto/openssl/crypto/asn1/x_sig.c | 8 +- crypto/openssl/crypto/asn1/x_spki.c | 10 +- crypto/openssl/crypto/asn1/x_val.c | 4 +- crypto/openssl/crypto/asn1_dsa.c | 61 +- crypto/openssl/crypto/async/arch/async_null.c | 1 - crypto/openssl/crypto/async/arch/async_null.h | 13 +- crypto/openssl/crypto/async/arch/async_posix.c | 6 +- crypto/openssl/crypto/async/arch/async_posix.h | 51 +- crypto/openssl/crypto/async/arch/async_win.c | 10 +- crypto/openssl/crypto/async/arch/async_win.h | 30 +- crypto/openssl/crypto/async/async.c | 29 +- crypto/openssl/crypto/async/async_err.c | 16 +- crypto/openssl/crypto/async/async_local.h | 9 +- crypto/openssl/crypto/async/async_wait.c | 48 +- crypto/openssl/crypto/bf/bf_cfb64.c | 8 +- crypto/openssl/crypto/bf/bf_ecb.c | 2 +- crypto/openssl/crypto/bf/bf_enc.c | 12 +- crypto/openssl/crypto/bf/bf_local.h | 134 +- crypto/openssl/crypto/bf/bf_ofb64.c | 8 +- crypto/openssl/crypto/bf/bf_pi.h | 1548 +- crypto/openssl/crypto/bio/bf_buff.c | 23 +- crypto/openssl/crypto/bio/bf_lbuf.c | 20 +- crypto/openssl/crypto/bio/bf_prefix.c | 14 +- crypto/openssl/crypto/bio/bf_readbuff.c | 64 +- crypto/openssl/crypto/bio/bio_addr.c | 162 +- crypto/openssl/crypto/bio/bio_cb.c | 22 +- crypto/openssl/crypto/bio/bio_dump.c | 26 +- crypto/openssl/crypto/bio/bio_err.c | 114 +- crypto/openssl/crypto/bio/bio_lib.c | 46 +- crypto/openssl/crypto/bio/bio_local.h | 153 +- crypto/openssl/crypto/bio/bio_meth.c | 46 +- crypto/openssl/crypto/bio/bio_print.c | 173 +- crypto/openssl/crypto/bio/bio_sock.c | 213 +- crypto/openssl/crypto/bio/bio_sock2.c | 87 +- crypto/openssl/crypto/bio/bss_acpt.c | 140 +- crypto/openssl/crypto/bio/bss_bio.c | 68 +- crypto/openssl/crypto/bio/bss_conn.c | 192 +- crypto/openssl/crypto/bio/bss_core.c | 8 +- crypto/openssl/crypto/bio/bss_dgram.c | 833 +- crypto/openssl/crypto/bio/bss_fd.c | 46 +- crypto/openssl/crypto/bio/bss_file.c | 88 +- crypto/openssl/crypto/bio/bss_log.c | 206 +- crypto/openssl/crypto/bio/bss_mem.c | 14 +- crypto/openssl/crypto/bio/bss_null.c | 2 +- crypto/openssl/crypto/bio/bss_sock.c | 101 +- crypto/openssl/crypto/bio/ossl_core_bio.c | 4 +- crypto/openssl/crypto/bn/asm/armv4-gf2m.pl | 4 +- crypto/openssl/crypto/bn/asm/rsaz-avx512.pl | 4 +- crypto/openssl/crypto/bn/asm/sparcv9-mont.pl | 4 +- crypto/openssl/crypto/bn/asm/x86_64-gcc.c | 306 +- crypto/openssl/crypto/bn/bn_add.c | 3 +- crypto/openssl/crypto/bn/bn_asm.c | 457 +- crypto/openssl/crypto/bn/bn_blind.c | 35 +- crypto/openssl/crypto/bn/bn_const.c | 253 +- crypto/openssl/crypto/bn/bn_conv.c | 14 +- crypto/openssl/crypto/bn/bn_ctx.c | 37 +- crypto/openssl/crypto/bn/bn_depr.c | 16 +- crypto/openssl/crypto/bn/bn_dh.c | 1135 +- crypto/openssl/crypto/bn/bn_div.c | 160 +- crypto/openssl/crypto/bn/bn_err.c | 54 +- crypto/openssl/crypto/bn/bn_exp.c | 344 +- crypto/openssl/crypto/bn/bn_exp2.c | 29 +- crypto/openssl/crypto/bn/bn_gcd.c | 35 +- crypto/openssl/crypto/bn/bn_gf2m.c | 158 +- crypto/openssl/crypto/bn/bn_intern.c | 14 +- crypto/openssl/crypto/bn/bn_kron.c | 6 +- crypto/openssl/crypto/bn/bn_lib.c | 74 +- crypto/openssl/crypto/bn/bn_local.h | 820 +- crypto/openssl/crypto/bn/bn_mod.c | 20 +- crypto/openssl/crypto/bn/bn_mont.c | 69 +- crypto/openssl/crypto/bn/bn_mpi.c | 3 +- crypto/openssl/crypto/bn/bn_mul.c | 69 +- crypto/openssl/crypto/bn/bn_nist.c | 432 +- crypto/openssl/crypto/bn/bn_ppc.c | 8 +- crypto/openssl/crypto/bn/bn_prime.c | 70 +- crypto/openssl/crypto/bn/bn_print.c | 6 +- crypto/openssl/crypto/bn/bn_rand.c | 78 +- crypto/openssl/crypto/bn/bn_recp.c | 12 +- crypto/openssl/crypto/bn/bn_rsa_fips186_4.c | 45 +- crypto/openssl/crypto/bn/bn_shift.c | 8 +- crypto/openssl/crypto/bn/bn_sparc.c | 65 +- crypto/openssl/crypto/bn/bn_sqr.c | 16 +- crypto/openssl/crypto/bn/bn_sqrt.c | 13 +- crypto/openssl/crypto/bn/bn_srp.c | 26 +- crypto/openssl/crypto/bn/bn_word.c | 3 +- crypto/openssl/crypto/bn/bn_x931p.c | 25 +- crypto/openssl/crypto/bn/rsaz_exp.c | 40 +- crypto/openssl/crypto/bn/rsaz_exp.h | 67 +- crypto/openssl/crypto/bn/rsaz_exp_x2.c | 182 +- crypto/openssl/crypto/bsearch.c | 12 +- crypto/openssl/crypto/buffer/buf_err.c | 2 +- crypto/openssl/crypto/camellia/camellia.c | 426 +- crypto/openssl/crypto/camellia/cmll_cbc.c | 8 +- crypto/openssl/crypto/camellia/cmll_cfb.c | 18 +- crypto/openssl/crypto/camellia/cmll_ctr.c | 10 +- crypto/openssl/crypto/camellia/cmll_ecb.c | 2 +- crypto/openssl/crypto/camellia/cmll_local.h | 18 +- crypto/openssl/crypto/camellia/cmll_misc.c | 6 +- crypto/openssl/crypto/camellia/cmll_ofb.c | 6 +- crypto/openssl/crypto/cast/c_cfb64.c | 8 +- crypto/openssl/crypto/cast/c_ecb.c | 2 +- crypto/openssl/crypto/cast/c_enc.c | 4 +- crypto/openssl/crypto/cast/c_ofb64.c | 8 +- crypto/openssl/crypto/cast/c_skey.c | 15 +- crypto/openssl/crypto/cast/cast_local.h | 321 +- crypto/openssl/crypto/cast/cast_s.h | 2560 +- crypto/openssl/crypto/chacha/chacha_enc.c | 45 +- crypto/openssl/crypto/chacha/chacha_ppc.c | 24 +- crypto/openssl/crypto/cmac/cmac.c | 3 +- crypto/openssl/crypto/cmp/cmp_asn.c | 189 +- crypto/openssl/crypto/cmp/cmp_client.c | 207 +- crypto/openssl/crypto/cmp/cmp_ctx.c | 208 +- crypto/openssl/crypto/cmp/cmp_err.c | 302 +- crypto/openssl/crypto/cmp/cmp_hdr.c | 50 +- crypto/openssl/crypto/cmp/cmp_http.c | 36 +- crypto/openssl/crypto/cmp/cmp_local.h | 212 +- crypto/openssl/crypto/cmp/cmp_msg.c | 275 +- crypto/openssl/crypto/cmp/cmp_protect.c | 48 +- crypto/openssl/crypto/cmp/cmp_server.c | 128 +- crypto/openssl/crypto/cmp/cmp_status.c | 59 +- crypto/openssl/crypto/cmp/cmp_util.c | 76 +- crypto/openssl/crypto/cmp/cmp_vfy.c | 200 +- crypto/openssl/crypto/cms/cms_asn1.c | 301 +- crypto/openssl/crypto/cms/cms_att.c | 88 +- crypto/openssl/crypto/cms/cms_cd.c | 8 +- crypto/openssl/crypto/cms/cms_dd.c | 13 +- crypto/openssl/crypto/cms/cms_dh.c | 43 +- crypto/openssl/crypto/cms/cms_ec.c | 42 +- crypto/openssl/crypto/cms/cms_enc.c | 32 +- crypto/openssl/crypto/cms/cms_env.c | 192 +- crypto/openssl/crypto/cms/cms_err.c | 304 +- crypto/openssl/crypto/cms/cms_ess.c | 59 +- crypto/openssl/crypto/cms/cms_io.c | 30 +- crypto/openssl/crypto/cms/cms_kari.c | 110 +- crypto/openssl/crypto/cms/cms_lib.c | 41 +- crypto/openssl/crypto/cms/cms_local.h | 86 +- crypto/openssl/crypto/cms/cms_pwri.c | 66 +- crypto/openssl/crypto/cms/cms_rsa.c | 43 +- crypto/openssl/crypto/cms/cms_sd.c | 152 +- crypto/openssl/crypto/cms/cms_smime.c | 143 +- crypto/openssl/crypto/comp/c_zlib.c | 174 +- crypto/openssl/crypto/comp/comp_err.c | 22 +- crypto/openssl/crypto/comp/comp_lib.c | 6 +- crypto/openssl/crypto/comp/comp_local.h | 22 +- crypto/openssl/crypto/conf/conf_api.c | 6 +- crypto/openssl/crypto/conf/conf_def.c | 78 +- crypto/openssl/crypto/conf/conf_err.c | 90 +- crypto/openssl/crypto/conf/conf_lib.c | 27 +- crypto/openssl/crypto/conf/conf_mod.c | 67 +- crypto/openssl/crypto/conf/conf_sap.c | 6 +- crypto/openssl/crypto/conf/conf_ssl.c | 13 +- crypto/openssl/crypto/context.c | 38 +- crypto/openssl/crypto/core_algorithm.c | 52 +- crypto/openssl/crypto/core_fetch.c | 34 +- crypto/openssl/crypto/core_namemap.c | 75 +- crypto/openssl/crypto/cpt_err.c | 82 +- crypto/openssl/crypto/cpuid.c | 41 +- crypto/openssl/crypto/crmf/crmf_asn.c | 81 +- crypto/openssl/crypto/crmf/crmf_err.c | 88 +- crypto/openssl/crypto/crmf/crmf_lib.c | 236 +- crypto/openssl/crypto/crmf/crmf_local.h | 25 +- crypto/openssl/crypto/crmf/crmf_pbm.c | 29 +- crypto/openssl/crypto/cryptlib.c | 112 +- crypto/openssl/crypto/ct/ct_b64.c | 16 +- crypto/openssl/crypto/ct/ct_err.c | 62 +- crypto/openssl/crypto/ct/ct_local.h | 97 +- crypto/openssl/crypto/ct/ct_log.c | 27 +- crypto/openssl/crypto/ct/ct_oct.c | 22 +- crypto/openssl/crypto/ct/ct_policy.c | 13 +- crypto/openssl/crypto/ct/ct_prn.c | 16 +- crypto/openssl/crypto/ct/ct_sct.c | 11 +- crypto/openssl/crypto/ct/ct_sct_ctx.c | 13 +- crypto/openssl/crypto/ct/ct_vfy.c | 9 +- crypto/openssl/crypto/ct/ct_x509v3.c | 62 +- crypto/openssl/crypto/ctype.c | 414 +- crypto/openssl/crypto/der_writer.c | 23 +- crypto/openssl/crypto/des/cbc_cksm.c | 4 +- crypto/openssl/crypto/des/cbc_enc.c | 2 + crypto/openssl/crypto/des/cfb64ede.c | 16 +- crypto/openssl/crypto/des/cfb64enc.c | 8 +- crypto/openssl/crypto/des/cfb_enc.c | 13 +- crypto/openssl/crypto/des/des_enc.c | 144 +- crypto/openssl/crypto/des/des_local.h | 381 +- crypto/openssl/crypto/des/ecb3_enc.c | 4 +- crypto/openssl/crypto/des/ecb_enc.c | 3 +- crypto/openssl/crypto/des/fcrypt.c | 154 +- crypto/openssl/crypto/des/fcrypt_b.c | 52 +- crypto/openssl/crypto/des/ncbc_enc.c | 6 +- crypto/openssl/crypto/des/ofb64ede.c | 10 +- crypto/openssl/crypto/des/ofb64enc.c | 8 +- crypto/openssl/crypto/des/ofb_enc.c | 8 +- crypto/openssl/crypto/des/pcbc_enc.c | 4 +- crypto/openssl/crypto/des/qud_cksm.c | 22 +- crypto/openssl/crypto/des/set_key.c | 725 +- crypto/openssl/crypto/des/spr.h | 640 +- crypto/openssl/crypto/des/xcbc_enc.c | 6 +- crypto/openssl/crypto/dh/dh_ameth.c | 48 +- crypto/openssl/crypto/dh/dh_asn1.c | 38 +- crypto/openssl/crypto/dh/dh_backend.c | 21 +- crypto/openssl/crypto/dh/dh_check.c | 8 +- crypto/openssl/crypto/dh/dh_depr.c | 2 +- crypto/openssl/crypto/dh/dh_err.c | 92 +- crypto/openssl/crypto/dh/dh_gen.c | 18 +- crypto/openssl/crypto/dh/dh_group_params.c | 5 +- crypto/openssl/crypto/dh/dh_kdf.c | 26 +- crypto/openssl/crypto/dh/dh_key.c | 59 +- crypto/openssl/crypto/dh/dh_lib.c | 16 +- crypto/openssl/crypto/dh/dh_local.h | 24 +- crypto/openssl/crypto/dh/dh_meth.c | 28 +- crypto/openssl/crypto/dh/dh_pmeth.c | 53 +- crypto/openssl/crypto/dh/dh_rfc5114.c | 34 +- crypto/openssl/crypto/dllmain.c | 7 +- crypto/openssl/crypto/dsa/dsa_ameth.c | 157 +- crypto/openssl/crypto/dsa/dsa_asn1.c | 30 +- crypto/openssl/crypto/dsa/dsa_backend.c | 24 +- crypto/openssl/crypto/dsa/dsa_check.c | 8 +- crypto/openssl/crypto/dsa/dsa_depr.c | 10 +- crypto/openssl/crypto/dsa/dsa_err.c | 50 +- crypto/openssl/crypto/dsa/dsa_gen.c | 24 +- crypto/openssl/crypto/dsa/dsa_key.c | 18 +- crypto/openssl/crypto/dsa/dsa_lib.c | 19 +- crypto/openssl/crypto/dsa/dsa_local.h | 38 +- crypto/openssl/crypto/dsa/dsa_meth.c | 52 +- crypto/openssl/crypto/dsa/dsa_ossl.c | 70 +- crypto/openssl/crypto/dsa/dsa_pmeth.c | 39 +- crypto/openssl/crypto/dsa/dsa_sign.c | 14 +- crypto/openssl/crypto/dsa/dsa_vrf.c | 2 +- crypto/openssl/crypto/dso/dso_dl.c | 59 +- crypto/openssl/crypto/dso/dso_dlfcn.c | 132 +- crypto/openssl/crypto/dso/dso_err.c | 56 +- crypto/openssl/crypto/dso/dso_lib.c | 8 +- crypto/openssl/crypto/dso/dso_local.h | 16 +- crypto/openssl/crypto/dso/dso_vms.c | 162 +- crypto/openssl/crypto/dso/dso_win32.c | 160 +- crypto/openssl/crypto/ebcdic.c | 110 +- crypto/openssl/crypto/ec/curve25519.c | 5131 ++-- .../crypto/ec/curve448/arch_32/arch_intrinsics.h | 8 +- crypto/openssl/crypto/ec/curve448/arch_32/f_impl.h | 18 +- .../openssl/crypto/ec/curve448/arch_32/f_impl32.c | 10 +- .../crypto/ec/curve448/arch_64/arch_intrinsics.h | 12 +- crypto/openssl/crypto/ec/curve448/arch_64/f_impl.h | 15 +- .../openssl/crypto/ec/curve448/arch_64/f_impl64.c | 8 +- crypto/openssl/crypto/ec/curve448/curve448.c | 222 +- crypto/openssl/crypto/ec/curve448/curve448_local.h | 22 +- .../openssl/crypto/ec/curve448/curve448_tables.c | 3028 +-- crypto/openssl/crypto/ec/curve448/curve448utils.h | 44 +- crypto/openssl/crypto/ec/curve448/ed448.h | 102 +- crypto/openssl/crypto/ec/curve448/eddsa.c | 232 +- crypto/openssl/crypto/ec/curve448/f_generic.c | 25 +- crypto/openssl/crypto/ec/curve448/field.h | 87 +- crypto/openssl/crypto/ec/curve448/point_448.h | 101 +- crypto/openssl/crypto/ec/curve448/scalar.c | 82 +- crypto/openssl/crypto/ec/curve448/word.h | 48 +- crypto/openssl/crypto/ec/ec2_oct.c | 34 +- crypto/openssl/crypto/ec/ec2_smpl.c | 122 +- crypto/openssl/crypto/ec/ec_ameth.c | 89 +- crypto/openssl/crypto/ec/ec_asn1.c | 150 +- crypto/openssl/crypto/ec/ec_backend.c | 93 +- crypto/openssl/crypto/ec/ec_check.c | 14 +- crypto/openssl/crypto/ec/ec_curve.c | 1560 +- crypto/openssl/crypto/ec/ec_cvt.c | 4 +- crypto/openssl/crypto/ec/ec_deprecated.c | 8 +- crypto/openssl/crypto/ec/ec_err.c | 212 +- crypto/openssl/crypto/ec/ec_key.c | 44 +- crypto/openssl/crypto/ec/ec_kmeth.c | 147 +- crypto/openssl/crypto/ec/ec_lib.c | 188 +- crypto/openssl/crypto/ec/ec_local.h | 496 +- crypto/openssl/crypto/ec/ec_mult.c | 113 +- crypto/openssl/crypto/ec/ec_oct.c | 34 +- crypto/openssl/crypto/ec/ec_pmeth.c | 29 +- crypto/openssl/crypto/ec/ec_print.c | 6 +- crypto/openssl/crypto/ec/ecdh_kdf.c | 22 +- crypto/openssl/crypto/ec/ecdh_ossl.c | 9 +- crypto/openssl/crypto/ec/ecdsa_ossl.c | 51 +- crypto/openssl/crypto/ec/ecdsa_sign.c | 13 +- crypto/openssl/crypto/ec/ecdsa_vrf.c | 6 +- crypto/openssl/crypto/ec/eck_prn.c | 23 +- crypto/openssl/crypto/ec/ecp_mont.c | 32 +- crypto/openssl/crypto/ec/ecp_nist.c | 28 +- crypto/openssl/crypto/ec/ecp_nistp224.c | 602 +- crypto/openssl/crypto/ec/ecp_nistp256.c | 789 +- crypto/openssl/crypto/ec/ecp_nistp521.c | 940 +- crypto/openssl/crypto/ec/ecp_nistputil.c | 62 +- crypto/openssl/crypto/ec/ecp_nistz256.c | 363 +- crypto/openssl/crypto/ec/ecp_nistz256_table.c | 24407 +++++++++++-------- crypto/openssl/crypto/ec/ecp_oct.c | 31 +- crypto/openssl/crypto/ec/ecp_ppc.c | 8 +- crypto/openssl/crypto/ec/ecp_s390x_nistp.c | 323 +- crypto/openssl/crypto/ec/ecp_smpl.c | 169 +- crypto/openssl/crypto/ec/ecx_backend.c | 32 +- crypto/openssl/crypto/ec/ecx_backend.h | 18 +- crypto/openssl/crypto/ec/ecx_key.c | 2 +- crypto/openssl/crypto/ec/ecx_meth.c | 229 +- crypto/openssl/crypto/ec/ecx_s390x.c | 28 +- crypto/openssl/crypto/encode_decode/decoder_err.c | 14 +- crypto/openssl/crypto/encode_decode/decoder_lib.c | 363 +- crypto/openssl/crypto/encode_decode/decoder_meth.c | 90 +- crypto/openssl/crypto/encode_decode/decoder_pkey.c | 173 +- crypto/openssl/crypto/encode_decode/encoder_err.c | 14 +- crypto/openssl/crypto/encode_decode/encoder_lib.c | 218 +- .../openssl/crypto/encode_decode/encoder_local.h | 12 +- crypto/openssl/crypto/encode_decode/encoder_meth.c | 100 +- crypto/openssl/crypto/encode_decode/encoder_pkey.c | 98 +- crypto/openssl/crypto/engine/eng_all.c | 4 +- crypto/openssl/crypto/engine/eng_cnf.c | 13 +- crypto/openssl/crypto/engine/eng_ctrl.c | 28 +- crypto/openssl/crypto/engine/eng_dyn.c | 116 +- crypto/openssl/crypto/engine/eng_err.c | 128 +- crypto/openssl/crypto/engine/eng_fat.c | 2 +- crypto/openssl/crypto/engine/eng_lib.c | 4 +- crypto/openssl/crypto/engine/eng_list.c | 13 +- crypto/openssl/crypto/engine/eng_local.h | 48 +- crypto/openssl/crypto/engine/eng_openssl.c | 126 +- crypto/openssl/crypto/engine/eng_pkey.c | 20 +- crypto/openssl/crypto/engine/eng_rdrand.c | 30 +- crypto/openssl/crypto/engine/eng_table.c | 46 +- crypto/openssl/crypto/engine/tb_asnmth.c | 22 +- crypto/openssl/crypto/engine/tb_cipher.c | 10 +- crypto/openssl/crypto/engine/tb_dh.c | 10 +- crypto/openssl/crypto/engine/tb_digest.c | 10 +- crypto/openssl/crypto/engine/tb_dsa.c | 10 +- crypto/openssl/crypto/engine/tb_eckey.c | 10 +- crypto/openssl/crypto/engine/tb_pkmeth.c | 10 +- crypto/openssl/crypto/engine/tb_rand.c | 10 +- crypto/openssl/crypto/engine/tb_rsa.c | 10 +- crypto/openssl/crypto/err/err.c | 238 +- crypto/openssl/crypto/err/err_all.c | 48 +- crypto/openssl/crypto/err/err_all_legacy.c | 112 +- crypto/openssl/crypto/err/err_local.h | 15 +- crypto/openssl/crypto/err/err_prn.c | 12 +- crypto/openssl/crypto/ess/ess_asn1.c | 24 +- crypto/openssl/crypto/ess/ess_err.c | 38 +- crypto/openssl/crypto/ess/ess_lib.c | 51 +- crypto/openssl/crypto/evp/asymcipher.c | 93 +- crypto/openssl/crypto/evp/bio_b64.c | 69 +- crypto/openssl/crypto/evp/bio_enc.c | 56 +- crypto/openssl/crypto/evp/bio_md.c | 8 +- crypto/openssl/crypto/evp/bio_ok.c | 72 +- crypto/openssl/crypto/evp/c_allc.c | 8 +- crypto/openssl/crypto/evp/cmeth_lib.c | 57 +- crypto/openssl/crypto/evp/ctrl_params_translate.c | 1357 +- crypto/openssl/crypto/evp/dh_ctrl.c | 46 +- crypto/openssl/crypto/evp/dh_support.c | 15 +- crypto/openssl/crypto/evp/digest.c | 161 +- crypto/openssl/crypto/evp/dsa_ctrl.c | 18 +- crypto/openssl/crypto/evp/e_aes.c | 1624 +- crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c | 447 +- crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha256.c | 440 +- crypto/openssl/crypto/evp/e_aria.c | 358 +- crypto/openssl/crypto/evp/e_bf.c | 20 +- crypto/openssl/crypto/evp/e_camellia.c | 240 +- crypto/openssl/crypto/evp/e_cast.c | 22 +- crypto/openssl/crypto/evp/e_chacha20_poly1305.c | 268 +- crypto/openssl/crypto/evp/e_des.c | 128 +- crypto/openssl/crypto/evp/e_des3.c | 192 +- crypto/openssl/crypto/evp/e_idea.c | 34 +- crypto/openssl/crypto/evp/e_null.c | 8 +- crypto/openssl/crypto/evp/e_old.c | 16 +- crypto/openssl/crypto/evp/e_rc2.c | 53 +- crypto/openssl/crypto/evp/e_rc4.c | 22 +- crypto/openssl/crypto/evp/e_rc4_hmac_md5.c | 161 +- crypto/openssl/crypto/evp/e_rc5.c | 26 +- crypto/openssl/crypto/evp/e_seed.c | 10 +- crypto/openssl/crypto/evp/e_sm4.c | 44 +- crypto/openssl/crypto/evp/e_xcbc_d.c | 34 +- crypto/openssl/crypto/evp/ec_ctrl.c | 39 +- crypto/openssl/crypto/evp/ec_support.c | 194 +- crypto/openssl/crypto/evp/encode.c | 342 +- crypto/openssl/crypto/evp/evp_cnf.c | 7 +- crypto/openssl/crypto/evp/evp_enc.c | 265 +- crypto/openssl/crypto/evp/evp_err.c | 358 +- crypto/openssl/crypto/evp/evp_fetch.c | 175 +- crypto/openssl/crypto/evp/evp_key.c | 22 +- crypto/openssl/crypto/evp/evp_lib.c | 174 +- crypto/openssl/crypto/evp/evp_local.h | 183 +- crypto/openssl/crypto/evp/evp_pbe.c | 124 +- crypto/openssl/crypto/evp/evp_pkey.c | 40 +- crypto/openssl/crypto/evp/evp_rand.c | 115 +- crypto/openssl/crypto/evp/evp_utils.c | 70 +- crypto/openssl/crypto/evp/exchange.c | 115 +- crypto/openssl/crypto/evp/kdf_lib.c | 10 +- crypto/openssl/crypto/evp/kdf_meth.c | 27 +- crypto/openssl/crypto/evp/kem.c | 67 +- crypto/openssl/crypto/evp/keymgmt_lib.c | 72 +- crypto/openssl/crypto/evp/keymgmt_meth.c | 102 +- crypto/openssl/crypto/evp/legacy_blake2.c | 6 +- crypto/openssl/crypto/evp/legacy_md5_sha1.c | 6 +- crypto/openssl/crypto/evp/legacy_mdc2.c | 2 +- crypto/openssl/crypto/evp/legacy_meth.h | 55 +- crypto/openssl/crypto/evp/legacy_ripemd.c | 2 +- crypto/openssl/crypto/evp/legacy_sha.c | 130 +- crypto/openssl/crypto/evp/legacy_wp.c | 2 +- crypto/openssl/crypto/evp/m_sigver.c | 164 +- crypto/openssl/crypto/evp/mac_lib.c | 37 +- crypto/openssl/crypto/evp/mac_meth.c | 27 +- crypto/openssl/crypto/evp/names.c | 50 +- crypto/openssl/crypto/evp/p5_crpt.c | 24 +- crypto/openssl/crypto/evp/p5_crpt2.c | 69 +- crypto/openssl/crypto/evp/p_dec.c | 7 +- crypto/openssl/crypto/evp/p_enc.c | 7 +- crypto/openssl/crypto/evp/p_lib.c | 569 +- crypto/openssl/crypto/evp/p_open.c | 6 +- crypto/openssl/crypto/evp/p_seal.c | 13 +- crypto/openssl/crypto/evp/p_sign.c | 8 +- crypto/openssl/crypto/evp/p_verify.c | 8 +- crypto/openssl/crypto/evp/pbe_scrypt.c | 32 +- crypto/openssl/crypto/evp/pmeth_check.c | 25 +- crypto/openssl/crypto/evp/pmeth_gn.c | 61 +- crypto/openssl/crypto/evp/pmeth_lib.c | 726 +- crypto/openssl/crypto/evp/signature.c | 127 +- crypto/openssl/crypto/ex_data.c | 45 +- crypto/openssl/crypto/ffc/ffc_backend.c | 16 +- crypto/openssl/crypto/ffc/ffc_dh.c | 64 +- crypto/openssl/crypto/ffc/ffc_key_generate.c | 2 +- crypto/openssl/crypto/ffc/ffc_key_validate.c | 10 +- crypto/openssl/crypto/ffc/ffc_params.c | 62 +- crypto/openssl/crypto/ffc/ffc_params_generate.c | 186 +- crypto/openssl/crypto/ffc/ffc_params_validate.c | 46 +- crypto/openssl/crypto/getenv.c | 18 +- crypto/openssl/crypto/hmac/hmac.c | 32 +- crypto/openssl/crypto/hmac/hmac_local.h | 4 +- crypto/openssl/crypto/http/http_client.c | 330 +- crypto/openssl/crypto/http/http_err.c | 106 +- crypto/openssl/crypto/http/http_lib.c | 46 +- crypto/openssl/crypto/idea/i_cbc.c | 4 +- crypto/openssl/crypto/idea/i_cfb64.c | 7 +- crypto/openssl/crypto/idea/i_ecb.c | 2 +- crypto/openssl/crypto/idea/i_ofb64.c | 7 +- crypto/openssl/crypto/idea/idea_local.h | 179 +- crypto/openssl/crypto/info.c | 169 +- crypto/openssl/crypto/init.c | 162 +- crypto/openssl/crypto/initthread.c | 19 +- crypto/openssl/crypto/lhash/lh_stats.c | 14 +- crypto/openssl/crypto/lhash/lhash.c | 23 +- crypto/openssl/crypto/lhash/lhash_local.h | 4 +- crypto/openssl/crypto/md2/md2_dgst.c | 296 +- crypto/openssl/crypto/md4/md4_dgst.c | 16 +- crypto/openssl/crypto/md4/md4_local.h | 63 +- crypto/openssl/crypto/md4/md4_one.c | 2 +- crypto/openssl/crypto/md5/md5_dgst.c | 16 +- crypto/openssl/crypto/md5/md5_local.h | 96 +- crypto/openssl/crypto/md5/md5_one.c | 2 +- crypto/openssl/crypto/mdc2/mdc2dgst.c | 16 +- crypto/openssl/crypto/mem.c | 95 +- crypto/openssl/crypto/mem_sec.c | 131 +- crypto/openssl/crypto/mips_arch.h | 48 +- crypto/openssl/crypto/modes/asm/ghash-armv4.pl | 4 +- crypto/openssl/crypto/modes/cbc128.c | 38 +- crypto/openssl/crypto/modes/ccm128.c | 108 +- crypto/openssl/crypto/modes/cfb128.c | 64 +- crypto/openssl/crypto/modes/ctr128.c | 38 +- crypto/openssl/crypto/modes/cts128.c | 86 +- crypto/openssl/crypto/modes/gcm128.c | 638 +- crypto/openssl/crypto/modes/ocb128.c | 67 +- crypto/openssl/crypto/modes/ofb128.c | 20 +- crypto/openssl/crypto/modes/siv128.c | 61 +- crypto/openssl/crypto/modes/wrap128.c | 49 +- crypto/openssl/crypto/modes/xts128.c | 22 +- crypto/openssl/crypto/o_dir.c | 2 + crypto/openssl/crypto/o_fopen.c | 46 +- crypto/openssl/crypto/o_str.c | 90 +- crypto/openssl/crypto/o_time.c | 20 +- crypto/openssl/crypto/objects/o_names.c | 44 +- crypto/openssl/crypto/objects/obj_compat.h | 62 +- crypto/openssl/crypto/objects/obj_dat.c | 38 +- crypto/openssl/crypto/objects/obj_dat.h | 2 +- crypto/openssl/crypto/objects/obj_err.c | 10 +- crypto/openssl/crypto/objects/obj_lib.c | 6 +- crypto/openssl/crypto/ocsp/ocsp_asn.c | 90 +- crypto/openssl/crypto/ocsp/ocsp_cl.c | 42 +- crypto/openssl/crypto/ocsp/ocsp_err.c | 90 +- crypto/openssl/crypto/ocsp/ocsp_ext.c | 77 +- crypto/openssl/crypto/ocsp/ocsp_http.c | 16 +- crypto/openssl/crypto/ocsp/ocsp_lib.c | 12 +- crypto/openssl/crypto/ocsp/ocsp_local.h | 94 +- crypto/openssl/crypto/ocsp/ocsp_prn.c | 61 +- crypto/openssl/crypto/ocsp/ocsp_srv.c | 61 +- crypto/openssl/crypto/ocsp/ocsp_vfy.c | 50 +- crypto/openssl/crypto/ocsp/v3_ocsp.c | 60 +- crypto/openssl/crypto/packet.c | 48 +- crypto/openssl/crypto/param_build.c | 162 +- crypto/openssl/crypto/param_build_set.c | 20 +- crypto/openssl/crypto/params.c | 153 +- crypto/openssl/crypto/params_dup.c | 39 +- crypto/openssl/crypto/params_from_text.c | 24 +- crypto/openssl/crypto/passphrase.c | 73 +- crypto/openssl/crypto/pem/pem_all.c | 35 +- crypto/openssl/crypto/pem/pem_err.c | 90 +- crypto/openssl/crypto/pem/pem_info.c | 61 +- crypto/openssl/crypto/pem/pem_lib.c | 122 +- crypto/openssl/crypto/pem/pem_local.h | 145 +- crypto/openssl/crypto/pem/pem_oth.c | 2 +- crypto/openssl/crypto/pem/pem_pk8.c | 74 +- crypto/openssl/crypto/pem/pem_pkey.c | 115 +- crypto/openssl/crypto/pem/pem_sign.c | 6 +- crypto/openssl/crypto/pem/pvkfmt.c | 112 +- crypto/openssl/crypto/perlasm/sparcv9_modes.pl | 10 +- crypto/openssl/crypto/perlasm/x86_64-xlate.pl | 5 +- crypto/openssl/crypto/pkcs12/p12_add.c | 45 +- crypto/openssl/crypto/pkcs12/p12_asn.c | 46 +- crypto/openssl/crypto/pkcs12/p12_attr.c | 33 +- crypto/openssl/crypto/pkcs12/p12_crpt.c | 25 +- crypto/openssl/crypto/pkcs12/p12_crt.c | 86 +- crypto/openssl/crypto/pkcs12/p12_decr.c | 81 +- crypto/openssl/crypto/pkcs12/p12_init.c | 3 +- crypto/openssl/crypto/pkcs12/p12_key.c | 58 +- crypto/openssl/crypto/pkcs12/p12_kiss.c | 31 +- crypto/openssl/crypto/pkcs12/p12_local.h | 6 +- crypto/openssl/crypto/pkcs12/p12_mutl.c | 59 +- crypto/openssl/crypto/pkcs12/p12_npas.c | 20 +- crypto/openssl/crypto/pkcs12/p12_p8d.c | 11 +- crypto/openssl/crypto/pkcs12/p12_p8e.c | 31 +- crypto/openssl/crypto/pkcs12/p12_sbag.c | 97 +- crypto/openssl/crypto/pkcs12/p12_utl.c | 83 +- crypto/openssl/crypto/pkcs12/pk12err.c | 64 +- crypto/openssl/crypto/pkcs7/bio_pk7.c | 2 +- crypto/openssl/crypto/pkcs7/pk7_asn1.c | 125 +- crypto/openssl/crypto/pkcs7/pk7_attr.c | 16 +- crypto/openssl/crypto/pkcs7/pk7_doit.c | 121 +- crypto/openssl/crypto/pkcs7/pk7_lib.c | 60 +- crypto/openssl/crypto/pkcs7/pk7_mime.c | 12 +- crypto/openssl/crypto/pkcs7/pk7_smime.c | 59 +- crypto/openssl/crypto/pkcs7/pkcs7err.c | 138 +- crypto/openssl/crypto/poly1305/poly1305.c | 102 +- crypto/openssl/crypto/poly1305/poly1305_base2_44.c | 29 +- crypto/openssl/crypto/poly1305/poly1305_ieee754.c | 279 +- crypto/openssl/crypto/poly1305/poly1305_ppc.c | 24 +- crypto/openssl/crypto/ppccap.c | 110 +- crypto/openssl/crypto/property/defn_cache.c | 19 +- crypto/openssl/crypto/property/property.c | 80 +- crypto/openssl/crypto/property/property_err.c | 36 +- crypto/openssl/crypto/property/property_local.h | 18 +- crypto/openssl/crypto/property/property_parse.c | 139 +- crypto/openssl/crypto/property/property_query.c | 22 +- crypto/openssl/crypto/property/property_string.c | 37 +- crypto/openssl/crypto/provider.c | 24 +- crypto/openssl/crypto/provider_child.c | 55 +- crypto/openssl/crypto/provider_conf.c | 56 +- crypto/openssl/crypto/provider_core.c | 267 +- crypto/openssl/crypto/provider_local.h | 8 +- crypto/openssl/crypto/provider_predefined.c | 4 +- crypto/openssl/crypto/punycode.c | 27 +- crypto/openssl/crypto/rand/prov_seed.c | 18 +- crypto/openssl/crypto/rand/rand_deprecated.c | 8 +- crypto/openssl/crypto/rand/rand_egd.c | 103 +- crypto/openssl/crypto/rand/rand_err.c | 156 +- crypto/openssl/crypto/rand/rand_lib.c | 182 +- crypto/openssl/crypto/rand/rand_local.h | 30 +- crypto/openssl/crypto/rand/rand_meth.c | 2 +- crypto/openssl/crypto/rand/rand_pool.c | 15 +- crypto/openssl/crypto/rand/randfile.c | 97 +- crypto/openssl/crypto/rc2/rc2_cbc.c | 30 +- crypto/openssl/crypto/rc2/rc2_ecb.c | 2 +- crypto/openssl/crypto/rc2/rc2_local.h | 250 +- crypto/openssl/crypto/rc2/rc2_skey.c | 284 +- crypto/openssl/crypto/rc2/rc2cfb64.c | 8 +- crypto/openssl/crypto/rc2/rc2ofb64.c | 8 +- crypto/openssl/crypto/rc4/rc4_enc.c | 16 +- crypto/openssl/crypto/rc4/rc4_local.h | 6 +- crypto/openssl/crypto/rc4/rc4_skey.c | 15 +- crypto/openssl/crypto/rc5/rc5_ecb.c | 2 +- crypto/openssl/crypto/rc5/rc5_enc.c | 4 +- crypto/openssl/crypto/rc5/rc5_local.h | 330 +- crypto/openssl/crypto/rc5/rc5_skey.c | 5 +- crypto/openssl/crypto/rc5/rc5cfb64.c | 8 +- crypto/openssl/crypto/rc5/rc5ofb64.c | 8 +- crypto/openssl/crypto/ripemd/rmd_dgst.c | 19 +- crypto/openssl/crypto/ripemd/rmd_local.h | 112 +- crypto/openssl/crypto/ripemd/rmdconst.h | 360 +- crypto/openssl/crypto/rsa/rsa_acvp_test_params.c | 29 +- crypto/openssl/crypto/rsa/rsa_ameth.c | 274 +- crypto/openssl/crypto/rsa/rsa_asn1.c | 51 +- crypto/openssl/crypto/rsa/rsa_backend.c | 119 +- crypto/openssl/crypto/rsa/rsa_chk.c | 12 +- crypto/openssl/crypto/rsa/rsa_crpt.c | 18 +- crypto/openssl/crypto/rsa/rsa_depr.c | 4 +- crypto/openssl/crypto/rsa/rsa_err.c | 274 +- crypto/openssl/crypto/rsa/rsa_gen.c | 45 +- crypto/openssl/crypto/rsa/rsa_lib.c | 159 +- crypto/openssl/crypto/rsa/rsa_local.h | 72 +- crypto/openssl/crypto/rsa/rsa_meth.c | 132 +- crypto/openssl/crypto/rsa/rsa_mp.c | 4 +- crypto/openssl/crypto/rsa/rsa_none.c | 4 +- crypto/openssl/crypto/rsa/rsa_oaep.c | 52 +- crypto/openssl/crypto/rsa/rsa_ossl.c | 126 +- crypto/openssl/crypto/rsa/rsa_pk1.c | 72 +- crypto/openssl/crypto/rsa/rsa_pmeth.c | 104 +- crypto/openssl/crypto/rsa/rsa_pss.c | 64 +- crypto/openssl/crypto/rsa/rsa_saos.c | 17 +- crypto/openssl/crypto/rsa/rsa_schemes.c | 22 +- crypto/openssl/crypto/rsa/rsa_sign.c | 243 +- crypto/openssl/crypto/rsa/rsa_sp800_56b_check.c | 121 +- crypto/openssl/crypto/rsa/rsa_sp800_56b_gen.c | 24 +- crypto/openssl/crypto/rsa/rsa_x931.c | 5 +- crypto/openssl/crypto/rsa/rsa_x931g.c | 32 +- crypto/openssl/crypto/s390x_arch.h | 178 +- crypto/openssl/crypto/s390xcap.c | 704 +- crypto/openssl/crypto/s390xcpuid.pl | 8 +- crypto/openssl/crypto/seed/seed.c | 752 +- crypto/openssl/crypto/seed/seed_cbc.c | 8 +- crypto/openssl/crypto/seed/seed_cfb.c | 8 +- crypto/openssl/crypto/seed/seed_ecb.c | 2 +- crypto/openssl/crypto/seed/seed_local.h | 123 +- crypto/openssl/crypto/seed/seed_ofb.c | 6 +- crypto/openssl/crypto/self_test_core.c | 32 +- crypto/openssl/crypto/sha/asm/keccak1600-s390x.pl | 3 +- crypto/openssl/crypto/sha/keccak1600.c | 271 +- crypto/openssl/crypto/sha/sha256.c | 120 +- crypto/openssl/crypto/sha/sha3.c | 2 +- crypto/openssl/crypto/sha/sha512.c | 219 +- crypto/openssl/crypto/sha/sha_local.h | 251 +- crypto/openssl/crypto/sha/sha_ppc.c | 6 +- crypto/openssl/crypto/siphash/siphash.c | 61 +- crypto/openssl/crypto/sm2/sm2_crypt.c | 80 +- crypto/openssl/crypto/sm2/sm2_err.c | 42 +- crypto/openssl/crypto/sm2/sm2_key.c | 8 +- crypto/openssl/crypto/sm2/sm2_sign.c | 142 +- crypto/openssl/crypto/sm3/legacy_sm3.c | 3 +- crypto/openssl/crypto/sm3/sm3.c | 6 +- crypto/openssl/crypto/sm3/sm3_local.h | 90 +- crypto/openssl/crypto/sm4/sm4.c | 42 +- crypto/openssl/crypto/sparcv9cap.c | 85 +- crypto/openssl/crypto/sparse_array.c | 28 +- crypto/openssl/crypto/srp/srp_lib.c | 71 +- crypto/openssl/crypto/srp/srp_vfy.c | 117 +- crypto/openssl/crypto/stack/stack.c | 25 +- crypto/openssl/crypto/store/store_err.c | 92 +- crypto/openssl/crypto/store/store_lib.c | 217 +- crypto/openssl/crypto/store/store_local.h | 24 +- crypto/openssl/crypto/store/store_meth.c | 74 +- crypto/openssl/crypto/store/store_register.c | 52 +- crypto/openssl/crypto/store/store_result.c | 114 +- crypto/openssl/crypto/store/store_strings.c | 12 +- crypto/openssl/crypto/threads_none.c | 25 +- crypto/openssl/crypto/threads_pthread.c | 94 +- crypto/openssl/crypto/threads_win.c | 56 +- crypto/openssl/crypto/trace.c | 131 +- crypto/openssl/crypto/ts/ts_asn1.c | 64 +- crypto/openssl/crypto/ts/ts_conf.c | 108 +- crypto/openssl/crypto/ts/ts_err.c | 122 +- crypto/openssl/crypto/ts/ts_lib.c | 4 +- crypto/openssl/crypto/ts/ts_local.h | 18 +- crypto/openssl/crypto/ts/ts_req_print.c | 2 +- crypto/openssl/crypto/ts/ts_rsp_print.c | 41 +- crypto/openssl/crypto/ts/ts_rsp_sign.c | 172 +- crypto/openssl/crypto/ts/ts_rsp_verify.c | 104 +- crypto/openssl/crypto/ts/ts_verify_ctx.c | 6 +- crypto/openssl/crypto/txt_db/txt_db.c | 22 +- crypto/openssl/crypto/ui/ui_err.c | 36 +- crypto/openssl/crypto/ui/ui_lib.c | 260 +- crypto/openssl/crypto/ui/ui_local.h | 56 +- crypto/openssl/crypto/ui/ui_null.c | 10 +- crypto/openssl/crypto/ui/ui_openssl.c | 536 +- crypto/openssl/crypto/ui/ui_util.c | 65 +- crypto/openssl/crypto/uid.c | 34 +- crypto/openssl/crypto/vms_rms.h | 86 +- crypto/openssl/crypto/whrlpool/wp_block.c | 811 +- crypto/openssl/crypto/whrlpool/wp_dgst.c | 20 +- crypto/openssl/crypto/x509/by_dir.c | 76 +- crypto/openssl/crypto/x509/by_file.c | 66 +- crypto/openssl/crypto/x509/by_store.c | 175 +- crypto/openssl/crypto/x509/pcy_cache.c | 24 +- crypto/openssl/crypto/x509/pcy_data.c | 2 +- crypto/openssl/crypto/x509/pcy_lib.c | 19 +- crypto/openssl/crypto/x509/pcy_local.h | 34 +- crypto/openssl/crypto/x509/pcy_map.c | 10 +- crypto/openssl/crypto/x509/pcy_node.c | 28 +- crypto/openssl/crypto/x509/pcy_tree.c | 107 +- crypto/openssl/crypto/x509/standard_exts.h | 5 - crypto/openssl/crypto/x509/t_crl.c | 7 +- crypto/openssl/crypto/x509/t_req.c | 24 +- crypto/openssl/crypto/x509/t_x509.c | 75 +- crypto/openssl/crypto/x509/v3_addr.c | 306 +- crypto/openssl/crypto/x509/v3_admis.c | 52 +- crypto/openssl/crypto/x509/v3_admis.h | 28 +- crypto/openssl/crypto/x509/v3_akeya.c | 6 +- crypto/openssl/crypto/x509/v3_akid.c | 30 +- crypto/openssl/crypto/x509/v3_asid.c | 213 +- crypto/openssl/crypto/x509/v3_bcons.c | 28 +- crypto/openssl/crypto/x509/v3_bitst.c | 54 +- crypto/openssl/crypto/x509/v3_conf.c | 77 +- crypto/openssl/crypto/x509/v3_cpols.c | 93 +- crypto/openssl/crypto/x509/v3_crld.c | 135 +- crypto/openssl/crypto/x509/v3_enum.c | 30 +- crypto/openssl/crypto/x509/v3_extku.c | 23 +- crypto/openssl/crypto/x509/v3_genn.c | 45 +- crypto/openssl/crypto/x509/v3_ia5.c | 6 +- crypto/openssl/crypto/x509/v3_info.c | 47 +- crypto/openssl/crypto/x509/v3_int.c | 2 +- crypto/openssl/crypto/x509/v3_ist.c | 37 +- crypto/openssl/crypto/x509/v3_lib.c | 29 +- crypto/openssl/crypto/x509/v3_ncons.c | 98 +- crypto/openssl/crypto/x509/v3_pci.c | 65 +- crypto/openssl/crypto/x509/v3_pcia.c | 14 +- crypto/openssl/crypto/x509/v3_pcons.c | 30 +- crypto/openssl/crypto/x509/v3_pku.c | 12 +- crypto/openssl/crypto/x509/v3_pmaps.c | 27 +- crypto/openssl/crypto/x509/v3_prn.c | 29 +- crypto/openssl/crypto/x509/v3_purp.c | 136 +- crypto/openssl/crypto/x509/v3_san.c | 229 +- crypto/openssl/crypto/x509/v3_skid.c | 15 +- crypto/openssl/crypto/x509/v3_sxnet.c | 28 +- crypto/openssl/crypto/x509/v3_tlsf.c | 29 +- crypto/openssl/crypto/x509/v3_utf8.c | 11 +- crypto/openssl/crypto/x509/v3_utl.c | 166 +- crypto/openssl/crypto/x509/v3err.c | 236 +- crypto/openssl/crypto/x509/x509_att.c | 93 +- crypto/openssl/crypto/x509/x509_cmp.c | 48 +- crypto/openssl/crypto/x509/x509_d2.c | 15 +- crypto/openssl/crypto/x509/x509_err.c | 134 +- crypto/openssl/crypto/x509/x509_ext.c | 35 +- crypto/openssl/crypto/x509/x509_local.h | 118 +- crypto/openssl/crypto/x509/x509_lu.c | 98 +- crypto/openssl/crypto/x509/x509_meth.c | 27 +- crypto/openssl/crypto/x509/x509_obj.c | 19 +- crypto/openssl/crypto/x509/x509_r2x.c | 9 +- crypto/openssl/crypto/x509/x509_req.c | 32 +- crypto/openssl/crypto/x509/x509_set.c | 14 +- crypto/openssl/crypto/x509/x509_trust.c | 56 +- crypto/openssl/crypto/x509/x509_txt.c | 3 +- crypto/openssl/crypto/x509/x509_v3.c | 22 +- crypto/openssl/crypto/x509/x509_vfy.c | 355 +- crypto/openssl/crypto/x509/x509_vpm.c | 157 +- crypto/openssl/crypto/x509/x509cset.c | 2 +- crypto/openssl/crypto/x509/x509name.c | 54 +- crypto/openssl/crypto/x509/x509type.c | 2 +- crypto/openssl/crypto/x509/x_all.c | 144 +- crypto/openssl/crypto/x509/x_attrib.c | 6 +- crypto/openssl/crypto/x509/x_crl.c | 109 +- crypto/openssl/crypto/x509/x_exten.c | 9 +- crypto/openssl/crypto/x509/x_name.c | 127 +- crypto/openssl/crypto/x509/x_pubkey.c | 147 +- crypto/openssl/crypto/x509/x_req.c | 84 +- crypto/openssl/crypto/x509/x_x509.c | 64 +- crypto/openssl/crypto/x509/x_x509a.c | 14 +- crypto/openssl/demos/bio/client-arg.c | 2 +- crypto/openssl/demos/bio/client-conf.c | 4 +- crypto/openssl/demos/bio/saccept.c | 13 +- crypto/openssl/demos/bio/sconnect.c | 11 +- crypto/openssl/demos/bio/server-arg.c | 13 +- crypto/openssl/demos/bio/server-cmod.c | 11 +- crypto/openssl/demos/bio/server-conf.c | 13 +- crypto/openssl/demos/cipher/aesccm.c | 13 +- crypto/openssl/demos/cipher/aesgcm.c | 10 +- crypto/openssl/demos/cipher/aeskeywrap.c | 99 +- crypto/openssl/demos/cipher/ariacbc.c | 20 +- crypto/openssl/demos/cms/cms_comp.c | 2 +- crypto/openssl/demos/cms/cms_ddec.c | 6 +- crypto/openssl/demos/cms/cms_dec.c | 2 +- crypto/openssl/demos/cms/cms_denc.c | 6 +- crypto/openssl/demos/cms/cms_enc.c | 2 +- crypto/openssl/demos/cms/cms_sign.c | 2 +- crypto/openssl/demos/cms/cms_sign2.c | 2 +- crypto/openssl/demos/cms/cms_uncomp.c | 2 +- crypto/openssl/demos/cms/cms_ver.c | 2 +- crypto/openssl/demos/digest/BIO_f_md.c | 28 +- crypto/openssl/demos/digest/EVP_MD_demo.c | 159 +- crypto/openssl/demos/digest/EVP_MD_stdin.c | 12 +- crypto/openssl/demos/digest/EVP_MD_xof.c | 6 +- crypto/openssl/demos/encode/ec_encode.c | 14 +- crypto/openssl/demos/encode/rsa_encode.c | 14 +- crypto/openssl/demos/kdf/hkdf.c | 8 +- crypto/openssl/demos/kdf/pbkdf2.c | 8 +- crypto/openssl/demos/kdf/scrypt.c | 4 +- crypto/openssl/demos/keyexch/x25519.c | 45 +- crypto/openssl/demos/mac/cmac-aes256.c | 92 +- crypto/openssl/demos/mac/gmac.c | 10 +- crypto/openssl/demos/mac/hmac-sha512.c | 182 +- crypto/openssl/demos/mac/poly1305.c | 2 +- crypto/openssl/demos/pkcs12/pkread.c | 4 +- crypto/openssl/demos/pkey/EVP_PKEY_DSA_keygen.c | 4 +- .../demos/pkey/EVP_PKEY_DSA_paramfromdata.c | 6 +- *** 497064 LINES SKIPPED *** From nobody Tue Jun 9 19:19:05 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxk03LYz6gVCH for ; Tue, 09 Jun 2026 19:19:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxj4gj0z3PJs for ; Tue, 09 Jun 2026 19:19:05 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032745; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=f5lqb6jPM051GfPfmV1878UQsFCuXbTvJgaHLDVFvKU=; b=u0uDh1Kxcd65UtbV7aU+Uo6fIDsDL/3TbKhSojDPAepuvxOA5bOZea7HK94GEzOUTrhmjJ fnuOm3ODwB3+6EL4f6t2dBIwJB/UhZD1adtEWWb8FGSLuJYPR8QNZF5Vc/EFxt/0x+Jrqi 80VBxw+x68+adFw+cCTwXSlDrOxhicTiI01oPJJhlcjWgJr8RkEJV69GHzlQBVY0cw7MTP tpEtbxEBznfMh4b+jO9Vom9AGiiwQDmz3bWs0ZyPoMtaivd/nyBmPOTs5vJEepy1Uj4Hot uGfoxmEMs7aKv2rbA9x5suyemsJ/1fHkbssysdaH99hJVm9KkonXB5kdc8PU0g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032745; a=rsa-sha256; cv=none; b=ZpfQnFzpOjLvdMNaw3Y0qLtG8fPpUb9Js/26yKAqVJWGjnvMOfYU9pSg+RtxeMKhMGAEpC l/EhAvQdm0dZvdd5Fg9UJCx9DNm7JSpBuC7aD+U5pYd+zXglhyvmkX8pUcxtHJ+UEQvfby YpLl+j91f44d1d0NWyXMqPiZUiEMT0VAFPAJkHpPTYNbA21hILCFCR6rLL4hZeYFiCen63 o892WYkZSs3sIBYhV8PeDv7GS3yzKs1kaYhBXZUxqMgta/Jl7V6kDj2Z9VWg1sYezaKnhq rnCfadQzh0bOMHqoTGtgmOx3+38ojL+tbSdE+ISGE+cqGtxS440WZ4iZ9bXOgQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032745; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=f5lqb6jPM051GfPfmV1878UQsFCuXbTvJgaHLDVFvKU=; b=TGsfuzOLwkSGZs2vGoSRAgPUekQRJ/QWOvpMhSEfGsbvTpLPkSe/0LSjOBXD0vLDLh3alu MugR13RpABTiCTsCbg6ekaKDa68kY7g+GZ2w5iks+B9+j6HVlSy7fxDNZ4v2S9u53UekHq UdeWwZTHVXGyDSywOf3d8Yv/vyErVgdpC+Q4A8/0LqLeJAD9tdBLrzSi1GsqQJu2D/et/+ jplStsIx2RtyxyTEzGIK5ue2pjBXJwwoKE7WSbtBUgtsq/uHKgISwgrAiEzr7mCauO3DaA ACw2ctnOl8ydsJTqBTUjMHuJn0CYYguNEZKQEmksZ6UMg6ePMPxsko/0P3u3Vg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxj4FKKzp1Q for ; Tue, 09 Jun 2026 19:19:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ebbf by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:05 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: John Baldwin From: Mark Johnston Subject: git: d43259dd66b3 - releng/14.4 - ktls: Don't attempt to modify non-anonymous mbufs on the receive path List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: d43259dd66b3b88cde5a833fe2b11b5a353abca0 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:05 +0000 Message-Id: <6a286729.3ebbf.7f7c59b2@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=d43259dd66b3b88cde5a833fe2b11b5a353abca0 commit d43259dd66b3b88cde5a833fe2b11b5a353abca0 Author: John Baldwin AuthorDate: 2026-06-03 23:22:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 15:53:44 +0000 ktls: Don't attempt to modify non-anonymous mbufs on the receive path Normally, data processed on the KTLS receive path is contained in anonymous mbufs that can be modified in place. Either the data originates in receive buffers from a NIC driver, or for loopback connections the data is anonymous-backed mbufs created when writing to a socket. One potential source of non-anonymous mbufs are mbufs created by sendfile(2) which borrow the pages of the underlying file, either via M_EXTPG or EXT_SFBUF that are sent over a loopback connection. For a well-formed loopback TLS session, the sender should only use sendfile(2) if KTLS is enabled. If TLS is fully handled in userspace, the sender must use write(2) or send(2) which allocate anonymous mbufs. If KTLS transmit is enabled, then sendfile(2) on a loopback connection will always use crypto via OCF and will allocate anonymous pages to hold the encrypted data. However, if sendfile(2) is used to send file-backed data directly over a loopback connection where KTLS is not enabled on the sender side, the KTLS receive path can modify the file-backed pages in place overwriting the file's data. One potential fix would be to replace non-anonymous mbufs in a received TLS record with anonymous mbufs (e.g. via m_dup()) before passing the record to OCF. However, there is no legitimate use case for using sendfile(2) over a loopback TLS connection without using KTLS on the sender side, so instead simply fail decryption requests and close the connection if non-anonymous mbufs are encountered in the RX decryption path. Add a test for this that verifies that the original data backing the file descriptor used as the source for sendfile() is unchanged after being processed. Approved by: so Security: FreeBSD-SA-26:26.ktls Security: CVE-2026-45257 Co-authored-by: Drew Gallatin Sponsored by: Chelsio Communications Sponsored by: Netflix --- sys/kern/uipc_ktls.c | 17 +++++++-- sys/sys/ktls.h | 1 + tests/sys/kern/ktls_test.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 108 insertions(+), 3 deletions(-) diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c index 64150086658a..dc370d033a7a 100644 --- a/sys/kern/uipc_ktls.c +++ b/sys/kern/uipc_ktls.c @@ -2337,8 +2337,10 @@ tls13_find_record_type(struct ktls_session *tls, struct mbuf *m, int tls_len, * Check if a mbuf chain is fully decrypted at the given offset and * length. Returns KTLS_MBUF_CRYPTO_ST_DECRYPTED if all data is * decrypted. KTLS_MBUF_CRYPTO_ST_MIXED if there is a mix of encrypted - * and decrypted data. Else KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data - * is encrypted. + * and decrypted data. KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data is + * encrypted. KTLS_MBUF_CRYPTO_ST_SHAREDMBUF if any mbuf points at + * shared data that must not be modified in place (non-anonymous + * M_EXTPG or sendfile M_EXT buffers). */ ktls_mbuf_crypto_st_t ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) @@ -2354,6 +2356,13 @@ ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) offset += len; for (; mb != NULL; mb = mb->m_next) { + if ((mb->m_flags & M_EXTPG) != 0 && + (mb->m_epg_flags & EPG_FLAG_ANON) == 0) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + if ((mb->m_flags & M_EXT) != 0 && + mb->m_ext.ext_type == EXT_SFBUF) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + m_flags_ored |= mb->m_flags; m_flags_anded &= mb->m_flags; @@ -2554,9 +2563,11 @@ ktls_decrypt(struct socket *so) record_type = hdr->tls_type; } break; - default: + case KTLS_MBUF_CRYPTO_ST_SHAREDMBUF: error = EINVAL; break; + default: + __assert_unreachable(); } if (error) { counter_u64_add(ktls_offload_failed_crypto, 1); diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h index 693864394ffe..0fdf4c4ceac7 100644 --- a/sys/sys/ktls.h +++ b/sys/sys/ktls.h @@ -210,6 +210,7 @@ typedef enum { KTLS_MBUF_CRYPTO_ST_MIXED = 0, KTLS_MBUF_CRYPTO_ST_ENCRYPTED = 1, KTLS_MBUF_CRYPTO_ST_DECRYPTED = -1, + KTLS_MBUF_CRYPTO_ST_SHAREDMBUF = -2, } ktls_mbuf_crypto_st_t; void ktls_check_rx(struct sockbuf *sb); diff --git a/tests/sys/kern/ktls_test.c b/tests/sys/kern/ktls_test.c index 72497196b945..3970083e7f72 100644 --- a/tests/sys/kern/ktls_test.c +++ b/tests/sys/kern/ktls_test.c @@ -30,6 +30,7 @@ #include #include #include +#include #include #include #include @@ -2817,6 +2818,97 @@ ATF_TC_BODY(ktls_listening_socket, tc) ATF_REQUIRE(close(s) == 0); } +/* + * Verify that the KTLS receive path does not overwrite data belonging + * to a file whose payload is transmitted over a loopback connection + * via plain sendfile. + */ +ATF_TC_WITHOUT_HEAD(ktls_receive_loopback_sendfile); +ATF_TC_BODY(ktls_receive_loopback_sendfile, tc) +{ + struct tls_enable en; + struct msghdr msg; + struct sf_hdtr hdtr; + struct iovec iov[2]; + uint64_t seqno; + off_t sbytes; + char cbuf[CMSG_SPACE(sizeof(struct tls_get_record))]; + char *plaintext, *ciphertext, *outbuf; + void *p; + const size_t payload_len = PAGE_SIZE; + ssize_t rv; + size_t len; + int mode, shm, sockets[2]; + socklen_t slen; + + ATF_REQUIRE_KTLS(); + seqno = random(); + build_tls_enable(tc, CRYPTO_AES_NIST_GCM_16, 128 / 8, 0, + TLS_MINOR_VER_TWO, seqno, &en); + + len = tls_header_len(&en) + payload_len + tls_trailer_len(&en); + plaintext = alloc_buffer(payload_len); + ciphertext = malloc(len); + ATF_REQUIRE_INTEQ(len, encrypt_tls_record(tc, &en, TLS_RLTYPE_APP, + seqno, plaintext, payload_len, ciphertext, len, 0)); + + ATF_REQUIRE((shm = shm_open(SHM_ANON, O_RDWR, 0600)) > 0); + ATF_REQUIRE_INTEQ(0, ftruncate(shm, payload_len)); + ATF_REQUIRE((p = mmap(NULL, payload_len, PROT_READ | PROT_WRITE, + MAP_SHARED, shm, 0)) != MAP_FAILED); + memcpy(p, ciphertext + tls_header_len(&en), payload_len); + + ATF_REQUIRE_MSG(socketpair_tcp(sockets), "failed to create sockets"); + ATF_REQUIRE(setsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_ENABLE, &en, + sizeof(en)) == 0); + slen = sizeof(mode); + ATF_REQUIRE_INTEQ(0, getsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_MODE, + &mode, &slen)); + ATF_REQUIRE_INTEQ(TCP_TLS_MODE_SW, mode); + + fd_set_blocking(sockets[0]); + fd_set_blocking(sockets[1]); + + iov[0].iov_base = ciphertext; + iov[0].iov_len = tls_header_len(&en); + iov[1].iov_base = ciphertext + tls_header_len(&en) + payload_len; + iov[1].iov_len = tls_trailer_len(&en); + hdtr.headers = iov; + hdtr.hdr_cnt = 1; + hdtr.trailers = iov + 1; + hdtr.trl_cnt = 1; + debug_hexdump(tc, p, payload_len, "shm buffer before"); + ATF_REQUIRE_INTEQ(0, sendfile(shm, sockets[1], 0, payload_len, &hdtr, + &sbytes, 0)); + ATF_REQUIRE_INTEQ(sbytes, len); + + outbuf = calloc(payload_len, 1); + + memset(&msg, 0, sizeof(msg)); + + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); + + iov[0].iov_base = outbuf; + iov[0].iov_len = payload_len; + msg.msg_iov = iov; + msg.msg_iovlen = 1; + + rv = recvmsg(sockets[0], &msg, 0); + if (rv >= 0) { + ATF_REQUIRE_INTEQ(payload_len, rv); + ATF_REQUIRE_INTEQ(0, memcmp(outbuf, plaintext, payload_len)); + } else + ATF_REQUIRE_ERRNO(EBADMSG, true); + + debug_hexdump(tc, p, payload_len, "shm buffer after"); + ATF_REQUIRE_INTEQ(0, memcmp(p, ciphertext + tls_header_len(&en), + payload_len)); + + close_sockets_ignore_errors(sockets); + (void)close(shm); +} + ATF_TP_ADD_TCS(tp) { /* Transmit tests */ @@ -2843,6 +2935,7 @@ ATF_TP_ADD_TCS(tp) /* Miscellaneous */ ATF_TP_ADD_TC(tp, ktls_sendto_baddst); ATF_TP_ADD_TC(tp, ktls_listening_socket); + ATF_TP_ADD_TC(tp, ktls_receive_loopback_sendfile); return (atf_no_error()); } From nobody Tue Jun 9 19:19:06 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxl32syz6gVLP for ; Tue, 09 Jun 2026 19:19:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxk5Y45z3PVJ for ; Tue, 09 Jun 2026 19:19:06 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032746; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CjGzW5K9mgxqm0Zt9EAnE/n1WUawdgtW2qeL1gAw9mc=; b=aTbJgBnrmOXVPSrMPehZaTsVZxV4PlW5xjSP/8n5+JlWHmAniHW8EPT3NUMTGsL4xSzGsa yV+/VzSLIw5Kkn9aAB/WNu7hbTd4TOztVcJXCb5thOJwcifxmSc8CP/qO3Rvdm5PfUuxYY 2kOad7bEYoq1ISnptr6Hij7SRUHb6Nheq5Ln5SZvEspEgsnobP/4jzn58tXfRngQq5lb2r MWAz8mrG6AGUG1v0lI5Qy8j+PAJd3xbt4wNIW3v/rU96CTFA7z8TB4u4XulGSE2Ki+awwk VwndFws5kSG4cMTZ5rIqMSLzam7yTVGoBOlSERHZBVMyCKyFVpKjkbNbd4wZZA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032746; a=rsa-sha256; cv=none; b=drgcqE9BbviZ5umfB3+HDo5FtQDkr7RJTOkFo88kB6IxulzBhV5hetl74dRKUUj8R0hnPb wCStetFyFdbN/hKwhX5S4srCqVHSwPohGCkyM6Q56Ph5dzRfBdXRDiiHTGt5WKpOnZIFzi QJisTQDB4MpGAUcUoiGhIk+3W1Rra3m1tUecegVgM1Y0PgDe2Q00x93AovnwUndH5Vl6Ai Q+BfiHxmYNu3fyjao/KnK1SX1zYHBOdWttoXPm6AbiD0yLl9cbAq1LzthW2/3Tc69RJHbg c8xvMjmS26k/hac8CKmEY+fyAKY/yLtiOoiYOyA9hsOmEKGv3ZS/xrDfltvLZQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032746; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CjGzW5K9mgxqm0Zt9EAnE/n1WUawdgtW2qeL1gAw9mc=; b=RXsHnlAmAJ8QVITMl39NYSfvRDjes9XZvsUIgebcY2NKrnkofek8J9WpT9Ryp3aMAPdG7M jKYJS3Rd8AaN/1p8uUPh6q7DEkU+a8dgK6uiX5OcytIsPSNe1IxIw9QWs+XNnUAMeemIbi L9OafurG6K69g40VgnNK1wQ2H61b1sGCOGg2j3QgELTuFCj3BG9nIyIp+lLkdSGr/qcJ6m KFFKqatwNbDTAQnnXiqXU+C+FaSgyyfcVR3JGqPFVZUK/yrM5QWgzjut8dBjnE0gK//kCt dH4s//tKIrJEbx//zdpO4UwPtetDGNCK5TEV8F13lVwQi3HbitCUuJJ+cFeBaA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxk52RmznCb for ; Tue, 09 Jun 2026 19:19:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ebc4 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:06 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Christos Margiolis From: Mark Johnston Subject: git: b9128fe1951c - releng/14.4 - sound: Check for offset overflow in dsp_mmap_single() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: b9128fe1951c2af3845411dcfe4e2ea0bbf7384c Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:06 +0000 Message-Id: <6a28672a.3ebc4.43e256ab@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=b9128fe1951c2af3845411dcfe4e2ea0bbf7384c commit b9128fe1951c2af3845411dcfe4e2ea0bbf7384c Author: Christos Margiolis AuthorDate: 2026-05-27 15:50:33 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 13:21:14 +0000 sound: Check for offset overflow in dsp_mmap_single() Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-45258 Reviewed by: markj Sponsored by: The FreeBSD Foundation --- sys/dev/sound/pcm/dsp.c | 3 +++ tests/sys/sound/Makefile | 1 + tests/sys/sound/mmap.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 55 insertions(+) diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index fe5576baf017..72bde9c1066f 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -1953,6 +1953,9 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, struct pcm_channel *wrch, *rdch, *c; int err; + if (*offset >= *offset + size) + return (EINVAL); + /* * Reject PROT_EXEC by default. It just doesn't makes sense. * Unfortunately, we have to give up this one due to linux_mmap diff --git a/tests/sys/sound/Makefile b/tests/sys/sound/Makefile index 74a0765a0540..ce156ae8c4cf 100644 --- a/tests/sys/sound/Makefile +++ b/tests/sys/sound/Makefile @@ -2,6 +2,7 @@ PACKAGE= tests TESTSDIR= ${TESTSBASE}/sys/sound +ATF_TESTS_C+= mmap ATF_TESTS_C+= pcm_read_write ATF_TESTS_C+= sndstat diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c new file mode 100644 index 000000000000..ab203a39194c --- /dev/null +++ b/tests/sys/sound/mmap.c @@ -0,0 +1,51 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2026 The FreeBSD Foundation + */ + +#include +#include + +#include +#include +#include +#include + +#define FMT_ERR(s) s ": %s", strerror(errno) + +ATF_TC(mmap_offset_overflow); +ATF_TC_HEAD(mmap_offset_overflow, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap offset overflow test"); + atf_tc_set_md_var(tc, "require.kmods", "snd_dummy"); +} + +ATF_TC_BODY(mmap_offset_overflow, tc) +{ + uint8_t *buf; + off_t off; + size_t len; + int fd; + + fd = open("/dev/dsp0", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + /* off + len will overflow and wrap back to 0. */ + off = 0xfffffffffffff000; + len = 0x1000; + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, off); + ATF_REQUIRE_MSG(buf == MAP_FAILED, FMT_ERR("mmap")); + + munmap(buf, len); + + close(fd); +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, mmap_offset_overflow); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:19:07 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxm1YWrz6gVTY for ; Tue, 09 Jun 2026 19:19:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxl64KLz3PKL for ; Tue, 09 Jun 2026 19:19:07 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032747; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9xrjMpke3SWdY61aKvkSaa3s5X+JTnyPTMGRQchlp6E=; b=baaYyCcLoRF/rFH4/TAQb3bUMAiNcr6VADvhkjNUOXSVQojeeXQKiVlQ0FpBXVnMZz+I1i v48LApXbIMHGqdUAtadu11Vd2K1KeG6Xn3hX8qeuArKlL6kF59cNaHwfmN+bXiSXlHtHBo LvEA4aZEmEtL6rx99/J7hbA7K3QMG7xyPtHbTDnDGqnm38ifuhx1oJ/SjZwp5TNL8WpvFq JNHII6/pGr/F+iOZ2ylFAUPTfodVYP9Ql9xis/3hO4uMGxWBOePe2CUzwQtuD2LaJ2IVzi WmYtc491VVO6ydLQsQ2JxlNlEV5X41dEk11kmu/SIuplQbnwIJrpN3P4myhYHQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032747; a=rsa-sha256; cv=none; b=BZj+t/FTkwBAy+8vdb5aOwpnpPusne58XlBODeKRSfl4ooq24WWTLQyck8Ly4rn451vQ04 c7ZLXmxyUTFEe9zud5z1UfuaJmf6zXmIhUw4vA+JZUhVzRSnMxFILVnSSfu2mdZvs4+t4C 4bUTdUPZTLDv8lnpI+YhSGYrVwUfs1AIpwGkVCRb0AveqzmEFEFAtxRGG4R9xAGFXZSzNl LZHfYFKUSs8KtnbAtXB9ci0G8nIQU9aTt0ooWxMdxlTZPfEBo/x2FKwFZnbwz0kmOmlesD m3Dk/LppOFtLCz7jxnQ2Be4Tje9PmPn6C39xRzEO/hOpfhfqHLK1FMu0UQKqmw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032747; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9xrjMpke3SWdY61aKvkSaa3s5X+JTnyPTMGRQchlp6E=; b=jBExgbcNcquKDaZ1P/IlOFXikhClA4aEN/lXMgxgxlRT9bNt4lJ4AFDj2z7L5KzbB6Nb6p 1wpKNFiCRYp+IKmdp1LfUE/7GZpj5u+lzM2dQvGPex4XPVVQhUQsZIJz8ZFrMzu5xVBO7A bs1vQbkEGEOO2ftUJy1P4shJk+lNc/pQWiSdIab0+C/HWXRBgtPl4fYtXXRF73AmJjrENV /04s8L5T9DqUttzr+b4rontLHF3Rjcy1Qr6cIuCheinL+Exsj4RZbfMgtHYlvfGeRwWXKO bgFIbHgXaramPcOxhn4cYsvZoB3yDjMxz1BFY06KndFj4v/LlooOn/DKb+mKDA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxl5gjZzntK for ; Tue, 09 Jun 2026 19:19:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c5fb by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:07 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 0e8cc8d8a49f - releng/14.4 - sound: Fix software buffer lifetime issues List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: 0e8cc8d8a49f2393fcbc836171f0a85a0e4bd92c Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:07 +0000 Message-Id: <6a28672b.3c5fb.387624f6@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=0e8cc8d8a49f2393fcbc836171f0a85a0e4bd92c commit 0e8cc8d8a49f2393fcbc836171f0a85a0e4bd92c Author: Mark Johnston AuthorDate: 2026-06-01 21:57:40 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 13:21:29 +0000 sound: Fix software buffer lifetime issues The channel buffer mapped by dsp_mmap_single() may be freed when the device handle is closed, but the mapping persists beyond that, allowing userspace to read or write memory owned by a different consumer. Fix the problem by adding a reference counter to the sound buffer. Define pager ops for the VM object returned by dsp_mmap_single() and use them to manage the extra reference. Add a regression test. Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-49417 Reported by: Lexpl0it, 75Acol, Liyw979, Rob1n Reviewed by kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57393 --- sys/dev/sound/pcm/buffer.c | 38 ++++++++++++++++++++-- sys/dev/sound/pcm/buffer.h | 4 +++ sys/dev/sound/pcm/dsp.c | 80 ++++++++++++++++++++++++++++++++++++++-------- tests/sys/sound/mmap.c | 60 ++++++++++++++++++++++++++++++++++ 4 files changed, 166 insertions(+), 16 deletions(-) diff --git a/sys/dev/sound/pcm/buffer.c b/sys/dev/sound/pcm/buffer.c index de535ec2dcba..ddcf14fbc1c2 100644 --- a/sys/dev/sound/pcm/buffer.c +++ b/sys/dev/sound/pcm/buffer.c @@ -32,6 +32,7 @@ #include "opt_snd.h" #endif +#include #include #include "feeder_if.h" @@ -46,6 +47,7 @@ sndbuf_create(device_t dev, char *drv, char *desc, struct pcm_channel *channel) struct snd_dbuf *b; b = malloc(sizeof(*b), M_DEVBUF, M_WAITOK | M_ZERO); + refcount_init(&b->refcount, 1); snprintf(b->name, SNDBUF_NAMELEN, "%s:%s", drv, desc); b->dev = dev; b->channel = channel; @@ -56,8 +58,30 @@ sndbuf_create(device_t dev, char *drv, char *desc, struct pcm_channel *channel) void sndbuf_destroy(struct snd_dbuf *b) { - sndbuf_free(b); - free(b, M_DEVBUF); + b->flags |= SNDBUF_F_DETACHED; + sndbuf_rele(b); +} + +void +sndbuf_ref(struct snd_dbuf *b) +{ + unsigned int count __diagused; + + CHN_LOCK(b->channel); + count = refcount_acquire(&b->refcount); + KASSERT(count > 0, ("sndbuf %p refcount 0", b)); + CHN_UNLOCK(b->channel); +} + +void +sndbuf_rele(struct snd_dbuf *b) +{ + if (refcount_release(&b->refcount)) { + sndbuf_free(b); + KASSERT(refcount_load(&b->refcount) == 0, + ("sndbuf %p still referenced", b)); + free(b, M_DEVBUF); + } } bus_addr_t @@ -183,6 +207,11 @@ sndbuf_resize(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) { + CHN_UNLOCK(b->channel); + return (EBUSY); + } allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); tmpbuf = malloc(allocsize, M_DEVBUF, M_WAITOK); @@ -218,10 +247,15 @@ sndbuf_remalloc(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (blkcnt < 2 || blksz < 16) return EINVAL; + CHN_LOCKASSERT(b->channel); + bufsize = blksz * blkcnt; if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) + return (EBUSY); allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); buf = malloc(allocsize, M_DEVBUF, M_WAITOK); diff --git a/sys/dev/sound/pcm/buffer.h b/sys/dev/sound/pcm/buffer.h index ddf4083ec19f..99bc6c0611d2 100644 --- a/sys/dev/sound/pcm/buffer.h +++ b/sys/dev/sound/pcm/buffer.h @@ -27,6 +27,7 @@ */ #define SNDBUF_F_MANAGED 0x00000008 +#define SNDBUF_F_DETACHED 0x00000010 #define SNDBUF_NAMELEN 48 @@ -50,6 +51,7 @@ struct snd_dbuf { bus_dma_tag_t dmatag; bus_addr_t buf_addr; int dmaflags; + unsigned int refcount; struct selinfo sel; struct pcm_channel *channel; char name[SNDBUF_NAMELEN]; @@ -57,6 +59,8 @@ struct snd_dbuf { struct snd_dbuf *sndbuf_create(device_t dev, char *drv, char *desc, struct pcm_channel *channel); void sndbuf_destroy(struct snd_dbuf *b); +void sndbuf_ref(struct snd_dbuf *b); +void sndbuf_rele(struct snd_dbuf *b); void sndbuf_dump(struct snd_dbuf *b, char *s, u_int32_t what); diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index 72bde9c1066f..bf76345827f5 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -79,7 +79,6 @@ static d_read_t dsp_read; static d_write_t dsp_write; static d_ioctl_t dsp_ioctl; static d_poll_t dsp_poll; -static d_mmap_t dsp_mmap; static d_mmap_single_t dsp_mmap_single; struct cdevsw dsp_cdevsw = { @@ -89,7 +88,6 @@ struct cdevsw dsp_cdevsw = { .d_write = dsp_write, .d_ioctl = dsp_ioctl, .d_poll = dsp_poll, - .d_mmap = dsp_mmap, .d_mmap_single = dsp_mmap_single, .d_name = "dsp", }; @@ -1931,23 +1929,72 @@ dsp_poll(struct cdev *i_dev, int events, struct thread *td) return (ret); } +struct dsp_mmap_handle { + struct cdev *cdev; + struct snd_dbuf *buf; +}; + static int -dsp_mmap(struct cdev *i_dev, vm_ooffset_t offset, vm_paddr_t *paddr, - int nprot, vm_memattr_t *memattr) +dsp_dev_pager_ctor(void *handle, vm_ooffset_t size, vm_prot_t prot, + vm_ooffset_t foff, struct ucred *cred, u_short *color) { + struct dsp_mmap_handle *h = handle; - /* - * offset is in range due to checks in dsp_mmap_single(). - * XXX memattr is not honored. - */ - *paddr = vtophys(offset); + dev_ref(h->cdev); + sndbuf_ref(h->buf); return (0); } +static void +dsp_dev_pager_dtor(void *handle) +{ + struct dsp_mmap_handle *h = handle; + + sndbuf_rele(h->buf); + dev_rel(h->cdev); + free(h, M_DEVBUF); +} + static int -dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, +dsp_dev_pager_fault(vm_object_t object, vm_ooffset_t offset, int prot, + vm_page_t *mres) +{ + struct dsp_mmap_handle *h = object->handle; + vm_page_t m; + uintptr_t addr; + vm_paddr_t paddr; + + addr = (uintptr_t)offset; + if (addr < (uintptr_t)h->buf->buf || + addr >= (uintptr_t)h->buf->buf + h->buf->allocsize) + return (VM_PAGER_ERROR); + paddr = vtophys((void *)addr); + + if (((*mres)->flags & PG_FICTITIOUS) != 0) { + m = *mres; + vm_page_updatefake(m, paddr, object->memattr); + } else { + VM_OBJECT_WUNLOCK(object); + m = vm_page_getfake(paddr, object->memattr); + VM_OBJECT_WLOCK(object); + vm_page_replace(m, object, (*mres)->pindex, *mres); + *mres = m; + } + m->valid = VM_PAGE_BITS_ALL; + return (VM_PAGER_OK); +} + +static const struct cdev_pager_ops dsp_dev_pager_ops = { + .cdev_pg_ctor = dsp_dev_pager_ctor, + .cdev_pg_dtor = dsp_dev_pager_dtor, + .cdev_pg_fault = dsp_dev_pager_fault, +}; + +static int +dsp_mmap_single(struct cdev *cdev, vm_ooffset_t *offset, vm_size_t size, struct vm_object **object, int nprot) { + struct dsp_mmap_handle *handle; struct dsp_cdevpriv *priv; struct snddev_info *d; struct pcm_channel *wrch, *rdch, *c; @@ -2010,13 +2057,18 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, *offset = (uintptr_t)sndbuf_getbufofs(c->bufsoft, *offset); dsp_unlock_chans(priv, FREAD | FWRITE); - *object = vm_pager_allocate(OBJT_DEVICE, i_dev, - size, nprot, *offset, curthread->td_ucred); + handle = malloc(sizeof(*handle), M_DEVBUF, M_WAITOK); + handle->cdev = cdev; + handle->buf = c->bufsoft; + *object = cdev_pager_allocate(handle, OBJT_DEVICE, &dsp_dev_pager_ops, + size, nprot, *offset, curthread->td_ucred); PCM_GIANT_LEAVE(d); + if (*object == NULL) { + free(handle, M_DEVBUF); + return (EINVAL); + } - if (*object == NULL) - return (EINVAL); return (0); } diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c index ab203a39194c..f775c0f8da8a 100644 --- a/tests/sys/sound/mmap.c +++ b/tests/sys/sound/mmap.c @@ -4,12 +4,14 @@ * Copyright (c) 2026 The FreeBSD Foundation */ +#include #include #include #include #include #include +#include #include #define FMT_ERR(s) s ": %s", strerror(errno) @@ -43,9 +45,67 @@ ATF_TC_BODY(mmap_offset_overflow, tc) close(fd); } +/* + * Verify that a MAP_SHARED mapping of a DSP device's software buffer remains + * valid after the file descriptor is closed. + */ +ATF_TC(mmap_buffer_lifetime); +ATF_TC_HEAD(mmap_buffer_lifetime, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap data survives close()"); + atf_tc_set_md_var(tc, "require.kmods", "snd_dummy"); +} +ATF_TC_BODY(mmap_buffer_lifetime, tc) +{ + audio_buf_info abi; + uint8_t *buf; + size_t len; + int fd, arg; + + fd = open("/dev/dsp0", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + arg = (2 << 16) | 14; /* 2*16KB */ + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_SETFRAGMENT, &arg) == 0, + FMT_ERR("SNDCTL_DSP_SETFRAGMENT")); + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_GETOSPACE, &abi) == 0, + FMT_ERR("SNDCTL_DSP_GETOSPACE")); + + len = abi.bytes; + ATF_REQUIRE_MSG(len >= PAGE_SIZE, "buffer too small: %zu", len); + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + ATF_REQUIRE_MSG(buf != MAP_FAILED, FMT_ERR("mmap")); + + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0, + "mmap data corrupted at offset %zu: want 0 got 0x%02x", + i, buf[i]); + } + + memset(buf, 0xa5, len); + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0xa5, + "mmap data corrupted at offset %zu: want 0xa5 got 0x%02x", + i, buf[i]); + } + + ATF_REQUIRE(close(fd) == 0); + + /* Closing the device causes the buffer to be reset. */ + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0 || buf[i] == 0xa5, + "mmap data corrupted at offset %zu: got 0x%02x", i, buf[i]); + } + memset(buf, 0xa5, len); + + ATF_REQUIRE(munmap(buf, len) == 0); +} + ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, mmap_offset_overflow); + ATF_TP_ADD_TC(tp, mmap_buffer_lifetime); return (atf_no_error()); } From nobody Tue Jun 9 19:19:08 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxn43b4z6gVCW for ; Tue, 09 Jun 2026 19:19:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxm6xKLz3PVc for ; Tue, 09 Jun 2026 19:19:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032749; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=694/bRj9J13fhbwAdQKh8cJAiYh053/CIwKQnT5oA4U=; b=s6J7MwG9wFWsEEGzVFsHiek1+Q7/7auKJpPLYir1zgm9ZVxdZfHFJ6smGsGVSbq85gk5RF hakWTIOBKcnTtq93ESDG7MDXI3F2ErYdf1K67RI3fF4Bd9RDkyc/lIeNx4af/LA0CSsYVR HhpLizlrouPm6XXx+ecanfPtyZ1Qldq5iO5ABGDLNA32APpD0U5l7PW6riIOuQEVlAP9nb dPyodCyfVx4y9iCjYI3n+/S+P/5y1XtLOZYe3MBprOGJ7bb60TWmhxAB3CQJg92FKMmeeX 1oTjrmAo3uacxSu8c44Z3UgbA0KP8Tkp91MT7JBmSPphbuf2IBXpnCzsVwp67w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032749; a=rsa-sha256; cv=none; b=Epgp7EJAc75dHVAwGD6S0MbywE8PfnjztP8DnOU17AQ+Ux/OMqqk088Yo88pkqoTZPMJuk w+8Eodbvp2oezB1D7U45+ZC5kgfz7zOemY+DrtumCwSo4pHcefvSdvwCZ1l4bQI9yY2k1S 7BJbZzVjCty61WHp10QjTaXv5ypIv0h72b10oiNVIhJ3YydwisLipnXEuswLfK/R1LVSg7 j4FZzr27XHH+Gf/odtPhFzWRauUYh1gGfx1ureDRZLPLKH6EZ4otLnY0Jo9h6KkmD2byKg HWyJttflsxnFjTB6PxnY2EBjYlciEVTMWASWrnSxRt4oYmIlU3m0vrEy1ANj7A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032749; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=694/bRj9J13fhbwAdQKh8cJAiYh053/CIwKQnT5oA4U=; b=IN8tCf9VwFON9eL7rWnCYl7mY6HGElVmvoWGqDlNd0oNtG0BF9ay9bjnweJ3djn4gCTI1N INYmRmfPA6BTsTVNtfUSY8nVFvAezNLSGtZyeZbwzu4JCe9UqndSOvbjcU6tQi4+pXPUXH YPyls3lYd0keQTGwTLGgu22+0VaMwgt7TSOPDllk4fzfQBzEPM38zOGheSUB7i4KlKYxOx nnq4iZjhN6GCF02k5yxGbnd+3mMhXBkD8dRJ4GWoqigyNuA0O7Vds/RlgMuMmxGGXAoUML pdtEZHMbw/s2m36Pvhs13cmJVx4duMLS08yhFRshB2OwwbVTGowNioxJNigA4g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxm6Tqxzp1R for ; Tue, 09 Jun 2026 19:19:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c8e0 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:08 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Ed Maste From: Mark Johnston Subject: git: eab757f954ed - releng/14.4 - sigqueue: In capability mode, only allow signalling self List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: eab757f954ed63395aad84624b6b1f96b4195fa0 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:08 +0000 Message-Id: <6a28672c.3c8e0.388291de@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=eab757f954ed63395aad84624b6b1f96b4195fa0 commit eab757f954ed63395aad84624b6b1f96b4195fa0 Author: Ed Maste AuthorDate: 2026-05-26 13:24:36 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 13:21:33 +0000 sigqueue: In capability mode, only allow signalling self This is copied from the check in kern_kill. Approved by: so Security: FreeBSD-SA-26:28.capsicum Security: CVE-2026-45259 Reviewed by: markj, oshogbo Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57244 (cherry picked from commit b9d16b7fd2fa6bc4b3e8364804cbdc1b76ebe8a5) (cherry picked from commit defd9b86ef995ce70363eae9b323d616bda865be) (cherry picked from commit d11ff01b3aec336128e6babbff7a421fbce82015) --- contrib/capsicum-test/capmode.cc | 12 +++++++++--- sys/kern/kern_sig.c | 10 ++++++++++ 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/contrib/capsicum-test/capmode.cc b/contrib/capsicum-test/capmode.cc index f32d9e038744..12921bb53c72 100644 --- a/contrib/capsicum-test/capmode.cc +++ b/contrib/capsicum-test/capmode.cc @@ -747,8 +747,8 @@ FORK_TEST(Capmode, NewThread) { close(thread_pipe[1]); } -static volatile sig_atomic_t had_signal = 0; -static void handle_signal(int) { had_signal = 1; } +static volatile sig_atomic_t signal_cnt = 0; +static void handle_signal(int) { signal_cnt++; } FORK_TEST(Capmode, SelfKill) { pid_t me = getpid(); @@ -766,7 +766,13 @@ FORK_TEST(Capmode, SelfKill) { // Can only kill(2) to own pid. EXPECT_CAPMODE(kill(child, SIGUSR1)); EXPECT_OK(kill(me, SIGUSR1)); - EXPECT_EQ(1, had_signal); + EXPECT_EQ(1, signal_cnt); + + union sigval sv; + sv.sival_int = 0x1234; + EXPECT_CAPMODE(sigqueue(child, SIGUSR1, sv)); + EXPECT_OK(sigqueue(me, SIGUSR1, sv)); + EXPECT_EQ(2, signal_cnt); signal(SIGUSR1, original); } diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 91361d680809..7f399586f639 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -2047,6 +2047,16 @@ kern_sigqueue(struct thread *td, pid_t pid, int signumf, union sigval *value) if (pid <= 0) return (EINVAL); + /* + * A process in capability mode can send signals only to itself. + */ + if (pid != td->td_proc->p_pid) { + if (CAP_TRACING(td)) + ktrcapfail(CAPFAIL_SIGNAL, &signum); + if (IN_CAPABILITY_MODE(td)) + return (ECAPMODE); + } + if ((signumf & __SIGQUEUE_TID) == 0) { if ((p = pfind_any(pid)) == NULL) return (ESRCH); From nobody Tue Jun 9 19:19:09 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxp1vhRz6gV92 for ; Tue, 09 Jun 2026 19:19:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxp0C0zz3PNP for ; Tue, 09 Jun 2026 19:19:10 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032750; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kqkRC/0Hf3SgismJeCUs6HDfAnb9VSMSGGiqOOBtlao=; b=h2np6CAs3xFDdGfSG9RfTwT+3c839vKNn7r0KET/Dm0C27GtgcvNPdafRU80zgeLcD/iVn HO+dnz+k3THm/POGkHPfQ15JlA8SywWq4e+QlLkhWM+cgyq/eEqM8Nx7HaUY/qxMSaVmBM pdQOD2TmxmFBk0McYdTUTGFprtZeEX934kvkr3pczt3MFBaHiXrC/lnRrYtktZoj2MH0uO iU9dhKwRTn2NUkgYknvxcNewWnJkq3xq3dkgFX16L2J4LzE+7yCulI4KoUM2KFruKOVY3B LQxNu04E+hC5MLKMTdtuva1XWok5qrsU4MZoKyy/cgIvTz/HBtqZoAdQbM0MaA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032750; a=rsa-sha256; cv=none; b=ykd5Ly9xaJdhBhERUR3/JL0bsKsZl1vpvS2IdiEN3tJgSW0oiemAnw6i7+tv1S5zV+cq5X 1kbBdgp3HygtV5HoxHlxMEN31UQr4E2qfYiWnwl3RBSqGFVAExsBie7HlQJkfllXb2Pebk j0rshfVf+Qz5dCb/MbDcMxvvk25VcNp/4HlSdLkgmETyS2uJj9fcqAKSRU9dZk11iSX51b p9C7NmbVj+/N1iMFSYwDKsQUo64t1fsFdvz9p7guvuF3MIBIFug0nzt5JZUC//9tlgXEKo tKXaL2cR0AQgAFF/UxR74PV4S0ZW7tu0f/PakUG7Xud5NvojqVz8Mta51pLdeg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032750; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kqkRC/0Hf3SgismJeCUs6HDfAnb9VSMSGGiqOOBtlao=; b=cjEzn2QgifH1iuTOwAMNM8ZAl7as16YGyW1X3B8TpR41kfDWRBjNX11FoDjPumnPFGiYYT jAjHUiGBLlp9zCqevkJ/fmolaVjhm3qbpGAxst6wXTB84r8qEXG/aOgpfEn3QwEN+hDkEo b5OOpOp1zCIMyqwoLkxf+7QeJEAzH4ltXtBIadZbt/M19wknYCG0vUlrxSeHLN1kRxSn5C omD8cu43SAY7CJxQh7nAVUhhd8bh/+CfoTgfkfnGOtLzEHO5uZdS8dd/B3lnQzRBmtyAiU sNhTsEBgyHlWUEMFpIYyWENMenL7vigfjPw4iKrhMUWASdS4oF1xErvety43Tw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxn6rcZznrf for ; Tue, 09 Jun 2026 19:19:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3eb26 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:09 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: a7062a6de005 - releng/14.4 - in6_mcast: Fix a race in in6p_set_source_filter() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: a7062a6de0057e5ee0eb4d858fcd7660276dd130 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:09 +0000 Message-Id: <6a28672d.3eb26.224086a3@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=a7062a6de0057e5ee0eb4d858fcd7660276dd130 commit a7062a6de0057e5ee0eb4d858fcd7660276dd130 Author: Mark Johnston AuthorDate: 2026-05-29 20:12:24 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 13:21:33 +0000 in6_mcast: Fix a race in in6p_set_source_filter() We drop the inpcb lock in order to copy in the source list, but this leaves a window where the multicast filter structure might be freed. This can be exploited to obtain root privileges. In the v4 code this race is mitigated by holding the global multicast lock across the gap. Restructure the code to copy in filters before doing anything else, so that there's no need to drop the inpcb lock and reason about the correctness of doing so. Do the same in the v4 code for consistency. Approved by: so Security: FreeBSD-SA-26:29.ip6_multicast Security: CVE-2026-49412 Reported by: Andrew Griffiths Reported by: Maik Münch Reviewed by: glebius Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57347 --- sys/netinet/in_mcast.c | 39 +++++++++++++++++---------------------- sys/netinet6/in6_mcast.c | 41 +++++++++++++++++++---------------------- 2 files changed, 36 insertions(+), 44 deletions(-) diff --git a/sys/netinet/in_mcast.c b/sys/netinet/in_mcast.c index 3dc4fa271683..4fd00bac3ae4 100644 --- a/sys/netinet/in_mcast.c +++ b/sys/netinet/in_mcast.c @@ -2524,6 +2524,7 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct epoch_tracker et; struct __msfilterreq msfr; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in_mfilter *imf; @@ -2536,9 +2537,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) - return (ENOBUFS); - if ((msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE)) return (EINVAL); @@ -2551,13 +2549,24 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr))) return (EINVAL); + if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_inp_unlocked; + gsa->sin.sin_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); /* XXXGL: unsafe ifp */ - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_inp_unlocked; + } IN_MULTI_LOCK(); @@ -2589,24 +2598,9 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in_msource *lims; struct sockaddr_in *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_IGMPV3, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as imf_leave() @@ -2641,7 +2635,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->imsl_st[1] = imf->imf_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2678,6 +2671,8 @@ out_imf_rollback: out_inp_locked: INP_WUNLOCK(inp); IN_MULTI_UNLOCK(); +out_inp_unlocked: + free(kss, M_TEMP); return (error); } diff --git a/sys/netinet6/in6_mcast.c b/sys/netinet6/in6_mcast.c index a6186568ecb2..4ec9f36cd9ac 100644 --- a/sys/netinet6/in6_mcast.c +++ b/sys/netinet6/in6_mcast.c @@ -2489,6 +2489,7 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct __msfilterreq msfr; struct epoch_tracker et; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in6_mfilter *imf; @@ -2501,9 +2502,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) - return (ENOBUFS); - if (msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE) return (EINVAL); @@ -2516,19 +2514,31 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN6_IS_ADDR_MULTICAST(&gsa->sin6.sin6_addr)) return (EINVAL); + if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_in6p_unlocked; + gsa->sin6.sin6_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_in6p_unlocked; + } (void)in6_setscope(&gsa->sin6.sin6_addr, ifp, NULL); /* * Take the INP write lock. * Check if this socket is a member of this group. */ + IN6_MULTI_LOCK(); imo = in6p_findmoptions(inp); imf = im6o_match_group(imo, ifp, &gsa->sa); if (imf == NULL) { @@ -2553,24 +2563,9 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in6_msource *lims; struct sockaddr_in6 *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_MLD, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as im6f_leave() @@ -2615,7 +2610,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->im6sl_st[1] = imf->im6f_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2650,6 +2644,9 @@ out_im6f_rollback: out_in6p_locked: INP_WUNLOCK(inp); + IN6_MULTI_UNLOCK(); +out_in6p_unlocked: + free(kss, M_TEMP); return (error); } From nobody Tue Jun 9 19:19:12 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxr4X31z6gVTm for ; Tue, 09 Jun 2026 19:19:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxr272hz3PQW for ; Tue, 09 Jun 2026 19:19:12 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032752; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0z5ud3OFk1wjXxw8zbzfM1VxlKpcD0A0LJlpgDwChpI=; b=QTKEbxHVcN0wYZhk1zId2Ys1gmSOU9Adh5sxnYYRtGiiqHwujTgYS/2Sjsqe3g3SFhNALn V+b6PzFJlEENBczCzTTdA+VkEML6ZQ/BNBvF93Xc0ZWqL9UqA+1KA9WoKDROiwVaeNlz/Z g1+9uJrosvrLyE9zIPzpT1k5fnp748/HVh6LHd7jcWa1Gm1JYBGK/YaXSuvJp+925/btvq fLbI0mT7Sb3iZYG8FZsj89dVNlV4623CBFuIY0L6fQgR81uPOsfCKqZuUigkqTXgcwLXrX cPnpOlQ0PwQvKj+HLXd5q36Q0R3UBNIW3LmCYl3flSNiq/VDTxC8VXNx6qtAVg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032752; a=rsa-sha256; cv=none; b=AYwF9plH2pqRrO8ERknoZ8GucJE6g3CyU1ItJbjuRwn30Gqrosj/53FJ8pExYomHxHw0KG OXiNE3AUxg6/G5uksW+noES5Cc8nzLAwGE8GY0a1+6oQtq9KdS4aKq/WIUpHbrfn/uRKCf xfP/KgrQ8N1Z/gER7BWdCzQSHDTiSd2GqLDeQO5TjZg6ugBMF0pQZEX5wEv/wFdQdIazdb pB5B1GuAPIwZdFv9wuHa3IKr42Bt5ND7NcL4WeOd1j5flpOWHxD4P2neANAj2XVr0qugPU uOSe2LjjAVQ0U0ndHIgz5zfHUYLf94FnyuZS6bE4ADJTI1xhwvj5TPqGVO0zOg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032752; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0z5ud3OFk1wjXxw8zbzfM1VxlKpcD0A0LJlpgDwChpI=; b=XQzt80sooI/n2AWcUBJYgCTZKfuWqMLbECBp3mr6O8XcFj8Mb8r8VEzTFoll7po9am3Sg/ HXMGLs6thxDKVwKtlG6h4E8akE/Bzec58dNJMpfEfkGpGzDK4yQitMIqX+J7m7aTRw4Hdm tBPhLwQHenC+dcduVsY1WXCcbAgJMHE7zamJ674o6Eo0h3zmTHDCfROMwe84jy2Kog5wD7 yA77O2Qqnv9/c8YoRxxke6w1PjBR89n+A2GUs+7uFSVrKNx4yok7bkz3+cbZwZzD4yYk6w 8t1NQdiWYLGRyMLqFQFKyhshwIOX5rRuDiRKkXl2qPMqAZrfGloWuLQf74NdvA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxr12k8znks for ; Tue, 09 Jun 2026 19:19:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e425 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:12 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Andrew Turner From: Mark Johnston Subject: git: 889e306ded21 - releng/14.4 - arm64: Workaround the following errata List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: 889e306ded217659e25516c05265591aa17d4544 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:12 +0000 Message-Id: <6a286730.3e425.32446165@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=889e306ded217659e25516c05265591aa17d4544 commit 889e306ded217659e25516c05265591aa17d4544 Author: Andrew Turner AuthorDate: 2026-05-28 09:25:30 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 13:21:34 +0000 arm64: Workaround the following errata - ARM C1-Premium erratum 4193780 - ARM C1-Ultra erratum 4193780 - ARM Cortex-A76 erratum 4193800 - ARM Cortex-A76AE erratum 4193801 - ARM Cortex-A77 erratum 4193798 - ARM Cortex-A78 erratum 4193791 - ARM Cortex-A78AE erratum 4193793 - ARM Cortex-A78C erratum 4193794 - ARM Cortex-A710 erratum 4193788 - ARM Cortex-X1 erratum 4193791 - ARM Cortex-X1C erratum 4193792 - ARM Cortex-X2 erratum 4193788 - ARM Cortex-X3 erratum 4193786 - ARM Cortex-X4 erratum 4118414 - ARM Cortex-X925 erratum 4193781 - ARM Neoverse-N1 erratum 4193800 - ARM Neoverse-N2 erratum 4193789 - ARM Neoverse-V1 erratum 4193790 - ARM Neoverse-V2 erratum 4193787 - ARM Neoverse-V3 erratum 4193784 - ARM Neoverse-V3AE erratum 4193784 These are all variants on an erratum where TLBI+DSB instructions on one CPU may incorrectly complete early leading to stores to an updated address using an incorrect translation on another CPU. In all cases the workaround is to add a second TLBI+DSB. Approved by: so Security: FreeBSD-SA-26:31.arm64 Security: CVE-2025-10263 Sponsored by: Arm Ltd --- sys/arm64/arm64/pmap.c | 60 ++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 51 insertions(+), 9 deletions(-) diff --git a/sys/arm64/arm64/pmap.c b/sys/arm64/arm64/pmap.c index 517052419ed4..31c04cf1f00a 100644 --- a/sys/arm64/arm64/pmap.c +++ b/sys/arm64/arm64/pmap.c @@ -1547,20 +1547,62 @@ static cpu_feat_en pmap_multiple_tlbi_check(const struct cpu_feat *feat __unused, u_int midr) { /* - * Cortex-A55 erratum 2441007 (Cat B rare) + * ARM C1-Premium erratum 4193780 + * ARM C1-Ultra erratum 4193780 + * ARM Cortex-A76 erratum 4193800 + * ARM Cortex-A76AE erratum 4193801 + * ARM Cortex-A77 erratum 4193798 + * ARM Cortex-A78 erratum 4193791 + * ARM Cortex-A78AE erratum 4193793 + * ARM Cortex-A78C erratum 4193794 + * ARM Cortex-A710 erratum 4193788 + * ARM Cortex-X1 erratum 4193791 + * ARM Cortex-X1C erratum 4193792 + * ARM Cortex-X2 erratum 4193788 + * ARM Cortex-X3 erratum 4193786 + * ARM Cortex-X4 erratum 4118414 + * ARM Cortex-X925 erratum 4193781 + * ARM Neoverse-N1 erratum 4193800 + * ARM Neoverse-N2 erratum 4193789 + * ARM Neoverse-V1 erratum 4193790 + * ARM Neoverse-V2 erratum 4193787 + * ARM Neoverse-V3 erratum 4193784 + * ARM Neoverse-V3AE erratum 4193784 * Present in all revisions */ - if (CPU_IMPL(midr) == CPU_IMPL_ARM && - CPU_PART(midr) == CPU_PART_CORTEX_A55) - return (FEAT_DEFAULT_DISABLE); + if (CPU_IMPL(midr) == CPU_IMPL_ARM) { + switch(CPU_PART(midr)) { + case CPU_PART_C1_PREMIUM: + case CPU_PART_C1_ULTRA: + case CPU_PART_CORTEX_A76: + case CPU_PART_CORTEX_A76AE: + case CPU_PART_CORTEX_A77: + case CPU_PART_CORTEX_A78: + case CPU_PART_CORTEX_A78AE: + case CPU_PART_CORTEX_A78C: + case CPU_PART_CORTEX_A710: + case CPU_PART_CORTEX_X1: + case CPU_PART_CORTEX_X1C: + case CPU_PART_CORTEX_X2: + case CPU_PART_CORTEX_X3: + case CPU_PART_CORTEX_X4: + case CPU_PART_CORTEX_X925: + case CPU_PART_NEOVERSE_N1: + case CPU_PART_NEOVERSE_N2: + case CPU_PART_NEOVERSE_V1: + case CPU_PART_NEOVERSE_V2: + case CPU_PART_NEOVERSE_V3: + case CPU_PART_NEOVERSE_V3AE: + return (FEAT_DEFAULT_ENABLE); + } + } /* - * Cortex-A76 erratum 1286807 (Cat B rare) - * Present in r0p0 - r3p0 - * Fixed in r3p1 + * Cortex-A55 erratum 2441007 (Cat B rare) + * Present in all revisions */ - if (midr_check_var_part_range(midr, CPU_IMPL_ARM, CPU_PART_CORTEX_A76, - 0, 0, 3, 0)) + if (CPU_IMPL(midr) == CPU_IMPL_ARM && + CPU_PART(midr) == CPU_PART_CORTEX_A55) return (FEAT_DEFAULT_DISABLE); /* From nobody Tue Jun 9 19:19:13 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxt06GLz6gVLc for ; Tue, 09 Jun 2026 19:19:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxs2ctmz3PWZ for ; Tue, 09 Jun 2026 19:19:13 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032753; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=b2yIePPYxtVQ0Kep0B2gc+vSK9b7dzmahxQGSe/qsvc=; b=cV3dwwW64Oh8vVjz//7C7GE5yD96W86pqvSImb6FMvImFgxJJ62YWzUDMEARSxAsDXMYSN /u6tu/IYi2zDi70egeSOmVAveek1rcu3m9ZUe7TbY7ldVVISVCc/r5G/wh6Nuay/TjZpu0 +Cm7qMwnviQhbvW25Uw/lgD0s7sJxU4BWst4e13QEcRe2s9/3RBuP7sOxAbQcbP6v5DOzB N8QIm6LKh7LeVc/ibMPkQ7tq+rNOjsgAhSnw3AZR2iWdAqdBSjVEVUmguBDgjt6IypH7AP OOxnREukN4w8hpd9BLYNl3xMz130Bcv0M1dgEMmLAO+dI/2Ev4eI5jCC3i4EHw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032753; a=rsa-sha256; cv=none; b=yKaQ4w1EFdg/JkpaT7e2+dVtLG39Afh+VfzWAb0FGs4CUXSaQjgucVMWCNGHYJVKH5lcUE udCjDI6CNH3pAXsxM968GgITSjhq2TUEG/MgLuidk6719m12xXHFU1Bibu2pDbJFBY6B5d ZqZsAH9u/7pgdM0AG5K2/krj0Rpj2lBj1/vQRK9EjamOhnicZ3sZB2koxPJwug1/7mjlNq ZvneJiWx5VQAc3YNvGoNiYJAZV7ZHXbQiXrZfFBc9m/ckjGkYG6XtbXZAiuwWV0aHNu8V3 BYcE7Lona8axqDikDWjg2aFTzr0yqi7vbLmM/YK0mFuZmKhCKmpviWbQHON+qw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032753; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=b2yIePPYxtVQ0Kep0B2gc+vSK9b7dzmahxQGSe/qsvc=; b=J6wBoFmpglK68NmHYfSWHm7b4+VXdpIruVISUrYB5wtcHrbkJmoIeUVIZT/DmSQJ8ZbIoC a1+00KRkfssf/vGyJx4AvR/gTEzfPFupH/pEHX8GmJq+PxPQQHXEGoab9/ZuFSXelPIb2b osWljqmr1Qmh3igxTP4kdyNiUbbC0cu8vrCkCAPqaEKRJKWO8jYtRh4rVw/Y1P/Z0HoGwb gmC5Mr91iTTbvx4ELxnsXlYpLBC4HHv8j7o8SeEUpsn4fo19h2kHQfdTsCzCkGy/+wP/wS fYvnwXu8CdqnZ4Gw6DrqrTHlRREk/1PnzBXxSMPuAdMVXt3p6L2MSuIOwYTMng== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxs1t1Zznrh for ; Tue, 09 Jun 2026 19:19:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c5ff by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:13 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 547fc2a98a24 - releng/14.4 - imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: 547fc2a98a24129b12c573531130630f162c1cdd Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:13 +0000 Message-Id: <6a286731.3c5ff.2dc8d33d@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=547fc2a98a24129b12c573531130630f162c1cdd commit 547fc2a98a24129b12c573531130630f162c1cdd Author: Mark Johnston AuthorDate: 2026-06-02 20:29:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 13:21:34 +0000 imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images Otherwise an unprivileged user can disable randomization of the base address for PIEs even if they are setugid. Add a regression test. Approved by: so Security: FreeBSD-SA-26:32.elf Security: CVE-2026-49414 Reported by: David Berard Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57397 --- sys/kern/imgact_elf.c | 55 ++++++++--------- tests/sys/kern/Makefile | 2 + tests/sys/kern/aslr.c | 157 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 187 insertions(+), 27 deletions(-) diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c index ea74c07cbc48..df9156ad76ca 100644 --- a/sys/kern/imgact_elf.c +++ b/sys/kern/imgact_elf.c @@ -1230,11 +1230,39 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) error = ENOEXEC; goto ret; } + + /* + * Avoid a possible deadlock if the current address space is destroyed + * and that address space maps the locked vnode. In the common case, + * the locked vnode's v_usecount is decremented but remains greater + * than zero. Consequently, the vnode lock is not needed by vrele(). + * However, in cases where the vnode lock is external, such as nullfs, + * v_usecount may become zero. + * + * The VV_TEXT flag prevents modifications to the executable while + * the vnode is unlocked. + */ + VOP_UNLOCK(imgp->vp); + + /* + * Decide whether to enable randomization of user mappings. First, + * reset user preferences for the setid binaries. Then, account for the + * support of randomization by the ABI, by user preferences, and make + * special treatment for PIE binaries. + */ + if (imgp->credential_setid) { + PROC_LOCK(imgp->proc); + imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | + P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); + PROC_UNLOCK(imgp->proc); + } + sv = brand_info->sysvec; if (hdr->e_type == ET_DYN) { if ((brand_info->flags & BI_CAN_EXEC_DYN) == 0) { uprintf("Cannot execute shared object\n"); error = ENOEXEC; + (void)vn_lock(imgp->vp, LK_SHARED | LK_RETRY); goto ret; } /* @@ -1253,33 +1281,6 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) imgp->et_dyn_addr = __elfN(pie_base); } } - - /* - * Avoid a possible deadlock if the current address space is destroyed - * and that address space maps the locked vnode. In the common case, - * the locked vnode's v_usecount is decremented but remains greater - * than zero. Consequently, the vnode lock is not needed by vrele(). - * However, in cases where the vnode lock is external, such as nullfs, - * v_usecount may become zero. - * - * The VV_TEXT flag prevents modifications to the executable while - * the vnode is unlocked. - */ - VOP_UNLOCK(imgp->vp); - - /* - * Decide whether to enable randomization of user mappings. - * First, reset user preferences for the setid binaries. - * Then, account for the support of the randomization by the - * ABI, by user preferences, and make special treatment for - * PIE binaries. - */ - if (imgp->credential_setid) { - PROC_LOCK(imgp->proc); - imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | - P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); - PROC_UNLOCK(imgp->proc); - } if ((sv->sv_flags & SV_ASLR) == 0 || (imgp->proc->p_flag2 & P2_ASLR_DISABLE) != 0 || (fctl0 & NT_FREEBSD_FCTL_ASLR_DISABLE) != 0) { diff --git a/tests/sys/kern/Makefile b/tests/sys/kern/Makefile index 3dcfbc71f6e5..67cdf19f6d6e 100644 --- a/tests/sys/kern/Makefile +++ b/tests/sys/kern/Makefile @@ -8,6 +8,7 @@ TESTSRC= ${SRCTOP}/contrib/netbsd-tests/kernel TESTSDIR= ${TESTSBASE}/sys/kern +ATF_TESTS_C+= aslr ATF_TESTS_C+= basic_signal ATF_TESTS_C+= copy_file_range .if ${MACHINE_ARCH} != "i386" && ${MACHINE_ARCH} != "powerpc" && \ @@ -75,6 +76,7 @@ PROGS+= coredump_phnum_helper PROGS+= pdeathsig_helper PROGS+= sendfile_helper +LIBADD.aslr+= util LIBADD.copy_file_range+= md LIBADD.jail_lookup_root+= jail util CFLAGS.sys_getrandom+= -I${SRCTOP}/sys/contrib/zstd/lib diff --git a/tests/sys/kern/aslr.c b/tests/sys/kern/aslr.c new file mode 100644 index 000000000000..13038054603c --- /dev/null +++ b/tests/sys/kern/aslr.c @@ -0,0 +1,157 @@ +/* + * Copyright (c) 2026 The FreeBSD Foundation + * + * This software was developed by Mark Johnston under sponsorship from the + * FreeBSD Foundation. + */ + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include + +/* + * Spawn an unprivileged child with ASLR force-disabled, which then execs + * /sbin/ping (setuid root). + */ +static pid_t +spawn_ping(const atf_tc_t *tc) +{ + const char *user; + struct passwd *passwd; + pid_t child; + int arg, error; + + user = atf_tc_get_config_var(tc, "unprivileged_user"); + passwd = getpwnam(user); + ATF_REQUIRE(passwd != NULL); + + child = fork(); + ATF_REQUIRE(child >= 0); + if (child == 0) { + if (seteuid(passwd->pw_uid) != 0) + _exit(1); + + arg = PROC_ASLR_FORCE_DISABLE; + error = procctl(P_PID, getpid(), PROC_ASLR_CTL, &arg); + if (error != 0) + _exit(2); + + execl("/sbin/ping", "ping", "127.0.0.1", NULL); + _exit(127); + } + usleep(500000); /* XXX-MJ */ + + return (child); +} + +/* + * Return the base address of the first mapping backed by the specified + * executable in the given process, or 0 if not found. + */ +static uint64_t +text_base(pid_t pid, const char *path) +{ + struct kinfo_vmentry *vmmap; + uint64_t base; + int cnt; + + base = 0; + vmmap = kinfo_getvmmap(pid, &cnt); + if (vmmap == NULL) + return (0); + for (int i = 0; i < cnt; i++) { + if (vmmap[i].kve_type == KVME_TYPE_VNODE && + strcmp(vmmap[i].kve_path, path) == 0) { + base = vmmap[i].kve_start; + break; + } + } + free(vmmap); + return (base); +} + +/* + * Make sure that ASLR can't be disabled for a setuid executable by an + * unprivileged user. + */ +ATF_TC(aslr_setuid); +ATF_TC_HEAD(aslr_setuid, tc) +{ + atf_tc_set_md_var(tc, "require.user", "root"); + atf_tc_set_md_var(tc, "require.config", "unprivileged_user"); +} +ATF_TC_BODY(aslr_setuid, tc) +{ + struct stat sb; + uint64_t bases[5]; + pid_t child, pid; + int arg, error, st; + + if (!atf_tc_has_config_var(tc, "unprivileged_user")) + atf_tc_skip("unprivileged_user not set"); + + error = stat("/sbin/ping", &sb); + ATF_REQUIRE(error == 0); + ATF_REQUIRE_MSG(sb.st_uid == 0 && (sb.st_mode & S_ISUID) != 0, + "/sbin/ping is not setuid root"); + + child = spawn_ping(tc); + bases[0] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[0] != 0, + "failed to find /sbin/ping text segment"); + + arg = 0; + error = procctl(P_PID, child, PROC_ASLR_STATUS, &arg); + ATF_REQUIRE_MSG(error == 0, "procctl ASLR_STATUS failed: %s", + strerror(errno)); + ATF_REQUIRE_MSG((arg & PROC_ASLR_ACTIVE) != 0, + "ASLR is not active for setuid child"); + ATF_REQUIRE_MSG((arg & ~PROC_ASLR_ACTIVE) == PROC_ASLR_NOFORCE, + "expected NOFORCE for setuid child, got %d", + arg & ~PROC_ASLR_ACTIVE); + + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + + for (size_t i = 1; i < nitems(bases); i++) { + child = spawn_ping(tc); + bases[i] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[i] != 0, + "failed to find /sbin/ping text segment"); + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + } + + /* Verify that the text base is different across all runs. */ + for (size_t i = 0; i < nitems(bases); i++) { + for (size_t j = i + 1; j < nitems(bases); j++) { + ATF_REQUIRE_MSG(bases[i] != bases[j], + "ping text base collision 0x%jx", + (uintmax_t)bases[i]); + } + } +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, aslr_setuid); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:19:14 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxt6QGgz6gVPG for ; Tue, 09 Jun 2026 19:19:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxt3j4hz3PbR for ; Tue, 09 Jun 2026 19:19:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032754; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=NAI/gn8QQrYuuJ53Yfm/Zim/Tu4QTeJT0puygfZ6wug=; b=ogfKDaZcNcVVZg1xkuJslm296SM9n2gBKN1wHI/naCZxqxG/8lr68dtCx1+SJw5z7YvXqC YF7sB2mj3pKSv8eAf+3G7PHD+tH54LU25ubEvhtE2QSF99+T/7W9/BdK+jKdtXMC9SIdzx 8T7yNjZYYlKn/+/38c7xrlPSaIR0zJh35V37TKacYVyjrmQzOcS/Ot7crMw3npvrLQ50P3 nBW5zybDx60Z8un6lDvTC7bbJj/vuRaXTIIPD40nZjJ4lp5DoQCIGflgJe2FHeJ2Xzi1W/ zmARQEdUD4zPh+mLBKxMG6NPiit+TxL00By0bML9FrjHwozV5p6xfnwBRJ/aeg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032754; a=rsa-sha256; cv=none; b=OfnzWtJQoZxK07FIoBPFK1COWk6cmlYsCcjxMcOecDvJGX1GNk/jXytFoRgusXdTwmaBmt JcrPTTY7g4CAPFGr3vuwyRS/qXRTQ7KQg90nMG1vHMX59GP6XKLrvhwNTFYtQ5AZEzNkXu 7FUk5LMC0XbS5bqiL8yvGITZFI5vjHO1uXtWabZjyJRn2A0/VZJRKoEHG1k6bKIrOHY5+m 3rFRRs9WGKPRRCVUURaDvD5U5OVlYQnGCo+A9TsOO2a/LLtUbnm8yRabRYewhnz7Vld9Sx zige4m70GpT24hKpvJy33pMcBCK495to790G42XM1cRc+FHq1a5vHwf0vU4jJg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032754; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=NAI/gn8QQrYuuJ53Yfm/Zim/Tu4QTeJT0puygfZ6wug=; b=oFwqZ9H4pHLIH8NE0hzkm3zk2HRhcCNYuXFwv4pZb8LMWVFqZlWzQtnmX6Nk7J6lKwFHB/ lkthXcCc/dK+RFiVstDBznYtSjZ5GQ72t6cLdb/75UcGELIzuPuKk1B/xODmyBQSEtj3HB qmUhfaKz+XBliVuxBMxBVMv7KYKOr4+cpgB2h6zOkDMCV2N9u4J4ByYJYaeQfoTBZs0Mru t8Ffx/MbiTTQdT92QmECplwa2bCKze5LVPmn6PlQhiO2z9lvfIE0M3DqDz6jByhIQ6l+2y fiAz0iT22AvKXFD5vQukNReqVNgkfOqV2yAspXUHt1p+FKBGHFLrz8BBX2ZPDA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxt3DCrzntN for ; Tue, 09 Jun 2026 19:19:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3dab0 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:14 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav From: Mark Johnston Subject: git: 857abc12945a - releng/14.4 - unbound: Apply upstream patches List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: 857abc12945a8f31fd445eab92a7c08a7f61479d Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:14 +0000 Message-Id: <6a286732.3dab0.6723e2ba@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=857abc12945a8f31fd445eab92a7c08a7f61479d commit 857abc12945a8f31fd445eab92a7c08a7f61479d Author: Dag-Erling Smørgrav AuthorDate: 2026-05-29 22:21:50 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 13:21:34 +0000 unbound: Apply upstream patches - Use the same EDE removal logic when encoding errors as when encoding replies. - Fix CVE-2026-33278, Possible remote code execution during DNSSEC validation. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-42944, Heap overflow and crash with multiple nsid, cookie, padding EDNS options. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-42959, Crash during DNSSEC validation of malicious content. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-32792, Packet of death with DNSCrypt. Thanks to Andrew Griffiths from 'calif.io' for the report. - Fix CVE-2026-40622, "Ghost domain name" variant. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-41292, Parsing a long list of incoming EDNS options degrades performance. Thanks to GitHub user 'N0zoM1z0', also Qifan Zhang from Palo Alto Networks, for the report. - Fix CVE-2026-42534, Jostle logic bypass degrades resolution performance. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-42923, Degradation of service with unbounded NSEC3 hash calculations. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-42960, Possible cache poisoning attack while following delegation. Thanks to TaoFei Guo from Peking University, Yang Luo and JianJun Chen, Tsinghua University, for the report. - Fix CVE-2026-44390, Unbounded name compression in certain cases causes degradation of service. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-44608, Use after free and crash in RPZ code. Thanks to Qifan Zhang, Palo Alto Networks, for the report. Approved by: so Security: FreeBSD-SA-26:33.unbound Security: CVE-2026-33278 Security: CVE-2026-42944 Security: CVE-2026-42959 Security: CVE-2026-32792 Security: CVE-2026-40622 Security: CVE-2026-41292 Security: CVE-2026-42534 Security: CVE-2026-42923 Security: CVE-2026-42960 Security: CVE-2026-44390 Security: CVE-2026-44608 --- contrib/unbound/dnscrypt/dnscrypt.c | 2 +- contrib/unbound/iterator/iter_scrub.c | 8 +++- contrib/unbound/services/cache/dns.c | 8 +++- contrib/unbound/services/cache/rrset.c | 10 +++++ contrib/unbound/services/mesh.c | 14 +++++-- contrib/unbound/services/mesh.h | 6 +++ contrib/unbound/services/rpz.c | 10 +++-- contrib/unbound/util/data/msgencode.c | 54 ++++++++++++++++-------- contrib/unbound/util/data/msgencode.h | 4 +- contrib/unbound/util/data/msgparse.c | 19 ++++++--- contrib/unbound/util/data/msgparse.h | 4 ++ contrib/unbound/validator/val_neg.c | 28 ++++++++++++- contrib/unbound/validator/val_nsec3.c | 76 +++++++++++++++++++++++++++++++--- contrib/unbound/validator/val_nsec3.h | 6 +++ contrib/unbound/validator/val_utils.c | 4 +- 15 files changed, 209 insertions(+), 44 deletions(-) diff --git a/contrib/unbound/dnscrypt/dnscrypt.c b/contrib/unbound/dnscrypt/dnscrypt.c index 4902447fda01..173484cdf0b1 100644 --- a/contrib/unbound/dnscrypt/dnscrypt.c +++ b/contrib/unbound/dnscrypt/dnscrypt.c @@ -361,7 +361,7 @@ dnscrypt_server_uncurve(struct dnsc_env* env, len -= DNSCRYPT_QUERY_HEADER_SIZE; - while (*sldns_buffer_at(buffer, --len) == 0) + while (len>0 && *sldns_buffer_at(buffer, --len) == 0) ; if (*sldns_buffer_at(buffer, len) != 0x80) { diff --git a/contrib/unbound/iterator/iter_scrub.c b/contrib/unbound/iterator/iter_scrub.c index 8507a3fb65ac..852705db3ee9 100644 --- a/contrib/unbound/iterator/iter_scrub.c +++ b/contrib/unbound/iterator/iter_scrub.c @@ -725,7 +725,13 @@ scrub_normalize(sldns_buffer* pkt, struct msg_parse* msg, rrset->rrset_all_next = NULL; return 1; } - mark_additional_rrset(pkt, msg, rrset); + /* Only mark glue as allowed for type NS in the authority + * section. Other RR types do not get glue for them, it + * is allowed from the answer section, but not authority + * so that a message can not have address records cached + * as a side effect to the query. */ + if(rrset->type==LDNS_RR_TYPE_NS) + mark_additional_rrset(pkt, msg, rrset); prev = rrset; rrset = rrset->rrset_all_next; } diff --git a/contrib/unbound/services/cache/dns.c b/contrib/unbound/services/cache/dns.c index 351b3568c80b..8dae2ffcca90 100644 --- a/contrib/unbound/services/cache/dns.c +++ b/contrib/unbound/services/cache/dns.c @@ -675,10 +675,16 @@ struct dns_msg* dns_msg_deepcopy_region(struct dns_msg* origin, struct regional* region) { size_t i; + struct ub_packed_rrset_key** saved_rrsets; struct dns_msg* res = NULL; + size_t rep_alloc_size = sizeof(struct reply_info) + - sizeof(struct rrset_ref); /* this is the size of res->rep + allocated in gen_dns_msg() */ res = gen_dns_msg(region, &origin->qinfo, origin->rep->rrset_count); if(!res) return NULL; - *res->rep = *origin->rep; + saved_rrsets = res->rep->rrsets; /* save rrsets alloc by gen_dns_msg */ + memcpy(res->rep, origin->rep, rep_alloc_size); + res->rep->rrsets = saved_rrsets; if(origin->rep->reason_bogus_str) { res->rep->reason_bogus_str = regional_strdup(region, origin->rep->reason_bogus_str); diff --git a/contrib/unbound/services/cache/rrset.c b/contrib/unbound/services/cache/rrset.c index 6d5c24f8053e..81f4e2820edd 100644 --- a/contrib/unbound/services/cache/rrset.c +++ b/contrib/unbound/services/cache/rrset.c @@ -149,6 +149,16 @@ need_to_update_rrset(void* nd, void* cd, time_t timenow, int equal, int ns) if(equal && cached->ttl >= timenow && cached->security == sec_status_bogus) return 0; + /* ghost-domain: never let an NS overwrite extend lifetime + * past the entry it replaces, regardless of trust. */ + if(ns && !TTL_IS_EXPIRED(cached->ttl, timenow) && + newd->ttl > cached->ttl) { + size_t i; + newd->ttl = cached->ttl; + for(i=0; i<(newd->count+newd->rrsig_count); i++) + if(newd->rr_ttl[i] > newd->ttl) + newd->rr_ttl[i] = newd->ttl; + } return 1; } /* o item in cache has expired */ diff --git a/contrib/unbound/services/mesh.c b/contrib/unbound/services/mesh.c index 3212a6abf4c6..23499dcef960 100644 --- a/contrib/unbound/services/mesh.c +++ b/contrib/unbound/services/mesh.c @@ -296,12 +296,14 @@ int mesh_make_new_space(struct mesh_area* mesh, sldns_buffer* qbuf) if(mesh->num_reply_states < mesh->max_reply_states) return 1; /* try to kick out a jostle-list item */ - if(m && m->reply_list && m->list_select == mesh_jostle_list) { + if(m && m->list_select == mesh_jostle_list) { /* how old is it? */ struct timeval age; - timeval_subtract(&age, mesh->env->now_tv, - &m->reply_list->start_time); - if(timeval_smaller(&mesh->jostle_max, &age)) { + if(m->has_first_reply_time) + timeval_subtract(&age, mesh->env->now_tv, + &m->first_reply_time); + if(!m->has_first_reply_time || + timeval_smaller(&mesh->jostle_max, &age)) { /* its a goner */ log_nametypeclass(VERB_ALGO, "query jostled out to " "make space for a new one", @@ -1960,6 +1962,10 @@ int mesh_state_add_reply(struct mesh_state* s, struct edns_data* edns, r->qid = qid; r->qflags = qflags; r->start_time = *s->s.env->now_tv; + if(s->reply_list == NULL && !s->has_first_reply_time) { + s->first_reply_time = r->start_time; + s->has_first_reply_time = 1; + } r->next = s->reply_list; r->qname = regional_alloc_init(s->s.region, qinfo->qname, s->s.qinfo.qname_len); diff --git a/contrib/unbound/services/mesh.h b/contrib/unbound/services/mesh.h index f19f423a8cd3..a61f90993177 100644 --- a/contrib/unbound/services/mesh.h +++ b/contrib/unbound/services/mesh.h @@ -189,6 +189,12 @@ struct mesh_state { struct module_qstate s; /** the list of replies to clients for the results */ struct mesh_reply* reply_list; + /** if it has a first reply time */ + int has_first_reply_time; + /** wall-clock time the first client reply was attached; + * used by mesh_make_new_space() so duplicate retransmits + * cannot reset jostle aging. */ + struct timeval first_reply_time; /** the list of callbacks for the results */ struct mesh_cb* cb_list; /** set of superstates (that want this state's result) diff --git a/contrib/unbound/services/rpz.c b/contrib/unbound/services/rpz.c index f45cf65420d7..27f7de861eac 100644 --- a/contrib/unbound/services/rpz.c +++ b/contrib/unbound/services/rpz.c @@ -2468,6 +2468,7 @@ rpz_callback_from_iterator_module(struct module_qstate* ms, struct iter_qstate* { struct auth_zones* az; struct auth_zone* a; + struct dns_msg* ret = NULL; struct clientip_synthesized_rr* raddr = NULL; struct rpz* r = NULL; struct local_zone* z = NULL; @@ -2511,13 +2512,11 @@ rpz_callback_from_iterator_module(struct module_qstate* ms, struct iter_qstate* z = rpz_delegation_point_zone_lookup(is->dp, r->nsdname_zones, is->qchase.qclass, &match); if(z != NULL) { - lock_rw_unlock(&a->lock); break; } raddr = rpz_delegation_point_ipbased_trigger_lookup(r, is); if(raddr != NULL) { - lock_rw_unlock(&a->lock); break; } lock_rw_unlock(&a->lock); @@ -2532,9 +2531,12 @@ rpz_callback_from_iterator_module(struct module_qstate* ms, struct iter_qstate* if(z) { lock_rw_unlock(&z->lock); } - return rpz_apply_nsip_trigger(ms, &is->qchase, r, raddr, a); + ret = rpz_apply_nsip_trigger(ms, &is->qchase, r, raddr, a); + } else { + ret = rpz_apply_nsdname_trigger(ms, &is->qchase, r, z, &match, a); } - return rpz_apply_nsdname_trigger(ms, &is->qchase, r, z, &match, a); + lock_rw_unlock(&a->lock); + return ret; } struct dns_msg* rpz_callback_from_iterator_cname(struct module_qstate* ms, diff --git a/contrib/unbound/util/data/msgencode.c b/contrib/unbound/util/data/msgencode.c index 84aa3b9e75ae..f84c491b1c9f 100644 --- a/contrib/unbound/util/data/msgencode.c +++ b/contrib/unbound/util/data/msgencode.c @@ -352,7 +352,6 @@ compress_any_dname(uint8_t* dname, sldns_buffer* pkt, int labs, (p = compress_tree_lookup(tree, dname, labs, &insertpt))) { if(!write_compressed_dname(pkt, dname, labs, p)) return RETVAL_TRUNC; - (*compress_count)++; } else { if(!dname_buffer_write(pkt, dname)) return RETVAL_TRUNC; @@ -360,6 +359,7 @@ compress_any_dname(uint8_t* dname, sldns_buffer* pkt, int labs, if(*compress_count < MAX_COMPRESSION_PER_MESSAGE && !compress_tree_store(dname, labs, pos, region, p, insertpt)) return RETVAL_OUTMEM; + (*compress_count)++; return RETVAL_OK; } @@ -804,7 +804,7 @@ reply_info_encode(struct query_info* qinfo, struct reply_info* rep, return 1; } -uint16_t +size_t calc_edns_field_size(struct edns_data* edns) { size_t rdatalen = 0; @@ -840,7 +840,7 @@ calc_edns_option_size(struct edns_data* edns, uint16_t code) } uint16_t -calc_ede_option_size(struct edns_data* edns, uint16_t* txt_size) +calc_ede_option_size(struct edns_data* edns, size_t* txt_size) { size_t rdatalen = 0; struct edns_option* opt; @@ -942,6 +942,10 @@ attach_edns_record_max_msg_sz(sldns_buffer* pkt, struct edns_data* edns, padding_option = opt; continue; } + if(sldns_buffer_position(pkt) + opt->opt_len + 4 > max_msg_sz) + break; /* no space for it */ + if(!sldns_buffer_available(pkt, 4 + opt->opt_len)) + break; sldns_buffer_write_u16(pkt, opt->opt_code); sldns_buffer_write_u16(pkt, opt->opt_len); if(opt->opt_len != 0) @@ -952,12 +956,18 @@ attach_edns_record_max_msg_sz(sldns_buffer* pkt, struct edns_data* edns, padding_option = opt; continue; } + if(sldns_buffer_position(pkt) + opt->opt_len + 4 > max_msg_sz) + break; /* no space for it */ + if(!sldns_buffer_available(pkt, 4 + opt->opt_len)) + break; sldns_buffer_write_u16(pkt, opt->opt_code); sldns_buffer_write_u16(pkt, opt->opt_len); if(opt->opt_len != 0) sldns_buffer_write(pkt, opt->opt_data, opt->opt_len); } - if (padding_option && edns->padding_block_size ) { + if (padding_option && edns->padding_block_size && + sldns_buffer_position(pkt)+4 <= max_msg_sz && + sldns_buffer_available(pkt, 4) /* if there is space for it */) { size_t pad_pos = sldns_buffer_position(pkt); size_t msg_sz = ((pad_pos + 3) / edns->padding_block_size + 1) * edns->padding_block_size; @@ -1001,7 +1011,7 @@ reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, { uint16_t flags; unsigned int attach_edns = 0; - uint16_t edns_field_size, ede_size, ede_txt_size; + size_t edns_field_size, ede_size, ede_txt_size; if(!cached || rep->authoritative) { /* original flags, copy RD and CD bits from query. */ @@ -1028,12 +1038,12 @@ reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, * calculate sizes once here */ edns_field_size = calc_edns_field_size(edns); ede_size = calc_ede_option_size(edns, &ede_txt_size); - if(sldns_buffer_capacity(pkt) < udpsize) + if(sldns_buffer_capacity(pkt) < (size_t)udpsize) udpsize = sldns_buffer_capacity(pkt); if(!edns || !edns->edns_present) { attach_edns = 0; /* EDEs are optional, try to fit anything else before them */ - } else if(udpsize < LDNS_HEADER_SIZE + edns_field_size - ede_size) { + } else if((size_t)udpsize < (size_t)LDNS_HEADER_SIZE + edns_field_size - ede_size) { /* packet too small to contain edns, omit it. */ attach_edns = 0; } else { @@ -1047,13 +1057,13 @@ reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, return 0; } if(attach_edns) { - if(udpsize >= sldns_buffer_limit(pkt) + edns_field_size) + if((size_t)udpsize >= sldns_buffer_limit(pkt) + edns_field_size) attach_edns_record_max_msg_sz(pkt, edns, udpsize); - else if(udpsize >= sldns_buffer_limit(pkt) + edns_field_size - ede_txt_size) { + else if((size_t)udpsize >= sldns_buffer_limit(pkt) + edns_field_size - ede_txt_size) { ede_trim_text(&edns->opt_list_inplace_cb_out); ede_trim_text(&edns->opt_list_out); attach_edns_record_max_msg_sz(pkt, edns, udpsize); - } else if(udpsize >= sldns_buffer_limit(pkt) + edns_field_size - ede_size) { + } else if((size_t)udpsize >= sldns_buffer_limit(pkt) + edns_field_size - ede_size) { edns_opt_list_remove(&edns->opt_list_inplace_cb_out, LDNS_EDNS_EDE); edns_opt_list_remove(&edns->opt_list_out, LDNS_EDNS_EDE); attach_edns_record_max_msg_sz(pkt, edns, udpsize); @@ -1115,22 +1125,30 @@ extended_error_encode(sldns_buffer* buf, uint16_t rcode, sldns_buffer_write_u16(buf, qinfo->qclass); } sldns_buffer_flip(buf); - if(edns) { + if(edns && edns->edns_present) { + size_t edns_field_size, ede_size, ede_txt_size; struct edns_data es = *edns; es.edns_version = EDNS_ADVERTISED_VERSION; es.udp_size = EDNS_ADVERTISED_SIZE; es.ext_rcode = (uint8_t)(rcode >> 4); es.bits &= EDNS_DO; - if(sldns_buffer_limit(buf) + calc_edns_field_size(&es) > - edns->udp_size) { + /* EDEs are optional. If space is a concern try in order: + * - removing any EXTRA-TEXT fields from explicit EDEs, or + * - removing all EDEs, + * to see if EDNS can fit. */ + edns_field_size = calc_edns_field_size(&es); + ede_size = calc_ede_option_size(&es, &ede_txt_size); + if((size_t)edns->udp_size >= sldns_buffer_limit(buf) + edns_field_size) + attach_edns_record_max_msg_sz(buf, &es, edns->udp_size); + else if((size_t)edns->udp_size >= sldns_buffer_limit(buf) + edns_field_size - ede_txt_size) { + ede_trim_text(&es.opt_list_inplace_cb_out); + ede_trim_text(&es.opt_list_out); + attach_edns_record_max_msg_sz(buf, &es, edns->udp_size); + } else if((size_t)edns->udp_size >= sldns_buffer_limit(buf) + edns_field_size - ede_size) { edns_opt_list_remove(&es.opt_list_inplace_cb_out, LDNS_EDNS_EDE); edns_opt_list_remove(&es.opt_list_out, LDNS_EDNS_EDE); - if(sldns_buffer_limit(buf) + calc_edns_field_size(&es) > - edns->udp_size) { - return; - } + attach_edns_record_max_msg_sz(buf, &es, edns->udp_size); } - attach_edns_record(buf, &es); } } diff --git a/contrib/unbound/util/data/msgencode.h b/contrib/unbound/util/data/msgencode.h index 08fcb59b8e36..64569555dc59 100644 --- a/contrib/unbound/util/data/msgencode.h +++ b/contrib/unbound/util/data/msgencode.h @@ -106,7 +106,7 @@ void qinfo_query_encode(struct sldns_buffer* pkt, struct query_info* qinfo); * @param edns: edns data or NULL. * @return octets to reserve for EDNS. */ -uint16_t calc_edns_field_size(struct edns_data* edns); +size_t calc_edns_field_size(struct edns_data* edns); /** * Calculate the size of a specific EDNS option in packet. @@ -127,7 +127,7 @@ uint16_t calc_edns_option_size(struct edns_data* edns, uint16_t code); * extra text. * @return octets the option will take up. */ -uint16_t calc_ede_option_size(struct edns_data* edns, uint16_t* txt_size); +uint16_t calc_ede_option_size(struct edns_data* edns, size_t* txt_size); /** * Attach EDNS record to buffer. Buffer has complete packet. There must diff --git a/contrib/unbound/util/data/msgparse.c b/contrib/unbound/util/data/msgparse.c index 6963d850171e..169709b7e3c0 100644 --- a/contrib/unbound/util/data/msgparse.c +++ b/contrib/unbound/util/data/msgparse.c @@ -53,6 +53,8 @@ #include "sldns/parseutil.h" #include "sldns/wire2str.h" +#define MAX_PARSED_EDNS_OPTIONS 100 + /** smart comparison of (compressed, valid) dnames from packet */ static int smart_compare(sldns_buffer* pkt, uint8_t* dnow, @@ -950,6 +952,7 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, struct comm_reply* repinfo, uint32_t now, struct regional* region, struct cookie_secrets* cookie_secrets) { + int i = 0, nsid_seen = 0, cookie_seen = 0, padding_seen = 0; /* To respond with a Keepalive option, the client connection must have * received one message with a TCP Keepalive EDNS option, and that * option must have 0 length data. Subsequent messages sent on that @@ -969,7 +972,7 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, /* while still more options, and have code+len to read */ /* ignores partial content (i.e. rdata len 3) */ - while(rdata_len >= 4) { + while(rdata_len >= 4 && i < MAX_PARSED_EDNS_OPTIONS) { uint16_t opt_code = sldns_read_uint16(rdata_ptr); uint16_t opt_len = sldns_read_uint16(rdata_ptr+2); uint8_t server_cookie[40]; @@ -984,8 +987,9 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, /* handle parse time edns options here */ switch(opt_code) { case LDNS_EDNS_NSID: - if (!cfg || !cfg->nsid) + if (!cfg || !cfg->nsid || nsid_seen) break; + nsid_seen = 1; if(!edns_opt_list_append(&edns->opt_list_out, LDNS_EDNS_NSID, cfg->nsid_len, cfg->nsid, region)) { @@ -1027,8 +1031,9 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, case LDNS_EDNS_PADDING: if(!cfg || !cfg->pad_responses || - !c || c->type != comm_tcp ||!c->ssl) + !c || c->type != comm_tcp ||!c->ssl || padding_seen) break; + padding_seen = 1; if(!edns_opt_list_append(&edns->opt_list_out, LDNS_EDNS_PADDING, 0, NULL, region)) { @@ -1039,8 +1044,9 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, break; case LDNS_EDNS_COOKIE: - if(!cfg || !cfg->do_answer_cookie || !repinfo) + if(!cfg || !cfg->do_answer_cookie || !repinfo || cookie_seen) break; + cookie_seen = 1; if(opt_len != 8 && (opt_len < 16 || opt_len > 40)) { verbose(VERB_ALGO, "worker request: " "badly formatted cookie"); @@ -1146,6 +1152,7 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, } rdata_ptr += opt_len; rdata_len -= opt_len; + i++; } return LDNS_RCODE_NOERROR; } @@ -1160,6 +1167,7 @@ parse_extract_edns_from_response_msg(struct msg_parse* msg, struct rrset_parse* found_prev = 0; size_t rdata_len; uint8_t* rdata_ptr; + int i = 0; /* since the class encodes the UDP size, we cannot use hash table to * find the EDNS OPT record. Scan the packet. */ while(rrset) { @@ -1219,7 +1227,7 @@ parse_extract_edns_from_response_msg(struct msg_parse* msg, /* while still more options, and have code+len to read */ /* ignores partial content (i.e. rdata len 3) */ - while(rdata_len >= 4) { + while(rdata_len >= 4 && i < MAX_PARSED_EDNS_OPTIONS) { uint16_t opt_code = sldns_read_uint16(rdata_ptr); uint16_t opt_len = sldns_read_uint16(rdata_ptr+2); rdata_ptr += 4; @@ -1234,6 +1242,7 @@ parse_extract_edns_from_response_msg(struct msg_parse* msg, } rdata_ptr += opt_len; rdata_len -= opt_len; + i++; } /* ignore rrsigs */ return LDNS_RCODE_NOERROR; diff --git a/contrib/unbound/util/data/msgparse.h b/contrib/unbound/util/data/msgparse.h index 7de4e394f2ae..d6e459d330ce 100644 --- a/contrib/unbound/util/data/msgparse.h +++ b/contrib/unbound/util/data/msgparse.h @@ -98,6 +98,10 @@ extern time_t SERVE_EXPIRED_REPLY_TTL; /** If we serve the original TTL or decrementing TTLs */ extern int SERVE_ORIGINAL_TTL; +/** Check if TTL is expired. 0 TTL is considered expired. + * Used mainly to identify parts of the code that do this comparison. */ +#define TTL_IS_EXPIRED(ttl, now) ((ttl) <= (now)) + /** * Data stored in scratch pad memory during parsing. * Stores the data that will enter into the msgreply and packet result. diff --git a/contrib/unbound/validator/val_neg.c b/contrib/unbound/validator/val_neg.c index bc3a83aeb4c9..0f2751121326 100644 --- a/contrib/unbound/validator/val_neg.c +++ b/contrib/unbound/validator/val_neg.c @@ -62,6 +62,13 @@ #include "sldns/rrdef.h" #include "sldns/sbuffer.h" +/** + * The maximum salt length that the negative cache is willing to use. + * Larger salt increases the computation time, while recommendations are + * for zero salt length for zones. + */ +#define MAX_SALT_LENGTH 64 + int val_neg_data_compare(const void* a, const void* b) { struct val_neg_data* x = (struct val_neg_data*)a; @@ -826,7 +833,11 @@ void neg_insert_data(struct val_neg_cache* neg, (slen != 0 && zone->nsec3_salt && s && memcmp(zone->nsec3_salt, s, slen) != 0))) { - if(slen > 0) { + if(slen > MAX_SALT_LENGTH) { + /* RFC 9276 s3.1: operators SHOULD NOT use a salt; large + * salts inflate per-hash block count. Decline to cache. */ + return; + } else if(slen > 0) { uint8_t* sa = memdup(s, slen); if(sa) { free(zone->nsec3_salt); @@ -1169,6 +1180,15 @@ neg_find_nsec3_ce(struct val_neg_zone* zone, uint8_t* qname, size_t qname_len, uint8_t hashce[NSEC3_SHA_LEN]; uint8_t b32[257]; size_t celen, b32len; + int hashmax = MAX_NSEC3_CALCULATIONS; + if(qlabs > hashmax) { + /* strip leading labels so the walk costs at most + * MAX_NSEC3_CALCULATIONS hashes, mirroring val_nsec3.c */ + while(qlabs > hashmax) { + dname_remove_label(&qname, &qname_len); + qlabs--; + } + } *nclen = 0; while(qlabs > 0) { @@ -1269,6 +1289,12 @@ neg_nsec3_proof_ds(struct val_neg_zone* zone, uint8_t* qname, size_t qname_len, if(!zone->nsec3_hash) return NULL; /* not nsec3 zone */ + if(!topname && qlabs > zone->labs + 1) + return NULL; /* iterator caller; opt-out proof would be discarded + * at the !topname check below anyway. + * The qlabs check allows the exact-match for + * the one-label-below-zone case. */ + if(!(data=neg_find_nsec3_ce(zone, qname, qname_len, qlabs, buf, hashnc, &nclen))) { return NULL; diff --git a/contrib/unbound/validator/val_nsec3.c b/contrib/unbound/validator/val_nsec3.c index 998fcc4e38ee..62effde2093f 100644 --- a/contrib/unbound/validator/val_nsec3.c +++ b/contrib/unbound/validator/val_nsec3.c @@ -59,11 +59,6 @@ #include "sldns/sbuffer.h" #include "util/config_file.h" -/** - * Max number of NSEC3 calculations at once, suspend query for later. - * 8 is low enough and allows for cases where multiple proofs are needed. - */ -#define MAX_NSEC3_CALCULATIONS 8 /** * When all allowed NSEC3 calculations at once resulted in error treat as * bogus. NSEC3 hash errors are not cached and this helps breaks loops with @@ -456,6 +451,67 @@ filter_init(struct nsec3_filter* filter, struct ub_packed_rrset_key** list, } } +/** Check if the NSEC3s have the same parameter set. */ +static int +param_set_same(struct nsec3_filter* flt, char** reason) +{ + size_t rrsetnum; + int rrnum; + struct ub_packed_rrset_key* rrset; + int have_params = 0; + int first_algo = 0; + size_t first_iter = 0; + uint8_t* first_salt = NULL; + size_t first_saltlen = 0; + + /* If the NSEC3 parameter sets have distinct values, then they are + * from different NSEC3 chains, and we do not want that. */ + for(rrset=filter_first(flt, &rrsetnum, &rrnum); rrset; + rrset=filter_next(flt, &rrsetnum, &rrnum)) { + if(!have_params) { + first_algo = nsec3_get_algo(rrset, rrnum); + first_iter = nsec3_get_iter(rrset, rrnum); + if(!nsec3_get_salt(rrset, rrnum, &first_salt, + &first_saltlen)) { + verbose(VERB_ALGO, "NSEC3 salt malformed"); + if(reason) + *reason = "NSEC3 salt malformed"; + return 0; + } + have_params = 1; + } else { + uint8_t* salt = NULL; + size_t saltlen = 0; + if(nsec3_get_algo(rrset, rrnum) != first_algo) { + verbose(VERB_ALGO, "NSEC3 algorithm mismatch"); + if(reason) + *reason = "NSEC3 algorithm mismatch"; + return 0; + } + if(nsec3_get_iter(rrset, rrnum) != first_iter) { + verbose(VERB_ALGO, "NSEC3 iterations mismatch"); + if(reason) + *reason = "NSEC3 iterations mismatch"; + return 0; + } + if(!nsec3_get_salt(rrset, rrnum, &salt, &saltlen)) { + verbose(VERB_ALGO, "NSEC3 salt malformed"); + if(reason) + *reason = "NSEC3 salt malformed"; + return 0; + } + if(saltlen != first_saltlen || + memcmp(salt, first_salt, saltlen) != 0) { + verbose(VERB_ALGO, "NSEC3 salt mismatch"); + if(reason) + *reason = "NSEC3 salt mismatch"; + return 0; + } + } + } + return 1; +} + /** * Find max iteration count using config settings and key size * @param ve: validator environment with iteration count config settings. @@ -1192,6 +1248,8 @@ nsec3_prove_nameerror(struct module_env* env, struct val_env* ve, filter_init(&flt, list, num, qinfo); /* init RR iterator */ if(!flt.zone) return sec_status_bogus; /* no RRs */ + if(!param_set_same(&flt, NULL)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ log_nametypeclass(VERB_ALGO, "start nsec3 nameerror proof, zone", @@ -1378,6 +1436,8 @@ nsec3_prove_nodata(struct module_env* env, struct val_env* ve, filter_init(&flt, list, num, qinfo); /* init RR iterator */ if(!flt.zone) return sec_status_bogus; /* no RRs */ + if(!param_set_same(&flt, NULL)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ return nsec3_do_prove_nodata(env, &flt, ct, qinfo, calc); @@ -1401,6 +1461,8 @@ nsec3_prove_wildcard(struct module_env* env, struct val_env* ve, filter_init(&flt, list, num, qinfo); /* init RR iterator */ if(!flt.zone) return sec_status_bogus; /* no RRs */ + if(!param_set_same(&flt, NULL)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ @@ -1503,6 +1565,8 @@ nsec3_prove_nods(struct module_env* env, struct val_env* ve, *reason = "no NSEC3 records"; return sec_status_bogus; /* no RRs */ } + if(!param_set_same(&flt, reason)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ @@ -1596,6 +1660,8 @@ nsec3_prove_nxornodata(struct module_env* env, struct val_env* ve, filter_init(&flt, list, num, qinfo); /* init RR iterator */ if(!flt.zone) return sec_status_bogus; /* no RRs */ + if(!param_set_same(&flt, NULL)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ diff --git a/contrib/unbound/validator/val_nsec3.h b/contrib/unbound/validator/val_nsec3.h index f668a270ff12..a13e92991106 100644 --- a/contrib/unbound/validator/val_nsec3.h +++ b/contrib/unbound/validator/val_nsec3.h @@ -98,6 +98,12 @@ struct sldns_buffer; /** The SHA1 hash algorithm for NSEC3 */ #define NSEC3_HASH_SHA1 0x01 +/** + * Max number of NSEC3 calculations at once, suspend query for later. + * 8 is low enough and allows for cases where multiple proofs are needed. + */ +#define MAX_NSEC3_CALCULATIONS 8 + /** * Cache table for NSEC3 hashes. * It keeps a *pointer* to the region its items are allocated. diff --git a/contrib/unbound/validator/val_utils.c b/contrib/unbound/validator/val_utils.c index 549264d76a1f..4495695ac853 100644 --- a/contrib/unbound/validator/val_utils.c +++ b/contrib/unbound/validator/val_utils.c @@ -1066,10 +1066,10 @@ val_fill_reply(struct reply_info* chase, struct reply_info* orig, if(query_dname_compare(name, orig->rrsets[i]->rk.dname) == 0) chase->rrsets[chase->an_numrrsets - +orig->ns_numrrsets+chase->ar_numrrsets++] + +chase->ns_numrrsets+chase->ar_numrrsets++] = orig->rrsets[i]; } else if(rrset_has_signer(orig->rrsets[i], name, len)) { - chase->rrsets[chase->an_numrrsets+orig->ns_numrrsets+ + chase->rrsets[chase->an_numrrsets+chase->ns_numrrsets+ chase->ar_numrrsets++] = orig->rrsets[i]; } } From nobody Tue Jun 9 19:19:16 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxw6QjPz6gVJn for ; Tue, 09 Jun 2026 19:19:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxw54pLz3PfD for ; Tue, 09 Jun 2026 19:19:16 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032756; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=7Kd21+qAX/xCriuvVxlO9vjZxntYomfLREv70LCWM4Y=; b=PjTaCZlCoQI9A/YvwUsYL+/E8zy3MDQDi3fKGAaglYIwPXp6/Js0VOLGI6yodvyUd07CXV QFQdRt/OEMcGnm4IhtV8tVTwssZWuGHhUFhk5bbG2gAlfqy8m0my1vUo3+1O2eTdy5fwdg FvzyEfZ6z7MolrcEWFLVc3JQSJxYHmkpw7P31Ny0x5sbvDYe3UpsPtJZCXWdIL2LAkmMqP 0rOeajRPaR79D1c0h6/91L68aF5DJe6x2oIMcwIq+wxD0jKhvqm2MkPh2bnjaiYRoz1KWY 30oQAIHOj39F+vWYNQI3Mfwk4l8YDZVsPR4uUfOqP6Pd/kxo0+4rN6uZiIribw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032756; a=rsa-sha256; cv=none; b=EdZJpmPvi7GxgnUg2vGVcUwe0s604PC/NzwVSOW0VyDBbaDED0ocDkKDwR8OFWugFYNy2b HoJky1UfUbPacP5AhcMCxI23NdH+Sy0ZUuAtefpNeS0m4cFXL1TxhoNLnrqwv0AlK1wStR jPKNf32amriwQjA96Jln1tBc5kReqcAoglA6NVXvtzVzl1uiiwh/zJf10eCrv85MHVugrV f9HJsQmg+LCX4IHFuAl7ntekOo+VpAzrY0UM0OIscSA5c1xH1pXtJP5g931IT1i8Etng2j vJUwKznTLrv6YOUrDvaffGln0pPP3V1GQ4tw3RkxG9D5B0WX5VWKdCslaiKOcA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032756; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=7Kd21+qAX/xCriuvVxlO9vjZxntYomfLREv70LCWM4Y=; b=n5uchtEiKgBjwlJCbcRg53yiXHCflqQ9I3nL3TF8ofJswnNJg7gfWfu9+XL69aRpsPGJUv ZIvc8w4cB7ATVo2bTYoZPK6QyMxsVZNY2csMu1ms4UQm7xZfG2CL4cySz8SEXeJqQESWVl 0Zt7P3J/elKJmuCmJ8Cxxxy/m9OcYq+S+09thHO/JRPf5T1j4pD0cw6gjduybKBL+FjeAu dkmaQZXZt3jcX1BszlHPvM/e1uPfcvu/3r5sGIhlZ3JC0y6tbmZgytvIjCTPhR2XW9MAFe X01rXmVt4JnvQV+XkyVeSJ7YTvv51HxVGS00kToDSiUZT+YnyeEtzt0z6lhfYA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxw42fdzp1V for ; Tue, 09 Jun 2026 19:19:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e841 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:16 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: 1929d9e173e5 - releng/14.4 - openssl: Fix multiple vulnerabilities List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: 1929d9e173e5c959be4343ddc68f75f28ac88e5c Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:16 +0000 Message-Id: <6a286734.3e841.7fa7fda7@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=1929d9e173e5c959be4343ddc68f75f28ac88e5c commit 1929d9e173e5c959be4343ddc68f75f28ac88e5c Author: Gordon Tetlow AuthorDate: 2026-06-07 03:24:17 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 13:21:34 +0000 openssl: Fix multiple vulnerabilities This is a rollup commit from upstream to fix: Reject oversized inputs in ASN1_mbstring_ncopy() cms: kek_unwrap_key: Fix out-of-bounds read in check-byte validation cms: kek_unwrap_key: test for fix out-of-bounds read in check-byte validation Avoid length truncation in ASN1_STRING_set Reject potentially forged encrypted CMS AuthEnvelopedData messages Fix potential NULL dereference processing CMS PasswordRecipientInfo Match the local q DHX parameter against the peer's q Apply the buffered IV on the AES-OCB EVP_Cipher() path Fix handling of empty-ciphertext messages in AES-GCM-SIV and AES-SIV Fix possible use-after-free in OpenSSL PKCS7_verify() Approved by: so Obtained from: OpenSSL Security: FreeBSD-SA-26:35.openssl Security: CVE-2026-7383 Security: CVE-2026-9076 Security: CVE-2026-34180 Security: CVE-2026-34182 Security: CVE-2026-42766 Security: CVE-2026-42770 Security: CVE-2026-45445 Security: CVE-2026-45446 Security: CVE-2026-45447 --- crypto/openssl/crypto/asn1/a_mbstr.c | 31 ++++++++++- crypto/openssl/crypto/asn1/tasn_dec.c | 24 +++++--- crypto/openssl/crypto/cms/cms_enc.c | 18 ++++-- crypto/openssl/crypto/cms/cms_env.c | 6 +- crypto/openssl/crypto/cms/cms_err.c | 4 +- crypto/openssl/crypto/cms/cms_local.h | 2 +- crypto/openssl/crypto/cms/cms_pwri.c | 15 ++++- crypto/openssl/crypto/err/openssl.txt | 3 +- crypto/openssl/crypto/pkcs7/pk7_smime.c | 9 +-- crypto/openssl/include/crypto/cmserr.h | 2 +- crypto/openssl/include/openssl/cmserr.h | 4 +- .../implementations/ciphers/cipher_aes_ocb.c | 13 +++++ .../implementations/ciphers/cipher_aes_siv.c | 3 + .../providers/implementations/exchange/dh_exch.c | 5 +- .../cms-msg/enveloped-content-type-for-aes-gcm.pem | 7 +++ crypto/openssl/test/cmsapitest.c | 54 +++++++++++++++++- crypto/openssl/test/evp_extra_test.c | 61 +++++++++++++++++++++ crypto/openssl/test/recipes/80-test_cms.t | 12 +++- crypto/openssl/test/recipes/80-test_cmsapi.t | 3 +- .../80-test_cmsapi_data/cms_pwri_kek_oob.der | Bin 0 -> 193 bytes 20 files changed, 239 insertions(+), 37 deletions(-) diff --git a/crypto/openssl/crypto/asn1/a_mbstr.c b/crypto/openssl/crypto/asn1/a_mbstr.c index 531e01d33257..9329e5795a9e 100644 --- a/crypto/openssl/crypto/asn1/a_mbstr.c +++ b/crypto/openssl/crypto/asn1/a_mbstr.c @@ -174,11 +174,27 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, break; case MBSTRING_BMP: + if (nchar > INT_MAX / 2) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 1; cpyfunc = cpy_bmp; break; case MBSTRING_UNIV: + if (nchar > INT_MAX / 4) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 2; cpyfunc = cpy_univ; break; @@ -186,8 +202,11 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_UTF8: outlen = 0; ret = traverse_string(in, len, inform, out_utf8, &outlen); - if (ret < 0) { - ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); + if (ret < 0) { /* error already raised in out_utf8() */ + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } return -1; } cpyfunc = cpy_utf8; @@ -271,9 +290,15 @@ static int out_utf8(unsigned long value, void *arg) int *outlen, len; len = UTF8_putc(NULL, -1, value); - if (len <= 0) + if (len <= 0) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); return len; + } outlen = arg; + if (*outlen > INT_MAX - len) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + return -1; + } *outlen += len; return 1; } diff --git a/crypto/openssl/crypto/asn1/tasn_dec.c b/crypto/openssl/crypto/asn1/tasn_dec.c index 9138ad381f7d..4cbc6275cc35 100644 --- a/crypto/openssl/crypto/asn1/tasn_dec.c +++ b/crypto/openssl/crypto/asn1/tasn_dec.c @@ -54,7 +54,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it); /* Table to convert tags to bit values, used for MSTRING type */ @@ -855,19 +855,24 @@ err: /* Translate ASN1 content octets into a structure */ -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it) { ASN1_VALUE **opval = NULL; ASN1_STRING *stmp; ASN1_TYPE *typ = NULL; int ret = 0; + int ilen = (int)len; const ASN1_PRIMITIVE_FUNCS *pf; ASN1_INTEGER **tint; pf = it->funcs; - if (pf && pf->prim_c2i) - return pf->prim_c2i(pval, cont, len, utype, free_cont, it); + if (pf && pf->prim_c2i) { + if (len == (long)ilen) + return pf->prim_c2i(pval, cont, ilen, utype, free_cont, it); + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + return 0; + } /* If ANY type clear type and set pointer to internal value */ if (it->utype == V_ASN1_ANY) { if (*pval == NULL) { @@ -885,7 +890,8 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, } switch (utype) { case V_ASN1_OBJECT: - if (!ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) + if (len != (long)ilen + || !ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, ilen)) goto err; break; @@ -940,6 +946,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_SET: case V_ASN1_SEQUENCE: default: + if (len != (long)ilen) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + goto err; + } if (utype == V_ASN1_BMPSTRING && (len & 1)) { ERR_raise(ERR_LIB_ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); goto err; @@ -964,10 +974,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, if (*free_cont) { OPENSSL_free(stmp->data); stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */ - stmp->length = len; + stmp->length = ilen; *free_cont = 0; } else { - if (!ASN1_STRING_set(stmp, cont, len)) { + if (!ASN1_STRING_set(stmp, cont, ilen)) { ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE); ASN1_STRING_free(stmp); *pval = NULL; diff --git a/crypto/openssl/crypto/cms/cms_enc.c b/crypto/openssl/crypto/cms/cms_enc.c index 8c1a15aeda71..367617576175 100644 --- a/crypto/openssl/crypto/cms/cms_enc.c +++ b/crypto/openssl/crypto/cms/cms_enc.c @@ -23,7 +23,7 @@ /* Return BIO based on EncryptedContentInfo and key */ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, - const CMS_CTX *cms_ctx) + const CMS_CTX *cms_ctx, int auth) { BIO *b; EVP_CIPHER_CTX *ctx; @@ -104,14 +104,20 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, goto err; } if ((EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)) { + if (!auth) { + ERR_raise(ERR_LIB_CMS, CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA); + goto err; + } piv = aparams.iv; - if (ec->taglen > 0 - && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, - ec->taglen, ec->tag) - <= 0) { + + if (ec->taglen < 4 || ec->taglen > 16 + || EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, (int)ec->taglen, ec->tag) <= 0) { ERR_raise(ERR_LIB_CMS, CMS_R_CIPHER_AEAD_SET_TAG_ERROR); goto err; } + } else if (auth) { + ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM); + goto err; } } len = EVP_CIPHER_CTX_get_key_length(ctx); @@ -263,5 +269,5 @@ BIO *ossl_cms_EncryptedData_init_bio(const CMS_ContentInfo *cms) if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs) enc->version = 2; return ossl_cms_EncryptedContent_init_bio(enc->encryptedContentInfo, - ossl_cms_get0_cmsctx(cms)); + ossl_cms_get0_cmsctx(cms), 0); } diff --git a/crypto/openssl/crypto/cms/cms_env.c b/crypto/openssl/crypto/cms/cms_env.c index 2326253b6743..d2eace4fef5d 100644 --- a/crypto/openssl/crypto/cms/cms_env.c +++ b/crypto/openssl/crypto/cms/cms_env.c @@ -1099,7 +1099,7 @@ static BIO *cms_EnvelopedData_Decryption_init_bio(CMS_ContentInfo *cms) { CMS_EncryptedContentInfo *ec = cms->d.envelopedData->encryptedContentInfo; BIO *contentBio = ossl_cms_EncryptedContent_init_bio(ec, - ossl_cms_get0_cmsctx(cms)); + ossl_cms_get0_cmsctx(cms), 0); EVP_CIPHER_CTX *ctx = NULL; if (contentBio == NULL) @@ -1137,7 +1137,7 @@ static BIO *cms_EnvelopedData_Encryption_init_bio(CMS_ContentInfo *cms) /* Get BIO first to set up key */ ec = env->encryptedContentInfo; - ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms)); + ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms), 0); /* If error end of processing */ if (!ret) @@ -1189,7 +1189,7 @@ BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms) ec->tag = aenv->mac->data; ec->taglen = aenv->mac->length; } - ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms)); + ret = ossl_cms_EncryptedContent_init_bio(ec, ossl_cms_get0_cmsctx(cms), 1); /* If error or no cipher end of processing */ if (ret == NULL || ec->cipher == NULL) diff --git a/crypto/openssl/crypto/cms/cms_err.c b/crypto/openssl/crypto/cms/cms_err.c index 37e52963e16d..bc922d0ee03d 100644 --- a/crypto/openssl/crypto/cms/cms_err.c +++ b/crypto/openssl/crypto/cms/cms_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -25,6 +25,8 @@ static const ERR_STRING_DATA CMS_str_reasons[] = { "certificate has no keyid" }, { ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error" }, + { ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA), + "cipher aead in enveloped data" }, { ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_AEAD_SET_TAG_ERROR), "cipher aead set tag error" }, { ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CIPHER_GET_TAG), "cipher get tag" }, diff --git a/crypto/openssl/crypto/cms/cms_local.h b/crypto/openssl/crypto/cms/cms_local.h index a92a67fa8b24..d80689f64d68 100644 --- a/crypto/openssl/crypto/cms/cms_local.h +++ b/crypto/openssl/crypto/cms/cms_local.h @@ -429,7 +429,7 @@ int ossl_cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert); int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert); BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, - const CMS_CTX *ctx); + const CMS_CTX *ctx, int auth); BIO *ossl_cms_EncryptedData_init_bio(const CMS_ContentInfo *cms); int ossl_cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, const EVP_CIPHER *cipher, diff --git a/crypto/openssl/crypto/cms/cms_pwri.c b/crypto/openssl/crypto/cms/cms_pwri.c index 46313f2bfe2c..8b0ea233fd6d 100644 --- a/crypto/openssl/crypto/cms/cms_pwri.c +++ b/crypto/openssl/crypto/cms/cms_pwri.c @@ -189,14 +189,18 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen, EVP_CIPHER_CTX *ctx) { - size_t blocklen = EVP_CIPHER_CTX_get_block_size(ctx); + int blocklen = EVP_CIPHER_CTX_get_block_size(ctx); unsigned char *tmp; int outl, rv = 0; - if (inlen < 2 * blocklen) { + + if (blocklen < 4) + return 0; + + if (inlen < 2 * (size_t)blocklen) { /* too small */ return 0; } - if (inlen % blocklen) { + if (inlen > INT_MAX || inlen % blocklen) { /* Invalid size */ return 0; } @@ -350,6 +354,11 @@ int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, /* Finish password based key derivation to setup key in "ctx" */ + if (algtmp == NULL) { + ERR_raise_data(ERR_LIB_CMS, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER, + "Missing KeyDerivationAlgorithm"); + goto err; + } if (!EVP_PBE_CipherInit_ex(algtmp->algorithm, (char *)pwri->pass, (int)pwri->passlen, algtmp->parameter, kekctx, en_de, diff --git a/crypto/openssl/crypto/err/openssl.txt b/crypto/openssl/crypto/err/openssl.txt index 756fafdfa24a..dc4e3f310f08 100644 --- a/crypto/openssl/crypto/err/openssl.txt +++ b/crypto/openssl/crypto/err/openssl.txt @@ -1,4 +1,4 @@ -# Copyright 1999-2025 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 1999-2026 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -284,6 +284,7 @@ CMS_R_ATTRIBUTE_ERROR:161:attribute error CMS_R_CERTIFICATE_ALREADY_PRESENT:175:certificate already present CMS_R_CERTIFICATE_HAS_NO_KEYID:160:certificate has no keyid CMS_R_CERTIFICATE_VERIFY_ERROR:100:certificate verify error +CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA:182:cipher aead in enveloped data CMS_R_CIPHER_AEAD_SET_TAG_ERROR:184:cipher aead set tag error CMS_R_CIPHER_GET_TAG:185:cipher get tag CMS_R_CIPHER_INITIALISATION_ERROR:101:cipher initialisation error diff --git a/crypto/openssl/crypto/pkcs7/pk7_smime.c b/crypto/openssl/crypto/pkcs7/pk7_smime.c index 001b96d31183..fadf543e9db7 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_smime.c +++ b/crypto/openssl/crypto/pkcs7/pk7_smime.c @@ -218,6 +218,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, int i, j = 0, k, ret = 0; BIO *p7bio = NULL; BIO *tmpin = NULL, *tmpout = NULL; + BIO *next = NULL; const PKCS7_CTX *p7_ctx; if (p7 == NULL) { @@ -366,11 +367,11 @@ err: BIO_free(tmpout); X509_STORE_CTX_free(cert_ctx); OPENSSL_free(buf); - if (tmpin == indata) { - if (indata) - BIO_pop(p7bio); + while (p7bio != NULL && p7bio != indata) { + next = BIO_pop(p7bio); + BIO_free(p7bio); + p7bio = next; } - BIO_free_all(p7bio); sk_X509_free(signers); return ret; } diff --git a/crypto/openssl/include/crypto/cmserr.h b/crypto/openssl/include/crypto/cmserr.h index f9fd933682e5..8b896822d091 100644 --- a/crypto/openssl/include/crypto/cmserr.h +++ b/crypto/openssl/include/crypto/cmserr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2020-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/openssl/include/openssl/cmserr.h b/crypto/openssl/include/openssl/cmserr.h index c584b90574e2..6c0baf2362fc 100644 --- a/crypto/openssl/include/openssl/cmserr.h +++ b/crypto/openssl/include/openssl/cmserr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2026 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -17,7 +17,6 @@ #include #ifndef OPENSSL_NO_CMS - /* * CMS reason codes. */ @@ -26,6 +25,7 @@ #define CMS_R_CERTIFICATE_ALREADY_PRESENT 175 #define CMS_R_CERTIFICATE_HAS_NO_KEYID 160 #define CMS_R_CERTIFICATE_VERIFY_ERROR 100 +#define CMS_R_CIPHER_AEAD_IN_ENVELOPED_DATA 182 #define CMS_R_CIPHER_AEAD_SET_TAG_ERROR 184 #define CMS_R_CIPHER_GET_TAG 185 #define CMS_R_CIPHER_INITIALISATION_ERROR 101 diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c index 8a8eddf36eec..70c0703ddb7c 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c @@ -516,6 +516,19 @@ static int aes_ocb_cipher(void *vctx, unsigned char *out, size_t *outl, return 0; } + /* + * Mirror the streaming handler: refuse if the key has not been set, + * and push the buffered IV into the OCB context before any data is + * processed. Without this, CRYPTO_ocb128_encrypt/decrypt runs with + * Offset_0 = 0 regardless of the caller's IV -- catastrophic + * (key, nonce) reuse, and a subsequent EVP_*Final_ex() emits a tag + * that is a function of (key, iv) only. + */ + if (!ctx->key_set || !update_iv(ctx)) { + ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); + return 0; + } + if (!aes_generic_ocb_cipher(ctx, in, out, inl)) { ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); return 0; diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c index 510c1581b593..c3facacfbcf4 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c @@ -203,6 +203,7 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; const OSSL_PARAM *p; unsigned int speed = 0; + SIV128_CONTEXT *sctx = &ctx->siv; if (params == NULL) return 1; @@ -237,6 +238,8 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (keylen != ctx->keylen) return 0; } + sctx->final_ret = -1; + return 1; } diff --git a/crypto/openssl/providers/implementations/exchange/dh_exch.c b/crypto/openssl/providers/implementations/exchange/dh_exch.c index bb2d355c8143..668602a5e523 100644 --- a/crypto/openssl/providers/implementations/exchange/dh_exch.c +++ b/crypto/openssl/providers/implementations/exchange/dh_exch.c @@ -113,12 +113,15 @@ static int dh_init(void *vpdhctx, void *vdh, const OSSL_PARAM params[]) static int dh_match_params(DH *priv, DH *peer) { int ret; + int ignore_q = 1; FFC_PARAMS *dhparams_priv = ossl_dh_get0_params(priv); FFC_PARAMS *dhparams_peer = ossl_dh_get0_params(peer); + if (dhparams_priv != NULL && dhparams_priv->q != NULL) + ignore_q = 0; ret = dhparams_priv != NULL && dhparams_peer != NULL - && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, 1); + && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, ignore_q); if (!ret) ERR_raise(ERR_LIB_PROV, PROV_R_MISMATCHING_DOMAIN_PARAMETERS); return ret; diff --git a/crypto/openssl/test/cms-msg/enveloped-content-type-for-aes-gcm.pem b/crypto/openssl/test/cms-msg/enveloped-content-type-for-aes-gcm.pem new file mode 100644 index 000000000000..b0610a7ec8a2 --- /dev/null +++ b/crypto/openssl/test/cms-msg/enveloped-content-type-for-aes-gcm.pem @@ -0,0 +1,7 @@ +-----BEGIN PKCS7----- +MIAGCSqGSIb3DQEHA6CAMIACAQIxNqI0AgEEMAgEBkMwRkVFMDALBglghkgBZQME +AQUEGPN0q9rM3neSiY7HIADpnqWym33mRZC4JDCABgkqhkiG9w0BBwEwHgYJYIZI +AWUDBAEGMBEEDIExQGiHZFSYa0ZBqQIBEKCABGNap+JL1B21Mq7ojKPzVuxtRkg3 +LWt8khnK1EzfmV7e64l5KnTdjq9+gfbwOfbuhTavfBI7VK/ZtpH3HII4fCOe37kV +mju8/YnYeRq2KcxESmJBySV/veMwxqmHGAw71JyHpg4AAAAAAAAAAAAA +-----END PKCS7----- diff --git a/crypto/openssl/test/cmsapitest.c b/crypto/openssl/test/cmsapitest.c index 7e74c5daf221..0a7e536bbe75 100644 --- a/crypto/openssl/test/cmsapitest.c +++ b/crypto/openssl/test/cmsapitest.c @@ -20,6 +20,7 @@ static X509 *cert = NULL; static EVP_PKEY *privkey = NULL; static char *derin = NULL; static char *too_long_iv_cms_in = NULL; +static char *pwri_kek_oob_der_in = NULL; static int test_encrypt_decrypt(const EVP_CIPHER *cipher) { @@ -45,6 +46,12 @@ static int test_encrypt_decrypt(const EVP_CIPHER *cipher) CMS_TEXT))) goto end; + if (!(EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) + && !TEST_ptr(contentbio = CMS_EnvelopedData_decrypt(content->d.envelopedData, + NULL, privkey, cert, NULL, + CMS_TEXT, NULL, NULL))) + goto end; + /* Check we got the message we first started with */ if (!TEST_int_eq(BIO_gets(outmsgbio, buf, sizeof(buf)), strlen(msg)) || !TEST_int_eq(strcmp(buf, msg), 0)) @@ -484,7 +491,48 @@ end: return ret; } -OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile\n") +/* + * CMS EnvelopedData with a single PasswordRecipientInfo using + * id-alg-PWRI-KEK and an AES-128-CFB key encryption cipher + * (1-byte effective block size). The encryptedKey OCTET STRING is + * only two bytes long, so the wrapped key buffer is shorter than + * the seven octets read by the check-byte test in kek_unwrap_key(). + * Prior to CVE-2026-9076 this triggered an out-of-bounds heap read; + * CMS_decrypt() must now fail cleanly. + */ +static int test_pwri_kek_unwrap_short_encrypted_key(void) +{ + BIO *in = NULL; + CMS_ContentInfo *cms = NULL; + unsigned long err = 0; + int ret = 0; + + if (!TEST_ptr(in = BIO_new_file(pwri_kek_oob_der_in, "rb")) + || !TEST_ptr(cms = d2i_CMS_bio(in, NULL))) + goto end; + + /* + * The unwrap is attempted eagerly inside CMS_decrypt_set1_password(). + * It must fail cleanly (no OOB read) and report CMS_R_UNWRAP_FAILURE. + */ + if (!TEST_false(CMS_decrypt_set1_password(cms, + (unsigned char *)"password", -1))) + goto end; + + err = ERR_peek_last_error(); + if (!TEST_int_eq(ERR_GET_LIB(err), ERR_LIB_CMS) + || !TEST_int_eq(ERR_GET_REASON(err), CMS_R_UNWRAP_FAILURE)) + goto end; + + ERR_clear_error(); + ret = 1; +end: + CMS_ContentInfo_free(cms); + BIO_free(in); + return ret; +} + +OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile tooLongIVpem pwriKekOobDer\n") int setup_tests(void) { @@ -499,7 +547,8 @@ int setup_tests(void) if (!TEST_ptr(certin = test_get_argument(0)) || !TEST_ptr(privkeyin = test_get_argument(1)) || !TEST_ptr(derin = test_get_argument(2)) - || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3))) + || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3)) + || !TEST_ptr(pwri_kek_oob_der_in = test_get_argument(4))) return 0; certbio = BIO_new_file(certin, "r"); @@ -535,6 +584,7 @@ int setup_tests(void) ADD_TEST(test_encrypted_data_aead); ADD_ALL_TESTS(test_d2i_CMS_decode, 2); ADD_TEST(test_cms_aesgcm_iv_too_long); + ADD_TEST(test_pwri_kek_unwrap_short_encrypted_key); return 1; } diff --git a/crypto/openssl/test/evp_extra_test.c b/crypto/openssl/test/evp_extra_test.c index 1b0f0711cb57..7bd41db115ca 100644 --- a/crypto/openssl/test/evp_extra_test.c +++ b/crypto/openssl/test/evp_extra_test.c @@ -5414,6 +5414,64 @@ static int test_aes_rc4_keylen_change_cve_2023_5363(void) } #endif +/* + * AES-SIV reuse-without-rekey: + * msg1: legit non-empty CT, tag verifies, final_ret=0 + * msg2: no reinit (or reinit with key=NULL), set forged tag, + * AAD only, DecryptFinal -> does stale final_ret leak through? + */ +static int test_aes_siv_ctx_reuse(void) +{ + unsigned char key[32] = { 7 }; /* AES-128-SIV => 2*16 */ + unsigned char pt[9] = "payload!"; + unsigned char ct[9], tagbuf[16], out[16], zero16[16] = { 0 }; + unsigned char aad[14] = "forged header"; + int outl, ret = 0; + EVP_CIPHER_CTX *e = NULL, *d = NULL; + EVP_CIPHER *c = EVP_CIPHER_fetch(NULL, "AES-128-SIV", NULL); + + if (c == NULL) { + return TEST_skip("AES-128-SIV cipher is not available"); + } + + /* produce a valid (ct,tag) for msg1 */ + e = EVP_CIPHER_CTX_new(); + if (!TEST_ptr(e) + || !TEST_true(EVP_EncryptInit_ex2(e, c, key, NULL, NULL)) + || !TEST_true(EVP_EncryptUpdate(e, NULL, &outl, (unsigned char *)"hdr1", 4)) + || !TEST_true(EVP_EncryptUpdate(e, ct, &outl, pt, sizeof(pt))) + || !TEST_true(EVP_EncryptFinal_ex(e, out, &outl)) + || !TEST_true(EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_AEAD_GET_TAG, 16, tagbuf))) { + EVP_CIPHER_CTX_free(e); + goto err; + } + EVP_CIPHER_CTX_free(e); + + /* msg1 decrypt */ + d = EVP_CIPHER_CTX_new(); + if (!TEST_ptr(d) + || !TEST_true(EVP_DecryptInit_ex2(d, c, key, NULL, NULL)) + || !TEST_true(EVP_CIPHER_CTX_ctrl(d, EVP_CTRL_AEAD_SET_TAG, 16, tagbuf)) + || !TEST_true(EVP_DecryptUpdate(d, NULL, &outl, (unsigned char *)"hdr1", 4)) + || !TEST_true(EVP_DecryptUpdate(d, out, &outl, ct, sizeof(ct))) + || !TEST_true(EVP_DecryptFinal_ex(d, out, &outl))) + goto err; + + /* msg2 on SAME ctx, reinit with key=NULL => initkey skipped, final_ret should be reset */ + if (!TEST_true(EVP_DecryptInit_ex2(d, NULL, NULL, NULL, NULL)) + || !TEST_true(EVP_CIPHER_CTX_ctrl(d, EVP_CTRL_AEAD_SET_TAG, 16, zero16)) + || !TEST_true(EVP_DecryptUpdate(d, NULL, &outl, aad, sizeof(aad))) /* forged AAD */ + || !TEST_false(EVP_DecryptFinal_ex(d, out, &outl))) + goto err; + + ret = 1; + +err: + EVP_CIPHER_CTX_free(d); + EVP_CIPHER_free(c); + return ret; +} + static int test_invalid_ctx_for_digest(void) { int ret; @@ -5637,6 +5695,9 @@ int setup_tests(void) ADD_TEST(test_aes_rc4_keylen_change_cve_2023_5363); #endif + /* Test case for CVE-2026-45446 */ + ADD_TEST(test_aes_siv_ctx_reuse); + ADD_TEST(test_invalid_ctx_for_digest); ADD_TEST(test_evp_cipher_negative_length); diff --git a/crypto/openssl/test/recipes/80-test_cms.t b/crypto/openssl/test/recipes/80-test_cms.t index b6ee61464409..f573651e26bc 100644 --- a/crypto/openssl/test/recipes/80-test_cms.t +++ b/crypto/openssl/test/recipes/80-test_cms.t @@ -51,7 +51,7 @@ my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib) $no_rc2 = 1 if disabled("legacy"); -plan tests => 23; +plan tests => 24; ok(run(test(["pkcs7_test"])), "test pkcs7"); @@ -1054,6 +1054,16 @@ ok(!run(app(['openssl', 'cms', '-verify', ])), "issue#19643"); +# Check that users get error when using incorrect envelope type for AEAD algorithms +ok(!run(app(['openssl', 'cms', '-decrypt', + '-inform', 'PEM', '-stream', + '-secretkey', '000102030405060708090A0B0C0D0E0F', + '-secretkeyid', 'C0FEE0', + '-in', srctop_file("test/cms-msg", + "enveloped-content-type-for-aes-gcm.pem") + ])), + "Error AES-GCM in enveloped content type"); + # Check that kari encryption with originator does not segfault with({ exit_checker => sub { return shift == 3; } }, sub { diff --git a/crypto/openssl/test/recipes/80-test_cmsapi.t b/crypto/openssl/test/recipes/80-test_cmsapi.t index 8d9371e005c0..3d1dae846464 100644 --- a/crypto/openssl/test/recipes/80-test_cmsapi.t +++ b/crypto/openssl/test/recipes/80-test_cmsapi.t @@ -19,5 +19,6 @@ plan tests => 1; ok(run(test(["cmsapitest", srctop_file("test", "certs", "servercert.pem"), srctop_file("test", "certs", "serverkey.pem"), srctop_file("test", "recipes", "80-test_cmsapi_data", "encryptedData.der"), - srctop_file("test", "recipes", "80-test_cmsapi_data", "encDataWithTooLongIV.pem")])), + srctop_file("test", "recipes", "80-test_cmsapi_data", "encDataWithTooLongIV.pem"), + srctop_file("test", "recipes", "80-test_cmsapi_data", "cms_pwri_kek_oob.der")])), "running cmsapitest"); diff --git a/crypto/openssl/test/recipes/80-test_cmsapi_data/cms_pwri_kek_oob.der b/crypto/openssl/test/recipes/80-test_cmsapi_data/cms_pwri_kek_oob.der new file mode 100644 index 000000000000..c3ef3abd10e6 Binary files /dev/null and b/crypto/openssl/test/recipes/80-test_cmsapi_data/cms_pwri_kek_oob.der differ From nobody Tue Jun 9 19:19:15 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxv6Pgnz6gVRC for ; Tue, 09 Jun 2026 19:19:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxv4B8vz3PhP for ; Tue, 09 Jun 2026 19:19:15 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032755; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=m1OQF+EYw1w9aMARbC2Q1hz0culhU7RAr2fgk5Ntzo4=; b=De1nWlU9J4r9Krniz5wGsqNh/145rYvCRPMtT+H+R3AxL9u8pHb85Gd9MCYBn5X4GME2bT kVFo5jfTYkhmqcJR8vTjZbdpPJ/+NJVqnlq+C74qfSRhNr1Ph3swhxF9M1HwfL3vPRdpDX CfI5XXecyG1Kqx64jFnHuhWdRFbh9eXBcwxR4uwX2o3P4e9keNn9xBdLezcsGOimJaqYA7 gxYd9baWsuDsMQ52W/x5OImwf9MkQ9CPo9zt4s+/MYjY+6Ls0Cg6Fl1b24eDwDZL/e0v1V Ez/gXooOmQBM8ie/MEQeqaTO8WUvcp91SkBSSa/6rjtnCG7luhYK27qQxNNrjw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032755; a=rsa-sha256; cv=none; b=MPMXe0Dc4wlizsKc1eMsJaVwNGhd2TL6a1BWMfCea81Fw5yh6+NQcu3RKy+dHzJY8zne/z rFYEsKSKZjEePPOrJIbSViXqCLMxxO10a5/Yj7K45sJDuPZeJZaWNRF44USpcYlNg/FuSS kvL22ilMw+XU1nCdOmvSUuE+eVLFoSe3ZANAUVCHCdmjfIf3PYh5gcCs0n6D5f8adrbfLw nlQZQhiE0FtWFfdeBzIbLRQ9NUdAGh34+T07yB863DhDFVWGznY++/fxjQn9mSI0qZkfdZ rfcV9sGvPB9b5ir+dulNTmLL/SfMdXbIZ1Xbl86A9yBoDaiJUDGVoQOYSR9ZOg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032755; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=m1OQF+EYw1w9aMARbC2Q1hz0culhU7RAr2fgk5Ntzo4=; b=QNc27Z3Ik+oSxhouU2FK6gK2a6EFCidvUZg7kTGly3pqluXmtRIPwkABO0leafwR0fFnzR f0IJiDo2nIkDubHAZS0LvnGyaPLfNIcXM69pRD0Fft8grW5O9gHhNBgTSm0zT3rGysWWPX R8+EDBUqTRhzN2MRzlO3WbFzKe+tIS13ZunqTafiEQ0YXdoskhY0WcgLNgCj9yCc1tGii0 sso109UU8x81WCujGu9RZ59NPFPVQqaxBfDL36nP0zI+4VYZJ+b7P0+Uirv7iK+f60H9gl 6sPlySBdWSNbF6ZjTwTNHGGuTH4EAjSx07mx9uBLKJQkyAoSqlxFu+9+MbOZ6g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxv3XsBznrj for ; Tue, 09 Jun 2026 19:19:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ea6e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:15 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Ed Maste From: Mark Johnston Subject: git: 799e830134d5 - releng/14.4 - vt: Avoid integer overflow in CONS_HISTORY ioctl List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: 799e830134d51209defe76c0298080a86c62b996 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:15 +0000 Message-Id: <6a286733.3ea6e.15883dfc@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=799e830134d51209defe76c0298080a86c62b996 commit 799e830134d51209defe76c0298080a86c62b996 Author: Ed Maste AuthorDate: 2026-05-26 16:19:47 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 13:21:34 +0000 vt: Avoid integer overflow in CONS_HISTORY ioctl Approved by: so Security: FreeBSD-SA-26:34.vt Security: CVE-2026-49416 Reviewed by: markj, vexeduxr Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57250 (cherry picked from commit 0ae946e7223df5ef3f7980af1d774d7f593f6421) (cherry picked from commit deaaddf1d3c4283649945553ad7e3208c8424308) (cherry picked from commit b5a4f4bfbc95d5d5361da708728f7f4a6db2ee60) --- sys/dev/vt/vt_buf.c | 9 ++++----- sys/dev/vt/vt_core.c | 6 ++++-- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/sys/dev/vt/vt_buf.c b/sys/dev/vt/vt_buf.c index ea27ea8a5ebf..0fd301bb662a 100644 --- a/sys/dev/vt/vt_buf.c +++ b/sys/dev/vt/vt_buf.c @@ -500,7 +500,6 @@ vtbuf_grow(struct vt_buf *vb, const term_pos_t *p, unsigned int history_size) { term_char_t *old, *new, **rows, **oldrows, **copyrows, *row, *oldrow; unsigned int w, h, c, r, old_history_size; - size_t bufsize, rowssize; int history_full; const teken_attr_t *a; term_char_t ch; @@ -511,10 +510,10 @@ vtbuf_grow(struct vt_buf *vb, const term_pos_t *p, unsigned int history_size) history_size = MAX(history_size, p->tp_row); /* Allocate new buffer. */ - bufsize = history_size * p->tp_col * sizeof(term_char_t); - new = malloc(bufsize, M_VTBUF, M_WAITOK | M_ZERO); - rowssize = history_size * sizeof(term_pos_t *); - rows = malloc(rowssize, M_VTBUF, M_WAITOK | M_ZERO); + new = mallocarray(history_size, p->tp_col * sizeof(term_char_t), + M_VTBUF, M_WAITOK | M_ZERO); + rows = mallocarray(history_size, sizeof(term_pos_t *), M_VTBUF, + M_WAITOK | M_ZERO); /* Toggle it. */ VTBUF_LOCK(vb); diff --git a/sys/dev/vt/vt_core.c b/sys/dev/vt/vt_core.c index 5cf45a7c61b2..6e6f58d9e215 100644 --- a/sys/dev/vt/vt_core.c +++ b/sys/dev/vt/vt_core.c @@ -41,6 +41,7 @@ #include #include #include +#include #include #include #include @@ -2771,8 +2772,9 @@ skip_thunk: /* XXX */ return (0); case CONS_HISTORY: - if (*(int *)data < 0) - return EINVAL; + if (*(int *)data < 0 || + *(int *)data > UINT_MAX / USHRT_MAX / sizeof(term_char_t)) + return (EINVAL); if (*(int *)data != vw->vw_buf.vb_history_size) vtbuf_sethistory_size(&vw->vw_buf, *(int *)data); return (0); From nobody Tue Jun 9 19:19:11 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxw3zwsz6gVJl for ; Tue, 09 Jun 2026 19:19:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxw0sQsz3PX4 for ; Tue, 09 Jun 2026 19:19:16 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032756; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=MsoGbEbdV3M69awUBpLf9z7umoEbASnme461mtCnhBM=; b=TfHt4hwPBaif2YZJIWdv+Ou/iyWsSCgNceeKM1w18aj6FUcalMiOQltJ/TU6ktbAq6Ox5X 2yBouXBp66iDaItWB+ytxsiFAA72IKvtNdy2OxreoPtVDsm/0hVOQMKRrdAg7OfgapQy93 oWoE1n6YBspYYndoR9B44bVA8f6GUMIlGKdvEDQaO9w7tNFNXP/5b0spkEFolAlBdLdVz3 zunwVhqw6ingCrJYbbsVGLORg2GmFQbgTtQzPPYTthwJ/QOF7BEFnVHZRojATQR/0WM7+j 00vYTxvkw2mRQufFW2A9VoXmB4VnK3vawqKfdKlW0taeplT/U4jhq/1BfizWNw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032756; a=rsa-sha256; cv=none; b=oLwPR9/g2ySezyJDUHbZW8cQgnuf07KL9q34jsx/y7jYbLG8fw063eD4HY67Wu85kHlkV9 J9t3YirLGjqZyGz6pFRVpDL0aAbt5gnbDHq4Lfn6lrkWCnoIpSx0i7ruMtP6K6o4DlxgTj 8V1MsXn+Z2uz33FM0nhszw9oQZi4esza4sb5gJEygisKIyA57jWkwMZ9iW/NFxeyK1VqnQ ncOrLm6N+gDuYvGC+4NRLq1xElU/kYhzHMeAM38Z5V0i4+52M9T1Hn5hm39c8kH/cV7zVz JDfy5WDmIIDzmMP3XaciiF+S+aLu5e9bYgsj/8O/Enxv94d+nHH+B5ZtI5jnjw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032756; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=MsoGbEbdV3M69awUBpLf9z7umoEbASnme461mtCnhBM=; b=Hat5XSfJcvX35LImJPi6F12BNQeYnDpNUUXTPa6vuhmItgz+W1uGvzEck0ZmGyIdtrveZk fWKqJllLMGn+FPIbWpSi/hJuyQ0OFvjbQ1JfJhs8FzGSd8jchtxhTDMNobgK8qvap9DHpU FuXaXQBph5qZHlFpqOBpqs/rsMWVaNrdhwK8eEyR6jJkEIwwRACY0CH0bLCv4GxkEVXbCf +ImlQKuXAC7HYCTLh7W1B2T9/Ma9jMreWZER2ezaj7V6F3QucqrU9tknoNDr6FBvrh2vlr I8nrn1plEj+YsnaTz4ubG9yXUcfzKGAEuRoj5cLjyN5r/wZ7kjk+8C7MdTdBqA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxw0Pygznkw for ; Tue, 09 Jun 2026 19:19:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3f483 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:11 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 3fe092282025 - releng/14.4 - linux: Correct the issetugid check in copyout_auxargs List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: 3fe092282025d45218605b950f03780f32df6f48 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:11 +0000 Message-Id: <6a28672f.3f483.5b415e09@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=3fe092282025d45218605b950f03780f32df6f48 commit 3fe092282025d45218605b950f03780f32df6f48 Author: Mark Johnston AuthorDate: 2026-05-29 21:41:35 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 13:21:34 +0000 linux: Correct the issetugid check in copyout_auxargs The runtime linker in glibc relies on the AT_SECURE auxv entry to know whether the executable is set-ugid, if so then various dangerous functionality such as LD_PRELOAD is disabled. The check added in commit 669414e4fb74 failed to take into account the fact that during execve, P_SUGID may not yet be set for a set-ugid process. Correct the test. Approved by: so Security: FreeBSD-SA-26:30.linux Security: CVE-2026-49413 Reported by: Minseong Kim Fixes: 669414e4fb74 ("Implement AT_SECURE properly.") Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57350 --- sys/compat/linux/linux_elf.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/sys/compat/linux/linux_elf.c b/sys/compat/linux/linux_elf.c index c9eb6aea8373..6c9f785c97e7 100644 --- a/sys/compat/linux/linux_elf.c +++ b/sys/compat/linux/linux_elf.c @@ -492,11 +492,9 @@ __linuxN(copyout_auxargs)(struct image_params *imgp, uintptr_t base) struct thread *td = curthread; Elf_Auxargs *args; Elf_Auxinfo *aarray, *pos; - struct proc *p; int error, issetugid; - p = imgp->proc; - issetugid = p->p_flag & P_SUGID ? 1 : 0; + issetugid = imgp->credential_setid ? 1 : 0; args = imgp->auxargs; aarray = pos = malloc(LINUX_AT_COUNT * sizeof(*pos), M_TEMP, M_WAITOK | M_ZERO); From nobody Tue Jun 9 19:19:17 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxy1RCqz6gVRG for ; Tue, 09 Jun 2026 19:19:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxx4yBzz3Psw for ; Tue, 09 Jun 2026 19:19:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032757; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HcSfaJZ/fGTUf3s3MeI/oApJjJPSCCrFtXTb+H1bjVM=; b=rPiP6605h1bfYkb1LwwHa1kikAgp+eFZgWz3DBsSKa5ycnGatVZBlNp4xHy5lA06WrhxW3 wzAzJI4wEe3NMn4l5sCHHv4UEmP6tL/a47LKT0GknHRVCBOaO5ZHr/saaADcivA+f44WAV ye2y8rlIw3VCueX//+vnCgk5JEU2E1sx2zFbuZCEtcXBt+fnJVmu+2DlvCDoDg8udPMs1i n7NOWCC8v8oMOJMEPnY/54RbVsIBsioC12Jg+OqpWaRfReY3KJ8cC+0qsewZ6VowAvgQon sk1AoYS+nw6YL14oZFzc9vGebsEftUjbB2WhLfPz7sFFLu/EF+aybxJyUPPDNg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032757; a=rsa-sha256; cv=none; b=ForwelqOY93TW69txdiQk4KP4qC2QyABR60w57U/dIwP/5EFc3PWntvgq0bn/wOpfCaI8O 0dbf1BSZnsMinsaaP31YzYqfDm9ke6R9rz3Wx2j5RdgZ5Gh962WwXEkGyfsNLxpXH5+SAg IBkpALanPL0I4y5hPEhi4i3btxe31PDZuOUoByrcI43qsOd94pL1bMXEEZ9/lNGQh4u4N/ 5csm03vzAc1Q5+yJeK9Du0+ASNTY4vcKOCAepDuo1Blrcw3xMhz4e+MF8DxamhOIH8gBzs DqIJ3/O6BRO+8kK3QEmLJKjhs3gQT9NtHzNJ1iHT7mCt0Zv2ImTXvgfVzigmNw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032757; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HcSfaJZ/fGTUf3s3MeI/oApJjJPSCCrFtXTb+H1bjVM=; b=fJMweeaNpwar/HgeQNexhRhSMvFjpHI2O+VuQYbgmRdXAsPL4nrOsD0MRSsn8QSumnSv// WRAWJyuRJxLKVVXtJXaIUhDNS5oyMOqaYmpQZGXKxOdwdZ3u+RYhh8HVCwqGbabbiFMhqO zBw3cOg6hxaUu6WY5OmCCAQOe4NwmRIEXq5Tp0bWNWYCUGoh9ehy/FEeoV2tm/xh7kcrUI HNPTnZ0ZM+ACEgBPdnstK+EyupFldAeu7miyCjGmBI0SQfoFW/OZNPNB9nryx1+dONfZnN XB+rbJ5cXOW4JUlV9re9HQ26hTol4XKGqnPqKQySZRs50Cxmguuk+ZRtSmN9mg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxx4Y4Nzny2 for ; Tue, 09 Jun 2026 19:19:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e52e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:17 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: 410ab2bff36f - releng/14.4 - ldns: Fix query response validation List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: 410ab2bff36fa31666d310e6e49b3775d63342c6 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:17 +0000 Message-Id: <6a286735.3e52e.189ad7af@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=410ab2bff36fa31666d310e6e49b3775d63342c6 commit 410ab2bff36fa31666d310e6e49b3775d63342c6 Author: Gordon Tetlow AuthorDate: 2026-06-07 15:40:46 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 13:21:34 +0000 ldns: Fix query response validation Approved by: so Security: FreeBSD-SA-26:36.ldns Security: CVE-2026-10846 --- contrib/ldns/error.c | 13 +++++++ contrib/ldns/ldns/error.h | 8 ++++- contrib/ldns/net.c | 92 +++++++++++++++++++++++++++++++++++++++++++++-- 3 files changed, 110 insertions(+), 3 deletions(-) diff --git a/contrib/ldns/error.c b/contrib/ldns/error.c index e3fd12112789..4fc05d6d0d8f 100644 --- a/contrib/ldns/error.c +++ b/contrib/ldns/error.c @@ -184,6 +184,19 @@ ldns_lookup_table ldns_error_str[] = { { LDNS_STATUS_INVALID_SVCPARAM_VALUE, "Invalid wireformat of a value " "in the ServiceParam rdata field of SVCB or HTTPS RR" }, + { LDNS_STATUS_NOT_EDE, + "The EDNS option is not an extended error code" }, + { LDNS_STATUS_EDE_OPTION_MALFORMED, + "The extended error code option is malformed, expected " + "at least 2 bytes of option data" }, + { LDNS_STATUS_EQUAL_RR, + "An identical RR already existed in the zone" }, + { LDNS_STATUS_ID_DID_NOT_MATCH, + "Response ID did not match the query ID" }, + { LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + "The query section MUST contain exactly one question" }, + { LDNS_STATUS_QUERY_DID_NOT_MATCH, + "The question in the response did not match the query" }, { 0, NULL } }; diff --git a/contrib/ldns/ldns/error.h b/contrib/ldns/ldns/error.h index 2429b7703dfa..41d64cc0815f 100644 --- a/contrib/ldns/ldns/error.h +++ b/contrib/ldns/ldns/error.h @@ -141,7 +141,13 @@ enum ldns_enum_status { LDNS_STATUS_RESERVED_SVCPARAM_KEY, LDNS_STATUS_NO_SVCPARAM_VALUE_EXPECTED, LDNS_STATUS_SVCPARAM_KEY_MORE_THAN_ONCE, - LDNS_STATUS_INVALID_SVCPARAM_VALUE + LDNS_STATUS_INVALID_SVCPARAM_VALUE, + LDNS_STATUS_NOT_EDE, + LDNS_STATUS_EDE_OPTION_MALFORMED, + LDNS_STATUS_EQUAL_RR, + LDNS_STATUS_ID_DID_NOT_MATCH, + LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + LDNS_STATUS_QUERY_DID_NOT_MATCH }; typedef enum ldns_enum_status ldns_status; diff --git a/contrib/ldns/net.c b/contrib/ldns/net.c index 57d4dff24dbe..215c0cac891c 100644 --- a/contrib/ldns/net.c +++ b/contrib/ldns/net.c @@ -441,6 +441,50 @@ ldns_udp_bgsend2(ldns_buffer *qbin, return ldns_udp_bgsend_from(qbin, to, tolen, NULL, 0, timeout); } +/** helper sockaddr compare function. returns -1, 0 or 1. */ +static int +ldns_sockaddr_cmp(const struct sockaddr_storage* addr1, socklen_t len1, + const struct sockaddr_storage* addr2, socklen_t len2) +{ + struct sockaddr_in* p1_in = (struct sockaddr_in*)addr1; + struct sockaddr_in* p2_in = (struct sockaddr_in*)addr2; + struct sockaddr_in6* p1_in6 = (struct sockaddr_in6*)addr1; + struct sockaddr_in6* p2_in6 = (struct sockaddr_in6*)addr2; + if(len1 < len2) + return -1; + if(len1 > len2) + return 1; + assert(len1 == len2); + if( p1_in->sin_family < p2_in->sin_family) + return -1; + if( p1_in->sin_family > p2_in->sin_family) + return 1; + assert( p1_in->sin_family == p2_in->sin_family ); + /* compare ip4 */ + if( p1_in->sin_family == AF_INET ) { + /* just order it, ntohs not required */ + if(p1_in->sin_port < p2_in->sin_port) + return -1; + if(p1_in->sin_port > p2_in->sin_port) + return 1; + assert(p1_in->sin_port == p2_in->sin_port); + return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, + sizeof(p1_in->sin_addr)); + } else if (p1_in6->sin6_family == AF_INET6) { + /* just order it, ntohs not required */ + if(p1_in6->sin6_port < p2_in6->sin6_port) + return -1; + if(p1_in6->sin6_port > p2_in6->sin6_port) + return 1; + assert(p1_in6->sin6_port == p2_in6->sin6_port); + return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr, + sizeof(p1_in6->sin6_addr)); + } else { + /* eek unknown type, perform this comparison for sanity. */ + return memcmp(addr1, addr2, len1); + } +} + static ldns_status ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to , socklen_t tolen, @@ -449,6 +493,8 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, { int sockfd; uint8_t *answer; + struct sockaddr_storage reply_addr; + socklen_t reply_addr_len; sockfd = ldns_udp_bgsend_from(qbin, to, tolen, from, fromlen, timeout); @@ -467,13 +513,21 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, * but returns a 'NETWORK_ERROR' much like a timeout. */ ldns_sock_nonblock(sockfd); - answer = ldns_udp_read_wire(sockfd, answer_size, NULL, NULL); + reply_addr_len = sizeof(reply_addr); + memset(&reply_addr, 0, reply_addr_len); + answer = ldns_udp_read_wire(sockfd, answer_size, &reply_addr, + &reply_addr_len); close_socket(sockfd); if (!answer) { /* oops */ return LDNS_STATUS_NETWORK_ERR; } + /* Check that the reply came from the to addr. */ + if(ldns_sockaddr_cmp(to, tolen, &reply_addr, reply_addr_len) != 0) { + free(answer); + return LDNS_STATUS_NETWORK_ERR; + } *result = answer; return LDNS_STATUS_OK; @@ -512,6 +566,10 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf assert(r != NULL); + /* The query should at least have one question */ + if(ldns_buffer_limit(qb) < 6 || ldns_buffer_read_u16_at(qb, 4) != 1) + return LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + status = LDNS_STATUS_OK; rtt = ldns_resolver_rtt(r); ns_array = ldns_resolver_nameservers(r); @@ -599,6 +657,16 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf ldns_resolver_set_nameserver_rtt(r, i, LDNS_RESOLV_RTT_INF); status = send_status; } + if(reply_bytes && ldns_buffer_limit(qb) >= 2) { + uint16_t txid = ldns_buffer_read_u16_at(qb, 0); + if(reply_size < 2 || + ldns_read_uint16(reply_bytes) != txid) { + status = LDNS_STATUS_ID_DID_NOT_MATCH; + LDNS_FREE(reply_bytes); + reply_bytes = NULL; + reply_size = 0; + } + } /* obey the fail directive */ if (!reply_bytes) { @@ -608,7 +676,7 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf LDNS_FREE(src); } LDNS_FREE(ns); - return LDNS_STATUS_ERR; + return status ? status : LDNS_STATUS_ERR; } else { LDNS_FREE(ns); continue; @@ -670,6 +738,26 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf #endif /* HAVE_SSL */ LDNS_FREE(reply_bytes); + if (reply) { + ldns_pkt *query = NULL; + + if(ldns_pkt_qdcount(reply) != 1) { + status = LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + ldns_pkt_free(reply); + reply = NULL; + + } else if(ldns_wire2pkt(&query + , ldns_buffer_begin(qb) + , ldns_buffer_position(qb)) != LDNS_STATUS_OK + || ldns_pkt_qdcount(query) != 1 + || ldns_rr_compare(ldns_rr_list_rr(ldns_pkt_question(query),0) + ,ldns_rr_list_rr(ldns_pkt_question(reply),0))){ + status = LDNS_STATUS_QUERY_DID_NOT_MATCH; + ldns_pkt_free(reply); + reply = NULL; + } + ldns_pkt_free(query); + } if (result) { *result = reply; } From nobody Tue Jun 9 19:19:18 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxz11y3z6gVH5 for ; Tue, 09 Jun 2026 19:19:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdxy5nX1z3PqX for ; Tue, 09 Jun 2026 19:19:18 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032758; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Q5hpzY+9lpN7SF+a6qoh6Ms8suI3L+EIeRk1O2VwzDc=; b=PmCeCJkZtHN+s2VWRcLluXpd0GnyJEAfbpgfC60FPQCIg5b9sK16YcOeikqx9LPwWIWrj5 p7KDLNO39jjEJfjo/+oCRcZbxQdXWh6XTAGYEkey7sFM2wKqd1Zy7Fw5NBoJCkuvDoDrWG w0kOTCiP0Dk9cZorVDblFCDSiqTvPjy4Guvlaiy29yTYbguYq3lTJawmuWdEZXrdnss6D2 Sd7C5jj7fPDbdOEDBE/SVh7D0i5C8pa087jmJSecrsf40OJta4ULhgBLLwBLnEKoaJCP3/ PD+emFUbhTYt2EYk+EMWKMMnscr8dxg1cYubEJTRBueEiWT5ar+SHdddvCSFFg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032758; a=rsa-sha256; cv=none; b=jOEBXyAOGScSX224b0my0ZhvyO0X+bsQKr7yDhYKV/WxqHmuwkpvG0wJfiGHTDjnugdhjE bxsNsee8PupuGztrjSOm4ttepyxwQti0kfAwNYF1iWbNwqPRXlcZ68ni5OU75N6PH5/42i 4JRZHj5bnFJE1PmtO14F1xcVnvOz5fBFn1Zf2+woxuLuD49mEgviAylo14X3ge0pLe8G0b HGp+IW8RJV+LiKvm29MQ0IPCHH0DvMOnE3DyuyIKimtmOga0aG3gCSddhFKNUifQu/F7aO QTG2bwqxYJeSWz1kIUhGNsLmIMCfug234tmmqNgYEDt2051M81FszitCaeSh6A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032758; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Q5hpzY+9lpN7SF+a6qoh6Ms8suI3L+EIeRk1O2VwzDc=; b=KO/5OTX1fiF0bBQz9ZRJZyTkJHQ4ysp4/5fcqyEj+4DhO6ryasIK0mmeTYLQyCQtkgRjIx 83/eCEfzo3Eo0e+yqD4ospdYlJEc6W8590ZznyZ20FTBwSNaEwMFMji08hdshMDZFUglNk 8WStIMVULwD5BfPVLKMXd1PQUkpEVkXqJAZhpUMtjGwuE6j4MkALte1Izb/hc48tPQHNk3 x2XhPO4T4UInyUidyuCRmO8cJhwcpxquGbOOZNggGPkdiYQ7a46HFwDhoCvQaPcZK5WnFy R2TzixelGMUKCyU3fKDrwmSigEmh7oz3YZfzBjqhYovUfxGBTqW14mNYTbFS7A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdxy5HffznCf for ; Tue, 09 Jun 2026 19:19:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3f487 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:18 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 3d95ec875867 - releng/14.4 - Add UPDATING entries and bump version List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/14.4 X-Git-Reftype: branch X-Git-Commit: 3d95ec87586781c366e6c01c6a40c3e80056d24b Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:18 +0000 Message-Id: <6a286736.3f487.27a5983f@gitrepo.freebsd.org> The branch releng/14.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=3d95ec87586781c366e6c01c6a40c3e80056d24b commit 3d95ec87586781c366e6c01c6a40c3e80056d24b Author: Mark Johnston AuthorDate: 2026-06-07 16:55:09 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:38:31 +0000 Add UPDATING entries and bump version Approved by: so --- UPDATING | 41 +++++++++++++++++++++++++++++++++++++++++ sys/conf/newvers.sh | 2 +- 2 files changed, 42 insertions(+), 1 deletion(-) diff --git a/UPDATING b/UPDATING index 14e25a3b5cb3..6433576d48b2 100644 --- a/UPDATING +++ b/UPDATING @@ -12,6 +12,47 @@ Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before updating system packages and/or ports. +20260609: + 14.4-RELEASE-p6 EN-26:15.openssl + SA-26:25.thr + SA-26:26.ktls + SA-26:27.sound + SA-26:28.capsicum + SA-26:29.ip6_multicast + SA-26:30.linux + SA-26:31.arm64 + SA-26:32.elf + SA-26:33.unbound + SA-26:34.vt + SA-26:35.openssl + SA-26:36.ldns + + Update OpenSSL to 3.0.20 and 3.5.6. [EN-26:15.openssl] + + Missing permission check in thr_kill2(2). [SA-26:25.thr] + + Arbitrary file overwrite via the KTLS receive path. [SA-26:26.ktls] + + Multiple vulnerabilities in the sound(4) mmap path. [SA-26:27.sound] + + sigqueue(2) missing capability mode restriction. [SA-26:28.capsicum] + + Use-after-free bug in the IPV6_MSFILTER socket option handler. [SA-26:29.ip6_multicast] + + Flaw in Linuxulator execution of setugid binaries. [SA-26:30.linux] + + Arm CPU errata may bypass page table permission changes. [SA-26:31.arm64] + + ASLR bypass for setuid executables via procctl(2). [SA-26:32.elf] + + Multiple vulnerabilities in unbound. [SA-26:33.unbound] + + Integer overflow in vt(4) CONS_HISTORY ioctl. [SA-26:34.vt] + + Multiple vulnerabilities in OpenSSL. [SA-26:35.openssl] + + Insufficient response validation in the ldns stub resolver. [SA-26:36.ldns] + 20260520: 14.4-RELEASE-p5 SA-26:18.setcred SA-26:19.file diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index c71cb6eb9b68..3d7d8d5145a5 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -53,7 +53,7 @@ TYPE="FreeBSD" REVISION="14.4" -BRANCH="RELEASE-p5" +BRANCH="RELEASE-p6" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From nobody Tue Jun 9 19:19:32 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyF2zpfz6gVWv for ; Tue, 09 Jun 2026 19:19:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyD6Gswz3QDx for ; Tue, 09 Jun 2026 19:19:32 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032772; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RqZsANotLjglfbfMBbHiXERt1EjKhxLRpwvvpqkuRkI=; b=bp188X2FZ5Z2PNGqcStJPhX7Z7OUnD17G/Vr0+u32LgHFEYSX9ROYQ79hdyepfPAfV07FF oTMGF3VxVjkSJFzDQ4JlTTlsXWyrW+fbXzuPFWKy3J4dZrIWA04ttHFRhUH1ictf7XKLm1 HwVKwC7XAp2/zVmuvlu75/3xUu1WKa82gOomyKHLM94shgy1XmrwHxPIxt6MA37HMdj8fv bIzY3OI2l27q8YITTSGkm5LihCe2lOhA9zbcddtmOP5KCR8UIzenqcxIoaTDcwWq3PS6If v63ZBqS85ZIq8lyupdlyZX0XdOhA1cX0KStwGIcUdZKL8o//D8nvR0JxhTdmDQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032772; a=rsa-sha256; cv=none; b=qckQVqJ0iflnADol26p1plkLp3SaRCf+o9wJvC/2wOyqGPYx0AP05zKo8kWqNC3wb6eHrD ZvmI5ElwO6ayVlnQherfjO17YKwu2AFO+Hg619EaaT7Z8sKL8W8SHlgAqflyuEenv5AcSM w1uOjhQywpuzQGUDTKPXqK0r0j+u2Y34bRPmLXPlqKNC5usrt7D9ju5wPEuHi7w93U7vBZ W/JYxAawejx/cBugwvWXSbj7roMHuUq4Ui7zWTiBh1AEGe30pdRREADpITh24aCEL9JyyZ orNZ1e2SdtZ3ClmZCKIyhUIT5m1rsC9L8hQVklm8yqlYIUoQLwotHXen4HvXyw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032772; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=RqZsANotLjglfbfMBbHiXERt1EjKhxLRpwvvpqkuRkI=; b=h6pjSQIPcks2AxgtrceJVoQfFeHIlKazYviRyBuHsOdibzQtjOPigrk/9anStIvry9lncF GJJiULbGNM+dxVrgYfO4wNXvHmc+PTCSeGN6T0YqjIbVt2/egQ1IozrgFHOq9W5ztfaAiE lM/tiEQqRf/mjatx04M0jGUfi/QBoiakzcJfSjQmOqt3rD/3khdvYWKTWpebqf9D3COjri MjMEaREEMaBj8uv9wAvXFQxNirT/ajcZk5gbhI3VZJTmKs7Ti8OW79XBTWhYWbUAsV0/5c 251JCJ4hFs+geyZU3aBOHlZbcjYdrQF6PpCzyaCwbTXTIBgJz8drg5/1QfC4qg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyD5ZW0znrm for ; Tue, 09 Jun 2026 19:19:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ebc9 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:32 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Pat Maddox From: Mark Johnston Subject: git: 998de2d14e25 - releng/15.0 - syslogd: fix memory leak in casper_ttymsg() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: 998de2d14e25c1246b8fe75f85c053e0b9781a8f Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:32 +0000 Message-Id: <6a286744.3ebc9.c30959f@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=998de2d14e25c1246b8fe75f85c053e0b9781a8f commit 998de2d14e25c1246b8fe75f85c053e0b9781a8f Author: Pat Maddox AuthorDate: 2026-05-22 21:45:30 +0000 Commit: Mark Johnston CommitDate: 2026-05-29 19:50:43 +0000 syslogd: fix memory leak in casper_ttymsg() nvlist_take_string_array(9) takes ownership of the array and its strings. casper_ttymsg() freed neither, leaking memory on every F_CONSOLE and F_TTY message. On long-running systems with high error-rate syslog traffic routed to /dev/console, syslogd.casper grew to hundreds of MB. Use nvlist_get_string_array(9) to borrow the array instead. Update casper_wallmsg() similarly. Approved by: so Security: FreeBSD-EN-26:14.syslogd Approved by: src (des) Closes: https://github.com/freebsd/freebsd-src/pull/2222 Fixes: 61a29eca550b ("syslogd: Log messages using libcasper") PR: 295488 Reported by: Pat Maddox Reviewed by: markj Tested by: dch (cherry picked from commit c783d7181d6a71cb2453f06e40c08c892510c2f2) (cherry picked from commit be03b0fb2241260ec94db431cf4f2954161f227e) --- usr.sbin/syslogd/syslogd_cap_log.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/usr.sbin/syslogd/syslogd_cap_log.c b/usr.sbin/syslogd/syslogd_cap_log.c index 0156cc6f6b6c..5e2034abd9eb 100644 --- a/usr.sbin/syslogd/syslogd_cap_log.c +++ b/usr.sbin/syslogd/syslogd_cap_log.c @@ -128,19 +128,19 @@ cap_ttymsg(cap_channel_t *chan, struct iovec *iov, int iovcnt, int casper_ttymsg(nvlist_t *nvlin, nvlist_t *nvlout) { - char **nvlstrs; + const char * const *nvlstrs; struct iovec *iov; size_t iovcnt; int tmout; const char *line; - nvlstrs = nvlist_take_string_array(nvlin, "iov_strs", &iovcnt); + nvlstrs = nvlist_get_string_array(nvlin, "iov_strs", &iovcnt); assert(iovcnt <= TTYMSG_IOV_MAX); iov = calloc(iovcnt, sizeof(*iov)); if (iov == NULL) err(EXIT_FAILURE, "calloc"); for (size_t i = 0; i < iovcnt; ++i) { - iov[i].iov_base = nvlstrs[i]; + iov[i].iov_base = __DECONST(char *, nvlstrs[i]); iov[i].iov_len = strlen(nvlstrs[i]); } line = nvlist_get_string(nvlin, "line"); @@ -187,25 +187,23 @@ int casper_wallmsg(nvlist_t *nvlin) { const struct filed *f; - char **nvlstrs; + const char * const *nvlstrs; struct iovec *iov; size_t sz; f = nvlist_get_binary(nvlin, "filed", &sz); assert(sz == sizeof(*f)); - nvlstrs = nvlist_take_string_array(nvlin, "iov_strs", &sz); + nvlstrs = nvlist_get_string_array(nvlin, "iov_strs", &sz); assert(sz <= TTYMSG_IOV_MAX); iov = calloc(sz, sizeof(*iov)); if (iov == NULL) err(EXIT_FAILURE, "calloc"); for (size_t i = 0; i < sz; ++i) { - iov[i].iov_base = nvlstrs[i]; + iov[i].iov_base = __DECONST(char *, nvlstrs[i]); iov[i].iov_len = strlen(nvlstrs[i]); } wallmsg(f, iov, sz); - for (size_t i = 0; i < sz; ++i) - free(iov[i].iov_base); free(iov); return (0); } From nobody Tue Jun 9 19:19:33 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyP5k1zz6gVX0 for ; Tue, 09 Jun 2026 19:19:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyP2WZ2z3QLt for ; Tue, 09 Jun 2026 19:19:41 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032781; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=woCQUH9KA7/F3tsCX+pykI2VJK56nWTlX7BChxuK+qk=; b=u8og5pUz6nalKtY5LaBEkwZ3oFhDd/y9qqF23bZ8rsEJMpPR3XGsaM2y0jKqZyBMDm1V5e falbe6Jl3t2MCR8sZeVVE3Z6nWDaZXGgXLtdf8Yzl+BsVFCwYv+jzdcn12jCk6vPVn3Stt O484VZ6SqQjQq4PZOweXJz5q0OQZfyfnz064mxyvev75lGeT1+g4erWjTLqimBw9dhT8vT kJcDYUvFFcAcoVz6/VSZ3/DkQ2l8J58b90ctRrMLgxNjcOrZ++9e4zOjcg71ebhFi6z9Kb gBavkyefRBkKDBCHrFvjbg9aCGoHMAHlqjhCCQ6k77crabPoHR9JMk0119J5vg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032781; a=rsa-sha256; cv=none; b=dWmmcqW3rzMZ8nsqO+ootJKdu4AiuiqlIt46wbuoSY7J+bCV57dDQvfAfce042xAPnOXKr iHKgTnLF8uyRkLezlYL4b0N48noF0Ivy8y2v40GN8Tw2gPddv0Lc7QaJOfXwZIJxJ7+SCX t1w4hS+khtvAdyzzx1ugPtk4lH8PuI1AAcq9RvRczxzqqLugC1OkTOFuQErzPOK53Jhvqi zKM4hscDcvlGc5yRt/sE1NOj+gZMVsXK9zPY0a1iaWguhNhzH6cbbf6GUMRbmHcjo6cZiN 4GapuzQX4TaJ/AxcyXCszykqG/8MbRB02kcUnPuaviqnhzzfN+2zY+LAHSwnJw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032781; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=woCQUH9KA7/F3tsCX+pykI2VJK56nWTlX7BChxuK+qk=; b=wF2QsxDIYSOFnkvtlABkoec0amzHPpqSwmykNQKVxUBo/JzyeeS8wcYWbae3DnaE7XRMQ+ /YhXRZMW4Z+wEdzuNFCiKquSjT99bvGSDHXFIn/GUO70vX42N5eiWIWphr5Pl/8xdXtmyh 5lAOd/jFd2UOaXOXgPvy/+2wizwnDeJQiDRfFaIvgVugEwh/ZkZvWd3czaqZlQMRdix+cL 2MSyVN9lkbwvY4XXPkDIDRwtK7YxbHzPjEeu3legXEpCVJKt9sIJJBBHCQ9gKjVw7g/qez 8ILp91KdS8uXM4Wwy1bEFn2V8zipqGlfQ1OAvzsaKgW48JWw2yjfAGbW2miuhw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyP21LRzntP for ; Tue, 09 Jun 2026 19:19:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3eb2a by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:33 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Enji Cooper From: Mark Johnston Subject: git: 0f6e90c4cc4f - releng/15.0 - openssl: Update to 3.5.6 and associated fixes. List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: 0f6e90c4cc4f9bb006de556b46db0dcb3283491a Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:33 +0000 Message-Id: <6a286745.3eb2a.4320db0e@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=0f6e90c4cc4f9bb006de556b46db0dcb3283491a commit 0f6e90c4cc4f9bb006de556b46db0dcb3283491a Author: Enji Cooper AuthorDate: 2025-09-08 03:20:42 +0000 Commit: Mark Johnston CommitDate: 2026-06-07 16:57:09 +0000 openssl: Update to 3.5.6 and associated fixes. Included fixes: OpenSSL: update Makefiles to reflect 3.5.1 release (cherry picked from commit ee6882e6b1287aa910a4f74f5290ae397dbd5054) crypto/openssl: fix importing new versions from pristine trees (cherry picked from commit f43d0ac1b0e29bbd77d6b0b1c87dca075cd7b9bf) openssl: import 3.5.5 (cherry picked from commit f775385affefd7beac0d038d5cd9cbf01bfc4a06) OpenSSL: update vendor sources to match 3.5.5 content (cherry picked from commit 12eecb3bcc0be4d7fd35847252c40998806fc551) OpenSSL: install EVP_CIPHER_CTX_get_app_data.3 once (cherry picked from commit b0476eea5ef4ab2ccf2479652f486af3d4ab9cc0) MFV: crypto/openssl: update to 3.5.6 (cherry picked from commit e2fcde7333a515907316cf1a4ee4858edc90419d) OpenSSL: commit sys/crypto changes for 3.5.5 (cherry picked from commit e6c8997a8958c7aaec8e266d2eeefbfaa137e218) crypto/openssl: update artifacts to match 3.5.6 release artifacts (cherry picked from commit 293c738aa45003423f45eb7f0e37f3047e52c502) crypto/openssl: add new manpage from release 3.5.6 (cherry picked from commit 51a80be04fe63a8d6950a7524b3ca0d511ade131) Approved by: so Security: FreeBSD-EN-26:15.openssl Security: CVE-2026-2673 Security: CVE-2026-28387 Security: CVE-2026-28388 Security: CVE-2026-28389 Security: CVE-2026-31789 Security: CVE-2026-31790 --- crypto/openssl/.ctags.d/exclude.ctags | 3 +- crypto/openssl/BSDmakefile | 7 +- crypto/openssl/CHANGES.md | 820 +- crypto/openssl/CONTRIBUTING.md | 20 + crypto/openssl/Configurations/10-main.conf | 3 +- crypto/openssl/Configurations/50-nonstop.conf | 2 + crypto/openssl/Configurations/unix-Makefile.tmpl | 20 +- .../openssl/Configurations/windows-makefile.tmpl | 5 +- crypto/openssl/NEWS.md | 465 +- crypto/openssl/NOTES-NONSTOP.md | 12 +- crypto/openssl/README.md | 2 +- crypto/openssl/VERSION.dat | 4 +- crypto/openssl/apps/asn1parse.c | 72 +- crypto/openssl/apps/ca.c | 765 +- crypto/openssl/apps/ciphers.c | 55 +- crypto/openssl/apps/cmp.c | 1455 +- crypto/openssl/apps/cms.c | 509 +- crypto/openssl/apps/crl.c | 126 +- crypto/openssl/apps/crl2pkcs7.c | 36 +- crypto/openssl/apps/dgst.c | 163 +- crypto/openssl/apps/dhparam.c | 159 +- crypto/openssl/apps/dsa.c | 78 +- crypto/openssl/apps/dsaparam.c | 71 +- crypto/openssl/apps/ec.c | 78 +- crypto/openssl/apps/ecparam.c | 117 +- crypto/openssl/apps/enc.c | 216 +- crypto/openssl/apps/engine.c | 112 +- crypto/openssl/apps/errstr.c | 17 +- crypto/openssl/apps/fipsinstall.c | 524 +- crypto/openssl/apps/gendsa.c | 42 +- crypto/openssl/apps/genpkey.c | 97 +- crypto/openssl/apps/genrsa.c | 61 +- crypto/openssl/apps/include/app_libctx.h | 4 +- crypto/openssl/apps/include/app_params.h | 1 - crypto/openssl/apps/include/apps.h | 252 +- crypto/openssl/apps/include/apps_ui.h | 5 +- crypto/openssl/apps/include/cmp_mock_srv.h | 23 +- crypto/openssl/apps/include/engine_loader.h | 8 +- crypto/openssl/apps/include/fmt.h | 32 +- crypto/openssl/apps/include/function.h | 17 +- crypto/openssl/apps/include/http_server.h | 64 +- crypto/openssl/apps/include/log.h | 34 +- crypto/openssl/apps/include/names.h | 2 +- crypto/openssl/apps/include/opt.h | 585 +- crypto/openssl/apps/include/platform.h | 12 +- crypto/openssl/apps/include/s_apps.h | 60 +- crypto/openssl/apps/include/vms_term_sock.h | 12 +- crypto/openssl/apps/info.c | 39 +- crypto/openssl/apps/kdf.c | 45 +- crypto/openssl/apps/lib/app_libctx.c | 1 - crypto/openssl/apps/lib/app_params.c | 7 +- crypto/openssl/apps/lib/app_provider.c | 15 +- crypto/openssl/apps/lib/app_rand.c | 5 +- crypto/openssl/apps/lib/app_x509.c | 54 +- crypto/openssl/apps/lib/apps.c | 699 +- crypto/openssl/apps/lib/apps_opt_printf.c | 1 - crypto/openssl/apps/lib/apps_ui.c | 39 +- crypto/openssl/apps/lib/cmp_mock_srv.c | 369 +- crypto/openssl/apps/lib/columns.c | 1 - crypto/openssl/apps/lib/engine.c | 15 +- crypto/openssl/apps/lib/engine_loader.c | 38 +- crypto/openssl/apps/lib/http_server.c | 125 +- crypto/openssl/apps/lib/log.c | 8 +- crypto/openssl/apps/lib/names.c | 2 +- crypto/openssl/apps/lib/opt.c | 202 +- crypto/openssl/apps/lib/s_cb.c | 650 +- crypto/openssl/apps/lib/s_socket.c | 115 +- crypto/openssl/apps/lib/tlssrp_depr.c | 47 +- crypto/openssl/apps/lib/vms_decc_argv.c | 2 +- crypto/openssl/apps/lib/vms_term_sock.c | 501 +- crypto/openssl/apps/lib/win32_init.c | 31 +- crypto/openssl/apps/list.c | 610 +- crypto/openssl/apps/mac.c | 40 +- crypto/openssl/apps/nseq.c | 22 +- crypto/openssl/apps/ocsp.c | 464 +- crypto/openssl/apps/openssl.c | 66 +- crypto/openssl/apps/passwd.c | 250 +- crypto/openssl/apps/pkcs12.c | 369 +- crypto/openssl/apps/pkcs7.c | 46 +- crypto/openssl/apps/pkcs8.c | 92 +- crypto/openssl/apps/pkey.c | 100 +- crypto/openssl/apps/pkeyparam.c | 32 +- crypto/openssl/apps/pkeyutl.c | 257 +- crypto/openssl/apps/prime.c | 45 +- crypto/openssl/apps/progs.c | 2 +- crypto/openssl/apps/progs.h | 2 +- crypto/openssl/apps/progs.pl | 7 +- crypto/openssl/apps/rand.c | 36 +- crypto/openssl/apps/rehash.c | 172 +- crypto/openssl/apps/req.c | 479 +- crypto/openssl/apps/rsa.c | 103 +- crypto/openssl/apps/rsautl.c | 91 +- crypto/openssl/apps/s_client.c | 1869 +- crypto/openssl/apps/s_server.c | 929 +- crypto/openssl/apps/s_time.c | 158 +- crypto/openssl/apps/sess_id.c | 42 +- crypto/openssl/apps/skeyutl.c | 38 +- crypto/openssl/apps/smime.c | 225 +- crypto/openssl/apps/speed.c | 1648 +- crypto/openssl/apps/spkac.c | 56 +- crypto/openssl/apps/srp.c | 196 +- crypto/openssl/apps/storeutl.c | 159 +- crypto/openssl/apps/testdsa.h | 1490 +- crypto/openssl/apps/testrsa.h | 4912 +++- crypto/openssl/apps/timeouts.h | 8 +- crypto/openssl/apps/ts.c | 268 +- crypto/openssl/apps/verify.c | 137 +- crypto/openssl/apps/version.c | 58 +- crypto/openssl/apps/vms_decc_init.c | 73 +- crypto/openssl/apps/x509.c | 417 +- crypto/openssl/build.info | 16 +- crypto/openssl/crypto/LPdir_nyi.c | 2 +- crypto/openssl/crypto/LPdir_unix.c | 23 +- crypto/openssl/crypto/LPdir_vms.c | 24 +- crypto/openssl/crypto/LPdir_win.c | 35 +- crypto/openssl/crypto/LPdir_win32.c | 2 + crypto/openssl/crypto/LPdir_wince.c | 2 + crypto/openssl/crypto/aes/aes_cbc.c | 8 +- crypto/openssl/crypto/aes/aes_cfb.c | 18 +- crypto/openssl/crypto/aes/aes_core.c | 3589 ++- crypto/openssl/crypto/aes/aes_ecb.c | 2 +- crypto/openssl/crypto/aes/aes_ige.c | 56 +- crypto/openssl/crypto/aes/aes_local.h | 51 +- crypto/openssl/crypto/aes/aes_misc.c | 6 +- crypto/openssl/crypto/aes/aes_ofb.c | 6 +- crypto/openssl/crypto/aes/aes_wrap.c | 12 +- crypto/openssl/crypto/aes/aes_x86core.c | 591 +- crypto/openssl/crypto/aes/asm/aes-riscv32-zkn.pl | 7 +- crypto/openssl/crypto/aes/asm/aes-riscv64-zkn.pl | 7 +- .../openssl/crypto/aes/asm/aes-riscv64-zvkned.pl | 13 +- crypto/openssl/crypto/aes/asm/aes-riscv64.pl | 10 +- crypto/openssl/crypto/aes/asm/aesni-xts-avx512.pl | 14 +- crypto/openssl/crypto/aria/aria.c | 335 +- crypto/openssl/crypto/arm_arch.h | 369 +- crypto/openssl/crypto/armcap.c | 241 +- crypto/openssl/crypto/asn1/a_bitstr.c | 12 +- crypto/openssl/crypto/asn1/a_d2i_fp.c | 40 +- crypto/openssl/crypto/asn1/a_digest.c | 9 +- crypto/openssl/crypto/asn1/a_dup.c | 6 +- crypto/openssl/crypto/asn1/a_gentm.c | 8 +- crypto/openssl/crypto/asn1/a_i2d_fp.c | 4 +- crypto/openssl/crypto/asn1/a_int.c | 33 +- crypto/openssl/crypto/asn1/a_mbstr.c | 58 +- crypto/openssl/crypto/asn1/a_object.c | 32 +- crypto/openssl/crypto/asn1/a_octet.c | 4 +- crypto/openssl/crypto/asn1/a_print.c | 3 +- crypto/openssl/crypto/asn1/a_sign.c | 45 +- crypto/openssl/crypto/asn1/a_strex.c | 91 +- crypto/openssl/crypto/asn1/a_strnid.c | 16 +- crypto/openssl/crypto/asn1/a_time.c | 53 +- crypto/openssl/crypto/asn1/a_type.c | 12 +- crypto/openssl/crypto/asn1/a_utctm.c | 2 +- crypto/openssl/crypto/asn1/a_utf8.c | 4 +- crypto/openssl/crypto/asn1/a_verify.c | 29 +- crypto/openssl/crypto/asn1/ameth_lib.c | 172 +- crypto/openssl/crypto/asn1/asn1_err.c | 374 +- crypto/openssl/crypto/asn1/asn1_gen.c | 103 +- crypto/openssl/crypto/asn1/asn1_item_list.h | 4 +- crypto/openssl/crypto/asn1/asn1_lib.c | 12 +- crypto/openssl/crypto/asn1/asn1_local.h | 28 +- crypto/openssl/crypto/asn1/asn1_parse.c | 74 +- crypto/openssl/crypto/asn1/asn_mime.c | 99 +- crypto/openssl/crypto/asn1/asn_mstbl.c | 12 +- crypto/openssl/crypto/asn1/asn_pack.c | 9 +- crypto/openssl/crypto/asn1/bio_asn1.c | 44 +- crypto/openssl/crypto/asn1/bio_ndef.c | 17 +- crypto/openssl/crypto/asn1/d2i_param.c | 2 +- crypto/openssl/crypto/asn1/d2i_pr.c | 43 +- crypto/openssl/crypto/asn1/d2i_pu.c | 4 +- crypto/openssl/crypto/asn1/evp_asn1.c | 26 +- crypto/openssl/crypto/asn1/f_int.c | 4 +- crypto/openssl/crypto/asn1/f_string.c | 4 +- crypto/openssl/crypto/asn1/i2d_evp.c | 34 +- crypto/openssl/crypto/asn1/n_pkey.c | 23 +- crypto/openssl/crypto/asn1/nsseq.c | 6 +- crypto/openssl/crypto/asn1/p5_pbe.c | 19 +- crypto/openssl/crypto/asn1/p5_pbev2.c | 50 +- crypto/openssl/crypto/asn1/p5_scrypt.c | 63 +- crypto/openssl/crypto/asn1/p8_pkey.c | 24 +- crypto/openssl/crypto/asn1/t_bitst.c | 4 +- crypto/openssl/crypto/asn1/t_pkey.c | 19 +- crypto/openssl/crypto/asn1/t_spki.c | 6 +- crypto/openssl/crypto/asn1/tasn_dec.c | 227 +- crypto/openssl/crypto/asn1/tasn_enc.c | 51 +- crypto/openssl/crypto/asn1/tasn_new.c | 30 +- crypto/openssl/crypto/asn1/tasn_prn.c | 92 +- crypto/openssl/crypto/asn1/tasn_scn.c | 2 +- crypto/openssl/crypto/asn1/tasn_typ.c | 26 +- crypto/openssl/crypto/asn1/tasn_utl.c | 22 +- crypto/openssl/crypto/asn1/tbl_standard.h | 85 +- crypto/openssl/crypto/asn1/x_algor.c | 24 +- crypto/openssl/crypto/asn1/x_bignum.c | 29 +- crypto/openssl/crypto/asn1/x_int64.c | 87 +- crypto/openssl/crypto/asn1/x_long.c | 25 +- crypto/openssl/crypto/asn1/x_sig.c | 8 +- crypto/openssl/crypto/asn1/x_spki.c | 10 +- crypto/openssl/crypto/asn1/x_val.c | 4 +- crypto/openssl/crypto/asn1_dsa.c | 61 +- crypto/openssl/crypto/async/arch/async_null.c | 5 +- crypto/openssl/crypto/async/arch/async_null.h | 17 +- crypto/openssl/crypto/async/arch/async_posix.c | 14 +- crypto/openssl/crypto/async/arch/async_posix.h | 53 +- crypto/openssl/crypto/async/arch/async_win.c | 14 +- crypto/openssl/crypto/async/arch/async_win.h | 38 +- crypto/openssl/crypto/async/async.c | 29 +- crypto/openssl/crypto/async/async_err.c | 16 +- crypto/openssl/crypto/async/async_local.h | 9 +- crypto/openssl/crypto/async/async_wait.c | 48 +- crypto/openssl/crypto/bf/bf_cfb64.c | 8 +- crypto/openssl/crypto/bf/bf_ecb.c | 2 +- crypto/openssl/crypto/bf/bf_enc.c | 12 +- crypto/openssl/crypto/bf/bf_local.h | 134 +- crypto/openssl/crypto/bf/bf_ofb64.c | 8 +- crypto/openssl/crypto/bf/bf_pi.h | 1548 +- crypto/openssl/crypto/bio/bf_buff.c | 21 +- crypto/openssl/crypto/bio/bf_lbuf.c | 18 +- crypto/openssl/crypto/bio/bf_prefix.c | 14 +- crypto/openssl/crypto/bio/bf_readbuff.c | 64 +- crypto/openssl/crypto/bio/bio_addr.c | 145 +- crypto/openssl/crypto/bio/bio_cb.c | 26 +- crypto/openssl/crypto/bio/bio_dump.c | 22 +- crypto/openssl/crypto/bio/bio_err.c | 142 +- crypto/openssl/crypto/bio/bio_lib.c | 78 +- crypto/openssl/crypto/bio/bio_local.h | 145 +- crypto/openssl/crypto/bio/bio_meth.c | 56 +- crypto/openssl/crypto/bio/bio_print.c | 148 +- crypto/openssl/crypto/bio/bio_sock.c | 243 +- crypto/openssl/crypto/bio/bio_sock2.c | 140 +- crypto/openssl/crypto/bio/bss_acpt.c | 140 +- crypto/openssl/crypto/bio/bss_bio.c | 68 +- crypto/openssl/crypto/bio/bss_conn.c | 236 +- crypto/openssl/crypto/bio/bss_core.c | 6 +- crypto/openssl/crypto/bio/bss_dgram.c | 1477 +- crypto/openssl/crypto/bio/bss_dgram_pair.c | 110 +- crypto/openssl/crypto/bio/bss_fd.c | 46 +- crypto/openssl/crypto/bio/bss_file.c | 88 +- crypto/openssl/crypto/bio/bss_log.c | 208 +- crypto/openssl/crypto/bio/bss_mem.c | 12 +- crypto/openssl/crypto/bio/bss_null.c | 2 +- crypto/openssl/crypto/bio/bss_sock.c | 135 +- crypto/openssl/crypto/bio/ossl_core_bio.c | 4 +- crypto/openssl/crypto/bn/asm/armv4-gf2m.pl | 4 +- crypto/openssl/crypto/bn/asm/rsaz-2k-avx512.pl | 10 +- crypto/openssl/crypto/bn/asm/rsaz-2k-avxifma.pl | 115 +- crypto/openssl/crypto/bn/asm/rsaz-3k-avx512.pl | 10 +- crypto/openssl/crypto/bn/asm/rsaz-3k-avxifma.pl | 41 +- crypto/openssl/crypto/bn/asm/rsaz-4k-avx512.pl | 10 +- crypto/openssl/crypto/bn/asm/rsaz-4k-avxifma.pl | 41 +- crypto/openssl/crypto/bn/asm/rsaz-x86_64.pl | 10 +- crypto/openssl/crypto/bn/asm/sparcv9-mont.pl | 4 +- crypto/openssl/crypto/bn/asm/x86_64-gcc.c | 306 +- crypto/openssl/crypto/bn/asm/x86_64-mont5.pl | 10 +- crypto/openssl/crypto/bn/bn_add.c | 3 +- crypto/openssl/crypto/bn/bn_asm.c | 445 +- crypto/openssl/crypto/bn/bn_blind.c | 35 +- crypto/openssl/crypto/bn/bn_const.c | 253 +- crypto/openssl/crypto/bn/bn_conv.c | 14 +- crypto/openssl/crypto/bn/bn_ctx.c | 37 +- crypto/openssl/crypto/bn/bn_depr.c | 16 +- crypto/openssl/crypto/bn/bn_dh.c | 1135 +- crypto/openssl/crypto/bn/bn_div.c | 160 +- crypto/openssl/crypto/bn/bn_err.c | 54 +- crypto/openssl/crypto/bn/bn_exp.c | 348 +- crypto/openssl/crypto/bn/bn_exp2.c | 29 +- crypto/openssl/crypto/bn/bn_gcd.c | 37 +- crypto/openssl/crypto/bn/bn_gf2m.c | 158 +- crypto/openssl/crypto/bn/bn_intern.c | 14 +- crypto/openssl/crypto/bn/bn_kron.c | 6 +- crypto/openssl/crypto/bn/bn_lib.c | 71 +- crypto/openssl/crypto/bn/bn_local.h | 826 +- crypto/openssl/crypto/bn/bn_mod.c | 20 +- crypto/openssl/crypto/bn/bn_mont.c | 73 +- crypto/openssl/crypto/bn/bn_mpi.c | 3 +- crypto/openssl/crypto/bn/bn_mul.c | 69 +- crypto/openssl/crypto/bn/bn_nist.c | 422 +- crypto/openssl/crypto/bn/bn_ppc.c | 20 +- crypto/openssl/crypto/bn/bn_prime.c | 72 +- crypto/openssl/crypto/bn/bn_print.c | 6 +- crypto/openssl/crypto/bn/bn_rand.c | 78 +- crypto/openssl/crypto/bn/bn_recp.c | 12 +- crypto/openssl/crypto/bn/bn_rsa_fips186_4.c | 45 +- crypto/openssl/crypto/bn/bn_s390x.c | 28 +- crypto/openssl/crypto/bn/bn_shift.c | 8 +- crypto/openssl/crypto/bn/bn_sparc.c | 65 +- crypto/openssl/crypto/bn/bn_sqr.c | 16 +- crypto/openssl/crypto/bn/bn_sqrt.c | 13 +- crypto/openssl/crypto/bn/bn_srp.c | 26 +- crypto/openssl/crypto/bn/bn_word.c | 3 +- crypto/openssl/crypto/bn/bn_x931p.c | 25 +- crypto/openssl/crypto/bn/rsaz_exp.c | 32 +- crypto/openssl/crypto/bn/rsaz_exp.h | 67 +- crypto/openssl/crypto/bn/rsaz_exp_x2.c | 269 +- crypto/openssl/crypto/bsearch.c | 12 +- crypto/openssl/crypto/buffer/buf_err.c | 2 +- crypto/openssl/crypto/camellia/camellia.c | 426 +- crypto/openssl/crypto/camellia/cmll_cbc.c | 8 +- crypto/openssl/crypto/camellia/cmll_cfb.c | 18 +- crypto/openssl/crypto/camellia/cmll_ctr.c | 10 +- crypto/openssl/crypto/camellia/cmll_ecb.c | 2 +- crypto/openssl/crypto/camellia/cmll_local.h | 18 +- crypto/openssl/crypto/camellia/cmll_misc.c | 6 +- crypto/openssl/crypto/camellia/cmll_ofb.c | 6 +- crypto/openssl/crypto/cast/c_cfb64.c | 8 +- crypto/openssl/crypto/cast/c_ecb.c | 2 +- crypto/openssl/crypto/cast/c_enc.c | 4 +- crypto/openssl/crypto/cast/c_ofb64.c | 8 +- crypto/openssl/crypto/cast/c_skey.c | 15 +- crypto/openssl/crypto/cast/cast_local.h | 233 +- crypto/openssl/crypto/cast/cast_s.h | 2560 +- crypto/openssl/crypto/chacha/asm/chacha-x86.pl | 8 +- crypto/openssl/crypto/chacha/asm/chacha-x86_64.pl | 11 +- crypto/openssl/crypto/chacha/chacha_enc.c | 82 +- crypto/openssl/crypto/chacha/chacha_ppc.c | 35 +- crypto/openssl/crypto/chacha/chacha_riscv.c | 14 +- crypto/openssl/crypto/cmac/cmac.c | 7 +- crypto/openssl/crypto/cmp/cmp_asn.c | 291 +- crypto/openssl/crypto/cmp/cmp_client.c | 264 +- crypto/openssl/crypto/cmp/cmp_ctx.c | 582 +- crypto/openssl/crypto/cmp/cmp_err.c | 356 +- crypto/openssl/crypto/cmp/cmp_genm.c | 124 +- crypto/openssl/crypto/cmp/cmp_hdr.c | 50 +- crypto/openssl/crypto/cmp/cmp_http.c | 46 +- crypto/openssl/crypto/cmp/cmp_local.h | 228 +- crypto/openssl/crypto/cmp/cmp_msg.c | 272 +- crypto/openssl/crypto/cmp/cmp_protect.c | 42 +- crypto/openssl/crypto/cmp/cmp_server.c | 142 +- crypto/openssl/crypto/cmp/cmp_status.c | 59 +- crypto/openssl/crypto/cmp/cmp_util.c | 73 +- crypto/openssl/crypto/cmp/cmp_vfy.c | 242 +- crypto/openssl/crypto/cms/cms_asn1.c | 301 +- crypto/openssl/crypto/cms/cms_att.c | 88 +- crypto/openssl/crypto/cms/cms_cd.c | 10 +- crypto/openssl/crypto/cms/cms_dd.c | 13 +- crypto/openssl/crypto/cms/cms_dh.c | 41 +- crypto/openssl/crypto/cms/cms_ec.c | 42 +- crypto/openssl/crypto/cms/cms_enc.c | 36 +- crypto/openssl/crypto/cms/cms_env.c | 198 +- crypto/openssl/crypto/cms/cms_err.c | 310 +- crypto/openssl/crypto/cms/cms_ess.c | 57 +- crypto/openssl/crypto/cms/cms_io.c | 30 +- crypto/openssl/crypto/cms/cms_kari.c | 110 +- crypto/openssl/crypto/cms/cms_lib.c | 56 +- crypto/openssl/crypto/cms/cms_local.h | 94 +- crypto/openssl/crypto/cms/cms_pwri.c | 60 +- crypto/openssl/crypto/cms/cms_rsa.c | 45 +- crypto/openssl/crypto/cms/cms_sd.c | 181 +- crypto/openssl/crypto/cms/cms_smime.c | 146 +- crypto/openssl/crypto/comp/c_brotli.c | 139 +- crypto/openssl/crypto/comp/c_zlib.c | 190 +- crypto/openssl/crypto/comp/c_zstd.c | 206 +- crypto/openssl/crypto/comp/comp_err.c | 48 +- crypto/openssl/crypto/comp/comp_lib.c | 6 +- crypto/openssl/crypto/comp/comp_local.h | 22 +- crypto/openssl/crypto/comp_methods.c | 6 +- crypto/openssl/crypto/conf/conf_api.c | 6 +- crypto/openssl/crypto/conf/conf_def.c | 72 +- crypto/openssl/crypto/conf/conf_err.c | 90 +- crypto/openssl/crypto/conf/conf_lib.c | 27 +- crypto/openssl/crypto/conf/conf_mod.c | 68 +- crypto/openssl/crypto/conf/conf_sap.c | 6 +- crypto/openssl/crypto/conf/conf_ssl.c | 13 +- crypto/openssl/crypto/context.c | 8 +- crypto/openssl/crypto/core_algorithm.c | 52 +- crypto/openssl/crypto/core_fetch.c | 36 +- crypto/openssl/crypto/core_namemap.c | 54 +- crypto/openssl/crypto/cpt_err.c | 120 +- crypto/openssl/crypto/cpuid.c | 39 +- crypto/openssl/crypto/crmf/crmf_asn.c | 75 +- crypto/openssl/crypto/crmf/crmf_err.c | 114 +- crypto/openssl/crypto/crmf/crmf_lib.c | 269 +- crypto/openssl/crypto/crmf/crmf_local.h | 34 +- crypto/openssl/crypto/crmf/crmf_pbm.c | 28 +- crypto/openssl/crypto/cryptlib.c | 112 +- crypto/openssl/crypto/ct/ct_b64.c | 16 +- crypto/openssl/crypto/ct/ct_err.c | 62 +- crypto/openssl/crypto/ct/ct_local.h | 97 +- crypto/openssl/crypto/ct/ct_log.c | 27 +- crypto/openssl/crypto/ct/ct_oct.c | 22 +- crypto/openssl/crypto/ct/ct_policy.c | 12 +- crypto/openssl/crypto/ct/ct_prn.c | 16 +- crypto/openssl/crypto/ct/ct_sct.c | 11 +- crypto/openssl/crypto/ct/ct_sct_ctx.c | 13 +- crypto/openssl/crypto/ct/ct_vfy.c | 9 +- crypto/openssl/crypto/ct/ct_x509v3.c | 62 +- crypto/openssl/crypto/ctype.c | 410 +- crypto/openssl/crypto/cversion.c | 28 +- crypto/openssl/crypto/defaults.c | 36 +- crypto/openssl/crypto/der_writer.c | 23 +- crypto/openssl/crypto/des/cbc_cksm.c | 4 +- crypto/openssl/crypto/des/cbc_enc.c | 2 + crypto/openssl/crypto/des/cfb64ede.c | 16 +- crypto/openssl/crypto/des/cfb64enc.c | 8 +- crypto/openssl/crypto/des/cfb_enc.c | 13 +- crypto/openssl/crypto/des/des_enc.c | 144 +- crypto/openssl/crypto/des/des_local.h | 379 +- crypto/openssl/crypto/des/ecb3_enc.c | 4 +- crypto/openssl/crypto/des/ecb_enc.c | 3 +- crypto/openssl/crypto/des/fcrypt.c | 154 +- crypto/openssl/crypto/des/fcrypt_b.c | 52 +- crypto/openssl/crypto/des/ncbc_enc.c | 6 +- crypto/openssl/crypto/des/ofb64ede.c | 10 +- crypto/openssl/crypto/des/ofb64enc.c | 8 +- crypto/openssl/crypto/des/ofb_enc.c | 8 +- crypto/openssl/crypto/des/pcbc_enc.c | 4 +- crypto/openssl/crypto/des/qud_cksm.c | 22 +- crypto/openssl/crypto/des/set_key.c | 726 +- crypto/openssl/crypto/des/spr.h | 640 +- crypto/openssl/crypto/des/xcbc_enc.c | 6 +- crypto/openssl/crypto/deterministic_nonce.c | 62 +- crypto/openssl/crypto/dh/dh_ameth.c | 48 +- crypto/openssl/crypto/dh/dh_asn1.c | 38 +- crypto/openssl/crypto/dh/dh_backend.c | 21 +- crypto/openssl/crypto/dh/dh_check.c | 14 +- crypto/openssl/crypto/dh/dh_depr.c | 2 +- crypto/openssl/crypto/dh/dh_err.c | 94 +- crypto/openssl/crypto/dh/dh_gen.c | 21 +- crypto/openssl/crypto/dh/dh_group_params.c | 5 +- crypto/openssl/crypto/dh/dh_kdf.c | 26 +- crypto/openssl/crypto/dh/dh_key.c | 45 +- crypto/openssl/crypto/dh/dh_lib.c | 16 +- crypto/openssl/crypto/dh/dh_local.h | 24 +- crypto/openssl/crypto/dh/dh_meth.c | 28 +- crypto/openssl/crypto/dh/dh_pmeth.c | 47 +- crypto/openssl/crypto/dh/dh_rfc5114.c | 34 +- crypto/openssl/crypto/dllmain.c | 11 +- crypto/openssl/crypto/dsa/dsa_ameth.c | 141 +- crypto/openssl/crypto/dsa/dsa_asn1.c | 30 +- crypto/openssl/crypto/dsa/dsa_backend.c | 24 +- crypto/openssl/crypto/dsa/dsa_check.c | 8 +- crypto/openssl/crypto/dsa/dsa_depr.c | 10 +- crypto/openssl/crypto/dsa/dsa_err.c | 50 +- crypto/openssl/crypto/dsa/dsa_gen.c | 24 +- crypto/openssl/crypto/dsa/dsa_key.c | 26 +- crypto/openssl/crypto/dsa/dsa_lib.c | 19 +- crypto/openssl/crypto/dsa/dsa_local.h | 42 +- crypto/openssl/crypto/dsa/dsa_meth.c | 52 +- crypto/openssl/crypto/dsa/dsa_ossl.c | 96 +- crypto/openssl/crypto/dsa/dsa_pmeth.c | 39 +- crypto/openssl/crypto/dsa/dsa_sign.c | 22 +- crypto/openssl/crypto/dsa/dsa_vrf.c | 2 +- crypto/openssl/crypto/dso/dso_dl.c | 59 +- crypto/openssl/crypto/dso/dso_dlfcn.c | 132 +- crypto/openssl/crypto/dso/dso_err.c | 56 +- crypto/openssl/crypto/dso/dso_lib.c | 8 +- crypto/openssl/crypto/dso/dso_local.h | 16 +- crypto/openssl/crypto/dso/dso_vms.c | 172 +- crypto/openssl/crypto/dso/dso_win32.c | 160 +- crypto/openssl/crypto/ebcdic.c | 110 +- crypto/openssl/crypto/ec/curve25519.c | 5161 ++-- .../crypto/ec/curve448/arch_32/arch_intrinsics.h | 8 +- crypto/openssl/crypto/ec/curve448/arch_32/f_impl.h | 18 +- .../openssl/crypto/ec/curve448/arch_32/f_impl32.c | 10 +- .../crypto/ec/curve448/arch_64/arch_intrinsics.h | 12 +- crypto/openssl/crypto/ec/curve448/arch_64/f_impl.h | 15 +- .../openssl/crypto/ec/curve448/arch_64/f_impl64.c | 8 +- crypto/openssl/crypto/ec/curve448/curve448.c | 217 +- crypto/openssl/crypto/ec/curve448/curve448_local.h | 6 +- .../openssl/crypto/ec/curve448/curve448_tables.c | 3028 +-- crypto/openssl/crypto/ec/curve448/curve448utils.h | 44 +- crypto/openssl/crypto/ec/curve448/ed448.h | 102 +- crypto/openssl/crypto/ec/curve448/eddsa.c | 211 +- crypto/openssl/crypto/ec/curve448/f_generic.c | 25 +- crypto/openssl/crypto/ec/curve448/field.h | 87 +- crypto/openssl/crypto/ec/curve448/point_448.h | 101 +- crypto/openssl/crypto/ec/curve448/scalar.c | 82 +- crypto/openssl/crypto/ec/curve448/word.h | 48 +- crypto/openssl/crypto/ec/ec2_oct.c | 30 +- crypto/openssl/crypto/ec/ec2_smpl.c | 122 +- crypto/openssl/crypto/ec/ec_ameth.c | 87 +- crypto/openssl/crypto/ec/ec_asn1.c | 150 +- crypto/openssl/crypto/ec/ec_backend.c | 88 +- crypto/openssl/crypto/ec/ec_check.c | 14 +- crypto/openssl/crypto/ec/ec_curve.c | 1575 +- crypto/openssl/crypto/ec/ec_cvt.c | 4 +- crypto/openssl/crypto/ec/ec_deprecated.c | 8 +- crypto/openssl/crypto/ec/ec_err.c | 212 +- crypto/openssl/crypto/ec/ec_key.c | 56 +- crypto/openssl/crypto/ec/ec_kmeth.c | 147 +- crypto/openssl/crypto/ec/ec_lib.c | 192 +- crypto/openssl/crypto/ec/ec_local.h | 519 +- crypto/openssl/crypto/ec/ec_mult.c | 113 +- crypto/openssl/crypto/ec/ec_oct.c | 34 +- crypto/openssl/crypto/ec/ec_pmeth.c | 29 +- crypto/openssl/crypto/ec/ec_print.c | 8 +- crypto/openssl/crypto/ec/ecdh_kdf.c | 22 +- crypto/openssl/crypto/ec/ecdh_ossl.c | 6 +- crypto/openssl/crypto/ec/ecdsa_ossl.c | 85 +- crypto/openssl/crypto/ec/ecdsa_sign.c | 13 +- crypto/openssl/crypto/ec/ecdsa_vrf.c | 6 +- crypto/openssl/crypto/ec/eck_prn.c | 23 +- crypto/openssl/crypto/ec/ecp_mont.c | 32 +- crypto/openssl/crypto/ec/ecp_nist.c | 28 +- crypto/openssl/crypto/ec/ecp_nistp224.c | 603 +- crypto/openssl/crypto/ec/ecp_nistp256.c | 783 +- crypto/openssl/crypto/ec/ecp_nistp384.c | 929 +- crypto/openssl/crypto/ec/ecp_nistp521.c | 940 +- crypto/openssl/crypto/ec/ecp_nistputil.c | 62 +- crypto/openssl/crypto/ec/ecp_nistz256.c | 376 +- crypto/openssl/crypto/ec/ecp_nistz256_table.c | 24407 +++++++++++-------- crypto/openssl/crypto/ec/ecp_oct.c | 31 +- crypto/openssl/crypto/ec/ecp_ppc.c | 8 +- crypto/openssl/crypto/ec/ecp_s390x_nistp.c | 323 +- crypto/openssl/crypto/ec/ecp_sm2p256.c | 100 +- crypto/openssl/crypto/ec/ecp_sm2p256_table.c | 2 +- crypto/openssl/crypto/ec/ecp_smpl.c | 169 +- crypto/openssl/crypto/ec/ecx_backend.c | 32 +- crypto/openssl/crypto/ec/ecx_backend.h | 18 +- crypto/openssl/crypto/ec/ecx_key.c | 18 +- crypto/openssl/crypto/ec/ecx_meth.c | 235 +- crypto/openssl/crypto/ec/ecx_s390x.c | 28 +- crypto/openssl/crypto/encode_decode/decoder_err.c | 14 +- crypto/openssl/crypto/encode_decode/decoder_lib.c | 388 +- crypto/openssl/crypto/encode_decode/decoder_meth.c | 85 +- crypto/openssl/crypto/encode_decode/decoder_pkey.c | 226 +- crypto/openssl/crypto/encode_decode/encoder_err.c | 14 +- crypto/openssl/crypto/encode_decode/encoder_lib.c | 254 +- .../openssl/crypto/encode_decode/encoder_local.h | 18 +- crypto/openssl/crypto/encode_decode/encoder_meth.c | 95 +- crypto/openssl/crypto/encode_decode/encoder_pkey.c | 95 +- crypto/openssl/crypto/engine/eng_all.c | 4 +- crypto/openssl/crypto/engine/eng_cnf.c | 13 +- crypto/openssl/crypto/engine/eng_ctrl.c | 28 +- crypto/openssl/crypto/engine/eng_dyn.c | 116 +- crypto/openssl/crypto/engine/eng_err.c | 128 +- crypto/openssl/crypto/engine/eng_fat.c | 2 +- crypto/openssl/crypto/engine/eng_lib.c | 4 +- crypto/openssl/crypto/engine/eng_list.c | 17 +- crypto/openssl/crypto/engine/eng_local.h | 48 +- crypto/openssl/crypto/engine/eng_openssl.c | 132 +- crypto/openssl/crypto/engine/eng_pkey.c | 20 +- crypto/openssl/crypto/engine/eng_rdrand.c | 44 +- crypto/openssl/crypto/engine/eng_table.c | 46 +- crypto/openssl/crypto/engine/tb_asnmth.c | 22 +- crypto/openssl/crypto/engine/tb_cipher.c | 10 +- crypto/openssl/crypto/engine/tb_dh.c | 10 +- crypto/openssl/crypto/engine/tb_digest.c | 10 +- crypto/openssl/crypto/engine/tb_dsa.c | 10 +- crypto/openssl/crypto/engine/tb_eckey.c | 10 +- crypto/openssl/crypto/engine/tb_pkmeth.c | 10 +- crypto/openssl/crypto/engine/tb_rand.c | 10 +- crypto/openssl/crypto/engine/tb_rsa.c | 10 +- crypto/openssl/crypto/err/err.c | 238 +- crypto/openssl/crypto/err/err_all.c | 52 +- crypto/openssl/crypto/err/err_all_legacy.c | 112 +- crypto/openssl/crypto/err/err_local.h | 21 +- crypto/openssl/crypto/err/err_mark.c | 7 +- crypto/openssl/crypto/err/err_prn.c | 12 +- crypto/openssl/crypto/err/err_save.c | 48 +- crypto/openssl/crypto/err/openssl.txt | 4 +- crypto/openssl/crypto/ess/ess_asn1.c | 24 +- crypto/openssl/crypto/ess/ess_err.c | 38 +- crypto/openssl/crypto/ess/ess_lib.c | 51 +- crypto/openssl/crypto/evp/asymcipher.c | 106 +- crypto/openssl/crypto/evp/bio_b64.c | 42 +- crypto/openssl/crypto/evp/bio_enc.c | 53 +- crypto/openssl/crypto/evp/bio_md.c | 8 +- crypto/openssl/crypto/evp/bio_ok.c | 51 +- crypto/openssl/crypto/evp/c_allc.c | 8 +- crypto/openssl/crypto/evp/cmeth_lib.c | 57 +- crypto/openssl/crypto/evp/ctrl_params_translate.c | 1365 +- crypto/openssl/crypto/evp/dh_ctrl.c | 46 +- crypto/openssl/crypto/evp/dh_support.c | 10 +- crypto/openssl/crypto/evp/digest.c | 214 +- crypto/openssl/crypto/evp/dsa_ctrl.c | 18 +- crypto/openssl/crypto/evp/e_aes.c | 1545 +- crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c | 439 +- crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha256.c | 440 +- crypto/openssl/crypto/evp/e_aria.c | 334 +- crypto/openssl/crypto/evp/e_bf.c | 20 +- crypto/openssl/crypto/evp/e_camellia.c | 224 +- crypto/openssl/crypto/evp/e_cast.c | 22 +- crypto/openssl/crypto/evp/e_chacha20_poly1305.c | 265 +- crypto/openssl/crypto/evp/e_des.c | 130 +- crypto/openssl/crypto/evp/e_des3.c | 189 +- crypto/openssl/crypto/evp/e_idea.c | 28 +- crypto/openssl/crypto/evp/e_null.c | 8 +- crypto/openssl/crypto/evp/e_old.c | 16 +- crypto/openssl/crypto/evp/e_rc2.c | 53 +- crypto/openssl/crypto/evp/e_rc4.c | 22 +- crypto/openssl/crypto/evp/e_rc4_hmac_md5.c | 161 +- crypto/openssl/crypto/evp/e_rc5.c | 26 +- crypto/openssl/crypto/evp/e_seed.c | 8 +- crypto/openssl/crypto/evp/e_sm4.c | 175 +- crypto/openssl/crypto/evp/e_xcbc_d.c | 34 +- crypto/openssl/crypto/evp/ec_ctrl.c | 39 +- crypto/openssl/crypto/evp/ec_support.c | 194 +- crypto/openssl/crypto/evp/encode.c | 352 +- crypto/openssl/crypto/evp/evp_cnf.c | 7 +- crypto/openssl/crypto/evp/evp_enc.c | 378 +- crypto/openssl/crypto/evp/evp_err.c | 408 +- crypto/openssl/crypto/evp/evp_fetch.c | 164 +- crypto/openssl/crypto/evp/evp_key.c | 22 +- crypto/openssl/crypto/evp/evp_lib.c | 187 +- crypto/openssl/crypto/evp/evp_local.h | 183 +- crypto/openssl/crypto/evp/evp_pbe.c | 133 +- crypto/openssl/crypto/evp/evp_pkey.c | 46 +- crypto/openssl/crypto/evp/evp_rand.c | 143 +- crypto/openssl/crypto/evp/evp_utils.c | 70 +- crypto/openssl/crypto/evp/exchange.c | 107 +- crypto/openssl/crypto/evp/kdf_lib.c | 10 +- crypto/openssl/crypto/evp/kdf_meth.c | 27 +- crypto/openssl/crypto/evp/kem.c | 83 +- crypto/openssl/crypto/evp/keymgmt_lib.c | 72 +- crypto/openssl/crypto/evp/keymgmt_meth.c | 108 +- crypto/openssl/crypto/evp/legacy_blake2.c | 6 +- crypto/openssl/crypto/evp/legacy_md5_sha1.c | 6 +- crypto/openssl/crypto/evp/legacy_mdc2.c | 2 +- crypto/openssl/crypto/evp/legacy_meth.h | 55 +- crypto/openssl/crypto/evp/legacy_ripemd.c | 2 +- crypto/openssl/crypto/evp/legacy_sha.c | 130 +- crypto/openssl/crypto/evp/legacy_wp.c | 2 +- crypto/openssl/crypto/evp/m_sigver.c | 164 +- crypto/openssl/crypto/evp/mac_lib.c | 37 +- crypto/openssl/crypto/evp/mac_meth.c | 39 +- crypto/openssl/crypto/evp/names.c | 50 +- crypto/openssl/crypto/evp/p5_crpt.c | 24 +- crypto/openssl/crypto/evp/p5_crpt2.c | 69 +- crypto/openssl/crypto/evp/p_dec.c | 7 +- crypto/openssl/crypto/evp/p_enc.c | 7 +- crypto/openssl/crypto/evp/p_lib.c | 589 +- crypto/openssl/crypto/evp/p_open.c | 6 +- crypto/openssl/crypto/evp/p_seal.c | 6 +- crypto/openssl/crypto/evp/p_sign.c | 8 +- crypto/openssl/crypto/evp/p_verify.c | 8 +- crypto/openssl/crypto/evp/pbe_scrypt.c | 32 +- crypto/openssl/crypto/evp/pmeth_check.c | 25 +- crypto/openssl/crypto/evp/pmeth_gn.c | 57 +- crypto/openssl/crypto/evp/pmeth_lib.c | 692 +- crypto/openssl/crypto/evp/s_lib.c | 39 +- crypto/openssl/crypto/evp/signature.c | 286 +- crypto/openssl/crypto/evp/skeymgmt_meth.c | 44 +- crypto/openssl/crypto/ex_data.c | 47 +- crypto/openssl/crypto/ffc/ffc_backend.c | 16 +- crypto/openssl/crypto/ffc/ffc_dh.c | 64 +- crypto/openssl/crypto/ffc/ffc_key_generate.c | 2 +- crypto/openssl/crypto/ffc/ffc_key_validate.c | 10 +- crypto/openssl/crypto/ffc/ffc_params.c | 62 +- crypto/openssl/crypto/ffc/ffc_params_generate.c | 174 +- crypto/openssl/crypto/ffc/ffc_params_validate.c | 46 +- crypto/openssl/crypto/getenv.c | 18 +- crypto/openssl/crypto/hashtable/hashtable.c | 81 +- crypto/openssl/crypto/hmac/hmac.c | 32 +- crypto/openssl/crypto/hmac/hmac_local.h | 20 +- crypto/openssl/crypto/hmac/hmac_s390x.c | 33 +- crypto/openssl/crypto/hpke/hpke.c | 241 +- crypto/openssl/crypto/hpke/hpke_util.c | 185 +- crypto/openssl/crypto/http/http_client.c | 381 +- crypto/openssl/crypto/http/http_err.c | 122 +- crypto/openssl/crypto/http/http_lib.c | 46 +- crypto/openssl/crypto/idea/i_cbc.c | 4 +- crypto/openssl/crypto/idea/i_cfb64.c | 7 +- crypto/openssl/crypto/idea/i_ecb.c | 2 +- crypto/openssl/crypto/idea/i_ofb64.c | 7 +- crypto/openssl/crypto/idea/idea_local.h | 179 +- crypto/openssl/crypto/indicator_core.c | 7 +- crypto/openssl/crypto/info.c | 251 +- crypto/openssl/crypto/init.c | 166 +- crypto/openssl/crypto/initthread.c | 46 +- crypto/openssl/crypto/lhash/lh_stats.c | 22 +- crypto/openssl/crypto/lhash/lhash.c | 47 +- crypto/openssl/crypto/lhash/lhash_local.h | 4 +- crypto/openssl/crypto/loongarch_arch.h | 10 +- crypto/openssl/crypto/loongarchcap.c | 2 +- crypto/openssl/crypto/md2/md2_dgst.c | 296 +- crypto/openssl/crypto/md4/md4_dgst.c | 16 +- crypto/openssl/crypto/md4/md4_local.h | 63 +- crypto/openssl/crypto/md4/md4_one.c | 2 +- crypto/openssl/crypto/md5/md5_dgst.c | 16 +- crypto/openssl/crypto/md5/md5_local.h | 98 +- crypto/openssl/crypto/md5/md5_one.c | 2 +- crypto/openssl/crypto/mdc2/mdc2dgst.c | 16 +- crypto/openssl/crypto/mem.c | 99 +- crypto/openssl/crypto/mem_sec.c | 141 +- crypto/openssl/crypto/mips_arch.h | 48 +- crypto/openssl/crypto/ml_dsa/ml_dsa_encoders.c | 76 +- crypto/openssl/crypto/ml_dsa/ml_dsa_hash.h | 12 +- crypto/openssl/crypto/ml_dsa/ml_dsa_key.c | 52 +- crypto/openssl/crypto/ml_dsa/ml_dsa_key.h | 6 +- crypto/openssl/crypto/ml_dsa/ml_dsa_key_compress.c | 12 +- crypto/openssl/crypto/ml_dsa/ml_dsa_local.h | 86 +- crypto/openssl/crypto/ml_dsa/ml_dsa_matrix.c | 2 +- crypto/openssl/crypto/ml_dsa/ml_dsa_matrix.h | 2 +- crypto/openssl/crypto/ml_dsa/ml_dsa_ntt.c | 49 +- crypto/openssl/crypto/ml_dsa/ml_dsa_params.c | 89 +- crypto/openssl/crypto/ml_dsa/ml_dsa_poly.h | 14 +- crypto/openssl/crypto/ml_dsa/ml_dsa_sample.c | 34 +- crypto/openssl/crypto/ml_dsa/ml_dsa_sign.c | 72 +- crypto/openssl/crypto/ml_dsa/ml_dsa_vector.h | 24 +- crypto/openssl/crypto/ml_kem/ml_kem.c | 807 +- crypto/openssl/crypto/modes/asm/aes-gcm-avx512.pl | 4 +- crypto/openssl/crypto/modes/asm/aes-gcm-ppc.pl | 2056 +- .../openssl/crypto/modes/asm/aesni-gcm-x86_64.pl | 10 +- crypto/openssl/crypto/modes/asm/ghash-armv4.pl | 4 +- crypto/openssl/crypto/modes/build.info | 2 +- crypto/openssl/crypto/modes/cbc128.c | 38 +- crypto/openssl/crypto/modes/ccm128.c | 108 +- crypto/openssl/crypto/modes/cfb128.c | 64 +- crypto/openssl/crypto/modes/ctr128.c | 38 +- crypto/openssl/crypto/modes/cts128.c | 86 +- crypto/openssl/crypto/modes/gcm128.c | 500 +- crypto/openssl/crypto/modes/ocb128.c | 67 +- crypto/openssl/crypto/modes/ofb128.c | 20 +- crypto/openssl/crypto/modes/siv128.c | 56 +- crypto/openssl/crypto/modes/wrap128.c | 49 +- crypto/openssl/crypto/modes/xts128.c | 22 +- crypto/openssl/crypto/modes/xts128gb.c | 22 +- crypto/openssl/crypto/o_dir.c | 2 + crypto/openssl/crypto/o_fopen.c | 50 +- crypto/openssl/crypto/o_str.c | 94 +- crypto/openssl/crypto/o_time.c | 20 +- crypto/openssl/crypto/objects/o_names.c | 44 +- crypto/openssl/crypto/objects/obj_compat.h | 62 +- crypto/openssl/crypto/objects/obj_dat.c | 49 +- crypto/openssl/crypto/objects/obj_err.c | 10 +- crypto/openssl/crypto/objects/obj_lib.c | 6 +- crypto/openssl/crypto/objects/obj_xref.c | 6 +- crypto/openssl/crypto/ocsp/ocsp_asn.c | 90 +- crypto/openssl/crypto/ocsp/ocsp_cl.c | 42 +- crypto/openssl/crypto/ocsp/ocsp_err.c | 90 +- crypto/openssl/crypto/ocsp/ocsp_ext.c | 77 +- crypto/openssl/crypto/ocsp/ocsp_http.c | 16 +- crypto/openssl/crypto/ocsp/ocsp_lib.c | 12 +- crypto/openssl/crypto/ocsp/ocsp_local.h | 94 +- crypto/openssl/crypto/ocsp/ocsp_prn.c | 65 +- crypto/openssl/crypto/ocsp/ocsp_srv.c | 61 +- crypto/openssl/crypto/ocsp/ocsp_vfy.c | 50 +- crypto/openssl/crypto/ocsp/v3_ocsp.c | 60 +- crypto/openssl/crypto/packet.c | 49 +- crypto/openssl/crypto/param_build.c | 178 +- crypto/openssl/crypto/param_build_set.c | 20 +- crypto/openssl/crypto/params.c | 162 +- crypto/openssl/crypto/params_dup.c | 26 +- crypto/openssl/crypto/params_from_text.c | 28 +- crypto/openssl/crypto/params_idx.c | 4 + crypto/openssl/crypto/params_idx.c.in | 4 + crypto/openssl/crypto/passphrase.c | 73 +- crypto/openssl/crypto/pem/pem_all.c | 35 +- crypto/openssl/crypto/pem/pem_err.c | 94 +- crypto/openssl/crypto/pem/pem_info.c | 61 +- crypto/openssl/crypto/pem/pem_lib.c | 130 +- crypto/openssl/crypto/pem/pem_local.h | 145 +- crypto/openssl/crypto/pem/pem_oth.c | 2 +- crypto/openssl/crypto/pem/pem_pk8.c | 74 +- crypto/openssl/crypto/pem/pem_pkey.c | 113 +- crypto/openssl/crypto/pem/pem_sign.c | 6 +- crypto/openssl/crypto/pem/pvkfmt.c | 123 +- crypto/openssl/crypto/perlasm/x86_64-xlate.pl | 5 +- crypto/openssl/crypto/pkcs12/p12_add.c | 53 +- crypto/openssl/crypto/pkcs12/p12_asn.c | 46 +- crypto/openssl/crypto/pkcs12/p12_attr.c | 35 +- crypto/openssl/crypto/pkcs12/p12_crpt.c | 25 +- crypto/openssl/crypto/pkcs12/p12_crt.c | 107 +- crypto/openssl/crypto/pkcs12/p12_decr.c | 83 +- crypto/openssl/crypto/pkcs12/p12_init.c | 2 +- crypto/openssl/crypto/pkcs12/p12_key.c | 58 +- crypto/openssl/crypto/pkcs12/p12_kiss.c | 48 +- crypto/openssl/crypto/pkcs12/p12_local.h | 6 +- crypto/openssl/crypto/pkcs12/p12_mutl.c | 115 +- crypto/openssl/crypto/pkcs12/p12_npas.c | 37 +- crypto/openssl/crypto/pkcs12/p12_p8d.c | 11 +- crypto/openssl/crypto/pkcs12/p12_p8e.c | 31 +- crypto/openssl/crypto/pkcs12/p12_sbag.c | 101 +- crypto/openssl/crypto/pkcs12/p12_utl.c | 83 +- crypto/openssl/crypto/pkcs12/pk12err.c | 66 +- crypto/openssl/crypto/pkcs7/pk7_asn1.c | 125 +- crypto/openssl/crypto/pkcs7/pk7_attr.c | 16 +- crypto/openssl/crypto/pkcs7/pk7_doit.c | 112 +- crypto/openssl/crypto/pkcs7/pk7_lib.c | 62 +- crypto/openssl/crypto/pkcs7/pk7_mime.c | 12 +- crypto/openssl/crypto/pkcs7/pk7_smime.c | 52 +- crypto/openssl/crypto/pkcs7/pkcs7err.c | 138 +- crypto/openssl/crypto/poly1305/poly1305.c | 102 +- crypto/openssl/crypto/poly1305/poly1305_base2_44.c | 29 +- crypto/openssl/crypto/poly1305/poly1305_ieee754.c | 279 +- crypto/openssl/crypto/poly1305/poly1305_ppc.c | 24 +- crypto/openssl/crypto/ppccap.c | 103 +- crypto/openssl/crypto/property/defn_cache.c | 15 +- crypto/openssl/crypto/property/property.c | 111 +- crypto/openssl/crypto/property/property_err.c | 36 +- crypto/openssl/crypto/property/property_local.h | 18 +- crypto/openssl/crypto/property/property_parse.c | 135 +- crypto/openssl/crypto/property/property_query.c | 22 +- crypto/openssl/crypto/property/property_string.c | 30 +- crypto/openssl/crypto/provider.c | 26 +- crypto/openssl/crypto/provider_child.c | 41 +- crypto/openssl/crypto/provider_conf.c | 86 +- crypto/openssl/crypto/provider_core.c | 454 +- crypto/openssl/crypto/provider_local.h | 8 +- crypto/openssl/crypto/provider_predefined.c | 4 +- crypto/openssl/crypto/punycode.c | 17 +- crypto/openssl/crypto/quic_vlint.c | 26 +- crypto/openssl/crypto/rand/prov_seed.c | 36 +- crypto/openssl/crypto/rand/rand_deprecated.c | 8 +- crypto/openssl/crypto/rand/rand_egd.c | 97 +- crypto/openssl/crypto/rand/rand_err.c | 164 +- crypto/openssl/crypto/rand/rand_lib.c | 228 +- crypto/openssl/crypto/rand/rand_local.h | 30 +- crypto/openssl/crypto/rand/rand_meth.c | 2 +- crypto/openssl/crypto/rand/rand_pool.c | 25 +- crypto/openssl/crypto/rand/rand_uniform.c | 10 +- crypto/openssl/crypto/rand/randfile.c | 87 +- crypto/openssl/crypto/rc2/rc2_cbc.c | 30 +- crypto/openssl/crypto/rc2/rc2_ecb.c | 2 +- crypto/openssl/crypto/rc2/rc2_local.h | 117 +- crypto/openssl/crypto/rc2/rc2_skey.c | 284 +- crypto/openssl/crypto/rc2/rc2cfb64.c | 8 +- crypto/openssl/crypto/rc2/rc2ofb64.c | 8 +- crypto/openssl/crypto/rc4/rc4_enc.c | 19 +- crypto/openssl/crypto/rc4/rc4_local.h | 6 +- crypto/openssl/crypto/rc4/rc4_skey.c | 15 +- crypto/openssl/crypto/rc5/rc5_ecb.c | 2 +- crypto/openssl/crypto/rc5/rc5_enc.c | 4 +- crypto/openssl/crypto/rc5/rc5_local.h | 206 +- crypto/openssl/crypto/rc5/rc5_skey.c | 5 +- crypto/openssl/crypto/rc5/rc5cfb64.c | 8 +- crypto/openssl/crypto/rc5/rc5ofb64.c | 8 +- crypto/openssl/crypto/rcu_internal.h | 4 +- crypto/openssl/crypto/ripemd/rmd_dgst.c | 19 +- crypto/openssl/crypto/ripemd/rmd_local.h | 112 +- crypto/openssl/crypto/ripemd/rmdconst.h | 360 +- crypto/openssl/crypto/riscvcap.c | 63 +- crypto/openssl/crypto/rsa/rsa_acvp_test_params.c | 29 +- crypto/openssl/crypto/rsa/rsa_ameth.c | 272 +- crypto/openssl/crypto/rsa/rsa_asn1.c | 51 +- crypto/openssl/crypto/rsa/rsa_backend.c | 138 +- crypto/openssl/crypto/rsa/rsa_chk.c | 12 +- crypto/openssl/crypto/rsa/rsa_crpt.c | 18 +- crypto/openssl/crypto/rsa/rsa_depr.c | 4 +- crypto/openssl/crypto/rsa/rsa_err.c | 274 +- crypto/openssl/crypto/rsa/rsa_gen.c | 64 +- crypto/openssl/crypto/rsa/rsa_lib.c | 157 +- crypto/openssl/crypto/rsa/rsa_local.h | 78 +- crypto/openssl/crypto/rsa/rsa_meth.c | 132 +- crypto/openssl/crypto/rsa/rsa_mp.c | 4 +- crypto/openssl/crypto/rsa/rsa_none.c | 4 +- crypto/openssl/crypto/rsa/rsa_oaep.c | 52 +- crypto/openssl/crypto/rsa/rsa_ossl.c | 160 +- crypto/openssl/crypto/rsa/rsa_pk1.c | 97 +- crypto/openssl/crypto/rsa/rsa_pmeth.c | 105 +- crypto/openssl/crypto/rsa/rsa_pss.c | 78 +- crypto/openssl/crypto/rsa/rsa_saos.c | 17 +- crypto/openssl/crypto/rsa/rsa_schemes.c | 20 +- crypto/openssl/crypto/rsa/rsa_sign.c | 267 +- crypto/openssl/crypto/rsa/rsa_sp800_56b_check.c | 121 +- crypto/openssl/crypto/rsa/rsa_sp800_56b_gen.c | 22 +- crypto/openssl/crypto/rsa/rsa_x931.c | 5 +- crypto/openssl/crypto/rsa/rsa_x931g.c | 31 +- crypto/openssl/crypto/s390x_arch.h | 228 +- crypto/openssl/crypto/s390xcap.c | 720 +- crypto/openssl/crypto/s390xcpuid.pl | 8 +- crypto/openssl/crypto/seed/seed.c | 752 +- crypto/openssl/crypto/seed/seed_cbc.c | 8 +- crypto/openssl/crypto/seed/seed_cfb.c | 8 +- crypto/openssl/crypto/seed/seed_ecb.c | 2 +- crypto/openssl/crypto/seed/seed_local.h | 123 +- crypto/openssl/crypto/seed/seed_ofb.c | 6 +- crypto/openssl/crypto/self_test_core.c | 24 +- crypto/openssl/crypto/sha/asm/keccak1600-s390x.pl | 3 +- crypto/openssl/crypto/sha/keccak1600.c | 267 +- crypto/openssl/crypto/sha/sha256.c | 197 +- crypto/openssl/crypto/sha/sha3.c | 4 +- crypto/openssl/crypto/sha/sha512.c | 319 +- crypto/openssl/crypto/sha/sha_local.h | 251 +- crypto/openssl/crypto/sha/sha_ppc.c | 6 +- crypto/openssl/crypto/sha/sha_riscv.c | 5 +- crypto/openssl/crypto/siphash/siphash.c | 61 +- crypto/openssl/crypto/sleep.c | 26 +- crypto/openssl/crypto/slh_dsa/slh_adrs.c | 42 +- crypto/openssl/crypto/slh_dsa/slh_adrs.h | 38 +- crypto/openssl/crypto/slh_dsa/slh_dsa.c | 99 +- crypto/openssl/crypto/slh_dsa/slh_dsa_hash_ctx.c | 8 +- crypto/openssl/crypto/slh_dsa/slh_dsa_key.c | 45 +- crypto/openssl/crypto/slh_dsa/slh_dsa_key.h | 2 +- crypto/openssl/crypto/slh_dsa/slh_dsa_local.h | 60 +- crypto/openssl/crypto/slh_dsa/slh_fors.c | 44 +- crypto/openssl/crypto/slh_dsa/slh_hash.c | 126 +- crypto/openssl/crypto/slh_dsa/slh_hash.h | 62 +- crypto/openssl/crypto/slh_dsa/slh_hypertree.c | 18 +- crypto/openssl/crypto/slh_dsa/slh_params.c | 49 +- crypto/openssl/crypto/slh_dsa/slh_params.h | 12 +- crypto/openssl/crypto/slh_dsa/slh_wots.c | 38 +- crypto/openssl/crypto/slh_dsa/slh_xmss.c | 30 +- crypto/openssl/crypto/sm2/sm2_crypt.c | 74 +- crypto/openssl/crypto/sm2/sm2_err.c | 42 +- crypto/openssl/crypto/sm2/sm2_key.c | 8 +- crypto/openssl/crypto/sm2/sm2_sign.c | 136 +- crypto/openssl/crypto/sm3/legacy_sm3.c | 3 +- crypto/openssl/crypto/sm3/sm3.c | 6 +- crypto/openssl/crypto/sm3/sm3_local.h | 141 +- crypto/openssl/crypto/sm4/asm/vpsm4_ex-armv8.pl | 27 +- crypto/openssl/crypto/sm4/sm4.c | 50 +- crypto/openssl/crypto/sparcv9cap.c | 85 +- crypto/openssl/crypto/sparse_array.c | 28 +- crypto/openssl/crypto/srp/srp_lib.c | 71 +- crypto/openssl/crypto/srp/srp_vfy.c | 115 +- crypto/openssl/crypto/ssl_err.c | 1212 +- crypto/openssl/crypto/sslerr.h | 16 +- crypto/openssl/crypto/stack/stack.c | 25 +- crypto/openssl/crypto/store/store_err.c | 92 +- crypto/openssl/crypto/store/store_lib.c | 214 +- crypto/openssl/crypto/store/store_local.h | 20 +- crypto/openssl/crypto/store/store_meth.c | 67 +- crypto/openssl/crypto/store/store_register.c | 52 +- crypto/openssl/crypto/store/store_result.c | 118 +- crypto/openssl/crypto/store/store_strings.c | 12 +- crypto/openssl/crypto/thread/arch.c | 2 +- crypto/openssl/crypto/thread/arch/thread_none.c | 2 +- crypto/openssl/crypto/thread/arch/thread_posix.c | 14 +- crypto/openssl/crypto/thread/arch/thread_win.c | 48 +- crypto/openssl/crypto/thread/internal.c | 8 +- crypto/openssl/crypto/threads_lib.c | 4 +- crypto/openssl/crypto/threads_none.c | 47 +- crypto/openssl/crypto/threads_pthread.c | 323 +- crypto/openssl/crypto/threads_win.c | 148 +- crypto/openssl/crypto/time.c | 12 +- crypto/openssl/crypto/trace.c | 142 +- crypto/openssl/crypto/ts/ts_asn1.c | 64 +- crypto/openssl/crypto/ts/ts_conf.c | 108 +- crypto/openssl/crypto/ts/ts_err.c | 122 +- crypto/openssl/crypto/ts/ts_lib.c | 4 +- crypto/openssl/crypto/ts/ts_local.h | 18 +- crypto/openssl/crypto/ts/ts_req_print.c | 2 +- crypto/openssl/crypto/ts/ts_rsp_print.c | 41 +- crypto/openssl/crypto/ts/ts_rsp_sign.c | 154 +- crypto/openssl/crypto/ts/ts_rsp_verify.c | 104 +- crypto/openssl/crypto/ts/ts_verify_ctx.c | 8 +- crypto/openssl/crypto/txt_db/txt_db.c | 22 +- crypto/openssl/crypto/ui/ui_err.c | 36 +- crypto/openssl/crypto/ui/ui_lib.c | 224 +- crypto/openssl/crypto/ui/ui_local.h | 56 +- crypto/openssl/crypto/ui/ui_null.c | 10 +- crypto/openssl/crypto/ui/ui_openssl.c | 536 +- crypto/openssl/crypto/ui/ui_util.c | 65 +- crypto/openssl/crypto/uid.c | 34 +- crypto/openssl/crypto/vms_rms.h | 86 +- crypto/openssl/crypto/whrlpool/wp_block.c | 811 +- crypto/openssl/crypto/whrlpool/wp_dgst.c | 20 +- *** 688720 LINES SKIPPED *** From nobody Tue Jun 9 19:19:42 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyR0Vh2z6gVLx for ; Tue, 09 Jun 2026 19:19:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyQ3nwwz3QT1 for ; Tue, 09 Jun 2026 19:19:42 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032782; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=dL470eS6Dkr/1uxhDpZEQBqNSSbt9pIo3h9aS79Uro0=; b=qVSLUGWYaw/yI49oWfEHJ29svvs3oYL0jenM5/8o+lHaXBGdnLkm9re7/phYq4cODHbTwk a0B0xlrm5x8WBuiNsr/yailUQs9zkK4w9qQk1GFEm7VzAX18rLQ/Nl9bocwvnrFeHXep8v 5pzJMiK7qIuYfVFlAxbB0Q7e2IJ2xPfw0nsbYSNFuFtiLuVYYmuTrAAI5TTiupYN4kSb9p K11i6VkFjvQwdKh0NyLcQ1tdC+pUxVxWWk9vZhozzRd3yKvLbptk1ZZd+oPuPYWCaEQAbX /O3LIxCoc870qvgLFHeWSlX0SjBwjH6L2+C28UyfGBeVxZYn/RbjP4QaMxYdFg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032782; a=rsa-sha256; cv=none; b=wTuohLcHtpvxWztQ3B4jCTGOhiA8NBh7yzAsE2PMgkI+O0LDpOHiFT2DENRO2lyt02FMSQ qmLe7YX/xx0yzdAUWoPXuJqOvc2XTt8GA05wDwBu+25ULqxAvPPisCuzScsOh2B1d9dudg L1xasd7jvtaii2BDcKNzQXEdlIlYBLtJb+VrH9kPq3pJyrLQ590U7D7t/KblMoZNKZFhcF o9q3GZvZRE2Aap6pNN6hDY1SzD1vOHNxyVTL5hmBYpj9M3mWHi79yiG0QMfZZiDYv5X766 Gr8ygBsLHGUGh2vi90T4y2UpRiiF9z/UHwgIqdmbfL2uP6KRnyy/ngcpcA0xWA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032782; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=dL470eS6Dkr/1uxhDpZEQBqNSSbt9pIo3h9aS79Uro0=; b=RurYjwCSYBBlhSs3beVx4ygQdlZx6TQIuaGqKisTmkbe/iCeBPzblPt2ikvkBIfd1pbA1s SYIoiSqrc6ym/BMTDA+uRhC7oNrC2vmB5XbPkSEj9USGSfNdM9Zey65WqNxtd96C/u+pLi 1Enikl1dRYT1aKddkERFtg2DyI06Y/ezQQS7ZZiTJP49zAhB7tJr+rHFZDVtNRIgQpXAVV a4j9kGrsJrDMG9p1u9VbCZAeyJukB88GUrBdydhGUEOsAxyaxWxVq/Zt/m0nYAFq//8WRM 12xatSzDp0pdQl1PsTf2FyCc06ifGQWUkRhLpbXeH/A+O5HMD8eA1PNbPuPG2w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyQ2lwszntQ for ; Tue, 09 Jun 2026 19:19:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ea73 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:42 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 6f6c7b996719 - releng/15.0 - thr_kill2: Respect p_cansignal() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: 6f6c7b99671987f2531e7dff8edb92bbc19d7eba Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:42 +0000 Message-Id: <6a28674e.3ea73.1c3af55b@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=6f6c7b99671987f2531e7dff8edb92bbc19d7eba commit 6f6c7b99671987f2531e7dff8edb92bbc19d7eba Author: Mark Johnston AuthorDate: 2026-05-25 15:12:57 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:32 +0000 thr_kill2: Respect p_cansignal() Approved by: so Security: FreeBSD-SA-26:25.thr Security: CVE-2026-45256 Reported by: Igor Gabriel Sousa e Souza Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li, and Ke Xu from Tsinghua University using GLM-5.1 from Z.ai Reviewed by: emaste, kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57237 --- sys/kern/kern_thr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/kern_thr.c b/sys/kern/kern_thr.c index 4329959a2ef4..4a439eee0210 100644 --- a/sys/kern/kern_thr.c +++ b/sys/kern/kern_thr.c @@ -506,7 +506,7 @@ sys_thr_kill2(struct thread *td, struct thr_kill2_args *uap) p = ttd->td_proc; AUDIT_ARG_PROCESS(p); error = p_cansignal(td, p, uap->sig); - if (uap->sig == 0) + if (error != 0 || uap->sig == 0) ; else if (!_SIG_VALID(uap->sig)) error = EINVAL; From nobody Tue Jun 9 19:19:43 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyS52Mtz6gV9n for ; Tue, 09 Jun 2026 19:19:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyR458Tz3QR0 for ; Tue, 09 Jun 2026 19:19:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032783; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Qf6piFB4Y+sW89fjkl9fywA4ksKsB3uiW+7NmEA9ISA=; b=KSOh1L4qKMXriRH9nAJ7QaBj1D+U+g9xKKRy5MZxIBX0OlY2lwRydkGA2I42uky57oYg4s jReCpQkzX3yDnuoCC3GGFzyupkt6vx1YDIQlvcDtIpqmxBYHD1DX7pCAHsQLo/H9H75iVQ JPUnrfKYDanUE9Sm4P1nycwL3Ze0yV493JnbvWS+EWjD2VyD8ijVz0cNZ0RP6Ki5phjYC+ YydbraXk6yTLdVesZze7yYp4oLy8DOiaj/m4cohKG018Wqbkbn/6Pe7cPYhv92r0N2bleR 2AGT2a0s1t+6FCead8zj1jy4GAV6XN2/nx9ZLwNgpOdDjor1UGpIFAy7wnQsCg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032783; a=rsa-sha256; cv=none; b=xiNROumfcLF4HB1QkT+dGnrNEX/AuvJrH37KtLbNHknnwmxUfhyGYWnK0F+XEKrCf3kdqQ G2CNb5ufq/4vFCePigI6oUjUnVNZbTODqm/0nTQ18NxtDhbb3q1+TpIjZXduNajF/s2Jnr ETFTsDuD/PzauxzrEeS8Doet2IW/DT3Kt+mDin59Bhhp8nz+Kh6PS1oi09gyWgZB6nnRPa h60fHhGCLDnBJJpi4G39b8ZpSBFCZXQXgj9xGJnJCkNGqC/YY0EaWSOUnvlL7ntBzMm2sZ 5sijDFvv8sqTKgubfE9ZjGH1O7KxljkdiJbSAIjK5rPLNOwcoZXh9MexfHN2Ng== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032783; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Qf6piFB4Y+sW89fjkl9fywA4ksKsB3uiW+7NmEA9ISA=; b=OpWWpdEL3/zXElN1DQcq3iGGLg6BvJloVBeXLGyzTs2Y5S0ZEMRqBX0WB+5Z3TlGD+t8LF k/L08+CSFYiwDFFB/hAGV1Y7B01RmxTFFCiOo3I8xffU5XIN8+ZvlTKEkaCigrd2ouwxt6 mDlj4Ptni4rESgR/Mc72tJpBQ8Bxw3sMdIIzL1451g0XXuvNvjBtRhSU5zgq6AChfLPe56 L3K1DopDSsquFOFHe+Z64OH09wkdPwso7CPZa7/zF015DDu/RvOSO9IPk2FvFYlJer1xax HwMAK1RG2yOFh9FnCNOoGKeJMd/nyRIAu+rDvlYj9dyOmo/T5hJMZJK3ihfXgA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyR3f0NznG8 for ; Tue, 09 Jun 2026 19:19:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d544 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:43 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: John Baldwin From: Mark Johnston Subject: git: 540a315cdb46 - releng/15.0 - ktls: Don't attempt to modify non-anonymous mbufs on the receive path List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: 540a315cdb46d6aa3cdbb3797710db652b3c4f4a Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:43 +0000 Message-Id: <6a28674f.3d544.633ffb3c@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=540a315cdb46d6aa3cdbb3797710db652b3c4f4a commit 540a315cdb46d6aa3cdbb3797710db652b3c4f4a Author: John Baldwin AuthorDate: 2026-06-03 23:22:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:32 +0000 ktls: Don't attempt to modify non-anonymous mbufs on the receive path Normally, data processed on the KTLS receive path is contained in anonymous mbufs that can be modified in place. Either the data originates in receive buffers from a NIC driver, or for loopback connections the data is anonymous-backed mbufs created when writing to a socket. One potential source of non-anonymous mbufs are mbufs created by sendfile(2) which borrow the pages of the underlying file, either via M_EXTPG or EXT_SFBUF that are sent over a loopback connection. For a well-formed loopback TLS session, the sender should only use sendfile(2) if KTLS is enabled. If TLS is fully handled in userspace, the sender must use write(2) or send(2) which allocate anonymous mbufs. If KTLS transmit is enabled, then sendfile(2) on a loopback connection will always use crypto via OCF and will allocate anonymous pages to hold the encrypted data. However, if sendfile(2) is used to send file-backed data directly over a loopback connection where KTLS is not enabled on the sender side, the KTLS receive path can modify the file-backed pages in place overwriting the file's data. One potential fix would be to replace non-anonymous mbufs in a received TLS record with anonymous mbufs (e.g. via m_dup()) before passing the record to OCF. However, there is no legitimate use case for using sendfile(2) over a loopback TLS connection without using KTLS on the sender side, so instead simply fail decryption requests and close the connection if non-anonymous mbufs are encountered in the RX decryption path. Add a test for this that verifies that the original data backing the file descriptor used as the source for sendfile() is unchanged after being processed. Approved by: so Security: FreeBSD-SA-26:26.ktls Security: CVE-2026-45257 Co-authored-by: Drew Gallatin Sponsored by: Chelsio Communications Sponsored by: Netflix --- sys/kern/uipc_ktls.c | 17 +++++++-- sys/sys/ktls.h | 1 + tests/sys/kern/ktls_test.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 108 insertions(+), 3 deletions(-) diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c index 66ce1b5a081d..2bc56d166a18 100644 --- a/sys/kern/uipc_ktls.c +++ b/sys/kern/uipc_ktls.c @@ -2416,8 +2416,10 @@ tls13_find_record_type(struct ktls_session *tls, struct mbuf *m, int tls_len, * Check if a mbuf chain is fully decrypted at the given offset and * length. Returns KTLS_MBUF_CRYPTO_ST_DECRYPTED if all data is * decrypted. KTLS_MBUF_CRYPTO_ST_MIXED if there is a mix of encrypted - * and decrypted data. Else KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data - * is encrypted. + * and decrypted data. KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data is + * encrypted. KTLS_MBUF_CRYPTO_ST_SHAREDMBUF if any mbuf points at + * shared data that must not be modified in place (non-anonymous + * M_EXTPG or sendfile M_EXT buffers). */ ktls_mbuf_crypto_st_t ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) @@ -2433,6 +2435,13 @@ ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) offset += len; for (; mb != NULL; mb = mb->m_next) { + if ((mb->m_flags & M_EXTPG) != 0 && + (mb->m_epg_flags & EPG_FLAG_ANON) == 0) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + if ((mb->m_flags & M_EXT) != 0 && + mb->m_ext.ext_type == EXT_SFBUF) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + m_flags_ored |= mb->m_flags; m_flags_anded &= mb->m_flags; @@ -2633,9 +2642,11 @@ ktls_decrypt(struct socket *so) record_type = hdr->tls_type; } break; - default: + case KTLS_MBUF_CRYPTO_ST_SHAREDMBUF: error = EINVAL; break; + default: + __assert_unreachable(); } if (error) { counter_u64_add(ktls_offload_failed_crypto, 1); diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h index a940bcfaba25..b856dbe8acae 100644 --- a/sys/sys/ktls.h +++ b/sys/sys/ktls.h @@ -238,6 +238,7 @@ typedef enum { KTLS_MBUF_CRYPTO_ST_MIXED = 0, KTLS_MBUF_CRYPTO_ST_ENCRYPTED = 1, KTLS_MBUF_CRYPTO_ST_DECRYPTED = -1, + KTLS_MBUF_CRYPTO_ST_SHAREDMBUF = -2, } ktls_mbuf_crypto_st_t; void ktls_check_rx(struct sockbuf *sb); diff --git a/tests/sys/kern/ktls_test.c b/tests/sys/kern/ktls_test.c index 72497196b945..3970083e7f72 100644 --- a/tests/sys/kern/ktls_test.c +++ b/tests/sys/kern/ktls_test.c @@ -30,6 +30,7 @@ #include #include #include +#include #include #include #include @@ -2817,6 +2818,97 @@ ATF_TC_BODY(ktls_listening_socket, tc) ATF_REQUIRE(close(s) == 0); } +/* + * Verify that the KTLS receive path does not overwrite data belonging + * to a file whose payload is transmitted over a loopback connection + * via plain sendfile. + */ +ATF_TC_WITHOUT_HEAD(ktls_receive_loopback_sendfile); +ATF_TC_BODY(ktls_receive_loopback_sendfile, tc) +{ + struct tls_enable en; + struct msghdr msg; + struct sf_hdtr hdtr; + struct iovec iov[2]; + uint64_t seqno; + off_t sbytes; + char cbuf[CMSG_SPACE(sizeof(struct tls_get_record))]; + char *plaintext, *ciphertext, *outbuf; + void *p; + const size_t payload_len = PAGE_SIZE; + ssize_t rv; + size_t len; + int mode, shm, sockets[2]; + socklen_t slen; + + ATF_REQUIRE_KTLS(); + seqno = random(); + build_tls_enable(tc, CRYPTO_AES_NIST_GCM_16, 128 / 8, 0, + TLS_MINOR_VER_TWO, seqno, &en); + + len = tls_header_len(&en) + payload_len + tls_trailer_len(&en); + plaintext = alloc_buffer(payload_len); + ciphertext = malloc(len); + ATF_REQUIRE_INTEQ(len, encrypt_tls_record(tc, &en, TLS_RLTYPE_APP, + seqno, plaintext, payload_len, ciphertext, len, 0)); + + ATF_REQUIRE((shm = shm_open(SHM_ANON, O_RDWR, 0600)) > 0); + ATF_REQUIRE_INTEQ(0, ftruncate(shm, payload_len)); + ATF_REQUIRE((p = mmap(NULL, payload_len, PROT_READ | PROT_WRITE, + MAP_SHARED, shm, 0)) != MAP_FAILED); + memcpy(p, ciphertext + tls_header_len(&en), payload_len); + + ATF_REQUIRE_MSG(socketpair_tcp(sockets), "failed to create sockets"); + ATF_REQUIRE(setsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_ENABLE, &en, + sizeof(en)) == 0); + slen = sizeof(mode); + ATF_REQUIRE_INTEQ(0, getsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_MODE, + &mode, &slen)); + ATF_REQUIRE_INTEQ(TCP_TLS_MODE_SW, mode); + + fd_set_blocking(sockets[0]); + fd_set_blocking(sockets[1]); + + iov[0].iov_base = ciphertext; + iov[0].iov_len = tls_header_len(&en); + iov[1].iov_base = ciphertext + tls_header_len(&en) + payload_len; + iov[1].iov_len = tls_trailer_len(&en); + hdtr.headers = iov; + hdtr.hdr_cnt = 1; + hdtr.trailers = iov + 1; + hdtr.trl_cnt = 1; + debug_hexdump(tc, p, payload_len, "shm buffer before"); + ATF_REQUIRE_INTEQ(0, sendfile(shm, sockets[1], 0, payload_len, &hdtr, + &sbytes, 0)); + ATF_REQUIRE_INTEQ(sbytes, len); + + outbuf = calloc(payload_len, 1); + + memset(&msg, 0, sizeof(msg)); + + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); + + iov[0].iov_base = outbuf; + iov[0].iov_len = payload_len; + msg.msg_iov = iov; + msg.msg_iovlen = 1; + + rv = recvmsg(sockets[0], &msg, 0); + if (rv >= 0) { + ATF_REQUIRE_INTEQ(payload_len, rv); + ATF_REQUIRE_INTEQ(0, memcmp(outbuf, plaintext, payload_len)); + } else + ATF_REQUIRE_ERRNO(EBADMSG, true); + + debug_hexdump(tc, p, payload_len, "shm buffer after"); + ATF_REQUIRE_INTEQ(0, memcmp(p, ciphertext + tls_header_len(&en), + payload_len)); + + close_sockets_ignore_errors(sockets); + (void)close(shm); +} + ATF_TP_ADD_TCS(tp) { /* Transmit tests */ @@ -2843,6 +2935,7 @@ ATF_TP_ADD_TCS(tp) /* Miscellaneous */ ATF_TP_ADD_TC(tp, ktls_sendto_baddst); ATF_TP_ADD_TC(tp, ktls_listening_socket); + ATF_TP_ADD_TC(tp, ktls_receive_loopback_sendfile); return (atf_no_error()); } From nobody Tue Jun 9 19:19:44 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyT2tXvz6gVDl for ; Tue, 09 Jun 2026 19:19:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyS4v85z3QWh for ; Tue, 09 Jun 2026 19:19:44 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032784; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tTIVAs8/HSxVV74l+EootG+FHdmXnvDFiyHOD5vDrMY=; b=xoX+sw0ZSaXwRxc4WKQkT4wV1mIhCfyB1x+sLv7AOtc16yRg7dVxEx2Z44+FdrOSS6PGqH VWAMLTSrhWHwRtbo6YlgeuWWE1yOlEFQpJWMd7c1cl5DN6Tl3bKPQu/PHVRANq+6y/dzZR rgSc6vO7hBTnPIjSMsezRSBivKNTN9bS+sIetOA96Lg2uGQTfwqBvFsFBUkrY96BYlscfo kGfaD71CnAiUcVujn6VpeMmLwM8GgOeKDeKkXvrQ/TOYm8jUh9IDtKkS/dN3TXX7RoDsd7 B4knUozuZjF7n8FoVw87/XjjS5fmhmyTqLoTWOVdm9AxI+dX9kXIWSy5FPN6zg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032784; a=rsa-sha256; cv=none; b=vfi628AUwR16kGtj4VP783Pchy6JrkK0dcbJ47nGLgxF23+DmkVTzQILYnyRMDvIpLvXL9 8zhdpz/Leo0w/EzV5d5bz6MDYhRCeP3nItVKRSr+qr6srSFbcw6E0/m9MQ2RS4WxrscYFS XGKMfuLispPez11XLEllcuK1x8fm9rdXHbhaJLKjFbKKO+NMbWYcxhva8QTcNdXeWFko1M y6Jo8tAhEjnvvU6t19yWiyaHpk/xJhKICaSfiCy8mo8+9dr+RG9zV7RZ95D2QWmkFcRg94 o+nBLgMM1qpH0D5Z1Pb+Oo8ewY6isMRSn8C3iZcKEMRy+mSbKbGCmTiimX3Qyg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032784; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tTIVAs8/HSxVV74l+EootG+FHdmXnvDFiyHOD5vDrMY=; b=BIUM44NT7+30AWio82+ZgTE5CSqobrBEvx246vFgjCZ8TNBvNcDLPj/4RGqNIvQlANrL9g VplHV7i4UXkQNjEbEPurps+u8E4Ct0zw3rLnpnZMzwIbzuiKsOQVSeXchPhnxr0UA1sZaM +NFEn6DcWet4rhCltQ1xT71eSmwv7gu+vBmAKuqImK7tujp/Rh8ZVl7rwc/P5T3DxknKNK c6v+98l7Hkxq4iNoWIksDRKFreWm3Z/BK3lVsYMu9nVeowAOn0zkMpayIj+ByCAVvR3h2h 0j9DT1zT9W/Pkt9lOyBPyOIXXo9CemH2crmlsdqAL2fn08Icg2nhPJZgBvaASg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyS4RNkznCh for ; Tue, 09 Jun 2026 19:19:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ecc3 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:44 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Christos Margiolis From: Mark Johnston Subject: git: c42ee04c521e - releng/15.0 - sound: Check for offset overflow in dsp_mmap_single() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: c42ee04c521ed8268421173f961859233a321b17 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:44 +0000 Message-Id: <6a286750.3ecc3.5176f660@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=c42ee04c521ed8268421173f961859233a321b17 commit c42ee04c521ed8268421173f961859233a321b17 Author: Christos Margiolis AuthorDate: 2026-05-27 15:50:33 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:32 +0000 sound: Check for offset overflow in dsp_mmap_single() Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-45258 Reviewed by: markj Sponsored by: The FreeBSD Foundation --- sys/dev/sound/pcm/dsp.c | 3 +++ tests/sys/sound/Makefile | 1 + tests/sys/sound/mmap.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 55 insertions(+) diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index fe5576baf017..72bde9c1066f 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -1953,6 +1953,9 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, struct pcm_channel *wrch, *rdch, *c; int err; + if (*offset >= *offset + size) + return (EINVAL); + /* * Reject PROT_EXEC by default. It just doesn't makes sense. * Unfortunately, we have to give up this one due to linux_mmap diff --git a/tests/sys/sound/Makefile b/tests/sys/sound/Makefile index 74a0765a0540..ce156ae8c4cf 100644 --- a/tests/sys/sound/Makefile +++ b/tests/sys/sound/Makefile @@ -2,6 +2,7 @@ PACKAGE= tests TESTSDIR= ${TESTSBASE}/sys/sound +ATF_TESTS_C+= mmap ATF_TESTS_C+= pcm_read_write ATF_TESTS_C+= sndstat diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c new file mode 100644 index 000000000000..ab203a39194c --- /dev/null +++ b/tests/sys/sound/mmap.c @@ -0,0 +1,51 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2026 The FreeBSD Foundation + */ + +#include +#include + +#include +#include +#include +#include + +#define FMT_ERR(s) s ": %s", strerror(errno) + +ATF_TC(mmap_offset_overflow); +ATF_TC_HEAD(mmap_offset_overflow, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap offset overflow test"); + atf_tc_set_md_var(tc, "require.kmods", "snd_dummy"); +} + +ATF_TC_BODY(mmap_offset_overflow, tc) +{ + uint8_t *buf; + off_t off; + size_t len; + int fd; + + fd = open("/dev/dsp0", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + /* off + len will overflow and wrap back to 0. */ + off = 0xfffffffffffff000; + len = 0x1000; + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, off); + ATF_REQUIRE_MSG(buf == MAP_FAILED, FMT_ERR("mmap")); + + munmap(buf, len); + + close(fd); +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, mmap_offset_overflow); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:19:45 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyV1bxfz6gVRY for ; Tue, 09 Jun 2026 19:19:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyT5pDQz3QMf for ; Tue, 09 Jun 2026 19:19:45 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032785; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1Yb0fo3qclfaVdsJz2vmSYydVX2rYppdVLb/AO7+GfY=; b=aifbaS2GHZDW0d+XUBfk3E6voj46WsQJ/Wo6EQ7K0jTnktdxX1RhDgeiOES9qkwFjlCzID Qkfq1kuqjNEDwuD0o2mvb3/a5PTBkS526qkHbBw2954yEZVSrMA/vKfxuub7utzCWxE1An QmEJVIWjstXXIxW/fevYDsN5IV+5BYpIJndoms5vSnNHgHe/f+1gSsntUkH2Zb9MqzjjkR 5gaApJFE8rH9R86mhYOdcTJ7rVFweBBRJFlYmLv3Hjsw2SnSuS+Ue+lQmmD/PRrpRl7BwY zcITYA+vDYsplQzVxYAgMgfxwbfcMEkexnXusGsI1QBx17sYFINiJUTLiMq7qw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032785; a=rsa-sha256; cv=none; b=brSirAnjTZDOHu4HoycHQICB0wt0FcFS+Wf+hDWyy+tMu89Nfs0hR6AGfKC+MnV1PJSl7B 5NpfQ7lPLiMQiDc3mYFt/Go9iJ0mfORHh3M8yNIGuY5OnxDO4DII22Ts69NKGWFRGcFGew U/haHmB/j5tCzZrxwwkXR16lHr+9t6GNgBmakqt2oGpr+gWD8P2hxl/vZrJgc51fUcnZWE OJmq0QTBnvnJapOOv+xCbSvkJrOlJL30ILCTPY1SeyjYglwl1Oa5lLfixdUuYwx7VLMmg4 4ZHuU+bObyrlHLwIKvQXjXoUK8pLlHU2SKlSSk/nGtLE1I5vQyTqIk3++ruA9A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032785; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1Yb0fo3qclfaVdsJz2vmSYydVX2rYppdVLb/AO7+GfY=; b=bYGcY1fc9RIVUzLPWbwefT3QczlKJIgxJvFXEhkSujUu2rGBFcrz9jZzHptg71m+QAbvQW YgkyDX4iNlKiMWYOKqbyC4wyRgEyUv25XDtg7/hRItsXDlrcAu9CWMqhQIhUZWSrCXLeJ9 XvENxCoGfZo0ZqMROO2jBJ6Obcw1E+uAf8g1yOSD26BmC27TMF83ow9wL3ob6Nbg0ObRY+ kfoHHbWQ6+1lApLs390ClpmkYAw/WJAGuWuaQd66dhPJaZlTBcq02m80svehN6vdk8rf3D sbWreRytKFqwF9g50hgKfR9tiogtQ5Rv4P7hb4QSEUvmpJj++SCQFCrpcuopcw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyT5Dq9znl1 for ; Tue, 09 Jun 2026 19:19:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e5b3 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:45 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: bda153dc04b4 - releng/15.0 - sound: Fix software buffer lifetime issues List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: bda153dc04b4ddb667856874c083bd117fc0b9a1 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:45 +0000 Message-Id: <6a286751.3e5b3.538be532@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=bda153dc04b4ddb667856874c083bd117fc0b9a1 commit bda153dc04b4ddb667856874c083bd117fc0b9a1 Author: Mark Johnston AuthorDate: 2026-06-01 21:57:40 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:32 +0000 sound: Fix software buffer lifetime issues The channel buffer mapped by dsp_mmap_single() may be freed when the device handle is closed, but the mapping persists beyond that, allowing userspace to read or write memory owned by a different consumer. Fix the problem by adding a reference counter to the sound buffer. Define pager ops for the VM object returned by dsp_mmap_single() and use them to manage the extra reference. Add a regression test. Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-49417 Reported by: Lexpl0it, 75Acol, Liyw979, Rob1n Reviewed by kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57393 --- sys/dev/sound/pcm/buffer.c | 38 ++++++++++++++++++-- sys/dev/sound/pcm/buffer.h | 4 +++ sys/dev/sound/pcm/dsp.c | 89 ++++++++++++++++++++++++++++++++++++++-------- tests/sys/sound/mmap.c | 60 +++++++++++++++++++++++++++++++ 4 files changed, 175 insertions(+), 16 deletions(-) diff --git a/sys/dev/sound/pcm/buffer.c b/sys/dev/sound/pcm/buffer.c index de535ec2dcba..ddcf14fbc1c2 100644 --- a/sys/dev/sound/pcm/buffer.c +++ b/sys/dev/sound/pcm/buffer.c @@ -32,6 +32,7 @@ #include "opt_snd.h" #endif +#include #include #include "feeder_if.h" @@ -46,6 +47,7 @@ sndbuf_create(device_t dev, char *drv, char *desc, struct pcm_channel *channel) struct snd_dbuf *b; b = malloc(sizeof(*b), M_DEVBUF, M_WAITOK | M_ZERO); + refcount_init(&b->refcount, 1); snprintf(b->name, SNDBUF_NAMELEN, "%s:%s", drv, desc); b->dev = dev; b->channel = channel; @@ -56,8 +58,30 @@ sndbuf_create(device_t dev, char *drv, char *desc, struct pcm_channel *channel) void sndbuf_destroy(struct snd_dbuf *b) { - sndbuf_free(b); - free(b, M_DEVBUF); + b->flags |= SNDBUF_F_DETACHED; + sndbuf_rele(b); +} + +void +sndbuf_ref(struct snd_dbuf *b) +{ + unsigned int count __diagused; + + CHN_LOCK(b->channel); + count = refcount_acquire(&b->refcount); + KASSERT(count > 0, ("sndbuf %p refcount 0", b)); + CHN_UNLOCK(b->channel); +} + +void +sndbuf_rele(struct snd_dbuf *b) +{ + if (refcount_release(&b->refcount)) { + sndbuf_free(b); + KASSERT(refcount_load(&b->refcount) == 0, + ("sndbuf %p still referenced", b)); + free(b, M_DEVBUF); + } } bus_addr_t @@ -183,6 +207,11 @@ sndbuf_resize(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) { + CHN_UNLOCK(b->channel); + return (EBUSY); + } allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); tmpbuf = malloc(allocsize, M_DEVBUF, M_WAITOK); @@ -218,10 +247,15 @@ sndbuf_remalloc(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (blkcnt < 2 || blksz < 16) return EINVAL; + CHN_LOCKASSERT(b->channel); + bufsize = blksz * blkcnt; if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) + return (EBUSY); allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); buf = malloc(allocsize, M_DEVBUF, M_WAITOK); diff --git a/sys/dev/sound/pcm/buffer.h b/sys/dev/sound/pcm/buffer.h index ddf4083ec19f..99bc6c0611d2 100644 --- a/sys/dev/sound/pcm/buffer.h +++ b/sys/dev/sound/pcm/buffer.h @@ -27,6 +27,7 @@ */ #define SNDBUF_F_MANAGED 0x00000008 +#define SNDBUF_F_DETACHED 0x00000010 #define SNDBUF_NAMELEN 48 @@ -50,6 +51,7 @@ struct snd_dbuf { bus_dma_tag_t dmatag; bus_addr_t buf_addr; int dmaflags; + unsigned int refcount; struct selinfo sel; struct pcm_channel *channel; char name[SNDBUF_NAMELEN]; @@ -57,6 +59,8 @@ struct snd_dbuf { struct snd_dbuf *sndbuf_create(device_t dev, char *drv, char *desc, struct pcm_channel *channel); void sndbuf_destroy(struct snd_dbuf *b); +void sndbuf_ref(struct snd_dbuf *b); +void sndbuf_rele(struct snd_dbuf *b); void sndbuf_dump(struct snd_dbuf *b, char *s, u_int32_t what); diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index 72bde9c1066f..01d848180eec 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -79,7 +79,6 @@ static d_read_t dsp_read; static d_write_t dsp_write; static d_ioctl_t dsp_ioctl; static d_poll_t dsp_poll; -static d_mmap_t dsp_mmap; static d_mmap_single_t dsp_mmap_single; struct cdevsw dsp_cdevsw = { @@ -89,7 +88,6 @@ struct cdevsw dsp_cdevsw = { .d_write = dsp_write, .d_ioctl = dsp_ioctl, .d_poll = dsp_poll, - .d_mmap = dsp_mmap, .d_mmap_single = dsp_mmap_single, .d_name = "dsp", }; @@ -1931,23 +1929,81 @@ dsp_poll(struct cdev *i_dev, int events, struct thread *td) return (ret); } +struct dsp_mmap_handle { + struct cdev *cdev; + struct snd_dbuf *buf; +}; + static int -dsp_mmap(struct cdev *i_dev, vm_ooffset_t offset, vm_paddr_t *paddr, - int nprot, vm_memattr_t *memattr) +dsp_dev_pager_ctor(void *handle, vm_ooffset_t size, vm_prot_t prot, + vm_ooffset_t foff, struct ucred *cred, u_short *color) { + struct dsp_mmap_handle *h = handle; - /* - * offset is in range due to checks in dsp_mmap_single(). - * XXX memattr is not honored. - */ - *paddr = vtophys(offset); + dev_ref(h->cdev); + sndbuf_ref(h->buf); return (0); } +static void +dsp_dev_pager_dtor(void *handle) +{ + struct dsp_mmap_handle *h = handle; + + sndbuf_rele(h->buf); + dev_rel(h->cdev); + free(h, M_DEVBUF); +} + +static int +dsp_dev_pager_fault(vm_object_t object, vm_ooffset_t offset, int prot, + vm_page_t *mres) +{ + struct dsp_mmap_handle *h = object->handle; + vm_page_t m; + uintptr_t addr; + vm_paddr_t paddr; + + addr = (uintptr_t)offset; + if (addr < (uintptr_t)h->buf->buf || + addr >= (uintptr_t)h->buf->buf + h->buf->allocsize) + return (VM_PAGER_ERROR); + paddr = vtophys((void *)addr); + + if (((*mres)->flags & PG_FICTITIOUS) != 0) { + m = *mres; + vm_page_updatefake(m, paddr, object->memattr); + } else { + VM_OBJECT_WUNLOCK(object); + m = vm_page_getfake(paddr, object->memattr); + VM_OBJECT_WLOCK(object); + vm_page_replace(m, object, (*mres)->pindex, *mres); + *mres = m; + } + m->valid = VM_PAGE_BITS_ALL; + return (VM_PAGER_OK); +} + +static void +dsp_dev_pager_path(void *handle, char *path, size_t len) +{ + struct dsp_mmap_handle *h = handle; + + dev_copyname(h->cdev, path, len); +} + +static const struct cdev_pager_ops dsp_dev_pager_ops = { + .cdev_pg_ctor = dsp_dev_pager_ctor, + .cdev_pg_dtor = dsp_dev_pager_dtor, + .cdev_pg_fault = dsp_dev_pager_fault, + .cdev_pg_path = dsp_dev_pager_path, +}; + static int -dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, +dsp_mmap_single(struct cdev *cdev, vm_ooffset_t *offset, vm_size_t size, struct vm_object **object, int nprot) { + struct dsp_mmap_handle *handle; struct dsp_cdevpriv *priv; struct snddev_info *d; struct pcm_channel *wrch, *rdch, *c; @@ -2010,13 +2066,18 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, *offset = (uintptr_t)sndbuf_getbufofs(c->bufsoft, *offset); dsp_unlock_chans(priv, FREAD | FWRITE); - *object = vm_pager_allocate(OBJT_DEVICE, i_dev, - size, nprot, *offset, curthread->td_ucred); + handle = malloc(sizeof(*handle), M_DEVBUF, M_WAITOK); + handle->cdev = cdev; + handle->buf = c->bufsoft; + *object = cdev_pager_allocate(handle, OBJT_DEVICE, &dsp_dev_pager_ops, + size, nprot, *offset, curthread->td_ucred); PCM_GIANT_LEAVE(d); + if (*object == NULL) { + free(handle, M_DEVBUF); + return (EINVAL); + } - if (*object == NULL) - return (EINVAL); return (0); } diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c index ab203a39194c..f775c0f8da8a 100644 --- a/tests/sys/sound/mmap.c +++ b/tests/sys/sound/mmap.c @@ -4,12 +4,14 @@ * Copyright (c) 2026 The FreeBSD Foundation */ +#include #include #include #include #include #include +#include #include #define FMT_ERR(s) s ": %s", strerror(errno) @@ -43,9 +45,67 @@ ATF_TC_BODY(mmap_offset_overflow, tc) close(fd); } +/* + * Verify that a MAP_SHARED mapping of a DSP device's software buffer remains + * valid after the file descriptor is closed. + */ +ATF_TC(mmap_buffer_lifetime); +ATF_TC_HEAD(mmap_buffer_lifetime, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap data survives close()"); + atf_tc_set_md_var(tc, "require.kmods", "snd_dummy"); +} +ATF_TC_BODY(mmap_buffer_lifetime, tc) +{ + audio_buf_info abi; + uint8_t *buf; + size_t len; + int fd, arg; + + fd = open("/dev/dsp0", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + arg = (2 << 16) | 14; /* 2*16KB */ + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_SETFRAGMENT, &arg) == 0, + FMT_ERR("SNDCTL_DSP_SETFRAGMENT")); + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_GETOSPACE, &abi) == 0, + FMT_ERR("SNDCTL_DSP_GETOSPACE")); + + len = abi.bytes; + ATF_REQUIRE_MSG(len >= PAGE_SIZE, "buffer too small: %zu", len); + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + ATF_REQUIRE_MSG(buf != MAP_FAILED, FMT_ERR("mmap")); + + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0, + "mmap data corrupted at offset %zu: want 0 got 0x%02x", + i, buf[i]); + } + + memset(buf, 0xa5, len); + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0xa5, + "mmap data corrupted at offset %zu: want 0xa5 got 0x%02x", + i, buf[i]); + } + + ATF_REQUIRE(close(fd) == 0); + + /* Closing the device causes the buffer to be reset. */ + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0 || buf[i] == 0xa5, + "mmap data corrupted at offset %zu: got 0x%02x", i, buf[i]); + } + memset(buf, 0xa5, len); + + ATF_REQUIRE(munmap(buf, len) == 0); +} + ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, mmap_offset_overflow); + ATF_TP_ADD_TC(tp, mmap_buffer_lifetime); return (atf_no_error()); } From nobody Tue Jun 9 19:19:46 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyW5tbnz6gVRf for ; Tue, 09 Jun 2026 19:19:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyW0FkRz3QNw for ; Tue, 09 Jun 2026 19:19:47 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032787; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=s9RTQwBJ6FsaW2fr6jvOlm6xuyZ+0iZPP8FrcwdTnio=; b=D8itYSdyWX2MBCzbNcI0i0ilmp7dIutOxSpqSj3xFvHgBRh+OoeQdbslx9uvp76ywrS3Xr CFbItL6AcpYH1bT+WOWTs1BnJanIZdNVtG/YSLtnoJdnz78GWyaAYJ3DKU5iMJBpLb+GwS 7HqQy+4SQ3NjvI7i0ua69HQyxdGVpD/5fZXvkY8GUHMKdcdiwzg9wAGRhktBJ/SzxbEagK MBlrwBn7yIGYlEvGqBW6YiPj++Zjz1nJkp+twHPNEu4MWxIthYYyHWSuMXzzzhxZdMM44F xvlohAlT6rLPgNdZYuYOK0pWMUZoBV+XjqTspJwZ0C2Yj4immAgxAqNm2QqLfw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032787; a=rsa-sha256; cv=none; b=G8UgulaarshDGBe5pNgkwF8wnuzx2MUrzQMDa+z2anO12wJe+C2U37DlEgIdsuw/TlZ3tP /+LCWvfblewzg/zZQ/Ls5vfVlizwOMD9+xwvh9CgA0Z65he9FENh13FVNzxUdm/Ctyp1cd zHocXKA/MaOYvY/j0nKNK1Gl4g7EkF/taaXuJkDoeFDh0jlNmsvGV9U45QO82EbgqThnXU h4nuA4/LkzVvsfIVhrdceCatoA/SbDvYtnddR0YMXVi6IttxjBVi92t1IzOAmltH4KL+8Q Us/gseP7rxNLA6mCmvAdVIwKlRWDB67hcgoy4VUd0nvH90vtoAVjQnDspfdU7Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032787; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=s9RTQwBJ6FsaW2fr6jvOlm6xuyZ+0iZPP8FrcwdTnio=; b=yPJw7gLisd5hAJkkvqcQalx6P5T13C9pD4ovpBkSEIdmHAQLoeGm3Ke1H4WUDTyHqMcY+X 6yaMCTMFBYum0K/fSZoHDKHdZ1xaearwvIVy2ciuC+38gV48+17+Wrcq6y4x43yTJCH0Ar Hklrsn1oFRgUAspjrTDREHU3OWGg8N7u05Ddzb9EDwUGVjXpe8LrSv/CBNLX6itgwQYAwZ ujCiw7uPjtpnSTppzpApeQPsQ27uo0weBWedIhwh96UdGjT0RLvIHcz9uQ3uIoge0PiQRw JMqqfPXglnnSz8UvPIoTQYEfndjATFGe+lXiflqQEINMZt09WzLlh3N/4ZRgkg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyV640tznl3 for ; Tue, 09 Jun 2026 19:19:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3dab5 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:46 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Ed Maste From: Mark Johnston Subject: git: 77ee83d12625 - releng/15.0 - sigqueue: In capability mode, only allow signalling self List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: 77ee83d12625fea81a278d53cc621c610c353955 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:46 +0000 Message-Id: <6a286752.3dab5.18213e15@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=77ee83d12625fea81a278d53cc621c610c353955 commit 77ee83d12625fea81a278d53cc621c610c353955 Author: Ed Maste AuthorDate: 2026-05-26 13:24:36 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:32 +0000 sigqueue: In capability mode, only allow signalling self This is copied from the check in kern_kill. Approved by: so Security: FreeBSD-SA-26:28.capsicum Security: CVE-2026-45259 Reviewed by: markj, oshogbo Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57244 (cherry picked from commit b9d16b7fd2fa6bc4b3e8364804cbdc1b76ebe8a5) (cherry picked from commit defd9b86ef995ce70363eae9b323d616bda865be) --- contrib/capsicum-test/capmode.cc | 12 +++++++++--- sys/kern/kern_sig.c | 10 ++++++++++ 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/contrib/capsicum-test/capmode.cc b/contrib/capsicum-test/capmode.cc index 5ff025290211..d2eb1e8633a8 100644 --- a/contrib/capsicum-test/capmode.cc +++ b/contrib/capsicum-test/capmode.cc @@ -746,8 +746,8 @@ FORK_TEST(Capmode, NewThread) { close(thread_pipe[1]); } -static volatile sig_atomic_t had_signal = 0; -static void handle_signal(int) { had_signal = 1; } +static volatile sig_atomic_t signal_cnt = 0; +static void handle_signal(int) { signal_cnt++; } FORK_TEST(Capmode, SelfKill) { pid_t me = getpid(); @@ -765,7 +765,13 @@ FORK_TEST(Capmode, SelfKill) { // Can only kill(2) to own pid. EXPECT_CAPMODE(kill(child, SIGUSR1)); EXPECT_OK(kill(me, SIGUSR1)); - EXPECT_EQ(1, had_signal); + EXPECT_EQ(1, signal_cnt); + + union sigval sv; + sv.sival_int = 0x1234; + EXPECT_CAPMODE(sigqueue(child, SIGUSR1, sv)); + EXPECT_OK(sigqueue(me, SIGUSR1, sv)); + EXPECT_EQ(2, signal_cnt); signal(SIGUSR1, original); } diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 1eac5cc2993f..40da0a79b810 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -2037,6 +2037,16 @@ kern_sigqueue(struct thread *td, pid_t pid, int signumf, union sigval *value) if (pid <= 0) return (EINVAL); + /* + * A process in capability mode can send signals only to itself. + */ + if (pid != td->td_proc->p_pid) { + if (CAP_TRACING(td)) + ktrcapfail(CAPFAIL_SIGNAL, &signum); + if (IN_CAPABILITY_MODE(td)) + return (ECAPMODE); + } + if ((signumf & __SIGQUEUE_TID) == 0) { if ((p = pfind_any(pid)) == NULL) return (ESRCH); From nobody Tue Jun 9 19:19:48 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyY3rFkz6gVXC for ; Tue, 09 Jun 2026 19:19:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyY0WlKz3QRp for ; Tue, 09 Jun 2026 19:19:49 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032789; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=K1GvGY4pc3c6MoctBvXO6tK13LShIugISATqv1qvEyY=; b=OoyGa92pfuJCP0/z0zY8uvjIXjtRpsB6rJnac2X02C1jmn4btsKmJL5dxEqbH37cu0M+bB ZfYqh9qCMJLcMC7GFYGWr8a3k/SJzilwg0KM4fuUfvzAx4BgU1aWSRcemFccNQp9W0QDMX kxVZQt5b5yhYUu7vjhgR9EUZU6KweQOB624tKb25AdV13NYye8rMdiLXzYsTXKnuXha54k tcZ5nc5psvHS5KnUw6JsvIloFS9fkIYnSqt+yGmQ+GA3G+bU0XvqJq4UWqgHPjZbDxSR4E XKCh11+9F1b1uaMTAnxdeFAYzdqaNSsIvG3wSUjsbm1gMptK+lIcd9AGDDKvAw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032789; a=rsa-sha256; cv=none; b=WlYmGjCywwHPv6+osEcvSb2/hAmYBVaLcTnaqmGLK8LR2NfB9heucPcfWxr7DoP1nbAgC1 fC1fdZ66wY9us37JYIlxsfwZ5+7mmonLIjNYlr9Pm38uLa163AqW8zb2IYhFlB9C3s3OcM Dl6eOz8Q71o+rrXWxs+DOd7HipXEwxh0605XsM3HNj4nebEyNjRpdAe2ztIIHX+H2MyoLd 0iqE3AMwTelpwEDlFC1t2GbBfKBzC/ifZREU26eLjQnCrNprnVtz16DjsJCTiICKtQPimm cGYa5A51yteIFHaqWd8ESgdkH9eYluI9b8ctD/RTs3JfzZ4CEAGS7SPmZZiG4w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032789; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=K1GvGY4pc3c6MoctBvXO6tK13LShIugISATqv1qvEyY=; b=IoygGGd4Py5PstS40IaShkFgS4iLSWUOrd2NnSKhhqC6dtIyBXIkQI1vW9xwMo2BWaivHy MCsFy/+zbTl27+byZmzE6x2MvTMLitkpV1KBH+9j4sXom/CWxyYInQleAptkVyQbD4+16s BkHrWfy3WrlluaHofPaZaVyXAnWFCP2GRxXuCp8Kgv5P5bExvOoqQzZ0vqhUDQJsylg+68 KcKwtlmmr6H2I78ARO7o81DAeNKqrPz/QGw29j0FKMXZyPngair9+JtFVhyh0HkpyW5zgH QZzMHZTjKcfWYGAhXrYHgbsk8Ltkl6VnVUo1Odd7zRC0074znJ53mO/pEPyXcw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyX71QzznCj for ; Tue, 09 Jun 2026 19:19:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3f428 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:48 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 0b18ec59972b - releng/15.0 - linux: Correct the issetugid check in copyout_auxargs List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: 0b18ec59972b1c378e1a092f5abc6bc03f614123 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:48 +0000 Message-Id: <6a286754.3f428.18db784a@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=0b18ec59972b1c378e1a092f5abc6bc03f614123 commit 0b18ec59972b1c378e1a092f5abc6bc03f614123 Author: Mark Johnston AuthorDate: 2026-05-29 21:41:35 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:32 +0000 linux: Correct the issetugid check in copyout_auxargs The runtime linker in glibc relies on the AT_SECURE auxv entry to know whether the executable is set-ugid, if so then various dangerous functionality such as LD_PRELOAD is disabled. The check added in commit 669414e4fb74 failed to take into account the fact that during execve, P_SUGID may not yet be set for a set-ugid process. Correct the test. Approved by: so Security: FreeBSD-SA-26:30.linux Security: CVE-2026-49413 Reported by: Minseong Kim Fixes: 669414e4fb74 ("Implement AT_SECURE properly.") Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57350 --- sys/compat/linux/linux_elf.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/sys/compat/linux/linux_elf.c b/sys/compat/linux/linux_elf.c index c9eb6aea8373..6c9f785c97e7 100644 --- a/sys/compat/linux/linux_elf.c +++ b/sys/compat/linux/linux_elf.c @@ -492,11 +492,9 @@ __linuxN(copyout_auxargs)(struct image_params *imgp, uintptr_t base) struct thread *td = curthread; Elf_Auxargs *args; Elf_Auxinfo *aarray, *pos; - struct proc *p; int error, issetugid; - p = imgp->proc; - issetugid = p->p_flag & P_SUGID ? 1 : 0; + issetugid = imgp->credential_setid ? 1 : 0; args = imgp->auxargs; aarray = pos = malloc(LINUX_AT_COUNT * sizeof(*pos), M_TEMP, M_WAITOK | M_ZERO); From nobody Tue Jun 9 19:19:47 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyX39BBz6gVDn for ; Tue, 09 Jun 2026 19:19:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyW6yzlz3Qcy for ; Tue, 09 Jun 2026 19:19:47 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032788; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Nadpof7yXtJPB3wF198n1IVGg4EAYZAfIvWtqfOajfw=; b=qh4yOXWIu1XKe0EDKBMpwcil175Pbb1rINdQ9XdioZTyvZHBdGuqfwTS2H0gSFM79hA4gt EmeclXf4yxjg+W1yotjgYSB01qcnOAl8/DdbuN8atYh4MYz+ZlPRUmjsigLnKDobNSvJOe byraBej6/mxkzS90ev4DGtqQWvC+iL8sMrtecKjx+rarcbbj0vprI+RbMimSQs586g0PU5 oK4xpRRqpbgwIGOVtY6BQEsmYUxq7vd6p0BJb52mLi9nxCcLUualQCHN0+IGGhbITce3uR 7lsj99e98Br67zwRq9PFRmZCvO9fmZym8bvYztyV17mJSsNOmFudoeu5MGK+Yw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032788; a=rsa-sha256; cv=none; b=lTIGmChJ+AVEKZlE0IHwruXxCVJkiwDdYbMx8N83BasEJp1NnWCuZ7IedGKDD19/aDMqYn iHXwmxgYyqWI24dDGt4MqdIARTxkKEBlTdQrfyWI93if9sSDcz2g7YuSWq03BRrYEmzwtc nccSqwQOge8yVkmfreD4CG+ErC8quEdIUHGnFnVENX5uIhL+wuLtQbpQr8WwFm5cMPsEhG IJqoKaeGEpngpPojMfBMVCMoupRwh5ev8ZbvAj8BfbyWHV4sASo6CxGv+Rdcixtufh42Jo w/HSHIRJAwXpfvrRQKQlS19Y8Fw0ywHdfvtRH0u2UwjX3NokEx4l35tMRKUzTQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032788; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Nadpof7yXtJPB3wF198n1IVGg4EAYZAfIvWtqfOajfw=; b=EBf3TwR9qm0wwYEA0g76sINMMPbOpySeN/oI8sHpRE2VhbO8JIQ5KZJGgK4pnM+asZA44D og9p6iOoNMmYfejGsONhNBoYhvL+LC7mhJdZ2abCu38pz1yhrkBKQ4G5lqulKJrNTlZn7N 5UUX9xIeqQoMjzW0oSFJFJQFU6kmAg2M3VQEcGp6Vp+cOZDIbF+aW6PUZyy8J/XPLGGzYu aFJlR980HXvnOquL8LFtrR6i8sqi7lwaJThQDb1qR80VzAeKEvFgVfDle6QtNaeTrcmy/2 AiifCOLB6sXckp/a4iOKWC7yUZgo7VE1FXCqdlKxf7s9bj/Ehc/waXCtUjtLcg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyW6XkMznwD for ; Tue, 09 Jun 2026 19:19:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e792 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:47 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: ed4692b8226e - releng/15.0 - in6_mcast: Fix a race in in6p_set_source_filter() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: ed4692b8226e81e03d1cf43ed4fa8ee311c9b851 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:47 +0000 Message-Id: <6a286753.3e792.6cfd3013@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=ed4692b8226e81e03d1cf43ed4fa8ee311c9b851 commit ed4692b8226e81e03d1cf43ed4fa8ee311c9b851 Author: Mark Johnston AuthorDate: 2026-05-29 20:12:24 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:32 +0000 in6_mcast: Fix a race in in6p_set_source_filter() We drop the inpcb lock in order to copy in the source list, but this leaves a window where the multicast filter structure might be freed. This can be exploited to obtain root privileges. In the v4 code this race is mitigated by holding the global multicast lock across the gap. Restructure the code to copy in filters before doing anything else, so that there's no need to drop the inpcb lock and reason about the correctness of doing so. Do the same in the v4 code for consistency. Approved by: so Security: FreeBSD-SA-26:29.ip6_multicast Security: CVE-2026-49412 Reported by: Andrew Griffiths Reported by: Maik Münch Reviewed by: glebius Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57347 --- sys/netinet/in_mcast.c | 39 +++++++++++++++++---------------------- sys/netinet6/in6_mcast.c | 41 +++++++++++++++++++---------------------- 2 files changed, 36 insertions(+), 44 deletions(-) diff --git a/sys/netinet/in_mcast.c b/sys/netinet/in_mcast.c index f5b20c49ffd2..43fa96616c70 100644 --- a/sys/netinet/in_mcast.c +++ b/sys/netinet/in_mcast.c @@ -2523,6 +2523,7 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct epoch_tracker et; struct __msfilterreq msfr; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in_mfilter *imf; @@ -2535,9 +2536,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) - return (ENOBUFS); - if ((msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE)) return (EINVAL); @@ -2550,13 +2548,24 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr))) return (EINVAL); + if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_inp_unlocked; + gsa->sin.sin_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); /* XXXGL: unsafe ifp */ - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_inp_unlocked; + } IN_MULTI_LOCK(); @@ -2588,24 +2597,9 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in_msource *lims; struct sockaddr_in *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_IGMPV3, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as imf_leave() @@ -2640,7 +2634,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->imsl_st[1] = imf->imf_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2677,6 +2670,8 @@ out_imf_rollback: out_inp_locked: INP_WUNLOCK(inp); IN_MULTI_UNLOCK(); +out_inp_unlocked: + free(kss, M_TEMP); return (error); } diff --git a/sys/netinet6/in6_mcast.c b/sys/netinet6/in6_mcast.c index a6186568ecb2..4ec9f36cd9ac 100644 --- a/sys/netinet6/in6_mcast.c +++ b/sys/netinet6/in6_mcast.c @@ -2489,6 +2489,7 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct __msfilterreq msfr; struct epoch_tracker et; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in6_mfilter *imf; @@ -2501,9 +2502,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) - return (ENOBUFS); - if (msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE) return (EINVAL); @@ -2516,19 +2514,31 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN6_IS_ADDR_MULTICAST(&gsa->sin6.sin6_addr)) return (EINVAL); + if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_in6p_unlocked; + gsa->sin6.sin6_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_in6p_unlocked; + } (void)in6_setscope(&gsa->sin6.sin6_addr, ifp, NULL); /* * Take the INP write lock. * Check if this socket is a member of this group. */ + IN6_MULTI_LOCK(); imo = in6p_findmoptions(inp); imf = im6o_match_group(imo, ifp, &gsa->sa); if (imf == NULL) { @@ -2553,24 +2563,9 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in6_msource *lims; struct sockaddr_in6 *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_MLD, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as im6f_leave() @@ -2615,7 +2610,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->im6sl_st[1] = imf->im6f_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2650,6 +2644,9 @@ out_im6f_rollback: out_in6p_locked: INP_WUNLOCK(inp); + IN6_MULTI_UNLOCK(); +out_in6p_unlocked: + free(kss, M_TEMP); return (error); } From nobody Tue Jun 9 19:19:51 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyb4pvzz6gVM7 for ; Tue, 09 Jun 2026 19:19:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyb2DMsz3QgY for ; Tue, 09 Jun 2026 19:19:51 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032791; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zFBfl2p6tMgJCJdr/ogrQ3A4+DICKXUhTk3r9nQkAbE=; b=MuZKQra8eHMCJ0igDb/74itPbSfH5L5I/fV9jmiFPA8CPFeiSRQi7B4IrnSA+49LZ0xf/l JuEmv8NERRHtxEFHcAIqlgaz3Ex4BROyVPfWRS7f3BPSabVeJbEu10DUVB9L/x9Z4dl3U3 7ac3i5wfhbfSPvUoBGSfQuJE+bzlyAfmTGnqMh4uemCgsr9ZcCUhQg2G+6sIvUhdiuCoG1 dwKKJJ6riQIBB3EkrmNjDTzh5cg+gpc9bOGkhENNyDlwfheHqELeixrnRJj6O1jUqq4rZ0 Lwq/WgKQOe95jlXceMbKf83eg+huLg1n2vuVzrTF2nuOfK42rpRlX8+m9JXe2Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032791; a=rsa-sha256; cv=none; b=UODAxjuuMulWi3iyTO0PIlzcUDYKqRRCW6R9g75v8xasRvZuCyWlFJFXYHv5esWQjJTnwB D1WJPc/viS6iKeLrIaYWlQEC8ek3h7lzXRnXGt0UFcCzUZQi/U8WBDFCnyGQ5ZOydl2AXv kZpUbPKs/CSrxn+NKWVr6Vtus9tN1lHbnDs8x6pHwWa5NCcGrL5OyooqK18Ya0jGu6laqJ jtlbkbxuWwx0QpJckT9Bk1+PlqeREyZC8D/BxNCLa+A/DJMC3EwNg4Ue7Uh87P7xQsfBur sx/NjhQUmqarGdBYwxnJ84Yc1BI2qXnMel8xAi/ypybeyBonm74ggsJ1Iw00OQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032791; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zFBfl2p6tMgJCJdr/ogrQ3A4+DICKXUhTk3r9nQkAbE=; b=TymgkzA+Mk34/5vG7ItQ/32QqQjd632uawvRL90Fmv6yJsaUzgexcLxAVaeH6Bp7Meoieb oDvuJP09K+VuzXrSJIyyfTlPhQGBf0a8CxT7x7ZNeWsYxXgKJzlNZM0fvTdTJ+ONfu7W5p +zs5YKTzVTia7C5C/AQXOcP2ZeIiRErpaN68IpvYthXsHBHp/P1ii6wbMqcFQwsX2jCVlw XBc9FHotvXLxt5WX/Jjmzc0iNTgPAOE5RWKsP9f1uS715BSha5iUO4vLu2a6sSA+qQ3pdt gH9rzmTKcbdNeLR/SferR3qfpml9h35DBWo4pJAWrfhU2wU7Sgi0murYerMjqw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyb1mnHzntT for ; Tue, 09 Jun 2026 19:19:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c8e5 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:51 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 6e51dfc401e7 - releng/15.0 - imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: 6e51dfc401e73efbdfab14885317fde8ff8f21ce Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:51 +0000 Message-Id: <6a286757.3c8e5.7aac7f0a@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=6e51dfc401e73efbdfab14885317fde8ff8f21ce commit 6e51dfc401e73efbdfab14885317fde8ff8f21ce Author: Mark Johnston AuthorDate: 2026-06-02 20:29:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:32 +0000 imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images Otherwise an unprivileged user can disable randomization of the base address for PIEs even if they are setugid. Add a regression test. Approved by: so Security: FreeBSD-SA-26:32.elf Security: CVE-2026-49414 Reported by: David Berard Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57397 --- sys/kern/imgact_elf.c | 55 ++++++++--------- tests/sys/kern/Makefile | 2 + tests/sys/kern/aslr.c | 157 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 187 insertions(+), 27 deletions(-) diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c index bc4fcad6c61b..ca5066c634f8 100644 --- a/sys/kern/imgact_elf.c +++ b/sys/kern/imgact_elf.c @@ -1241,11 +1241,39 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) error = ENOEXEC; goto ret; } + + /* + * Avoid a possible deadlock if the current address space is destroyed + * and that address space maps the locked vnode. In the common case, + * the locked vnode's v_usecount is decremented but remains greater + * than zero. Consequently, the vnode lock is not needed by vrele(). + * However, in cases where the vnode lock is external, such as nullfs, + * v_usecount may become zero. + * + * The VV_TEXT flag prevents modifications to the executable while + * the vnode is unlocked. + */ + VOP_UNLOCK(imgp->vp); + + /* + * Decide whether to enable randomization of user mappings. First, + * reset user preferences for the setid binaries. Then, account for the + * support of randomization by the ABI, by user preferences, and make + * special treatment for PIE binaries. + */ + if (imgp->credential_setid) { + PROC_LOCK(imgp->proc); + imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | + P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); + PROC_UNLOCK(imgp->proc); + } + sv = brand_info->sysvec; if (hdr->e_type == ET_DYN) { if ((brand_info->flags & BI_CAN_EXEC_DYN) == 0) { uprintf("Cannot execute shared object\n"); error = ENOEXEC; + (void)vn_lock(imgp->vp, LK_SHARED | LK_RETRY); goto ret; } /* @@ -1264,33 +1292,6 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) imgp->et_dyn_addr = __elfN(pie_base); } } - - /* - * Avoid a possible deadlock if the current address space is destroyed - * and that address space maps the locked vnode. In the common case, - * the locked vnode's v_usecount is decremented but remains greater - * than zero. Consequently, the vnode lock is not needed by vrele(). - * However, in cases where the vnode lock is external, such as nullfs, - * v_usecount may become zero. - * - * The VV_TEXT flag prevents modifications to the executable while - * the vnode is unlocked. - */ - VOP_UNLOCK(imgp->vp); - - /* - * Decide whether to enable randomization of user mappings. - * First, reset user preferences for the setid binaries. - * Then, account for the support of the randomization by the - * ABI, by user preferences, and make special treatment for - * PIE binaries. - */ - if (imgp->credential_setid) { - PROC_LOCK(imgp->proc); - imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | - P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); - PROC_UNLOCK(imgp->proc); - } if ((sv->sv_flags & SV_ASLR) == 0 || (imgp->proc->p_flag2 & P2_ASLR_DISABLE) != 0 || (fctl0 & NT_FREEBSD_FCTL_ASLR_DISABLE) != 0) { diff --git a/tests/sys/kern/Makefile b/tests/sys/kern/Makefile index 8a2788470a8d..0384529a5a97 100644 --- a/tests/sys/kern/Makefile +++ b/tests/sys/kern/Makefile @@ -7,6 +7,7 @@ TESTSRC= ${SRCTOP}/contrib/netbsd-tests/kernel TESTSDIR= ${TESTSBASE}/sys/kern +ATF_TESTS_C+= aslr ATF_TESTS_C+= basic_signal ATF_TESTS_C+= copy_file_range .if ${MACHINE_ARCH} != "i386" && ${MACHINE_ARCH} != "powerpc" && \ @@ -84,6 +85,7 @@ PROGS+= coredump_phnum_helper PROGS+= pdeathsig_helper PROGS+= sendfile_helper +LIBADD.aslr+= util LIBADD.copy_file_range+= md LIBADD.jail_lookup_root+= jail util LIBADD.jaildesc+= pthread diff --git a/tests/sys/kern/aslr.c b/tests/sys/kern/aslr.c new file mode 100644 index 000000000000..13038054603c --- /dev/null +++ b/tests/sys/kern/aslr.c @@ -0,0 +1,157 @@ +/* + * Copyright (c) 2026 The FreeBSD Foundation + * + * This software was developed by Mark Johnston under sponsorship from the + * FreeBSD Foundation. + */ + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include + +/* + * Spawn an unprivileged child with ASLR force-disabled, which then execs + * /sbin/ping (setuid root). + */ +static pid_t +spawn_ping(const atf_tc_t *tc) +{ + const char *user; + struct passwd *passwd; + pid_t child; + int arg, error; + + user = atf_tc_get_config_var(tc, "unprivileged_user"); + passwd = getpwnam(user); + ATF_REQUIRE(passwd != NULL); + + child = fork(); + ATF_REQUIRE(child >= 0); + if (child == 0) { + if (seteuid(passwd->pw_uid) != 0) + _exit(1); + + arg = PROC_ASLR_FORCE_DISABLE; + error = procctl(P_PID, getpid(), PROC_ASLR_CTL, &arg); + if (error != 0) + _exit(2); + + execl("/sbin/ping", "ping", "127.0.0.1", NULL); + _exit(127); + } + usleep(500000); /* XXX-MJ */ + + return (child); +} + +/* + * Return the base address of the first mapping backed by the specified + * executable in the given process, or 0 if not found. + */ +static uint64_t +text_base(pid_t pid, const char *path) +{ + struct kinfo_vmentry *vmmap; + uint64_t base; + int cnt; + + base = 0; + vmmap = kinfo_getvmmap(pid, &cnt); + if (vmmap == NULL) + return (0); + for (int i = 0; i < cnt; i++) { + if (vmmap[i].kve_type == KVME_TYPE_VNODE && + strcmp(vmmap[i].kve_path, path) == 0) { + base = vmmap[i].kve_start; + break; + } + } + free(vmmap); + return (base); +} + +/* + * Make sure that ASLR can't be disabled for a setuid executable by an + * unprivileged user. + */ +ATF_TC(aslr_setuid); +ATF_TC_HEAD(aslr_setuid, tc) +{ + atf_tc_set_md_var(tc, "require.user", "root"); + atf_tc_set_md_var(tc, "require.config", "unprivileged_user"); +} +ATF_TC_BODY(aslr_setuid, tc) +{ + struct stat sb; + uint64_t bases[5]; + pid_t child, pid; + int arg, error, st; + + if (!atf_tc_has_config_var(tc, "unprivileged_user")) + atf_tc_skip("unprivileged_user not set"); + + error = stat("/sbin/ping", &sb); + ATF_REQUIRE(error == 0); + ATF_REQUIRE_MSG(sb.st_uid == 0 && (sb.st_mode & S_ISUID) != 0, + "/sbin/ping is not setuid root"); + + child = spawn_ping(tc); + bases[0] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[0] != 0, + "failed to find /sbin/ping text segment"); + + arg = 0; + error = procctl(P_PID, child, PROC_ASLR_STATUS, &arg); + ATF_REQUIRE_MSG(error == 0, "procctl ASLR_STATUS failed: %s", + strerror(errno)); + ATF_REQUIRE_MSG((arg & PROC_ASLR_ACTIVE) != 0, + "ASLR is not active for setuid child"); + ATF_REQUIRE_MSG((arg & ~PROC_ASLR_ACTIVE) == PROC_ASLR_NOFORCE, + "expected NOFORCE for setuid child, got %d", + arg & ~PROC_ASLR_ACTIVE); + + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + + for (size_t i = 1; i < nitems(bases); i++) { + child = spawn_ping(tc); + bases[i] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[i] != 0, + "failed to find /sbin/ping text segment"); + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + } + + /* Verify that the text base is different across all runs. */ + for (size_t i = 0; i < nitems(bases); i++) { + for (size_t j = i + 1; j < nitems(bases); j++) { + ATF_REQUIRE_MSG(bases[i] != bases[j], + "ping text base collision 0x%jx", + (uintmax_t)bases[i]); + } + } +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, aslr_setuid); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:19:50 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyZ4D60z6gV9w for ; Tue, 09 Jun 2026 19:19:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyZ1JtWz3QgW for ; Tue, 09 Jun 2026 19:19:50 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032790; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UYcX+tp0kc+wwhsVP28q+KjaT5OtZzBHlfoDHxfoFGQ=; b=NPNgkPK3fDLQVcJYoGd+azQlZybMyK3rEvEBgKOd0nReHofv4NgRhWBV6m0vfmITtFFx/q tEcQPDeeFMuE9cJYiINC5l2RW9ZVkOu0w8bMTIj55f8mihRrfL259C3BdC0xo8Q1LPKaHf XTVm1F2HdjXisnf9i9QlsENTPj9po3q/nmQIPx9l4WPgiLiFQeYSLAQm8IYVJRvBnqERig zdTIDdhjxeR4aLOzPx9+kkFzWI49jj8YRFiVncgYZMMe4dO/QN99kUqrR+y0woHHiCRSa+ D16IlDNuezxZlkxSzwnNcN0C0LFPM4HhxGVI0/vIutO9J6O5fD7vgD4TQujGyQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032790; a=rsa-sha256; cv=none; b=vh2EfAduqA+bOx3n7nCMrLH2jBl4jm98Et8G/KeIEtCU6/edb1UF4X9wpTNcP61DSUd1gz B+yy5o4XwfuWfm9dUf9iSz3LDpG4ggB+NVXXVx7ge4a7CeWJpguRH4yZOpoEVeH2N9wtzP 7JHLKjImjo5ULBZd9m+2j1EYxMxCH4VmR5TZ4/yd/Av2lL4uLwHRmlfamraxTQJCAarTxD 4WgTU77qp+uRt6mJ2h+BV4LcGJ/DelLYeUCD8K6nw0oOO9cVTfFgJfy23pj9lNI6n5HP3P nYvMNtD6hOP1JlTSK5Qt3XijMheb0R2TEz20gFUVwq8yoY8EabK9ucXX69fM6g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032790; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=UYcX+tp0kc+wwhsVP28q+KjaT5OtZzBHlfoDHxfoFGQ=; b=nczaFCjKIU1Hvhs4BNWIbqaIjXZvz5BnPiuuCPzevV8X3gzXc+kv6iCIOmZqDD1PCbutAv NB59md/HxheWXV0mbD5eq120mYE0IxmpMMNnaQy/Weq8HITlk83hR6i5DuQ+y7cznD3gz/ jGgVyOTQLfEeIuax02VxOI2gg3QQFLOuKPCn2nTkmYH0czAFWOGM2Gq8/ZStles5nkkAQ3 JFimJT/whhDIe76hwUYY82mRutpuAQd5A1wYvxEotyvqbpfIgyTzIFUM/xdpXtz61kIrpJ 58AcAFoRUat8oXdYzOtfZoJ+24jlJiGiKYvxuOsol548DcEHCA4AX/QFI+2y+g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyZ0ncBzp1f for ; Tue, 09 Jun 2026 19:19:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d549 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:50 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Andrew Turner From: Mark Johnston Subject: git: a53619675cdc - releng/15.0 - arm64: Workaround the following errata List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: a53619675cdcdf495baf6c0f9932bb71ee7a733f Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:50 +0000 Message-Id: <6a286756.3d549.bd6792@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=a53619675cdcdf495baf6c0f9932bb71ee7a733f commit a53619675cdcdf495baf6c0f9932bb71ee7a733f Author: Andrew Turner AuthorDate: 2026-05-28 09:25:30 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:32 +0000 arm64: Workaround the following errata - ARM C1-Premium erratum 4193780 - ARM C1-Ultra erratum 4193780 - ARM Cortex-A76 erratum 4193800 - ARM Cortex-A76AE erratum 4193801 - ARM Cortex-A77 erratum 4193798 - ARM Cortex-A78 erratum 4193791 - ARM Cortex-A78AE erratum 4193793 - ARM Cortex-A78C erratum 4193794 - ARM Cortex-A710 erratum 4193788 - ARM Cortex-X1 erratum 4193791 - ARM Cortex-X1C erratum 4193792 - ARM Cortex-X2 erratum 4193788 - ARM Cortex-X3 erratum 4193786 - ARM Cortex-X4 erratum 4118414 - ARM Cortex-X925 erratum 4193781 - ARM Neoverse-N1 erratum 4193800 - ARM Neoverse-N2 erratum 4193789 - ARM Neoverse-V1 erratum 4193790 - ARM Neoverse-V2 erratum 4193787 - ARM Neoverse-V3 erratum 4193784 - ARM Neoverse-V3AE erratum 4193784 These are all variants on an erratum where TLBI+DSB instructions on one CPU may incorrectly complete early leading to stores to an updated address using an incorrect translation on another CPU. In all cases the workaround is to add a second TLBI+DSB. Approved by: so Security: FreeBSD-SA-26:31.arm64 Security: CVE-2025-10263 Sponsored by: Arm Ltd --- sys/arm64/arm64/pmap.c | 60 ++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 51 insertions(+), 9 deletions(-) diff --git a/sys/arm64/arm64/pmap.c b/sys/arm64/arm64/pmap.c index dbf5c820d20b..7465c4193854 100644 --- a/sys/arm64/arm64/pmap.c +++ b/sys/arm64/arm64/pmap.c @@ -1729,20 +1729,62 @@ static cpu_feat_en pmap_multiple_tlbi_check(const struct cpu_feat *feat __unused, u_int midr) { /* - * Cortex-A55 erratum 2441007 (Cat B rare) + * ARM C1-Premium erratum 4193780 + * ARM C1-Ultra erratum 4193780 + * ARM Cortex-A76 erratum 4193800 + * ARM Cortex-A76AE erratum 4193801 + * ARM Cortex-A77 erratum 4193798 + * ARM Cortex-A78 erratum 4193791 + * ARM Cortex-A78AE erratum 4193793 + * ARM Cortex-A78C erratum 4193794 + * ARM Cortex-A710 erratum 4193788 + * ARM Cortex-X1 erratum 4193791 + * ARM Cortex-X1C erratum 4193792 + * ARM Cortex-X2 erratum 4193788 + * ARM Cortex-X3 erratum 4193786 + * ARM Cortex-X4 erratum 4118414 + * ARM Cortex-X925 erratum 4193781 + * ARM Neoverse-N1 erratum 4193800 + * ARM Neoverse-N2 erratum 4193789 + * ARM Neoverse-V1 erratum 4193790 + * ARM Neoverse-V2 erratum 4193787 + * ARM Neoverse-V3 erratum 4193784 + * ARM Neoverse-V3AE erratum 4193784 * Present in all revisions */ - if (CPU_IMPL(midr) == CPU_IMPL_ARM && - CPU_PART(midr) == CPU_PART_CORTEX_A55) - return (FEAT_DEFAULT_DISABLE); + if (CPU_IMPL(midr) == CPU_IMPL_ARM) { + switch(CPU_PART(midr)) { + case CPU_PART_C1_PREMIUM: + case CPU_PART_C1_ULTRA: + case CPU_PART_CORTEX_A76: + case CPU_PART_CORTEX_A76AE: + case CPU_PART_CORTEX_A77: + case CPU_PART_CORTEX_A78: + case CPU_PART_CORTEX_A78AE: + case CPU_PART_CORTEX_A78C: + case CPU_PART_CORTEX_A710: + case CPU_PART_CORTEX_X1: + case CPU_PART_CORTEX_X1C: + case CPU_PART_CORTEX_X2: + case CPU_PART_CORTEX_X3: + case CPU_PART_CORTEX_X4: + case CPU_PART_CORTEX_X925: + case CPU_PART_NEOVERSE_N1: + case CPU_PART_NEOVERSE_N2: + case CPU_PART_NEOVERSE_V1: + case CPU_PART_NEOVERSE_V2: + case CPU_PART_NEOVERSE_V3: + case CPU_PART_NEOVERSE_V3AE: + return (FEAT_DEFAULT_ENABLE); + } + } /* - * Cortex-A76 erratum 1286807 (Cat B rare) - * Present in r0p0 - r3p0 - * Fixed in r3p1 + * Cortex-A55 erratum 2441007 (Cat B rare) + * Present in all revisions */ - if (midr_check_var_part_range(midr, CPU_IMPL_ARM, CPU_PART_CORTEX_A76, - 0, 0, 3, 0)) + if (CPU_IMPL(midr) == CPU_IMPL_ARM && + CPU_PART(midr) == CPU_PART_CORTEX_A55) return (FEAT_DEFAULT_DISABLE); /* From nobody Tue Jun 9 19:19:54 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyf6vZFz6gVd6 for ; Tue, 09 Jun 2026 19:19:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyf4jXzz3Qbt for ; Tue, 09 Jun 2026 19:19:54 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032794; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=5ucOXBywgJOVo8mt28m7QHa1ezs9xW646rnm0iKezFE=; b=HQtc/fyJCvianYmm+NvCn56ix5FDp0x74QjvOB3IoA7zXyyDlXBAbDVjnHqkEA7fn1hfJo q3ciueW94yLPSWA4R6fWiY9JzTuJjmNo8aaBxdmyWrlL81WhxMe7AAPh+QordN0zo5kWDF NiRcrhtE8Dzri0UAmJN3xTJB7ruitxQNM95QAFL/fk+Fu5SmQKRtKK7L4jJubsNpi0xBZB imbdAJzbG+yMLay6eMG6bFmOvkhdisUxowgDHpG1c+2cnqinj4CRdKULlZpdKiB0uaOIWc KeAFymD4eFPfYtikTeHgRo6cJAtFu/vuEwhKDw3OgoA0Jgas365EW6flyNdenQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032794; a=rsa-sha256; cv=none; b=Xljaaig+AkMrYNywiXCJS0Q1nezZs9vqZI12BVXLlySnhVsUSM5e1nGs4bdS2PUzh6mVD7 3pn4zWcPAQbBAgBlaGiekVnzFl8ggSWjppJoIxh1aPz0JVyMN2/NzamIDnx8rHojYigOK/ GbQ0KNprsa8GlfSL68a91fcwABYJh731Vna6VlMQp3XMKJFoB6BOSrEN2vSOAZqPYJlalS ouTVhsS5PJWvuDsW4giAAQOW51CMJgXZYTPlDMhfUMs67Dhx8050dbmsujTka1HkkTNdEn xjFjQMsHmJ2gSNQVoKtA9nQWFaYUqWRuwC5pveNAPs723YuBN+gQ8x0TcQhyRw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032794; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=5ucOXBywgJOVo8mt28m7QHa1ezs9xW646rnm0iKezFE=; b=UmtFrgmw7vuUBVutwtDKLYUwDWEHcpUtLWxGccF23/WadjxODlc2yS4aPzOOkiXnRltegZ shF6oSsNh310MAAvvrgyBTkTzE52u81ULUsZhlqeqQ1D/vnhwEpk6z1ugOc8HJZ6ZAb2HA CMsBAslXbUaC3Z9miZ+0qA1KqOamRzP7s1AcDr96VV6sFU/priDWBrOX69Z0juwLhIfjyw BpOX91RiLtLtMESrp6IrQX/FGrZcmCxCpOYa6m7MK4RI6O/co1aJIZvOZw6okERMeGVgX+ wKLZVkDL6/8Yhi2pIYgm4xUXlEkSno/6MS7WVknFmotCPhaGOxup1scHBgMt7Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyf4HWvznGC for ; Tue, 09 Jun 2026 19:19:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ecc8 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:54 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: 0d6ccbb7524f - releng/15.0 - openssl: Fix multiple vulnerabilities List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: 0d6ccbb7524f150422861c96a87de01ab171e1d0 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:54 +0000 Message-Id: <6a28675a.3ecc8.451815f@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=0d6ccbb7524f150422861c96a87de01ab171e1d0 commit 0d6ccbb7524f150422861c96a87de01ab171e1d0 Author: Gordon Tetlow AuthorDate: 2026-04-29 08:23:24 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:33 +0000 openssl: Fix multiple vulnerabilities This is a rollup commit from upstream to fix: Reject oversized inputs in ASN1_mbstring_ncopy() cms: kek_unwrap_key: Fix out-of-bounds read in check-byte validation cms: kek_unwrap_key: test for fix out-of-bounds read in check-byte validation Avoid length truncation in ASN1_STRING_set pkcs12: verify that the pbmac1 key length is safe Reject potentially forged encrypted CMS AuthEnvelopedData messages QUIC stack must limit the number of PATH_CHALLENGE frames processed in RX Fix NULL dereference in QUIC address validation Fix potential NULL dereference processing CMS PasswordRecipientInfo Fix potential NULL dereference in OSSL_CRMF_ENCRYPTEDVALUE_decrypt() Enforce implicit rejection for CMS/PKCS#7 decryption Use the correct issuer when validating rootCAKeyUpdate Match the local q DHX parameter against the peer's q Apply the buffered IV on the AES-OCB EVP_Cipher() path Fix handling of empty-ciphertext messages in AES-GCM-SIV and AES-SIV Fix possible use-after-free in OpenSSL PKCS7_verify() Approved by: so Obtained from: OpenSSL Security: FreeBSD-SA-26:35.openssl Security: CVE-2026-7383 Security: CVE-2026-9076 Security: CVE-2026-34180 Security: CVE-2026-34181 Security: CVE-2026-34182 Security: CVE-2026-34183 Security: CVE-2026-42764 Security: CVE-2026-42766 Security: CVE-2026-42767 Security: CVE-2026-42768 Security: CVE-2026-42769 Security: CVE-2026-42770 Security: CVE-2026-45445 Security: CVE-2026-45446 Security: CVE-2026-45447 --- crypto/openssl/crypto/asn1/a_mbstr.c | 31 ++++- crypto/openssl/crypto/asn1/tasn_dec.c | 24 ++-- crypto/openssl/crypto/cmp/cmp_genm.c | 6 +- crypto/openssl/crypto/cms/cms_enc.c | 10 +- crypto/openssl/crypto/cms/cms_env.c | 7 -- crypto/openssl/crypto/cms/cms_pwri.c | 13 +- crypto/openssl/crypto/crmf/crmf_lib.c | 10 +- crypto/openssl/crypto/pkcs12/p12_mutl.c | 8 +- crypto/openssl/crypto/pkcs7/pk7_doit.c | 7 -- crypto/openssl/crypto/pkcs7/pk7_smime.c | 9 +- crypto/openssl/doc/man3/CMS_decrypt.pod | 4 +- crypto/openssl/doc/man3/PKCS7_decrypt.pod | 10 +- crypto/openssl/include/internal/quic_cfq.h | 1 + crypto/openssl/include/internal/quic_channel.h | 1 + crypto/openssl/include/internal/quic_fifd.h | 1 + .../ciphers/cipher_aes_gcm_siv_hw.c | 27 ++-- .../implementations/ciphers/cipher_aes_ocb.c | 13 ++ .../implementations/ciphers/cipher_aes_siv.c | 3 + .../providers/implementations/exchange/dh_exch.c | 5 +- crypto/openssl/ssl/quic/quic_cfq.c | 15 +++ crypto/openssl/ssl/quic/quic_channel.c | 6 + crypto/openssl/ssl/quic/quic_channel_local.h | 39 ++++++ crypto/openssl/ssl/quic/quic_fifd.c | 43 +++++++ crypto/openssl/ssl/quic/quic_port.c | 6 +- crypto/openssl/ssl/quic/quic_rx_depack.c | 60 +++++---- crypto/openssl/ssl/quic/quic_txp.c | 2 + crypto/openssl/test/cmsapitest.c | 48 ++++++- crypto/openssl/test/evp_extra_test.c | 140 +++++++++++++++++++++ crypto/openssl/test/recipes/80-test_cmsapi.t | 3 +- .../80-test_cmsapi_data/cms_pwri_kek_oob.der | Bin 0 -> 193 bytes crypto/openssl/test/recipes/80-test_pkcs12.t | 13 +- .../pbmac1_256_256.bad-key-len.p12 | Bin 0 -> 2803 bytes .../pbmac1_256_256.good-shorter-key-len.p12 | Bin 0 -> 2803 bytes 33 files changed, 472 insertions(+), 93 deletions(-) diff --git a/crypto/openssl/crypto/asn1/a_mbstr.c b/crypto/openssl/crypto/asn1/a_mbstr.c index 2270e63d51d4..962e19b2ceaa 100644 --- a/crypto/openssl/crypto/asn1/a_mbstr.c +++ b/crypto/openssl/crypto/asn1/a_mbstr.c @@ -174,11 +174,27 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, break; case MBSTRING_BMP: + if (nchar > INT_MAX / 2) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 1; cpyfunc = cpy_bmp; break; case MBSTRING_UNIV: + if (nchar > INT_MAX / 4) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 2; cpyfunc = cpy_univ; break; @@ -186,8 +202,11 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_UTF8: outlen = 0; ret = traverse_string(in, len, inform, out_utf8, &outlen); - if (ret < 0) { - ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); + if (ret < 0) { /* error already raised in out_utf8() */ + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } return -1; } cpyfunc = cpy_utf8; @@ -270,9 +289,15 @@ static int out_utf8(unsigned long value, void *arg) int *outlen, len; len = UTF8_putc(NULL, -1, value); - if (len <= 0) + if (len <= 0) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); return len; + } outlen = arg; + if (*outlen > INT_MAX - len) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + return -1; + } *outlen += len; return 1; } diff --git a/crypto/openssl/crypto/asn1/tasn_dec.c b/crypto/openssl/crypto/asn1/tasn_dec.c index 91c2e524f55b..e9532b9f48f7 100644 --- a/crypto/openssl/crypto/asn1/tasn_dec.c +++ b/crypto/openssl/crypto/asn1/tasn_dec.c @@ -54,7 +54,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it); /* Table to convert tags to bit values, used for MSTRING type */ @@ -855,19 +855,24 @@ err: /* Translate ASN1 content octets into a structure */ -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it) { ASN1_VALUE **opval = NULL; ASN1_STRING *stmp; ASN1_TYPE *typ = NULL; int ret = 0; + int ilen = (int)len; const ASN1_PRIMITIVE_FUNCS *pf; ASN1_INTEGER **tint; pf = it->funcs; - if (pf && pf->prim_c2i) - return pf->prim_c2i(pval, cont, len, utype, free_cont, it); + if (pf && pf->prim_c2i) { + if (len == (long)ilen) + return pf->prim_c2i(pval, cont, ilen, utype, free_cont, it); + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + return 0; + } /* If ANY type clear type and set pointer to internal value */ if (it->utype == V_ASN1_ANY) { if (*pval == NULL) { @@ -885,7 +890,8 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, } switch (utype) { case V_ASN1_OBJECT: - if (!ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) + if (len != (long)ilen + || !ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, ilen)) goto err; break; @@ -940,6 +946,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_SET: case V_ASN1_SEQUENCE: default: + if (len != (long)ilen) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + goto err; + } if (utype == V_ASN1_BMPSTRING && (len & 1)) { ERR_raise(ERR_LIB_ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); goto err; @@ -970,10 +980,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, } /* If we've already allocated a buffer use it */ if (*free_cont) { - ASN1_STRING_set0(stmp, (unsigned char *)cont /* UGLY CAST! */, len); + ASN1_STRING_set0(stmp, (unsigned char *)cont /* UGLY CAST! */, ilen); *free_cont = 0; } else { - if (!ASN1_STRING_set(stmp, cont, len)) { + if (!ASN1_STRING_set(stmp, cont, ilen)) { ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); ASN1_STRING_free(stmp); *pval = NULL; diff --git a/crypto/openssl/crypto/cmp/cmp_genm.c b/crypto/openssl/crypto/cmp/cmp_genm.c index bcc121f14695..ec1f03d20c1a 100644 --- a/crypto/openssl/crypto/cmp/cmp_genm.c +++ b/crypto/openssl/crypto/cmp/cmp_genm.c @@ -202,7 +202,7 @@ static int selfsigned_verify_cb(int ok, X509_STORE_CTX *store_ctx) for (i = 0; i < sk_X509_num(trust); i++) { issuer = sk_X509_value(trust, i); if ((*check_issued)(store_ctx, cert, issuer)) { - if (X509_add_cert(chain, cert, X509_ADD_FLAG_UP_REF)) + if (X509_add_cert(chain, issuer, X509_ADD_FLAG_UP_REF)) ok = 1; break; } @@ -235,6 +235,7 @@ static int verify_ss_cert(OSSL_LIB_CTX *libctx, const char *propq, if ((csc = X509_STORE_CTX_new_ex(libctx, propq)) == NULL || !X509_STORE_CTX_init(csc, ts, target, untrusted)) goto err; + X509_STORE_CTX_set_flags(csc, X509_V_FLAG_CHECK_SS_SIGNATURE); X509_STORE_CTX_set_verify_cb(csc, selfsigned_verify_cb); ok = X509_verify_cert(csc) > 0; @@ -253,7 +254,8 @@ verify_ss_cert_trans(OSSL_CMP_CTX *ctx, X509 *trusted /* may be NULL */, int res = 0; if (trusted != NULL) { - X509_VERIFY_PARAM *vpm = X509_STORE_get0_param(ts); + X509_VERIFY_PARAM *vpm = (ts == NULL) ? NULL + : X509_STORE_get0_param(ts); if ((ts = X509_STORE_new()) == NULL) return 0; diff --git a/crypto/openssl/crypto/cms/cms_enc.c b/crypto/openssl/crypto/cms/cms_enc.c index 08afb5ab114b..ba7082cebd72 100644 --- a/crypto/openssl/crypto/cms/cms_enc.c +++ b/crypto/openssl/crypto/cms/cms_enc.c @@ -109,13 +109,15 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, goto err; } piv = aparams.iv; - if (ec->taglen > 0 - && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, - ec->taglen, ec->tag) - <= 0) { + + if (ec->taglen < 4 || ec->taglen > 16 + || EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, (int)ec->taglen, ec->tag) <= 0) { ERR_raise(ERR_LIB_CMS, CMS_R_CIPHER_AEAD_SET_TAG_ERROR); goto err; } + } else if (auth) { + ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM); + goto err; } } len = EVP_CIPHER_CTX_get_key_length(ctx); diff --git a/crypto/openssl/crypto/cms/cms_env.c b/crypto/openssl/crypto/cms/cms_env.c index 0828d157fad6..70dd59c06169 100644 --- a/crypto/openssl/crypto/cms/cms_env.c +++ b/crypto/openssl/crypto/cms/cms_env.c @@ -619,13 +619,6 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, if (!ossl_cms_env_asn1_ctrl(ri, 1)) goto err; - if (EVP_PKEY_is_a(pkey, "RSA")) - /* upper layer CMS code incorrectly assumes that a successful RSA - * decryption means that the key matches ciphertext (which never - * was the case, implicit rejection or not), so to make it work - * disable implicit rejection for RSA keys */ - EVP_PKEY_CTX_ctrl_str(ktri->pctx, "rsa_pkcs1_implicit_rejection", "0"); - if (evp_pkey_decrypt_alloc(ktri->pctx, &ek, &eklen, fixlen, ktri->encryptedKey->data, ktri->encryptedKey->length) diff --git a/crypto/openssl/crypto/cms/cms_pwri.c b/crypto/openssl/crypto/cms/cms_pwri.c index d62dbbde881b..faf6a164669b 100644 --- a/crypto/openssl/crypto/cms/cms_pwri.c +++ b/crypto/openssl/crypto/cms/cms_pwri.c @@ -200,18 +200,18 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen, EVP_CIPHER_CTX *ctx) { - size_t blocklen = EVP_CIPHER_CTX_get_block_size(ctx); + int blocklen = EVP_CIPHER_CTX_get_block_size(ctx); unsigned char *tmp; int outl, rv = 0; - if (blocklen == 0) + if (blocklen < 4) return 0; - if (inlen < 2 * blocklen) { + if (inlen < 2 * (size_t)blocklen) { /* too small */ return 0; } - if (inlen % blocklen) { + if (inlen > INT_MAX || inlen % blocklen) { /* Invalid size */ return 0; } @@ -367,6 +367,11 @@ int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, /* Finish password based key derivation to setup key in "ctx" */ + if (algtmp == NULL) { + ERR_raise_data(ERR_LIB_CMS, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER, + "Missing KeyDerivationAlgorithm"); + goto err; + } if (!EVP_PBE_CipherInit_ex(algtmp->algorithm, (char *)pwri->pass, (int)pwri->passlen, algtmp->parameter, kekctx, en_de, diff --git a/crypto/openssl/crypto/crmf/crmf_lib.c b/crypto/openssl/crypto/crmf/crmf_lib.c index d5c8983b2fd4..34477d52662d 100644 --- a/crypto/openssl/crypto/crmf/crmf_lib.c +++ b/crypto/openssl/crypto/crmf/crmf_lib.c @@ -766,6 +766,7 @@ unsigned char *OSSL_CRMF_ENCRYPTEDVALUE_decrypt(const OSSL_CRMF_ENCRYPTEDVALUE * EVP_CIPHER *cipher = NULL; /* used cipher */ int cikeysize = 0; /* key size from cipher */ unsigned char *iv = NULL; /* initial vector for symmetric encryption */ + int iv_len; /* iv length */ unsigned char *out = NULL; /* decryption output buffer */ int n, ret = 0; EVP_PKEY_CTX *pkctx = NULL; /* private key context */ @@ -820,11 +821,12 @@ unsigned char *OSSL_CRMF_ENCRYPTEDVALUE_decrypt(const OSSL_CRMF_ENCRYPTEDVALUE * } else { goto end; } - if ((iv = OPENSSL_malloc(EVP_CIPHER_get_iv_length(cipher))) == NULL) + iv_len = EVP_CIPHER_get_iv_length(cipher); + if ((iv = OPENSSL_malloc(iv_len)) == NULL) goto end; - if (ASN1_TYPE_get_octetstring(enc->symmAlg->parameter, iv, - EVP_CIPHER_get_iv_length(cipher)) - != EVP_CIPHER_get_iv_length(cipher)) { + if (enc->symmAlg->parameter == NULL + || ASN1_TYPE_get_octetstring(enc->symmAlg->parameter, iv, iv_len) + != iv_len) { ERR_raise(ERR_LIB_CRMF, CRMF_R_MALFORMED_IV); goto end; } diff --git a/crypto/openssl/crypto/pkcs12/p12_mutl.c b/crypto/openssl/crypto/pkcs12/p12_mutl.c index 01956252df76..15072e12f26b 100644 --- a/crypto/openssl/crypto/pkcs12/p12_mutl.c +++ b/crypto/openssl/crypto/pkcs12/p12_mutl.c @@ -144,11 +144,13 @@ static int PBMAC1_PBKDF2_HMAC(OSSL_LIB_CTX *ctx, const char *propq, } pbkdf2_salt = pbkdf2_param->salt->value.octet_string; - /* RFC 9579 specifies missing key length as invalid */ + /* RFC 9879 specifies missing key length as invalid */ if (pbkdf2_param->keylength != NULL) keylen = ASN1_INTEGER_get(pbkdf2_param->keylength); - if (keylen <= 0 || keylen > EVP_MAX_MD_SIZE) { - ERR_raise(ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR); + /* RFC 9879 specifies too short key length as untrustworthy too */ + if (keylen < 20 || keylen > EVP_MAX_MD_SIZE) { + ERR_raise_data(ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR, + "Invalid Key length (%d is not in the range 20..64)", keylen); goto err; } diff --git a/crypto/openssl/crypto/pkcs7/pk7_doit.c b/crypto/openssl/crypto/pkcs7/pk7_doit.c index d6513cf3a379..1ec7895fc197 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_doit.c +++ b/crypto/openssl/crypto/pkcs7/pk7_doit.c @@ -203,13 +203,6 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, if (EVP_PKEY_decrypt_init(pctx) <= 0) goto err; - if (EVP_PKEY_is_a(pkey, "RSA")) - /* upper layer pkcs7 code incorrectly assumes that a successful RSA - * decryption means that the key matches ciphertext (which never - * was the case, implicit rejection or not), so to make it work - * disable implicit rejection for RSA keys */ - EVP_PKEY_CTX_ctrl_str(pctx, "rsa_pkcs1_implicit_rejection", "0"); - ret = evp_pkey_decrypt_alloc(pctx, &ek, &eklen, fixlen, ri->enc_key->data, ri->enc_key->length); if (ret <= 0) diff --git a/crypto/openssl/crypto/pkcs7/pk7_smime.c b/crypto/openssl/crypto/pkcs7/pk7_smime.c index 97f20058979f..dc003ee2affd 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_smime.c +++ b/crypto/openssl/crypto/pkcs7/pk7_smime.c @@ -222,6 +222,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, int i, j = 0, k, ret = 0; BIO *p7bio = NULL; BIO *tmpout = NULL; + BIO *next = NULL; const PKCS7_CTX *p7_ctx; if (p7 == NULL) { @@ -352,9 +353,11 @@ err: BIO_free(tmpout); X509_STORE_CTX_free(cert_ctx); OPENSSL_free(buf); - if (indata != NULL) - BIO_pop(p7bio); - BIO_free_all(p7bio); + while (p7bio != NULL && p7bio != indata) { + next = BIO_pop(p7bio); + BIO_free(p7bio); + p7bio = next; + } sk_X509_free(signers); sk_X509_free(untrusted); return ret; diff --git a/crypto/openssl/doc/man3/CMS_decrypt.pod b/crypto/openssl/doc/man3/CMS_decrypt.pod index 121b74a30a10..66a94287b6f5 100644 --- a/crypto/openssl/doc/man3/CMS_decrypt.pod +++ b/crypto/openssl/doc/man3/CMS_decrypt.pod @@ -68,7 +68,7 @@ then the above behaviour is modified and an error B returned if no recipient encrypted key can be decrypted B generating a random content encryption key. Applications should use this flag with B especially in automated gateways as it can leave them -open to attack. +open to attack. See L for more details. It is possible to determine the correct recipient key by other means (for example looking them up in a database) and setting them in the CMS structure @@ -103,7 +103,7 @@ mentioned in CMS_verify() also applies to CMS_decrypt(). =head1 SEE ALSO -L, L +L, L, L =head1 HISTORY diff --git a/crypto/openssl/doc/man3/PKCS7_decrypt.pod b/crypto/openssl/doc/man3/PKCS7_decrypt.pod index aea15937ab86..cfb5b3f87376 100644 --- a/crypto/openssl/doc/man3/PKCS7_decrypt.pod +++ b/crypto/openssl/doc/man3/PKCS7_decrypt.pod @@ -22,6 +22,14 @@ B is an optional set of flags. Although the recipients certificate is not needed to decrypt the data it is needed to locate the appropriate (of possible several) recipients in the PKCS#7 structure. +When RSA PKCS#1 v1.5 Key Transport is in use, the invoked EVP_PKEY_decrypt() +will use implicit rejection mechanism. It always returns the result of RSA +decryption of the symmetric key to avoid Marvin attack. This result is +deterministic and can happen to match the symmetric cipher used for the content +encryption. In case when the certificate is not provided, the last +RecipientInfo producing the key looking valid will be used. It may cause +getting garbage content on decryption. + The following flags can be passed in the B parameter. If the B flag is set MIME headers for type B are deleted @@ -43,7 +51,7 @@ mentioned in PKCS7_sign() also applies to PKCS7_verify(). =head1 SEE ALSO -L, L +L, L, L =head1 COPYRIGHT diff --git a/crypto/openssl/include/internal/quic_cfq.h b/crypto/openssl/include/internal/quic_cfq.h index 0b2a3a4cb2d6..96c8d89eb600 100644 --- a/crypto/openssl/include/internal/quic_cfq.h +++ b/crypto/openssl/include/internal/quic_cfq.h @@ -149,6 +149,7 @@ QUIC_CFQ_ITEM *ossl_quic_cfq_get_priority_head(const QUIC_CFQ *cfq, QUIC_CFQ_ITEM *ossl_quic_cfq_item_get_priority_next(const QUIC_CFQ_ITEM *item, uint32_t pn_space); +int ossl_quic_cfq_discard_unreliable(QUIC_CFQ *cfq, QUIC_CFQ_ITEM *item); #endif #endif diff --git a/crypto/openssl/include/internal/quic_channel.h b/crypto/openssl/include/internal/quic_channel.h index b917b966abeb..cfaeab728178 100644 --- a/crypto/openssl/include/internal/quic_channel.h +++ b/crypto/openssl/include/internal/quic_channel.h @@ -468,6 +468,7 @@ int ossl_quic_bind_channel(QUIC_CHANNEL *ch, const BIO_ADDR *peer, const QUIC_CONN_ID *scid, const QUIC_CONN_ID *dcid, const QUIC_CONN_ID *odcid); +void ossl_ch_reset_rx_state(QUIC_CHANNEL *ch); #endif #endif diff --git a/crypto/openssl/include/internal/quic_fifd.h b/crypto/openssl/include/internal/quic_fifd.h index 4ea7a2e0d226..afa330cbc4a2 100644 --- a/crypto/openssl/include/internal/quic_fifd.h +++ b/crypto/openssl/include/internal/quic_fifd.h @@ -83,6 +83,7 @@ int ossl_quic_fifd_pkt_commit(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *pkt); void ossl_quic_fifd_set_qlog_cb(QUIC_FIFD *fifd, QLOG *(*get_qlog_cb)(void *arg), void *arg); +void ossl_quic_fifd_pkt_discard_unreliable(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *tpkt); #endif #endif diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c index d0b6ae4b070d..5bdc567b4bb1 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c @@ -58,6 +58,9 @@ static int aes_gcm_siv_initkey(void *vctx) memset(&data, 0, sizeof(data)); memcpy(&data.block[sizeof(data.counter)], ctx->nonce, NONCE_SIZE); + ctx->generated_tag = 0; + memset(ctx->tag, 0, TAG_SIZE); + /* msg_auth_key is always 16 bytes in size, regardless of AES128/AES256 */ /* counter is stored little-endian */ for (i = 0; i < BLOCK_SIZE; i += 8) { @@ -134,17 +137,6 @@ static int aes_gcm_siv_aad(PROV_AES_GCM_SIV_CTX *ctx, return 1; } -static int aes_gcm_siv_finish(PROV_AES_GCM_SIV_CTX *ctx) -{ - int ret = 0; - - if (ctx->enc) - return ctx->generated_tag; - ret = !CRYPTO_memcmp(ctx->tag, ctx->user_tag, sizeof(ctx->tag)); - ret &= ctx->have_user_tag; - return ret; -} - static int aes_gcm_siv_encrypt(PROV_AES_GCM_SIV_CTX *ctx, const unsigned char *in, unsigned char *out, size_t len) { @@ -271,6 +263,19 @@ static int aes_gcm_siv_decrypt(PROV_AES_GCM_SIV_CTX *ctx, const unsigned char *i return !error; } +static int aes_gcm_siv_finish(PROV_AES_GCM_SIV_CTX *ctx) +{ + int ret = 0; + + if (ctx->enc) + return ctx->generated_tag; + if (!ctx->generated_tag) + aes_gcm_siv_decrypt(ctx, NULL, NULL, 0); + ret = !CRYPTO_memcmp(ctx->tag, ctx->user_tag, sizeof(ctx->tag)); + ret &= ctx->have_user_tag; + return ret; +} + static int aes_gcm_siv_cipher(void *vctx, unsigned char *out, const unsigned char *in, size_t len) { diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c index b724c425e392..99254cb49a88 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c @@ -514,6 +514,19 @@ static int aes_ocb_cipher(void *vctx, unsigned char *out, size_t *outl, return 0; } + /* + * Mirror the streaming handler: refuse if the key has not been set, + * and push the buffered IV into the OCB context before any data is + * processed. Without this, CRYPTO_ocb128_encrypt/decrypt runs with + * Offset_0 = 0 regardless of the caller's IV -- catastrophic + * (key, nonce) reuse, and a subsequent EVP_*Final_ex() emits a tag + * that is a function of (key, iv) only. + */ + if (!ctx->key_set || !update_iv(ctx)) { + ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); + return 0; + } + if (!aes_generic_ocb_cipher(ctx, in, out, inl)) { ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); return 0; diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c index 96f26757abe2..754e0757cda3 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c @@ -192,6 +192,7 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; const OSSL_PARAM *p; unsigned int speed = 0; + SIV128_CONTEXT *sctx = &ctx->siv; if (ossl_param_is_empty(params)) return 1; @@ -226,6 +227,8 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (keylen != ctx->keylen) return 0; } + sctx->final_ret = -1; + return 1; } diff --git a/crypto/openssl/providers/implementations/exchange/dh_exch.c b/crypto/openssl/providers/implementations/exchange/dh_exch.c index 94d4254ed5d2..2bfefc0aedf4 100644 --- a/crypto/openssl/providers/implementations/exchange/dh_exch.c +++ b/crypto/openssl/providers/implementations/exchange/dh_exch.c @@ -146,12 +146,15 @@ static int dh_init(void *vpdhctx, void *vdh, const OSSL_PARAM params[]) static int dh_match_params(DH *priv, DH *peer) { int ret; + int ignore_q = 1; FFC_PARAMS *dhparams_priv = ossl_dh_get0_params(priv); FFC_PARAMS *dhparams_peer = ossl_dh_get0_params(peer); + if (dhparams_priv != NULL && dhparams_priv->q != NULL) + ignore_q = 0; ret = dhparams_priv != NULL && dhparams_peer != NULL - && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, 1); + && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, ignore_q); if (!ret) ERR_raise(ERR_LIB_PROV, PROV_R_MISMATCHING_DOMAIN_PARAMETERS); return ret; diff --git a/crypto/openssl/ssl/quic/quic_cfq.c b/crypto/openssl/ssl/quic/quic_cfq.c index 3c59234ff0ff..16818e55f57d 100644 --- a/crypto/openssl/ssl/quic/quic_cfq.c +++ b/crypto/openssl/ssl/quic/quic_cfq.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#include "internal/quic_channel.h" #include "internal/quic_cfq.h" #include "internal/numbers.h" @@ -307,6 +308,20 @@ void ossl_quic_cfq_mark_lost(QUIC_CFQ *cfq, QUIC_CFQ_ITEM *item, } } +int ossl_quic_cfq_discard_unreliable(QUIC_CFQ *cfq, QUIC_CFQ_ITEM *item) +{ + int discarded; + + if (ossl_quic_cfq_item_is_unreliable(item)) { + ossl_quic_cfq_release(cfq, item); + discarded = 1; + } else { + discarded = 0; + } + + return discarded; +} + /* * Releases a CFQ item. The item may be in either state (NEW or TX) prior to the * call. The QUIC_CFQ_ITEM pointer must not be used following this call. diff --git a/crypto/openssl/ssl/quic/quic_channel.c b/crypto/openssl/ssl/quic/quic_channel.c index 13692e5bd09e..5f81a8560d5f 100644 --- a/crypto/openssl/ssl/quic/quic_channel.c +++ b/crypto/openssl/ssl/quic/quic_channel.c @@ -2213,6 +2213,12 @@ static void ch_rx_check_forged_pkt_limit(QUIC_CHANNEL *ch) "forgery limit"); } +void ossl_ch_reset_rx_state(QUIC_CHANNEL *ch) +{ + ch->did_crypto_frame = 0; + ch->seen_path_challenge = 0; +} + /* Process queued incoming packets and handle frames, if any. */ static int ch_rx(QUIC_CHANNEL *ch, int channel_only, int *notify_other_threads) { diff --git a/crypto/openssl/ssl/quic/quic_channel_local.h b/crypto/openssl/ssl/quic/quic_channel_local.h index ae443fccca1e..e40b4901cbc7 100644 --- a/crypto/openssl/ssl/quic/quic_channel_local.h +++ b/crypto/openssl/ssl/quic/quic_channel_local.h @@ -12,6 +12,28 @@ #include "internal/quic_stream_map.h" #include "internal/quic_tls.h" +/* + * This is a part of PATH_CHALLENGE flood [1] mitigation. This limits the + * number of PATH_CHALLENGE frames QUIC stack is willing to process for + * connection. Local QUIC stack creates PATH_RESPONSE frame for PATH_CHALLENGE + * frame it receives from remote peer. The response frame is put Control Frame + * Queue waiting to be dispatched. The PATH_RESPONSE frame is removed from CFQ + * after it is dispatched. The QUIC_PATH_RESPONSE_QLEN limits the number of + * PATH_RESPONSE frames waiting to be dispatched. No new PATH_RESPONSE frames + * are inserted into CFQ if queue limit is exceeded. + * + * QUIC implementations use different limits for PATH_RESPONSE queue lengths: + * quic-go defines maxPathResponses as 256 + * quiche from cloadflare sets DEFAULT_MAX_PATH_CHALLENGE_RX_QUEUE_LEN to 3 + * t-quic from tencent chooses MAX_PATH_CHALS_RECV to be 8 + * + * OpenSSL here introduces QUIC_PATH_RESPONSE_QLEN as 32. + * + * [1] https://www.ietf.org/archive/id/draft-chen-quic-logical-vuln-mitigations-00.txt + * (section 4.2) + */ +#define QUIC_PATH_RESPONSE_QLEN 32 + /* * QUIC Channel Structure * ====================== @@ -457,6 +479,18 @@ struct quic_channel_st { /* Has qlog been requested? */ unsigned int is_tserver_ch : 1; + /* + * RFC 9000 Section 9.2.1 says: + * However, an endpoint SHOULD NOT send multiple + * PATH_CHALLENGE frames in a single packet. + * The counter here allows us to detect multiple presence + * of PATH_CHALLENGE frame in packet. We process only the + * first PATH_CHALLENGE frame found in packet. Remaining PATH_CHALLENGE + * frames are ignored. + * seen_path_challenge flag is always reset before + * ossl_quic_handle_frames() gets called. + */ + unsigned int seen_path_challenge : 1; /* Saved error stack in case permanent error was encountered */ ERR_STATE *err_state; @@ -467,6 +501,11 @@ struct quic_channel_st { /* Title for qlog purposes. We own this copy. */ char *qlog_title; + /* + * number of path responses waiting to be dispatched + * from control frame queue (CFQ) + */ + unsigned int path_response_limit; }; #endif diff --git a/crypto/openssl/ssl/quic/quic_fifd.c b/crypto/openssl/ssl/quic/quic_fifd.c index 03b8cebd3057..e80483b501d7 100644 --- a/crypto/openssl/ssl/quic/quic_fifd.c +++ b/crypto/openssl/ssl/quic/quic_fifd.c @@ -310,3 +310,46 @@ void ossl_quic_fifd_set_qlog_cb(QUIC_FIFD *fifd, QLOG *(*get_qlog_cb)(void *arg) fifd->get_qlog_cb = get_qlog_cb; fifd->get_qlog_cb_arg = get_qlog_cb_arg; } + +static void txpim_pkt_remove_cfq_item(QUIC_TXPIM_PKT *pkt, QUIC_CFQ_ITEM *cfq_item) +{ + QUIC_CFQ_ITEM *prev = cfq_item->pkt_prev; + + if (prev != NULL) { + prev->pkt_next = cfq_item->pkt_next; + } else { + pkt->retx_head = cfq_item->pkt_next; + } + + if (cfq_item->pkt_next != NULL) + cfq_item->pkt_next->pkt_prev = prev; + + cfq_item->pkt_prev = NULL; + cfq_item->pkt_next = NULL; +} + +void ossl_quic_fifd_pkt_discard_unreliable(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *pkt) +{ + QUIC_CFQ_ITEM *cfq_item, *cfq_next; + + /* + * The packet has been written to network. We can discard frames we don't + * retransmit when loss is detected. + */ + cfq_item = pkt->retx_head; + while (cfq_item != NULL) { + /* + * Discarded items are moved to free list. If item + * got moved to free list we must also remove it from + * cfq list kept in pkt, so ACKM does not find it when + * receives an ACK for pkt. + */ + if (ossl_quic_cfq_discard_unreliable(fifd->cfq, cfq_item)) { + cfq_next = cfq_item->pkt_next; + txpim_pkt_remove_cfq_item(pkt, cfq_item); + cfq_item = cfq_next; + } else { + cfq_item = cfq_item->pkt_next; + } + } +} diff --git a/crypto/openssl/ssl/quic/quic_port.c b/crypto/openssl/ssl/quic/quic_port.c index 1e247e1ec624..dc79485b96a5 100644 --- a/crypto/openssl/ssl/quic/quic_port.c +++ b/crypto/openssl/ssl/quic/quic_port.c @@ -1666,8 +1666,10 @@ static void port_default_packet_handler(QUIC_URXE *e, void *arg, * forget qrx so channel can create a new one * with valid initial encryption level keys. */ - qrx_src = qrx; - qrx = NULL; + if (qrx != NULL) { + qrx_src = qrx; + qrx = NULL; + } } port_bind_channel(port, &e->peer, &scid, &hdr.dst_conn_id, diff --git a/crypto/openssl/ssl/quic/quic_rx_depack.c b/crypto/openssl/ssl/quic/quic_rx_depack.c index 786af9b4c221..1bdb43b7d639 100644 --- a/crypto/openssl/ssl/quic/quic_rx_depack.c +++ b/crypto/openssl/ssl/quic/quic_rx_depack.c @@ -931,6 +931,12 @@ static int depack_do_frame_retire_conn_id(PACKET *pkt, static void free_path_response(unsigned char *buf, size_t buf_len, void *arg) { + QUIC_CHANNEL *ch = (QUIC_CHANNEL *)arg; + + assert(ch->path_response_limit > 0); + + ch->path_response_limit--; + OPENSSL_free(buf); } @@ -951,33 +957,39 @@ static int depack_do_frame_path_challenge(PACKET *pkt, return 0; } - /* - * RFC 9000 s. 8.2.2: On receiving a PATH_CHALLENGE frame, an endpoint MUST - * respond by echoing the data contained in the PATH_CHALLENGE frame in a - * PATH_RESPONSE frame. - * - * TODO(QUIC FUTURE): We should try to avoid allocation here in the future. - */ - encoded_len = sizeof(uint64_t) + 1; - if ((encoded = OPENSSL_malloc(encoded_len)) == NULL) - goto err; + if (ch->seen_path_challenge == 0 + && ch->path_response_limit < QUIC_PATH_RESPONSE_QLEN) { + /* + * RFC 9000 s. 8.2.2: On receiving a PATH_CHALLENGE frame, an endpoint + * MUST respond by echoing the data contained in the PATH_CHALLENGE + * frame in a PATH_RESPONSE frame. + * + * TODO(QUIC FUTURE): We should try to avoid allocation here in the + * future. + */ + encoded_len = sizeof(uint64_t) + 1; + if ((encoded = OPENSSL_malloc(encoded_len)) == NULL) + goto err; - if (!WPACKET_init_static_len(&wpkt, encoded, encoded_len, 0)) - goto err; + if (!WPACKET_init_static_len(&wpkt, encoded, encoded_len, 0)) + goto err; - if (!ossl_quic_wire_encode_frame_path_response(&wpkt, frame_data)) { - WPACKET_cleanup(&wpkt); - goto err; - } + if (!ossl_quic_wire_encode_frame_path_response(&wpkt, frame_data)) { + WPACKET_cleanup(&wpkt); + goto err; + } - WPACKET_finish(&wpkt); + WPACKET_finish(&wpkt); - if (!ossl_quic_cfq_add_frame(ch->cfq, 0, QUIC_PN_SPACE_APP, - OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, - QUIC_CFQ_ITEM_FLAG_UNRELIABLE, - encoded, encoded_len, - free_path_response, NULL)) - goto err; + if (!ossl_quic_cfq_add_frame(ch->cfq, 0, QUIC_PN_SPACE_APP, + OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, + QUIC_CFQ_ITEM_FLAG_UNRELIABLE, + encoded, encoded_len, + free_path_response, ch)) + goto err; + ch->seen_path_challenge = 1; + ch->path_response_limit++; + } return 1; @@ -1432,7 +1444,7 @@ int ossl_quic_handle_frames(QUIC_CHANNEL *ch, OSSL_QRX_PKT *qpacket) if (ch == NULL) return 0; - ch->did_crypto_frame = 0; + ossl_ch_reset_rx_state(ch); /* Initialize |ackm_data| (and reinitialize |ok|)*/ memset(&ackm_data, 0, sizeof(ackm_data)); diff --git a/crypto/openssl/ssl/quic/quic_txp.c b/crypto/openssl/ssl/quic/quic_txp.c index 44aaad868d2f..b2565c1a9fee 100644 --- a/crypto/openssl/ssl/quic/quic_txp.c +++ b/crypto/openssl/ssl/quic/quic_txp.c @@ -3133,6 +3133,8 @@ static int txp_pkt_commit(OSSL_QUIC_TX_PACKETISER *txp, --probe_info->pto[pn_space]; } + ossl_quic_fifd_pkt_discard_unreliable(&txp->fifd, tpkt); + return rc; } diff --git a/crypto/openssl/test/cmsapitest.c b/crypto/openssl/test/cmsapitest.c index 0752d14df09c..d908bc6fc4c4 100644 --- a/crypto/openssl/test/cmsapitest.c +++ b/crypto/openssl/test/cmsapitest.c @@ -21,6 +21,7 @@ static X509 *cert = NULL; static EVP_PKEY *privkey = NULL; static char *derin = NULL; static char *too_long_iv_cms_in = NULL; +static char *pwri_kek_oob_der_in = NULL; static int test_encrypt_decrypt(const EVP_CIPHER *cipher) { @@ -512,7 +513,48 @@ end: return ret; } -OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile\n") +/* + * CMS EnvelopedData with a single PasswordRecipientInfo using + * id-alg-PWRI-KEK and an AES-128-CFB key encryption cipher + * (1-byte effective block size). The encryptedKey OCTET STRING is + * only two bytes long, so the wrapped key buffer is shorter than + * the seven octets read by the check-byte test in kek_unwrap_key(). + * Prior to CVE-2026-9076 this triggered an out-of-bounds heap read; + * CMS_decrypt() must now fail cleanly. + */ +static int test_pwri_kek_unwrap_short_encrypted_key(void) +{ + BIO *in = NULL; + CMS_ContentInfo *cms = NULL; + unsigned long err = 0; + int ret = 0; + + if (!TEST_ptr(in = BIO_new_file(pwri_kek_oob_der_in, "rb")) + || !TEST_ptr(cms = d2i_CMS_bio(in, NULL))) + goto end; + + /* + * The unwrap is attempted eagerly inside CMS_decrypt_set1_password(). + * It must fail cleanly (no OOB read) and report CMS_R_UNWRAP_FAILURE. + */ + if (!TEST_false(CMS_decrypt_set1_password(cms, + (unsigned char *)"password", -1))) + goto end; + + err = ERR_peek_last_error(); + if (!TEST_int_eq(ERR_GET_LIB(err), ERR_LIB_CMS) + || !TEST_int_eq(ERR_GET_REASON(err), CMS_R_UNWRAP_FAILURE)) + goto end; + + ERR_clear_error(); + ret = 1; +end: + CMS_ContentInfo_free(cms); + BIO_free(in); + return ret; +} + +OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile tooLongIVpem pwriKekOobDer\n") int setup_tests(void) { @@ -527,7 +569,8 @@ int setup_tests(void) if (!TEST_ptr(certin = test_get_argument(0)) || !TEST_ptr(privkeyin = test_get_argument(1)) || !TEST_ptr(derin = test_get_argument(2)) - || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3))) + || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3)) + || !TEST_ptr(pwri_kek_oob_der_in = test_get_argument(4))) *** 235 LINES SKIPPED *** From nobody Tue Jun 9 19:19:53 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyd6f02z6gVXK for ; Tue, 09 Jun 2026 19:19:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyd3wJWz3Qdv for ; Tue, 09 Jun 2026 19:19:53 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032793; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=OVLD569+lxtbae578ncr4WDt6z6O8DwVLHoDj7eYAHs=; b=cwRZShZaNdPO5rz/oHYnTg5WGxCdGyVVWbZgEza00WyMc/RcQe6IIT5M2MoNgGPNVNyscc PjkAon4TrfFgsG6f73cZknowbmf5fXeGu5y5UB74rSQVZl5F5SJFjFULK76JYS0kpFwEPQ UMFhDVT1kDKxGI2leH3gkdZ7shaEhGa7rxsdLkpk9octlQzx9DOMpvbG9kLt2xIkRueuKE ryrelkdodj7LfFex0SFGNj7kb1kyOydLE/85XQU/cO9+90I0qU3DyHQrUSTWCDEFFF9zOr uJiu6a/rogXjHB+4+sF7mAXZz9B8UwRKAeTpSo7VBgkVkJKRbMwRJla7jpUvqA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032793; a=rsa-sha256; cv=none; b=dZgRGj2SJzRCi8OgIsl+jEmImyQFYQ5tWxQklgZ6X4r2O5VLSNSoyU0DdxRDl3FrkvcMuX bVq1W/M0Yaw0B/nvonzLUXSxmZ1I1B85lbXokXR0bg7bs3i408SPHbP6Oaq4/TN6YNhsbI 2thbD7J0gwVO+kaRSebwDHIUkyugcsH4lcyGz1jsrudYuUoQJ+SmRYnhudKBcZ+P+cXacA rqsikRjE2ER69TNbnC49/RSxz0hvGQbmiFS0U2IOOASvpFRDVbN4HpgHUcclbnxeHp1+C5 CtRbp+UmU1kYxMxHOTpyV9RrVKWOUI9XbfVOl1Eil/O5N4YY+0y8dUdObCoHww== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032793; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=OVLD569+lxtbae578ncr4WDt6z6O8DwVLHoDj7eYAHs=; b=gG0O75iBnACRYWlDfryvEECX0Flma3fK4Tz2TZVb4qJfTVl/y52+nUY2gBGuL7tKQeCRnl 3tbqdinjQ6pzlA5WHw1w5r29n6m+IRdYNs/n+Pg6/UpdOwvMU72r+nl5rXtvGjXxE7Z/1u ay5T92/1jGZRqNgaiuUlUm7nymmm4k+A0BgFoVi2d34iMkRPgXDhNhqzB6espbaTgmha6J CsZEQ7jN5VH/9TthMltZCMJSRw2humifwd1PkiYWyx7mI7BW4GDvseGJk57WR4KyVWo4rw 8In93Vnop9ld4vyQe/iDXXqKuSKlb1KAkmt9WXD6CUu8xfPOncU/qHnVvP6c+Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyd3Vx8zp1g for ; Tue, 09 Jun 2026 19:19:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ef39 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:53 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Ed Maste From: Mark Johnston Subject: git: f4cf977dfe92 - releng/15.0 - vt: Avoid integer overflow in CONS_HISTORY ioctl List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: f4cf977dfe9295dd0824ac9ecf041d9974c896cf Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:53 +0000 Message-Id: <6a286759.3ef39.5e311cec@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=f4cf977dfe9295dd0824ac9ecf041d9974c896cf commit f4cf977dfe9295dd0824ac9ecf041d9974c896cf Author: Ed Maste AuthorDate: 2026-05-26 16:19:47 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:32 +0000 vt: Avoid integer overflow in CONS_HISTORY ioctl Approved by: so Security: FreeBSD-SA-26:34.vt Security: CVE-2026-49416 Reviewed by: markj, vexeduxr Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57250 (cherry picked from commit 0ae946e7223df5ef3f7980af1d774d7f593f6421) (cherry picked from commit deaaddf1d3c4283649945553ad7e3208c8424308) --- sys/dev/vt/vt_buf.c | 9 ++++----- sys/dev/vt/vt_core.c | 6 ++++-- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/sys/dev/vt/vt_buf.c b/sys/dev/vt/vt_buf.c index e1e4ebc23491..43657fcecbdc 100644 --- a/sys/dev/vt/vt_buf.c +++ b/sys/dev/vt/vt_buf.c @@ -499,7 +499,6 @@ vtbuf_grow(struct vt_buf *vb, const term_pos_t *p, unsigned int history_size) { term_char_t *old, *new, **rows, **oldrows, **copyrows, *row, *oldrow; unsigned int w, h, c, r, old_history_size; - size_t bufsize, rowssize; int history_full; const teken_attr_t *a; term_char_t ch; @@ -510,10 +509,10 @@ vtbuf_grow(struct vt_buf *vb, const term_pos_t *p, unsigned int history_size) history_size = MAX(history_size, p->tp_row); /* Allocate new buffer. */ - bufsize = history_size * p->tp_col * sizeof(term_char_t); - new = malloc(bufsize, M_VTBUF, M_WAITOK | M_ZERO); - rowssize = history_size * sizeof(term_pos_t *); - rows = malloc(rowssize, M_VTBUF, M_WAITOK | M_ZERO); + new = mallocarray(history_size, p->tp_col * sizeof(term_char_t), + M_VTBUF, M_WAITOK | M_ZERO); + rows = mallocarray(history_size, sizeof(term_pos_t *), M_VTBUF, + M_WAITOK | M_ZERO); /* Toggle it. */ VTBUF_LOCK(vb); diff --git a/sys/dev/vt/vt_core.c b/sys/dev/vt/vt_core.c index b51ef6766de4..7d4a79b4e4a5 100644 --- a/sys/dev/vt/vt_core.c +++ b/sys/dev/vt/vt_core.c @@ -40,6 +40,7 @@ #include #include #include +#include #include #include #include @@ -2766,8 +2767,9 @@ skip_thunk: /* XXX */ return (0); case CONS_HISTORY: - if (*(int *)data < 0) - return EINVAL; + if (*(int *)data < 0 || + *(int *)data > UINT_MAX / USHRT_MAX / sizeof(term_char_t)) + return (EINVAL); if (*(int *)data != vw->vw_buf.vb_history_size) vtbuf_sethistory_size(&vw->vw_buf, *(int *)data); return (0); From nobody Tue Jun 9 19:19:55 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyh0pwRz6gVWC for ; Tue, 09 Jun 2026 19:19:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyg5dFtz3QYk for ; Tue, 09 Jun 2026 19:19:55 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032795; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Gka9XfiKBibwn4fpLSuXhEGLZvh5kXDyxeS/IUc1wsM=; b=aDIsLKUzk1noBwnMWY5iL9BqWNGKl0HiGxTb9D5+PAavqei9B7DOM+EOL6YmMEo8B8uqpL w8Vy/h3sr4Sif9RQPYkcpWeHGGnjcTNJyKu7EDmYJIFgyQZSTac0RY20STfTE9khm2+4Yp V0xF2QlHUdwJBVm+aF8JBQY3re9t7RdKBvsAGg2higRQ3g00RNLwmRAYRkZSWxpI0nCUEw hromOG6jlevjq2MqKzWr7hqtx2FShCH3uTq3NR+p154PXQIag4FnWbA/jPGJZj/zrNbAgR v3GyKfVowWlc33LJwYGw2Xu8DwF3kJIiO4EdU5uTn1yYok4CF7UxdevhQm4FKg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032795; a=rsa-sha256; cv=none; b=M547Qp2xU11tjiEMAeF3hFqfbODsT8Ar79NPSIpRgVMLzEKur91nCtH0vjwCcgrS7iZ1HL qOBLbFnd+Zv8LV9QwgAsmbQzfuUy4jJiEYuhHi8N5Qasl3RK0BAlr9awsoQELP3E9D/FFG XMpsBN4R5t0WkOZnYl3JaakcGRjT1gVs6MO/45+zfvuMsBZLk+XcSL9zpgQw11WdYHQh6r eywa7dJCuaMhp6vJvikjk6Im73fDzrW/PWhLRelGqHzV6+wvY2RDG3L/0XTut8m4e1DnA0 vJWzCKZFMPe18Eb2iJvcFOyQ8jb7M8/f+wR+OanM9kfiVYHoyR88KUhB0V+XuQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032795; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Gka9XfiKBibwn4fpLSuXhEGLZvh5kXDyxeS/IUc1wsM=; b=v3hoRe5WtjaN4AABeeuSZINPOQtX1JwA1DrqWxRLR9s0NcRxAQHX2Q9HSiEP3Izbr+RpdT WsjI5iUzgULEoZG13R2CUNE7helS6QdQhL6xYxSpz+5xvvR9u8JUBrPfMrr7fRAA2wA7F0 P6O9TMU3mqHu4Rjlxed1ZyL4xlFNKqlrFsv9+rjGIdvgyaVATG98KACje6NCFvuAc4Qvze ok1QARZj1vWBrijr4MB40k8iAksNqt7aTAS8yJZOxrbO328d8cmyveNpd+XRYRTIDzyMaN Qt8d6vBkC4HN3Ic0guQXaB/vfH+WtDFMIWUQ4+ej8fO6mpeuaaZ6kHg/dGVf3g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyg54L1znCp for ; Tue, 09 Jun 2026 19:19:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d656 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:55 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: fbb19baa29ce - releng/15.0 - ldns: Fix query response validation List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: fbb19baa29cea586ee13c173afe64180285d2b90 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:55 +0000 Message-Id: <6a28675b.3d656.4a8e086f@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=fbb19baa29cea586ee13c173afe64180285d2b90 commit fbb19baa29cea586ee13c173afe64180285d2b90 Author: Gordon Tetlow AuthorDate: 2026-06-07 15:17:33 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:33 +0000 ldns: Fix query response validation Approved by: so Security: FreeBSD-SA-26:36.ldns Security: CVE-2026-10846 --- contrib/ldns/error.c | 13 +++++++ contrib/ldns/ldns/error.h | 8 ++++- contrib/ldns/net.c | 92 +++++++++++++++++++++++++++++++++++++++++++++-- 3 files changed, 110 insertions(+), 3 deletions(-) diff --git a/contrib/ldns/error.c b/contrib/ldns/error.c index e3fd12112789..4fc05d6d0d8f 100644 --- a/contrib/ldns/error.c +++ b/contrib/ldns/error.c @@ -184,6 +184,19 @@ ldns_lookup_table ldns_error_str[] = { { LDNS_STATUS_INVALID_SVCPARAM_VALUE, "Invalid wireformat of a value " "in the ServiceParam rdata field of SVCB or HTTPS RR" }, + { LDNS_STATUS_NOT_EDE, + "The EDNS option is not an extended error code" }, + { LDNS_STATUS_EDE_OPTION_MALFORMED, + "The extended error code option is malformed, expected " + "at least 2 bytes of option data" }, + { LDNS_STATUS_EQUAL_RR, + "An identical RR already existed in the zone" }, + { LDNS_STATUS_ID_DID_NOT_MATCH, + "Response ID did not match the query ID" }, + { LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + "The query section MUST contain exactly one question" }, + { LDNS_STATUS_QUERY_DID_NOT_MATCH, + "The question in the response did not match the query" }, { 0, NULL } }; diff --git a/contrib/ldns/ldns/error.h b/contrib/ldns/ldns/error.h index 2429b7703dfa..41d64cc0815f 100644 --- a/contrib/ldns/ldns/error.h +++ b/contrib/ldns/ldns/error.h @@ -141,7 +141,13 @@ enum ldns_enum_status { LDNS_STATUS_RESERVED_SVCPARAM_KEY, LDNS_STATUS_NO_SVCPARAM_VALUE_EXPECTED, LDNS_STATUS_SVCPARAM_KEY_MORE_THAN_ONCE, - LDNS_STATUS_INVALID_SVCPARAM_VALUE + LDNS_STATUS_INVALID_SVCPARAM_VALUE, + LDNS_STATUS_NOT_EDE, + LDNS_STATUS_EDE_OPTION_MALFORMED, + LDNS_STATUS_EQUAL_RR, + LDNS_STATUS_ID_DID_NOT_MATCH, + LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + LDNS_STATUS_QUERY_DID_NOT_MATCH }; typedef enum ldns_enum_status ldns_status; diff --git a/contrib/ldns/net.c b/contrib/ldns/net.c index 57d4dff24dbe..215c0cac891c 100644 --- a/contrib/ldns/net.c +++ b/contrib/ldns/net.c @@ -441,6 +441,50 @@ ldns_udp_bgsend2(ldns_buffer *qbin, return ldns_udp_bgsend_from(qbin, to, tolen, NULL, 0, timeout); } +/** helper sockaddr compare function. returns -1, 0 or 1. */ +static int +ldns_sockaddr_cmp(const struct sockaddr_storage* addr1, socklen_t len1, + const struct sockaddr_storage* addr2, socklen_t len2) +{ + struct sockaddr_in* p1_in = (struct sockaddr_in*)addr1; + struct sockaddr_in* p2_in = (struct sockaddr_in*)addr2; + struct sockaddr_in6* p1_in6 = (struct sockaddr_in6*)addr1; + struct sockaddr_in6* p2_in6 = (struct sockaddr_in6*)addr2; + if(len1 < len2) + return -1; + if(len1 > len2) + return 1; + assert(len1 == len2); + if( p1_in->sin_family < p2_in->sin_family) + return -1; + if( p1_in->sin_family > p2_in->sin_family) + return 1; + assert( p1_in->sin_family == p2_in->sin_family ); + /* compare ip4 */ + if( p1_in->sin_family == AF_INET ) { + /* just order it, ntohs not required */ + if(p1_in->sin_port < p2_in->sin_port) + return -1; + if(p1_in->sin_port > p2_in->sin_port) + return 1; + assert(p1_in->sin_port == p2_in->sin_port); + return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, + sizeof(p1_in->sin_addr)); + } else if (p1_in6->sin6_family == AF_INET6) { + /* just order it, ntohs not required */ + if(p1_in6->sin6_port < p2_in6->sin6_port) + return -1; + if(p1_in6->sin6_port > p2_in6->sin6_port) + return 1; + assert(p1_in6->sin6_port == p2_in6->sin6_port); + return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr, + sizeof(p1_in6->sin6_addr)); + } else { + /* eek unknown type, perform this comparison for sanity. */ + return memcmp(addr1, addr2, len1); + } +} + static ldns_status ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to , socklen_t tolen, @@ -449,6 +493,8 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, { int sockfd; uint8_t *answer; + struct sockaddr_storage reply_addr; + socklen_t reply_addr_len; sockfd = ldns_udp_bgsend_from(qbin, to, tolen, from, fromlen, timeout); @@ -467,13 +513,21 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, * but returns a 'NETWORK_ERROR' much like a timeout. */ ldns_sock_nonblock(sockfd); - answer = ldns_udp_read_wire(sockfd, answer_size, NULL, NULL); + reply_addr_len = sizeof(reply_addr); + memset(&reply_addr, 0, reply_addr_len); + answer = ldns_udp_read_wire(sockfd, answer_size, &reply_addr, + &reply_addr_len); close_socket(sockfd); if (!answer) { /* oops */ return LDNS_STATUS_NETWORK_ERR; } + /* Check that the reply came from the to addr. */ + if(ldns_sockaddr_cmp(to, tolen, &reply_addr, reply_addr_len) != 0) { + free(answer); + return LDNS_STATUS_NETWORK_ERR; + } *result = answer; return LDNS_STATUS_OK; @@ -512,6 +566,10 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf assert(r != NULL); + /* The query should at least have one question */ + if(ldns_buffer_limit(qb) < 6 || ldns_buffer_read_u16_at(qb, 4) != 1) + return LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + status = LDNS_STATUS_OK; rtt = ldns_resolver_rtt(r); ns_array = ldns_resolver_nameservers(r); @@ -599,6 +657,16 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf ldns_resolver_set_nameserver_rtt(r, i, LDNS_RESOLV_RTT_INF); status = send_status; } + if(reply_bytes && ldns_buffer_limit(qb) >= 2) { + uint16_t txid = ldns_buffer_read_u16_at(qb, 0); + if(reply_size < 2 || + ldns_read_uint16(reply_bytes) != txid) { + status = LDNS_STATUS_ID_DID_NOT_MATCH; + LDNS_FREE(reply_bytes); + reply_bytes = NULL; + reply_size = 0; + } + } /* obey the fail directive */ if (!reply_bytes) { @@ -608,7 +676,7 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf LDNS_FREE(src); } LDNS_FREE(ns); - return LDNS_STATUS_ERR; + return status ? status : LDNS_STATUS_ERR; } else { LDNS_FREE(ns); continue; @@ -670,6 +738,26 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf #endif /* HAVE_SSL */ LDNS_FREE(reply_bytes); + if (reply) { + ldns_pkt *query = NULL; + + if(ldns_pkt_qdcount(reply) != 1) { + status = LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + ldns_pkt_free(reply); + reply = NULL; + + } else if(ldns_wire2pkt(&query + , ldns_buffer_begin(qb) + , ldns_buffer_position(qb)) != LDNS_STATUS_OK + || ldns_pkt_qdcount(query) != 1 + || ldns_rr_compare(ldns_rr_list_rr(ldns_pkt_question(query),0) + ,ldns_rr_list_rr(ldns_pkt_question(reply),0))){ + status = LDNS_STATUS_QUERY_DID_NOT_MATCH; + ldns_pkt_free(reply); + reply = NULL; + } + ldns_pkt_free(query); + } if (result) { *result = reply; } From nobody Tue Jun 9 19:19:52 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyc6fQYz6gVMF for ; Tue, 09 Jun 2026 19:19:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyc37D2z3QPZ for ; Tue, 09 Jun 2026 19:19:52 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032792; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=XfZrvU6sqd8qVMjeBG2KCnG8k6orzaLatLOfVX2/7BI=; b=V69Fm8NU1HpWjNrA2AoqY9HMdBMv1sWx73rz78VgSBmoidfzW66Vm+akWi64IRPfAdKA1k oFlN8jtsR9RH6suUu/EaCEeSojspUm/FrXDHLPhBY9R9ztBUhpC7Kr0wgAZPx6fnBlIho9 KJyEOcpiON+CADucIxy8iwvIWC95kybBVb+zfOBPrkBqQ6xBXFDj2v+tpV4sarEfmx4C/9 VT2diPANAVlJAmGOoayoPsWbczeQYh4Hvc5/A4D0Hrl5vyfx0we26Hif8b4ZJnSkHeMpOp IPacWCEo9/gpV4nBwTYpkW3Nvxwp9ZTSAzn+rQeTsfD0V5BJqVyfrfB8dwgW4g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032792; a=rsa-sha256; cv=none; b=vJnKvt1LD51WyyUyeJGAQ91/1gwCFrv7SIM+d+K7tTiKaWtwVbUes/Ptnzt9xgnwANSh5i lc+uO+C3jWsKlKrw3dF2U2bbDd3l4dtyU01r5DRj7dQblhBOgi0+TX6thxWcjtfFH/H7u7 ohd5zG9+LwkhrcxBSAlr7qSnhYf563BaL9qBiyoIVMmTGQfn6S/1K2Ed7ZtrcGizgOcOHv t5JcOQvJHmeZwsej7vpcqgBx+VDaNxIYFV91Yc26itGZVimgOLwn+DTtn3yllaRP7gHgsB J2kPC2FjHPywWOWOMPvlkz19Y1a81ZRnFTaBC4vH5LP1eXOHwjmM/6H7tDPVZQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032792; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=XfZrvU6sqd8qVMjeBG2KCnG8k6orzaLatLOfVX2/7BI=; b=hbV02QWdrjdnq7YusR5rB9Z6do6MgVoYBuzpIhqlI37yOUGCsJH20X2ITphdTVW5RXNkdc GwpyM9gbO3F4YN3dkpt+VQyZEruDTKQ08eewvL93gZYRD9h0jqlSxBwWBY8xoGUKJ1b058 eqFqyg83PRuyQQfyY+Yt1C2IEOC5EQGP3mbH3Y9Y2CNG08DDyxS8VRnK5HKqbocd++OLpS EJi3z2Yu7sjeLsDMwRukmQNXwkuvuVN+06Oac1ZUKJ+tsKNPmeqVHPnbyoYfNRbbA+pzvc braOhTc2qJHjHIT1qK54eSUe3qLRPb4QKa8huzfEKcLTFs7LFL3QOdYn6HA1iQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyc2gHPznwG for ; Tue, 09 Jun 2026 19:19:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d651 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:52 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav From: Mark Johnston Subject: git: 6160bd311a1b - releng/15.0 - unbound: Apply upstream patches List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: 6160bd311a1be94e7c7ad8a0440401bd6f9f8075 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:52 +0000 Message-Id: <6a286758.3d651.1ac68b44@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=6160bd311a1be94e7c7ad8a0440401bd6f9f8075 commit 6160bd311a1be94e7c7ad8a0440401bd6f9f8075 Author: Dag-Erling Smørgrav AuthorDate: 2026-05-29 22:21:50 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:39:32 +0000 unbound: Apply upstream patches - Use the same EDE removal logic when encoding errors as when encoding replies. - Fix CVE-2026-33278, Possible remote code execution during DNSSEC validation. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-42944, Heap overflow and crash with multiple nsid, cookie, padding EDNS options. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-42959, Crash during DNSSEC validation of malicious content. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-32792, Packet of death with DNSCrypt. Thanks to Andrew Griffiths from 'calif.io' for the report. - Fix CVE-2026-40622, "Ghost domain name" variant. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-41292, Parsing a long list of incoming EDNS options degrades performance. Thanks to GitHub user 'N0zoM1z0', also Qifan Zhang from Palo Alto Networks, for the report. - Fix CVE-2026-42534, Jostle logic bypass degrades resolution performance. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-42923, Degradation of service with unbounded NSEC3 hash calculations. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-42960, Possible cache poisoning attack while following delegation. Thanks to TaoFei Guo from Peking University, Yang Luo and JianJun Chen, Tsinghua University, for the report. - Fix CVE-2026-44390, Unbounded name compression in certain cases causes degradation of service. Thanks to Qifan Zhang, Palo Alto Networks, for the report. - Fix CVE-2026-44608, Use after free and crash in RPZ code. Thanks to Qifan Zhang, Palo Alto Networks, for the report. Approved by: so Security: FreeBSD-SA-26:33.unbound Security: CVE-2026-33278 Security: CVE-2026-42944 Security: CVE-2026-42959 Security: CVE-2026-32792 Security: CVE-2026-40622 Security: CVE-2026-41292 Security: CVE-2026-42534 Security: CVE-2026-42923 Security: CVE-2026-42960 Security: CVE-2026-44390 Security: CVE-2026-44608 --- contrib/unbound/dnscrypt/dnscrypt.c | 2 +- contrib/unbound/iterator/iter_scrub.c | 8 +++- contrib/unbound/services/cache/dns.c | 8 +++- contrib/unbound/services/cache/rrset.c | 10 +++++ contrib/unbound/services/mesh.c | 14 +++++-- contrib/unbound/services/mesh.h | 6 +++ contrib/unbound/services/rpz.c | 10 +++-- contrib/unbound/util/data/msgencode.c | 54 ++++++++++++++++-------- contrib/unbound/util/data/msgencode.h | 4 +- contrib/unbound/util/data/msgparse.c | 19 ++++++--- contrib/unbound/util/data/msgparse.h | 4 ++ contrib/unbound/validator/val_neg.c | 28 ++++++++++++- contrib/unbound/validator/val_nsec3.c | 76 +++++++++++++++++++++++++++++++--- contrib/unbound/validator/val_nsec3.h | 6 +++ contrib/unbound/validator/val_utils.c | 4 +- 15 files changed, 209 insertions(+), 44 deletions(-) diff --git a/contrib/unbound/dnscrypt/dnscrypt.c b/contrib/unbound/dnscrypt/dnscrypt.c index 4902447fda01..173484cdf0b1 100644 --- a/contrib/unbound/dnscrypt/dnscrypt.c +++ b/contrib/unbound/dnscrypt/dnscrypt.c @@ -361,7 +361,7 @@ dnscrypt_server_uncurve(struct dnsc_env* env, len -= DNSCRYPT_QUERY_HEADER_SIZE; - while (*sldns_buffer_at(buffer, --len) == 0) + while (len>0 && *sldns_buffer_at(buffer, --len) == 0) ; if (*sldns_buffer_at(buffer, len) != 0x80) { diff --git a/contrib/unbound/iterator/iter_scrub.c b/contrib/unbound/iterator/iter_scrub.c index 8507a3fb65ac..852705db3ee9 100644 --- a/contrib/unbound/iterator/iter_scrub.c +++ b/contrib/unbound/iterator/iter_scrub.c @@ -725,7 +725,13 @@ scrub_normalize(sldns_buffer* pkt, struct msg_parse* msg, rrset->rrset_all_next = NULL; return 1; } - mark_additional_rrset(pkt, msg, rrset); + /* Only mark glue as allowed for type NS in the authority + * section. Other RR types do not get glue for them, it + * is allowed from the answer section, but not authority + * so that a message can not have address records cached + * as a side effect to the query. */ + if(rrset->type==LDNS_RR_TYPE_NS) + mark_additional_rrset(pkt, msg, rrset); prev = rrset; rrset = rrset->rrset_all_next; } diff --git a/contrib/unbound/services/cache/dns.c b/contrib/unbound/services/cache/dns.c index 351b3568c80b..8dae2ffcca90 100644 --- a/contrib/unbound/services/cache/dns.c +++ b/contrib/unbound/services/cache/dns.c @@ -675,10 +675,16 @@ struct dns_msg* dns_msg_deepcopy_region(struct dns_msg* origin, struct regional* region) { size_t i; + struct ub_packed_rrset_key** saved_rrsets; struct dns_msg* res = NULL; + size_t rep_alloc_size = sizeof(struct reply_info) + - sizeof(struct rrset_ref); /* this is the size of res->rep + allocated in gen_dns_msg() */ res = gen_dns_msg(region, &origin->qinfo, origin->rep->rrset_count); if(!res) return NULL; - *res->rep = *origin->rep; + saved_rrsets = res->rep->rrsets; /* save rrsets alloc by gen_dns_msg */ + memcpy(res->rep, origin->rep, rep_alloc_size); + res->rep->rrsets = saved_rrsets; if(origin->rep->reason_bogus_str) { res->rep->reason_bogus_str = regional_strdup(region, origin->rep->reason_bogus_str); diff --git a/contrib/unbound/services/cache/rrset.c b/contrib/unbound/services/cache/rrset.c index 6d5c24f8053e..81f4e2820edd 100644 --- a/contrib/unbound/services/cache/rrset.c +++ b/contrib/unbound/services/cache/rrset.c @@ -149,6 +149,16 @@ need_to_update_rrset(void* nd, void* cd, time_t timenow, int equal, int ns) if(equal && cached->ttl >= timenow && cached->security == sec_status_bogus) return 0; + /* ghost-domain: never let an NS overwrite extend lifetime + * past the entry it replaces, regardless of trust. */ + if(ns && !TTL_IS_EXPIRED(cached->ttl, timenow) && + newd->ttl > cached->ttl) { + size_t i; + newd->ttl = cached->ttl; + for(i=0; i<(newd->count+newd->rrsig_count); i++) + if(newd->rr_ttl[i] > newd->ttl) + newd->rr_ttl[i] = newd->ttl; + } return 1; } /* o item in cache has expired */ diff --git a/contrib/unbound/services/mesh.c b/contrib/unbound/services/mesh.c index 3212a6abf4c6..23499dcef960 100644 --- a/contrib/unbound/services/mesh.c +++ b/contrib/unbound/services/mesh.c @@ -296,12 +296,14 @@ int mesh_make_new_space(struct mesh_area* mesh, sldns_buffer* qbuf) if(mesh->num_reply_states < mesh->max_reply_states) return 1; /* try to kick out a jostle-list item */ - if(m && m->reply_list && m->list_select == mesh_jostle_list) { + if(m && m->list_select == mesh_jostle_list) { /* how old is it? */ struct timeval age; - timeval_subtract(&age, mesh->env->now_tv, - &m->reply_list->start_time); - if(timeval_smaller(&mesh->jostle_max, &age)) { + if(m->has_first_reply_time) + timeval_subtract(&age, mesh->env->now_tv, + &m->first_reply_time); + if(!m->has_first_reply_time || + timeval_smaller(&mesh->jostle_max, &age)) { /* its a goner */ log_nametypeclass(VERB_ALGO, "query jostled out to " "make space for a new one", @@ -1960,6 +1962,10 @@ int mesh_state_add_reply(struct mesh_state* s, struct edns_data* edns, r->qid = qid; r->qflags = qflags; r->start_time = *s->s.env->now_tv; + if(s->reply_list == NULL && !s->has_first_reply_time) { + s->first_reply_time = r->start_time; + s->has_first_reply_time = 1; + } r->next = s->reply_list; r->qname = regional_alloc_init(s->s.region, qinfo->qname, s->s.qinfo.qname_len); diff --git a/contrib/unbound/services/mesh.h b/contrib/unbound/services/mesh.h index f19f423a8cd3..a61f90993177 100644 --- a/contrib/unbound/services/mesh.h +++ b/contrib/unbound/services/mesh.h @@ -189,6 +189,12 @@ struct mesh_state { struct module_qstate s; /** the list of replies to clients for the results */ struct mesh_reply* reply_list; + /** if it has a first reply time */ + int has_first_reply_time; + /** wall-clock time the first client reply was attached; + * used by mesh_make_new_space() so duplicate retransmits + * cannot reset jostle aging. */ + struct timeval first_reply_time; /** the list of callbacks for the results */ struct mesh_cb* cb_list; /** set of superstates (that want this state's result) diff --git a/contrib/unbound/services/rpz.c b/contrib/unbound/services/rpz.c index f45cf65420d7..27f7de861eac 100644 --- a/contrib/unbound/services/rpz.c +++ b/contrib/unbound/services/rpz.c @@ -2468,6 +2468,7 @@ rpz_callback_from_iterator_module(struct module_qstate* ms, struct iter_qstate* { struct auth_zones* az; struct auth_zone* a; + struct dns_msg* ret = NULL; struct clientip_synthesized_rr* raddr = NULL; struct rpz* r = NULL; struct local_zone* z = NULL; @@ -2511,13 +2512,11 @@ rpz_callback_from_iterator_module(struct module_qstate* ms, struct iter_qstate* z = rpz_delegation_point_zone_lookup(is->dp, r->nsdname_zones, is->qchase.qclass, &match); if(z != NULL) { - lock_rw_unlock(&a->lock); break; } raddr = rpz_delegation_point_ipbased_trigger_lookup(r, is); if(raddr != NULL) { - lock_rw_unlock(&a->lock); break; } lock_rw_unlock(&a->lock); @@ -2532,9 +2531,12 @@ rpz_callback_from_iterator_module(struct module_qstate* ms, struct iter_qstate* if(z) { lock_rw_unlock(&z->lock); } - return rpz_apply_nsip_trigger(ms, &is->qchase, r, raddr, a); + ret = rpz_apply_nsip_trigger(ms, &is->qchase, r, raddr, a); + } else { + ret = rpz_apply_nsdname_trigger(ms, &is->qchase, r, z, &match, a); } - return rpz_apply_nsdname_trigger(ms, &is->qchase, r, z, &match, a); + lock_rw_unlock(&a->lock); + return ret; } struct dns_msg* rpz_callback_from_iterator_cname(struct module_qstate* ms, diff --git a/contrib/unbound/util/data/msgencode.c b/contrib/unbound/util/data/msgencode.c index 84aa3b9e75ae..f84c491b1c9f 100644 --- a/contrib/unbound/util/data/msgencode.c +++ b/contrib/unbound/util/data/msgencode.c @@ -352,7 +352,6 @@ compress_any_dname(uint8_t* dname, sldns_buffer* pkt, int labs, (p = compress_tree_lookup(tree, dname, labs, &insertpt))) { if(!write_compressed_dname(pkt, dname, labs, p)) return RETVAL_TRUNC; - (*compress_count)++; } else { if(!dname_buffer_write(pkt, dname)) return RETVAL_TRUNC; @@ -360,6 +359,7 @@ compress_any_dname(uint8_t* dname, sldns_buffer* pkt, int labs, if(*compress_count < MAX_COMPRESSION_PER_MESSAGE && !compress_tree_store(dname, labs, pos, region, p, insertpt)) return RETVAL_OUTMEM; + (*compress_count)++; return RETVAL_OK; } @@ -804,7 +804,7 @@ reply_info_encode(struct query_info* qinfo, struct reply_info* rep, return 1; } -uint16_t +size_t calc_edns_field_size(struct edns_data* edns) { size_t rdatalen = 0; @@ -840,7 +840,7 @@ calc_edns_option_size(struct edns_data* edns, uint16_t code) } uint16_t -calc_ede_option_size(struct edns_data* edns, uint16_t* txt_size) +calc_ede_option_size(struct edns_data* edns, size_t* txt_size) { size_t rdatalen = 0; struct edns_option* opt; @@ -942,6 +942,10 @@ attach_edns_record_max_msg_sz(sldns_buffer* pkt, struct edns_data* edns, padding_option = opt; continue; } + if(sldns_buffer_position(pkt) + opt->opt_len + 4 > max_msg_sz) + break; /* no space for it */ + if(!sldns_buffer_available(pkt, 4 + opt->opt_len)) + break; sldns_buffer_write_u16(pkt, opt->opt_code); sldns_buffer_write_u16(pkt, opt->opt_len); if(opt->opt_len != 0) @@ -952,12 +956,18 @@ attach_edns_record_max_msg_sz(sldns_buffer* pkt, struct edns_data* edns, padding_option = opt; continue; } + if(sldns_buffer_position(pkt) + opt->opt_len + 4 > max_msg_sz) + break; /* no space for it */ + if(!sldns_buffer_available(pkt, 4 + opt->opt_len)) + break; sldns_buffer_write_u16(pkt, opt->opt_code); sldns_buffer_write_u16(pkt, opt->opt_len); if(opt->opt_len != 0) sldns_buffer_write(pkt, opt->opt_data, opt->opt_len); } - if (padding_option && edns->padding_block_size ) { + if (padding_option && edns->padding_block_size && + sldns_buffer_position(pkt)+4 <= max_msg_sz && + sldns_buffer_available(pkt, 4) /* if there is space for it */) { size_t pad_pos = sldns_buffer_position(pkt); size_t msg_sz = ((pad_pos + 3) / edns->padding_block_size + 1) * edns->padding_block_size; @@ -1001,7 +1011,7 @@ reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, { uint16_t flags; unsigned int attach_edns = 0; - uint16_t edns_field_size, ede_size, ede_txt_size; + size_t edns_field_size, ede_size, ede_txt_size; if(!cached || rep->authoritative) { /* original flags, copy RD and CD bits from query. */ @@ -1028,12 +1038,12 @@ reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, * calculate sizes once here */ edns_field_size = calc_edns_field_size(edns); ede_size = calc_ede_option_size(edns, &ede_txt_size); - if(sldns_buffer_capacity(pkt) < udpsize) + if(sldns_buffer_capacity(pkt) < (size_t)udpsize) udpsize = sldns_buffer_capacity(pkt); if(!edns || !edns->edns_present) { attach_edns = 0; /* EDEs are optional, try to fit anything else before them */ - } else if(udpsize < LDNS_HEADER_SIZE + edns_field_size - ede_size) { + } else if((size_t)udpsize < (size_t)LDNS_HEADER_SIZE + edns_field_size - ede_size) { /* packet too small to contain edns, omit it. */ attach_edns = 0; } else { @@ -1047,13 +1057,13 @@ reply_info_answer_encode(struct query_info* qinf, struct reply_info* rep, return 0; } if(attach_edns) { - if(udpsize >= sldns_buffer_limit(pkt) + edns_field_size) + if((size_t)udpsize >= sldns_buffer_limit(pkt) + edns_field_size) attach_edns_record_max_msg_sz(pkt, edns, udpsize); - else if(udpsize >= sldns_buffer_limit(pkt) + edns_field_size - ede_txt_size) { + else if((size_t)udpsize >= sldns_buffer_limit(pkt) + edns_field_size - ede_txt_size) { ede_trim_text(&edns->opt_list_inplace_cb_out); ede_trim_text(&edns->opt_list_out); attach_edns_record_max_msg_sz(pkt, edns, udpsize); - } else if(udpsize >= sldns_buffer_limit(pkt) + edns_field_size - ede_size) { + } else if((size_t)udpsize >= sldns_buffer_limit(pkt) + edns_field_size - ede_size) { edns_opt_list_remove(&edns->opt_list_inplace_cb_out, LDNS_EDNS_EDE); edns_opt_list_remove(&edns->opt_list_out, LDNS_EDNS_EDE); attach_edns_record_max_msg_sz(pkt, edns, udpsize); @@ -1115,22 +1125,30 @@ extended_error_encode(sldns_buffer* buf, uint16_t rcode, sldns_buffer_write_u16(buf, qinfo->qclass); } sldns_buffer_flip(buf); - if(edns) { + if(edns && edns->edns_present) { + size_t edns_field_size, ede_size, ede_txt_size; struct edns_data es = *edns; es.edns_version = EDNS_ADVERTISED_VERSION; es.udp_size = EDNS_ADVERTISED_SIZE; es.ext_rcode = (uint8_t)(rcode >> 4); es.bits &= EDNS_DO; - if(sldns_buffer_limit(buf) + calc_edns_field_size(&es) > - edns->udp_size) { + /* EDEs are optional. If space is a concern try in order: + * - removing any EXTRA-TEXT fields from explicit EDEs, or + * - removing all EDEs, + * to see if EDNS can fit. */ + edns_field_size = calc_edns_field_size(&es); + ede_size = calc_ede_option_size(&es, &ede_txt_size); + if((size_t)edns->udp_size >= sldns_buffer_limit(buf) + edns_field_size) + attach_edns_record_max_msg_sz(buf, &es, edns->udp_size); + else if((size_t)edns->udp_size >= sldns_buffer_limit(buf) + edns_field_size - ede_txt_size) { + ede_trim_text(&es.opt_list_inplace_cb_out); + ede_trim_text(&es.opt_list_out); + attach_edns_record_max_msg_sz(buf, &es, edns->udp_size); + } else if((size_t)edns->udp_size >= sldns_buffer_limit(buf) + edns_field_size - ede_size) { edns_opt_list_remove(&es.opt_list_inplace_cb_out, LDNS_EDNS_EDE); edns_opt_list_remove(&es.opt_list_out, LDNS_EDNS_EDE); - if(sldns_buffer_limit(buf) + calc_edns_field_size(&es) > - edns->udp_size) { - return; - } + attach_edns_record_max_msg_sz(buf, &es, edns->udp_size); } - attach_edns_record(buf, &es); } } diff --git a/contrib/unbound/util/data/msgencode.h b/contrib/unbound/util/data/msgencode.h index 08fcb59b8e36..64569555dc59 100644 --- a/contrib/unbound/util/data/msgencode.h +++ b/contrib/unbound/util/data/msgencode.h @@ -106,7 +106,7 @@ void qinfo_query_encode(struct sldns_buffer* pkt, struct query_info* qinfo); * @param edns: edns data or NULL. * @return octets to reserve for EDNS. */ -uint16_t calc_edns_field_size(struct edns_data* edns); +size_t calc_edns_field_size(struct edns_data* edns); /** * Calculate the size of a specific EDNS option in packet. @@ -127,7 +127,7 @@ uint16_t calc_edns_option_size(struct edns_data* edns, uint16_t code); * extra text. * @return octets the option will take up. */ -uint16_t calc_ede_option_size(struct edns_data* edns, uint16_t* txt_size); +uint16_t calc_ede_option_size(struct edns_data* edns, size_t* txt_size); /** * Attach EDNS record to buffer. Buffer has complete packet. There must diff --git a/contrib/unbound/util/data/msgparse.c b/contrib/unbound/util/data/msgparse.c index 6963d850171e..169709b7e3c0 100644 --- a/contrib/unbound/util/data/msgparse.c +++ b/contrib/unbound/util/data/msgparse.c @@ -53,6 +53,8 @@ #include "sldns/parseutil.h" #include "sldns/wire2str.h" +#define MAX_PARSED_EDNS_OPTIONS 100 + /** smart comparison of (compressed, valid) dnames from packet */ static int smart_compare(sldns_buffer* pkt, uint8_t* dnow, @@ -950,6 +952,7 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, struct comm_reply* repinfo, uint32_t now, struct regional* region, struct cookie_secrets* cookie_secrets) { + int i = 0, nsid_seen = 0, cookie_seen = 0, padding_seen = 0; /* To respond with a Keepalive option, the client connection must have * received one message with a TCP Keepalive EDNS option, and that * option must have 0 length data. Subsequent messages sent on that @@ -969,7 +972,7 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, /* while still more options, and have code+len to read */ /* ignores partial content (i.e. rdata len 3) */ - while(rdata_len >= 4) { + while(rdata_len >= 4 && i < MAX_PARSED_EDNS_OPTIONS) { uint16_t opt_code = sldns_read_uint16(rdata_ptr); uint16_t opt_len = sldns_read_uint16(rdata_ptr+2); uint8_t server_cookie[40]; @@ -984,8 +987,9 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, /* handle parse time edns options here */ switch(opt_code) { case LDNS_EDNS_NSID: - if (!cfg || !cfg->nsid) + if (!cfg || !cfg->nsid || nsid_seen) break; + nsid_seen = 1; if(!edns_opt_list_append(&edns->opt_list_out, LDNS_EDNS_NSID, cfg->nsid_len, cfg->nsid, region)) { @@ -1027,8 +1031,9 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, case LDNS_EDNS_PADDING: if(!cfg || !cfg->pad_responses || - !c || c->type != comm_tcp ||!c->ssl) + !c || c->type != comm_tcp ||!c->ssl || padding_seen) break; + padding_seen = 1; if(!edns_opt_list_append(&edns->opt_list_out, LDNS_EDNS_PADDING, 0, NULL, region)) { @@ -1039,8 +1044,9 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, break; case LDNS_EDNS_COOKIE: - if(!cfg || !cfg->do_answer_cookie || !repinfo) + if(!cfg || !cfg->do_answer_cookie || !repinfo || cookie_seen) break; + cookie_seen = 1; if(opt_len != 8 && (opt_len < 16 || opt_len > 40)) { verbose(VERB_ALGO, "worker request: " "badly formatted cookie"); @@ -1146,6 +1152,7 @@ parse_edns_options_from_query(uint8_t* rdata_ptr, size_t rdata_len, } rdata_ptr += opt_len; rdata_len -= opt_len; + i++; } return LDNS_RCODE_NOERROR; } @@ -1160,6 +1167,7 @@ parse_extract_edns_from_response_msg(struct msg_parse* msg, struct rrset_parse* found_prev = 0; size_t rdata_len; uint8_t* rdata_ptr; + int i = 0; /* since the class encodes the UDP size, we cannot use hash table to * find the EDNS OPT record. Scan the packet. */ while(rrset) { @@ -1219,7 +1227,7 @@ parse_extract_edns_from_response_msg(struct msg_parse* msg, /* while still more options, and have code+len to read */ /* ignores partial content (i.e. rdata len 3) */ - while(rdata_len >= 4) { + while(rdata_len >= 4 && i < MAX_PARSED_EDNS_OPTIONS) { uint16_t opt_code = sldns_read_uint16(rdata_ptr); uint16_t opt_len = sldns_read_uint16(rdata_ptr+2); rdata_ptr += 4; @@ -1234,6 +1242,7 @@ parse_extract_edns_from_response_msg(struct msg_parse* msg, } rdata_ptr += opt_len; rdata_len -= opt_len; + i++; } /* ignore rrsigs */ return LDNS_RCODE_NOERROR; diff --git a/contrib/unbound/util/data/msgparse.h b/contrib/unbound/util/data/msgparse.h index 7de4e394f2ae..d6e459d330ce 100644 --- a/contrib/unbound/util/data/msgparse.h +++ b/contrib/unbound/util/data/msgparse.h @@ -98,6 +98,10 @@ extern time_t SERVE_EXPIRED_REPLY_TTL; /** If we serve the original TTL or decrementing TTLs */ extern int SERVE_ORIGINAL_TTL; +/** Check if TTL is expired. 0 TTL is considered expired. + * Used mainly to identify parts of the code that do this comparison. */ +#define TTL_IS_EXPIRED(ttl, now) ((ttl) <= (now)) + /** * Data stored in scratch pad memory during parsing. * Stores the data that will enter into the msgreply and packet result. diff --git a/contrib/unbound/validator/val_neg.c b/contrib/unbound/validator/val_neg.c index bc3a83aeb4c9..0f2751121326 100644 --- a/contrib/unbound/validator/val_neg.c +++ b/contrib/unbound/validator/val_neg.c @@ -62,6 +62,13 @@ #include "sldns/rrdef.h" #include "sldns/sbuffer.h" +/** + * The maximum salt length that the negative cache is willing to use. + * Larger salt increases the computation time, while recommendations are + * for zero salt length for zones. + */ +#define MAX_SALT_LENGTH 64 + int val_neg_data_compare(const void* a, const void* b) { struct val_neg_data* x = (struct val_neg_data*)a; @@ -826,7 +833,11 @@ void neg_insert_data(struct val_neg_cache* neg, (slen != 0 && zone->nsec3_salt && s && memcmp(zone->nsec3_salt, s, slen) != 0))) { - if(slen > 0) { + if(slen > MAX_SALT_LENGTH) { + /* RFC 9276 s3.1: operators SHOULD NOT use a salt; large + * salts inflate per-hash block count. Decline to cache. */ + return; + } else if(slen > 0) { uint8_t* sa = memdup(s, slen); if(sa) { free(zone->nsec3_salt); @@ -1169,6 +1180,15 @@ neg_find_nsec3_ce(struct val_neg_zone* zone, uint8_t* qname, size_t qname_len, uint8_t hashce[NSEC3_SHA_LEN]; uint8_t b32[257]; size_t celen, b32len; + int hashmax = MAX_NSEC3_CALCULATIONS; + if(qlabs > hashmax) { + /* strip leading labels so the walk costs at most + * MAX_NSEC3_CALCULATIONS hashes, mirroring val_nsec3.c */ + while(qlabs > hashmax) { + dname_remove_label(&qname, &qname_len); + qlabs--; + } + } *nclen = 0; while(qlabs > 0) { @@ -1269,6 +1289,12 @@ neg_nsec3_proof_ds(struct val_neg_zone* zone, uint8_t* qname, size_t qname_len, if(!zone->nsec3_hash) return NULL; /* not nsec3 zone */ + if(!topname && qlabs > zone->labs + 1) + return NULL; /* iterator caller; opt-out proof would be discarded + * at the !topname check below anyway. + * The qlabs check allows the exact-match for + * the one-label-below-zone case. */ + if(!(data=neg_find_nsec3_ce(zone, qname, qname_len, qlabs, buf, hashnc, &nclen))) { return NULL; diff --git a/contrib/unbound/validator/val_nsec3.c b/contrib/unbound/validator/val_nsec3.c index 998fcc4e38ee..62effde2093f 100644 --- a/contrib/unbound/validator/val_nsec3.c +++ b/contrib/unbound/validator/val_nsec3.c @@ -59,11 +59,6 @@ #include "sldns/sbuffer.h" #include "util/config_file.h" -/** - * Max number of NSEC3 calculations at once, suspend query for later. - * 8 is low enough and allows for cases where multiple proofs are needed. - */ -#define MAX_NSEC3_CALCULATIONS 8 /** * When all allowed NSEC3 calculations at once resulted in error treat as * bogus. NSEC3 hash errors are not cached and this helps breaks loops with @@ -456,6 +451,67 @@ filter_init(struct nsec3_filter* filter, struct ub_packed_rrset_key** list, } } +/** Check if the NSEC3s have the same parameter set. */ +static int +param_set_same(struct nsec3_filter* flt, char** reason) +{ + size_t rrsetnum; + int rrnum; + struct ub_packed_rrset_key* rrset; + int have_params = 0; + int first_algo = 0; + size_t first_iter = 0; + uint8_t* first_salt = NULL; + size_t first_saltlen = 0; + + /* If the NSEC3 parameter sets have distinct values, then they are + * from different NSEC3 chains, and we do not want that. */ + for(rrset=filter_first(flt, &rrsetnum, &rrnum); rrset; + rrset=filter_next(flt, &rrsetnum, &rrnum)) { + if(!have_params) { + first_algo = nsec3_get_algo(rrset, rrnum); + first_iter = nsec3_get_iter(rrset, rrnum); + if(!nsec3_get_salt(rrset, rrnum, &first_salt, + &first_saltlen)) { + verbose(VERB_ALGO, "NSEC3 salt malformed"); + if(reason) + *reason = "NSEC3 salt malformed"; + return 0; + } + have_params = 1; + } else { + uint8_t* salt = NULL; + size_t saltlen = 0; + if(nsec3_get_algo(rrset, rrnum) != first_algo) { + verbose(VERB_ALGO, "NSEC3 algorithm mismatch"); + if(reason) + *reason = "NSEC3 algorithm mismatch"; + return 0; + } + if(nsec3_get_iter(rrset, rrnum) != first_iter) { + verbose(VERB_ALGO, "NSEC3 iterations mismatch"); + if(reason) + *reason = "NSEC3 iterations mismatch"; + return 0; + } + if(!nsec3_get_salt(rrset, rrnum, &salt, &saltlen)) { + verbose(VERB_ALGO, "NSEC3 salt malformed"); + if(reason) + *reason = "NSEC3 salt malformed"; + return 0; + } + if(saltlen != first_saltlen || + memcmp(salt, first_salt, saltlen) != 0) { + verbose(VERB_ALGO, "NSEC3 salt mismatch"); + if(reason) + *reason = "NSEC3 salt mismatch"; + return 0; + } + } + } + return 1; +} + /** * Find max iteration count using config settings and key size * @param ve: validator environment with iteration count config settings. @@ -1192,6 +1248,8 @@ nsec3_prove_nameerror(struct module_env* env, struct val_env* ve, filter_init(&flt, list, num, qinfo); /* init RR iterator */ if(!flt.zone) return sec_status_bogus; /* no RRs */ + if(!param_set_same(&flt, NULL)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ log_nametypeclass(VERB_ALGO, "start nsec3 nameerror proof, zone", @@ -1378,6 +1436,8 @@ nsec3_prove_nodata(struct module_env* env, struct val_env* ve, filter_init(&flt, list, num, qinfo); /* init RR iterator */ if(!flt.zone) return sec_status_bogus; /* no RRs */ + if(!param_set_same(&flt, NULL)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ return nsec3_do_prove_nodata(env, &flt, ct, qinfo, calc); @@ -1401,6 +1461,8 @@ nsec3_prove_wildcard(struct module_env* env, struct val_env* ve, filter_init(&flt, list, num, qinfo); /* init RR iterator */ if(!flt.zone) return sec_status_bogus; /* no RRs */ + if(!param_set_same(&flt, NULL)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ @@ -1503,6 +1565,8 @@ nsec3_prove_nods(struct module_env* env, struct val_env* ve, *reason = "no NSEC3 records"; return sec_status_bogus; /* no RRs */ } + if(!param_set_same(&flt, reason)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ @@ -1596,6 +1660,8 @@ nsec3_prove_nxornodata(struct module_env* env, struct val_env* ve, filter_init(&flt, list, num, qinfo); /* init RR iterator */ if(!flt.zone) return sec_status_bogus; /* no RRs */ + if(!param_set_same(&flt, NULL)) + return sec_status_bogus; /* nsec3 params from distinct chains*/ if(nsec3_iteration_count_high(ve, &flt, kkey)) return sec_status_insecure; /* iteration count too high */ diff --git a/contrib/unbound/validator/val_nsec3.h b/contrib/unbound/validator/val_nsec3.h index f668a270ff12..a13e92991106 100644 --- a/contrib/unbound/validator/val_nsec3.h +++ b/contrib/unbound/validator/val_nsec3.h @@ -98,6 +98,12 @@ struct sldns_buffer; /** The SHA1 hash algorithm for NSEC3 */ #define NSEC3_HASH_SHA1 0x01 +/** + * Max number of NSEC3 calculations at once, suspend query for later. + * 8 is low enough and allows for cases where multiple proofs are needed. + */ +#define MAX_NSEC3_CALCULATIONS 8 + /** * Cache table for NSEC3 hashes. * It keeps a *pointer* to the region its items are allocated. diff --git a/contrib/unbound/validator/val_utils.c b/contrib/unbound/validator/val_utils.c index 549264d76a1f..4495695ac853 100644 --- a/contrib/unbound/validator/val_utils.c +++ b/contrib/unbound/validator/val_utils.c @@ -1066,10 +1066,10 @@ val_fill_reply(struct reply_info* chase, struct reply_info* orig, if(query_dname_compare(name, orig->rrsets[i]->rk.dname) == 0) chase->rrsets[chase->an_numrrsets - +orig->ns_numrrsets+chase->ar_numrrsets++] + +chase->ns_numrrsets+chase->ar_numrrsets++] = orig->rrsets[i]; } else if(rrset_has_signer(orig->rrsets[i], name, len)) { - chase->rrsets[chase->an_numrrsets+orig->ns_numrrsets+ + chase->rrsets[chase->an_numrrsets+chase->ns_numrrsets+ chase->ar_numrrsets++] = orig->rrsets[i]; } } From nobody Tue Jun 9 19:19:56 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyj17V7z6gVKh for ; Tue, 09 Jun 2026 19:19:57 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyh6KDzz3QQ6 for ; Tue, 09 Jun 2026 19:19:56 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032796; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CbZD5YAz1U2bUJR5TF+9L+td/5lvXiG380O+v0PB9dc=; b=sFR5rvNsThYlSIY+mS5vXcG6K8Ba9tetqf94+BMWD81jLV9BT4+yc9ZqBtOygvhWE7qFqZ INKwg5Jc6u1zkSe9IZf5Hg9HmXOzZqHpec7PdBEyuumDFcBFLl6HUQXe6W7RJSs09zs6Ic yHMZuSqPNCooklefnvtm9S+Mbs/iOks7Qw00sY4niLuQlIOkN76zpNwHOe/hmWesfr17Km ZbiG0+KWapabPam4DjhPOm2Nj4YfVBT510ivbsUdjdot3m5tpn0ZVimdYH9FK8zeGDEmAj cm51l3p/FZmg6JXJUfH62U4QfElL3ZCcEmLPGUDnyQBGj11v7c1vhZHqnm2cJA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032796; a=rsa-sha256; cv=none; b=naixL6UkgQqoDORuyzp3LmqpMWxLXjg0gmH4xUDzqAkMLzjo692LRxc3BbTTmuHjICwhyN cu6VoJ46amDpaabvvdYzEiCjZWQCaXR1oFQGGAgMesYiSb+EnCitlSqyA7E34e/dHoYVr0 /YQ8svxO5JFtpgs2r8eub9kC0VoI7WpfYpn8b+7HPDVTRvXvVnDPrebGLpGpFx8s4ijptu yoeYo80mSf9t8nHXtkw+OvSwjGnDzpunmn4nnu+zu8sy/eAA11BAjyjdgVrW41kqw/Bv8d Znc3Z+5Hsfu0Xxi85CeHPqTArLGV59qsPKBbR705sTr0qrux8CCnYO3wp/iILA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032796; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CbZD5YAz1U2bUJR5TF+9L+td/5lvXiG380O+v0PB9dc=; b=pQA0oqoNCOlShnR9P7QTjA6U+0IgQCZwfE2iPBC+TWe6Lfbg70ofwPWoy36bF+qYgoEFY+ nOt8S9RYmIMwHp+pRETC9HEQHkFFW8yuzH8wV+v/Ihy+RCrSt4nr+psxGfkdiZScycRKda zqmCBHA/cdgNiRnwKANAHZcouMRRs0zpSYmkZ9XQJsGxoOVFp+obP7oJOVpJAuuHtZliN8 Onrbvdc1SiN5o212kzb5L8GXntWkP+E3EnKV0RhyCZIgMNTwvH8fyu9kXJq77O97TDEYWe vEqmQhhT01U9XRa/C0fkbmTtYccNMq7Z0Mu20jbzie3cYNTJebHbG8MuSUftYg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyh5pkYznyB for ; Tue, 09 Jun 2026 19:19:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ebce by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:19:56 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: fef97a6889f9 - releng/15.0 - Add UPDATING entries and bump version List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.0 X-Git-Reftype: branch X-Git-Commit: fef97a6889f98be4fa9a565577067f20d1f642a9 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:19:56 +0000 Message-Id: <6a28675c.3ebce.4dda5d92@gitrepo.freebsd.org> The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=fef97a6889f98be4fa9a565577067f20d1f642a9 commit fef97a6889f98be4fa9a565577067f20d1f642a9 Author: Mark Johnston AuthorDate: 2026-06-07 16:36:46 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 19:52:11 +0000 Add UPDATING entries and bump version Approved by: so --- UPDATING | 44 ++++++++++++++++++++++++++++++++++++++++++++ sys/conf/newvers.sh | 2 +- 2 files changed, 45 insertions(+), 1 deletion(-) diff --git a/UPDATING b/UPDATING index abc517696265..fa9cc98d6227 100644 --- a/UPDATING +++ b/UPDATING @@ -12,6 +12,50 @@ Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before updating system packages and/or ports. +20260609: + 15.0-RELEASE-p10 EN-26:14.syslogd + EN-26:15.openssl + SA-26:25.thr + SA-26:26.ktls + SA-26:27.sound + SA-26:28.capsicum + SA-26:29.ip6_multicast + SA-26:30.linux + SA-26:31.arm64 + SA-26:32.elf + SA-26:33.unbound + SA-26:34.vt + SA-26:35.openssl + SA-26:36.ldns + + syslogd(8) memory leak in casper_ttymsg(). [EN-26:14.syslogd] + + Update OpenSSL to 3.0.20 and 3.5.6. [EN-26:15.openssl] + + Missing permission check in thr_kill2(2). [SA-26:25.thr] + + Arbitrary file overwrite via the KTLS receive path. [SA-26:26.ktls] + + Multiple vulnerabilities in the sound(4) mmap path. [SA-26:27.sound] + + sigqueue(2) missing capability mode restriction. [SA-26:28.capsicum] + + Use-after-free bug in the IPV6_MSFILTER socket option handler. [SA-26:29.ip6_multicast] + + Flaw in Linuxulator execution of setugid binaries. [SA-26:30.linux] + + Arm CPU errata may bypass page table permission changes. [SA-26:31.arm64] + + ASLR bypass for setuid executables via procctl(2). [SA-26:32.elf] + + Multiple vulnerabilities in unbound. [SA-26:33.unbound] + + Integer overflow in vt(4) CONS_HISTORY ioctl. [SA-26:34.vt] + + Multiple vulnerabilities in OpenSSL. [SA-26:35.openssl] + + Insufficient response validation in the ldns stub resolver. [SA-26:36.ldns] + 20260520: 15.0-RELEASE-p9 SA-26:18.setcred SA-26:19.file diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 210c5ccf747a..a68e1021ff1b 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -51,7 +51,7 @@ TYPE="FreeBSD" REVISION="15.0" -BRANCH="RELEASE-p9" +BRANCH="RELEASE-p10" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From nobody Tue Jun 9 19:20:06 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyv0L3pz6gVdZ for ; Tue, 09 Jun 2026 19:20:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyt3m5Nz3R4c for ; Tue, 09 Jun 2026 19:20:06 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032806; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kimhUAe08MaVnqpfCSOQu9Ki+7FksfIwrGJhYjXML8g=; b=hVf7qDGd1tqXW9lFfwmOYTrRUSDa62BVekRm3QpQhmcr412+TFJIZdpxlNIJgnl6QrqxfK yb79kWS55DwTO8IxpVDyv53Tyer+D8phrWV95DfbvoF74Lm6dLi0rh9I700atkodcIktQd 6SXegX09ZZby8b77QP2fQ1qf3Nag85AKpn0noCFEtdmDoLAAmG3VWidxOL3wVeChKSjMfU zuxMO9D4s20ph5T5IPGPdAu/Ud7UrmI/SxPAhOuMPib4p+vIk64DXkAGICYEUAMRq0SGqZ gVMdyKKrnZ7edu15jz+mK/QaxrSQXjqsT9tb7aTK897BRIuar///Es4b1YbUeQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032806; a=rsa-sha256; cv=none; b=ZRzigjTOtvo13E9wm7oJ1uB2V0dspGgcyY+vd48/CEx++gp9xe6UDnjZR+pLAcOs7k/igP oCiyp+2ElGOQ82wDwgeieEGPUTx81EjhqyrdbIJ+w1SOhlQAPDhqzb74QfyzK2V5inGttq q6SFyamt2cpY/lTU9S/S+A2iF5BoEydfbct7qKENPeC92m3VqS9k/+oCd3HPIH93/smVIE Etubw/DYlDfvaIfo3ov5rS+IeNfvmgdlgA/GM35mezuTI/vOujppEzkwkPJMaRcPodSVQe f6EemT1OD69Rgx0T17ITfsq7bd7M0dBDYMJZLXYsWF6PLFfkigyFnTI3Wfh3sw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032806; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kimhUAe08MaVnqpfCSOQu9Ki+7FksfIwrGJhYjXML8g=; b=vQD8BLa8V1OVuGDYPzf3I42g1uVjavz9DeJNAUrwuUMsmehYoIbhFFWbP+05z6NqJ+RLFy TRsqwNQjHf9sj7hQRAoR4D67dhO5VKTl00L0NpJg2iyr1WT81g+LfHeQnTjTzCty28ynGb 7pgSTrzpR9UDY2yed8kt36q/hFvDfgg992uQsFAVYkwKXW6rNvSupSX0Ev6DATcI6Qen/I kgLoF11T1k/0U/xgwIMe4i/QTKw2T+5/YVnAjmRVk1MhC35ymO7dasjNjX38b+FoCeDExd jBDWZSz7TvUHxLUMvGYiAyJ8IoQkgwv/VSHjINbPFAYC/CJ0ehHci3TNFcnFKw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyt2J3Hzp3y for ; Tue, 09 Jun 2026 19:20:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ebed by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:06 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: John Baldwin From: Mark Johnston Subject: git: 48c1c5e3c348 - releng/15.1 - ktls: Don't attempt to modify non-anonymous mbufs on the receive path List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: 48c1c5e3c348d1953072faf98ecedd0ba96956dc Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:06 +0000 Message-Id: <6a286766.3ebed.44864ab7@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=48c1c5e3c348d1953072faf98ecedd0ba96956dc commit 48c1c5e3c348d1953072faf98ecedd0ba96956dc Author: John Baldwin AuthorDate: 2026-06-03 23:22:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 02:59:19 +0000 ktls: Don't attempt to modify non-anonymous mbufs on the receive path Normally, data processed on the KTLS receive path is contained in anonymous mbufs that can be modified in place. Either the data originates in receive buffers from a NIC driver, or for loopback connections the data is anonymous-backed mbufs created when writing to a socket. One potential source of non-anonymous mbufs are mbufs created by sendfile(2) which borrow the pages of the underlying file, either via M_EXTPG or EXT_SFBUF that are sent over a loopback connection. For a well-formed loopback TLS session, the sender should only use sendfile(2) if KTLS is enabled. If TLS is fully handled in userspace, the sender must use write(2) or send(2) which allocate anonymous mbufs. If KTLS transmit is enabled, then sendfile(2) on a loopback connection will always use crypto via OCF and will allocate anonymous pages to hold the encrypted data. However, if sendfile(2) is used to send file-backed data directly over a loopback connection where KTLS is not enabled on the sender side, the KTLS receive path can modify the file-backed pages in place overwriting the file's data. One potential fix would be to replace non-anonymous mbufs in a received TLS record with anonymous mbufs (e.g. via m_dup()) before passing the record to OCF. However, there is no legitimate use case for using sendfile(2) over a loopback TLS connection without using KTLS on the sender side, so instead simply fail decryption requests and close the connection if non-anonymous mbufs are encountered in the RX decryption path. Add a test for this that verifies that the original data backing the file descriptor used as the source for sendfile() is unchanged after being processed. Approved by: re (cperciva) Approved by: so Security: FreeBSD-SA-26:26.ktls Security: CVE-2026-45257 Co-authored-by: Drew Gallatin Sponsored by: Chelsio Communications Sponsored by: Netflix --- sys/kern/uipc_ktls.c | 17 +++++++-- sys/sys/ktls.h | 1 + tests/sys/kern/ktls_test.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 108 insertions(+), 3 deletions(-) diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c index 35009ad77722..5f7d061bfb55 100644 --- a/sys/kern/uipc_ktls.c +++ b/sys/kern/uipc_ktls.c @@ -2419,8 +2419,10 @@ tls13_find_record_type(struct ktls_session *tls, struct mbuf *m, int tls_len, * Check if a mbuf chain is fully decrypted at the given offset and * length. Returns KTLS_MBUF_CRYPTO_ST_DECRYPTED if all data is * decrypted. KTLS_MBUF_CRYPTO_ST_MIXED if there is a mix of encrypted - * and decrypted data. Else KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data - * is encrypted. + * and decrypted data. KTLS_MBUF_CRYPTO_ST_ENCRYPTED if all data is + * encrypted. KTLS_MBUF_CRYPTO_ST_SHAREDMBUF if any mbuf points at + * shared data that must not be modified in place (non-anonymous + * M_EXTPG or sendfile M_EXT buffers). */ ktls_mbuf_crypto_st_t ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) @@ -2436,6 +2438,13 @@ ktls_mbuf_crypto_state(struct mbuf *mb, int offset, int len) offset += len; for (; mb != NULL; mb = mb->m_next) { + if ((mb->m_flags & M_EXTPG) != 0 && + (mb->m_epg_flags & EPG_FLAG_ANON) == 0) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + if ((mb->m_flags & M_EXT) != 0 && + mb->m_ext.ext_type == EXT_SFBUF) + return (KTLS_MBUF_CRYPTO_ST_SHAREDMBUF); + m_flags_ored |= mb->m_flags; m_flags_anded &= mb->m_flags; @@ -2636,9 +2645,11 @@ ktls_decrypt(struct socket *so) record_type = hdr->tls_type; } break; - default: + case KTLS_MBUF_CRYPTO_ST_SHAREDMBUF: error = EINVAL; break; + default: + __assert_unreachable(); } if (error) { counter_u64_add(ktls_offload_failed_crypto, 1); diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h index 6c7e7d3c5ee3..fc9c0316654e 100644 --- a/sys/sys/ktls.h +++ b/sys/sys/ktls.h @@ -241,6 +241,7 @@ typedef enum { KTLS_MBUF_CRYPTO_ST_MIXED = 0, KTLS_MBUF_CRYPTO_ST_ENCRYPTED = 1, KTLS_MBUF_CRYPTO_ST_DECRYPTED = -1, + KTLS_MBUF_CRYPTO_ST_SHAREDMBUF = -2, } ktls_mbuf_crypto_st_t; void ktls_check_rx(struct sockbuf *sb); diff --git a/tests/sys/kern/ktls_test.c b/tests/sys/kern/ktls_test.c index 72497196b945..3970083e7f72 100644 --- a/tests/sys/kern/ktls_test.c +++ b/tests/sys/kern/ktls_test.c @@ -30,6 +30,7 @@ #include #include #include +#include #include #include #include @@ -2817,6 +2818,97 @@ ATF_TC_BODY(ktls_listening_socket, tc) ATF_REQUIRE(close(s) == 0); } +/* + * Verify that the KTLS receive path does not overwrite data belonging + * to a file whose payload is transmitted over a loopback connection + * via plain sendfile. + */ +ATF_TC_WITHOUT_HEAD(ktls_receive_loopback_sendfile); +ATF_TC_BODY(ktls_receive_loopback_sendfile, tc) +{ + struct tls_enable en; + struct msghdr msg; + struct sf_hdtr hdtr; + struct iovec iov[2]; + uint64_t seqno; + off_t sbytes; + char cbuf[CMSG_SPACE(sizeof(struct tls_get_record))]; + char *plaintext, *ciphertext, *outbuf; + void *p; + const size_t payload_len = PAGE_SIZE; + ssize_t rv; + size_t len; + int mode, shm, sockets[2]; + socklen_t slen; + + ATF_REQUIRE_KTLS(); + seqno = random(); + build_tls_enable(tc, CRYPTO_AES_NIST_GCM_16, 128 / 8, 0, + TLS_MINOR_VER_TWO, seqno, &en); + + len = tls_header_len(&en) + payload_len + tls_trailer_len(&en); + plaintext = alloc_buffer(payload_len); + ciphertext = malloc(len); + ATF_REQUIRE_INTEQ(len, encrypt_tls_record(tc, &en, TLS_RLTYPE_APP, + seqno, plaintext, payload_len, ciphertext, len, 0)); + + ATF_REQUIRE((shm = shm_open(SHM_ANON, O_RDWR, 0600)) > 0); + ATF_REQUIRE_INTEQ(0, ftruncate(shm, payload_len)); + ATF_REQUIRE((p = mmap(NULL, payload_len, PROT_READ | PROT_WRITE, + MAP_SHARED, shm, 0)) != MAP_FAILED); + memcpy(p, ciphertext + tls_header_len(&en), payload_len); + + ATF_REQUIRE_MSG(socketpair_tcp(sockets), "failed to create sockets"); + ATF_REQUIRE(setsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_ENABLE, &en, + sizeof(en)) == 0); + slen = sizeof(mode); + ATF_REQUIRE_INTEQ(0, getsockopt(sockets[0], IPPROTO_TCP, TCP_RXTLS_MODE, + &mode, &slen)); + ATF_REQUIRE_INTEQ(TCP_TLS_MODE_SW, mode); + + fd_set_blocking(sockets[0]); + fd_set_blocking(sockets[1]); + + iov[0].iov_base = ciphertext; + iov[0].iov_len = tls_header_len(&en); + iov[1].iov_base = ciphertext + tls_header_len(&en) + payload_len; + iov[1].iov_len = tls_trailer_len(&en); + hdtr.headers = iov; + hdtr.hdr_cnt = 1; + hdtr.trailers = iov + 1; + hdtr.trl_cnt = 1; + debug_hexdump(tc, p, payload_len, "shm buffer before"); + ATF_REQUIRE_INTEQ(0, sendfile(shm, sockets[1], 0, payload_len, &hdtr, + &sbytes, 0)); + ATF_REQUIRE_INTEQ(sbytes, len); + + outbuf = calloc(payload_len, 1); + + memset(&msg, 0, sizeof(msg)); + + msg.msg_control = cbuf; + msg.msg_controllen = sizeof(cbuf); + + iov[0].iov_base = outbuf; + iov[0].iov_len = payload_len; + msg.msg_iov = iov; + msg.msg_iovlen = 1; + + rv = recvmsg(sockets[0], &msg, 0); + if (rv >= 0) { + ATF_REQUIRE_INTEQ(payload_len, rv); + ATF_REQUIRE_INTEQ(0, memcmp(outbuf, plaintext, payload_len)); + } else + ATF_REQUIRE_ERRNO(EBADMSG, true); + + debug_hexdump(tc, p, payload_len, "shm buffer after"); + ATF_REQUIRE_INTEQ(0, memcmp(p, ciphertext + tls_header_len(&en), + payload_len)); + + close_sockets_ignore_errors(sockets); + (void)close(shm); +} + ATF_TP_ADD_TCS(tp) { /* Transmit tests */ @@ -2843,6 +2935,7 @@ ATF_TP_ADD_TCS(tp) /* Miscellaneous */ ATF_TP_ADD_TC(tp, ktls_sendto_baddst); ATF_TP_ADD_TC(tp, ktls_listening_socket); + ATF_TP_ADD_TC(tp, ktls_receive_loopback_sendfile); return (atf_no_error()); } From nobody Tue Jun 9 19:20:05 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyt0PV3z6gVXc for ; Tue, 09 Jun 2026 19:20:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdys2TVjz3Qnl for ; Tue, 09 Jun 2026 19:20:05 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032805; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CaMIyFVVo2YkHEcw5OXBHK1ABHTT3H2vI39FV35HjJc=; b=xgeicncgi+upBxB/t4kFOwruRjxNbvAgWdM5z3phXHW9oQ1wRBlQ8G7fRPXtTPFxKzFtR/ zrPTeww68+rslPTr3iH3BQU7AxiFRp/TsIcOPcX21pPq+CMtKN1RF8ctpWqsE5PGIj1coH CTYOAJZM6xeXwnAzLhLz7wh3woDhpF4jKAPZVh9ZFVzwsWq7f/4/jYI6iaTTEGhguWAQ/p DNohzGrukrdMnB7LWp1Q3iRObOW9snoDzHvgNDiOoEeTXeLHj06KZP7rUPrhR/9j/55r+v QcNmbr4G0C4GulWPnpo1zuhFt1Vs1xKV5+b6P4KUXc1lGwc7R63ONcV8V8vAeQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032805; a=rsa-sha256; cv=none; b=ANroyfmbJr2uUj0FlDDmZ8YYpUVCOGLsJ/KrmEuMzOMFm88CC0PgYSAaomLotUFCf1Jxzj 4FKGqAVTTux2YYhkCZNyRsYrUR7S7HfctAuXowUoZQkj9fliSuc4gJ6Jl4br+1PdDCyrhY pSrq9ffX6N9FOKBlyo/ZohgQBd4bzbpMI7nZSE/IGvPc0ALID1Qh94H9P5KGi99bL2rghq soQdq5YI5HYaTZ7MFwn6os06uthkscRWbXA0p8KsFeKvTKdK5YH95L7tz3e93UIylQUrd9 hmd+xxbTwLWTGMjU6hvsAFDfwtP9FNI5a2FSRANIOuFLoGNjWlrvjXLXw0NREw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032805; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CaMIyFVVo2YkHEcw5OXBHK1ABHTT3H2vI39FV35HjJc=; b=RYOTV/cl/YbGhpJ6wOcTLL1NrRm/6AoUbLMQPvtzm3TsMC5eSwhbCYHvKMiBmk2YKrhwvE Zmhsxorfe3hCM5mleVMgrfqaHy9XYf1+hvZw7DfGWMDtLT4wXSICJZyptKBFDvB/QhQa9Y VISZ+NRvN++8IlGDQRUQIHGtChvp4bBWsnFj72EuODCa9YwjiKmqFvX8FEpP57Wmwv4IT8 6LSgthMmLTqnNlnRnXDuye/DWBXJ1fU4uKWgFZe6TzUXHx1jfMgOdNoYlb1fvyfwxhcn5F VSMPOxFIUfJdltztMGuxETBDO9dutfyEkcLe6Va/a4ag4ZKZ2ItMc9MN66W2Zw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdys1tlRzp1j for ; Tue, 09 Jun 2026 19:20:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e9ad by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:05 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 068168fefd4b - releng/15.1 - thr_kill2: Respect p_cansignal() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: 068168fefd4b6a8a53ab102d064614f82f764d36 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:05 +0000 Message-Id: <6a286765.3e9ad.637ed6f3@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=068168fefd4b6a8a53ab102d064614f82f764d36 commit 068168fefd4b6a8a53ab102d064614f82f764d36 Author: Mark Johnston AuthorDate: 2026-05-25 15:12:57 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 02:59:10 +0000 thr_kill2: Respect p_cansignal() Approved by: re (cperciva) Approved by: so Security: FreeBSD-SA-26:25.thr Security: CVE-2026-45256 Reported by: Igor Gabriel Sousa e Souza Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li, and Ke Xu from Tsinghua University using GLM-5.1 from Z.ai Reviewed by: emaste, kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57237 --- sys/kern/kern_thr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/kern_thr.c b/sys/kern/kern_thr.c index 4329959a2ef4..4a439eee0210 100644 --- a/sys/kern/kern_thr.c +++ b/sys/kern/kern_thr.c @@ -506,7 +506,7 @@ sys_thr_kill2(struct thread *td, struct thr_kill2_args *uap) p = ttd->td_proc; AUDIT_ARG_PROCESS(p); error = p_cansignal(td, p, uap->sig); - if (uap->sig == 0) + if (error != 0 || uap->sig == 0) ; else if (!_SIG_VALID(uap->sig)) error = EINVAL; From nobody Tue Jun 9 19:20:07 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyw1mqnz6gVk7 for ; Tue, 09 Jun 2026 19:20:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyv3MPSz3Qr6 for ; Tue, 09 Jun 2026 19:20:07 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032807; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Bk40n8d92/sY2FrT8VY0MndABc4pZqeDr8IwQa78Ag8=; b=aus2T8fT9XGNIZaFh7QCrykFuZcMSgzt53oaOu2rBT3YSO++o0HpdLwFu0lmb5wb54LRpc xsv9M18V6UoeSAtxuCpeooOKWsNl3o/BURETn1QbmW508rO+ZJ9CxAHHiYYKDmDoE9sPt4 YUmy73nrBv5JftyhWBAbWFHanrPceR2YghdcOQyOMQZVo7kC/HHJnHyPsXngYAk7hH08UD m/S7iKW+nsTo9hjDs/KpFV5Oyw8Dsdyq2UasgRo/rYa/enzrP5Wi8M5OHZ51VIhvutFsgi yynNL5gpJHdGcj9U0yilOxV0IRObKnrmupwWXanyMCDaxDEp0t9GPBAJ+kZA4Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032807; a=rsa-sha256; cv=none; b=fbZnDwwNXlzWoTgbIOXBRURW1quu8isL7Ij0JaySW2FTGah9Yrst3Zq1XYyIN4BUz5Kwet gf+t4/oYo3NTCuCsWYDr5WT8MZbG20IRm2/EesyErgTe8RdG+VFsWfPpj+L3UOaFjnWK8S qY42Q3nKP7E5kk+r/3WZNG9OM6unB/fss4bFH3pCT8vi++FibZTLY9PtqpowIXF/vixmdx hrNXN4h5PQxC3GOZywP4P2RNpJxg+XaxTmj6NERAou894eHlSOQt6C/NNm7iNjKdAtLrPA V/qllaC8xGeL+h7QywxMwlk32Y84wyFMnH8pxLE69skngE3HtTysYkcsJVCqBA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032807; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Bk40n8d92/sY2FrT8VY0MndABc4pZqeDr8IwQa78Ag8=; b=QJMfiS6+5YdrqY51sQFdF5mXBEeVKul+rdAto5ZgZYXazFy+9i96EXPGA67iIRzQesCxgJ L/+jXFHrSn2hD+H8kvjSqhKOjBQiITXRWfwkQM/uRu9oJ/zIDcYP3PG/yDH85uNyAKM6c+ Muk85jz4lqObveXlrDtOp514bQWYG4e49oNKIaJuxeBP1O1GtZqDSatM5EE/gOcNe94w6L iSe0ZE3e6iQIENnYNMRbro2S/2WZM+jmdkvlYUnh4x1gtU5Duo90PhqffIkvxkk1GvNmYH ayCrlkkFnOgfHinyq0NPmZCg/8xsXMP+6JA82qhh3mGYUqQD/y/iNga7AG2r0w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyv2fFXznyF for ; Tue, 09 Jun 2026 19:20:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e86f by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:07 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Christos Margiolis From: Mark Johnston Subject: git: 513db24414f0 - releng/15.1 - sound: Check for offset overflow in dsp_mmap_single() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: 513db24414f0eae90c280b480b4453e9e4f04714 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:07 +0000 Message-Id: <6a286767.3e86f.3961bd12@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=513db24414f0eae90c280b480b4453e9e4f04714 commit 513db24414f0eae90c280b480b4453e9e4f04714 Author: Christos Margiolis AuthorDate: 2026-05-27 15:50:33 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 02:59:28 +0000 sound: Check for offset overflow in dsp_mmap_single() Approved by: re (cperciva) Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-45258 Reviewed by: markj Sponsored by: The FreeBSD Foundation --- sys/dev/sound/pcm/dsp.c | 3 +++ tests/sys/sound/Makefile | 1 + tests/sys/sound/mmap.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 55 insertions(+) diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index 797bfba81023..23b76ab4afac 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -1922,6 +1922,9 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, struct pcm_channel *wrch, *rdch, *c; int err; + if (*offset >= *offset + size) + return (EINVAL); + /* * Reject PROT_EXEC by default. It just doesn't makes sense. * Unfortunately, we have to give up this one due to linux_mmap diff --git a/tests/sys/sound/Makefile b/tests/sys/sound/Makefile index ab52a7aad386..f534a8cb17e5 100644 --- a/tests/sys/sound/Makefile +++ b/tests/sys/sound/Makefile @@ -2,6 +2,7 @@ PACKAGE= tests TESTSDIR= ${TESTSBASE}/sys/sound +ATF_TESTS_C+= mmap ATF_TESTS_C+= pcm_read_write ATF_TESTS_C+= polling ATF_TESTS_C+= sndstat diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c new file mode 100644 index 000000000000..53594b7cc962 --- /dev/null +++ b/tests/sys/sound/mmap.c @@ -0,0 +1,51 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2026 The FreeBSD Foundation + */ + +#include +#include + +#include +#include +#include +#include + +#define FMT_ERR(s) s ": %s", strerror(errno) + +ATF_TC(mmap_offset_overflow); +ATF_TC_HEAD(mmap_offset_overflow, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap offset overflow test"); + atf_tc_set_md_var(tc, "require.kmods", "snd_dummy"); +} + +ATF_TC_BODY(mmap_offset_overflow, tc) +{ + uint8_t *buf; + off_t off; + size_t len; + int fd; + + fd = open("/dev/dsp.dummy", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + /* off + len will overflow and wrap back to 0. */ + off = 0xfffffffffffff000; + len = 0x1000; + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, off); + ATF_REQUIRE_MSG(buf == MAP_FAILED, FMT_ERR("mmap")); + + munmap(buf, len); + + close(fd); +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, mmap_offset_overflow); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:20:08 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyw6j78z6gVbQ for ; Tue, 09 Jun 2026 19:20:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyw3Mt5z3QpG for ; Tue, 09 Jun 2026 19:20:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032808; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nYEIqERvNLZZWSbs75nF5dUwfGce9hg616HZTewS8Oc=; b=N63j4eOjFwRpAMCO6j8ta+loK6xnohCFgoJmxOo6BrfA4pZfyD1SVvCvDJrtBRM0w5pYpY n1LR6sBYwZumBOTyIxz8xHGKIiBorWQ5ptx0nBLRKP7Ug7lcm1klkWIIeM7x/fBjWKboru aukHQMVapvNTpUMwqI4m+e4yWWWq3boLMjZZx2K4seXSeu1Zy46Bck4ljYnnJSbEJTPhGc Ms/Y4A6YEVbfSSHg5xITdNThTdMndKM8meGtoTlN4rMoLXKOxmRL00CTA2lxQ2Z+bN1d3C BpTU6d61uo46K+X2tlzwNMT+avp5lAktgrY0yu19WCr1OzkPw/uaTdx5phL+Pg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032808; a=rsa-sha256; cv=none; b=cDudqT7n+8YG234CSBAzd2zCERbfT4c6iSW5vcM/R3/jylA5t8ZI79xoRxeliggmn15EHZ hzkyZE+h4Mb7MPlmiPGIG+IUqOh8P+fqfUFOYiY02vxmvrAPxq73LRIdoY/+f51YYvkEfP HnI8g7Flcy+89803lX2ud53zwAfZi1s1A6fX/B+GAUfN3YMg7H80eSWQ8JfV5HyMxCB+Qt tjR1HlmNA/3FihgvlV2k7VtfgjFwReMJykcmlCYZiELQ/jEG0eFmOeK6u1Zc5hGV7OMuOc eMwg2LrDGkX2BISx51jP5/+NlcV2MW7oL43ck4TQcIBZ8pjTo5DK/FAFzFxiGA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032808; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nYEIqERvNLZZWSbs75nF5dUwfGce9hg616HZTewS8Oc=; b=ZIc6VF4W5BOrpaxh1MOJh/Y/MlnzBMowBjFmXUQTqQhN1O6t5km6A9U/0XRT81yk6pTZ31 aBcKo4mn2plN/daL8l//B9sdO8sMKicWvUlAG90dV293wZOlpvv++J65PPG3/b8W9CXuKg tWZYH8mLyLX+5qEDU+ttgTMVaKuHwzPzlBVSYiFuDr/OCm9ZXlVaQVosO0l83t2vtlyE31 yxbFVvJTtYoWRZwEzh01AThGu+5HEH8jeX+66ZaUFGihE2WD24rLGRSdpr+BLClJX4rkNX Z/4WIVxeHRNTW4v69U8wPGs0E5tEekPvuDGV9B7qnT9YjczsCJ1qPsVdKyV3Yg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyw2zMRznwN for ; Tue, 09 Jun 2026 19:20:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ebf2 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:08 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: abc077216bac - releng/15.1 - sound: Fix software buffer lifetime issues List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: abc077216bac75eaa8ab517721e585d7e61e2d4f Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:08 +0000 Message-Id: <6a286768.3ebf2.2a11514b@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=abc077216bac75eaa8ab517721e585d7e61e2d4f commit abc077216bac75eaa8ab517721e585d7e61e2d4f Author: Mark Johnston AuthorDate: 2026-06-01 21:57:40 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 02:59:34 +0000 sound: Fix software buffer lifetime issues The channel buffer mapped by dsp_mmap_single() may be freed when the device handle is closed, but the mapping persists beyond that, allowing userspace to read or write memory owned by a different consumer. Fix the problem by adding a reference counter to the sound buffer. Define pager ops for the VM object returned by dsp_mmap_single() and use them to manage the extra reference. Add a regression test. Approved by: re (cperciva) Approved by: so Security: FreeBSD-SA-26:27.sound Security: CVE-2026-49417 Reported by: Lexpl0it, 75Acol, Liyw979, Rob1n Reviewed by kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57393 --- sys/dev/sound/pcm/buffer.c | 38 ++++++++++++++++++-- sys/dev/sound/pcm/buffer.h | 4 +++ sys/dev/sound/pcm/dsp.c | 89 ++++++++++++++++++++++++++++++++++++++-------- tests/sys/sound/mmap.c | 60 +++++++++++++++++++++++++++++++ 4 files changed, 175 insertions(+), 16 deletions(-) diff --git a/sys/dev/sound/pcm/buffer.c b/sys/dev/sound/pcm/buffer.c index 0c574ae2908c..86278a46a731 100644 --- a/sys/dev/sound/pcm/buffer.c +++ b/sys/dev/sound/pcm/buffer.c @@ -36,6 +36,7 @@ #include "opt_snd.h" #endif +#include #include #include "feeder_if.h" @@ -50,6 +51,7 @@ sndbuf_create(struct pcm_channel *channel, const char *desc) struct snd_dbuf *b; b = malloc(sizeof(*b), M_DEVBUF, M_WAITOK | M_ZERO); + refcount_init(&b->refcount, 1); snprintf(b->name, SNDBUF_NAMELEN, "%s:%s", channel->name, desc); b->channel = channel; @@ -59,8 +61,30 @@ sndbuf_create(struct pcm_channel *channel, const char *desc) void sndbuf_destroy(struct snd_dbuf *b) { - sndbuf_free(b); - free(b, M_DEVBUF); + b->flags |= SNDBUF_F_DETACHED; + sndbuf_rele(b); +} + +void +sndbuf_ref(struct snd_dbuf *b) +{ + unsigned int count __diagused; + + CHN_LOCK(b->channel); + count = refcount_acquire(&b->refcount); + KASSERT(count > 0, ("sndbuf %p refcount 0", b)); + CHN_UNLOCK(b->channel); +} + +void +sndbuf_rele(struct snd_dbuf *b) +{ + if (refcount_release(&b->refcount)) { + sndbuf_free(b); + KASSERT(refcount_load(&b->refcount) == 0, + ("sndbuf %p still referenced", b)); + free(b, M_DEVBUF); + } } static void @@ -177,6 +201,11 @@ sndbuf_resize(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) { + CHN_UNLOCK(b->channel); + return (EBUSY); + } allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); tmpbuf = malloc(allocsize, M_DEVBUF, M_WAITOK); @@ -211,10 +240,15 @@ sndbuf_remalloc(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) if (blkcnt < 2 || blksz < 16) return EINVAL; + CHN_LOCKASSERT(b->channel); + bufsize = blksz * blkcnt; if (bufsize > b->allocsize || bufsize < (b->allocsize >> SNDBUF_CACHE_SHIFT)) { + if (refcount_load(&b->refcount) > 1 || + (b->flags & SNDBUF_F_DETACHED) != 0) + return (EBUSY); allocsize = round_page(bufsize); CHN_UNLOCK(b->channel); buf = malloc(allocsize, M_DEVBUF, M_WAITOK); diff --git a/sys/dev/sound/pcm/buffer.h b/sys/dev/sound/pcm/buffer.h index 371ba2dd94ce..fee41db2ff82 100644 --- a/sys/dev/sound/pcm/buffer.h +++ b/sys/dev/sound/pcm/buffer.h @@ -31,6 +31,7 @@ */ #define SNDBUF_F_MANAGED 0x00000001 +#define SNDBUF_F_DETACHED 0x00000002 #define SNDBUF_NAMELEN 48 @@ -53,6 +54,7 @@ struct snd_dbuf { bus_dma_tag_t dmatag; bus_addr_t buf_addr; int dmaflags; + unsigned int refcount; struct selinfo sel; struct pcm_channel *channel; char name[SNDBUF_NAMELEN]; @@ -60,6 +62,8 @@ struct snd_dbuf { struct snd_dbuf *sndbuf_create(struct pcm_channel *channel, const char *desc); void sndbuf_destroy(struct snd_dbuf *b); +void sndbuf_ref(struct snd_dbuf *b); +void sndbuf_rele(struct snd_dbuf *b); int sndbuf_alloc(struct snd_dbuf *b, bus_dma_tag_t dmatag, int dmaflags, unsigned int size); int sndbuf_setup(struct snd_dbuf *b, void *buf, unsigned int size); diff --git a/sys/dev/sound/pcm/dsp.c b/sys/dev/sound/pcm/dsp.c index 23b76ab4afac..147779ca9d1d 100644 --- a/sys/dev/sound/pcm/dsp.c +++ b/sys/dev/sound/pcm/dsp.c @@ -77,7 +77,6 @@ static d_read_t dsp_read; static d_write_t dsp_write; static d_ioctl_t dsp_ioctl; static d_poll_t dsp_poll; -static d_mmap_t dsp_mmap; static d_mmap_single_t dsp_mmap_single; static d_kqfilter_t dsp_kqfilter; @@ -89,7 +88,6 @@ struct cdevsw dsp_cdevsw = { .d_ioctl = dsp_ioctl, .d_poll = dsp_poll, .d_kqfilter = dsp_kqfilter, - .d_mmap = dsp_mmap, .d_mmap_single = dsp_mmap_single, .d_name = "dsp", }; @@ -1900,23 +1898,81 @@ dsp_poll(struct cdev *i_dev, int events, struct thread *td) return (ret); } +struct dsp_mmap_handle { + struct cdev *cdev; + struct snd_dbuf *buf; +}; + static int -dsp_mmap(struct cdev *i_dev, vm_ooffset_t offset, vm_paddr_t *paddr, - int nprot, vm_memattr_t *memattr) +dsp_dev_pager_ctor(void *handle, vm_ooffset_t size, vm_prot_t prot, + vm_ooffset_t foff, struct ucred *cred, u_short *color) { + struct dsp_mmap_handle *h = handle; - /* - * offset is in range due to checks in dsp_mmap_single(). - * XXX memattr is not honored. - */ - *paddr = vtophys(offset); + dev_ref(h->cdev); + sndbuf_ref(h->buf); return (0); } +static void +dsp_dev_pager_dtor(void *handle) +{ + struct dsp_mmap_handle *h = handle; + + sndbuf_rele(h->buf); + dev_rel(h->cdev); + free(h, M_DEVBUF); +} + +static int +dsp_dev_pager_fault(vm_object_t object, vm_ooffset_t offset, int prot, + vm_page_t *mres) +{ + struct dsp_mmap_handle *h = object->handle; + vm_page_t m; + uintptr_t addr; + vm_paddr_t paddr; + + addr = (uintptr_t)offset; + if (addr < (uintptr_t)h->buf->buf || + addr >= (uintptr_t)h->buf->buf + h->buf->allocsize) + return (VM_PAGER_ERROR); + paddr = vtophys((void *)addr); + + if (((*mres)->flags & PG_FICTITIOUS) != 0) { + m = *mres; + vm_page_updatefake(m, paddr, object->memattr); + } else { + VM_OBJECT_WUNLOCK(object); + m = vm_page_getfake(paddr, object->memattr); + VM_OBJECT_WLOCK(object); + vm_page_replace(m, object, (*mres)->pindex, *mres); + *mres = m; + } + m->valid = VM_PAGE_BITS_ALL; + return (VM_PAGER_OK); +} + +static void +dsp_dev_pager_path(void *handle, char *path, size_t len) +{ + struct dsp_mmap_handle *h = handle; + + dev_copyname(h->cdev, path, len); +} + +static const struct cdev_pager_ops dsp_dev_pager_ops = { + .cdev_pg_ctor = dsp_dev_pager_ctor, + .cdev_pg_dtor = dsp_dev_pager_dtor, + .cdev_pg_fault = dsp_dev_pager_fault, + .cdev_pg_path = dsp_dev_pager_path, +}; + static int -dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, +dsp_mmap_single(struct cdev *cdev, vm_ooffset_t *offset, vm_size_t size, struct vm_object **object, int nprot) { + struct dsp_mmap_handle *handle; struct dsp_cdevpriv *priv; struct snddev_info *d; struct pcm_channel *wrch, *rdch, *c; @@ -1979,13 +2035,18 @@ dsp_mmap_single(struct cdev *i_dev, vm_ooffset_t *offset, *offset = (uintptr_t)sndbuf_getbufofs(c->bufsoft, *offset); dsp_unlock_chans(priv, FREAD | FWRITE); - *object = vm_pager_allocate(OBJT_DEVICE, i_dev, - size, nprot, *offset, curthread->td_ucred); + handle = malloc(sizeof(*handle), M_DEVBUF, M_WAITOK); + handle->cdev = cdev; + handle->buf = c->bufsoft; + *object = cdev_pager_allocate(handle, OBJT_DEVICE, &dsp_dev_pager_ops, + size, nprot, *offset, curthread->td_ucred); PCM_GIANT_LEAVE(d); + if (*object == NULL) { + free(handle, M_DEVBUF); + return (EINVAL); + } - if (*object == NULL) - return (EINVAL); return (0); } diff --git a/tests/sys/sound/mmap.c b/tests/sys/sound/mmap.c index 53594b7cc962..b44b16e7f312 100644 --- a/tests/sys/sound/mmap.c +++ b/tests/sys/sound/mmap.c @@ -4,12 +4,14 @@ * Copyright (c) 2026 The FreeBSD Foundation */ +#include #include #include #include #include #include +#include #include #define FMT_ERR(s) s ": %s", strerror(errno) @@ -43,9 +45,67 @@ ATF_TC_BODY(mmap_offset_overflow, tc) close(fd); } +/* + * Verify that a MAP_SHARED mapping of a DSP device's software buffer remains + * valid after the file descriptor is closed. + */ +ATF_TC(mmap_buffer_lifetime); +ATF_TC_HEAD(mmap_buffer_lifetime, tc) +{ + atf_tc_set_md_var(tc, "descr", "mmap data survives close()"); + atf_tc_set_md_var(tc, "require.kmods", "snd_dummy"); +} +ATF_TC_BODY(mmap_buffer_lifetime, tc) +{ + audio_buf_info abi; + uint8_t *buf; + size_t len; + int fd, arg; + + fd = open("/dev/dsp.dummy", O_RDWR); + ATF_REQUIRE_MSG(fd >= 0, FMT_ERR("open")); + + arg = (2 << 16) | 14; /* 2*16KB */ + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_SETFRAGMENT, &arg) == 0, + FMT_ERR("SNDCTL_DSP_SETFRAGMENT")); + ATF_REQUIRE_MSG(ioctl(fd, SNDCTL_DSP_GETOSPACE, &abi) == 0, + FMT_ERR("SNDCTL_DSP_GETOSPACE")); + + len = abi.bytes; + ATF_REQUIRE_MSG(len >= PAGE_SIZE, "buffer too small: %zu", len); + + buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + ATF_REQUIRE_MSG(buf != MAP_FAILED, FMT_ERR("mmap")); + + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0, + "mmap data corrupted at offset %zu: want 0 got 0x%02x", + i, buf[i]); + } + + memset(buf, 0xa5, len); + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0xa5, + "mmap data corrupted at offset %zu: want 0xa5 got 0x%02x", + i, buf[i]); + } + + ATF_REQUIRE(close(fd) == 0); + + /* Closing the device causes the buffer to be reset. */ + for (size_t i = 0; i < len; i++) { + ATF_REQUIRE_MSG(buf[i] == 0 || buf[i] == 0xa5, + "mmap data corrupted at offset %zu: got 0x%02x", i, buf[i]); + } + memset(buf, 0xa5, len); + + ATF_REQUIRE(munmap(buf, len) == 0); +} + ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, mmap_offset_overflow); + ATF_TP_ADD_TC(tp, mmap_buffer_lifetime); return (atf_no_error()); } From nobody Tue Jun 9 19:20:10 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyy71Cmz6gVXm for ; Tue, 09 Jun 2026 19:20:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyy46Pdz3R0g for ; Tue, 09 Jun 2026 19:20:10 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032810; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tvsRWg3t3HEdPvcELconrVNpOoNRmpZy11R6zCti5/E=; b=w1c0BqkcDnq1D+8+bxg48oAc7r8cXxVqtGAl6EV77bwhL/JdgttI+tgUxysD4JVYQn2lKZ jbctpoVpVcLVbnDiLUFT72bXdFFFObS0NXR2gwvLMlqf924I/VyWiLhNKxAfYys4cu9iWx lD0+xXHDPqN2rzXJnqSseJovUTCxyn6GkPH/VxeFSz+SBEdxC8D0xNt/B4M+DCaeR77oqd bCMgGubbtuR2fWEciD1XUwIQay0PA2ZcycGrzwmciYIi6Ven7OxrS7C/0OPj4AifARs5Mq 03ysy9sCmU/u1+ul4dY8G1jHkaE2WI7OGZVgT3lHHfAikn5Mf64+8WCy4zhWzQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032810; a=rsa-sha256; cv=none; b=Fzf7NHM/5B2mkQ2nD5mGx0XjnlDwAyKbxba+kcq4xyLYch8jEhYmQN230vmAxKyLAbMJVc 8R9fuh581Gg4VGRoqyfdUEZADQYOxXn7JhBYZpnxAOlmNV84lFsydq6DG4dQPax3APQb07 KPqPd1hM5zIt+9ONbqk9nZ1NbhtAcnnyGZFarUFc1B9CaTGvC+ImV2T796qSfof8ejZiLz pjBKnqHFDpIovR2q1TMJ6CbeuP1P5vV3u08pfuIr2xVwX7kHFiZIo6bnrFZ5kmsHLAtWXE wqIXO1stg326hyp8DzU5SOnlrOwhug1FsboeS5jHLdJetSwZx3nZOdyyqmcACw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032810; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tvsRWg3t3HEdPvcELconrVNpOoNRmpZy11R6zCti5/E=; b=S9Fprw5da0Dmg6QMfjzYapmph95ODSm6pv8kYptlp4d/cQu5tAWx1kVgQpLglTKl41esj6 9p7UYvFoz0idC/1h6kX7RmnLZe7o4B1tGiwuI/Us+Vq5mpDXdsJl7L5Cl8MidVw4KDsfu3 mzlzzS9zYT8a2pJUwKouGSxmMTD8URT3e3U8esW55fB+Atd7yx82EFfvdFJ/tx1rrQuJie cUekui/SyJnOtN2Qbu9FoL+lwPn//TdkW32zMn5pas52KKk+POfxKC7HAz4qxxRSNe0lYe APogPVYb5GVRwjXTMlbqigtrBZYFCHannSywpEpyqABxim1z1pA/IMaaNUaCvQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyy3hzvznwQ for ; Tue, 09 Jun 2026 19:20:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3f52e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:10 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 3d80e4aec3c1 - releng/15.1 - in6_mcast: Fix a race in in6p_set_source_filter() List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: 3d80e4aec3c1656faace076ae2b1b9d97e4c0e89 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:10 +0000 Message-Id: <6a28676a.3f52e.607b0132@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=3d80e4aec3c1656faace076ae2b1b9d97e4c0e89 commit 3d80e4aec3c1656faace076ae2b1b9d97e4c0e89 Author: Mark Johnston AuthorDate: 2026-05-29 20:12:24 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 02:59:48 +0000 in6_mcast: Fix a race in in6p_set_source_filter() We drop the inpcb lock in order to copy in the source list, but this leaves a window where the multicast filter structure might be freed. This can be exploited to obtain root privileges. In the v4 code this race is mitigated by holding the global multicast lock across the gap. Restructure the code to copy in filters before doing anything else, so that there's no need to drop the inpcb lock and reason about the correctness of doing so. Do the same in the v4 code for consistency. Approved by: re (cperciva) Approved by: so Security: FreeBSD-SA-26:29.ip6_multicast Security: CVE-2026-49412 Reported by: Andrew Griffiths Reported by: Maik Münch Reviewed by: glebius Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57347 --- sys/netinet/in_mcast.c | 40 +++++++++++++++++----------------------- sys/netinet6/in6_mcast.c | 41 +++++++++++++++++++---------------------- 2 files changed, 36 insertions(+), 45 deletions(-) diff --git a/sys/netinet/in_mcast.c b/sys/netinet/in_mcast.c index 08c536bc71c0..502d41bbbf39 100644 --- a/sys/netinet/in_mcast.c +++ b/sys/netinet/in_mcast.c @@ -2524,6 +2524,7 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct epoch_tracker et; struct __msfilterreq msfr; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in_mfilter *imf; @@ -2536,9 +2537,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) - return (ENOBUFS); - if ((msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE)) return (EINVAL); @@ -2551,13 +2549,24 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr))) return (EINVAL); + if (msfr.msfr_nsrcs > in_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_inp_unlocked; + gsa->sin.sin_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); /* XXXGL: unsafe ifp */ - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_inp_unlocked; + } IN_MULTI_LOCK(); @@ -2589,25 +2598,9 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in_msource *lims; struct sockaddr_in *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_IGMPV3, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - IN_MULTI_UNLOCK(); - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as imf_leave() @@ -2642,7 +2635,6 @@ inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->imsl_st[1] = imf->imf_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2679,6 +2671,8 @@ out_imf_rollback: out_inp_locked: INP_WUNLOCK(inp); IN_MULTI_UNLOCK(); +out_inp_unlocked: + free(kss, M_TEMP); return (error); } diff --git a/sys/netinet6/in6_mcast.c b/sys/netinet6/in6_mcast.c index a6186568ecb2..4ec9f36cd9ac 100644 --- a/sys/netinet6/in6_mcast.c +++ b/sys/netinet6/in6_mcast.c @@ -2489,6 +2489,7 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { struct __msfilterreq msfr; struct epoch_tracker et; + struct sockaddr_storage *kss; sockunion_t *gsa; struct ifnet *ifp; struct in6_mfilter *imf; @@ -2501,9 +2502,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (error) return (error); - if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) - return (ENOBUFS); - if (msfr.msfr_fmode != MCAST_EXCLUDE && msfr.msfr_fmode != MCAST_INCLUDE) return (EINVAL); @@ -2516,19 +2514,31 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (!IN6_IS_ADDR_MULTICAST(&gsa->sin6.sin6_addr)) return (EINVAL); + if (msfr.msfr_nsrcs > in6_mcast_maxsocksrc) + return (ENOBUFS); + kss = mallocarray(msfr.msfr_nsrcs, sizeof(struct sockaddr_storage), + M_TEMP, M_WAITOK); + error = copyin(msfr.msfr_srcs, kss, + sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); + if (error) + goto out_in6p_unlocked; + gsa->sin6.sin6_port = 0; /* ignore port */ NET_EPOCH_ENTER(et); ifp = ifnet_byindex(msfr.msfr_ifindex); NET_EPOCH_EXIT(et); - if (ifp == NULL) - return (EADDRNOTAVAIL); + if (ifp == NULL) { + error = EADDRNOTAVAIL; + goto out_in6p_unlocked; + } (void)in6_setscope(&gsa->sin6.sin6_addr, ifp, NULL); /* * Take the INP write lock. * Check if this socket is a member of this group. */ + IN6_MULTI_LOCK(); imo = in6p_findmoptions(inp); imf = im6o_match_group(imo, ifp, &gsa->sa); if (imf == NULL) { @@ -2553,24 +2563,9 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) if (msfr.msfr_nsrcs > 0) { struct in6_msource *lims; struct sockaddr_in6 *psin; - struct sockaddr_storage *kss, *pkss; + struct sockaddr_storage *pkss; int i; - INP_WUNLOCK(inp); - - CTR2(KTR_MLD, "%s: loading %lu source list entries", - __func__, (unsigned long)msfr.msfr_nsrcs); - kss = malloc(sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs, - M_TEMP, M_WAITOK); - error = copyin(msfr.msfr_srcs, kss, - sizeof(struct sockaddr_storage) * msfr.msfr_nsrcs); - if (error) { - free(kss, M_TEMP); - return (error); - } - - INP_WLOCK(inp); - /* * Mark all source filters as UNDEFINED at t1. * Restore new group filter mode, as im6f_leave() @@ -2615,7 +2610,6 @@ in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) break; lims->im6sl_st[1] = imf->im6f_st[1]; } - free(kss, M_TEMP); } if (error) @@ -2650,6 +2644,9 @@ out_im6f_rollback: out_in6p_locked: INP_WUNLOCK(inp); + IN6_MULTI_UNLOCK(); +out_in6p_unlocked: + free(kss, M_TEMP); return (error); } From nobody Tue Jun 9 19:20:11 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyz731nz6gVjC for ; Tue, 09 Jun 2026 19:20:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyz4qzwz3QxP for ; Tue, 09 Jun 2026 19:20:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032811; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xMaMPIFG/doTxT3pm07XzmYVtaB83fJMc//s7YX6wF0=; b=bXdf5Xx6qwWLszzWoEQCRjis1J285xr4AAIm9BvT3ZOoj+belgUl/zAc80jdAdTmg7cd+g C7aBRrv6mBrS3Ex1/L03UGVnfgGUYB6quhhD3uItSRkGWhNzWloWAkdkD7CU+V4qd6Hn88 hiJf6VGY+XG4/QzLeHdwlJzMbVkEafUDJf28fGLcj/qlC2CouYZBoRaJ/SvPOuluU8jrgd 3Grtehz7Qs9ctheIWvkFS0jZteTRw9lOyi5wiIffbzVTggmsl+2f1vlO11RLiNoCer5dPk ri3FZwkK7MMswmed3oxEb03KdmlElRjGkAssdn42TpS3Rv/92vqYnsHVePZvTg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032811; a=rsa-sha256; cv=none; b=bV4TqkgPGhuZFyhBXEdxSv03ftdqyYzo1FOeTdrBus9udDZLg4/p+YSlBxg1nk4cict41E 1UkTqwg8Yi56N17yoKBWwdfPZYSRwJS12QOVhjXAKO5og2d18IOVFX2vll7Es+tq1Fqzr+ vgdWxya30nK9gURonSYwNZW3/AbXbIh3essMoT1bAOqAfjWRtfRiXMYKI++lMdieyljKPk vsoTDbanQAr/NEt0DPVznIY6uAE1psBlMnVbsH290Er7ZPVEDmxCPbOzYaoiyVtynzVaOp QRCn61JFdgfSvS1nkIdRV2cBvhMkgl02vnXrvSkZPy/cmi03+s62sDmUHrnfFQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032811; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xMaMPIFG/doTxT3pm07XzmYVtaB83fJMc//s7YX6wF0=; b=GGgNEXTzuSOmmXF/RZWxA+MvDBPkWa9wqJ2+fEXvhCyM/iUMfwI01SQlZJV0Q5L+lPNG7g rWEKbmr75ieEWFM54mn5mYBse8YQsrW5Zlvk9ySh9qdfnTx86Bm9uInC2q0O6qzPB41+tG 81JjzNRtOt5tVQTXFm4YBVfLNJ5N4GvWamNRb+z7wiyy5g4CTa/2HBSwCaPOplKUesVlUK jFz9AvciKvEQoS05rrxExj0hvW/33wNO0kIfqrf6zhNlC8FDZK1AILO9Cfe8YBwk3i32wt lugtJlSvfyLkPlez8W4dI0RFNA5YTxU4yjQMOL+Mq+tXX8bcoIUagBgE289ENw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyz43NHzp43 for ; Tue, 09 Jun 2026 19:20:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3f78c by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:11 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: a4d36c975be0 - releng/15.1 - linux: Correct the issetugid check in copyout_auxargs List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: a4d36c975be0c066979471e5f8a6c729757ad0b0 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:11 +0000 Message-Id: <6a28676b.3f78c.5b52babe@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=a4d36c975be0c066979471e5f8a6c729757ad0b0 commit a4d36c975be0c066979471e5f8a6c729757ad0b0 Author: Mark Johnston AuthorDate: 2026-05-29 21:41:35 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 02:59:54 +0000 linux: Correct the issetugid check in copyout_auxargs The runtime linker in glibc relies on the AT_SECURE auxv entry to know whether the executable is set-ugid, if so then various dangerous functionality such as LD_PRELOAD is disabled. The check added in commit 669414e4fb74 failed to take into account the fact that during execve, P_SUGID may not yet be set for a set-ugid process. Correct the test. Approved by: re (cperciva) Approved by: so Security: FreeBSD-SA-26:30.linux Security: CVE-2026-49413 Reported by: Minseong Kim Fixes: 669414e4fb74 ("Implement AT_SECURE properly.") Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57350 --- sys/compat/linux/linux_elf.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/sys/compat/linux/linux_elf.c b/sys/compat/linux/linux_elf.c index c9eb6aea8373..6c9f785c97e7 100644 --- a/sys/compat/linux/linux_elf.c +++ b/sys/compat/linux/linux_elf.c @@ -492,11 +492,9 @@ __linuxN(copyout_auxargs)(struct image_params *imgp, uintptr_t base) struct thread *td = curthread; Elf_Auxargs *args; Elf_Auxinfo *aarray, *pos; - struct proc *p; int error, issetugid; - p = imgp->proc; - issetugid = p->p_flag & P_SUGID ? 1 : 0; + issetugid = imgp->credential_setid ? 1 : 0; args = imgp->auxargs; aarray = pos = malloc(LINUX_AT_COUNT * sizeof(*pos), M_TEMP, M_WAITOK | M_ZERO); From nobody Tue Jun 9 19:20:09 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyy0WgGz6gVXk for ; Tue, 09 Jun 2026 19:20:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdyx3pVzz3R5G for ; Tue, 09 Jun 2026 19:20:09 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032809; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=AKEdBhxi2x0Q3aNYv0jn4TxTq3TIoea+Q0Fb4RzkDaQ=; b=mOVqoQardHVK7Yp9ySwaED0qOuZnLc2NntEJg6Wtkkf3GxiD5+5EPHZv5ozVxL0vzviAqk LfdCOGgDsCLxA2unxNuUmTqmMUgig3/46rAQVLejYOg3V/3WwWYiRQ9CoDxZiG3LOeK8Ab y8YFdGn91aJS9eQ0eAOB2x2iIyoSP9LvyGsFdODT3Kbr4PaSfKSPUTTk6uAwKoDS1kCPCv ks6UYRRRQXmrXaJ3iY8HJdMP0M0s+f6Zm6fdN/5u7g2fSEVcLhlHhcwvuVbtRHPRF1ocU3 Xfi7OxU3Sjr5XourOgekp4d5DUv6EMI4fNUXtV4SSmjNKPseSioVaoe/1wKtKg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032809; a=rsa-sha256; cv=none; b=s+S4n2AHxCwRzjwAP2O+Kmwt/CHEvJPVR9xhRHMv/MoJqD3NYuUqGEaUIYNB/woS0CUjQV FhX2zPC9lNBmIXYJoH0dk+GYnrzUaYYccfzBHIcXHQFKR7afGwVOYMOt69y9crWc2SSvox XwUSFmzVO6KWwaBfgvg5KkE6aZoZI+iwV6+EKwHhw5HWlb0+NaVnGzJZpAVsoFS3/dEfcv DuSy59bIlOWtPaeQamvNXcrFJPIwyGXQgJ11pV/m6oqkEx6Ms+hlO4W9Bh7eHT5E2+mf4g uOduY7ED4G/AHWOLkCuHTutvojeg7F3IY+zrMavN/7LKSD9oQLmjikat3hbSHg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032809; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=AKEdBhxi2x0Q3aNYv0jn4TxTq3TIoea+Q0Fb4RzkDaQ=; b=FA1JlioU9Ax0oroWAhV9SVeqOiJMcqfKGFSADNW+EHK9kS1SDCAr7JI828QO6x3ddQ06Yn cb4XOnoNvus13F3I/tOD67KX1015wij2x3YpN0fL1EQWAfUDMIGU/Sdqd1dFbXDLUdHFNn P1TJTwRgxEB8Iy970oFaWNibE+vMMgH4+rG04J/lECmHlsHFLsoRtiT3/8RojE3+6NFzQr 8jC6+Bq2FMOCsJG+pW71asnLpB3pthxXRCdZ+o9M8cL0LrWkzo/lISTx4AZgNQdYdNqpiE /vDNePskY3Scg6nK7ydqVMu0RWP7LhN1PZ1gQFW3xKMNkm+NdYnXkIBBq2ArQw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdyx3M0YznyG for ; Tue, 09 Jun 2026 19:20:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3eb4f by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:09 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Ed Maste From: Mark Johnston Subject: git: 871d33e8a66a - releng/15.1 - sigqueue: In capability mode, only allow signalling self List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: 871d33e8a66aec34cf680c016c86a2988e9894ae Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:09 +0000 Message-Id: <6a286769.3eb4f.555eba32@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=871d33e8a66aec34cf680c016c86a2988e9894ae commit 871d33e8a66aec34cf680c016c86a2988e9894ae Author: Ed Maste AuthorDate: 2026-05-26 13:24:36 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 02:59:42 +0000 sigqueue: In capability mode, only allow signalling self This is copied from the check in kern_kill. Approved by: re (cperciva) Approved by: so Security: FreeBSD-SA-26:28.capsicum Security: CVE-2026-45259 Reviewed by: markj, oshogbo Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57244 (cherry picked from commit b9d16b7fd2fa6bc4b3e8364804cbdc1b76ebe8a5) (cherry picked from commit defd9b86ef995ce70363eae9b323d616bda865be) --- sys/kern/kern_sig.c | 10 ++++++++++ tests/sys/capsicum/capmode.cc | 12 +++++++++--- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 9be7c82ee98b..e48997ed966a 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -2038,6 +2038,16 @@ kern_sigqueue(struct thread *td, pid_t pid, int signumf, union sigval *value) if (pid <= 0) return (EINVAL); + /* + * A process in capability mode can send signals only to itself. + */ + if (pid != td->td_proc->p_pid) { + if (CAP_TRACING(td)) + ktrcapfail(CAPFAIL_SIGNAL, &signum); + if (IN_CAPABILITY_MODE(td)) + return (ECAPMODE); + } + if ((signumf & __SIGQUEUE_TID) == 0) { if ((p = pfind_any(pid)) == NULL) return (ESRCH); diff --git a/tests/sys/capsicum/capmode.cc b/tests/sys/capsicum/capmode.cc index 5ff025290211..d2eb1e8633a8 100644 --- a/tests/sys/capsicum/capmode.cc +++ b/tests/sys/capsicum/capmode.cc @@ -746,8 +746,8 @@ FORK_TEST(Capmode, NewThread) { close(thread_pipe[1]); } -static volatile sig_atomic_t had_signal = 0; -static void handle_signal(int) { had_signal = 1; } +static volatile sig_atomic_t signal_cnt = 0; +static void handle_signal(int) { signal_cnt++; } FORK_TEST(Capmode, SelfKill) { pid_t me = getpid(); @@ -765,7 +765,13 @@ FORK_TEST(Capmode, SelfKill) { // Can only kill(2) to own pid. EXPECT_CAPMODE(kill(child, SIGUSR1)); EXPECT_OK(kill(me, SIGUSR1)); - EXPECT_EQ(1, had_signal); + EXPECT_EQ(1, signal_cnt); + + union sigval sv; + sv.sival_int = 0x1234; + EXPECT_CAPMODE(sigqueue(child, SIGUSR1, sv)); + EXPECT_OK(sigqueue(me, SIGUSR1, sv)); + EXPECT_EQ(2, signal_cnt); signal(SIGUSR1, original); } From nobody Tue Jun 9 19:20:13 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdz2194Kz6gVbX for ; Tue, 09 Jun 2026 19:20:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdz15ZPxz3R5v for ; Tue, 09 Jun 2026 19:20:13 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032813; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jYRXdKXwB54N+yxwFC1dcjNrVfvwKqwlGsVI8Ak98rs=; b=UP+aU2N5uV2BsQDiOnmWf/qFtL2SwzJeOwCgY3mUI6t1scuaSBnZzmMFrt0v2v5RHfIjsz 8zasc2uUbaYgFR7pu/qdRSxmPzdj04x/Wp72x+AcRT8sGY5ZF0SoEP9Tc7d6k7NK3BY/C7 CxJM68EMsQJg8Y3j3lmxWdeDdi3JX6mgU3xoZGTybTjOguj6lhqCFiVBc22+JO/7Yd2u8X bomGvKVc1GVcNB5CMNF8PrMV/pb2OSew0kAnUmtU/tMI8n7xe04O2Prj779wB6mHEk6lG7 HE5wRRt9GLzOjFLto7OO7w0baNomqCcCvKpPmkrcKryVT6JBF6b0rAE0vWgqQg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032813; a=rsa-sha256; cv=none; b=b73217G+jbh1L0GdmiyrXpgLC5GTIp2F/ymAbL5zp/dY7GMaqfUIGEQqVwwkrm+Zkr6eLV disQydUZWbcXrl6+crRkcRzZ+SWtsfR2C42CrqAAXEWY+WPXFAf4hcLAlz4n7XIdVUprET DjhGQa2SDQZSf0Q96sZVHtypYIMf7UxRClkoPcodOn1EFOTTVjt7ZdU0htqtquEOUQAgi9 DNU/gp4oaoth///V2O97kq7O1bemYeJXQNm48l4t0xkL1gkN1E/EYv2iPW3tYXPLMGrMiM aIzkvyNWRXN6ZnVaKPjEJUh63+vGTZtcFfUhawSOATyj4TSGR8pY0/vlF6ySHg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032813; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jYRXdKXwB54N+yxwFC1dcjNrVfvwKqwlGsVI8Ak98rs=; b=WNFt5doe4qqgko8gkqqoQAZcQauyqqEt5TALvN1Wic+cgVT+yp1Envji+/q7CWSjMKjPnM +6UJQFGom2t+LZKbusKZpbPQASQrKScfVX+hjYicrB7UOX9zKVUGrxefn/U31bZDP/0Iv+ u/rVY1BgIuHtSCeRA+zntZ+C/oMyR8DRFKJ4ucNXhxmgVEwN0/hcKIx+6cHV23Hw18SBMG zyMlVekSeTf9wPheIwy6dsWO48vc5Nft7/vNNcsk4wXHx6hJdDPT0BfgDMzU/KxSZN+Nuy WeHTSmTRxUPvtyE272O8KyJVT78fyYefbjhNcmcPDS0Um/cf0XWpMKrToMOWlw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdz14ssNzp1n for ; Tue, 09 Jun 2026 19:20:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e3e7 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:13 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 796579bcfbc4 - releng/15.1 - imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: 796579bcfbc4451c618a973c52dada15b3f9928b Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:13 +0000 Message-Id: <6a28676d.3e3e7.57e4c96a@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=796579bcfbc4451c618a973c52dada15b3f9928b commit 796579bcfbc4451c618a973c52dada15b3f9928b Author: Mark Johnston AuthorDate: 2026-06-02 20:29:00 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 03:00:09 +0000 imgact_elf: Clear no-ASLR and -WXORX flags earlier for setugid images Otherwise an unprivileged user can disable randomization of the base address for PIEs even if they are setugid. Add a regression test. Approved by: re (cperciva) Approved by: so Security: FreeBSD-SA-26:32.elf Security: CVE-2026-49414 Reported by: David Berard Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57397 --- sys/kern/imgact_elf.c | 55 ++++++++--------- tests/sys/kern/Makefile | 2 + tests/sys/kern/aslr.c | 157 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 187 insertions(+), 27 deletions(-) diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c index c91fd8089487..27b7b0da824e 100644 --- a/sys/kern/imgact_elf.c +++ b/sys/kern/imgact_elf.c @@ -1241,11 +1241,39 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) error = ENOEXEC; goto ret; } + + /* + * Avoid a possible deadlock if the current address space is destroyed + * and that address space maps the locked vnode. In the common case, + * the locked vnode's v_usecount is decremented but remains greater + * than zero. Consequently, the vnode lock is not needed by vrele(). + * However, in cases where the vnode lock is external, such as nullfs, + * v_usecount may become zero. + * + * The VV_TEXT flag prevents modifications to the executable while + * the vnode is unlocked. + */ + VOP_UNLOCK(imgp->vp); + + /* + * Decide whether to enable randomization of user mappings. First, + * reset user preferences for the setid binaries. Then, account for the + * support of randomization by the ABI, by user preferences, and make + * special treatment for PIE binaries. + */ + if (imgp->credential_setid) { + PROC_LOCK(imgp->proc); + imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | + P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); + PROC_UNLOCK(imgp->proc); + } + sv = brand_info->sysvec; if (hdr->e_type == ET_DYN) { if ((brand_info->flags & BI_CAN_EXEC_DYN) == 0) { uprintf("Cannot execute shared object\n"); error = ENOEXEC; + (void)vn_lock(imgp->vp, LK_SHARED | LK_RETRY); goto ret; } /* @@ -1264,33 +1292,6 @@ __CONCAT(exec_, __elfN(imgact))(struct image_params *imgp) imgp->et_dyn_addr = __elfN(pie_base); } } - - /* - * Avoid a possible deadlock if the current address space is destroyed - * and that address space maps the locked vnode. In the common case, - * the locked vnode's v_usecount is decremented but remains greater - * than zero. Consequently, the vnode lock is not needed by vrele(). - * However, in cases where the vnode lock is external, such as nullfs, - * v_usecount may become zero. - * - * The VV_TEXT flag prevents modifications to the executable while - * the vnode is unlocked. - */ - VOP_UNLOCK(imgp->vp); - - /* - * Decide whether to enable randomization of user mappings. - * First, reset user preferences for the setid binaries. - * Then, account for the support of the randomization by the - * ABI, by user preferences, and make special treatment for - * PIE binaries. - */ - if (imgp->credential_setid) { - PROC_LOCK(imgp->proc); - imgp->proc->p_flag2 &= ~(P2_ASLR_ENABLE | P2_ASLR_DISABLE | - P2_WXORX_DISABLE | P2_WXORX_ENABLE_EXEC); - PROC_UNLOCK(imgp->proc); - } if ((sv->sv_flags & SV_ASLR) == 0 || (imgp->proc->p_flag2 & P2_ASLR_DISABLE) != 0 || (fctl0 & NT_FREEBSD_FCTL_ASLR_DISABLE) != 0) { diff --git a/tests/sys/kern/Makefile b/tests/sys/kern/Makefile index a704581ee449..599ccc6519e6 100644 --- a/tests/sys/kern/Makefile +++ b/tests/sys/kern/Makefile @@ -7,6 +7,7 @@ TESTSRC= ${SRCTOP}/contrib/netbsd-tests/kernel TESTSDIR= ${TESTSBASE}/sys/kern +ATF_TESTS_C+= aslr ATF_TESTS_C+= basic_signal ATF_TESTS_C+= copy_file_range .if ${MACHINE_ARCH} != "i386" && ${MACHINE_ARCH} != "powerpc" && \ @@ -88,6 +89,7 @@ PROGS+= coredump_phnum_helper PROGS+= pdeathsig_helper PROGS+= sendfile_helper +LIBADD.aslr+= util LIBADD.copy_file_range+= md LIBADD.jail_lookup_root+= jail util LIBADD.jaildesc+= pthread diff --git a/tests/sys/kern/aslr.c b/tests/sys/kern/aslr.c new file mode 100644 index 000000000000..13038054603c --- /dev/null +++ b/tests/sys/kern/aslr.c @@ -0,0 +1,157 @@ +/* + * Copyright (c) 2026 The FreeBSD Foundation + * + * This software was developed by Mark Johnston under sponsorship from the + * FreeBSD Foundation. + */ + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include + +/* + * Spawn an unprivileged child with ASLR force-disabled, which then execs + * /sbin/ping (setuid root). + */ +static pid_t +spawn_ping(const atf_tc_t *tc) +{ + const char *user; + struct passwd *passwd; + pid_t child; + int arg, error; + + user = atf_tc_get_config_var(tc, "unprivileged_user"); + passwd = getpwnam(user); + ATF_REQUIRE(passwd != NULL); + + child = fork(); + ATF_REQUIRE(child >= 0); + if (child == 0) { + if (seteuid(passwd->pw_uid) != 0) + _exit(1); + + arg = PROC_ASLR_FORCE_DISABLE; + error = procctl(P_PID, getpid(), PROC_ASLR_CTL, &arg); + if (error != 0) + _exit(2); + + execl("/sbin/ping", "ping", "127.0.0.1", NULL); + _exit(127); + } + usleep(500000); /* XXX-MJ */ + + return (child); +} + +/* + * Return the base address of the first mapping backed by the specified + * executable in the given process, or 0 if not found. + */ +static uint64_t +text_base(pid_t pid, const char *path) +{ + struct kinfo_vmentry *vmmap; + uint64_t base; + int cnt; + + base = 0; + vmmap = kinfo_getvmmap(pid, &cnt); + if (vmmap == NULL) + return (0); + for (int i = 0; i < cnt; i++) { + if (vmmap[i].kve_type == KVME_TYPE_VNODE && + strcmp(vmmap[i].kve_path, path) == 0) { + base = vmmap[i].kve_start; + break; + } + } + free(vmmap); + return (base); +} + +/* + * Make sure that ASLR can't be disabled for a setuid executable by an + * unprivileged user. + */ +ATF_TC(aslr_setuid); +ATF_TC_HEAD(aslr_setuid, tc) +{ + atf_tc_set_md_var(tc, "require.user", "root"); + atf_tc_set_md_var(tc, "require.config", "unprivileged_user"); +} +ATF_TC_BODY(aslr_setuid, tc) +{ + struct stat sb; + uint64_t bases[5]; + pid_t child, pid; + int arg, error, st; + + if (!atf_tc_has_config_var(tc, "unprivileged_user")) + atf_tc_skip("unprivileged_user not set"); + + error = stat("/sbin/ping", &sb); + ATF_REQUIRE(error == 0); + ATF_REQUIRE_MSG(sb.st_uid == 0 && (sb.st_mode & S_ISUID) != 0, + "/sbin/ping is not setuid root"); + + child = spawn_ping(tc); + bases[0] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[0] != 0, + "failed to find /sbin/ping text segment"); + + arg = 0; + error = procctl(P_PID, child, PROC_ASLR_STATUS, &arg); + ATF_REQUIRE_MSG(error == 0, "procctl ASLR_STATUS failed: %s", + strerror(errno)); + ATF_REQUIRE_MSG((arg & PROC_ASLR_ACTIVE) != 0, + "ASLR is not active for setuid child"); + ATF_REQUIRE_MSG((arg & ~PROC_ASLR_ACTIVE) == PROC_ASLR_NOFORCE, + "expected NOFORCE for setuid child, got %d", + arg & ~PROC_ASLR_ACTIVE); + + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + + for (size_t i = 1; i < nitems(bases); i++) { + child = spawn_ping(tc); + bases[i] = text_base(child, "/sbin/ping"); + ATF_REQUIRE_MSG(bases[i] != 0, + "failed to find /sbin/ping text segment"); + error = kill(child, SIGTERM); + ATF_REQUIRE(error == 0); + pid = waitpid(child, &st, 0); + ATF_REQUIRE(pid == child); + ATF_REQUIRE(WIFSIGNALED(st) && WTERMSIG(st) == SIGTERM); + } + + /* Verify that the text base is different across all runs. */ + for (size_t i = 0; i < nitems(bases); i++) { + for (size_t j = i + 1; j < nitems(bases); j++) { + ATF_REQUIRE_MSG(bases[i] != bases[j], + "ping text base collision 0x%jx", + (uintmax_t)bases[i]); + } + } +} + +ATF_TP_ADD_TCS(tp) +{ + ATF_TP_ADD_TC(tp, aslr_setuid); + + return (atf_no_error()); +} From nobody Tue Jun 9 19:20:12 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdz12PpPz6gVjS for ; Tue, 09 Jun 2026 19:20:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdz05D36z3Qxb for ; Tue, 09 Jun 2026 19:20:12 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032812; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oQDiwBZQ2loEoJJtm8/Kvnt+7vrP8yI1S/TUhNZwRnk=; b=txnF9Gy3kpVa5jl5oscqIsiWi7YGunnR4RVFzsEJQ3aKE7Vi8YQ0fUjVbV2+nT/jCbXEXd 00osuhP5f3QkOjkPABbKZUyst2kyVYJrUzLtxSc6mqKSr/MzIHb4JmbzWW0FdQA7FaJBrk 47UZqBJP/vvqLfrUhYQ6q5bRS9kYZS0Csg8GnC8fHFEH39x4VSmsHzaNbtPIQNdvSel3QU CbtvPNP9LFzxU63SQphqxpmgf4z1Z1Cx5dj2kyo1ZE9mLuhbOixs0uYlNdcf1/uXA+2mCM Cfgd3l2+ULc/Ovdo9ElUc3Ap7j7ZpYweNuPAzSHGGYP/+vDwKL23y6YbQDVcyA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032812; a=rsa-sha256; cv=none; b=e3pvS/AOYf/Jk97ZR6jyu2Am13+uqqVa4DUQQqgSabg8mWBZD3uDwJyrt1l8v6nueHWgJj +P2MkqY0Da6fOtihZ2GeDeqF6iIZ4D0GQW19IK5VzDy1r0RMSr2Xf/I9N2hq/9/Z3ywV5E yeQC5lPi8ys20nWPg+d0weE3OV5xxN8TNwitBcIl07okbtsA79mJqrOmz4EdymJrcB7RTi uKPzeVMu5ct8vkX1JqRqLaYuWtECLtYlZypTplbmhWw7WbrG/msVhdML4ZJsk3E6QaEoPd 0J7321NZbUJ2kHfhTPRKOQ53D9u7VVt9tuhU/rhT/Ly5ZgMOHjQQLnJjAZSohw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032812; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oQDiwBZQ2loEoJJtm8/Kvnt+7vrP8yI1S/TUhNZwRnk=; b=PwS24o6pgCtvtI8yPMtlIYt61dStwo47iKjGvJfD2oMo9vKa/U5cAuNoxtW3j9gWNvdhCU pH9B4Ayl14kNBlriAvb89mvDUPcjsoWIsU/Kvpo1uGo0f7/3ZB08nBA1XLZn/ItNEPkd5v qw7u9W54mSoJp9vkBmCRabXhj24MXTNYJA9VAUDuwN7VHVo7LOJGo1oUeYn+uDD4nM5BAe 8BVCT3NTslG9pblQteUJYvxSngS5XriL3/67vRz6/Ogdz04f6vIZenf4g7ST7zYxgNrCBP Ibf16cQ2H6YdNAAD9yb+c20snhLFQ6DIsrW8IfKIbt6SLPrPoOWfMDfmU4Ge6A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdz04QLkznGJ for ; Tue, 09 Jun 2026 19:20:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e4c2 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:12 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Andrew Turner From: Mark Johnston Subject: git: 81435fc0882c - releng/15.1 - arm64: Workaround the following errata List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: 81435fc0882c8c336f00d346bae04fdd3d5f65b5 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:12 +0000 Message-Id: <6a28676c.3e4c2.3bc8334@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=81435fc0882c8c336f00d346bae04fdd3d5f65b5 commit 81435fc0882c8c336f00d346bae04fdd3d5f65b5 Author: Andrew Turner AuthorDate: 2026-05-28 09:25:30 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 03:00:02 +0000 arm64: Workaround the following errata - ARM C1-Premium erratum 4193780 - ARM C1-Ultra erratum 4193780 - ARM Cortex-A76 erratum 4193800 - ARM Cortex-A76AE erratum 4193801 - ARM Cortex-A77 erratum 4193798 - ARM Cortex-A78 erratum 4193791 - ARM Cortex-A78AE erratum 4193793 - ARM Cortex-A78C erratum 4193794 - ARM Cortex-A710 erratum 4193788 - ARM Cortex-X1 erratum 4193791 - ARM Cortex-X1C erratum 4193792 - ARM Cortex-X2 erratum 4193788 - ARM Cortex-X3 erratum 4193786 - ARM Cortex-X4 erratum 4118414 - ARM Cortex-X925 erratum 4193781 - ARM Neoverse-N1 erratum 4193800 - ARM Neoverse-N2 erratum 4193789 - ARM Neoverse-V1 erratum 4193790 - ARM Neoverse-V2 erratum 4193787 - ARM Neoverse-V3 erratum 4193784 - ARM Neoverse-V3AE erratum 4193784 These are all variants on an erratum where TLBI+DSB instructions on one CPU may incorrectly complete early leading to stores to an updated address using an incorrect translation on another CPU. In all cases the workaround is to add a second TLBI+DSB. Approved by: re (cperciva) Approved by: so Security: FreeBSD-SA-26:31.arm64 Security: CVE-2025-10263 Sponsored by: Arm Ltd --- sys/arm64/arm64/pmap.c | 60 ++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 51 insertions(+), 9 deletions(-) diff --git a/sys/arm64/arm64/pmap.c b/sys/arm64/arm64/pmap.c index aa0b0e829f7a..12ab8750c77a 100644 --- a/sys/arm64/arm64/pmap.c +++ b/sys/arm64/arm64/pmap.c @@ -1743,20 +1743,62 @@ static cpu_feat_en pmap_multiple_tlbi_check(const struct cpu_feat *feat __unused, u_int midr) { /* - * Cortex-A55 erratum 2441007 (Cat B rare) + * ARM C1-Premium erratum 4193780 + * ARM C1-Ultra erratum 4193780 + * ARM Cortex-A76 erratum 4193800 + * ARM Cortex-A76AE erratum 4193801 + * ARM Cortex-A77 erratum 4193798 + * ARM Cortex-A78 erratum 4193791 + * ARM Cortex-A78AE erratum 4193793 + * ARM Cortex-A78C erratum 4193794 + * ARM Cortex-A710 erratum 4193788 + * ARM Cortex-X1 erratum 4193791 + * ARM Cortex-X1C erratum 4193792 + * ARM Cortex-X2 erratum 4193788 + * ARM Cortex-X3 erratum 4193786 + * ARM Cortex-X4 erratum 4118414 + * ARM Cortex-X925 erratum 4193781 + * ARM Neoverse-N1 erratum 4193800 + * ARM Neoverse-N2 erratum 4193789 + * ARM Neoverse-V1 erratum 4193790 + * ARM Neoverse-V2 erratum 4193787 + * ARM Neoverse-V3 erratum 4193784 + * ARM Neoverse-V3AE erratum 4193784 * Present in all revisions */ - if (CPU_IMPL(midr) == CPU_IMPL_ARM && - CPU_PART(midr) == CPU_PART_CORTEX_A55) - return (FEAT_DEFAULT_DISABLE); + if (CPU_IMPL(midr) == CPU_IMPL_ARM) { + switch(CPU_PART(midr)) { + case CPU_PART_C1_PREMIUM: + case CPU_PART_C1_ULTRA: + case CPU_PART_CORTEX_A76: + case CPU_PART_CORTEX_A76AE: + case CPU_PART_CORTEX_A77: + case CPU_PART_CORTEX_A78: + case CPU_PART_CORTEX_A78AE: + case CPU_PART_CORTEX_A78C: + case CPU_PART_CORTEX_A710: + case CPU_PART_CORTEX_X1: + case CPU_PART_CORTEX_X1C: + case CPU_PART_CORTEX_X2: + case CPU_PART_CORTEX_X3: + case CPU_PART_CORTEX_X4: + case CPU_PART_CORTEX_X925: + case CPU_PART_NEOVERSE_N1: + case CPU_PART_NEOVERSE_N2: + case CPU_PART_NEOVERSE_V1: + case CPU_PART_NEOVERSE_V2: + case CPU_PART_NEOVERSE_V3: + case CPU_PART_NEOVERSE_V3AE: + return (FEAT_DEFAULT_ENABLE); + } + } /* - * Cortex-A76 erratum 1286807 (Cat B rare) - * Present in r0p0 - r3p0 - * Fixed in r3p1 + * Cortex-A55 erratum 2441007 (Cat B rare) + * Present in all revisions */ - if (midr_check_var_part_range(midr, CPU_IMPL_ARM, CPU_PART_CORTEX_A76, - 0, 0, 3, 0)) + if (CPU_IMPL(midr) == CPU_IMPL_ARM && + CPU_PART(midr) == CPU_PART_CORTEX_A55) return (FEAT_DEFAULT_DISABLE); /* From nobody Tue Jun 9 19:20:14 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdz3277cz6gVY0 for ; Tue, 09 Jun 2026 19:20:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdz261GWz3R18 for ; Tue, 09 Jun 2026 19:20:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032814; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=s3Ab7Myl88cBW+gY4zi+MDlAIg0+en2kGH9A4CeBC10=; b=xbH8OivzpcgRlzmPV0GR6rALcAi1uGmVG7bjGcdb6AR6rfgV33b48e6dd3u6o1hcBnrKY2 kTKOYisme5DiskDxiokDGWHB8euNGUFx2dtOdLB87LPcDRy/vnnHmb4XjcwNmMWLshfboy B/8hEhjZ2PJ29ryXc2nVWY8x/EBY+QOCuwhIQK0j/VGccymFZbvwY7qtGpLMxkZsksLsac NKZd+0ft7t9rtgjC0B9g4aN3eRWmmMhsd7xJ9yYcpz/8+42MOe/UIpdAOWiFhc98P2nh+6 QduFxTUcBdhmN3tcpQf9WcZq0fnNMWm6wZedoSGQLstHc32ogl8586VHOGRZXA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032814; a=rsa-sha256; cv=none; b=jv9TPiYfGp1zcoK/bJMF6nFkVfhVQaAugpVXymn8p7GyM53aMtS5C/kGinVSyXjt42Y0ZE GgHJFHSMdI8YMMKAVmxz4LlRKP5HbPMziBWPff79/ZINvGh43Q36JVDjNoWMir3kAj9XBR OQRAoFkUFWZDlXTuMf9tMoWINFsJ6ECP8vBUbdXqdFfHZol/ZM2okTgJa8CrmP0a5zbQhh w6npkOKnKjlZqc+mpBzBj/eYbxfwhtcjYonCjPA+3E+ecyvLkr9T9/1VzPXUk7TNFtD2Ly sEMkCxjkP4nCJ2tJWfk7VftNr+/Qbi/9sPfGCnDX+mqZeCJI6YTxQ7wy0EBQKQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032814; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=s3Ab7Myl88cBW+gY4zi+MDlAIg0+en2kGH9A4CeBC10=; b=PzNdqxC+DPPBkkdEBMAhDJHRFPI6cpqeRYBLLttzjSjwGVZK8kz8Zwz660EwS/HZmVHIOR xo8P0F3erwCX0JxybQg2+uiCWvf0uhiyTCPpjNPJfCV3e5PmHZ7tVYHDwzS9aUcMrAmoCZ 0BHHX2mLM0Zi6dBLUqU0BIGKWg/weJDJmIuesjra88EUPD7YhnI3WAYcx05oFGfhpt5ihZ 4VztZYfqjiNCuOKSgDBe2jYG8EblXPqh1Lm/R5iwpJRCvbRF0w/qK7iAKEZx1uvujrfxQz cWkwbnuJa1W+clcNkhjuW+2cAewakLJyMT2pazrXPEMn7MpthufEgRq0nbsw/w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdz25H8Lzp48 for ; Tue, 09 Jun 2026 19:20:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d6e4 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:14 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Ed Maste From: Mark Johnston Subject: git: 8ed11b21e544 - releng/15.1 - vt: Avoid integer overflow in CONS_HISTORY ioctl List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: 8ed11b21e54417a450c64914a3898ce75c243c7f Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:14 +0000 Message-Id: <6a28676e.3d6e4.7ec97a90@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=8ed11b21e54417a450c64914a3898ce75c243c7f commit 8ed11b21e54417a450c64914a3898ce75c243c7f Author: Ed Maste AuthorDate: 2026-05-26 16:19:47 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 03:00:15 +0000 vt: Avoid integer overflow in CONS_HISTORY ioctl Approved by: re (cperciva) Approved by: so Security: FreeBSD-SA-26:34.vt Security: CVE-2026-49416 Reviewed by: markj, vexeduxr Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57250 (cherry picked from commit 0ae946e7223df5ef3f7980af1d774d7f593f6421) (cherry picked from commit deaaddf1d3c4283649945553ad7e3208c8424308) --- sys/dev/vt/vt_buf.c | 9 ++++----- sys/dev/vt/vt_core.c | 6 ++++-- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/sys/dev/vt/vt_buf.c b/sys/dev/vt/vt_buf.c index e1e4ebc23491..43657fcecbdc 100644 --- a/sys/dev/vt/vt_buf.c +++ b/sys/dev/vt/vt_buf.c @@ -499,7 +499,6 @@ vtbuf_grow(struct vt_buf *vb, const term_pos_t *p, unsigned int history_size) { term_char_t *old, *new, **rows, **oldrows, **copyrows, *row, *oldrow; unsigned int w, h, c, r, old_history_size; - size_t bufsize, rowssize; int history_full; const teken_attr_t *a; term_char_t ch; @@ -510,10 +509,10 @@ vtbuf_grow(struct vt_buf *vb, const term_pos_t *p, unsigned int history_size) history_size = MAX(history_size, p->tp_row); /* Allocate new buffer. */ - bufsize = history_size * p->tp_col * sizeof(term_char_t); - new = malloc(bufsize, M_VTBUF, M_WAITOK | M_ZERO); - rowssize = history_size * sizeof(term_pos_t *); - rows = malloc(rowssize, M_VTBUF, M_WAITOK | M_ZERO); + new = mallocarray(history_size, p->tp_col * sizeof(term_char_t), + M_VTBUF, M_WAITOK | M_ZERO); + rows = mallocarray(history_size, sizeof(term_pos_t *), M_VTBUF, + M_WAITOK | M_ZERO); /* Toggle it. */ VTBUF_LOCK(vb); diff --git a/sys/dev/vt/vt_core.c b/sys/dev/vt/vt_core.c index 8360f0b80fb5..922b44028a23 100644 --- a/sys/dev/vt/vt_core.c +++ b/sys/dev/vt/vt_core.c @@ -40,6 +40,7 @@ #include #include #include +#include #include #include #include @@ -2798,8 +2799,9 @@ skip_thunk: /* XXX */ return (0); case CONS_HISTORY: - if (*(int *)data < 0) - return EINVAL; + if (*(int *)data < 0 || + *(int *)data > UINT_MAX / USHRT_MAX / sizeof(term_char_t)) + return (EINVAL); if (*(int *)data != vw->vw_buf.vb_history_size) vtbuf_sethistory_size(&vw->vw_buf, *(int *)data); return (0); From nobody Tue Jun 9 19:20:15 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdz40ydmz6gVY2 for ; Tue, 09 Jun 2026 19:20:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdz3671Xz3RD2 for ; Tue, 09 Jun 2026 19:20:15 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032815; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=3jm+QYyNktDcvvpoZrCFe0IEviTi8P48ClZ1GCyibKc=; b=LEJJc0KOgiYDKxhgN8/l2jY6c4UrPacGHLjH27IcM37aD9bvbjj4mUrXC6wSlSiE9yqWk1 NGTTpnwBoaIi9HcIW62Kh0769H3+wzmeGokPDGT4VbOXRVun1Oy7YVPZQ6Mll5KJMYQy07 QDtjc5ZMPg0HUYJrJQQHx/vp7h1vaDxi1VqD2GqowdGVlFFJD3KxcfzJ57Vmt5DblZ7ujL jZZRxBeM2QjXq2k0GWfXBBlMKihYN4Lwn8+oZcREd7SD6zOjG5e60dQmGNb/MebDIoxLS2 Vp8tsEpmf7J4gGAnZ721dOfW7S3TgCojhogPY8KSt+gwc6FbI9J0Unb73GrQ8g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032815; a=rsa-sha256; cv=none; b=QGe9KU7y+HWXo8iLZVm0EoPktNJUKdWJCjm6EswjnoadCnY3HlyJdMu6bNs2LKmRFOvLqt JmX4v1k4A9gj9Ga4Sib6D4yY1CavgzJB8LuvhlGVfTn6gdv7G/nKC0/vpRYJ6t0vYXkRL/ pb+BMm/VhBOfJ51wfySVB7ow4kosUbohhjvqLUxlXvAil7G9Vjl4b9peAphhiQYcy9cT6v 83kEVTCsXQbwieHlsozr67b4IzMxvRCXQa5dz3blICwRb7ZNBnCGzkdhiKe6Pbhylo3+tp blHkTx+p4YfzlJwnuLOSEYe/plz9qjt7jhvGO98hhCnmaP9iNnbU2RHjR5+MEQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032815; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=3jm+QYyNktDcvvpoZrCFe0IEviTi8P48ClZ1GCyibKc=; b=tvu1FSxPIeQosN/YreAU2Ut7x7Tjux40Wmx/ITy3aZT60b5Xmfe7/0grMUfOiY+juKYzSs Lql5DGToKmuFf8986p94+xwhx9fCVEJWX/R1xXBEAs+TUr93IUYR++BCz0qbG2df6o0LMG 04u0BLy2L9cGd15S1rTc+pwnCVWyRCkNmPQewxPwjv9Ovd3tMQBgKTiq3etueTIi1NRcdw 5/B9PCSGNEe8meJakgj9DHP80mfG6qIxr4zOfsWbtSlD9xsD30qwYt6TpCtVBwr0/ua9ju dwNcn9CIw1xZ2oDdX8fhXQsGb2EjmA8n/LiRWK3iU2/mlPivDSK3PsLW4h+HBg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdz35kLTzp1q for ; Tue, 09 Jun 2026 19:20:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3dae2 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:15 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: 083bb80a125a - releng/15.1 - openssl: Fix multiple vulnerabilities List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: 083bb80a125a5f61c07000e73d0ddb19dd248978 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:15 +0000 Message-Id: <6a28676f.3dae2.58a0c7bc@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=083bb80a125a5f61c07000e73d0ddb19dd248978 commit 083bb80a125a5f61c07000e73d0ddb19dd248978 Author: Gordon Tetlow AuthorDate: 2026-04-29 08:23:24 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 03:00:23 +0000 openssl: Fix multiple vulnerabilities This is a rollup commit from upstream to fix: Reject oversized inputs in ASN1_mbstring_ncopy() cms: kek_unwrap_key: Fix out-of-bounds read in check-byte validation cms: kek_unwrap_key: test for fix out-of-bounds read in check-byte validation Avoid length truncation in ASN1_STRING_set pkcs12: verify that the pbmac1 key length is safe Reject potentially forged encrypted CMS AuthEnvelopedData messages QUIC stack must limit the number of PATH_CHALLENGE frames processed in RX Fix NULL dereference in QUIC address validation Fix potential NULL dereference processing CMS PasswordRecipientInfo Fix potential NULL dereference in OSSL_CRMF_ENCRYPTEDVALUE_decrypt() Enforce implicit rejection for CMS/PKCS#7 decryption Use the correct issuer when validating rootCAKeyUpdate Match the local q DHX parameter against the peer's q Apply the buffered IV on the AES-OCB EVP_Cipher() path Fix handling of empty-ciphertext messages in AES-GCM-SIV and AES-SIV Fix possible use-after-free in OpenSSL PKCS7_verify() Approved by: re (cperciva) Approved by: so Obtained from: OpenSSL Security: FreeBSD-SA-26:35.openssl Security: CVE-2026-7383 Security: CVE-2026-9076 Security: CVE-2026-34180 Security: CVE-2026-34181 Security: CVE-2026-34182 Security: CVE-2026-34183 Security: CVE-2026-42764 Security: CVE-2026-42766 Security: CVE-2026-42767 Security: CVE-2026-42768 Security: CVE-2026-42769 Security: CVE-2026-42770 Security: CVE-2026-45445 Security: CVE-2026-45446 Security: CVE-2026-45447 --- crypto/openssl/crypto/asn1/a_mbstr.c | 31 ++++- crypto/openssl/crypto/asn1/tasn_dec.c | 24 ++-- crypto/openssl/crypto/cmp/cmp_genm.c | 6 +- crypto/openssl/crypto/cms/cms_enc.c | 10 +- crypto/openssl/crypto/cms/cms_env.c | 7 -- crypto/openssl/crypto/cms/cms_pwri.c | 13 +- crypto/openssl/crypto/crmf/crmf_lib.c | 10 +- crypto/openssl/crypto/pkcs12/p12_mutl.c | 8 +- crypto/openssl/crypto/pkcs7/pk7_doit.c | 7 -- crypto/openssl/crypto/pkcs7/pk7_smime.c | 9 +- crypto/openssl/doc/man3/CMS_decrypt.pod | 4 +- crypto/openssl/doc/man3/PKCS7_decrypt.pod | 10 +- crypto/openssl/include/internal/quic_cfq.h | 1 + crypto/openssl/include/internal/quic_channel.h | 1 + crypto/openssl/include/internal/quic_fifd.h | 1 + .../ciphers/cipher_aes_gcm_siv_hw.c | 27 ++-- .../implementations/ciphers/cipher_aes_ocb.c | 13 ++ .../implementations/ciphers/cipher_aes_siv.c | 3 + .../providers/implementations/exchange/dh_exch.c | 5 +- crypto/openssl/ssl/quic/quic_cfq.c | 15 +++ crypto/openssl/ssl/quic/quic_channel.c | 6 + crypto/openssl/ssl/quic/quic_channel_local.h | 39 ++++++ crypto/openssl/ssl/quic/quic_fifd.c | 43 +++++++ crypto/openssl/ssl/quic/quic_port.c | 6 +- crypto/openssl/ssl/quic/quic_rx_depack.c | 60 +++++---- crypto/openssl/ssl/quic/quic_txp.c | 2 + crypto/openssl/test/cmsapitest.c | 48 ++++++- crypto/openssl/test/evp_extra_test.c | 140 +++++++++++++++++++++ crypto/openssl/test/recipes/80-test_cmsapi.t | 3 +- .../80-test_cmsapi_data/cms_pwri_kek_oob.der | Bin 0 -> 193 bytes crypto/openssl/test/recipes/80-test_pkcs12.t | 13 +- .../pbmac1_256_256.bad-key-len.p12 | Bin 0 -> 2803 bytes .../pbmac1_256_256.good-shorter-key-len.p12 | Bin 0 -> 2803 bytes 33 files changed, 472 insertions(+), 93 deletions(-) diff --git a/crypto/openssl/crypto/asn1/a_mbstr.c b/crypto/openssl/crypto/asn1/a_mbstr.c index 2270e63d51d4..962e19b2ceaa 100644 --- a/crypto/openssl/crypto/asn1/a_mbstr.c +++ b/crypto/openssl/crypto/asn1/a_mbstr.c @@ -174,11 +174,27 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, break; case MBSTRING_BMP: + if (nchar > INT_MAX / 2) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 1; cpyfunc = cpy_bmp; break; case MBSTRING_UNIV: + if (nchar > INT_MAX / 4) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } + return -1; + } outlen = nchar << 2; cpyfunc = cpy_univ; break; @@ -186,8 +202,11 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, case MBSTRING_UTF8: outlen = 0; ret = traverse_string(in, len, inform, out_utf8, &outlen); - if (ret < 0) { - ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); + if (ret < 0) { /* error already raised in out_utf8() */ + if (free_out) { + ASN1_STRING_free(dest); + *out = NULL; + } return -1; } cpyfunc = cpy_utf8; @@ -270,9 +289,15 @@ static int out_utf8(unsigned long value, void *arg) int *outlen, len; len = UTF8_putc(NULL, -1, value); - if (len <= 0) + if (len <= 0) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_INVALID_UTF8STRING); return len; + } outlen = arg; + if (*outlen > INT_MAX - len) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_STRING_TOO_LONG); + return -1; + } *outlen += len; return 1; } diff --git a/crypto/openssl/crypto/asn1/tasn_dec.c b/crypto/openssl/crypto/asn1/tasn_dec.c index 91c2e524f55b..e9532b9f48f7 100644 --- a/crypto/openssl/crypto/asn1/tasn_dec.c +++ b/crypto/openssl/crypto/asn1/tasn_dec.c @@ -54,7 +54,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it); /* Table to convert tags to bit values, used for MSTRING type */ @@ -855,19 +855,24 @@ err: /* Translate ASN1 content octets into a structure */ -static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, +static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, long len, int utype, char *free_cont, const ASN1_ITEM *it) { ASN1_VALUE **opval = NULL; ASN1_STRING *stmp; ASN1_TYPE *typ = NULL; int ret = 0; + int ilen = (int)len; const ASN1_PRIMITIVE_FUNCS *pf; ASN1_INTEGER **tint; pf = it->funcs; - if (pf && pf->prim_c2i) - return pf->prim_c2i(pval, cont, len, utype, free_cont, it); + if (pf && pf->prim_c2i) { + if (len == (long)ilen) + return pf->prim_c2i(pval, cont, ilen, utype, free_cont, it); + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + return 0; + } /* If ANY type clear type and set pointer to internal value */ if (it->utype == V_ASN1_ANY) { if (*pval == NULL) { @@ -885,7 +890,8 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, } switch (utype) { case V_ASN1_OBJECT: - if (!ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) + if (len != (long)ilen + || !ossl_c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, ilen)) goto err; break; @@ -940,6 +946,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_SET: case V_ASN1_SEQUENCE: default: + if (len != (long)ilen) { + ERR_raise(ERR_LIB_ASN1, ASN1_R_TOO_LONG); + goto err; + } if (utype == V_ASN1_BMPSTRING && (len & 1)) { ERR_raise(ERR_LIB_ASN1, ASN1_R_BMPSTRING_IS_WRONG_LENGTH); goto err; @@ -970,10 +980,10 @@ static int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, } /* If we've already allocated a buffer use it */ if (*free_cont) { - ASN1_STRING_set0(stmp, (unsigned char *)cont /* UGLY CAST! */, len); + ASN1_STRING_set0(stmp, (unsigned char *)cont /* UGLY CAST! */, ilen); *free_cont = 0; } else { - if (!ASN1_STRING_set(stmp, cont, len)) { + if (!ASN1_STRING_set(stmp, cont, ilen)) { ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB); ASN1_STRING_free(stmp); *pval = NULL; diff --git a/crypto/openssl/crypto/cmp/cmp_genm.c b/crypto/openssl/crypto/cmp/cmp_genm.c index bcc121f14695..ec1f03d20c1a 100644 --- a/crypto/openssl/crypto/cmp/cmp_genm.c +++ b/crypto/openssl/crypto/cmp/cmp_genm.c @@ -202,7 +202,7 @@ static int selfsigned_verify_cb(int ok, X509_STORE_CTX *store_ctx) for (i = 0; i < sk_X509_num(trust); i++) { issuer = sk_X509_value(trust, i); if ((*check_issued)(store_ctx, cert, issuer)) { - if (X509_add_cert(chain, cert, X509_ADD_FLAG_UP_REF)) + if (X509_add_cert(chain, issuer, X509_ADD_FLAG_UP_REF)) ok = 1; break; } @@ -235,6 +235,7 @@ static int verify_ss_cert(OSSL_LIB_CTX *libctx, const char *propq, if ((csc = X509_STORE_CTX_new_ex(libctx, propq)) == NULL || !X509_STORE_CTX_init(csc, ts, target, untrusted)) goto err; + X509_STORE_CTX_set_flags(csc, X509_V_FLAG_CHECK_SS_SIGNATURE); X509_STORE_CTX_set_verify_cb(csc, selfsigned_verify_cb); ok = X509_verify_cert(csc) > 0; @@ -253,7 +254,8 @@ verify_ss_cert_trans(OSSL_CMP_CTX *ctx, X509 *trusted /* may be NULL */, int res = 0; if (trusted != NULL) { - X509_VERIFY_PARAM *vpm = X509_STORE_get0_param(ts); + X509_VERIFY_PARAM *vpm = (ts == NULL) ? NULL + : X509_STORE_get0_param(ts); if ((ts = X509_STORE_new()) == NULL) return 0; diff --git a/crypto/openssl/crypto/cms/cms_enc.c b/crypto/openssl/crypto/cms/cms_enc.c index 08afb5ab114b..ba7082cebd72 100644 --- a/crypto/openssl/crypto/cms/cms_enc.c +++ b/crypto/openssl/crypto/cms/cms_enc.c @@ -109,13 +109,15 @@ BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec, goto err; } piv = aparams.iv; - if (ec->taglen > 0 - && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, - ec->taglen, ec->tag) - <= 0) { + + if (ec->taglen < 4 || ec->taglen > 16 + || EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, (int)ec->taglen, ec->tag) <= 0) { ERR_raise(ERR_LIB_CMS, CMS_R_CIPHER_AEAD_SET_TAG_ERROR); goto err; } + } else if (auth) { + ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_CONTENT_ENCRYPTION_ALGORITHM); + goto err; } } len = EVP_CIPHER_CTX_get_key_length(ctx); diff --git a/crypto/openssl/crypto/cms/cms_env.c b/crypto/openssl/crypto/cms/cms_env.c index 0828d157fad6..70dd59c06169 100644 --- a/crypto/openssl/crypto/cms/cms_env.c +++ b/crypto/openssl/crypto/cms/cms_env.c @@ -619,13 +619,6 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, if (!ossl_cms_env_asn1_ctrl(ri, 1)) goto err; - if (EVP_PKEY_is_a(pkey, "RSA")) - /* upper layer CMS code incorrectly assumes that a successful RSA - * decryption means that the key matches ciphertext (which never - * was the case, implicit rejection or not), so to make it work - * disable implicit rejection for RSA keys */ - EVP_PKEY_CTX_ctrl_str(ktri->pctx, "rsa_pkcs1_implicit_rejection", "0"); - if (evp_pkey_decrypt_alloc(ktri->pctx, &ek, &eklen, fixlen, ktri->encryptedKey->data, ktri->encryptedKey->length) diff --git a/crypto/openssl/crypto/cms/cms_pwri.c b/crypto/openssl/crypto/cms/cms_pwri.c index d62dbbde881b..faf6a164669b 100644 --- a/crypto/openssl/crypto/cms/cms_pwri.c +++ b/crypto/openssl/crypto/cms/cms_pwri.c @@ -200,18 +200,18 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen, EVP_CIPHER_CTX *ctx) { - size_t blocklen = EVP_CIPHER_CTX_get_block_size(ctx); + int blocklen = EVP_CIPHER_CTX_get_block_size(ctx); unsigned char *tmp; int outl, rv = 0; - if (blocklen == 0) + if (blocklen < 4) return 0; - if (inlen < 2 * blocklen) { + if (inlen < 2 * (size_t)blocklen) { /* too small */ return 0; } - if (inlen % blocklen) { + if (inlen > INT_MAX || inlen % blocklen) { /* Invalid size */ return 0; } @@ -367,6 +367,11 @@ int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms, /* Finish password based key derivation to setup key in "ctx" */ + if (algtmp == NULL) { + ERR_raise_data(ERR_LIB_CMS, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER, + "Missing KeyDerivationAlgorithm"); + goto err; + } if (!EVP_PBE_CipherInit_ex(algtmp->algorithm, (char *)pwri->pass, (int)pwri->passlen, algtmp->parameter, kekctx, en_de, diff --git a/crypto/openssl/crypto/crmf/crmf_lib.c b/crypto/openssl/crypto/crmf/crmf_lib.c index d5c8983b2fd4..34477d52662d 100644 --- a/crypto/openssl/crypto/crmf/crmf_lib.c +++ b/crypto/openssl/crypto/crmf/crmf_lib.c @@ -766,6 +766,7 @@ unsigned char *OSSL_CRMF_ENCRYPTEDVALUE_decrypt(const OSSL_CRMF_ENCRYPTEDVALUE * EVP_CIPHER *cipher = NULL; /* used cipher */ int cikeysize = 0; /* key size from cipher */ unsigned char *iv = NULL; /* initial vector for symmetric encryption */ + int iv_len; /* iv length */ unsigned char *out = NULL; /* decryption output buffer */ int n, ret = 0; EVP_PKEY_CTX *pkctx = NULL; /* private key context */ @@ -820,11 +821,12 @@ unsigned char *OSSL_CRMF_ENCRYPTEDVALUE_decrypt(const OSSL_CRMF_ENCRYPTEDVALUE * } else { goto end; } - if ((iv = OPENSSL_malloc(EVP_CIPHER_get_iv_length(cipher))) == NULL) + iv_len = EVP_CIPHER_get_iv_length(cipher); + if ((iv = OPENSSL_malloc(iv_len)) == NULL) goto end; - if (ASN1_TYPE_get_octetstring(enc->symmAlg->parameter, iv, - EVP_CIPHER_get_iv_length(cipher)) - != EVP_CIPHER_get_iv_length(cipher)) { + if (enc->symmAlg->parameter == NULL + || ASN1_TYPE_get_octetstring(enc->symmAlg->parameter, iv, iv_len) + != iv_len) { ERR_raise(ERR_LIB_CRMF, CRMF_R_MALFORMED_IV); goto end; } diff --git a/crypto/openssl/crypto/pkcs12/p12_mutl.c b/crypto/openssl/crypto/pkcs12/p12_mutl.c index 01956252df76..15072e12f26b 100644 --- a/crypto/openssl/crypto/pkcs12/p12_mutl.c +++ b/crypto/openssl/crypto/pkcs12/p12_mutl.c @@ -144,11 +144,13 @@ static int PBMAC1_PBKDF2_HMAC(OSSL_LIB_CTX *ctx, const char *propq, } pbkdf2_salt = pbkdf2_param->salt->value.octet_string; - /* RFC 9579 specifies missing key length as invalid */ + /* RFC 9879 specifies missing key length as invalid */ if (pbkdf2_param->keylength != NULL) keylen = ASN1_INTEGER_get(pbkdf2_param->keylength); - if (keylen <= 0 || keylen > EVP_MAX_MD_SIZE) { - ERR_raise(ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR); + /* RFC 9879 specifies too short key length as untrustworthy too */ + if (keylen < 20 || keylen > EVP_MAX_MD_SIZE) { + ERR_raise_data(ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR, + "Invalid Key length (%d is not in the range 20..64)", keylen); goto err; } diff --git a/crypto/openssl/crypto/pkcs7/pk7_doit.c b/crypto/openssl/crypto/pkcs7/pk7_doit.c index d6513cf3a379..1ec7895fc197 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_doit.c +++ b/crypto/openssl/crypto/pkcs7/pk7_doit.c @@ -203,13 +203,6 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, if (EVP_PKEY_decrypt_init(pctx) <= 0) goto err; - if (EVP_PKEY_is_a(pkey, "RSA")) - /* upper layer pkcs7 code incorrectly assumes that a successful RSA - * decryption means that the key matches ciphertext (which never - * was the case, implicit rejection or not), so to make it work - * disable implicit rejection for RSA keys */ - EVP_PKEY_CTX_ctrl_str(pctx, "rsa_pkcs1_implicit_rejection", "0"); - ret = evp_pkey_decrypt_alloc(pctx, &ek, &eklen, fixlen, ri->enc_key->data, ri->enc_key->length); if (ret <= 0) diff --git a/crypto/openssl/crypto/pkcs7/pk7_smime.c b/crypto/openssl/crypto/pkcs7/pk7_smime.c index 97f20058979f..dc003ee2affd 100644 --- a/crypto/openssl/crypto/pkcs7/pk7_smime.c +++ b/crypto/openssl/crypto/pkcs7/pk7_smime.c @@ -222,6 +222,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, int i, j = 0, k, ret = 0; BIO *p7bio = NULL; BIO *tmpout = NULL; + BIO *next = NULL; const PKCS7_CTX *p7_ctx; if (p7 == NULL) { @@ -352,9 +353,11 @@ err: BIO_free(tmpout); X509_STORE_CTX_free(cert_ctx); OPENSSL_free(buf); - if (indata != NULL) - BIO_pop(p7bio); - BIO_free_all(p7bio); + while (p7bio != NULL && p7bio != indata) { + next = BIO_pop(p7bio); + BIO_free(p7bio); + p7bio = next; + } sk_X509_free(signers); sk_X509_free(untrusted); return ret; diff --git a/crypto/openssl/doc/man3/CMS_decrypt.pod b/crypto/openssl/doc/man3/CMS_decrypt.pod index 121b74a30a10..66a94287b6f5 100644 --- a/crypto/openssl/doc/man3/CMS_decrypt.pod +++ b/crypto/openssl/doc/man3/CMS_decrypt.pod @@ -68,7 +68,7 @@ then the above behaviour is modified and an error B returned if no recipient encrypted key can be decrypted B generating a random content encryption key. Applications should use this flag with B especially in automated gateways as it can leave them -open to attack. +open to attack. See L for more details. It is possible to determine the correct recipient key by other means (for example looking them up in a database) and setting them in the CMS structure @@ -103,7 +103,7 @@ mentioned in CMS_verify() also applies to CMS_decrypt(). =head1 SEE ALSO -L, L +L, L, L =head1 HISTORY diff --git a/crypto/openssl/doc/man3/PKCS7_decrypt.pod b/crypto/openssl/doc/man3/PKCS7_decrypt.pod index aea15937ab86..cfb5b3f87376 100644 --- a/crypto/openssl/doc/man3/PKCS7_decrypt.pod +++ b/crypto/openssl/doc/man3/PKCS7_decrypt.pod @@ -22,6 +22,14 @@ B is an optional set of flags. Although the recipients certificate is not needed to decrypt the data it is needed to locate the appropriate (of possible several) recipients in the PKCS#7 structure. +When RSA PKCS#1 v1.5 Key Transport is in use, the invoked EVP_PKEY_decrypt() +will use implicit rejection mechanism. It always returns the result of RSA +decryption of the symmetric key to avoid Marvin attack. This result is +deterministic and can happen to match the symmetric cipher used for the content +encryption. In case when the certificate is not provided, the last +RecipientInfo producing the key looking valid will be used. It may cause +getting garbage content on decryption. + The following flags can be passed in the B parameter. If the B flag is set MIME headers for type B are deleted @@ -43,7 +51,7 @@ mentioned in PKCS7_sign() also applies to PKCS7_verify(). =head1 SEE ALSO -L, L +L, L, L =head1 COPYRIGHT diff --git a/crypto/openssl/include/internal/quic_cfq.h b/crypto/openssl/include/internal/quic_cfq.h index 0b2a3a4cb2d6..96c8d89eb600 100644 --- a/crypto/openssl/include/internal/quic_cfq.h +++ b/crypto/openssl/include/internal/quic_cfq.h @@ -149,6 +149,7 @@ QUIC_CFQ_ITEM *ossl_quic_cfq_get_priority_head(const QUIC_CFQ *cfq, QUIC_CFQ_ITEM *ossl_quic_cfq_item_get_priority_next(const QUIC_CFQ_ITEM *item, uint32_t pn_space); +int ossl_quic_cfq_discard_unreliable(QUIC_CFQ *cfq, QUIC_CFQ_ITEM *item); #endif #endif diff --git a/crypto/openssl/include/internal/quic_channel.h b/crypto/openssl/include/internal/quic_channel.h index b917b966abeb..cfaeab728178 100644 --- a/crypto/openssl/include/internal/quic_channel.h +++ b/crypto/openssl/include/internal/quic_channel.h @@ -468,6 +468,7 @@ int ossl_quic_bind_channel(QUIC_CHANNEL *ch, const BIO_ADDR *peer, const QUIC_CONN_ID *scid, const QUIC_CONN_ID *dcid, const QUIC_CONN_ID *odcid); +void ossl_ch_reset_rx_state(QUIC_CHANNEL *ch); #endif #endif diff --git a/crypto/openssl/include/internal/quic_fifd.h b/crypto/openssl/include/internal/quic_fifd.h index 4ea7a2e0d226..afa330cbc4a2 100644 --- a/crypto/openssl/include/internal/quic_fifd.h +++ b/crypto/openssl/include/internal/quic_fifd.h @@ -83,6 +83,7 @@ int ossl_quic_fifd_pkt_commit(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *pkt); void ossl_quic_fifd_set_qlog_cb(QUIC_FIFD *fifd, QLOG *(*get_qlog_cb)(void *arg), void *arg); +void ossl_quic_fifd_pkt_discard_unreliable(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *tpkt); #endif #endif diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c index d0b6ae4b070d..5bdc567b4bb1 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c @@ -58,6 +58,9 @@ static int aes_gcm_siv_initkey(void *vctx) memset(&data, 0, sizeof(data)); memcpy(&data.block[sizeof(data.counter)], ctx->nonce, NONCE_SIZE); + ctx->generated_tag = 0; + memset(ctx->tag, 0, TAG_SIZE); + /* msg_auth_key is always 16 bytes in size, regardless of AES128/AES256 */ /* counter is stored little-endian */ for (i = 0; i < BLOCK_SIZE; i += 8) { @@ -134,17 +137,6 @@ static int aes_gcm_siv_aad(PROV_AES_GCM_SIV_CTX *ctx, return 1; } -static int aes_gcm_siv_finish(PROV_AES_GCM_SIV_CTX *ctx) -{ - int ret = 0; - - if (ctx->enc) - return ctx->generated_tag; - ret = !CRYPTO_memcmp(ctx->tag, ctx->user_tag, sizeof(ctx->tag)); - ret &= ctx->have_user_tag; - return ret; -} - static int aes_gcm_siv_encrypt(PROV_AES_GCM_SIV_CTX *ctx, const unsigned char *in, unsigned char *out, size_t len) { @@ -271,6 +263,19 @@ static int aes_gcm_siv_decrypt(PROV_AES_GCM_SIV_CTX *ctx, const unsigned char *i return !error; } +static int aes_gcm_siv_finish(PROV_AES_GCM_SIV_CTX *ctx) +{ + int ret = 0; + + if (ctx->enc) + return ctx->generated_tag; + if (!ctx->generated_tag) + aes_gcm_siv_decrypt(ctx, NULL, NULL, 0); + ret = !CRYPTO_memcmp(ctx->tag, ctx->user_tag, sizeof(ctx->tag)); + ret &= ctx->have_user_tag; + return ret; +} + static int aes_gcm_siv_cipher(void *vctx, unsigned char *out, const unsigned char *in, size_t len) { diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c index b724c425e392..99254cb49a88 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_ocb.c @@ -514,6 +514,19 @@ static int aes_ocb_cipher(void *vctx, unsigned char *out, size_t *outl, return 0; } + /* + * Mirror the streaming handler: refuse if the key has not been set, + * and push the buffered IV into the OCB context before any data is + * processed. Without this, CRYPTO_ocb128_encrypt/decrypt runs with + * Offset_0 = 0 regardless of the caller's IV -- catastrophic + * (key, nonce) reuse, and a subsequent EVP_*Final_ex() emits a tag + * that is a function of (key, iv) only. + */ + if (!ctx->key_set || !update_iv(ctx)) { + ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); + return 0; + } + if (!aes_generic_ocb_cipher(ctx, in, out, inl)) { ERR_raise(ERR_LIB_PROV, PROV_R_CIPHER_OPERATION_FAILED); return 0; diff --git a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c index 96f26757abe2..754e0757cda3 100644 --- a/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c +++ b/crypto/openssl/providers/implementations/ciphers/cipher_aes_siv.c @@ -192,6 +192,7 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; const OSSL_PARAM *p; unsigned int speed = 0; + SIV128_CONTEXT *sctx = &ctx->siv; if (ossl_param_is_empty(params)) return 1; @@ -226,6 +227,8 @@ static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (keylen != ctx->keylen) return 0; } + sctx->final_ret = -1; + return 1; } diff --git a/crypto/openssl/providers/implementations/exchange/dh_exch.c b/crypto/openssl/providers/implementations/exchange/dh_exch.c index 94d4254ed5d2..2bfefc0aedf4 100644 --- a/crypto/openssl/providers/implementations/exchange/dh_exch.c +++ b/crypto/openssl/providers/implementations/exchange/dh_exch.c @@ -146,12 +146,15 @@ static int dh_init(void *vpdhctx, void *vdh, const OSSL_PARAM params[]) static int dh_match_params(DH *priv, DH *peer) { int ret; + int ignore_q = 1; FFC_PARAMS *dhparams_priv = ossl_dh_get0_params(priv); FFC_PARAMS *dhparams_peer = ossl_dh_get0_params(peer); + if (dhparams_priv != NULL && dhparams_priv->q != NULL) + ignore_q = 0; ret = dhparams_priv != NULL && dhparams_peer != NULL - && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, 1); + && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, ignore_q); if (!ret) ERR_raise(ERR_LIB_PROV, PROV_R_MISMATCHING_DOMAIN_PARAMETERS); return ret; diff --git a/crypto/openssl/ssl/quic/quic_cfq.c b/crypto/openssl/ssl/quic/quic_cfq.c index 3c59234ff0ff..16818e55f57d 100644 --- a/crypto/openssl/ssl/quic/quic_cfq.c +++ b/crypto/openssl/ssl/quic/quic_cfq.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#include "internal/quic_channel.h" #include "internal/quic_cfq.h" #include "internal/numbers.h" @@ -307,6 +308,20 @@ void ossl_quic_cfq_mark_lost(QUIC_CFQ *cfq, QUIC_CFQ_ITEM *item, } } +int ossl_quic_cfq_discard_unreliable(QUIC_CFQ *cfq, QUIC_CFQ_ITEM *item) +{ + int discarded; + + if (ossl_quic_cfq_item_is_unreliable(item)) { + ossl_quic_cfq_release(cfq, item); + discarded = 1; + } else { + discarded = 0; + } + + return discarded; +} + /* * Releases a CFQ item. The item may be in either state (NEW or TX) prior to the * call. The QUIC_CFQ_ITEM pointer must not be used following this call. diff --git a/crypto/openssl/ssl/quic/quic_channel.c b/crypto/openssl/ssl/quic/quic_channel.c index 13692e5bd09e..5f81a8560d5f 100644 --- a/crypto/openssl/ssl/quic/quic_channel.c +++ b/crypto/openssl/ssl/quic/quic_channel.c @@ -2213,6 +2213,12 @@ static void ch_rx_check_forged_pkt_limit(QUIC_CHANNEL *ch) "forgery limit"); } +void ossl_ch_reset_rx_state(QUIC_CHANNEL *ch) +{ + ch->did_crypto_frame = 0; + ch->seen_path_challenge = 0; +} + /* Process queued incoming packets and handle frames, if any. */ static int ch_rx(QUIC_CHANNEL *ch, int channel_only, int *notify_other_threads) { diff --git a/crypto/openssl/ssl/quic/quic_channel_local.h b/crypto/openssl/ssl/quic/quic_channel_local.h index ae443fccca1e..e40b4901cbc7 100644 --- a/crypto/openssl/ssl/quic/quic_channel_local.h +++ b/crypto/openssl/ssl/quic/quic_channel_local.h @@ -12,6 +12,28 @@ #include "internal/quic_stream_map.h" #include "internal/quic_tls.h" +/* + * This is a part of PATH_CHALLENGE flood [1] mitigation. This limits the + * number of PATH_CHALLENGE frames QUIC stack is willing to process for + * connection. Local QUIC stack creates PATH_RESPONSE frame for PATH_CHALLENGE + * frame it receives from remote peer. The response frame is put Control Frame + * Queue waiting to be dispatched. The PATH_RESPONSE frame is removed from CFQ + * after it is dispatched. The QUIC_PATH_RESPONSE_QLEN limits the number of + * PATH_RESPONSE frames waiting to be dispatched. No new PATH_RESPONSE frames + * are inserted into CFQ if queue limit is exceeded. + * + * QUIC implementations use different limits for PATH_RESPONSE queue lengths: + * quic-go defines maxPathResponses as 256 + * quiche from cloadflare sets DEFAULT_MAX_PATH_CHALLENGE_RX_QUEUE_LEN to 3 + * t-quic from tencent chooses MAX_PATH_CHALS_RECV to be 8 + * + * OpenSSL here introduces QUIC_PATH_RESPONSE_QLEN as 32. + * + * [1] https://www.ietf.org/archive/id/draft-chen-quic-logical-vuln-mitigations-00.txt + * (section 4.2) + */ +#define QUIC_PATH_RESPONSE_QLEN 32 + /* * QUIC Channel Structure * ====================== @@ -457,6 +479,18 @@ struct quic_channel_st { /* Has qlog been requested? */ unsigned int is_tserver_ch : 1; + /* + * RFC 9000 Section 9.2.1 says: + * However, an endpoint SHOULD NOT send multiple + * PATH_CHALLENGE frames in a single packet. + * The counter here allows us to detect multiple presence + * of PATH_CHALLENGE frame in packet. We process only the + * first PATH_CHALLENGE frame found in packet. Remaining PATH_CHALLENGE + * frames are ignored. + * seen_path_challenge flag is always reset before + * ossl_quic_handle_frames() gets called. + */ + unsigned int seen_path_challenge : 1; /* Saved error stack in case permanent error was encountered */ ERR_STATE *err_state; @@ -467,6 +501,11 @@ struct quic_channel_st { /* Title for qlog purposes. We own this copy. */ char *qlog_title; + /* + * number of path responses waiting to be dispatched + * from control frame queue (CFQ) + */ + unsigned int path_response_limit; }; #endif diff --git a/crypto/openssl/ssl/quic/quic_fifd.c b/crypto/openssl/ssl/quic/quic_fifd.c index 03b8cebd3057..e80483b501d7 100644 --- a/crypto/openssl/ssl/quic/quic_fifd.c +++ b/crypto/openssl/ssl/quic/quic_fifd.c @@ -310,3 +310,46 @@ void ossl_quic_fifd_set_qlog_cb(QUIC_FIFD *fifd, QLOG *(*get_qlog_cb)(void *arg) fifd->get_qlog_cb = get_qlog_cb; fifd->get_qlog_cb_arg = get_qlog_cb_arg; } + +static void txpim_pkt_remove_cfq_item(QUIC_TXPIM_PKT *pkt, QUIC_CFQ_ITEM *cfq_item) +{ + QUIC_CFQ_ITEM *prev = cfq_item->pkt_prev; + + if (prev != NULL) { + prev->pkt_next = cfq_item->pkt_next; + } else { + pkt->retx_head = cfq_item->pkt_next; + } + + if (cfq_item->pkt_next != NULL) + cfq_item->pkt_next->pkt_prev = prev; + + cfq_item->pkt_prev = NULL; + cfq_item->pkt_next = NULL; +} + +void ossl_quic_fifd_pkt_discard_unreliable(QUIC_FIFD *fifd, QUIC_TXPIM_PKT *pkt) +{ + QUIC_CFQ_ITEM *cfq_item, *cfq_next; + + /* + * The packet has been written to network. We can discard frames we don't + * retransmit when loss is detected. + */ + cfq_item = pkt->retx_head; + while (cfq_item != NULL) { + /* + * Discarded items are moved to free list. If item + * got moved to free list we must also remove it from + * cfq list kept in pkt, so ACKM does not find it when + * receives an ACK for pkt. + */ + if (ossl_quic_cfq_discard_unreliable(fifd->cfq, cfq_item)) { + cfq_next = cfq_item->pkt_next; + txpim_pkt_remove_cfq_item(pkt, cfq_item); + cfq_item = cfq_next; + } else { + cfq_item = cfq_item->pkt_next; + } + } +} diff --git a/crypto/openssl/ssl/quic/quic_port.c b/crypto/openssl/ssl/quic/quic_port.c index 1e247e1ec624..dc79485b96a5 100644 --- a/crypto/openssl/ssl/quic/quic_port.c +++ b/crypto/openssl/ssl/quic/quic_port.c @@ -1666,8 +1666,10 @@ static void port_default_packet_handler(QUIC_URXE *e, void *arg, * forget qrx so channel can create a new one * with valid initial encryption level keys. */ - qrx_src = qrx; - qrx = NULL; + if (qrx != NULL) { + qrx_src = qrx; + qrx = NULL; + } } port_bind_channel(port, &e->peer, &scid, &hdr.dst_conn_id, diff --git a/crypto/openssl/ssl/quic/quic_rx_depack.c b/crypto/openssl/ssl/quic/quic_rx_depack.c index 786af9b4c221..1bdb43b7d639 100644 --- a/crypto/openssl/ssl/quic/quic_rx_depack.c +++ b/crypto/openssl/ssl/quic/quic_rx_depack.c @@ -931,6 +931,12 @@ static int depack_do_frame_retire_conn_id(PACKET *pkt, static void free_path_response(unsigned char *buf, size_t buf_len, void *arg) { + QUIC_CHANNEL *ch = (QUIC_CHANNEL *)arg; + + assert(ch->path_response_limit > 0); + + ch->path_response_limit--; + OPENSSL_free(buf); } @@ -951,33 +957,39 @@ static int depack_do_frame_path_challenge(PACKET *pkt, return 0; } - /* - * RFC 9000 s. 8.2.2: On receiving a PATH_CHALLENGE frame, an endpoint MUST - * respond by echoing the data contained in the PATH_CHALLENGE frame in a - * PATH_RESPONSE frame. - * - * TODO(QUIC FUTURE): We should try to avoid allocation here in the future. - */ - encoded_len = sizeof(uint64_t) + 1; - if ((encoded = OPENSSL_malloc(encoded_len)) == NULL) - goto err; + if (ch->seen_path_challenge == 0 + && ch->path_response_limit < QUIC_PATH_RESPONSE_QLEN) { + /* + * RFC 9000 s. 8.2.2: On receiving a PATH_CHALLENGE frame, an endpoint + * MUST respond by echoing the data contained in the PATH_CHALLENGE + * frame in a PATH_RESPONSE frame. + * + * TODO(QUIC FUTURE): We should try to avoid allocation here in the + * future. + */ + encoded_len = sizeof(uint64_t) + 1; + if ((encoded = OPENSSL_malloc(encoded_len)) == NULL) + goto err; - if (!WPACKET_init_static_len(&wpkt, encoded, encoded_len, 0)) - goto err; + if (!WPACKET_init_static_len(&wpkt, encoded, encoded_len, 0)) + goto err; - if (!ossl_quic_wire_encode_frame_path_response(&wpkt, frame_data)) { - WPACKET_cleanup(&wpkt); - goto err; - } + if (!ossl_quic_wire_encode_frame_path_response(&wpkt, frame_data)) { + WPACKET_cleanup(&wpkt); + goto err; + } - WPACKET_finish(&wpkt); + WPACKET_finish(&wpkt); - if (!ossl_quic_cfq_add_frame(ch->cfq, 0, QUIC_PN_SPACE_APP, - OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, - QUIC_CFQ_ITEM_FLAG_UNRELIABLE, - encoded, encoded_len, - free_path_response, NULL)) - goto err; + if (!ossl_quic_cfq_add_frame(ch->cfq, 0, QUIC_PN_SPACE_APP, + OSSL_QUIC_FRAME_TYPE_PATH_RESPONSE, + QUIC_CFQ_ITEM_FLAG_UNRELIABLE, + encoded, encoded_len, + free_path_response, ch)) + goto err; + ch->seen_path_challenge = 1; + ch->path_response_limit++; + } return 1; @@ -1432,7 +1444,7 @@ int ossl_quic_handle_frames(QUIC_CHANNEL *ch, OSSL_QRX_PKT *qpacket) if (ch == NULL) return 0; - ch->did_crypto_frame = 0; + ossl_ch_reset_rx_state(ch); /* Initialize |ackm_data| (and reinitialize |ok|)*/ memset(&ackm_data, 0, sizeof(ackm_data)); diff --git a/crypto/openssl/ssl/quic/quic_txp.c b/crypto/openssl/ssl/quic/quic_txp.c index 44aaad868d2f..b2565c1a9fee 100644 --- a/crypto/openssl/ssl/quic/quic_txp.c +++ b/crypto/openssl/ssl/quic/quic_txp.c @@ -3133,6 +3133,8 @@ static int txp_pkt_commit(OSSL_QUIC_TX_PACKETISER *txp, --probe_info->pto[pn_space]; } + ossl_quic_fifd_pkt_discard_unreliable(&txp->fifd, tpkt); + return rc; } diff --git a/crypto/openssl/test/cmsapitest.c b/crypto/openssl/test/cmsapitest.c index 0752d14df09c..d908bc6fc4c4 100644 --- a/crypto/openssl/test/cmsapitest.c +++ b/crypto/openssl/test/cmsapitest.c @@ -21,6 +21,7 @@ static X509 *cert = NULL; static EVP_PKEY *privkey = NULL; static char *derin = NULL; static char *too_long_iv_cms_in = NULL; +static char *pwri_kek_oob_der_in = NULL; static int test_encrypt_decrypt(const EVP_CIPHER *cipher) { @@ -512,7 +513,48 @@ end: return ret; } -OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile\n") +/* + * CMS EnvelopedData with a single PasswordRecipientInfo using + * id-alg-PWRI-KEK and an AES-128-CFB key encryption cipher + * (1-byte effective block size). The encryptedKey OCTET STRING is + * only two bytes long, so the wrapped key buffer is shorter than + * the seven octets read by the check-byte test in kek_unwrap_key(). + * Prior to CVE-2026-9076 this triggered an out-of-bounds heap read; + * CMS_decrypt() must now fail cleanly. + */ +static int test_pwri_kek_unwrap_short_encrypted_key(void) +{ + BIO *in = NULL; + CMS_ContentInfo *cms = NULL; + unsigned long err = 0; + int ret = 0; + + if (!TEST_ptr(in = BIO_new_file(pwri_kek_oob_der_in, "rb")) + || !TEST_ptr(cms = d2i_CMS_bio(in, NULL))) + goto end; + + /* + * The unwrap is attempted eagerly inside CMS_decrypt_set1_password(). + * It must fail cleanly (no OOB read) and report CMS_R_UNWRAP_FAILURE. + */ + if (!TEST_false(CMS_decrypt_set1_password(cms, + (unsigned char *)"password", -1))) + goto end; + + err = ERR_peek_last_error(); + if (!TEST_int_eq(ERR_GET_LIB(err), ERR_LIB_CMS) + || !TEST_int_eq(ERR_GET_REASON(err), CMS_R_UNWRAP_FAILURE)) + goto end; + + ERR_clear_error(); + ret = 1; +end: + CMS_ContentInfo_free(cms); + BIO_free(in); + return ret; +} + +OPT_TEST_DECLARE_USAGE("certfile privkeyfile derfile tooLongIVpem pwriKekOobDer\n") int setup_tests(void) { @@ -527,7 +569,8 @@ int setup_tests(void) if (!TEST_ptr(certin = test_get_argument(0)) || !TEST_ptr(privkeyin = test_get_argument(1)) || !TEST_ptr(derin = test_get_argument(2)) - || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3))) + || !TEST_ptr(too_long_iv_cms_in = test_get_argument(3)) *** 236 LINES SKIPPED *** From nobody Tue Jun 9 19:20:17 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdz657Zpz6gVYF for ; Tue, 09 Jun 2026 19:20:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdz56sS2z3RBQ for ; Tue, 09 Jun 2026 19:20:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032818; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=MK65MHWkRRQtVQuRpEcgvTJVKa7iKIgkCkndILeSqdg=; b=ecbFM3cLAFJl5Fc/LCix2n9hPL0uRhJmhvIM34eFJ+p0VcRJy+yE3+gJ3qcjWtUpUYtj7t goFclfWi2REiGMhaqII582PLwIUI4pY5Nk3G6agG83rdVRhAW9cQWnFj4bGad/tq8RzqQ2 sAUTA+ARY048Ou0rUG2qX3qj/JQmhG705/mB18tJDdxsf72N6VFK39thvAEpyV0xWO8CJV oa+wDl1N9tv6xmTNC0M7XhUo6j+EKFv6p3jUqqvuk0GgEhTXIvHtg9u3BqtcBIrjlag97n WOPte5ime6SmH7TP+jFKTJe8nURB5Z7aVpvR92+HE5YJjBnmJEnHo00onYCI1Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032818; a=rsa-sha256; cv=none; b=Gb/oTRkdNzoJUwRh8xsotwz81uNV31hmlvVFxUo1JYSdMlGSpa6i7sRLujmQtb7Jvrj5aP OMorrxz9YaAMnu2V0WCIxwq+rTI7Lx2S197mnL4rAZT/xY/ie2r/FhCne66OVi+gb2Xqya XNtFOWj8Q+7iENa/uxer6rd5h0Qxmq777UaUAC6Jy7+JS/6ounvpDj2DExvFkSAhIPsYTJ OOX0zvHVshfNeCmNPIpS9wcy79jzv8rNwsRlI8hJtyeRKwBN9KSY0uxA/TwHo1uz+7DPg2 dqoJ8Le0JUuFtGtOuKzoVyTo+0sHK5UP4UttG01gePaQraa0fPDtzZlPYwiMog== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032818; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=MK65MHWkRRQtVQuRpEcgvTJVKa7iKIgkCkndILeSqdg=; b=SGsCUjKGSV6YYpeKS9ZiDL3QtK/VvfHn3IZqpVjGaA4D97Hdyq2SXCxuSxoBhhyf4dkAbF mBWplC+VtvSqJvBP/wZx1GxEPjcekzwm6Bv5qv/uEuWI1fQZQv9tQosJtAnBESlLPpNPb5 xl7dzpBQvQwVeXhcDm0hx7mBPdn6ZUyGYGqODebWOaVHDaTQRvvbH6pMYLlWnIgwjUhzqA AOd5W+bSgxNdhdnlfwLohgYJGk9brepFGRsaKCa+SE8XV5izZOK+d1OltK/ABhG6BiWPSq XiJaQDK7CiCnja//BxcWpA8UcB4ipDl7BnacqClT5O+o2h0RQWxxZht7X3QNtA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdz56N0RznCw for ; Tue, 09 Jun 2026 19:20:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3fc36 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:17 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 328e16f66204 - releng/15.1 - Add UPDATING entries and bump version List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: 328e16f6620420dd130da41b806e1419f5c2c679 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:17 +0000 Message-Id: <6a286771.3fc36.15c0cabb@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=328e16f6620420dd130da41b806e1419f5c2c679 commit 328e16f6620420dd130da41b806e1419f5c2c679 Author: Mark Johnston AuthorDate: 2026-06-07 18:11:49 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 03:00:35 +0000 Add UPDATING entries and bump version Approved by: re (cperciva) Approved by: so --- UPDATING | 41 +++++++++++++++++++++++++++++++++++++++++ sys/conf/newvers.sh | 2 +- 2 files changed, 42 insertions(+), 1 deletion(-) diff --git a/UPDATING b/UPDATING index 137d2aa78e6c..71c3944fafa7 100644 --- a/UPDATING +++ b/UPDATING @@ -12,6 +12,47 @@ Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before updating system packages and/or ports. +20260609: + 15.1-RC3-p1 EN-26:15.openssl + SA-26:25.thr + SA-26:26.ktls + SA-26:27.sound + SA-26:28.capsicum + SA-26:29.ip6_multicast + SA-26:30.linux + SA-26:31.arm64 + SA-26:32.elf + SA-26:33.unbound + SA-26:34.vt + SA-26:35.openssl + SA-26:36.ldns + + Update OpenSSL to 3.0.20 and 3.5.6. [EN-26:15.openssl] + + Missing permission check in thr_kill2(2). [SA-26:25.thr] + + Arbitrary file overwrite via the KTLS receive path. [SA-26:26.ktls] + + Multiple vulnerabilities in the sound(4) mmap path. [SA-26:27.sound] + + sigqueue(2) missing capability mode restriction. [SA-26:28.capsicum] + + Use-after-free bug in the IPV6_MSFILTER socket option handler. [SA-26:29.ip6_multicast] + + Flaw in Linuxulator execution of setugid binaries. [SA-26:30.linux] + + Arm CPU errata may bypass page table permission changes. [SA-26:31.arm64] + + ASLR bypass for setuid executables via procctl(2). [SA-26:32.elf] + + Multiple vulnerabilities in unbound. [SA-26:33.unbound] + + Integer overflow in vt(4) CONS_HISTORY ioctl. [SA-26:34.vt] + + Multiple vulnerabilities in OpenSSL. [SA-26:35.openssl] + + Insufficient response validation in the ldns stub resolver. [SA-26:36.ldns] + 20260512: "bsdinstall script" will now do a pkgbase installation by default. To revert to the legacy distset installation, set "DISTRIBUTIONS" in diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 17d6f240b2ca..249ff1519aff 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -51,7 +51,7 @@ TYPE="FreeBSD" REVISION="15.1" -BRANCH="RC3" +BRANCH="RC3-p1" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From nobody Tue Jun 9 19:20:16 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZdz61XlPz6gVnX for ; Tue, 09 Jun 2026 19:20:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZdz46g8Dz3RBF for ; Tue, 09 Jun 2026 19:20:16 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032817; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZvfI0xWoW1EIevbuEcsoWHHhr3ZRA0J3JcbCIPJhicY=; b=D01JdqzYGcNCOaCrkbveIp+QehMae8pcBcE47phKTKfo0tVnqjE+g8fp+0p0RNmXLzhlcA 2xG8+IFeJEahICSmNDCv2NGXETlkXAnz6jW0Hzi1ouCngmMtPfPmoFcn/UP2TxB5O2Y5c4 sHFow5CBUCI0ecFhSMHDeVtB33sljW7a5nyeadFlfcd6t2CZUhkUrekeJ7Fuxvhr+7vYWl Zy4kWrZaFjT7v2Fuz8KvfU6/OnzApFcaJcYhAtpxoxmR4rw8p79CGHkV2qApox3XBcpkGs Afluyh0Fxl1CzP4bJbLwfZO0j0IPyWScg2li6xxHbL8RgmsS4Ox/N4mzMa6Jdg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032817; a=rsa-sha256; cv=none; b=Q6G7KKdKzUbGU49rEHoM4zhzWh7K/EicR4jI240/OfrG1MSZ+6DwXDHCI7GLZps6ObGziA eybITBDOrObBTlocgBQV9OBueT3nfECfaVvuqDEwLbEeu6+XTq0GM3fPdw0FtFlxzHu/yS h73WHmkAttpdw0kPIkVLW0et8pmLwr4KyDT0exCRTOXWrQmj7DC8MOxF0nLYp2dFJ2Cusl qZeSdkp8kDeG6FlBL3bPAxGx63fjBDUp7hdQxdhX7IpwNcTxouuKGHW/hbq/iRG1VqGZgF lpZKa4/t0e+OF19Ax9zqni2BVFpiFk89EISQd7N3nCT+1B6d2QbaO61/IT+P2g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032817; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZvfI0xWoW1EIevbuEcsoWHHhr3ZRA0J3JcbCIPJhicY=; b=UtPo42pEUvmZMNtPkUurXKLQk+JfpHhOSqiHc7F3zQ5+70xhrGBCq1HrBoQ3aaDbMKZAEO tDDr+exuuHH93Qud8zDKwkyojHWcSGT+M/XbZW3adHmJnNsVKfokKUu7ADWPsjGQ892Fhk Z8R/ImxSdDtSpkVLaDzobLzR2DNNprToGQmJ6IIg7PhPAt49T7WMA5XPKm+tF455GqfRIm 2CTmDee438jW6NjEWH5yK8CKkeVfYxCnYoIXJOUVL7oOFK8dCltl/CQvxbgo0VsmyK8AWq 1LYKPTG77QDl6pubaq+a7x0VSMs2QEusfk0uQWRonVY/h+q3swKLd6fecgapjQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZdz462Ntzp1r for ; Tue, 09 Jun 2026 19:20:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e7b9 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:20:16 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Gordon Tetlow From: Mark Johnston Subject: git: 157d99d7ec9b - releng/15.1 - ldns: Fix query response validation List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/15.1 X-Git-Reftype: branch X-Git-Commit: 157d99d7ec9b168d41d4b16f23c09bd55c511aff Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:20:16 +0000 Message-Id: <6a286770.3e7b9.8634bca@gitrepo.freebsd.org> The branch releng/15.1 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=157d99d7ec9b168d41d4b16f23c09bd55c511aff commit 157d99d7ec9b168d41d4b16f23c09bd55c511aff Author: Gordon Tetlow AuthorDate: 2026-06-07 15:24:14 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 03:00:29 +0000 ldns: Fix query response validation Approved by: re (cperciva) Approved by: so Security: FreeBSD-SA-26:36.ldns Security: CVE-2026-10846 --- contrib/ldns/error.c | 13 +++++++ contrib/ldns/ldns/error.h | 8 ++++- contrib/ldns/net.c | 92 +++++++++++++++++++++++++++++++++++++++++++++-- 3 files changed, 110 insertions(+), 3 deletions(-) diff --git a/contrib/ldns/error.c b/contrib/ldns/error.c index e3fd12112789..4fc05d6d0d8f 100644 --- a/contrib/ldns/error.c +++ b/contrib/ldns/error.c @@ -184,6 +184,19 @@ ldns_lookup_table ldns_error_str[] = { { LDNS_STATUS_INVALID_SVCPARAM_VALUE, "Invalid wireformat of a value " "in the ServiceParam rdata field of SVCB or HTTPS RR" }, + { LDNS_STATUS_NOT_EDE, + "The EDNS option is not an extended error code" }, + { LDNS_STATUS_EDE_OPTION_MALFORMED, + "The extended error code option is malformed, expected " + "at least 2 bytes of option data" }, + { LDNS_STATUS_EQUAL_RR, + "An identical RR already existed in the zone" }, + { LDNS_STATUS_ID_DID_NOT_MATCH, + "Response ID did not match the query ID" }, + { LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + "The query section MUST contain exactly one question" }, + { LDNS_STATUS_QUERY_DID_NOT_MATCH, + "The question in the response did not match the query" }, { 0, NULL } }; diff --git a/contrib/ldns/ldns/error.h b/contrib/ldns/ldns/error.h index 2429b7703dfa..41d64cc0815f 100644 --- a/contrib/ldns/ldns/error.h +++ b/contrib/ldns/ldns/error.h @@ -141,7 +141,13 @@ enum ldns_enum_status { LDNS_STATUS_RESERVED_SVCPARAM_KEY, LDNS_STATUS_NO_SVCPARAM_VALUE_EXPECTED, LDNS_STATUS_SVCPARAM_KEY_MORE_THAN_ONCE, - LDNS_STATUS_INVALID_SVCPARAM_VALUE + LDNS_STATUS_INVALID_SVCPARAM_VALUE, + LDNS_STATUS_NOT_EDE, + LDNS_STATUS_EDE_OPTION_MALFORMED, + LDNS_STATUS_EQUAL_RR, + LDNS_STATUS_ID_DID_NOT_MATCH, + LDNS_STATUS_QDCOUNT_MUST_BE_ONE, + LDNS_STATUS_QUERY_DID_NOT_MATCH }; typedef enum ldns_enum_status ldns_status; diff --git a/contrib/ldns/net.c b/contrib/ldns/net.c index 57d4dff24dbe..215c0cac891c 100644 --- a/contrib/ldns/net.c +++ b/contrib/ldns/net.c @@ -441,6 +441,50 @@ ldns_udp_bgsend2(ldns_buffer *qbin, return ldns_udp_bgsend_from(qbin, to, tolen, NULL, 0, timeout); } +/** helper sockaddr compare function. returns -1, 0 or 1. */ +static int +ldns_sockaddr_cmp(const struct sockaddr_storage* addr1, socklen_t len1, + const struct sockaddr_storage* addr2, socklen_t len2) +{ + struct sockaddr_in* p1_in = (struct sockaddr_in*)addr1; + struct sockaddr_in* p2_in = (struct sockaddr_in*)addr2; + struct sockaddr_in6* p1_in6 = (struct sockaddr_in6*)addr1; + struct sockaddr_in6* p2_in6 = (struct sockaddr_in6*)addr2; + if(len1 < len2) + return -1; + if(len1 > len2) + return 1; + assert(len1 == len2); + if( p1_in->sin_family < p2_in->sin_family) + return -1; + if( p1_in->sin_family > p2_in->sin_family) + return 1; + assert( p1_in->sin_family == p2_in->sin_family ); + /* compare ip4 */ + if( p1_in->sin_family == AF_INET ) { + /* just order it, ntohs not required */ + if(p1_in->sin_port < p2_in->sin_port) + return -1; + if(p1_in->sin_port > p2_in->sin_port) + return 1; + assert(p1_in->sin_port == p2_in->sin_port); + return memcmp(&p1_in->sin_addr, &p2_in->sin_addr, + sizeof(p1_in->sin_addr)); + } else if (p1_in6->sin6_family == AF_INET6) { + /* just order it, ntohs not required */ + if(p1_in6->sin6_port < p2_in6->sin6_port) + return -1; + if(p1_in6->sin6_port > p2_in6->sin6_port) + return 1; + assert(p1_in6->sin6_port == p2_in6->sin6_port); + return memcmp(&p1_in6->sin6_addr, &p2_in6->sin6_addr, + sizeof(p1_in6->sin6_addr)); + } else { + /* eek unknown type, perform this comparison for sanity. */ + return memcmp(addr1, addr2, len1); + } +} + static ldns_status ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, const struct sockaddr_storage *to , socklen_t tolen, @@ -449,6 +493,8 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, { int sockfd; uint8_t *answer; + struct sockaddr_storage reply_addr; + socklen_t reply_addr_len; sockfd = ldns_udp_bgsend_from(qbin, to, tolen, from, fromlen, timeout); @@ -467,13 +513,21 @@ ldns_udp_send_from(uint8_t **result, ldns_buffer *qbin, * but returns a 'NETWORK_ERROR' much like a timeout. */ ldns_sock_nonblock(sockfd); - answer = ldns_udp_read_wire(sockfd, answer_size, NULL, NULL); + reply_addr_len = sizeof(reply_addr); + memset(&reply_addr, 0, reply_addr_len); + answer = ldns_udp_read_wire(sockfd, answer_size, &reply_addr, + &reply_addr_len); close_socket(sockfd); if (!answer) { /* oops */ return LDNS_STATUS_NETWORK_ERR; } + /* Check that the reply came from the to addr. */ + if(ldns_sockaddr_cmp(to, tolen, &reply_addr, reply_addr_len) != 0) { + free(answer); + return LDNS_STATUS_NETWORK_ERR; + } *result = answer; return LDNS_STATUS_OK; @@ -512,6 +566,10 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf assert(r != NULL); + /* The query should at least have one question */ + if(ldns_buffer_limit(qb) < 6 || ldns_buffer_read_u16_at(qb, 4) != 1) + return LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + status = LDNS_STATUS_OK; rtt = ldns_resolver_rtt(r); ns_array = ldns_resolver_nameservers(r); @@ -599,6 +657,16 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf ldns_resolver_set_nameserver_rtt(r, i, LDNS_RESOLV_RTT_INF); status = send_status; } + if(reply_bytes && ldns_buffer_limit(qb) >= 2) { + uint16_t txid = ldns_buffer_read_u16_at(qb, 0); + if(reply_size < 2 || + ldns_read_uint16(reply_bytes) != txid) { + status = LDNS_STATUS_ID_DID_NOT_MATCH; + LDNS_FREE(reply_bytes); + reply_bytes = NULL; + reply_size = 0; + } + } /* obey the fail directive */ if (!reply_bytes) { @@ -608,7 +676,7 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf LDNS_FREE(src); } LDNS_FREE(ns); - return LDNS_STATUS_ERR; + return status ? status : LDNS_STATUS_ERR; } else { LDNS_FREE(ns); continue; @@ -670,6 +738,26 @@ ldns_send_buffer(ldns_pkt **result, ldns_resolver *r, ldns_buffer *qb, ldns_rdf #endif /* HAVE_SSL */ LDNS_FREE(reply_bytes); + if (reply) { + ldns_pkt *query = NULL; + + if(ldns_pkt_qdcount(reply) != 1) { + status = LDNS_STATUS_QDCOUNT_MUST_BE_ONE; + ldns_pkt_free(reply); + reply = NULL; + + } else if(ldns_wire2pkt(&query + , ldns_buffer_begin(qb) + , ldns_buffer_position(qb)) != LDNS_STATUS_OK + || ldns_pkt_qdcount(query) != 1 + || ldns_rr_compare(ldns_rr_list_rr(ldns_pkt_question(query),0) + ,ldns_rr_list_rr(ldns_pkt_question(reply),0))){ + status = LDNS_STATUS_QUERY_DID_NOT_MATCH; + ldns_pkt_free(reply); + reply = NULL; + } + ldns_pkt_free(query); + } if (result) { *result = reply; } From nobody Tue Jun 9 19:22:10 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZf1G5hW4z6gW1y for ; Tue, 09 Jun 2026 19:22:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZf1G3r62z3VWl for ; Tue, 09 Jun 2026 19:22:10 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032930; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=n9CTOqd4y454Qqecp1/QlN/qFT8uzgeQGv9gVmaKpMY=; b=cX5/jWX4zkyvOLCRl6iK3+bW2KXSvePdcWzevIxaoIC2baeTBKdXi/QsvPb7dmglveWALy pYCfSQTPu+Krf/rJgKinFH8ktXNGewNBTLEHlnbe3/4osOVvwwooNi432IPjpI0YJ1V1/2 ExMX0aKYfEgsdEqFPDMMW9fX+/aYS7yvB0M/XyGIXilB9ZOZDF9F19UwgOW3c6j4bbygG6 xeoSEJQ9sFsbLCK05nQ6sFZX6AZEojHEENEaFLj4yAbtMCqTLuiflJV2DVxLkQXpN4DLqQ 9oZ5TBo16/wsQAH5vsSxu5qktuxGjN8qciyE2K7L5RmiGgSoZaHGMoO7Y4Sdyw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032930; a=rsa-sha256; cv=none; b=ffAYyisTSpv29lMvu+SOQPP4BTmybsixzmR1KEcah/cgzKnbF6Wcsor9ZD5dKBNRvvX0Cq yccHz02QQ64tuOOO9YTW8ooaNNWCzMhFm3xD7KoWqrtUSrOEZ6Vi/YNhn+AFVkDrnCnmL8 9+qt1EmZlrdIkGG4vryjkp02ubetMAXoZFVoXR1eAgb3zdNXJK9Rb1mz0/3+onSk7VcujO pIY7VsRe5zpqJfUyW2beogtaS6yBYHLSwG0r6v38EZU4b6hO93wcyrKeA854o7YPcQoL1u vEBbDrv4Z96Kb6wtDLOvmAhpdErUxpA1MccowoVO9fsnEOZvwy+LiEL1XqxlcA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032930; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=n9CTOqd4y454Qqecp1/QlN/qFT8uzgeQGv9gVmaKpMY=; b=P+7EBwA1/bfer8a+4FRVe4IaiWYn9bTDh7z9Z9+NTfENC5VJTgB56a9k9yGt/oZZuOv4NK cZSpbByLwLMbH1GBJ8VTL9rZN5260FQKxHFhkJmFvzdE4m8N1Amethf3rvSoKwyx3nzLj1 NbkjKbzMJq9IkwL1mE0ABj8zRXL1RSb3SgpD79DiZxBUgjPsfoBu8qLkaVFqeZa8sRxH4D hNB8TzyI3csVz5Z8Zc9E/yfVgwt6BLkWMrnilfhjOjEOFd80mmIEI9BoK4zVCD5Y9/OsBl o3ceX49rSPnyrU9XbH2UmENxVuUi4k1V91HS57mgHXDGtK73GSu0E33Ey5Ni+Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZf1G2h0Xzp2X for ; Tue, 09 Jun 2026 19:22:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3f929 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:22:10 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org From: Enji Cooper Subject: git: ab5fc4ac933f..3a71a35ad9da - vendor/openssl-3.5 - vendor branch updated List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ngie X-Git-Repository: src X-Git-Refname: refs/heads/vendor/openssl-3.5 X-Git-Reftype: branch X-Git-Commit: 3a71a35ad9dad0e5d2cad8efecc8ba9d57c42d43 X-Git-Oldrev: ab5fc4ac933ff67bc800e774dffce15e2a541e90 X-Git-Newrev: 3a71a35ad9dad0e5d2cad8efecc8ba9d57c42d43 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:22:10 +0000 Message-Id: <6a2867e2.3f929.1bd24e87@gitrepo.freebsd.org> The branch vendor/openssl-3.5 has been updated by ngie: URL: https://cgit.FreeBSD.org/src/log/?id=ab5fc4ac933f..3a71a35ad9da 3a71a35ad9da openssl: import 3.5.7 From nobody Tue Jun 9 19:22:10 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZf1G5hSZz6gVwS for ; Tue, 09 Jun 2026 19:22:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZf1G3r05z3VG5 for ; Tue, 09 Jun 2026 19:22:10 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032930; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=swifNfQ7h8g/9Gb8UpoL74+nuKZEm1kZi0euykqyK68=; b=CoAwWbqSJ45Zz33QszIQKUZVXpO0zxyR+x0RubMpJRVbY3Rtp/APziIiVN0FNE1XGOzZ5t wlbQLsz1JsCRNjLO0CAkvNA1mKOoOhKM4crrVoDLSVyP1MHE8p8CHtEKF/fICdti/jnVYN cDzQM7MYBfMXxu30rKKJGbc2wi6uA0bPMULegM9Bk0GYA3mqn4jGNg2c2qUFGFWwr/bls1 MrKIuwETPUjbn2OXkLGUPDTz41dNSPnb106b7Rb0wxNhiSzjJaQdwpEpn2eaw7F26VLwLX UaAPz1RTGH+EF/6e1mnivU2zCFq+n6soRTmE/HzQebQds5GZW+/6wWa+o1N4WQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781032930; a=rsa-sha256; cv=none; b=tma//G02xT8uuB52LSlfs9zYnm5zgN/NXOTdc1dUaO4OTPvknTiDpck3ibY115AhTY1TV1 EXVgzuOeVrMT1jUw+UClphL8fSS7OoSilQcFvyJU02zr8rR58ft+KD2xhD4YhAEZR05BoX OX3FpY1tXhnEM5YuO3brBCG56MythuZFKLhXW7gdYGpynpCmUMbFOkC7Kao2ngmAUxUKvr Jwi3BtgPv8lVMFsUm7ri0uNxzlkYZ0N/aEFL4Sak0VCmthI4XB+lTXQ/I5PwVsKW3QJ33J ZO786hzsgVeIus5FHi3vKhiIaA3HKsRlOT0zrNR3hoD75al79ZehlC+4bUkXrQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781032930; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=swifNfQ7h8g/9Gb8UpoL74+nuKZEm1kZi0euykqyK68=; b=iPO91mvK1hTr+1jz+fvBP3OdwXxZdVu/HVadGHz4zZHjTJvBHV7VthU59nt7fIh10SOhxI GnAXlKBlIYAGnj8yBHROaJLJfr3BPx9OvAer0tl2BQ+aiAtZM595avt7lg05pV7gfLut3X PPjlPqqalO9fmg6D0umr740A8N69d6jjLb1LRahlzXDXdemOTpHZpBh2WzZLhHJ/9V5yIu NMmUycfyiQU4OTy3C21/tAOjR1z59ZQ+p4OErmiiJ0DEdHhELjaaj9XaaUA2puwBHc/uXo XlBkuNVLY3knmDkaAgPdW8eldpapX2pgkiXGXmkbH2ckiiAdJ3/6JtCNa+AFoQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZf1G35cyzp58 for ; Tue, 09 Jun 2026 19:22:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3fc37 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:22:10 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org From: Enji Cooper Subject: git: 94e3fc5f1e38 - Create tag vendors/openssl/3.0.21 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ngie X-Git-Repository: src X-Git-Refname: refs/tags/vendors/openssl/3.0.21 X-Git-Reftype: annotated tag X-Git-Commit: 94e3fc5f1e38a2569200b85ab2e58c71c4fc088c Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:22:10 +0000 Message-Id: <6a2867e2.3fc37.1f010780@gitrepo.freebsd.org> The annotated tag vendors/openssl/3.0.21 has been created by ngie: URL: https://cgit.FreeBSD.org/src/tag/?h=vendors/openssl/3.0.21 tag vendors/openssl/3.0.21 Tagger: Enji Cooper TaggerDate: 2026-06-09 19:06:52 +0000 OpenSSL: tag 3.0.21 import commit 6ecbd3d6800f1c273a5ab84088eb0d46504fd10d Author: Enji Cooper AuthorDate: 2026-06-09 19:06:49 +0000 Commit: Enji Cooper CommitDate: 2026-06-09 19:06:49 +0000 openssl: import 3.0.21 This change adds OpenSSL 3.0.21 from upstream [1]. The 3.0.21 artifact was been verified via PGP key [2] and by SHA256 checksum [3]. This change is a security release which resolves several issues with OpenSSL 3.0, the highest severity issue being ranked "High". Users are strongly encouraged to update to this release. More information about the release (from a high level) can be found in the release notes [4]. Updated via [5] with `update_openssl.sh 3.0.21`. 1. https://github.com/openssl/openssl/releases/download/openssl-3.0.21/openssl-3.0.21.tar.gz 2. https://github.com/openssl/openssl/releases/download/openssl-3.0.21/openssl-3.0.21.tar.gz.asc 3. https://github.com/openssl/openssl/releases/download/openssl-3.0.21/openssl-3.0.21.tar.gz.sha256 4. https://github.com/openssl/openssl/blob/openssl-3.0.21/NEWS.md 5. https://codeberg.org/ngie/freebsd-powertools/src/branch/main/shell/update_openssl.sh (facdfe954) From nobody Tue Jun 9 19:38:49 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZfNZ5T8cz6gXCg for ; Tue, 09 Jun 2026 19:38:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZfNZ451wz3tBJ for ; Tue, 09 Jun 2026 19:38:54 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781033934; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JnvGCPpiq232OtLj6iO+IWgmL159HT+srXKOXa4i7Ks=; b=oR+617hhThQhRY4/hZ2wwuYgjowdjvQrdF6T2gNv/JDPerdo38JhTlQ2urjMlYRf/eqiqe NdIGBi/hCvorIT/KO6M4O9WpGADsOHniqp+ARAJRPMdHVaYS0iHsY+4RwmQ/gEM+d4SO6a 2P1cgoC6UV1+m6gTnV5QKsdKPeZ98YDIgS/qmUAkdqmjsA5oFDLpXuxRFmUBHwVN6kKlwW VOEkZR7k7JXxnGe2uBcE2DVXYw47+5/S1bhCh1buRVm2SBj7TVh86lEpmIqYYQgoITP4qW oEcHuQ8rF9twPfdK6DNgPqH88TuofeUi9tIEhe8DSOpgq2v71g/6MvlQkq1S3A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781033934; a=rsa-sha256; cv=none; b=ts6D/cf7FK22377PS2fO4gaGNm2vm/XnU23CYe5LkcD1zzp0i2zU4c2lerPyDsM4eXAZYz x04y3ngrH0hLtnyHsQMgsf3c27ENEO4bjgD2UgZ/cmemUjSh3vMRE236cRZYf0NRPDMQEX vO3XMzwGpC6tbuWNdi3eiOgnJvTtN22MSn4cYKfb1Ycz60KlmCCBrWLnXcA5S3+s23ZDeA IY1Y0+hWBVBZrzoFe8QX5yow/DVtVyMf/l4Z4IVnlzRgQgHekfCXUCJGepPAzXrnOoakg9 9BTDjLNtiZgex07cnqt84yks4EYaRHgKKTTWceq1i0JWSH9ZaG0U27lkU/7GjA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781033934; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JnvGCPpiq232OtLj6iO+IWgmL159HT+srXKOXa4i7Ks=; b=c5rot1MW7VdZDmheTyUQgPX4WB4zjz+KzmNeMrm5UeZHHYTN4RWwdCgdyLxjSGfRJYJx8F Sr0IGBNJ/VN63LYxT7Cp+6HWGnE6OGSgDZp4FBTuRzRQQzHsbuhDKMG6svOxxJ9o1f5CWg G+Z0UXBgN1wheonK2MmN/dYRwEwxX60FSX+pPrxz7ZlKAc0d0fp77e/ubhT51SRndy6gEt WugsdYkeKQB8IFVndkG7AJAcLiTUX14MLzS2S5bg02X14hCjDVqOZ+mJzVkQjX6FDHJy3L g44uV19zBx1XlY2kNK6L/2ONCEXwFiPT59a26Xac/nU0rOSQV4yrjY4ssD6C+g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZfNZ32V7zp7P for ; Tue, 09 Jun 2026 19:38:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 18d50 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:38:49 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Enji Cooper Subject: git: 8f9aabbdbcd5 - main - OpenSSL: update MAINTAINERS/CODEOWNERS List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ngie X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 8f9aabbdbcd55b25b698bd762e8693d43f295bbd Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:38:49 +0000 Message-Id: <6a286bc9.18d50.ad63f70@gitrepo.freebsd.org> The branch main has been updated by ngie: URL: https://cgit.FreeBSD.org/src/commit/?id=8f9aabbdbcd55b25b698bd762e8693d43f295bbd commit 8f9aabbdbcd55b25b698bd762e8693d43f295bbd Author: Enji Cooper AuthorDate: 2026-06-09 19:34:41 +0000 Commit: Enji Cooper CommitDate: 2026-06-09 19:37:52 +0000 OpenSSL: update MAINTAINERS/CODEOWNERS I've been the quasi-defacto component maintainer for OpenSSL since 14.0-RELEASE. Make it official via CODEOWNERS/MAINTAINERS. The goal is to help guide those interested in making changes in this space to solicit my input with the new vendor import process and coordinate fixes with upstream until things are at a point where most of this is automated a system of automated checks and balances to confirm that the updates being made to the component help maintain a security supply chain for this given component. Thank you benl and jkim for your past efforts in this component area. Hopefully I can do my part to help improve this critical space further as you both did in your respective tenures. MFC after: 3 days --- .github/CODEOWNERS | 7 ++++--- MAINTAINERS | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 2df505627dc2..7d97938a2241 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -51,7 +51,7 @@ /crypto/heimdal @cschuber /crypto/krb5 @cschuber /crypto/openssh @dag-erling @emaste -/crypto/openssl/ @juikim +/crypto/openssl/ @ngie-eign /etc/mail @gshapiro /etc/sendmail @gshapiro /kerberos5 @cschuber @@ -76,7 +76,8 @@ /sbin/mount_fusefs @asomers /sbin/nvmecontrol @bsdimp /sbin/veriexec/ @stephane-rochoy-stormshield -/secure/usr.bin/openssl/ @juikim +/secure/lib/libcrypto/ @ngie-eign +/secure/lib/libssl/ @ngie-eign /share/man/ @concussious /share/mk @bsdimp @bapt @bdrewery @brooksdavis @emaste /stand @bsdimp @@ -90,7 +91,7 @@ /sys/arm64/rockchip @evadot /sys/arm64/vmm @zxombie /sys/compat/linprocfs/ @dag-erling -/sys/crypto/openssl/ @juikim +/sys/crypto/openssl/ @ngie-eign /sys/dev/drm2 @bsdimp /sys/dev/ftgpio/ @stephane-rochoy-stormshield /sys/dev/ftwd/ @stephane-rochoy-stormshield diff --git a/MAINTAINERS b/MAINTAINERS index 7878004cf3ff..4f4d15869c81 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -77,8 +77,8 @@ nvme(4) imp Pre-commit review requested. nvmecontrol(8) imp Pre-commit review requested. opencrypto jhb Pre-commit review requested. openpam des Pre-commit review required. +openssl ngie Pre-commit review requested. openssh emaste Pre-commit review requested. -openssl benl Pre-commit review requested. otus(4) adrian Pre-commit review requested, send to freebsd-wireless@freebsd.org sys/dev/pci imp,jhb Pre-commit review requested. pmcstudy(8) rrs Pre-commit review requested. From nobody Tue Jun 9 19:46:34 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZfYW4Nbpz6gXgT for ; Tue, 09 Jun 2026 19:46:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZfYW1t8Zz3vJd for ; Tue, 09 Jun 2026 19:46:39 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781034399; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=KtGok9QQkUqsFh0Ux6h9ZEUPSi0+eA32EVbTn3M5MPI=; b=jKOsO1Oqav+HtH0SCfMk3rEjt603gOiE7R8IZipTqHo62spaBWj7obVMgPJIAQSnKuniL5 FWkCr3bCIujgXkLwde8PX0HOhXIEW1Ljar0mj4RlMCZrJWxFVORsTg6cbF71Z8PUdZ2QpP r+Osos5Xx1m4nFLlUbVG7VYv2yA6YIPZzmD17txN8q2sSEcwMu0kUiGL91iEE47Qfuh48j h4Dq3vP552u64zqjo15AYUyh0BNm2KbnmV1iHJbCeFUwmFwcy74BwkBOi1fri8bjW81S2c 4VMxZI9WG+Lx7B8tBdHOLCLdqh6oUKwxssbKKrVypsVvGYo0lFOOI31/oFIhdQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781034399; a=rsa-sha256; cv=none; b=pBJzRdMslThqtlkod3+nEVOBXIx4qHTuCT5W8L2QA7JQk0J+YU1JMbTINhNz5JjvP56bR+ zYO6qS0q/QjGekiMROmOV5zKlkns4/4ObKL2bhO00wdnis7igSRP8zSBThhXVLCEoKgSqH bsOMZA1pFShS3CnVAj/hAXveScil1vSUWLpfd3nqZaq+DZ5XmeJ0SK4AZrSm3HW2DLwklT GpMKfVHk3+UZdtcVw7ZbYXfOFc0tWKRRfEtLoa4TwwfL9oqu4chmI1DmnCv7iUey6QMGMw Rr0SeSTqqmSaT6yypeCIXzmaOf/jfrOoK6PJodPlEnEFZj2QnB/1PE/dOEzrug== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781034399; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=KtGok9QQkUqsFh0Ux6h9ZEUPSi0+eA32EVbTn3M5MPI=; b=U8D9/tT1UtqzVrxCK42FGPPsdPY0stKoWkSmGNvNcXtGzqunQjhE82qsmNaYEwFcMKWDwd KCL1EvvilpC04Vy4m93JHGAkMimD+bCk9x/aoP6yCsJxynyRlx8YvpWETEmAfP2QpKMBqf mx4WoPT85eM4esTSyf2O3NJLgGawGAzCG5skjyEDt35sBQpYvu8FRtqdq5viQrAo+NeolR 7ufF92I3+/DWi+pR7HeX1XKNXuEvOMY+zi5PrXNMuV0FM9Oj87ehn1wct6VpSg0cs5tkT1 BevolkPFzyzYer4H7Wrb0eDWdxkPAwxv5rXMSmJ0YBVD4QUKMXskhMEUpE3OFA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZfYW1SkmzpqP for ; Tue, 09 Jun 2026 19:46:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1978c by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:46:34 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Ali Mashtizadeh From: Mitchell Horne Subject: git: dded0ab415cc - main - hwpmc: Disable AMD PMCs if in an unsupported VM List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mhorne X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: dded0ab415cc09eed506968366e383d406834823 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:46:34 +0000 Message-Id: <6a286d9a.1978c.49e1669d@gitrepo.freebsd.org> The branch main has been updated by mhorne: URL: https://cgit.FreeBSD.org/src/commit/?id=dded0ab415cc09eed506968366e383d406834823 commit dded0ab415cc09eed506968366e383d406834823 Author: Ali Mashtizadeh AuthorDate: 2026-06-05 23:48:53 +0000 Commit: Mitchell Horne CommitDate: 2026-06-09 19:46:31 +0000 hwpmc: Disable AMD PMCs if in an unsupported VM AMD does not have a CPUID bit to indicate the lack of K8 PMCs. If all other PMC features are not present we should test an event selector to see if it stores and returns a value. If the VM is implemented correctly, this should result in a #GP on the initial wrmsr_safe. Bhyve and a few other VMs ignore writes, so I got one step further and test that it retains the OS and USR bits. Tested on Zen 5 native and a Zen 5 Bhyve virtual machine. This code should not run on any recent hardware, except in a VM, as it checks that the core counter extension is missing. PR: 268943 Reported by: Sandipan Das, John F. Carr Reviewed by: mhorne, imp Sponsored by: Netflix MFC after: 1 week Pull Request: https://github.com/freebsd/freebsd-src/pull/2272/changes --- sys/dev/hwpmc/hwpmc_amd.c | 37 +++++++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) diff --git a/sys/dev/hwpmc/hwpmc_amd.c b/sys/dev/hwpmc/hwpmc_amd.c index 299021494716..e76bdef118d5 100644 --- a/sys/dev/hwpmc/hwpmc_amd.c +++ b/sys/dev/hwpmc/hwpmc_amd.c @@ -869,12 +869,14 @@ amd_pcpu_fini(struct pmc_mdep *md, int cpu) struct pmc_mdep * pmc_amd_initialize(void) { + struct amd_descr *d; struct pmc_classdep *pcd; struct pmc_mdep *pmc_mdep; + uint64_t reg; enum pmc_cputype cputype; - int error, i, ncpus, nclasses; + int ncpus, nclasses, i; int family, model, stepping; - struct amd_descr *d; + int error; /* * The presence of hardware performance counters on the AMD @@ -905,6 +907,37 @@ pmc_amd_initialize(void) return (NULL); } + /* + * Unforunately, there is no way to communicate that the original four + * core counters are disabled through CPUIDs alone. We attempt to + * write and read back the MSR to validate that it is working. + * + * Referenced the BIOS and Kernel Developer Guide for AMD Athlon 64 and + * AMD Opteron Processors 26094 Rev. 3.24 January, 2005 to ensure these + * fields are valid. + */ + if ((amd_feature2 & AMDID2_PCXC) == 0) { + error = wrmsr_safe(AMD_PMC_EVSEL_0, AMD_PMC_OS | AMD_PMC_USR); + if (error != 0) { + printf("hwpmc: AMD evsel 0 wrmsr failed!\n"); + return (NULL); + } + + error = rdmsr_safe(AMD_PMC_EVSEL_0, ®); + if (error != 0) { + printf("hwpmc: AMD evsel 0 rdmsr failed!\n"); + return (NULL); + } + + if (reg == 0) { + printf("hwpmc: AMD evsel returned invalid value! " + "You may be in a VM without PMC support.\n"); + return (NULL); + } + + wrmsr(AMD_PMC_EVSEL_0, 0); + } + /* * From PPR for AMD Family 1Ah, a new cpuid leaf specifies the maximum * number of PMCs of each type. If we do not have that leaf, we use From nobody Tue Jun 9 19:49:14 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZfcV4Vrfz6gXV5 for ; Tue, 09 Jun 2026 19:49:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZfcV1y5xz3vsr for ; Tue, 09 Jun 2026 19:49:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781034554; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4meBWBMnvCdMiLnpv0uWun60t4tWofTKZKpw5KXi19g=; b=HjGb0szOYJipVjsEAJFt3fFQqPitcqNWirsCV4ENoIOVNCn3GkAB/BQZ2n3GVJA0Q4hcfV gCkbSNHnM26NH5ece7mbGTJ4BlL3sGieatsljIto1nFIgNshvL9yLz5+EQdJ/u29q2rsGH B5WOfWYaFOeteHpjsiA68l/x6e8TIIIla+thX4URHM9q/jbfZKYbzX00HJiseNNpn1W104 Kipx3qPSDNrf+aMuNa9oSU+k2nO9z+6noCLVeEf5nMPo0ExwxJ/9SFXZrQKAAjlwdqA+MM L3iFB9xFtmML4jcGioXGuqhdWSZyz8L4bjOmmQIT5KoKJqMnbt97qwbtMOQO2Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781034554; a=rsa-sha256; cv=none; b=uLWAdcUoL/6CxwXmDLmGiNLxL2VBjNmRF/Y9s7R3+5k3NH8/H/pXdTq4PrCwXNQCAIRsh1 hV8u/WuTsGBKqBk5ZyRMVdxNMIxmSxyf6LRvD0boIYKb7neZzBrMsX4meCSWrex6jUhtuM 7k7Ol8KPZkXGCiwVkqEQQ/g4EDOM6dCLrrKkL53VSUgB+7y/22B+zhqyNB5zKq6wq19shV V7h8uV9XkHkwe1tH1A6AjipRgfqGOmgk1duYTszq/P4Pwklcw8ls+E6etiOYa1IL8610ll sxi/Bm6ESk2hD4YU85zzr38SNrXLuZDExjQO09CPDwOqtdQX6FjL0ObfoHqF8Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781034554; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4meBWBMnvCdMiLnpv0uWun60t4tWofTKZKpw5KXi19g=; b=NhbIG9+TyVjFRXQC65jWWziTkrHT66WbPthG+vnm8KHcmytc7cYI9+22YrBVBs9xSrOxvg KU3ZvnNXO6cHYYa4X0+wzuKvdnj6E4qUfLOSJnCsiIIKmOD0uOIHnFtc722do4zpu9SC7G rCjJtLkjqIGOKCvegIBpJPdWLEHZpMDV4Ni0vuiIiSGX1DnyPWFtEZ/CeY60/eL/EV9LG5 ofGorGnzYV9qKJWSDR3Q6gpdDMfLV5/v1Tt5IupoD/9x3XvFDtqkOpqUXxOfjdAFyDDrKr pbvtpMFVwmr0aEMrRlDD53iWMOXOa49YRmz/PqddO5rma4oSIPupQDmGPP55+w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZfcV1HsvzpWj for ; Tue, 09 Jun 2026 19:49:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 18dff by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:49:14 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org From: Enji Cooper Subject: git: df2b28994e94 - Create tag vendor/openssl/3.5.7 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ngie X-Git-Repository: src X-Git-Refname: refs/tags/vendor/openssl/3.5.7 X-Git-Reftype: annotated tag X-Git-Commit: df2b28994e94d740329c9a20407ebd8396c71aee Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:49:14 +0000 Message-Id: <6a286e3a.18dff.94c8d62@gitrepo.freebsd.org> The annotated tag vendor/openssl/3.5.7 has been created by ngie: URL: https://cgit.FreeBSD.org/src/tag/?h=vendor/openssl/3.5.7 tag vendor/openssl/3.5.7 Tagger: Enji Cooper TaggerDate: 2026-06-09 19:46:51 +0000 vendors/openssl/3.5.7 commit 3a71a35ad9dad0e5d2cad8efecc8ba9d57c42d43 Author: Enji Cooper AuthorDate: 2026-06-09 19:21:35 +0000 Commit: Enji Cooper CommitDate: 2026-06-09 19:21:35 +0000 openssl: import 3.5.7 This change adds OpenSSL 3.5.7 from upstream [1]. The 3.5.7 artifact was been verified via PGP key [2] and by SHA256 checksum [3]. This change is a security release which resolves several issues with OpenSSL 3.5, the highest severity issue being ranked "High". Users are strongly encouraged to update to this release. More information about the release (from a high level) can be found in the release notes [4]. Updated via [5] with `update_openssl.sh 3.5.7`. Approved by: so (gordon; implicit) 1. https://github.com/openssl/openssl/releases/download/openssl-3.5.7/openssl-3.5.7.tar.gz 2. https://github.com/openssl/openssl/releases/download/openssl-3.5.7/openssl-3.5.7.tar.gz.asc 3. https://github.com/openssl/openssl/releases/download/openssl-3.5.7/openssl-3.5.7.tar.gz.sha256 4. https://github.com/openssl/openssl/blob/openssl-3.5.7/NEWS.md 5. https://codeberg.org/ngie/freebsd-powertools/src/branch/main/shell/update_openssl.sh (facdfe954) From nobody Tue Jun 9 19:49:14 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZfcV2KGqz6gY0g for ; Tue, 09 Jun 2026 19:49:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZfcV1cnBz3vrg for ; Tue, 09 Jun 2026 19:49:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781034554; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tAcktenRV/CcXqLUu9QpaCSsorBOaiT5SkYijrKMJZA=; b=WJr5JVGrBZzV6UPSKzNa6+vaO5DmcEWgGmd/AD2TU+1PMKnp9mkzGB/72ZGuIxmv1jyqIN WoKylMHn/k5xPJgItEtxr5E5bPar3LW3GhW2G5SbjLXBBff0XyS29g1AJHrDHGeLH5xAxa KOVaync2SLc/Jcg3mvZI6ExU3mZHrNHuVte06V/k5OpzJ3ofwz3kLHeNxEPEcvnpZtdZYX ngDhJV+rLAgPhUXzlHvstt7MucygVwkZ+jzPJClBhTAPCEoKtnOunMjAjXfJp7+XnMCyMx ZVJ8rdGe5EIKIgl+ICwPF/tcGmLa2qR1p2ejFtDX3RbYyfaVGKZRrhqWpoLNDg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781034554; a=rsa-sha256; cv=none; b=mdD3iCAsoXBpEx7Q5GZ+KR0Ban/tRPoGUWWbLR0kN2jeFHmeO0dszAOKsDLih8btXLeGMi OpqPL05FdgVHDUSDOoKHjhxRaP2PuTZCukYWh+naozpHPrjW371AZyxr42zQt1+rCJIcO4 SMgEyNsO6aslu5mCFX+17U7zFRwvuKbJn3ZQvYHyt9uQIJXqF6q47ArnkzAwKeHAzGOPEF 2eosgkti0O4+TB6dRvoC1VYTGLzk/tMwWd8wqtw2LS/4pxyYSy0KMowzJKA9MuQRrw/vmP eJNrZ/BLcuBVPWc6Iyfv21sFDC3x9bkqDYxfjK1zHDZBHjAhs6ageM/1INlaoA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781034554; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tAcktenRV/CcXqLUu9QpaCSsorBOaiT5SkYijrKMJZA=; b=WLEzY2jgl5IkQuh3lOJ/e2yflbiutgMnkkZ30iZpe/Z4Mdkx0splq8A2hT3mZd89PWAgus XdEJPZON7FmBuBhW245nDWiyutc06g3kMm+ZJGKEyoKN5dR64sDTJtlgB4zEw6ej4BvqCl vtVqd6L7lTbMGWHjXEE/y5jr3D9hKmP5lWiAvTV9tSXobNl3Lmm+BRDRR2GxkB6pCZYpes VFPH+9zRitB4bcmmr7w8yzPZFCAjOjIY5h6Ud6u/XnLalutiJf4xh0qRw6TBfX8tla6Uoo N8amdSdavMtIkUnjt9oXfMdefGYGfOJZtBOmOZRh0ocFisxY7UcMCF5AYegxCg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZfcV124tzpL8 for ; Tue, 09 Jun 2026 19:49:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3ff5a by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 19:49:14 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org From: Enji Cooper Subject: git: ba220c84a0d7 - Create tag vendor/openssl/3.0.21 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ngie X-Git-Repository: src X-Git-Refname: refs/tags/vendor/openssl/3.0.21 X-Git-Reftype: annotated tag X-Git-Commit: ba220c84a0d777b25de8925df5139abe6b1287a1 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 19:49:14 +0000 Message-Id: <6a286e3a.3ff5a.4c33db1d@gitrepo.freebsd.org> The annotated tag vendor/openssl/3.0.21 has been created by ngie: URL: https://cgit.FreeBSD.org/src/tag/?h=vendor/openssl/3.0.21 tag vendor/openssl/3.0.21 Tagger: Enji Cooper TaggerDate: 2026-06-09 19:48:36 +0000 OpenSSL: tag 3.0.21 import commit 6ecbd3d6800f1c273a5ab84088eb0d46504fd10d Author: Enji Cooper AuthorDate: 2026-06-09 19:06:49 +0000 Commit: Enji Cooper CommitDate: 2026-06-09 19:06:49 +0000 openssl: import 3.0.21 This change adds OpenSSL 3.0.21 from upstream [1]. The 3.0.21 artifact was been verified via PGP key [2] and by SHA256 checksum [3]. This change is a security release which resolves several issues with OpenSSL 3.0, the highest severity issue being ranked "High". Users are strongly encouraged to update to this release. More information about the release (from a high level) can be found in the release notes [4]. Updated via [5] with `update_openssl.sh 3.0.21`. 1. https://github.com/openssl/openssl/releases/download/openssl-3.0.21/openssl-3.0.21.tar.gz 2. https://github.com/openssl/openssl/releases/download/openssl-3.0.21/openssl-3.0.21.tar.gz.asc 3. https://github.com/openssl/openssl/releases/download/openssl-3.0.21/openssl-3.0.21.tar.gz.sha256 4. https://github.com/openssl/openssl/blob/openssl-3.0.21/NEWS.md 5. https://codeberg.org/ngie/freebsd-powertools/src/branch/main/shell/update_openssl.sh (facdfe954) From nobody Tue Jun 9 20:26:19 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRH2CT8z6gbYK for ; Tue, 09 Jun 2026 20:26:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZgRH13xlz40Xg for ; Tue, 09 Jun 2026 20:26:19 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036779; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Ky5HZqaO5p7MWS0HZIdtcVyOqaAUG5y1iIvy1hNAIc8=; b=SRB0tEnT9ew0a2/nALvTrHY4lFJBLIILq58131hKq0AfS3t3Jzt3rj2jBPavc+HMpmJV2y zK6OtupbP5LQWTEd8lK32OVhEuaFnC2nJrHTp95SUxekRD+SIB9CxCkD43b9YWHzQsca4e 1NSYWGiLt0yMbKi+169XeE+AxLKREY7TOmaSAV3vMzC0Qx4MBp/XS7jgpGiEhuLTMdQ13U 3IUgDLN7nYV+HxJimux7xz6VUu1UfrA7N6T7j1P1lt1+xzTnxwhoT3uuT/9ReA8cF05SEP I4lJOTboRvMGWpKO3euaNkR9A+HfEmUOWNhedUUxQ8FPqAwSSlyyhN/FyfQAmw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781036779; a=rsa-sha256; cv=none; b=OU+rbSxGiNUIzH8yfohe+/jllX5wEi/9NY2G3LvDgy+yvEtz+X2GS88ySmJC8OQzCYtEdr qcG6JaTXb8I6lHfJf9+Oacc6pc6bNJ52D9AKcuLN5jw0kBNKHL2RXUwLT1lbt2rWlve0mk 9DsLlZMqR1KtiCraFAtXn1onQB/MiVq5bwwIk4X33QkNSLNSA6aj2Ue/U7ecP0KAZI8Iv2 3s7MbTqItNSkyK0mpt/Pia04uTDTLAE2oexQ3nqAUIcc8VCUNFIg6wGN2+BNXulOiPYC11 16C8mN7oYE7cmX6o94hmMe+4bU+tsRwWbGoxi1sIGDEkuOLxEdSQqeqt7TZ1cA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036779; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Ky5HZqaO5p7MWS0HZIdtcVyOqaAUG5y1iIvy1hNAIc8=; b=qcDId2vvYxw6SL579RVYyFQ2y9vkOUURa8+1DAPMKutFBKsNvu+ywLpxh5P9Bb9gLVPTKP tzbs3mnwG3bHoE3GrlG/XgLyZ8z/AQ2Xo2CCHr1xikWPDLmPKSyAEig4erUUjYsXNBMiWQ EfMPAVzGEHpsm9NKMgRazBN5K8mSeW7BYtb6GtnfQpMebXYF4eIn18Bj0iIUAmDWq38c9K 7FscF3+3kbpOfcwkmP/wNlsHcr5n1B81WpanLWZdCWCfN9QZD0L8mJouNIgMv8Y9CEPNpo oGhmJAoTLCuYEsO8XOQxARpDpzgTb6rc77eK2w2OS7SD86eluAYI9Te8Cn4tsg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRH064HzqfP for ; Tue, 09 Jun 2026 20:26:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1ed85 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 20:26:19 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: d5c5f2d08416 - stable/15 - MAC/do: Tests: Remove shebang lines List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: d5c5f2d0841667b3ccc1a541f9581aa639971f97 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 20:26:19 +0000 Message-Id: <6a2876eb.1ed85.2e925dce@gitrepo.freebsd.org> The branch stable/15 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=d5c5f2d0841667b3ccc1a541f9581aa639971f97 commit d5c5f2d0841667b3ccc1a541f9581aa639971f97 Author: Olivier Certner AuthorDate: 2026-05-22 16:47:04 +0000 Commit: Olivier Certner CommitDate: 2026-06-09 20:25:51 +0000 MAC/do: Tests: Remove shebang lines They are automatically added by . Reviewed by: bapt MFC after: 3 days Sponsored by: The FreeBSD Foundation Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/38 (cherry picked from commit 79a987aba154aca5965e4746ec5f867be8f22997) --- tests/sys/mac/do/invalid_configs.sh | 2 -- tests/sys/mac/do/valid_configs.sh | 2 -- 2 files changed, 4 deletions(-) diff --git a/tests/sys/mac/do/invalid_configs.sh b/tests/sys/mac/do/invalid_configs.sh index f24309cb2f3b..9758a0239082 100644 --- a/tests/sys/mac/do/invalid_configs.sh +++ b/tests/sys/mac/do/invalid_configs.sh @@ -1,5 +1,3 @@ -#!/usr/bin/env atf-sh -# # Copyright (c) 2026, The FreeBSD Foundation # # This software was developed by Olivier Certner at diff --git a/tests/sys/mac/do/valid_configs.sh b/tests/sys/mac/do/valid_configs.sh index bd5b53b5d5d8..be4e59ce54ca 100644 --- a/tests/sys/mac/do/valid_configs.sh +++ b/tests/sys/mac/do/valid_configs.sh @@ -1,5 +1,3 @@ -#!/usr/bin/env atf-sh -# # Copyright (c) 2026, The FreeBSD Foundation # # This software was developed by Olivier Certner at From nobody Tue Jun 9 20:26:20 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRJ2Mwkz6gbnt for ; Tue, 09 Jun 2026 20:26:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZgRJ11Wcz40xx for ; Tue, 09 Jun 2026 20:26:20 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036780; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=MrFcmG3T20Y2/vKJ4YZxWcwz1SZtc5EPiVsIaBCDTLA=; b=dYidyTPi+r16mleVUbpvNi++YB8ooVPrVBkE26QJ4hctiWfBhLWNGXYoo0is1fTeBtQ/ps kPyssbmdVG7DN5RNzj2lmAuXvC1YIstXQBaTg+tcL57i4qHyUV3b9WnU21fpHf2MXIe/GY YNJyYYj1kaYK4Hu5Wa+u5KaijeWHWniLzIpH7O2cHs9Z+3XhtBZvOv91s1c5mFp3Uk8XMM wAm/cHhleJbuI+k9CdKEQYsAzUaFSewg4zUSlyRRnRzdCTBhZnHp9b2Mbc54Gb4aiN6uJs ahnL8r8u7j67GLXet1t6fPllkAGEhDGN3rfFMuExsBFfLt7mPAEsVdgUnXgloQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781036780; a=rsa-sha256; cv=none; b=XdlZe7PJChw/mHZzqQ/gSuVmCnT7Svwz6ASM+K+ADcXbbx5CEmKBadQPfd6ZlLXlFDZVO8 Gg5qyCmb8ifHLR3Up5j5RDnv75WRoQnwQimcFYBDvAorYnwBJomOxwrSEq/0XlfJp3xZ8l LTM/dlmKfK8R2Ycbv+xZoj/3xq1eYhVmIR0resPkS5m0mACUfA3ys7Us/fdX5OjDEbKg7Q WKHrE+nNFpyOdWzOsvo/KGwiKE6kJbVka0WMmHIYGTCCXkCSw94Mlk1i1QB5o1M4Oje1LF rBu67lTdo8EkKZx+Fm+j49Lnq1M/6weG4alO/HQ+RGchNQOACZTvMLAupQJuXw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036780; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=MrFcmG3T20Y2/vKJ4YZxWcwz1SZtc5EPiVsIaBCDTLA=; b=HsG2aJkOwgEA7zVkUvHwVmrCuTZ0DtVgv9Db2XQ4Nbc+Z8jwymoWkc8LW0jPtgNatw1K1L /noQT5XeN9Gwvp4tKUF/jf5GsQW58M9+ZgEFFrRy14n2/U+wfF+nYZxeE6iZP+URIETxRV bBCdNS6Azmy8ESN6ohlcRyP9lnsgqmFP8ajD1cPUHlg7MAK1JylRdb2T5cg0JuvpkjUc70 hO/1QGQM7ZwZ9i4MEGa+0Mx5ozp99NpdqGdjw5reuBa9Wwc1H7q6hImfx+y+6iDLouoIo3 s9xoE9n1RuwzEf7v9YDC+AoMb+MnAaFaUYm/ULrrUXdADYTwxQ4/7iy8ADgKFg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRJ0ZvRzqhX for ; Tue, 09 Jun 2026 20:26:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1e8c5 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 20:26:20 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: 472d977c2fde - stable/15 - MAC/do: Tests: Fix copyrights List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 472d977c2fde4df13e871c54ae9db03f146a72a0 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 20:26:20 +0000 Message-Id: <6a2876ec.1e8c5.191e5409@gitrepo.freebsd.org> The branch stable/15 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=472d977c2fde4df13e871c54ae9db03f146a72a0 commit 472d977c2fde4df13e871c54ae9db03f146a72a0 Author: Olivier Certner AuthorDate: 2026-05-26 17:06:55 +0000 Commit: Olivier Certner CommitDate: 2026-06-09 20:25:52 +0000 MAC/do: Tests: Fix copyrights No comma needed after a single year. Add SPDX. Reviewed by: bapt MFC after: 3 days Sponsored by: The FreeBSD Foundation Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/38 (cherry picked from commit b0c948fe92acc8bd295cc53584e25c082c749cd1) --- tests/sys/mac/do/common.sh | 3 ++- tests/sys/mac/do/invalid_configs.sh | 4 +++- tests/sys/mac/do/valid_configs.sh | 4 +++- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/tests/sys/mac/do/common.sh b/tests/sys/mac/do/common.sh index 88529adcc1f3..444a74b4c2ab 100644 --- a/tests/sys/mac/do/common.sh +++ b/tests/sys/mac/do/common.sh @@ -1,5 +1,6 @@ +# Copyright (c) 2026 The FreeBSD Foundation # -# Copyright (c) 2026, The FreeBSD Foundation +# SPDX-License-Identifier: BSD-2-Clause # # This software was developed by Olivier Certner at # Kumacom SARL under sponsorship from the FreeBSD Foundation. diff --git a/tests/sys/mac/do/invalid_configs.sh b/tests/sys/mac/do/invalid_configs.sh index 9758a0239082..848e2b5c9579 100644 --- a/tests/sys/mac/do/invalid_configs.sh +++ b/tests/sys/mac/do/invalid_configs.sh @@ -1,4 +1,6 @@ -# Copyright (c) 2026, The FreeBSD Foundation +# Copyright (c) 2026 The FreeBSD Foundation +# +# SPDX-License-Identifier: BSD-2-Clause # # This software was developed by Olivier Certner at # Kumacom SARL under sponsorship from the FreeBSD Foundation. diff --git a/tests/sys/mac/do/valid_configs.sh b/tests/sys/mac/do/valid_configs.sh index be4e59ce54ca..44cfd62acc6e 100644 --- a/tests/sys/mac/do/valid_configs.sh +++ b/tests/sys/mac/do/valid_configs.sh @@ -1,4 +1,6 @@ -# Copyright (c) 2026, The FreeBSD Foundation +# Copyright (c) 2026 The FreeBSD Foundation +# +# SPDX-License-Identifier: BSD-2-Clause # # This software was developed by Olivier Certner at # Kumacom SARL under sponsorship from the FreeBSD Foundation. From nobody Tue Jun 9 20:26:21 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRK5FHVz6gblg for ; Tue, 09 Jun 2026 20:26:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZgRK3Z8Fz40gP for ; Tue, 09 Jun 2026 20:26:21 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036781; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TAAJ8CzEzsvVQ6H41xk5GHqDUtzklA/2zZ2U7nLMGVQ=; b=mzQselW89SLYguhoKlUheWNV9VTEEmy5pNLLaRCgEsPWQYe26eQSrAFAQ+/R5Ds7wEFhCE RFXJDt2QdvM/rHaHC90SkHp1EYRo2izfdMKPq6A3DY120Jf4wJKG3R3b8EEYok0+712laU 81S2olSMM/W4L9F1X6qZiylzFAkHdFtqtVoUsi5nSoARGkwOyOQUmS7f5E/27e+ZBb6f5y Sp0UHlPW4u2EZuopYz9Fe/HFYf2Z+/Ab7CA9CXlhFwAFpo+nVpMHHvmAULMKu6dqQAYMvx JTvSYO6n+t9Eh5W4GSlG4Anuvq5cfLvVQDHHRozx1TowdayeA5GyavKWRVsfGQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781036781; a=rsa-sha256; cv=none; b=UIxhdDtJpVZsZ/AAbKVpd3aE3+fiZTp4SuJdQs0mIsS5d+TqVAJ3qrM8vJKrJA05pUFLPE awwyM53kH6WVnIaY7ifARE1qRIT5BkDewzHd8Mrst0kJ3a3h/w96nhW5qbq2p1oA3N7ikE YGfDUaZ9GoSUUAgaLvWkCiHIbC6T6gYP/+KXHBsjSm1LySNKRmXXE7Mw7xNIU5rkfuT0M5 Ijou5bq4T28blfxIrEhD21VUfWMiwlr5vVzeAyv64PD9HJRAnPaFGTcPgOPUQUOeQdS4UE iDh9OEVyaaYEVkNa6nGz87u9CoeGRARqcWUi/fNIaV0h3pZlJJp6z01zWZPzkg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036781; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TAAJ8CzEzsvVQ6H41xk5GHqDUtzklA/2zZ2U7nLMGVQ=; b=qFFEVLIBQLfCDVTrBclhGCZB1TxW75jav1NhtsBBOq47x82JsF4AAjZXe1a9pmj57nFCIm nICf3DipnEgdJyIbIOYZriQ8EYCg43OOoel3qEj58YmMoLiXljJqsk8InzvN9IAR2YdSWn BLk0hEgWtUWhMUaOAk+3wbzQV939Yf2S9cOnVbBccV45nV7mSolir/OQVyF/FlwA7dzkeM zhigKQ7VKOLiK0oIDpbpYPCn83r59O+03XCtjBqwdztChPxBVE9QdKNthZJcL+GrvID/DK JlTTX9p3N6WwojCVugLdsKh4r834U9SaF7Hx9qecOHA1/iw2sobP+WCkYXDTHw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRK1JDWzqqd for ; Tue, 09 Jun 2026 20:26:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1f2a8 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 20:26:21 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: f4b3983c817a - stable/15 - MAC/do: Tests: Declare required programs closer to use List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: f4b3983c817a29d4b796ffe9ee301090a495127c Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 20:26:21 +0000 Message-Id: <6a2876ed.1f2a8.40929f60@gitrepo.freebsd.org> The branch stable/15 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=f4b3983c817a29d4b796ffe9ee301090a495127c commit f4b3983c817a29d4b796ffe9ee301090a495127c Author: Olivier Certner AuthorDate: 2026-05-22 14:19:57 +0000 Commit: Olivier Certner CommitDate: 2026-06-09 20:25:52 +0000 MAC/do: Tests: Declare required programs closer to use Reviewed by: bapt MFC after: 3 days Sponsored by: The FreeBSD Foundation Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/38 (cherry picked from commit 6159187329b56a9b550db193796ae4d76c1a306c) --- tests/sys/mac/do/Makefile | 1 - tests/sys/mac/do/common.sh | 2 ++ 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/sys/mac/do/Makefile b/tests/sys/mac/do/Makefile index 980067ea56e6..bfca40efdc8d 100644 --- a/tests/sys/mac/do/Makefile +++ b/tests/sys/mac/do/Makefile @@ -9,6 +9,5 @@ ${PACKAGE}FILES+= common.sh TEST_METADATA+= execenv="jail" TEST_METADATA+= required_kmods="mac_do" TEST_METADATA+= required_user="root" -TEST_METADATA+= required_programs="sysctl" .include diff --git a/tests/sys/mac/do/common.sh b/tests/sys/mac/do/common.sh index 444a74b4c2ab..6c4b138bdac0 100644 --- a/tests/sys/mac/do/common.sh +++ b/tests/sys/mac/do/common.sh @@ -69,5 +69,7 @@ sysctl_set_and_check_fails_rules() sysctl_set_and_check_rules_common sysctl_set_and_check_fails "$value" } +atf_require_prog sysctl + # Do not pollute kernel logs with parse errors sysctl $PPE_KNOB=0 >/dev/null 2>&1 From nobody Tue Jun 9 20:26:22 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRL6KMXz6gblh for ; Tue, 09 Jun 2026 20:26:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZgRL3QV1z40b7 for ; Tue, 09 Jun 2026 20:26:22 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036782; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cmJmXsuwUpwhrI0aCbt0JW8WAAoQQbeET6m2Cjz8mys=; b=WNBTzb8lQ56kVn4XQZglGXOS8gfz3EnvgTU3Dw1KIZkzhE3PxG5WTYdwc08eogqj+JdTx4 y7UvoCPkrMrPllkWIjzuhVg9/Vq/sbbprdlXUlGU98Is6ar+1gOsa2hq0HEujq+SBGw+es OxK165z/6shjkao9ikITWY3r+Px2vjDM5pi8MX07fk6XRlOEe0tKodu3At4i3VJbtuj4Ho wnA+8UE8XkEaTMPsNq7QRCV25nRzaMbGtNtmQMLgJH70RRvpsWgGEimYmLMk4DvviCLEZH jCVZkc/PxqQC3+Eo+2CMOStwJ1uSP5OADvGZjZYdkR9F97SGtQq26DOIqXKmOw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781036782; a=rsa-sha256; cv=none; b=uEa/NtzEbO5qNmdtLF8jxTM8cLWbYd3i5BWE6ewv1AyuwqMCL/p2iX7gwn83GNfu+y/daZ iBvPeMwVl7Mu4M7mzOWC0ZxfJCNkAFEtUPy+JTpy4ike3UqT53t0qucUGsYTZ2WWIaL3QA h4lArktSQsOJdH2/Lqu3yXyfZnIiOLjCnG2AG2sWgq8oSjTEWFaFi19+Y27wVZ2/Gc66f0 Xv1vv3nil2WeOZN0dOGl1D5XZMC9ONJRz/n8xkyrGaf1svjSCPp+LQhYP+bBwpWVFTUEGi CZh9cjQ0/ZXLlfbhL7xqOrFiUKVngNcR3f8movHoalyrAeaI3hzKYFrxs6a+fw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036782; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cmJmXsuwUpwhrI0aCbt0JW8WAAoQQbeET6m2Cjz8mys=; b=YdxoBhmUzIIYxATU07fPQkgRBy68zKit9P0grDT52qkgnQtO6FmtFMrY6kbmjn3eP/BFfv QUQyxEvsGIGmL3eiaT9qXq19tsTc8DbJc4eNf6KEmMxRwKBSOP0k6L6nGgx2O9+tGdMe7h iOfG5unOfol4nYhYRzJVi1Oc7/7DGWWpegFLcn0j/9YfDh8l2PxLxM0Xc5CFWuORtC4Emj 8yeNYAd/Hf3uXLo7OBmLDViJV3jzotIrn8kQLT8F7v5by3NHXWYq9wKcVl/NUNvS6qFyTP 4lTWkkPRHEYuklCl+u0T8QBZ5yacLguTxAPwfu7sKTEiNp0JM/M89MDht/Djmw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRL1sVszqkb for ; Tue, 09 Jun 2026 20:26:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1f20a by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 20:26:22 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: 73704144a09c - stable/15 - MAC/do: Tests: Quote the source directory List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 73704144a09c0171bd1282b4e1fcc893314c7299 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 20:26:22 +0000 Message-Id: <6a2876ee.1f20a.4b9da386@gitrepo.freebsd.org> The branch stable/15 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=73704144a09c0171bd1282b4e1fcc893314c7299 commit 73704144a09c0171bd1282b4e1fcc893314c7299 Author: Olivier Certner AuthorDate: 2026-05-22 14:21:39 +0000 Commit: Olivier Certner CommitDate: 2026-06-09 20:25:52 +0000 MAC/do: Tests: Quote the source directory In a standard test suite installation, this is not necessary, but be bullet-proof to custom ones, however improbable. Reviewed by: bapt MFC after: 3 days Sponsored by: The FreeBSD Foundation Pull Request: https://ron-dev.freebsd.org/FreeBSD/src/pulls/38 (cherry picked from commit 33daea3f862d7fe996602756805a92a600356f94) --- tests/sys/mac/do/invalid_configs.sh | 2 +- tests/sys/mac/do/valid_configs.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/sys/mac/do/invalid_configs.sh b/tests/sys/mac/do/invalid_configs.sh index 848e2b5c9579..d1a9eb8c1e96 100644 --- a/tests/sys/mac/do/invalid_configs.sh +++ b/tests/sys/mac/do/invalid_configs.sh @@ -75,7 +75,7 @@ rules_wrong_separator_body() atf_init_test_cases() { - . $(atf_get_srcdir)/common.sh + . "$(atf_get_srcdir)"/common.sh atf_add_test_case rule_no_target_part atf_add_test_case rule_no_match_part diff --git a/tests/sys/mac/do/valid_configs.sh b/tests/sys/mac/do/valid_configs.sh index 44cfd62acc6e..fc1c9a370854 100644 --- a/tests/sys/mac/do/valid_configs.sh +++ b/tests/sys/mac/do/valid_configs.sh @@ -120,7 +120,7 @@ gid= 1001 >gid =5" atf_init_test_cases() { - . $(atf_get_srcdir)/common.sh + . "$(atf_get_srcdir)"/common.sh atf_add_test_case rule_uid_to_any atf_add_test_case rule_uid_to_uid From nobody Tue Jun 9 20:26:17 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRM1lp4z6gblj for ; Tue, 09 Jun 2026 20:26:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZgRM0RvFz411X for ; Tue, 09 Jun 2026 20:26:23 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036783; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=LnuHByvQMaQgU1UHdPuvvL6mjbRJy+N5a5QcV8XowQw=; b=xB3PME0FfqhXbd4Nmx7/TAWVB4AYzNRMJYQvfrsSpBs3GgBK12Q5x6Al53FqU7koZoqrVz 8yexHZOL+0AbQQMwd6TK0jpb2BYmj5FXvsYDEvbpZdhGk7MxFA+Za0na51ywxiysjeQ6F+ pIvISslERya0R8yy9bZoyLoWkcrLHMvp3sGfpEIJbAeRTZUU5hFujQ3hz1p5lnF7Ui/nXx VzNbeMUDes0aULM/BOYzuoLhmj1gQMLVTg49FasNaAn5PHT5tKOd69YVyMBjxUdlHQWr3K v62uFE9JruQTL6I78b4I83Pp+EVB3DNC32RMVCGMTCcd+Yqrkm1SoXa3vvVFig== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781036783; a=rsa-sha256; cv=none; b=Ay8mKAsJGb06eyurqRo7hq5KuBx+h8A0wFmEw3EnPIPUet72TpCRDDgbHtKd6e6E87A8OF oCVbARreJDCDojFykkogdnXx7FhIb+BF4akg/Pqvw0zJqcolBr+DC0MtFvDWB5+t44/VRL uxnHVk4ndHWgc0RQFIQ7Xmlay12XlI6arFKc5RHSF3vZl8CUX4zDv8I6Tz6ZF060kU3Pc9 xFUc4ZnZLAOaaBdzBi2/QG/IZo2Snmkbuja9MR0CgSCf/Rjflri+Gb9Q2pGNz5tZI4nQ93 9JzJZ7FOmVdpmtRG6PhxcrjYs04UzOcAPHogpcwfN7OmqsvqsS6Lr3rGRaKmww== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036783; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=LnuHByvQMaQgU1UHdPuvvL6mjbRJy+N5a5QcV8XowQw=; b=Y7g/EbbNq8/v/TzOQwfGmO049YW1Tpcukw+IYq0Lq74XuTWCi0jVAgYBjMKJ2cL7nk4LZb QtqIoUWBIsbo+MlEkfjVrf9v4ag2mMZAPupslERadCI32kBIAIINp1NNFwbZZ8izfE+daB l6vsgCqjeHIY8lbMy+rGaHCVFrGVcbN/+fLsCKnohTdyQ8S3K8dONaS00oDUJv+Su6KXWQ 6LLoEPzxIIkusccqjLsQ2Tpb+6ckoYFpd5cMc8AM9G4c4XuNUZEl4I0In+Afarqqteq9J2 V5we4hr3ysfTNQfWzRij9iZZ8uML5ZX5eimDVSRtzZEsDC/bPfjhWwesX6+EUg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRM02pSzqbk for ; Tue, 09 Jun 2026 20:26:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1de69 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 20:26:17 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: 7941d1863f0f - stable/15 - acpi: On /dev/power suspend, trigger userspace notifications List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 7941d1863f0f6a394adc758af0836592f831a655 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 20:26:17 +0000 Message-Id: <6a2876e9.1de69.677c9f04@gitrepo.freebsd.org> The branch stable/15 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=7941d1863f0f6a394adc758af0836592f831a655 commit 7941d1863f0f6a394adc758af0836592f831a655 Author: Olivier Certner AuthorDate: 2026-05-25 16:01:10 +0000 Commit: Olivier Certner CommitDate: 2026-06-09 20:25:46 +0000 acpi: On /dev/power suspend, trigger userspace notifications On a suspend request via ioctl(), /dev/acpi (and compatible /dev/apm) both call acpi_ReqSleepState() instead of directly calling acpi_EnterSleepState(). The former does more checks, returns success if the machine is already suspending, and notifies user space (via devd(8)) about the impending suspend. In other words, it seems to have been designed for user consumption more than the latter function. So, use acpi_ReqSleepState() in place of acpi_EnterSleepState() in acpi_pm_func(), which is ultimately called by power_pm_suspend(), itself called by power_ioctl(). Other callers of power_pm_suspend() (such as the console drivers) are also user-facing facilities, so should also benefit from this change. Reviewed by: mhorne, imp Tested by: mhorne MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57239 (cherry picked from commit 44eb2883134e465c28468213f79567c64fe26de1) --- sys/dev/acpica/acpi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/dev/acpica/acpi.c b/sys/dev/acpica/acpi.c index 3951d817f0e3..0d3f1abeebe6 100644 --- a/sys/dev/acpica/acpi.c +++ b/sys/dev/acpica/acpi.c @@ -4742,7 +4742,7 @@ acpi_pm_func(u_long cmd, void *arg, ...) goto out; } - if (ACPI_FAILURE(acpi_EnterSleepState(sc, acpi_state))) + if (ACPI_FAILURE(acpi_ReqSleepState(sc, acpi_state))) error = ENXIO; break; default: From nobody Tue Jun 9 20:26:23 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRM6hBJz6gbjD for ; Tue, 09 Jun 2026 20:26:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZgRM34phz40wD for ; Tue, 09 Jun 2026 20:26:23 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036783; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xRp0WtzHfzlFrsfc/dH8FcKZM5B/8NiicWSGismTh+c=; b=mvt6z6i/RD/XHNDQYq9MouIfSlPWLpF2XsnK/sUu7ehLm5oe0E4Nubf2HZovJAJDo57TIX wfESMrlghdADpdn89/ZvI4cnxII7mPTe7iGQY/bXbdoBxk08I80KX8vobeqM/fmJ/Pi0fx zE8aBYtHt3zrHURDfOSlLc5UsK6oNx1q6fOKYHRn2TpLcTG6qoWxsZt8wsazsXtnVIpNCi mQvPfxqGTtgzrYmqSPVHHX6lA6XoHXCcFsqsWiheVI5v0MH/dmzt5IRWq34gU6ojh1sQGQ FDZhtP7f2lMMnQgrSQ+sqsYiHHq2BQ2d7RgsFJmd1aVQjWXzFlMPj3LaaKjXSA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781036783; a=rsa-sha256; cv=none; b=pQO1NvrRFedPCJN4iogcINHYriNT2sFcHgV8Av0Ilra/TK08aXluDH9kgy3SRifOxRYs/P s/o9MV3R4LBtlKHNhw7blt1VP5AytCfZ+pSEaqgMnRHRZhML8XBz9q3+kuUkzofkENvK3h 1eoKKXZKtG3ty/xZC2NzFQv77hydng3ArTnZnH456T1tcVkFvP2WtHmA/p8KYMFhXLQUIA j0kvehqaFWvsh7bm2u2Gx+6W3Toe02fDB5VGBs8wntmp3zTcSODqB24+Wwa84/ccO36Fyf fq3TyX2hjrt137JDqJ0PFAzOK0F4yZENCcAEGxZIrBwFECcFgNWARiO4nB53sA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036783; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xRp0WtzHfzlFrsfc/dH8FcKZM5B/8NiicWSGismTh+c=; b=jy9Rs9Sbk5EfSTaAP/stAFcR64BoZK3pmfTirn4imV+f+lh3nlHM0jXTTMStPnvyVJVybx JfImknz5CST0jNePIC4AJLONYBrJDESngluc46716CCLJeGZV3EBNIpJdrnePe6SzNoSYq 7BIo5jihJhj3VRfLSiyZYdkXhfrrFONfIS7uzHkX+JtB2QefPKDtZinOL+KzwVmIDjt1EI 4rBb2aROEdBa9QLPepF0CjJK3IkC0mW22G4Lat6XxWso/LP7pNrB+dhayHcxkqeTfErTL9 Jaak/HQodxBgfHVZm6HEFmDs46s72GYhZ0nFn1xGdApkHehP75x2ekg14FBSDw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRM2FTSzqyD for ; Tue, 09 Jun 2026 20:26:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1f4b2 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 20:26:23 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: 8451c8ad420d - stable/15 - MAC/do: Clarify comments about flags attached per-ID or per-ID-type List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 8451c8ad420d312dd58a55f09fa1fc78f636cd8f Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 20:26:23 +0000 Message-Id: <6a2876ef.1f4b2.59f756a4@gitrepo.freebsd.org> The branch stable/15 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=8451c8ad420d312dd58a55f09fa1fc78f636cd8f commit 8451c8ad420d312dd58a55f09fa1fc78f636cd8f Author: Olivier Certner AuthorDate: 2026-06-04 10:01:23 +0000 Commit: Olivier Certner CommitDate: 2026-06-09 20:25:52 +0000 MAC/do: Clarify comments about flags attached per-ID or per-ID-type No functional change. MFC after: 3 days Sponsored by: The FreeBSD Foundation (cherry picked from commit 0c2d64ce3da9c042da133c8b6d7391abb177f2c9) --- sys/security/mac_do/mac_do.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/sys/security/mac_do/mac_do.c b/sys/security/mac_do/mac_do.c index ba49da22ce67..790701e57e56 100644 --- a/sys/security/mac_do/mac_do.c +++ b/sys/security/mac_do/mac_do.c @@ -89,20 +89,22 @@ _Static_assert(sizeof(uid_t) == sizeof(u_int) && (uid_t)-1 >= 0 && * encoding for simplicity. * * There is currently room for "only" 16 bits. As these flags are purely - * internal, they can be renumbered and/or their type changed as needed. + * internal, they can be renumbered and/or the underlying type changed as + * needed. * * See also the check_*() functions below. */ typedef uint16_t flags_t; -/* (i,gid) Specification concerns primary groups. */ +/* (i,gid) Group can appear as a primary group. */ #define MDF_PRIMARY (1u << 0) -/* (i,gid) Specification concerns supplementary groups. */ +/* (i,gid) Group can appear as a supplementary group. */ #define MDF_SUPP_ALLOW (1u << 1) /* (i,gid) Group must appear as a supplementary group. */ #define MDF_SUPP_MUST (1u << 2) /* (i,gid) Group must not appear as a supplementary group. */ #define MDF_SUPP_DONT (1u << 3) +/* (i,gid) Mask to detect a supplementary group specification. */ #define MDF_SUPP_MASK (MDF_SUPP_ALLOW | MDF_SUPP_MUST | MDF_SUPP_DONT) #define MDF_ID_MASK (MDF_PRIMARY | MDF_SUPP_MASK) @@ -110,8 +112,8 @@ typedef uint16_t flags_t; * (t) All IDs allowed. * * For GIDs, MDF_ANY only concerns primary groups. The MDF_PRIMARY and - * MDF_SUPP_* flags never apply to MDF_ANY, but can be present if MDF_CURRENT is - * present also, as usual. + * MDF_SUPP_* flags do not apply to MDF_ANY, but can be present if MDF_CURRENT + * is present also, as for explicit IDs. */ #define MDF_ANY (1u << 8) /* (t) Current IDs allowed. */ From nobody Tue Jun 9 20:26:24 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRN5YB0z6gblm for ; Tue, 09 Jun 2026 20:26:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZgRN3S4xz4162 for ; Tue, 09 Jun 2026 20:26:24 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036784; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=uok40BSRW+EqExPW9ROgmVxfaypQIicFun9FD9Tk4T0=; b=cTOxvjwvPGahwtKUm1Xb95YU/LbQ+h8g0QLubL8KrJajBpY3frCrAhZIBMq42DwAkihr7K BvGPt6reAF7tRH3HMVjt8/iumevsEfDKVhevvM0sKvHaLkpnumWnorSwRq9/bB2Wnlhwvg GbT9lwFPWPsN6EdwWzhVv1J8QTCMVMTLnW0bakqX94kph84AqV8g44YL+gKeEskEGUlLol LYqp7XuGdJvqCk0DhAjabee6+Pqzx28VyhC7Q7c5W3E0JXOTuaXLdZztxvX6+pze1ocMkR nBe5l49IbLzwJuW3w5HZx44ym1IwS8IZxksxeyEiY8KwkUuQH0q4d8owmu1Q+Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781036784; a=rsa-sha256; cv=none; b=OoKMu3Yt6y5vXn1ZNCnHVPrOBsMKH3xmrgPEtv7lkfu/UscpNqYjBLPoCjqhNcS086tujt SZfP8nhtRzpokXgGYjcjn/PfVogqUtfbv0AvmNUsxiHXXQbrKEe07viDKdPVaNfKUg8nqJ mBtqXpt51QOpcrXy5qxkUknwM0OJqvQSwYvvxzWWLtV5TOBt29W4JrKeHwgHrc1qkugjC5 ns0XFNDc3j1VFHaXOmYJJI3a43HfcBlY7quK7WqLjJFWN2RImxB6cETfh2ozKlIrSWecP2 aylByz8yB2vTf8831cdhEHMhIF4oJuPir41rYOqgUEPBrpTt2EV94/X8RGoCIg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036784; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=uok40BSRW+EqExPW9ROgmVxfaypQIicFun9FD9Tk4T0=; b=rkKYeJ3YhWRVHXRnCXKF3rxFTOuB73roiNKuVRKgGAEDswjHbWsf3HDphLwg+9uip2WCqw HvWTVwwgttuNwYvJSwPKGcB68j+/ius7M3rBBD5YsiSmvs0nfoeOXR0UNhvZt4PDtw5vQH hNQSRNKKczBOq/nEBLEZz6F25Sasw0ios5PhEMyLzWw7VZUbenXVcdoS8xnIqhNFPQIBZB lmmk3uDGdcTgNle8QQ+qP1v8RMUv8tiGTfCAMX9rV+IVIY3IGsPs+7ocCjo51iL6rYSR2Q F9rEJ0LYVQJfNu5Co3H/Lm8wvQWhjGYVMV7U/Y7ZeAtJaSA7kdB4Vwo3y1jvAA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRN2ph2zqhb for ; Tue, 09 Jun 2026 20:26:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1f9a1 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 20:26:24 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: 39d5cf05d406 - stable/15 - style.9: Fix a typo (missing word) List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 39d5cf05d406f5ef57078d058819fb30cf644552 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 20:26:24 +0000 Message-Id: <6a2876f0.1f9a1.10a8f0e0@gitrepo.freebsd.org> The branch stable/15 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=39d5cf05d406f5ef57078d058819fb30cf644552 commit 39d5cf05d406f5ef57078d058819fb30cf644552 Author: Olivier Certner AuthorDate: 2026-06-01 07:23:08 +0000 Commit: Olivier Certner CommitDate: 2026-06-09 20:25:53 +0000 style.9: Fix a typo (missing word) Fixes: af2c7d9f6452 ("style.9: Encourage style changes when doing significant modifications") MFC after: 1 day Sponsored by: The FreeBSD Foundation (cherry picked from commit 1876f629b97608679f1bd71b9aa88a57b55c4574) --- share/man/man9/style.9 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/share/man/man9/style.9 b/share/man/man9/style.9 index 65636a8af828..e019a26d73a8 100644 --- a/share/man/man9/style.9 +++ b/share/man/man9/style.9 @@ -906,9 +906,9 @@ Their code is expected to at least be internally consistent with their style. Stylistic changes, including whitespace ones, complicate the work of downstream consumers and may impair developers' ability to trace the history of some changes. -Such standalone must be avoided, and should not span unrelated directories as -this increases the chances of conflicts when merging to stable and release -branches (MFCs). +Such standalone changes must be avoided, and should not span unrelated +directories as this increases the chances of conflicts when merging to stable +and release branches (MFCs). On the other hand, when a significant portion, usually about a half, of some logical unit of code, be it a function, group of functions, file or group of files, is going to be modified, developers are encouraged to amend the style of From nobody Tue Jun 9 20:26:25 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRP5bbwz6gbpD for ; Tue, 09 Jun 2026 20:26:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZgRP3vf6z40bj for ; Tue, 09 Jun 2026 20:26:25 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036785; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=KZdvc37WMBh4EnT1I3MQsR3m/f4TdvPoP8zB73HOG7g=; b=J58DZxmD+osEHtfSTNjVi4E9AgOgR7eEilLpY4AwTHx8NxxJMSr77Pu11dKu7proUZxeyp lrQCiUJRnjQKspcRisP4yutejD4KoEw98KWJpIuD4+699XJEXyiYALfPDVJBwHq0iXpXx5 OMHLsnJi0S5YTJO9XD9FSvNFvbLgW2LIMzuZCOmgBu1UkTzWwE0TJZRwtL+Sy1ajToReVe EyZqWKTB+oGUK/REcxyIdegOKUV/6bOeHth+XJzY5ehwCATUJuL8fnfemZzR8z6f6eS+2O tN7aLAMw1Q8yxvDqZ2vdjQfwj5V19q/F62uqayvWDbLMtk0gzVywtdYNBV6/+w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781036785; a=rsa-sha256; cv=none; b=lS/WoCh3WrXlvpkWegyeK/zrV3kgs8JNvykDeZC6sxtwBdHuwR6J1JIMwt5lEDUOXqFEeB rleQ+kmBREjeGVgIxrVK93BfEcwtRzXgrz+9JiWRGGAJXMXuyKldF2O+EhzfMNOvYa8pBy 1InJ5UVR0fsmXb9fEhK9ujb1P4iWhYyIGPTitmdANAINK6oJdC5r880FYlibpHe0zZKUzI OaAK8p2PHtC0zc3Msk9h8MI30UbF1A6YSXzq8YS4wt7QUnKzlhTXLGyA0c0AnGmE/zDRD7 VMiFyFsLIEyOGiIKrBM8A8IZRYv60PcuyFYyTnipm/zfISa9HSffgRwfSYDezQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781036785; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=KZdvc37WMBh4EnT1I3MQsR3m/f4TdvPoP8zB73HOG7g=; b=QGC5R9eT9+LMzsFBqBiNTs2+SnHUMDmrTrlb8wo4dmCirEGDaKTKeGADQ1XuVSoWDAYHgx w2w+2SSj1EvG9sbzfmia9iuip9YdokTZHwAyLzH/XagcRDDliEYPscxZdHA0iO3btwgIPh JbMWzb/joVTJfb0ULKFJEKbc3BJnMlHz4kLguTMYrIVodGaMra4q03w6b1a56711XicTmB hQbpQrceFmHbWpDflNDPcHDU2fQyk7eZzy9yi10EpV5Bat/Lhme5/2NBhj09XogP2MM/kV xtazNuKja1oFSgFXiSL3dha5NLHu4JerKKYYO6ZShJ2C8QY0lo3DuHNMbc5kGQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZgRP3Rq2zqkd for ; Tue, 09 Jun 2026 20:26:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1e1bd by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 20:26:25 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: 14d2a985274b - stable/15 - kern_prot.c: Belatedly add copyright List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 14d2a985274ba1be3321ed3800d1b10d0fc78c34 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 20:26:25 +0000 Message-Id: <6a2876f1.1e1bd.3cb29263@gitrepo.freebsd.org> The branch stable/15 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=14d2a985274ba1be3321ed3800d1b10d0fc78c34 commit 14d2a985274ba1be3321ed3800d1b10d0fc78c34 Author: Olivier Certner AuthorDate: 2026-06-04 09:49:23 +0000 Commit: Olivier Certner CommitDate: 2026-06-09 20:25:53 +0000 kern_prot.c: Belatedly add copyright See the commit log for the why. MFC after: 3 days Sponsored by: The FreeBSD Foundation (cherry picked from commit 1c0e5c53ff1672a93fc42988020723bb6bc427c1) --- sys/kern/kern_prot.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index b1e4b731145e..c8dc05f0ebbd 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -6,6 +6,11 @@ * (c) UNIX System Laboratories, Inc. * Copyright (c) 2000-2001 Robert N. M. Watson. * All rights reserved. + * Copyright (c) 2024-2025 The FreeBSD Foundation + * + * Portions of this software were developed by Olivier Certner + * at Kumacom SARL under sponsorship from the FreeBSD + * Foundation. * * All or some portions of this file are derived from material licensed * to the University of California by American Telephone and Telegraph From nobody Tue Jun 9 21:01:31 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZhCw09l7z6gf47 for ; Tue, 09 Jun 2026 21:01:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZhCv5mryz44ty for ; Tue, 09 Jun 2026 21:01:31 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781038891; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=PYvCaroTXsVLJDcuRk5cqdqO/WDNSiIAklOkKXETTKU=; b=Kh08tUQiudNznfvZ0tSXvsICSOve7FZn0J3gAaNJsGG6VlgIOwNj1v5xqm748GkAc51fdv RoGX6RJgicXiK+wTTOtmR8PkxVoNfeEm3i7dfjsY5jSrEDS5lTgkpw852bq+9CyWABXrNb bMm57NdCXFc2OczMWkHPF45ZYFXUZOP7ijNmM4qDzGAcoqItqjILYKiTx/D8P/AN5gJ6vB uz2TWmFKT7r5XL7I8RWBuO16Tf+V20lLV3V0DAZBneUZnmQRuJbTKv/l3WMamHKnAaOsFH SFrAGhQ6H6KFdm+wnQJlCAJelmLWMEmoxw6Chtg29py3VlVV6cXL1fz0rfQZPQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781038891; a=rsa-sha256; cv=none; b=x44RtsZLjt7p2SBMpDFOOIbW6Wyr9WFQHkwmdicM6FRHJSUEmwDcfoO4+v8TxpVbPR/Ted 5rUaASiy+4Xsxa7NgrHL3nv+cKR+M/E2ExZxOdB7QqXycReujB2hRAsZlZ16/6nPwaWxst VxP5EGSwiUDmHJJXQiLquhxMOX8M54vCKnnCk6lw2d7zelJIHgMyFUUSE44IDTxlmfrZgv kfDoSxLaYghAmS7eWcyWIOtHf3ht6u7agBJSXitqFVnbLep/iarnA6jcZvrID1Bbh70fxP 1p6swsYTviSb2R3/bSXFmv5QzMQ34lajhk7QCcAuWOGlovoXfRfZXua8hwpClw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781038891; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=PYvCaroTXsVLJDcuRk5cqdqO/WDNSiIAklOkKXETTKU=; b=DkpHZslBfKFkhBoKKkp0DF8hfmx6w+ajEpNXLnB+PO7yIFQoo74MmcyhFE59eZ4EaFU6RE 8rLsukekyI638FDToJqefuinfR4n5sTeYGuI6UGoDS98QnaddLZMJrFBjWDD+PfF1gqeOS 8nNkdeu8PJE1H7APPS9XuPFmZfdOZsJS93VBf//aY0B/RGj6KA0DEKJu/mtYtYCbgvOZ9x vgD4mQ0xcH+cY+aCo3Ubhou0yUVtgoe3ZWc4+XW0ZOhZlszXuyEqU1125+20X3bBsa76mc SN7e0c6K1vjzQ9G2MpgW9juZ2Jft5ZtAjr3nhNqUTOO8gLBvOZwNcZL0RwLIHA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZhCv5Gvzzrbl for ; Tue, 09 Jun 2026 21:01:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 22d6b by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 21:01:31 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mark Johnston Subject: git: 6bd97b5f3778 - main - tests.7: Remove an unused configuration variable List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 6bd97b5f3778aa36bcf89ff870bb1483b301a9be Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 21:01:31 +0000 Message-Id: <6a287f2b.22d6b.59a2caf0@gitrepo.freebsd.org> The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=6bd97b5f3778aa36bcf89ff870bb1483b301a9be commit 6bd97b5f3778aa36bcf89ff870bb1483b301a9be Author: Mark Johnston AuthorDate: 2026-06-09 21:00:23 +0000 Commit: Mark Johnston CommitDate: 2026-06-09 21:00:23 +0000 tests.7: Remove an unused configuration variable No existing tests require it, and I cannot understand what kinds of test scenarios are supposed to require it. Just remove it. While here, improve the documentation of test variables a bit. Reviewed by: ngie MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D56604 --- share/man/man7/tests.7 | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/share/man/man7/tests.7 b/share/man/man7/tests.7 index 97cc6beba4dc..4cea1470adb2 100644 --- a/share/man/man7/tests.7 +++ b/share/man/man7/tests.7 @@ -219,23 +219,16 @@ skipped. .Pp Test suites are configured by defining their configuration variables in -.Pa /etc/kyua/kyua.conf . -The format of this file is detailed in +.Pa /etc/kyua/kyua.conf +or on the command line. +The format of the configuration file is detailed in .Xr kyua.conf 5 . .Pp The following configuration variables are available in the .Fx -Test Suite: +Test Suite; all of the variable names are prefixed with +.Va test_suites.FreeBSD. . .Bl -tag -width "allow_sysctl_side_effects" -.It Va allow_devfs_side_effects -If defined, enables tests that may destroy and recreate semipermanent device -nodes, like disk devices. -Without this variable, tests may still create and destroy devices nodes that -are normally transient, like /dev/tap* and /dev/pts*, as long as they clean -them up afterwards. -However, tests that require this variable have a relaxed cleanup requirement; -they must recreate any devices that they destroyed, but not necessarily with -the same devnames. .It Va allow_sysctl_side_effects Enables tests that change globally significant .Xr sysctl 8 From nobody Tue Jun 9 21:10:25 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZhQB3V7Zz6gfXL for ; Tue, 09 Jun 2026 21:10:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZhQB0sLLz45wl for ; Tue, 09 Jun 2026 21:10:26 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781039426; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lUuEc3GeWRuX/r1wEDkIVdSAySPAZFxQh8NFA81pTFM=; b=sK3H0dU495CjInyGzD99XQPJ16RKMSPDEIPblgwVNZ4FJbhBBJ0gxS4qqLiJXcPeu9HjEb yLDkx5ei8Kv3kYowOscIh36tmWdqZ4P1Oz2vRDRBQ+criLjJ0f9EcjFtHh8vr+79pzOfif tB41ybMSw2Q+d6dXnb7a7iOwEF6MWVxj6QktrBmCZsCYQdyCMrfYh6CVjLLRtApSQ+XlL6 S4CHCP1LoyOBhaO5vc6pGnfnII+wTV78r7XXMDMUzJStMTnp/l5hu8FWjwvVb84DCY/g++ enpv6EYcrsDlbgy43irSKiQQBbj5sMcvECc/jutF3S6A270SKwpzxn54Cc2t+g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781039426; a=rsa-sha256; cv=none; b=oQymeFs3IVN75268bSmYZPvAq9R8vyHJjxny4yn1iqaUcw4/ABvocWeq24jGOJRtQ7u7Jp UkQPjEau4MBFLYUkyS8vnjhCoj3FRWAMTDh2QGxOoiT7fgHZ2tuPQdffhyid015X0NOe9P euQ6J5R705lP6O5grJMYh/2yzDveOe6zCqNkO0urKYRyuDHtmZQo+5MqYWN3jUBQiBLzM2 Q1FKKRQ3g72F2kMH/uGpt7DLJY1GfOpIYvRiE0NQFLkHDRVIrLAOk9tOdZXa34xW0trmIw jLJMb6aKnavwl8plyOMO8iWHzHbyfs33D91IV3b4VX6pIUfSZvgANt2ILUsVXQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781039426; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lUuEc3GeWRuX/r1wEDkIVdSAySPAZFxQh8NFA81pTFM=; b=Np8KAKuMgDlzSN+IVum6xl2XZqvQgJQCJisV2/0ManrT7Z4l+W67vz9iHI3EeclISYGZ6w HDIdNy3qpydZqjGZv4v8Vs9ECF0ILkMt/QmCN46DN1bYNAqqVEwm+3o1ZKGqHfqEZEGVFZ u9fnz3lC9IJ9ZtEKMVWncBLMxH7f1snteX+FX+88FCAelKB1OAN4Ai8feXoFP+AAa5drcY UB1prpDslX513zlUfMJHifOAGdp0W0tn4yMuazCZtONkggdZHOkte3Bt4Na1RPLx+BMtBi pgbImL06o4DDa2OUwamFE7EeeSzu2YjAby9Q1PWeD0XspAwW2rRuHVSWUVonBg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZhQ96VF8zrpp for ; Tue, 09 Jun 2026 21:10:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 24887 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 21:10:25 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: a248c5545f6f - main - connectat(2): do not enable EMPTYPATH for AT_FDCWD List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: a248c5545f6fb861ea4200b69a58b2abcf815ce4 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 21:10:25 +0000 Message-Id: <6a288141.24887.260244b8@gitrepo.freebsd.org> The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=a248c5545f6fb861ea4200b69a58b2abcf815ce4 commit a248c5545f6fb861ea4200b69a58b2abcf815ce4 Author: Konstantin Belousov AuthorDate: 2026-06-09 05:27:49 +0000 Commit: Konstantin Belousov CommitDate: 2026-06-09 21:09:48 +0000 connectat(2): do not enable EMPTYPATH for AT_FDCWD This restores existing error code for connect(2) over unix domain socket when the empty string is specified as socket address. Reported by: eduardo Reviewed by: markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D57509 --- sys/kern/uipc_usrreq.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sys/kern/uipc_usrreq.c b/sys/kern/uipc_usrreq.c index 920588627914..b28aed291895 100644 --- a/sys/kern/uipc_usrreq.c +++ b/sys/kern/uipc_usrreq.c @@ -2921,8 +2921,9 @@ unp_connectat(int fd, struct socket *so, struct sockaddr *nam, sa = malloc(sizeof(struct sockaddr_un), M_SONAME, M_WAITOK); else sa = NULL; - NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | EMPTYPATH, - UIO_SYSSPACE, buf, fd, cap_rights_init_one(&rights, CAP_CONNECTAT)); + NDINIT_ATRIGHTS(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | + (fd == AT_FDCWD ? 0 : EMPTYPATH), UIO_SYSSPACE, buf, fd, + cap_rights_init_one(&rights, CAP_CONNECTAT)); error = namei(&nd); if (error) vp = NULL; From nobody Tue Jun 9 21:17:24 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZhZD3G1Bz6gg01 for ; Tue, 09 Jun 2026 21:17:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZhZD0msNz47KR for ; Tue, 09 Jun 2026 21:17:24 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781039844; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=22AQ6mOeaUnfOe/P7bpG7CXYXBwgYqWjGPxFvqyrM9w=; b=IWwD1oYCE3tVkwI0CA5mhgUSzn1dxFidqOMOPNEUtIe/TuY12dEwOY71J0Ar5Yb8wA2wX4 oTXv0WO5ZH79tQ01EdzLMcQjMj3G85T1Syyl3kHxwMWRXLjjUmjcMrEevZvT7CgdK+Hkt8 V9y+YpGH3qiywsMwFK34qkNzV4QQT++L3GVNpAbTW7WUpAhR8VVXkvXYdkR9QhAKdo0f3P gamMHMUyNWhkAXjtmL1qseGdgtwM8m90iOXyYW13WbVinx70kOWkUaS9ATVqEqbuPPO29H W7rpuhu37NV5F6EuJAH+BbLi7Q9BXBnMxU4la6Q8bfwz9TrRomDPoDSWvNaaXw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781039844; a=rsa-sha256; cv=none; b=lwwSdw7Ji/qJ3Au2PghQOj5Y6/iTUXDGLDDjDHveQthcvcK8CQXMKZhM/3/7OtX3fo5/HY xsJObfe1INqhpdFYQY5/NqjM+nSdoJoEmeYQY9cH5FposyG+cBCmfoulIlaZ7w3in0Ir6G z76ofbtpnxFc/+jmoOwHP36rO6lxSlUSQ5r6RhpRBb0OujRJDgCibNXDYlmq/6ZdTbvgf+ AuTPEhYZAO+7IONcZHHW1VsuQoM7gQcbHdJHQf89sSBcS7HkZjQbytLsCCXfzN6glXQABO EfQnkZuV3xdAuxBpOio7KBTzM7cTN9gmMH6PHJqkTyDWVnYQ5HCAoHqhzIwe1w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781039844; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=22AQ6mOeaUnfOe/P7bpG7CXYXBwgYqWjGPxFvqyrM9w=; b=RCA8jg89nhAb1QQOI/6XFxe4Q3Uagou3igHi/jpbbqWo+OMn9E1iRvR6Fvtft8wJTVZ77K XIZNCvt2w9kOgoGfopaJgJ2DfDHKsDVQxskkITgqM44eymo2cUV+/OHKI01qLsCnr9dL26 QAtA5zx9QZLg/6eehrlXP2tnQFT20TsRGdHbcWQUws6ehBUtMlFd9uSc21LLKxeHvHSD3F J/cZkhoSA3wQMW7jTgo57F+CSTVAK50G71YeNo5pAAF3k9+X0/flD4twNRQAgnR0bQFjyP gLs1hTnWzVEQc35pUFDVtvfRFCCbWI6nvyjZ8BHi3gizYPbsCsUvf4Pfns1/OQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZhZD079fzsCY for ; Tue, 09 Jun 2026 21:17:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 245d0 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 21:17:24 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: 85a65e393092 - main - proc: add tree ref count List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 85a65e3930924429903e09832d177f8aa09dfb47 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 21:17:24 +0000 Message-Id: <6a2882e4.245d0.2f8dfa80@gitrepo.freebsd.org> The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=85a65e3930924429903e09832d177f8aa09dfb47 commit 85a65e3930924429903e09832d177f8aa09dfb47 Author: Konstantin Belousov AuthorDate: 2026-06-06 18:02:29 +0000 Commit: Konstantin Belousov CommitDate: 2026-06-09 21:11:45 +0000 proc: add tree ref count Owning the reference prevents reuse of the struct proc. Reviewed by: markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D57492 --- sys/kern/kern_exit.c | 2 +- sys/kern/kern_fork.c | 3 ++- sys/kern/kern_proc.c | 1 + sys/sys/proc.h | 7 +++++++ 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/sys/kern/kern_exit.c b/sys/kern/kern_exit.c index 63e46dcf46f7..2f94386c9101 100644 --- a/sys/kern/kern_exit.c +++ b/sys/kern/kern_exit.c @@ -1107,7 +1107,7 @@ proc_reap(struct thread *td, struct proc *p, int *status, int options) KASSERT(FIRST_THREAD_IN_PROC(p), ("proc_reap: no residual thread!")); - uma_zfree(proc_zone, p); + PROC_TREE_UNREF(p); atomic_add_int(&nprocs, -1); } diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c index 2fb4d9d4274d..5318a737ea35 100644 --- a/sys/kern/kern_fork.c +++ b/sys/kern/kern_fork.c @@ -1051,6 +1051,7 @@ fork1(struct thread *td, struct fork_req *fr) pages = kstack_pages; /* Allocate new proc. */ newproc = uma_zalloc(proc_zone, M_WAITOK); + PROC_TREE_REF(newproc); td2 = FIRST_THREAD_IN_PROC(newproc); if (td2 == NULL) { td2 = thread_alloc(pages); @@ -1131,7 +1132,7 @@ fail1: fail2: if (vm2 != NULL) vmspace_free(vm2); - uma_zfree(proc_zone, newproc); + PROC_TREE_UNREF(newproc); if ((flags & RFPROCDESC) != 0 && fp_procdesc != NULL) { fdclose(td, fp_procdesc, *fr->fr_pd_fd); fdrop(fp_procdesc, td); diff --git a/sys/kern/kern_proc.c b/sys/kern/kern_proc.c index 43cb1f95b4ef..68845e5aa679 100644 --- a/sys/kern/kern_proc.c +++ b/sys/kern/kern_proc.c @@ -279,6 +279,7 @@ proc_init(void *mem, int size, int flags) p->p_pgrp = NULL; TAILQ_INIT(&p->p_kqtim_stop); STAILQ_INIT(&p->p_ktr); + refcount_init(&p->p_tree_refcnt, 0); return (0); } diff --git a/sys/sys/proc.h b/sys/sys/proc.h index 5f017e6ece2c..ff6e944a5ad2 100644 --- a/sys/sys/proc.h +++ b/sys/sys/proc.h @@ -779,6 +779,7 @@ struct proc { TAILQ_HEAD(, kq_timer_cb_data) p_kqtim_stop; /* (c) */ LIST_ENTRY(proc) p_jaillist; /* (d) Jail process linkage. */ u_int p_asig; /* (c) ASYNCEXIT pending signal. */ + u_int p_tree_refcnt; /* (e) proctree refcount */ }; #define p_session p_pgrp->pg_session @@ -804,6 +805,12 @@ struct proc { #define PROC_PROFUNLOCK(p) mtx_unlock_spin(&(p)->p_profmtx) #define PROC_PROFLOCK_ASSERT(p, type) mtx_assert(&(p)->p_profmtx, (type)) +#define PROC_TREE_REF(p) refcount_acquire(&(p)->p_tree_refcnt) +#define PROC_TREE_UNREF(p) do { \ + if (refcount_release(&(p)->p_tree_refcnt)) \ + uma_zfree(proc_zone, p); \ +} while (0) + /* These flags are kept in p_flag. */ #define P_ADVLOCK 0x00000001 /* Process may hold a POSIX advisory lock. */ From nobody Tue Jun 9 21:17:25 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZhZF2rXFz6gg03 for ; Tue, 09 Jun 2026 21:17:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZhZF0zBBz47Gk for ; Tue, 09 Jun 2026 21:17:25 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781039845; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0wPodCJDttobio25UmwOZPfXmt1obdXf0Jh46kgLRX0=; b=ZxZq+1Z2Fyc3HZw8h08mq65uFLYr+xoF25BoVS9mUelf4lXrtnOTRwxaK0LyF2U0cA8fW5 fMR/MEGE2Ld3gmxg/pCIzGe73k4K9ESb8PeORgFJaflcBrJmemir6rIeeA8Lw8sra18jO1 dEGi5WTJrK3HGuCBYoL+8UYTrz2PJwe0wyGv/TaJdx/oUJzw31ElETj7dVF5SVT1V0m/rq I9AJoNDeKFm+Wj9PnCgsd4wzXbJc0xisVdkNPodazH+OfdshNQ1eB/glB7UldHsCuXWGo4 5tFOifyfsS4tygOZZbULjqLRdN2RlW/gTVGAdmUPH4L0va3RNwo1NvqwUFNAIQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781039845; a=rsa-sha256; cv=none; b=fyfKnwzKxRJIOgtZU30PtMB28wq9pGi59Mo8KyEZKmP/WxeF0MjzkVQfT+DsbvilKsJg5g 06NjW0XpN441UY181R/I6xdF8VmTkxyLJUHTxDc9Fc4q6jdTc/oP2kseWvvAReghPU1n6T RHA+o2fADlfDK5aTgKf8VH9Xhw7WVUHdRn14wqBBJpF9z1VN9ERYAX259jUKLmJpYF5SmK Pc9TKHGKFqQYyz7k3M/dvaGZiKf7xrQQpWufcV6sEDjPy8yjLHUVdcf5fknLgmTj0guhoQ qieLYUoDsxKY604MMSEGsDm9833qnAE3rj2OOIv/+sapMPLXW6HteNwNoE11gg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781039845; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0wPodCJDttobio25UmwOZPfXmt1obdXf0Jh46kgLRX0=; b=nNRm5fb3lSyCSz4lMTVHA441WzOYIF3FdEDYiW3J8xCcu+UOeAcL3Ik5VAjEexAQAlCX0i VBCRBGkR1O+heS7Ew90bui3v7cDnM4jx9vj02nQfOzYdyXX4RlJ6fDhT0Jz7pIr1bCJX6R NE4iLKXH1DHBAa7zylGvBL973OPJD2HQsKi1BXUbqiEyilPrTrspm4P8Iukc3havoLgh6s dd1nkcrWpvvT7McDH8dRaimsRVdQ6V1FI9we9tl9TLht0ECXLvxw0hPxmEGhCUwfctPKwb JrMOcw9V5VAMeikAwhlmRXGNsjTkDC1fzjgw1RHhOyZSOBLHNErnw5DmnF7lOw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZhZF0ZHNzrsl for ; Tue, 09 Jun 2026 21:17:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 2374b by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 21:17:25 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: 44970244e6d8 - main - reap_kill_subtree_once: when proctree_lock is dropped, reaper might change List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 44970244e6d872103f36eae34218b672b69579dd Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 21:17:25 +0000 Message-Id: <6a2882e5.2374b.62dc910b@gitrepo.freebsd.org> The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=44970244e6d872103f36eae34218b672b69579dd commit 44970244e6d872103f36eae34218b672b69579dd Author: Konstantin Belousov AuthorDate: 2026-06-05 23:57:16 +0000 Commit: Konstantin Belousov CommitDate: 2026-06-09 21:11:45 +0000 reap_kill_subtree_once: when proctree_lock is dropped, reaper might change Recalculate it to iterate over the right set of processes. Prevent reaper' struct proc reuse by holding the tree ref on it. Since our reference is taken under the proctree lock and we know that the process is reaper, it cannot go away. The process hold count (p_lock) cannot be used there because p_lock intent is prevent exit, but reaper owns its reap-children until reaped itself, i.e. even a zombie reaper is still on duty. Reviewed by: markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D57492 --- sys/kern/kern_procctl.c | 43 +++++++++++++++++++++++++++++-------------- 1 file changed, 29 insertions(+), 14 deletions(-) diff --git a/sys/kern/kern_procctl.c b/sys/kern/kern_procctl.c index 1ff1b15767b5..c8d14aa2f2f6 100644 --- a/sys/kern/kern_procctl.c +++ b/sys/kern/kern_procctl.c @@ -49,6 +49,7 @@ #include #include #include +#include static int protect_setchild(struct thread *td, struct proc *p, int flags) @@ -366,13 +367,7 @@ reap_kill_sched(struct reap_kill_tracker_head *tracker, struct proc *p2) { struct reap_kill_tracker *t; - PROC_LOCK(p2); - if ((p2->p_flag2 & P2_WEXIT) != 0) { - PROC_UNLOCK(p2); - return; - } - _PHOLD(p2); - PROC_UNLOCK(p2); + PROC_TREE_REF(p2); t = malloc(sizeof(struct reap_kill_tracker), M_TEMP, M_WAITOK); t->parent = p2; TAILQ_INSERT_TAIL(tracker, t, link); @@ -381,7 +376,7 @@ reap_kill_sched(struct reap_kill_tracker_head *tracker, struct proc *p2) static void reap_kill_sched_free(struct reap_kill_tracker *t) { - PRELE(t->parent); + PROC_TREE_UNREF(t->parent); free(t, M_TEMP); } @@ -416,16 +411,17 @@ reap_kill_children(struct thread *td, struct proc *reaper, } static bool -reap_kill_subtree_once(struct thread *td, struct proc *p, struct proc *reaper, +reap_kill_subtree_once(struct thread *td, struct proc *p, struct proc **reaperp, struct unrhdr *pids, struct reap_kill_proc_work *w) { struct reap_kill_tracker_head tracker; struct reap_kill_tracker *t; - struct proc *p2; + struct proc *p2, *reaper, *old_reaper; bool proctree_dropped, res; res = false; TAILQ_INIT(&tracker); + reaper = *reaperp; reap_kill_sched(&tracker, reaper); while ((t = TAILQ_FIRST(&tracker)) != NULL) { TAILQ_REMOVE(&tracker, t, link); @@ -483,8 +479,24 @@ again: } PROC_UNLOCK(p2); res = true; - if (proctree_dropped) + if (proctree_dropped) { + old_reaper = reaper; + reaper = get_reaper_or_p(p); + if (old_reaper != reaper) { + *reaperp = reaper; + PROC_TREE_REF(reaper); + PROC_TREE_UNREF(old_reaper); + reap_kill_sched(&tracker, reaper); + /* + * Already scheduled kill + * actions should be kept on + * the schedule, the processes + * are inherited by the new + * reaper. + */ + } goto again; + } } reap_kill_sched_free(t); } @@ -492,7 +504,7 @@ again: } static void -reap_kill_subtree(struct thread *td, struct proc *p, struct proc *reaper, +reap_kill_subtree(struct thread *td, struct proc *p, struct proc **reaperp, struct reap_kill_proc_work *w) { struct unrhdr pids; @@ -512,7 +524,7 @@ reap_kill_subtree(struct thread *td, struct proc *p, struct proc *reaper, goto out; } PROC_UNLOCK(td->td_proc); - while (reap_kill_subtree_once(td, p, reaper, &pids, w)) + while (reap_kill_subtree_once(td, p, reaperp, &pids, w)) ; ihandle = create_iter_unr(&pids); @@ -562,6 +574,7 @@ reap_kill(struct thread *td, struct proc *p, void *data) return (EINVAL); PROC_UNLOCK(p); reaper = get_reaper_or_p(p); + ksiginfo_init(&ksi); ksi.ksi_signo = rk->rk_sig; ksi.ksi_code = SI_USER; @@ -577,7 +590,9 @@ reap_kill(struct thread *td, struct proc *p, void *data) w.ksi = &ksi; w.rk = rk; w.error = &error; - reap_kill_subtree(td, p, reaper, &w); + PROC_TREE_REF(reaper); + reap_kill_subtree(td, p, &reaper, &w); + PROC_TREE_UNREF(reaper); crfree(w.cr); } PROC_LOCK(p); From nobody Tue Jun 9 21:27:02 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZhnR4dZHz6ggjK for ; Tue, 09 Jun 2026 21:27:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZhnR3zk5z3C0M for ; Tue, 09 Jun 2026 21:27:07 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781040427; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=eccsamHMzHYAN93xZPjTWkE/PiN/trYKAmI1JsRBPL0=; b=SPr0J0JhNHBZi7anegkKKub2No+yYcCc49jiSP1BV2WV+femyiYugnl3T/FL0mzYVbgD3s phiYr0S7bfV0c3KnT2+Hgenl11I7OrLwz8SVMkUhBxyLMALPskou5QjVb1DFt2v18hKEBT DWcMisRW9yo/QDx47CvA2KxTVby3bMisgOHNN6+OIW3ANXVnSJHZr8EMFrU6UErXeasLs4 RU57awExn77DedgXdnm3ugzCSY5Fq7o+lreiUvkmO0cB18+8WLFJjh6uIcr2n+L+97zS+d s/2tEHpBA6cWHNkavucqTz7WvClqilixVj/aojxNLUHz0wcV6EOPWf695PI+2g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781040427; a=rsa-sha256; cv=none; b=iYk2m3h4maCoMJ/EDQL9ceOfhA+NydlzfIq2et1cXdsG/JIddtFX9rOjsOlaybiG48iHpH /xpIRqWmDPaBy8SY/ghNCONkNx1G5mN7zeV1+BeijBxLgUtCBsMDeZgZAKteBH+xsT/jpK Rf3oY1P29VgUba3gdJgCuBpoSwitgYk4VVOqpWn8YiHDzzGVNUt9m5xf6HKOA5eXTlTwUE h7J8IGoWvaa7FIwsq4HKe7cBcT0LPnW//THvRgUt2XIl4SWRlHnvfxCgVRa5K8vMIB/qPb 51x8DvaRS1aJLQjFfLomVSCFURdl++tNqknystUaaZLh6lodsVFbPJuA6iLHZw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781040427; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=eccsamHMzHYAN93xZPjTWkE/PiN/trYKAmI1JsRBPL0=; b=bWtdUcegpXsygxzgV+Exv1vjOIehHGD7QMpbJBmZgP1Etw3THqd13NNnzx2btRiSKVzrKJ Ch6P1XqSxpCOXgX6baFTzthMPFIEzhcFvrRtH3Mpm9Y8yA5x0vrzJsjUOjYvKkh/gql8BS kHsVG2l18qxfBT/CLvnM6enohvGBB67ar0PSO+WY+HwKPE/Y5YFbTj12L2kYl04V2LSDl7 5DCDhR06ZvnItcb6gIX1RbMkuBLmKsqlnMC8icFYX7qc40i6Ozh5DC+zuywA+PzagQ0NYS 5lHC+fZwdwwZ92ozX3qQcQbjcg6uAzIY/UwlphCpL0m53+pyKN821DamVYxyWA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZhnR3RmTzs7v for ; Tue, 09 Jun 2026 21:27:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 24868 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 21:27:02 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kirk McKusick Subject: git: a64877b140fe - stable/15 - Avoid incorrect UFS1 timestamp corrections when system clock fails at boot. List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mckusick X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: a64877b140fe0bf374cc96c95f374894c1627a32 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 21:27:02 +0000 Message-Id: <6a288526.24868.173d902d@gitrepo.freebsd.org> The branch stable/15 has been updated by mckusick: URL: https://cgit.FreeBSD.org/src/commit/?id=a64877b140fe0bf374cc96c95f374894c1627a32 commit a64877b140fe0bf374cc96c95f374894c1627a32 Author: Kirk McKusick AuthorDate: 2026-06-01 23:48:21 +0000 Commit: Kirk McKusick CommitDate: 2026-06-09 21:26:51 +0000 Avoid incorrect UFS1 timestamp corrections when system clock fails at boot. Git 1111a44301da - main - Defer the January 19, 2038 date limit in UFS1 file systems to February 7, 2106 - did so by changing the UFS1 32-bit signed timestamps to unsigned. With this change, time stamps from before January 1, 1970 went from being negative numbers to large positive numbers implying times in the future. When such a time stamp is encountered when an inode is read into memory or when it is encountered by fsck, its timestamp is replaced with the kernel's current time. Andre Albsmeier reported that he had a machine reboot after a power failure and the battery that maintained its real-time clock had died. The result was that the system booted with the time set to five years earlier (absent a real-time clock value, the boot ROM used the time that the boot ROM had last been updated). The net result was that fsck reset the time stamps of all files newer than five years old to the five year old time. Andres's original request was for a flag in the file system superblock to say that there are no timestamps from before 1970 in the file system, so there shouldn't be anything to fix because of the signed to unsigned switch. But this assumes that no one every does an rsync or extracts a tar file or restores a dump that introduces an incorrect time stamp on their system. So this approach was not taken. This change compares the system's version of the current time to the last modification time in the file system superblock. If the current time is earlier than that time then use the last modification time in the superblock as the value for the current time. There should be no files in the file system with times newer than the last modification time in the superblock. The superblock time stamp is updated in the in-memory superblock every time any change is made to anything in the file system. The superblock is written to the disk every 30 seconds, so it may be off by up to 30 seconds plus the time it sits in the disk cache waiting to be written if the system has an unclean shutdown (such as a power failure). Thus, the worst case scenario with this change is that files written in the last 30 seconds plus disk cache delay time before the crash may have their times adjusted back by up to 30 seconds plus the disk cache delay time. Requested by: Andre Albsmeier Approved by: kib Reviewed by: kib, imp, Andre Albsmeier Differential Revision: https://reviews.freebsd.org/D57371 Sponsored-by: Netflix (cherry picked from commit 553ef188f7ecc23a384bd7ef1f3d5015fb8661da) --- lib/libufs/inode.c | 17 +++++++++-------- sbin/fsck_ffs/inode.c | 3 ++- sys/ufs/ffs/ffs_vfsops.c | 7 ++++--- 3 files changed, 15 insertions(+), 12 deletions(-) diff --git a/lib/libufs/inode.c b/lib/libufs/inode.c index bc4d99c66203..a93e1b085342 100644 --- a/lib/libufs/inode.c +++ b/lib/libufs/inode.c @@ -57,7 +57,8 @@ getinode(struct uufsd *disk, union dinodep *dp, ino_t inum) ino_t min, max; caddr_t inoblock; struct fs *fs; - struct timespec now; + struct timespec time; + time_t now; ERROR(disk, NULL); @@ -70,10 +71,11 @@ getinode(struct uufsd *disk, union dinodep *dp, ino_t inum) min = disk->d_inomin; max = disk->d_inomax; - if (clock_gettime(CLOCK_REALTIME_FAST, &now) != 0) { - ERROR(disk, "cannot get current time of day"); - return (-1); - } + if (clock_gettime(CLOCK_REALTIME_FAST, &time) == 0 && + time.tv_sec > fs->fs_time) + now = time.tv_sec; + else + now = fs->fs_time; if (inum >= min && inum < max) goto gotit; bread(disk, fsbtodb(fs, ino_to_fsba(fs, inum)), inoblock, @@ -83,7 +85,7 @@ getinode(struct uufsd *disk, union dinodep *dp, ino_t inum) gotit: switch (disk->d_ufs) { case 1: disk->d_dp.dp1 = &((struct ufs1_dinode *)inoblock)[inum - min]; - if (ffs_oldfscompat_inode_read(fs, disk->d_dp, now.tv_sec)) + if (ffs_oldfscompat_inode_read(fs, disk->d_dp, now)) putinode(disk); if (dp != NULL) *dp = disk->d_dp; @@ -93,8 +95,7 @@ gotit: switch (disk->d_ufs) { if (dp != NULL) *dp = disk->d_dp; if (ffs_verify_dinode_ckhash(fs, disk->d_dp.dp2) == 0) { - if (ffs_oldfscompat_inode_read(fs, disk->d_dp, - now.tv_sec)) + if (ffs_oldfscompat_inode_read(fs, disk->d_dp, now)) putinode(disk); return (0); } diff --git a/sbin/fsck_ffs/inode.c b/sbin/fsck_ffs/inode.c index b30e3aa5068b..f8e32bf4b157 100644 --- a/sbin/fsck_ffs/inode.c +++ b/sbin/fsck_ffs/inode.c @@ -647,7 +647,8 @@ setinodebuf(int cg, ino_t inosused) * If for some reason getting the time fails, we will use * the last time that the superblock was updated. */ - if (clock_gettime(CLOCK_REALTIME_FAST, &time) == 0) + if (clock_gettime(CLOCK_REALTIME_FAST, &time) == 0 && + time.tv_sec > sblock.fs_time) now = time.tv_sec; else now = sblock.fs_time; diff --git a/sys/ufs/ffs/ffs_vfsops.c b/sys/ufs/ffs/ffs_vfsops.c index 75f5fe716c31..e3f9270c2f49 100644 --- a/sys/ufs/ffs/ffs_vfsops.c +++ b/sys/ufs/ffs/ffs_vfsops.c @@ -189,8 +189,10 @@ ffs_load_inode(struct buf *bp, struct inode *ip, struct fs *fs, ino_t ino) { struct ufs1_dinode *dip1; struct ufs2_dinode *dip2; + time_t now; int error; + now = time_second > fs->fs_time ? time_second : fs->fs_time; if (I_IS_UFS1(ip)) { dip1 = ip->i_din1; *dip1 = @@ -203,7 +205,7 @@ ffs_load_inode(struct buf *bp, struct inode *ip, struct fs *fs, ino_t ino) ip->i_gen = dip1->di_gen; ip->i_uid = dip1->di_uid; ip->i_gid = dip1->di_gid; - if (ffs_oldfscompat_inode_read(fs, ip->i_dp, time_second) && + if (ffs_oldfscompat_inode_read(fs, ip->i_dp, now) && fs->fs_ronly == 0) UFS_INODE_SET_FLAG(ip, IN_MODIFIED); return (0); @@ -225,8 +227,7 @@ ffs_load_inode(struct buf *bp, struct inode *ip, struct fs *fs, ino_t ino) ip->i_gen = dip2->di_gen; ip->i_uid = dip2->di_uid; ip->i_gid = dip2->di_gid; - if (ffs_oldfscompat_inode_read(fs, ip->i_dp, time_second) && - fs->fs_ronly == 0) + if (ffs_oldfscompat_inode_read(fs, ip->i_dp, now) && fs->fs_ronly == 0) UFS_INODE_SET_FLAG(ip, IN_MODIFIED); return (0); } From nobody Tue Jun 9 22:10:45 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZjlq0VJtz6gkfK; Tue, 09 Jun 2026 22:10:47 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R12" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZjlp6DyKz3GSR; Tue, 09 Jun 2026 22:10:46 +0000 (UTC) (envelope-from kevans@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781043046; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1Zy8VxcUwpq3Y/gmZaOIOjrB5X1ZvbuXkOATuLX05P8=; b=UFcSiHReQdqJWDPAl9Vgl+AhQfNWO8erXCbbRkbUb8p0IudElVAxvtuAeJRHrOKHDvIKV3 9981Z8QH1ptfyjcd71WX6w73OwOAseu9fgQ66pwscWQ3ef+YPSfvanFWD6SVqdJ801oE0m v2GOIpaxpS0nbtqzujx74R4dZIXpgb3FmtjHGAZ6EJZqHnggjdiTSUsBL7bZXLqv4sZxtb WdK1X49dKjHqR4CKhgI/KfWu545qOLV1e+DZBmL2M0NwxI7YmDCMuPJ27AtLeBm4exFEeA Mn7xh2DW+NEznm+Dnu3s8D0tgKhaU+3gWLJ2ZTkOqtBjFRexfxrnyq0ZX8o2Rw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781043046; a=rsa-sha256; cv=none; b=AXWiZhUwTM96/hDP760uFNkYuhnE395n1CBfoznh/JeTv95avJQvLKuEjV9Uj23gos7/3T 4xWbAOp/mqKvlVGUU6EnhlwgAqfxdgQMPIFCv61j7CLpqv5BOBR0ze6HRzEvivqj2C6b43 SALRRB8ifEKPDztbxu3VSOhpdW5Q9DtdS7a4zyCug6HhojFSH2xJW2RvF8oxpoQkoslwxy Oe/5sVBFozNrbth85OyxGihcu8XD3iiolfUT/eMvxUmgFtityrdsRqXvqPYE+4VZq6LhwN ZbwWKBGYtaNMzAhVlpr/M/ZtLj1H3ZD7CRI3RgaRNYwH35N/msr10/VC79E5mQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781043046; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1Zy8VxcUwpq3Y/gmZaOIOjrB5X1ZvbuXkOATuLX05P8=; b=pq30tOcFjmm1mZrXkiWoAaCnUy4s7+9KW2QweScxtHPXd7tnw2FExyRoos02VnIERMXZHG b58wH8S8IcP/FVU/8KqTA2T1ylsUKoKWSKe+JEwnURuBliioVOPXgvItiKmO1UXvX0OryT jQZGdbjJoXWo973kxqFzwe14A1GGSXE0Rsh8GW/xv6IyVrorMPYZU/LW4dvRpVjqIF31r8 1b2f6ttOnO7sfU/GHXM2cZcDJhQyqBKvVf2JSWXJff/GeVyuKk0trRsbT5ezy+aA7OT2ve bJqvk5MUcnhU/sUmOkFkhb94bwpLC/oICjT3PtoxnEZgwkcwEu2h7xGJZavKHQ== Received: from [10.9.4.95] (unknown [209.182.120.176]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: kevans/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4gZjlp332YznjS; Tue, 09 Jun 2026 22:10:46 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Message-ID: <6fd7b96b-c5c4-4987-8ca8-f227e1066c9f@FreeBSD.org> Date: Tue, 9 Jun 2026 17:10:45 -0500 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: git: a64877b140fe - stable/15 - Avoid incorrect UFS1 timestamp corrections when system clock fails at boot. To: Kirk McKusick , src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org References: <6a288526.24868.173d902d@gitrepo.freebsd.org> Content-Language: en-US From: Kyle Evans In-Reply-To: <6a288526.24868.173d902d@gitrepo.freebsd.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 6/9/26 16:27, Kirk McKusick wrote: > The branch stable/15 has been updated by mckusick: > > URL: https://cgit.FreeBSD.org/src/commit/?id=a64877b140fe0bf374cc96c95f374894c1627a32 > > commit a64877b140fe0bf374cc96c95f374894c1627a32 > Author: Kirk McKusick > AuthorDate: 2026-06-01 23:48:21 +0000 > Commit: Kirk McKusick > CommitDate: 2026-06-09 21:26:51 +0000 > > Avoid incorrect UFS1 timestamp corrections when system clock fails at boot. > > Git 1111a44301da - main - Defer the January 19, 2038 date limit in > UFS1 file systems to February 7, 2106 - did so by changing the UFS1 > 32-bit signed timestamps to unsigned. With this change, time stamps > from before January 1, 1970 went from being negative numbers to > large positive numbers implying times in the future. When such a > time stamp is encountered when an inode is read into memory or when > it is encountered by fsck, its timestamp is replaced with the > kernel's current time. > > Andre Albsmeier reported that he had a machine reboot after a power > failure and the battery that maintained its real-time clock had > died. The result was that the system booted with the time set to > five years earlier (absent a real-time clock value, the boot ROM > used the time that the boot ROM had last been updated). The net > result was that fsck reset the time stamps of all files newer than > five years old to the five year old time. > > Andres's original request was for a flag in the file system superblock > to say that there are no timestamps from before 1970 in the file > system, so there shouldn't be anything to fix because of the signed > to unsigned switch. But this assumes that no one every does an rsync > or extracts a tar file or restores a dump that introduces an incorrect > time stamp on their system. So this approach was not taken. > > This change compares the system's version of the current time to > the last modification time in the file system superblock. If the > current time is earlier than that time then use the last modification > time in the superblock as the value for the current time. There > should be no files in the file system with times newer than the > last modification time in the superblock. > > The superblock time stamp is updated in the in-memory superblock > every time any change is made to anything in the file system. The > superblock is written to the disk every 30 seconds, so it may be > off by up to 30 seconds plus the time it sits in the disk cache > waiting to be written if the system has an unclean shutdown (such > as a power failure). Thus, the worst case scenario with this change > is that files written in the last 30 seconds plus disk cache delay > time before the crash may have their times adjusted back by up to > 30 seconds plus the disk cache delay time. > I have a related question that came up while I was working on a patch for ZFS[0] to set a mount-time for those of us with broken RTCs. The current version of mountroot[1] calls inittodr() *after* the root is mounted, which means that anything needing to pull a timestamp when the root is mounted gets a time <= 10 (probably 1). In ZFS, this results in an uberblock update that leaves a bogus timestamp around until another update occurs, and I'm not sure that that's really OK. I'm wondering if we should consider splitting inittodr() or something to try and read the RTC before we have a root, and 'fixing' the clock after root is mounted if we need a hint from the rootfs? I don't know if any of this matters for UFS. Thanks, Kyle Evans [0] https://github.com/openzfs/zfs/pull/18645 [1] https://cgit.freebsd.org/src/tree/sys/kern/vfs_mountroot.c?id=01c8e2e33df81b242d73a23de49a6b61f33c24c1#n1105 From nobody Tue Jun 9 22:32:33 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZkDx47Glz6gmD0 for ; Tue, 09 Jun 2026 22:32:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZkDx36Xhz3JH3 for ; Tue, 09 Jun 2026 22:32:33 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781044353; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Nde1Qw+cDllbC6t3PPGGc+dEF4GsS9vzk8liR9ee8L0=; b=TgSHTeCZf+ZuXIZFhpFazt2psuwsRJkiiP1be9CWjFcUknQuujxhjCVruDw0BhUBGuEfUw 5lVVTQARJ0EyQBfQlgjgfDPvnk/i1LYvHw1Ged8QsvyC/psKKW9o3VJFz5QOwQuBQzuVhl LCejDu33ZAfR7yZBJAmH4X6nc6AQndp8s4vM8cLAcxz5HgZZ29XPLMjJVGtYAXTKH9GS3q DL5Y4D862oQVmqA79UVkYPCadivf5VenEbwrU4pV8LlBlpoMUbZvCQQBjM4F+G57sBJHGW cmTzey5ohKh6mYNvz6VYxdpeckV0RpjwioPjNdC1w7JkrO6Ton+Z+5NEpCa8UA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781044353; a=rsa-sha256; cv=none; b=Z9VuFeCs/h9Pf+aqyUZftnnpIR0Z8x5Q5ErzFChaTzL4pWP6Twq9eIxtBgEihI/meGcUOs NfpQ0VavBaMOY4c2YgHx4C50a1iPmtCqpPWZgMClJT/wz4T6/tjQMYC2OCWAoWvaWb+Sni chR6zFlePRfy2Xiy3670UOUQR+HmeIKvWnsJU18kEukRDqt70dBEKfGfq/JY32GLEYW0Hv aaSBHwuMwwNLiQvhJJGJCf3q+c4hzzy8wNjSIp8Nj/RpdrNve5rlCAxfA++d4sTVQ7AmXF jo6zsZqYtegGEbZjDhrNo4lOYYYyDO5de63JM/q91O/VNIE1OQps58wiPg7/Zg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781044353; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Nde1Qw+cDllbC6t3PPGGc+dEF4GsS9vzk8liR9ee8L0=; b=OE9/Kd/4/Mi/RExTA8coRYD8vWL+YEyPnQf+OVIQqi+dto3GDAciay35NwjIRL/hyIRWIp QPhQ0JrZG5HHbJQ11VdXWYnZqaKTOsBpSuQON0jlg5jUR0Ff5hrlU8m93txt26pRr+15++ jimZq3DNpaysOmssJTXmWrXt9ju5EZ8fjhEJL0S0UHsOuaBeZx85dPxav/iGyAalWJ9ty1 S0Bu+DC4mKW3krD0oE3Lq5DGU8E53XpomHawHAPdIQlYMq+3aFCHZ8fOXlLvCWPrKg/V4S yjyNFhA8KcoLzfPQGxxeTs9QVhCxcefUtR93qH4q6KgWbn8ziTJWhLcnK3gelw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZkDx2fLSztx6 for ; Tue, 09 Jun 2026 22:32:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 320f5 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 22:32:33 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Jamie Gritton Subject: git: b52dc2067618 - main - jail: Don't double-free the current prison in kern_jail_set/get List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jamie X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: b52dc2067618fc73e8d4d20e4035d1a67a8b455d Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 22:32:33 +0000 Message-Id: <6a289481.320f5.78341fda@gitrepo.freebsd.org> The branch main has been updated by jamie: URL: https://cgit.FreeBSD.org/src/commit/?id=b52dc2067618fc73e8d4d20e4035d1a67a8b455d commit b52dc2067618fc73e8d4d20e4035d1a67a8b455d Author: Jamie Gritton AuthorDate: 2026-06-09 22:31:40 +0000 Commit: Jamie Gritton CommitDate: 2026-06-09 22:31:40 +0000 jail: Don't double-free the current prison in kern_jail_set/get Reported by: Yuxiang Yang, et al Discussed with: markj MFC after: 3 days --- sys/kern/kern_jail.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index bc80adb91cd6..a8d44012db0f 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -1117,14 +1117,17 @@ kern_jail_set(struct thread *td, struct uio *optuio, int flags) * Look up and create jails based on the * descriptor's prison. */ - prison_free(mypr); - error = jaildesc_find(td, jfd_in, &mypr, NULL); + struct prison *jdpr; + + error = jaildesc_find(td, jfd_in, &jdpr, NULL); if (error != 0) { vfs_opterror(opts, error == ENOENT ? "descriptor to dead jail" : "not a jail descriptor"); goto done_errmsg; } + prison_free(mypr); + mypr = jdpr; if ((flags & JAIL_CREATE) && mypr->pr_childmax == 0) { error = EPERM; goto done_free; @@ -2618,14 +2621,17 @@ kern_jail_get(struct thread *td, struct uio *optuio, int flags) } if (flags & JAIL_AT_DESC) { /* Look up jails based on the descriptor's prison. */ - prison_free(mypr); - error = jaildesc_find(td, jfd_in, &mypr, NULL); + struct prison *jdpr; + + error = jaildesc_find(td, jfd_in, &jdpr, NULL); if (error != 0) { vfs_opterror(opts, error == ENOENT ? "descriptor to dead jail" : "not a jail descriptor"); goto done; } + prison_free(mypr); + mypr = jdpr; } if (flags & (JAIL_GET_DESC | JAIL_OWN_DESC)) { /* Allocate a jail descriptor to return later. */ From nobody Tue Jun 9 23:14:18 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZl9R2dk6z6grLm; Tue, 09 Jun 2026 23:14:35 +0000 (UTC) (envelope-from kib@freebsd.org) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZl9Q3wrYz3Qrf; Tue, 09 Jun 2026 23:14:34 +0000 (UTC) (envelope-from kib@freebsd.org) Authentication-Results: mx1.freebsd.org; none Received: from tom.home (kib@localhost [127.0.0.1] (may be forged)) by kib.kiev.ua (8.18.1/8.18.1) with ESMTP id 659NEIVX062790; Wed, 10 Jun 2026 02:14:21 +0300 (EEST) (envelope-from kib@freebsd.org) DKIM-Filter: OpenDKIM Filter v2.10.3 kib.kiev.ua 659NEIVX062790 Received: (from kostik@localhost) by tom.home (8.18.1/8.18.1/Submit) id 659NEINt062789; Wed, 10 Jun 2026 02:14:18 +0300 (EEST) (envelope-from kib@freebsd.org) X-Authentication-Warning: tom.home: kostik set sender to kib@freebsd.org using -f Date: Wed, 10 Jun 2026 02:14:18 +0300 From: Konstantin Belousov To: John Baldwin Cc: Robert Clausecker , Robert Clausecker , src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org, Faraz Vahedi Subject: Re: git: 5f732742ad5b - main - libc: Add free_sized() and free_aligned_sized() as per C23 Message-ID: References: <6a25dc0b.4729a.7f7225a7@gitrepo.freebsd.org> <15221817-b23e-4cd2-94a9-edff4d06bb3b@FreeBSD.org> List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <15221817-b23e-4cd2-94a9-edff4d06bb3b@FreeBSD.org> X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham autolearn_force=no version=4.0.2 X-Spam-Checker-Version: SpamAssassin 4.0.2 (2025-08-27) on tom.home X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US] X-Rspamd-Queue-Id: 4gZl9Q3wrYz3Qrf X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated On Tue, Jun 09, 2026 at 10:06:09AM -0400, John Baldwin wrote: > On 6/9/26 05:30, Robert Clausecker wrote: > > Hi Konstantin, > > > > Am Tue, Jun 09, 2026 at 04:38:58AM +0300 schrieb Konstantin Belousov: > > > On Sun, Jun 07, 2026 at 09:00:59PM +0000, Robert Clausecker wrote: > > > > The branch main has been updated by fuz: > > > > > > > > URL: https://cgit.FreeBSD.org/src/commit/?id=5f732742ad5b3133a860a8969cf2bd13dc9ac358 > > > > > > > > commit 5f732742ad5b3133a860a8969cf2bd13dc9ac358 > > > > Author: Faraz Vahedi > > > > AuthorDate: 2026-05-16 18:36:17 +0000 > > > > Commit: Robert Clausecker > > > > CommitDate: 2026-06-07 20:59:19 +0000 > > > > > > > > libc: Add free_sized() and free_aligned_sized() as per C23 > > > > > > > +FBSD_1.9 { > > > > + free_sized; > > > > + free_aligned_sized; > > > > > > > + __free_sized; > > > > + __free_aligned_sized; > > > > > > Why these two symbols (from private C namespace) need to be exported? > > > And then, why they need to be exported in the public version? > > > > > > > +}; > > > > This is for consistency with the other libc allocator symbols, which are also > > exported. I suppose this is useful if you e.g. wish to hook or replace the > > allocation machinery, giving you access to the originals where desired. > > That's what RTLD_NEXT is for? Well there is indeed 9dfba391d62cb. But since we are trying to discourage the non-standard interpretation of the weak symbol semantic from rtld (of course this can never happen), might be it is not too wise to extend the hack. Anyway, it is in now, so let it be. From nobody Tue Jun 9 23:34:01 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZlby6KBJz6gtFc for ; Tue, 09 Jun 2026 23:34:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZlby5Pmfz43pS for ; Tue, 09 Jun 2026 23:34:06 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781048046; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+WYAlDHR5w3EDay5uy2znpPodNOPH4nz1l02t0GOLd0=; b=FzqcBS7rdPmZPlICNWK+TYwclUykEM7MPaQ9vefezRdLoYjKOB4ISasBMgbhTcmHR77l9o 4rQRmAvAVRbs/aXXQnMi1CWzWS3v+6GGmyxAjuC62qvi4pn5KXT+aV+OAj7feus9qqf5c4 zja/fNIcbHifNkyD+m9aXlYlKT4B/znhlKsyOsHb9yZ7rbJamBd6KbGx743B7IevdJftGG DE87eB/BLe+8MFLPkPdz3bElMs2XPcaot06EjBbccHYkMvG4iT3/QBg1wZdwRNSH8bodUP sHLh1SSV+cAAqrLkmvwjK1FwMcnsEpAzTYHbaIz18a673mQclGwGDDpfMmQz/g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781048046; a=rsa-sha256; cv=none; b=Ol3BC9J9LelbbpGEm+5F+ceO1MmBgGqNI91N4ZXkKiAVkxVDO5yyweTjh0xJjhBIoJYhpu 2S+9d97bAHvnG2as8IelIkII1MEVv4rSDlCX6conOS0KKg4oXaRCGLzDscGb2fpvrhYLay eln6LhjvALMSuQ1IHb5WdTwBk0MUOp5e8M55Y84SL9YFUJpIrcJPTVQvSG5gewUpADQ21u cCvCI9DK33663neoUxaQsTi3HjUZe4Ri2RowgoBDsFNQHo5QeOfZW1iEAvl3JjbRQo++OL bk48vaSAugi+vipw9dvCVqrw2tX7w/musSnsPsnQASSXbFi4/Qrm+JtoymOPCA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781048046; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+WYAlDHR5w3EDay5uy2znpPodNOPH4nz1l02t0GOLd0=; b=I1K9gpMOEsjBmYS4QqNTdIlO2zuD65OaQLfwta3bgTfnwUWkD9XBSrpQGwks6GrTTuEGjX 6jVNz1WuIupUdej907bT32uvOxtgXq9lOr3keCQu81N3PJm0xVNW2p1oGvvaa7olxP2jkk FKmpkmduPWurwWsRnB0lhFw1nrVDB/LQciMEAyD02AnU6uEg952NNszfPIyb3Kll369zTJ IH1TXMlgv47EAKmhWmpS2HYXD4e3qs+IrA6+gEh5Umu0qJJ5ASlg5YS47mpEaOcCDpWuLJ OTh/X6zW7nPkrcKlimeansamqdxHbmE9tmaun2VLk9e9vIvjmXkI1uy9snjOGg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZlby4y28zwj7 for ; Tue, 09 Jun 2026 23:34:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3b89e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Tue, 09 Jun 2026 23:34:01 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Faraz Vahedi From: Warner Losh Subject: git: 1c85c5eea09a - main - loader.efi: Search boot device before foreign ZFS pools List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 1c85c5eea09a4c9649b7634225220337e6005cd4 Auto-Submitted: auto-generated Date: Tue, 09 Jun 2026 23:34:01 +0000 Message-Id: <6a28a2e9.3b89e.f7901f7@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=1c85c5eea09a4c9649b7634225220337e6005cd4 commit 1c85c5eea09a4c9649b7634225220337e6005cd4 Author: Faraz Vahedi AuthorDate: 2026-05-26 14:35:42 +0000 Commit: Warner Losh CommitDate: 2026-06-09 23:33:05 +0000 loader.efi: Search boot device before foreign ZFS pools When `boot_policy` is `RELAXED`, `find_currdev()` tried ZFS pools on every disk before searching the boot ESP and sibling partitions. Booting install media from USB could therefore select an installed ZFS root on internal storage instead of the intended memstick UFS image. Extract the boot-device partition walk into `try_boot_device_partitions()` and run it before relaxed foreign-pool probing. The ZFS search order is preserved; pools on the boot device are tried first, followed by pools on other devices when `boot_policy` is `RELAXED` and the boot device yields no bootable root. Signed-off-by: Faraz Vahedi Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/2239 --- stand/efi/loader/main.c | 125 ++++++++++++++++++++++++++++-------------------- 1 file changed, 72 insertions(+), 53 deletions(-) diff --git a/stand/efi/loader/main.c b/stand/efi/loader/main.c index 2dc7924b9fcd..1444b1eee17d 100644 --- a/stand/efi/loader/main.c +++ b/stand/efi/loader/main.c @@ -364,6 +364,49 @@ try_as_currdev(pdinfo_t *hd, pdinfo_t *pp) return (sanity_check_currdev()); } +/* + * Search the boot device first (i.e. the ESP and any sibling partitions). + * Per the UEFI specification, filesystems on other devices must not be + * preferred until the boot device has been fully exhausted. + */ +static int +try_boot_device_partitions(void) +{ + pdinfo_t *dp, *pp, *espdp; + CHAR16 *text; + + dp = efiblk_get_pdinfo_by_handle(boot_img->DeviceHandle); + if (dp == NULL) + return (ENOENT); + + text = efi_devpath_name(dp->pd_devpath); + if (text != NULL) { + printf("Trying ESP: %S\n", text); + efi_free_devpath_name(text); + } + set_currdev_pdinfo(dp); + if (sanity_check_currdev()) + return (0); + + if (dp->pd_parent == NULL) + return (ENOENT); + + espdp = dp; + dp = dp->pd_parent; + STAILQ_FOREACH(pp, &dp->pd_part, pd_link) { + if (espdp == pp) + continue; + text = efi_devpath_name(pp->pd_devpath); + if (text != NULL) { + printf("Trying: %S\n", text); + efi_free_devpath_name(text); + } + if (try_as_currdev(dp, pp)) + return (0); + } + return (ENOENT); +} + /* * Sometimes we get filenames that are all upper case * and/or have backslashes in them. Filter all this out @@ -535,10 +578,9 @@ match_boot_info(char *boot_info, size_t bisz) static int find_currdev(bool do_bootmgr, char *boot_info, size_t boot_info_sz) { - pdinfo_t *dp, *pp; + pdinfo_t *dp; EFI_DEVICE_PATH *devpath, *copy; EFI_HANDLE h; - CHAR16 *text; struct devsw *dev; int unit; uint64_t extra; @@ -606,65 +648,42 @@ find_currdev(bool do_bootmgr, char *boot_info, size_t boot_info_sz) return (0); #endif /* MD_IMAGE_SIZE */ -#ifdef EFI_ZFS_BOOT - zfsinfo_list_t *zfsinfo = efizfs_get_zfsinfo_list(); - zfsinfo_t *zi; + if (try_boot_device_partitions() == 0) + return (0); - /* - * First try the zfs pool(s) that were on the boot device, then - * try any other pool if we have a relaxed policy. zfsinfo has - * the pools that had elements on the boot device first. - */ - STAILQ_FOREACH(zi, zfsinfo, zi_link) { - if (boot_policy == STRICT && - zi->zi_handle != boot_img->DeviceHandle) - continue; - printf("Trying ZFS pool 0x%jx\n", zi->zi_pool_guid); - if (probe_zfs_currdev(zi->zi_pool_guid)) - return (0); - } -#endif /* EFI_ZFS_BOOT */ +#ifdef EFI_ZFS_BOOT + { + zfsinfo_list_t *zfsinfo = efizfs_get_zfsinfo_list(); + zfsinfo_t *zi; - /* - * Try to find the block device by its handle based on the - * image we're booting. If we can't find a sane partition, - * search all the other partitions of the disk. We do not - * search other disks because it's a violation of the UEFI - * boot protocol to do so. We fail and let UEFI go on to - * the next candidate. - */ - dp = efiblk_get_pdinfo_by_handle(boot_img->DeviceHandle); - if (dp != NULL) { - text = efi_devpath_name(dp->pd_devpath); - if (text != NULL) { - printf("Trying ESP: %S\n", text); - efi_free_devpath_name(text); + /* + * Try ZFS pool(s) on the boot device not reachable via + * the partition walk above. + */ + STAILQ_FOREACH(zi, zfsinfo, zi_link) { + if (zi->zi_handle != boot_img->DeviceHandle) + continue; + printf("Trying ZFS pool 0x%jx\n", zi->zi_pool_guid); + if (probe_zfs_currdev(zi->zi_pool_guid)) + return (0); } - set_currdev_pdinfo(dp); - if (sanity_check_currdev()) - return (0); - if (dp->pd_parent != NULL) { - pdinfo_t *espdp = dp; - dp = dp->pd_parent; - STAILQ_FOREACH(pp, &dp->pd_part, pd_link) { - /* Already tried the ESP */ - if (espdp == pp) + + /* + * With a relaxed policy, try pools on other devices only + * after the boot device has no bootable root. + */ + if (boot_policy == RELAXED) { + STAILQ_FOREACH(zi, zfsinfo, zi_link) { + if (zi->zi_handle == boot_img->DeviceHandle) continue; - /* - * Roll up the ZFS special case - * for those partitions that have - * zpools on them. - */ - text = efi_devpath_name(pp->pd_devpath); - if (text != NULL) { - printf("Trying: %S\n", text); - efi_free_devpath_name(text); - } - if (try_as_currdev(dp, pp)) + printf("Trying ZFS pool 0x%jx\n", + zi->zi_pool_guid); + if (probe_zfs_currdev(zi->zi_pool_guid)) return (0); } } } +#endif /* EFI_ZFS_BOOT */ /* * Try the device handle from our loaded image first. If that From nobody Wed Jun 10 00:31:55 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZmtg44RRz6h2FV for ; Wed, 10 Jun 2026 00:31:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZmtg24Xtz3WRb for ; Wed, 10 Jun 2026 00:31:55 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781051515; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=FIX25PKAh1Xs7KFX/hIHSnX8ao6lhimDLAsttMHuOjM=; b=M0p3oZeeBR4sO5ot99JdtSjz4T2o2gfIDkwlKBm5uO1XUXDx943ihSOoMsWOdEBnJ2x/Wd bJ4VWpVm3wMHVFO0QCxHO7UJZx5SUHt0MS9aT8M/SnVFWztmNmll6QVloYo9r2bVuz+vuA uYArvzPyhhepW4qKRr512gIEinukOO926AntRHK8YwdbHbTZfIcs/T25YY4GNsIRifc9ha eY47zwEYcXQ3JSdcm/JVG0o7BII0BXiZz1bSym4gcuLQtTk12RMJglkBmt/7piKdQghxr8 1Geybm2BSbwFHvENYeiMpRhKEmF46KeOSkgoBvXWAi7lQiFbpK0sIKC5YeY5hw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781051515; a=rsa-sha256; cv=none; b=vsHmqKirH5ojgpvM2OWEd6OmbB1pR8rRo0Mfc0VkATP6x47bUwbPGemqHMJVfizo1jRhxH gTXzG0vycrKhA9yDQqcnRIVDDbhdhPN5YDTw9RwoWATq86NrNlM97iJg8tdVE/k7JxSeAZ oMxzesyjVOfeh198BciRAdAU3UHjnjDVfEabdi4O1MqtyH1dRDu57bnDY42GNeCokrWGgQ AsP4JVOqf6T4abAH4u7AFr6uBNc1oqY4fV0zkHN58JkyPi5zWWy+g2XlRL/mEYiVu7RWpQ 99+6/wxCFeTyD008WufXgycLDSJCEWqFPuQUT6HwJhKBBRotB2LVmj7xqn4/cA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781051515; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=FIX25PKAh1Xs7KFX/hIHSnX8ao6lhimDLAsttMHuOjM=; b=HqtomEhbh9zJNZBWYG11v7g5ZDdv+XjM5PFNnri7xKGGS8qFNU8joP+BpvtFjUEeimLvdd /Yvwut93lC6afhI5WJWng5LMKHORHNJvhXOxqbpDC2tXBpESS1OzTgk9lGXCt8yrsZS6K7 w2Mz7Nxq+PKL27XUWHnYBZ1dpsyx1+JVWXzpbZjxxFiYwWKS6mCpyAlPc2ef9BMzLtITmM 0p156TSG5daxONqi3qIXa0YqkQpuey+hv2NvZintOk9tC9BUIYEWHYKFLneySmZ59ORL4b m4HQI+iA5jX0Rgrhq2Ss0AkDmIpTfPpcTTvCXUk4r8yJg4Ojev6h+MbOzb+3bA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZmtg1NmbzyH5 for ; Wed, 10 Jun 2026 00:31:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3f04a by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 00:31:55 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Philip Paeps Subject: git: 6aaa8b4e644f - Create tag release/15.0.0-p10 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: philip X-Git-Repository: src X-Git-Refname: refs/tags/release/15.0.0-p10 X-Git-Reftype: annotated tag X-Git-Commit: 6aaa8b4e644fea7624377a92f0b492f915b62a70 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 00:31:55 +0000 Message-Id: <6a28b07b.3f04a.8165f27@gitrepo.freebsd.org> The annotated tag release/15.0.0-p10 has been created by philip: URL: https://cgit.FreeBSD.org/src/tag/?h=release/15.0.0-p10 tag release/15.0.0-p10 Tagger: Philip Paeps TaggerDate: 2026-06-10 00:30:51 +0000 Tag FreeBSD 15.0-RELEASE-p10 commit fef97a6889f98be4fa9a565577067f20d1f642a9 Author: Mark Johnston AuthorDate: 2026-06-07 16:36:46 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 19:52:11 +0000 Add UPDATING entries and bump version Approved by: so From nobody Wed Jun 10 00:32:24 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZmvD557dz6h2Ll for ; Wed, 10 Jun 2026 00:32:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZmvD2vMXz3XHQ for ; Wed, 10 Jun 2026 00:32:24 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781051544; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SFd19c9FTb1zHi+CtVbZuL5eyeYJT7MRub8O/f8ZQLc=; b=wWvd2KpMZAtDFLt71vgkL0siG3+B3CpTcqgM1cyNwfOD9Ee/Dp4RFnc1qXFToF+EOtt/VR D8q+a8q8S7znMyxCzj6V4k5Pb3y0osVUyxDSsmUhHe3yUNsadFxDvGzWvZECIYPaxInHZY OrqgGmajLs2Dcdc1kiAAarvHc+toHFZBpJNAxLvOeenfvs0VNCUIOpSUlPp+4x4bvq/mwx 9384bkEn/VT3uPH+fGX6JzzGhpQj2o7Cbp9IPvlO5LgIZyzjKvjpl82vfvW4KgIO7Jdu3N 3pFz45m9Q/3OzHPAj1oAkGYtkOGPUKeYCUVseUlO0r0rF5QAQOqUiIZjAd6ltw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781051544; a=rsa-sha256; cv=none; b=TDaAOU31GajzhkythbjQy+qLMNAdNR1i5D6IETYJ7keaYhXiYfvPLRuR0NReK4zyrCN02B MQRnj+hyOGwq0RqLaeawju19EbQXNP+8jVhwnf+1ou9O4N37cdlY0iCi6HBtwL0TaGdML6 xKo+R9/jjvz5hq4sAEq1nilzMkFFKawReAKDfgEEAaHLK8Bjr755Oxp3ZNnwhD5Sm4qRUS diuCT78G6CM/dp+s35rjFgxMUITWoLBN8FmK4Q17HVOUFdEiFvnlW081T118wmGXcZcmkh u/yX68WF7AiwMo5CY2z75Ff6lh7HVM2cgCB7l2pz34AWlEq6tHbDRvKYAbqG8g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781051544; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SFd19c9FTb1zHi+CtVbZuL5eyeYJT7MRub8O/f8ZQLc=; b=q3q8Y/LQxRb3ue4r/DJNUs3pwnXNnUeItBc4t9eYsgZdEjTgnV6c+wRFXkBYl8ybplI9pD DDoC8VxfWpoRPWR0V4+RLBCuULSo/1e4qbW/5z05BTS2+oZUz5ybt6VQS50NqhbBFvrHKd RK2oTDA0HZ6JiNbA3cQlI35ko2aljHV6XbyJw2180ZdtKvULOYhD0CI1qr+OwjZVVDc9LF ePzkri9U4snSPP4SLNp7xH1wDPWeElZarbFHyLBK7b+2TlwZT/BdA2QBxyVgvuyp1Nt4C3 x1sLLtjqvRf/wr5s9uI6/QQ56MZfPoehLaOp+YUiHKatXDgdjxIRb6D167ywHg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZmvD21K0zyDt for ; Wed, 10 Jun 2026 00:32:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3fec0 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 00:32:24 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Chuck Tuffli Subject: git: 925ca9b8355d - main - linux: Add TCP_INFO support List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: chuck X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 925ca9b8355d10a0dc85175dc865095c9b3370c4 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 00:32:24 +0000 Message-Id: <6a28b098.3fec0.1bb5ef47@gitrepo.freebsd.org> The branch main has been updated by chuck: URL: https://cgit.FreeBSD.org/src/commit/?id=925ca9b8355d10a0dc85175dc865095c9b3370c4 commit 925ca9b8355d10a0dc85175dc865095c9b3370c4 Author: Chuck Tuffli AuthorDate: 2026-06-10 00:22:49 +0000 Commit: Chuck Tuffli CommitDate: 2026-06-10 00:23:24 +0000 linux: Add TCP_INFO support Implement the getsockopt for TCP_INFO by mapping FreeBSD's version to what Linux expects. MFC after: 1 month Relnotes: yes Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D55882 --- sys/compat/linux/linux_socket.c | 47 +++++++++++++++++++-- sys/compat/linux/linux_socket.h | 92 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 136 insertions(+), 3 deletions(-) diff --git a/sys/compat/linux/linux_socket.c b/sys/compat/linux/linux_socket.c index 12ba6a3adfce..7b579958158a 100644 --- a/sys/compat/linux/linux_socket.c +++ b/sys/compat/linux/linux_socket.c @@ -591,9 +591,7 @@ linux_to_bsd_tcp_sockopt(int opt) case LINUX_TCP_KEEPCNT: return (TCP_KEEPCNT); case LINUX_TCP_INFO: - LINUX_RATELIMIT_MSG_OPT1( - "unsupported TCP socket option TCP_INFO (%d)", opt); - return (-2); + return (TCP_INFO); case LINUX_TCP_MD5SIG: return (TCP_MD5SIG); case LINUX_TCP_USER_TIMEOUT: @@ -2407,6 +2405,42 @@ linux_getsockopt_so_linger(struct thread *td, return (linux_sockopt_copyout(td, &ling, len, args)); } +static int +linux_getsockopt_tcp_info(struct thread *td, + struct linux_getsockopt_args *args) +{ + struct tcp_info tinfo; + struct l_tcp_info l_tinfo; + socklen_t len; + int error; + + len = sizeof(tinfo); + error = kern_getsockopt(td, args->s, IPPROTO_TCP, TCP_INFO, &tinfo, + UIO_SYSSPACE, &len); + if (error != 0) + return (error); + memset(&l_tinfo, 0, sizeof(l_tinfo)); + l_tinfo.tcpi_state = tinfo.tcpi_state; + l_tinfo.tcpi_options = tinfo.tcpi_options; + l_tinfo.tcpi_snd_wscale = tinfo.tcpi_snd_wscale; + l_tinfo.tcpi_rcv_wscale = tinfo.tcpi_rcv_wscale; + l_tinfo.tcpi_rto = tinfo.tcpi_rto; + l_tinfo.tcpi_snd_mss = tinfo.tcpi_snd_mss; + l_tinfo.tcpi_rcv_mss = tinfo.tcpi_rcv_mss; + l_tinfo.tcpi_last_data_recv = tinfo.tcpi_last_data_recv; + l_tinfo.tcpi_rtt = tinfo.tcpi_rtt; + l_tinfo.tcpi_rttvar = tinfo.tcpi_rttvar; + l_tinfo.tcpi_snd_ssthresh = tinfo.tcpi_snd_ssthresh; + l_tinfo.tcpi_snd_cwnd = tinfo.tcpi_snd_cwnd; + l_tinfo.tcpi_rcv_space = tinfo.tcpi_rcv_space; + l_tinfo.tcpi_snd_wnd = tinfo.tcpi_snd_wnd; + l_tinfo.tcpi_rcv_ooopack = tinfo.tcpi_rcv_ooopack; + /* Eqivalent */ + l_tinfo.tcpi_total_retrans = tinfo.tcpi_snd_rexmitpack; + + return (linux_sockopt_copyout(td, &l_tinfo, len, args)); +} + int linux_getsockopt(struct thread *td, struct linux_getsockopt_args *args) { @@ -2505,6 +2539,13 @@ linux_getsockopt(struct thread *td, struct linux_getsockopt_args *args) name = linux_to_bsd_ip6_sockopt(args->optname); break; case IPPROTO_TCP: + switch (args->optname) { + case LINUX_TCP_INFO: + return (linux_getsockopt_tcp_info(td, args)); + /* NOTREACHED */ + default: + break; + } name = linux_to_bsd_tcp_sockopt(args->optname); switch (name) { case TCP_MAXUNACKTIME: diff --git a/sys/compat/linux/linux_socket.h b/sys/compat/linux/linux_socket.h index d30d68409496..47fc140259c5 100644 --- a/sys/compat/linux/linux_socket.h +++ b/sys/compat/linux/linux_socket.h @@ -359,6 +359,98 @@ struct l_ifreq { } ifr_ifru; }; +/* + * Linux TCP_INFO structure as of v6.19.8 + * + * Comments indicate last field for the given kernel version + */ +struct l_tcp_info { + uint8_t tcpi_state; + uint8_t tcpi_ca_state; + uint8_t tcpi_retransmits; + uint8_t tcpi_probes; + uint8_t tcpi_backoff; + uint8_t tcpi_options; + uint8_t tcpi_snd_wscale : 4, tcpi_rcv_wscale : 4; + uint8_t tcpi_delivery_rate_app_limited:1, tcpi_fastopen_client_fail:2; + + uint32_t tcpi_rto; + uint32_t tcpi_ato; + uint32_t tcpi_snd_mss; + uint32_t tcpi_rcv_mss; + + uint32_t tcpi_unacked; + uint32_t tcpi_sacked; + uint32_t tcpi_lost; + uint32_t tcpi_retrans; + uint32_t tcpi_fackets; + + uint32_t tcpi_last_data_sent; + uint32_t tcpi_last_ack_sent; + uint32_t tcpi_last_data_recv; + uint32_t tcpi_last_ack_recv; + + uint32_t tcpi_pmtu; + uint32_t tcpi_rcv_ssthresh; + uint32_t tcpi_rtt; + uint32_t tcpi_rttvar; + uint32_t tcpi_snd_ssthresh; + uint32_t tcpi_snd_cwnd; + uint32_t tcpi_advmss; + uint32_t tcpi_reordering; + + uint32_t tcpi_rcv_rtt; + uint32_t tcpi_rcv_space; + + uint32_t tcpi_total_retrans; /* v3.6 */ + + uint64_t tcpi_pacing_rate; + uint64_t tcpi_max_pacing_rate; /* v3.14 */ + uint64_t tcpi_bytes_acked; + uint64_t tcpi_bytes_received; + uint32_t tcpi_segs_out; + uint32_t tcpi_segs_in; /* v4.1 */ + + uint32_t tcpi_notsent_bytes; + uint32_t tcpi_min_rtt; + uint32_t tcpi_data_segs_in; + uint32_t tcpi_data_segs_out; /* v4.5 */ + + uint64_t tcpi_delivery_rate; /* v4.8 */ + + uint64_t tcpi_busy_time; + uint64_t tcpi_rwnd_limited; + uint64_t tcpi_sndbuf_limited; /* v4.9 */ + + uint32_t tcpi_delivered; + uint32_t tcpi_delivered_ce; /* v4.16 */ + + uint64_t tcpi_bytes_sent; + uint64_t tcpi_bytes_retrans; + uint32_t tcpi_dsack_dups; + uint32_t tcpi_reord_seen; /* v4.18 */ + + uint32_t tcpi_rcv_ooopack; + + uint32_t tcpi_snd_wnd; /* v5.3 */ + uint32_t tcpi_rcv_wnd; + + uint32_t tcpi_rehash; /* v6.1 */ + + uint16_t tcpi_total_rto; + uint16_t tcpi_total_rto_recoveries; + uint32_t tcpi_total_rto_time; /* v6.6 */ + uint32_t tcpi_received_ce; + uint32_t tcpi_delivered_e1_bytes; + uint32_t tcpi_delivered_e0_bytes; + uint32_t tcpi_delivered_ce_bytes; + uint32_t tcpi_received_e1_bytes; + uint32_t tcpi_received_e0_bytes; + uint32_t tcpi_received_ce_bytes; + uint16_t tcpi_accecn_fail_mode; + uint16_t tcpi_accecn_opt_seen; /* v6.17 */ +}; + /* * Define here members which are not exists in the FreeBSD struct ifreq. */ From nobody Wed Jun 10 00:35:38 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZmz34dfYz6h2Bm for ; Wed, 10 Jun 2026 00:35:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZmz33B6Hz3YMF for ; Wed, 10 Jun 2026 00:35:43 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781051743; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=X+rYT3/WfwdQG7fxvCQZOdQq8Vto4lWg2ennUXNfWpI=; b=HTAXfxJa7iNVxy962bKFUWaY6Mx+i5g8+gtVfA4CmMZhCdMI8jC6OHVJqnknWnuWf14Fxc NWuj3qRs6VZAHQMFbN0cNtMs0uFSVRGXrNH4GK/qBkBtgHXYYNiKssh2k3ZNGP/gHq56xD kAuhW2EzJy40r7ck6MghTj+1tUbcNJv6EzaNdvdL/7zqgSryfdA2g4aJxyohNKVTxIP4pB 3ZuiIvoiZQ84e31NDVd2PEgdfiRheU2aVPIY3jrlq/YVW5RoMjBxM6hZ0ZKvGSd6LMT1O1 J7OzxX+YC8uB9fbIkjwsKeNgumZN7R0bOHSsJdz+i47TTdHwD/nxu2kiWlQQ/g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781051743; a=rsa-sha256; cv=none; b=t9pdN1gVNZ63iYC1K5BnPWTzPoYO0IhdEDJUBqAan9PDe8Mg5WL3GUA3iYFUdu7zb9SRNO NsW8FBeR3eSwGZcgDhVvwtqa7gqQNo0YVgQ9SZhzhFM/Bv2RHkL5PtT9oTQ/ouATd3vDwa oLF9sYQUw5TNEkTA9hvysAICx4pPZvWWRVe5C6yrPaS3Yw5j5DYNjhl8OM3G4l39PAgai3 jyK9JYpfRbU4ZYESYx34HgEF3baedaM7QyAXEkNfJ3m+/LFUzlxqZhwh1cKM/CWHoNZXYa /9cxvyaidb5vcogZ7MaQOeFtRJ7fBqdqpmjFHyYyquhrtzmz75TUgVAXpThwag== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781051743; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=X+rYT3/WfwdQG7fxvCQZOdQq8Vto4lWg2ennUXNfWpI=; b=D7qVFdrGcsL8Eg49Te5UeUtwPUL1mq0dhCn2A6ODh/qzDzUGFJpS8JxRUn1TYGpWyRO5GV nEK6HdsowipSv0bB58tzNo6LZ/HhoL0Dd7+Z77VsB23GVZg0kTf04Y7nX0Ca00MjIl0jP0 eB4mwsQbEoJcndnjQ5sVnGx0EBfid3MOs6M3DemK9pXttf+rXhTaylepXUJ5vxI3mIj6zw TbZm2Z5fWTeikT0cOtuD5+Evl9z+pLrDy5k6e32fEuX1oWK1OYSn2eqI42GlIeGRvzENAi OhfjPZsBGz3+gNHqO2AuSj+OOYUty1SWZD7HZzALeS7X/+1QnFnf/wUKFtrF/A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZmz31cSFzyDx for ; Wed, 10 Jun 2026 00:35:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 415b7 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 00:35:38 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Philip Paeps Subject: git: 31f0504d8338 - Create tag release/14.4.0-p6 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: philip X-Git-Repository: src X-Git-Refname: refs/tags/release/14.4.0-p6 X-Git-Reftype: annotated tag X-Git-Commit: 31f0504d833855657fa3839a97dcd884eb6b2ba2 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 00:35:38 +0000 Message-Id: <6a28b15a.415b7.3a6f7d11@gitrepo.freebsd.org> The annotated tag release/14.4.0-p6 has been created by philip: URL: https://cgit.FreeBSD.org/src/tag/?h=release/14.4.0-p6 tag release/14.4.0-p6 Tagger: Philip Paeps TaggerDate: 2026-06-10 00:35:01 +0000 Tag FreeBSD 14.4-RELEASE-p6 commit 3d95ec87586781c366e6c01c6a40c3e80056d24b Author: Mark Johnston AuthorDate: 2026-06-07 16:55:09 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:38:31 +0000 Add UPDATING entries and bump version Approved by: so From nobody Wed Jun 10 00:37:56 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZn1d1lvkz6h2g1 for ; Wed, 10 Jun 2026 00:37:57 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZn1c6Xdxz3YbT for ; Wed, 10 Jun 2026 00:37:56 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781051877; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4ET4DhHxcTJvH3g5NmOmuPcqEzf/CDkazOq0WW+wjj8=; b=iUmK+gGlRmsLcfUvthF4w8sNrUqNxbb3z0OSMceQoeH8Tf6SfKIknz+VrmFXidE7IuQn9X Gf9fHl9hv07qdXUobL5w1dYtiT/mnqQ5Sm85vosDuzxoldy1+z6eYyCde7CkCrXeISjByq kjGxcXXrSuL6AAdfrTqhgbkRzTEIpiFpAdnNS3JAy4MGD+PApdCunS28wPSXwcF3o2u9gV Qc5Y0tUf/lTOUKCa+ZWMPleCux/HstZVE6vqHA+CbuAU7kNIK+QKExR/0YJOCzCbe7fy+/ o/gA5Wc47cnTrKa4EFF50n0ti6Y6e0f10zjktLkRW0T2cWuPMzJzs2iTddfTeQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781051877; a=rsa-sha256; cv=none; b=XtyL+6SiGjIQp/xV7ikjrA8nrAMiYXlRd4aaWVvbDx0LFiwiIrlyXtyiUVrntk6bSDxALS SvpaR+g9XqOPKZXLv+GuaaEbjbVAjDBwbL4WcOTEBn35saojafG3RgS4b1RIRr5KCLbYB+ HCG7+lOqSHrZ5kuiBbh2yZzUrrZjpfeW4Y0gpzb+1CY8S0vRWTbKCpHHACoOvpqvGRxWgF Sir5it9MowET89Q9iV5ccwukZ9R1K7QviBvj9dqcEuRS8ve9nIv65tAlooYqWPd8WGTnqf fnB2eXABjWLKPrC1IvzSvBvS9MrKRcdu6M7Trx5E1qVGuZ4MRdU3aQODc8tX3g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781051877; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4ET4DhHxcTJvH3g5NmOmuPcqEzf/CDkazOq0WW+wjj8=; b=gOVwjC52xLCP4ddXTBK0QbZGoEBiMP/7LTwWQL+67ZlRbHLztLkoqFSXxZ1n+5K9XJ18d8 GMg1jdZr46DWwB5vr1R9oXN1eUIkicI/N5ixHTJ9GDYPJRpq39OKWa5sWzlVUvAYBaRje/ N0kGJDeW4s5/u0Taic32kcU3FQvsREyndGDAr0fivHmRBFbgmDQOSnFzfXTqY45b/xWjHC sjAA72wq8B9n0iu+8Uli1v2i+r6EKoqXr3uKm2bGSH3/4lnzCRHaglR3lZxTmprWd3VVHs wvx/KADk+a/E1zt6ghpW/eExmOxf43vHRXxJGSOVwOpCJqc8/cd9uKmyqUXpng== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZn1c5N1RzyBX for ; Wed, 10 Jun 2026 00:37:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 41468 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 00:37:56 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Philip Paeps Subject: git: 640f3065c31d - Create tag release/14.3.0-p15 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: philip X-Git-Repository: src X-Git-Refname: refs/tags/release/14.3.0-p15 X-Git-Reftype: annotated tag X-Git-Commit: 640f3065c31d07f0b4e3cfb2b07ceb782c2d0372 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 00:37:56 +0000 Message-Id: <6a28b1e4.41468.7c026ece@gitrepo.freebsd.org> The annotated tag release/14.3.0-p15 has been created by philip: URL: https://cgit.FreeBSD.org/src/tag/?h=release/14.3.0-p15 tag release/14.3.0-p15 Tagger: Philip Paeps TaggerDate: 2026-06-10 00:37:01 +0000 Tag FreeBSD 14.3-RELEASE-p15 commit 0b1dfc94785e1ae263e9334a07fbe2a1ef98c0c9 Author: Mark Johnston AuthorDate: 2026-06-07 17:34:10 +0000 Commit: Mark Johnston CommitDate: 2026-06-08 15:24:16 +0000 Add UPDATING entries and bump version Approved by: so From nobody Wed Jun 10 02:33:47 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZqbP0NTdz6gl0C for ; Wed, 10 Jun 2026 02:33:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZqbN6jJmz3nSg for ; Wed, 10 Jun 2026 02:33:52 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781058832; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=DV1Xt/W7ftiuELQ7+ubYztgaR7sP+iqvItuVvcJ8V+g=; b=kANEhqzTa7AdxWxrfzwsa5Hs5Mtkr+PB3c1r+zfeL2L2ug7XlYqDv7ivZk1t7jbzR7CxTY vizKAZVuyAioG6d6FGi8GvF/EyIklei2bn3oFzbJ0AG9jFf1lAFbIBL9JGNfbMa2GCa0am T5BOxoKWspJGXsq2SNXJRxSvaqJSm9AvNoBkruUU98LN6OO7kDAO/ctlFYUk1pvW58UrgS hYODsFTrg1wT9REUpMGjYLJ3ZBszWjmBeGZDBhGA55BRLZNDcT2OEYPqMd4AszvJOhd5Qw vqGM/rOyiDhS70s3yNa5N10u539knz+TUTGcmR6OLtepveWJpU61BwVDTnBXKA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781058832; a=rsa-sha256; cv=none; b=KmJvLunOMbNg/uLxsA+QqODanns2tKesYBP86MjbF9UnlP82tbVoNsljYX6DAwbfVRXYAU q8QApApzPL3NakwEl892ctB8xHcU3jaG+MkbTd21uoryokhAs08JhykM8s1tl7GS20eh39 9mLeGjKs/V0FOYmozNuOhWfwk5nj8B4Oc5zvi4u4Hkad90zDNerLsmexzlR/vbvZ70oPog 2RYRlGQc68bgg23PVB/jA6P3hWH27/7++/4DQRSrc9FXUyGKxlFD7btm3flNEuXjYpGhGR B/KgWzVz5+zuxO/akopIb/DMpYEiS+VDZURuEoAUAZME+tXV1HrLqaeSnHWgBQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781058832; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=DV1Xt/W7ftiuELQ7+ubYztgaR7sP+iqvItuVvcJ8V+g=; b=PC8js9r0PkTop084dNp41DbTHt+bD61e81/IFYOiP98gDxKs+jZ8Z71PyKCkn0ku6JJ5Lx s7JKOlJ50jDoaYfK9KZhg/WVhFAnD7jlK6ATx69nB/s3Ms/B71dibjufR2WbSe+enPA4wV RTUosEOnqmXpIgffMLDzQLpqeeehKBXREfydl9ZxmnpULHMK2G4wT6QUnGvyuz053KZx71 juBY29qthkm4owg+6Rm+qxp13zqpcjOic7lAc136AUUIZgE9Tn02H9Wcdd2k06c2opWi1e wzHMi8mV2hCoy6lnhsQV/LkjVINcxFJO14xb6BjLyuKinWWSYZmqeR2OH+TxRQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZqbN6HMQz121B for ; Wed, 10 Jun 2026 02:33:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1de95 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 02:33:47 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Xin LI Subject: git: c85542b92acd - main - GCE: Apply public-image label on GCE images List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: delphij X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: c85542b92acd286d9e4b034b2ab4d6b6cd46c740 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 02:33:47 +0000 Message-Id: <6a28cd0b.1de95.34b50a6f@gitrepo.freebsd.org> The branch main has been updated by delphij: URL: https://cgit.FreeBSD.org/src/commit/?id=c85542b92acd286d9e4b034b2ab4d6b6cd46c740 commit c85542b92acd286d9e4b034b2ab4d6b6cd46c740 Author: Xin LI AuthorDate: 2026-06-10 02:33:03 +0000 Commit: Xin LI CommitDate: 2026-06-10 02:33:12 +0000 GCE: Apply public-image label on GCE images Update the GCE image creation process to automatically apply the 'public-image=true' label when publishing new images. This aligns with standard labeling expectations for images hosted in public projects. MFC after: 3 days --- release/Makefile.gce | 1 + 1 file changed, 1 insertion(+) diff --git a/release/Makefile.gce b/release/Makefile.gce index 31770bfd5098..f5c657c3c103 100644 --- a/release/Makefile.gce +++ b/release/Makefile.gce @@ -85,6 +85,7 @@ gce-do-upload-${_FS}: --architecture=${GCE_ARCH} \ --family=${GCE_FAMILY}-${_FS}${GCE_FAMILY_SUFX} ${GCE_LICENSE} \ --guest-os-features=GVNIC,UEFI_COMPATIBLE \ + --labels=public-image=true \ --source-uri gs://${GCE_BUCKET}/${GCE_TARGET_${_FS}}.tar.gz touch ${.OBJDIR}/${.TARGET} .endfor From nobody Wed Jun 10 02:37:44 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZqgy48qsz6gky5 for ; Wed, 10 Jun 2026 02:37:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZqgy2r6Hz3pBq for ; Wed, 10 Jun 2026 02:37:50 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781059070; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Za2IGqsXs+WEbf+XTE8Jkh8bIT/YjcJE08YC5YwgPUQ=; b=jIIA7+hFGs8oDXOgNQFxPhTVS2vDztNr3ICU1lCXDCcTmA0KpU3s+kc1xfZc8uwiDPWU98 rGkXOXY5UCzsIlDbws0K/2tHpfoGFJv62RxK1aWTGoLYwFw8fjLgAiEUgyzg0VqT+EIET6 17zwsc0h5yrYvHpcujwrlZNxFs596pq+PTBB6GdzAZpT1Toe8/HSygtQY5mG+uIm2C9mme d+wVPI5iiTvysJzeYItz2gSIDzL+Dr5/FH83Uj0fFBGezENhWQV74ji7FOM7ovmXis4TSX ariF8yBrc6KBS7zp7uoB4+R4KezqQJy+cQ9qefee03cTM0Rb3hNXGjA1cC0xTg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781059070; a=rsa-sha256; cv=none; b=V+TeARWnXuuM4nRfFfwdjMunEgRtA6pMG6rUEuVN99ck7Mb+cxSaJjFhLrLeU04aggoRSB 6/2W1ojTBvDwRjbqV65XTSprY6IFDz3nStPa7mbHVZVuSodXRJ9960JTm0cXO6qppaVGNG 7aAXhvDDk80D0v/Pn7HDzfXiNn4us3lM+VaVpRqpkJL/CD7+A1TGs7j1+bSlFfHcz3Z4km 92RAWZB8KPqbBhiwZgKQMXPnVNkZ3O6aghAERAU9yUdh/v+AmVum7xaTVUqvqH3PjrfX1s LckuqmhLWT3YrDgTgHCa6SC0ZYk2WQnOGLCHftDD9TKtsjn/g6s3qBW5VIcjWg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781059070; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Za2IGqsXs+WEbf+XTE8Jkh8bIT/YjcJE08YC5YwgPUQ=; b=Q0M1XdSh8t+vLpnRhF8UlQlDWRZiNDUnRaJL/ZRvojeEepiuXqyXA1NoeeI1v19NsZ3fj6 TA3Ihjoa74u6PnAr3LspK4um2OK7VH3JW4f+OVIkta3HOcqIDoNmUEgWBmrV+ehexzYfYs F1s3B0QXuhErmuNXtIzYFqBCZDaeFGyMME0yln5DkeBHvwIrJPOCFzVRsmRR+GgDMYER9I yomZ9kMUMZHzZmG0XQUgVAouMixg/aXJ2IjVLqW3BJhyDtCS/JV7/2ZustZxHmcxLFH0Hc UzTDQgiMLOD7P61tHPgB+xCruyX4Alu2EHVNU4hWPGy5TMlLlLrSIIoO6vJf3A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZqgy207qz11xN for ; Wed, 10 Jun 2026 02:37:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1e406 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 02:37:44 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: 89fa97f0a71d - main - compat32 wait4/6(2): only copy out when there is a pid to report List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 89fa97f0a71d4988891766c4e69eeb9687016b14 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 02:37:44 +0000 Message-Id: <6a28cdf8.1e406.43d933b4@gitrepo.freebsd.org> The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=89fa97f0a71d4988891766c4e69eeb9687016b14 commit 89fa97f0a71d4988891766c4e69eeb9687016b14 Author: Konstantin Belousov AuthorDate: 2026-06-09 21:33:56 +0000 Commit: Konstantin Belousov CommitDate: 2026-06-10 02:37:25 +0000 compat32 wait4/6(2): only copy out when there is a pid to report PR: 295965 Reported and tested by: mandree Reviewed by: markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D57513 --- sys/compat/freebsd32/freebsd32_misc.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/sys/compat/freebsd32/freebsd32_misc.c b/sys/compat/freebsd32/freebsd32_misc.c index a0b6118900ed..e4a4f256feb4 100644 --- a/sys/compat/freebsd32/freebsd32_misc.c +++ b/sys/compat/freebsd32/freebsd32_misc.c @@ -234,11 +234,9 @@ freebsd32_wait4(struct thread *td, struct freebsd32_wait4_args *uap) else rup = NULL; error = kern_wait(td, uap->pid, &status, uap->options, rup); - if (error) - return (error); - if (uap->status != NULL) + if (uap->status != NULL && error == 0 && td->td_retval[0] != 0) error = copyout(&status, uap->status, sizeof(status)); - if (uap->rusage != NULL && error == 0) { + if (uap->rusage != NULL && error == 0 && td->td_retval[0] != 0) { freebsd32_rusage_out(&ru, &ru32); error = copyout(&ru32, uap->rusage, sizeof(ru32)); } @@ -265,11 +263,9 @@ freebsd32_wait6(struct thread *td, struct freebsd32_wait6_args *uap) sip = NULL; error = kern_wait6(td, uap->idtype, PAIR32TO64(id_t, uap->id), &status, uap->options, wrup, sip); - if (error != 0) - return (error); - if (uap->status != NULL) + if (uap->status != NULL && error == 0 && td->td_retval[0] != 0) error = copyout(&status, uap->status, sizeof(status)); - if (uap->wrusage != NULL && error == 0) { + if (uap->wrusage != NULL && error == 0 && td->td_retval[0] != 0) { freebsd32_rusage_out(&wru.wru_self, &wru32.wru_self); freebsd32_rusage_out(&wru.wru_children, &wru32.wru_children); error = copyout(&wru32, uap->wrusage, sizeof(wru32)); From nobody Wed Jun 10 03:41:55 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZs5x3Kbxz6gscs; Wed, 10 Jun 2026 03:41:57 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R12" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZs5x2fcjz3tr0; Wed, 10 Jun 2026 03:41:57 +0000 (UTC) (envelope-from kevans@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781062917; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ohwdrOzmA0Ld1t9WWbTh+W1/lsA3HJ5o+fF1HvzUq8I=; b=Mc88o6GhCBrIk0hGVW7hY2M5wUvkBRrI14x1UmjuC9nQhdMpPlyOuiWLZsHXChAsTqOoUn SmNkPbJtDWzm9905ndbpBa8AdGZ11IZX20Rp5k9mP3EvpHvkgdSUu55OsT9mFtKzFAXbjl 4QQo4JqGubbLPQ22CuOB25C+CYrAkfJURNyiH0NTeT5DaI48IpkVkxjC2DDqQ3DT8OtSYR w4HgsxIZN+2jtr3vP0apN5+n/rDj0vGEF4Nij5rPv4Qh6/CnL+SE/xZes16nLSqPFdZssm KlAQP0790D9t9+pOwxm751NxyDpElv5xeO2mBGvoFIrGza/jh8zIS8KsjpYCpw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781062917; a=rsa-sha256; cv=none; b=du+jeHs6S/i+mtdjW6Tn7jkOxo8m7Wc9QAkXjdLg4kRTWDNg/rgZw6c6IE07txAmQZ6Wb2 3aj//m3vsSaTgBbBkDF8frItWy7TKQBba5e9aMUUlSN8SMnkNuRfeoKNOL6IMIHG4dm+pR NSdjU9DBM7zR5G5XOAYFTapvNJ4tbQIVfRs5edLNFVRhcMD343XO4mgsKyrkqnba6+vxh7 SmypigtEjFxru5zCvHWlk8p8Ipx1a2Rbh1RJ/E9Z1S6wqgV7NevoD+VsUouYQXngOl3KBe v+atqMDg8oqDuK3B3fKx9Z8pb2C5/2k27uaApwlupa99uCUHE9bisj1hdSfevQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781062917; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ohwdrOzmA0Ld1t9WWbTh+W1/lsA3HJ5o+fF1HvzUq8I=; b=a/D7QK6ozC1OLIblhw4U6MqpSIhw4V5Jazv8WLkbiA7u8LM3gmdAhatoB8gwYyY4dNOba2 SXVGlUgOMmh7fcaH47TfMZzYAUrOUkNkb9N51BjsE6vVaAdFPHlcG+UOrqNg3h8LQxV2yZ jw8olE4PNdy07MQkxqSdbOtmfush0ShgUKyKKo3qOgEPO8yW9p8PYZlA12DdpL1FI8UAwl Dr7o8slnA+eeoyQ05GHSB1FIvgszoCQPfR+KTdy6XkNDsIGt9l7gCiVzdEYTWcBALwMkoa gyuPy7jLZ3CORqwV8OrzDYXMkBSW1llcNufgMl/1exTANUx0ZL7WO8Sljrk9UQ== Received: from [10.9.4.95] (unknown [209.182.120.176]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: kevans/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4gZs5w6L6bzvG9; Wed, 10 Jun 2026 03:41:56 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Message-ID: <52026aaf-6763-4d4a-8d5b-d9b0b4d29ea5@FreeBSD.org> Date: Tue, 9 Jun 2026 22:41:55 -0500 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: git: a64877b140fe - stable/15 - Avoid incorrect UFS1 timestamp corrections when system clock fails at boot. To: Warner Losh Cc: Kirk McKusick , src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-branches@freebsd.org References: <6a288526.24868.173d902d@gitrepo.freebsd.org> <6fd7b96b-c5c4-4987-8ca8-f227e1066c9f@FreeBSD.org> Content-Language: en-US From: Kyle Evans In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit On 6/9/26 17:54, Warner Losh wrote: > > > On Tue, Jun 9, 2026 at 4:10 PM Kyle Evans > wrote: > > On 6/9/26 16:27, Kirk McKusick wrote: > > The branch stable/15 has been updated by mckusick: > > > > URL: https://cgit.FreeBSD.org/src/commit/?id=a64877b140fe0bf374cc96c95f374894c1627a32 > > > > commit a64877b140fe0bf374cc96c95f374894c1627a32 > > Author:     Kirk McKusick > > AuthorDate: 2026-06-01 23:48:21 +0000 > > Commit:     Kirk McKusick > > CommitDate: 2026-06-09 21:26:51 +0000 > > > >      Avoid incorrect UFS1 timestamp corrections when system clock fails at boot. > > > >      Git 1111a44301da - main - Defer the January 19, 2038 date limit in > >      UFS1 file systems to February 7, 2106 - did so by changing the UFS1 > >      32-bit signed timestamps to unsigned. With this change, time stamps > >      from before January 1, 1970 went from being negative numbers to > >      large positive numbers implying times in the future. When such a > >      time stamp is encountered when an inode is read into memory or when > >      it is encountered by fsck, its timestamp is replaced with the > >      kernel's current time. > > > >      Andre Albsmeier reported that he had a machine reboot after a power > >      failure and the battery that maintained its real-time clock had > >      died. The result was that the system booted with the time set to > >      five years earlier (absent a real-time clock value, the boot ROM > >      used the time that the boot ROM had last been updated). The net > >      result was that fsck reset the time stamps of all files newer than > >      five years old to the five year old time. > > > >      Andres's original request was for a flag in the file system superblock > >      to say that there are no timestamps from before 1970 in the file > >      system, so there shouldn't be anything to fix because of the signed > >      to unsigned switch. But this assumes that no one every does an rsync > >      or extracts a tar file or restores a dump that introduces an incorrect > >      time stamp on their system. So this approach was not taken. > > > >      This change compares the system's version of the current time to > >      the last modification time in the file system superblock. If the > >      current time is earlier than that time then use the last modification > >      time in the superblock as the value for the current time. There > >      should be no files in the file system with times newer than the > >      last modification time in the superblock. > > > >      The superblock time stamp is updated in the in-memory superblock > >      every time any change is made to anything in the file system. The > >      superblock is written to the disk every 30 seconds, so it may be > >      off by up to 30 seconds plus the time it sits in the disk cache > >      waiting to be written if the system has an unclean shutdown (such > >      as a power failure). Thus, the worst case scenario with this change > >      is that files written in the last 30 seconds plus disk cache delay > >      time before the crash may have their times adjusted back by up to > >      30 seconds plus the disk cache delay time. > > > I have a related question that came up while I was working on a patch for > ZFS[0] to set a mount-time for those of us with broken RTCs.  The current > version of mountroot[1] calls inittodr() *after* the root is mounted, which > means that anything needing to pull a timestamp when the root is mounted > gets a time <= 10 (probably 1). > > > We likely should do it both times. If it fails the first time, we'll call it a second > time after the mount with the superblock time. How we communicate time > that we think is approximately good or not... > > In ZFS, this results in an uberblock update that leaves a bogus timestamp > around until another update occurs, and I'm not sure that that's really OK. > I'm wondering if we should consider splitting inittodr() or something to > try and read the RTC before we have a root, and 'fixing' the clock after root > is mounted if we need a hint from the rootfs?  I don't know if any of this > matters for UFS. > > > Yes. I agree this is a good approach, but how does the rootfs code know that > the time is bogus and shouldn't be trusted. And how do they find out later once > time is believed to be good (ntpd, ad-hoc early-in-boot programs, etc). > That, I don't really know. One proposal I had for ZFS is that it shouldn't let the uberblock timestamps go backwards, or at least beyond a certain threshold -- if it tries to, we could just bump the timestamp by 1 from the recorded time so that our new uberblock is preferred and move on, knowing that inittodr() would likely prefer the notion of time we provide that was on disk. Any timestamps we try to pull from mountroot to ntpd/chrony/etc. would still be bogus, but a lot better than they are today for these systems. Having written that out, I think it's worth looking closer at that ub update and whether it gets persisted to disk. I'm specifically wondering if it's possible that we could needlessly lose writes as a consequence after an unclean shutdown even on systems with an RTC, since the clock isn't setup until after. Thanks, Kyle Evans From nobody Wed Jun 10 04:01:02 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsWy31Pzz6gv7R for ; Wed, 10 Jun 2026 04:01:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsWy2DKbz3wCl for ; Wed, 10 Jun 2026 04:01:02 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064062; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=j1JhmSHEIEWLbGlgsgAcQoBmH64X/4BtonGccZNHzJ8=; b=qiM/3m0q9tdndvzC4QBmbCqK09jbELH+mCAoL8EmjMtCEA87r3uUrk/V6xhDMAuH7SHHjR w83kHokcu2nuxRDx0KFct3P/ovBZNUAJ7dojwLm9gZiSwYog4jzTJpnl7Wra1oxJQ6VPaT KT+RENKuoi0gm23V+HvQ+IGIH7X68XOXj1oXTCva2uOscMKYYKl0HaWHuKxlJx9iCWxKuQ O4rbkPFWHUev2k9uMe1WxlPinGQzBz1rmMnrY/ggYb6nficKfnOfl6mXZxOPIFvnSxCpCO YzxzEPhE8YiDHpmHb8yPVVECip1l+xjiEoRn/7egwlnwLJOvWdiuVpcA5TvYvQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064062; a=rsa-sha256; cv=none; b=iTdL/J/sqm9bK6PKJaU6E2P4VRjOl6yoULFbiRyZbEfEpWEva1SLz5uKCwkynAgvypBuEo 0s2lehtu5/G3QnjPC+1Mer4ExE8io0jDdnrz+2n2m1IY1NTiacpOb3LmzY0SB8FwiJfCPn rmqDV5DM91ZFeyKi17QBKQnf9tACpv4V9Yhu9Re2iKtYSZkGE99ak301ji8T3t1AwXiAK6 rVm8i2lu/C8Srmsh0lEuJ7OvY8yvijiT2sRpxCb1lSD8tCQ2MDJqz19b70ns0ueidH6Yha 41/s72bPVw+78HYBXYkSx2lu5mlC06O+cLGIfpkCIfJ52Ntqp9qpUzo5036YAA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064062; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=j1JhmSHEIEWLbGlgsgAcQoBmH64X/4BtonGccZNHzJ8=; b=f8MFRh0AQY2gE5QFqTpbvUv3p6NEJ+P5gLeyraeElV6mtY/3GtENcR4ghRg2Nazufc29ZN D3sb8xGXPos/75sMPlkFMOnqD4bh3XWPdK/WiWt9mKApl9aL2NTyX0e26HwNYVnBU/4LAR B+1Sz8MNHkTKu/nPl5bLK5eBtLcwrkkU7AT3z3x/3xWo9Tav890auO2g8gPRrqaozvzgTc f4Po7ryp6c/7YEF+0SRCbuzxtfOunmxBsJ4zflo08PDephSkdwmS/vI+F57UGDaS1GABEB gUYWcd0SQBNEHjlOdQc6VdtRdcrM0QEReIaqG1Sm1jCnD/FAGjoTEfPPJVk/lw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsWy1jxKz14PF for ; Wed, 10 Jun 2026 04:01:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 26765 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:02 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 3129ecee97c1 - stable/14 - ctld: kernel-sourced portal groups are not dummies List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 3129ecee97c1405fbb6eeab2e8b906b096eab1c9 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:02 +0000 Message-Id: <6a28e17e.26765.1b8f5325@gitrepo.freebsd.org> The branch stable/14 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=3129ecee97c1405fbb6eeab2e8b906b096eab1c9 commit 3129ecee97c1405fbb6eeab2e8b906b096eab1c9 Author: Kyle Evans AuthorDate: 2026-04-28 20:51:50 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:45 +0000 ctld: kernel-sourced portal groups are not dummies The current and historical versions of ctld would flag our initial set of kernel ports as dummies, because their portal groups were empty since portals come from the configuration on-disk. As a result, we would never try to remove a kernel port at startup that didn't exist in the configuration (possibly a feature if you wanted concurrent ctld(8)), and we would always try to port->kernel_add() on ports in the configuration (even if they actually did have an existing kernel port). Flag these portal groups as kernel groups so that we avoid trying to add ports that already exist. It may be the case that the kernel_remove() loop in conf::apply() needs to do something other than the current `oldport->is_dummy()` to avoid removing ports that it isn't supposed to be managing, but that wuld also seem to apply to LUNs that would be removed today. Reviewed by: jhb (cherry picked from commit d9c0594191f5c45d7f3c737350321ee59bfce9bf) --- usr.sbin/ctld/ctld.cc | 9 +++++++++ usr.sbin/ctld/ctld.hh | 1 + usr.sbin/ctld/kernel.cc | 2 ++ 3 files changed, 12 insertions(+) diff --git a/usr.sbin/ctld/ctld.cc b/usr.sbin/ctld/ctld.cc index c44c3726e74e..05734cde5a49 100644 --- a/usr.sbin/ctld/ctld.cc +++ b/usr.sbin/ctld/ctld.cc @@ -1136,11 +1136,20 @@ port_delete(struct port *port) free(port); } +/* + * Foreign portal groups (which only redirect to other targets), and portal + * groups without any active portals are considered dummies and ports belonging + * to such groups are ignored. However, portal groups that exist in the kernel + * prior to ctld starting will contain real ports but no portals, so these are + * never considered dummies. + */ bool port_is_dummy(struct port *port) { if (port->p_portal_group) { + if (port->p_portal_group->pg_kernel) + return (false); if (port->p_portal_group->pg_foreign) return (true); if (TAILQ_EMPTY(&port->p_portal_group->pg_portals)) diff --git a/usr.sbin/ctld/ctld.hh b/usr.sbin/ctld/ctld.hh index b1757f98ac81..a132965cd235 100644 --- a/usr.sbin/ctld/ctld.hh +++ b/usr.sbin/ctld/ctld.hh @@ -117,6 +117,7 @@ struct portal_group { struct auth_group *pg_discovery_auth_group; int pg_discovery_filter; bool pg_foreign; + bool pg_kernel; bool pg_unassigned; TAILQ_HEAD(, portal) pg_portals; TAILQ_HEAD(, port) pg_ports; diff --git a/usr.sbin/ctld/kernel.cc b/usr.sbin/ctld/kernel.cc index fdd290988ce0..809205c176ed 100644 --- a/usr.sbin/ctld/kernel.cc +++ b/usr.sbin/ctld/kernel.cc @@ -577,6 +577,8 @@ retry_port: log_warnx("portal_group_new failed"); continue; } + + pg->pg_kernel = true; } pg->pg_tag = port->cfiscsi_portal_group_tag; cp = port_new(conf, targ, pg); From nobody Wed Jun 10 04:01:03 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsWz4wxQz6gv7t for ; Wed, 10 Jun 2026 04:01:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsWz2jzYz3vrj for ; Wed, 10 Jun 2026 04:01:03 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064063; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gAEv4KKZUJZx8310mrYJoSbE50VCJwaICxfHMlpZk6M=; b=DDGHY1PyZN6r5YwKmILDbUZdY/ipgPIr8EgChau/YvMzDCUiWkC7Lqj2pK1KwMLLp3ZUdw E6uayzhD736MPoXPaGi0JJHY0tTO5uZL0mwkSicYCqThKPy87U64FO8G3sCawTZGDjCYgq B+8TjBKCHmD2HAzCJYQ0TjrA/l0MPagLNjg6aXXM4sf/SGTe20DWjXIE1PJcdm3EiQhyAn ZFu5CreCDKTp1gfeGvm09SKrjDRwaYPkCjGYUz3cuckgO4ZgSEGHFtxpqvWtRsTr3iZFW9 heNmpF6njwFwYpKN4dOM+J5tzzcirNFD+kmd83ECYOWpUuyrTfbM0uQAXYMHCA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064063; a=rsa-sha256; cv=none; b=Z/b7AYHPKP1Rti0AidM5YvXlGFWkjk+ZrwEbNeCQEvlvYwe5lG7yyI3+oP7kpLjwm0A9ef 2E9vO8hcvouc3f6dc5Q8Xy4AB/Vo2r9ycUs/DzGUu+E3fD6FWP6MXIDIVAoTENZIc/FrhK yPK0ZrXSqSBxV5sjfjl+I+F04brmveKIpU9qXoIO9NSRdcpc+z+FrnLz5u8ryHImy8WlwM gkmDQq4aF2Blq1rU41qu1eo1e+QH0ivUoXQN0zc3ye5TMHJmNAZW7E97W/TdAkcISJhfcM +SbmzeWaRapjpuTLzq+rpGYCD/H5HaOLq0HhMeNhQJvANDBiCRli0DPmUGClbA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064063; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gAEv4KKZUJZx8310mrYJoSbE50VCJwaICxfHMlpZk6M=; b=rVdUuukpMMyffzCtWfaKum8a9nu9ytzZItywcj0PR/z0F+JF2KZcY5v+rIrm1tk8lQrrsp Wa82RIC+Pf0MDuVBgrhH+S5tmNfaDnUIp6Yt5oIJKl9omiTDK/E904t83mL0cIklzEmWFU 6lJOFuJyH8zDBlM7eYEhn1VGF3QL9orFOAPOmRVO6kQd15VB7HievOB5EcC7niPK0EZCpW qRnRMtNN24oJejxwr3HMV7TyjVPlD0BJsb5VKum2U1zKBHyCIzxEJ+qlItUQZEck0tHlrL iiXcJASH9dby4THfFIpcODBbbgDv81YFojHEL43CwHYXlv70okuELbzZ0qWYYA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsWz2Fkgz14Rd for ; Wed, 10 Jun 2026 04:01:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 26660 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:03 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Chris Longros From: Kyle Evans Subject: git: 10b44bf791c9 - stable/14 - cron: log when a crontab path is too long List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 10b44bf791c9bb77dd2a9a2d9c510e671cefec50 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:03 +0000 Message-Id: <6a28e17f.26660.3b74d926@gitrepo.freebsd.org> The branch stable/14 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=10b44bf791c9bb77dd2a9a2d9c510e671cefec50 commit 10b44bf791c9bb77dd2a9a2d9c510e671cefec50 Author: Chris Longros AuthorDate: 2026-04-29 04:06:29 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:46 +0000 cron: log when a crontab path is too long Log via syslog when snprintf truncates the crontab path, instead of silently skipping the entry. Signed-off-by: Christos Longros Reviewed by: bcr, kevans (cherry picked from commit 91bfba010bcda665cc24a76af631cc85fcb0c688) --- usr.sbin/cron/cron/cron.8 | 11 +++++++++-- usr.sbin/cron/cron/database.c | 6 ++++-- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/usr.sbin/cron/cron/cron.8 b/usr.sbin/cron/cron/cron.8 index 23a295393df5..f1a6a30d4cb5 100644 --- a/usr.sbin/cron/cron/cron.8 +++ b/usr.sbin/cron/cron/cron.8 @@ -19,7 +19,7 @@ .\" .\" $Id: cron.8,v 1.2 1998/08/14 00:32:36 vixie Exp $ .\" -.Dd January 20, 2026 +.Dd April 29, 2026 .Dt CRON 8 .Os .Sh NAME @@ -227,7 +227,14 @@ configuration file for .It Pa /usr/local/etc/cron.d Directory for third-party package provided crontab files. .It Pa /var/cron/tabs -Directory for personal crontab files +Directory for personal crontab files. +Internally the daemon constructs the relative path +.Pa tabs/ Ns Ar filename , +which must fit within +.Dv MAXNAMLEN +bytes; in practice this allows filenames up to 250 bytes. +Longer entries are skipped and a diagnostic is logged via +.Xr syslog 3 . .El .Sh SEE ALSO .Xr crontab 1 , diff --git a/usr.sbin/cron/cron/database.c b/usr.sbin/cron/cron/database.c index 35e5fad3524d..234b5ef7fdd6 100644 --- a/usr.sbin/cron/cron/database.c +++ b/usr.sbin/cron/cron/database.c @@ -166,8 +166,10 @@ load_database(cron_db *old_db) fname[sizeof(fname)-1] = '\0'; if (snprintf(tabname, sizeof tabname, CRON_TAB(fname)) - >= sizeof(tabname)) - continue; /* XXX log? */ + >= (int)sizeof(tabname)) { + log_it("CRON", getpid(), "TABNAME TOO LONG", fname); + continue; + } process_crontab(fname, fname, tabname, &statbuf, &new_db, old_db); From nobody Wed Jun 10 04:01:04 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX1061Gz6gv3W for ; Wed, 10 Jun 2026 04:01:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsX03YLKz3w9L for ; Wed, 10 Jun 2026 04:01:04 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064064; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nukpWKFxK4ULsvoA7u+X1PntHPu03EyGcCG9esIB9Jo=; b=PUEKrJ+v6aF16q+2t8EFW3noJv86r9gaMYsXUWsDuZfqIfP92aXK6N65Ns1WRSqYsWzMsf 9x/Gtt6+/l4GuKWGWyyLrx4W389l1uVkvaea4ivlf3sBhO0CyiQ9yteKBCROVq5tIlj3NN TGiHdN10PpHPMHDZDhsQAkkOCVcenshjevNKx4h1kO/IlLidRozgVIHNR+TMWRothm7Env ftojH0FX0Xt8SRZsmQjI48E78G26kFYMq2CcuoKno8W9mbp2Hf4douALx/2AJKAs1gKR9c OA/gmzwJhSO/cwVBm2qV1kxyLvHP/Rtes2BMQKZkIzOcHGgCIZhgfzA9xA6YJg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064064; a=rsa-sha256; cv=none; b=WV4/kHudLbYgIXsasVkUp1IZQg+052t1VpnZpgSyVP2YDnsg45JdAYZJQzQOnrOYfR8gvV VaDpfM6iD0cORoRD1H7QbIls/iRIqQyBnkH0lsnvt0mXJCaZ5RaozlJ+NBvX7p1A1TafHF nO501bFjfFgijt3Lfjd2+4sf6dSfHsB48UStLIPhFmNY4NFco8Fk0tsSWzXuQ5fsTfNvVT QJ4UpPVBpn6EtsmbdzYiT1tXC3Ac7mUQYTXw4/CZ3B79CHHGfplBEDZmwuO2RTkHyVUO7l uknuj3lh9swHjq+UIbfkjCUEAnFoN9Qu1q6D0ylBwHqISyFSdSza8Reas52irw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064064; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nukpWKFxK4ULsvoA7u+X1PntHPu03EyGcCG9esIB9Jo=; b=lazyOjURq8iRqSQOltzgSDIyhmvnxEAw+CLv7PGFukxAbGVCW0S6OrgUo3i+2MJwR7S+Tl hovtkJjso+A+MLsg2Ih/8tdWuGPHJZKZilKt4HI3hxscR8d7Vzrk/8fcaebfFELjWJBX18 V2LmjRio4imBaPAPZY6bEu8BPn985klPrQi3M4EC4YgJ9ylisX86+57CT6hGw/aYHjjU/y YWUbkZ9Nb7mgBl7lE1qLKdLKv7TbfC3IfLrhtgNNOIgobJ+jhfrKkEa7tKZ6YyRLakIson 2rcR5f2GOM2PjQDbtwLDuVh4f+8W9v+2i/HMBCqGfPShw5HxE5VExDxCSCFpsg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX031Mlz1433 for ; Wed, 10 Jun 2026 04:01:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 26769 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:04 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 0de1f3a8aa7f - stable/14 - fexecve(2): call out a scenario where you want !O_EXEC List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 0de1f3a8aa7f5e99aa63bcd76dfa3fd7e017d295 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:04 +0000 Message-Id: <6a28e180.26769.25413336@gitrepo.freebsd.org> The branch stable/14 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=0de1f3a8aa7f5e99aa63bcd76dfa3fd7e017d295 commit 0de1f3a8aa7f5e99aa63bcd76dfa3fd7e017d295 Author: Kyle Evans AuthorDate: 2026-05-01 03:02:55 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:46 +0000 fexecve(2): call out a scenario where you want !O_EXEC We note a reason why you might need it, but there's an equally important reason you may need to omit it: interpreted programs. Add a note accordingly, along with the workaround configuration if there's reason you can't help it. PR: 294780 Reviewed by: Jan Bramkamp , kib (cherry picked from commit 9c18d55a768a3e60ecaba1325e9a3e00a25dee26) --- lib/libc/sys/execve.2 | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/lib/libc/sys/execve.2 b/lib/libc/sys/execve.2 index ca5dbd09beee..22ffa268b220 100644 --- a/lib/libc/sys/execve.2 +++ b/lib/libc/sys/execve.2 @@ -27,7 +27,7 @@ .\" .\" @(#)execve.2 8.5 (Berkeley) 6/1/94 .\" -.Dd January 26, 2022 +.Dd June 8, 2026 .Dt EXECVE 2 .Os .Sh NAME @@ -231,6 +231,17 @@ is to use the .Dv O_EXEC flag when opening .Fa fd . +Opening without +.Dv O_EXEC +may be necessary in the case of executing an interpreted program, as the +interpreter will not be able to acquire a descriptor to the script for reading +without mounting +.Xr fdescfs 4 +on +.Pa /dev/fd +with the +.Cm nodup +option. Note that the file to be executed can not be open for writing. .Sh RETURN VALUES As the From nobody Wed Jun 10 04:01:05 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX21m1Vz6gv8D for ; Wed, 10 Jun 2026 04:01:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsX14zNDz3wD5 for ; Wed, 10 Jun 2026 04:01:05 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064065; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=aFnQkW54pMVtWMcRhowHNK2MltFU4Zv9d9GHuopGals=; b=O/7AyAeiirhdSo0H5JF75bXnrP3Qikn0eRRW+r62GU5AVH3zyOIiWK7VDM0H0IunhwdRy8 gx/1sXXdgnMovPM+ff6YYZbQg26+3bOLGLiX2pKEoCo+puttv+yTBe6TXdFpHIJcYhn5aW Vw9CKmNLCdxa3jviV5cnMfe6tbnQZ/ayRH+bNogyldewKKhDyFSp7PjMP5thryKiTocQYE DC2XanX9yh3AKnvHSdBYHemB/4670QiZ1WTUfx/Z/x4Hyppqk9pc9x4idsZNN5G6PS0YcG 7r40mMBmvPVMb7d/d64wADb4G6ghR3aoj61nyKd7hiJnC2782nQ+TA/SjSde9g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064065; a=rsa-sha256; cv=none; b=hx4gTeU9HBNL5E0sl71QEFu+ZpZ5O9O97RgkGgosDlOz5Gl8aCvEnFxR7lQT+7p82cOd86 6ioWXEWzovZ+1KyNK0tDUvAJQvQSnkNAbboglzpNmwwkFa1qYMxEPHA2FiOlBWUELbRCTQ aetmoFg/11WIaph3B6ljpNajXlKlwSlhRAZI7Xtws/fQsT/aSnDbvcUsnqLRYacyEkY5FB HNEFm9geA2oone7HleWnpZr1OJhJG+2HRenJl/iMBkyaxMighuR6IDwlgdVhBsAGCXNGRC YxIIArcz70BPqAT86eIttWzY7ZwWv1b0UurUGr6xYUHWUicT05oRRVPwXGS3Pw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064065; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=aFnQkW54pMVtWMcRhowHNK2MltFU4Zv9d9GHuopGals=; b=bPI1CEFOmvz9u4pHTHcZfruRYBZmo8SfgRMO43CPEcQ7KEeCbLLqtqV4S+ThKi8wLNj9tJ bnqceEJeJLP30KNmhrUutapG9F107X4njqSCGQoOoK2spJvYaENs6REB6ohZUvbdUnmPQq yuXr52wJV8pi1R5JS0T/jEejL53qyhAh/1WCjw9JStPGeQAq57cl/zToEbm1m5aOIMlQtX 1555SD0IjweqmTLXKyWnp8S0GqtX93duhSjEuqBWcc1J1lQwT2s+srDqY8+124sFUryiOL qj8/1CBsyqOcpOXMYkaRgbj+tT8XbexV5L/kCWyl/7qNiAd5YoKpBKboB8Q1Ow== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX13m53z14VD for ; Wed, 10 Jun 2026 04:01:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 27a09 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:05 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Jan Bramkamp From: Kyle Evans Subject: git: ee07da0c1e95 - stable/14 - jail: open the fstab files with fopen("re") List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: ee07da0c1e95d307d5120ac6a8a0ea5ccb88e61b Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:05 +0000 Message-Id: <6a28e181.27a09.4a956053@gitrepo.freebsd.org> The branch stable/14 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=ee07da0c1e95d307d5120ac6a8a0ea5ccb88e61b commit ee07da0c1e95d307d5120ac6a8a0ea5ccb88e61b Author: Jan Bramkamp AuthorDate: 2026-05-06 23:28:53 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:47 +0000 jail: open the fstab files with fopen("re") This protects against accidentally leaking them past fork()+exec() in future refactorings. PR: 295052 Reviewed by: kevans (cherry picked from commit 58811b0ae096c134af372bcf475aea1d8d0e3c08) --- usr.sbin/jail/config.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/jail/config.c b/usr.sbin/jail/config.c index 5cf2e34a8340..e5aef24f6386 100644 --- a/usr.sbin/jail/config.c +++ b/usr.sbin/jail/config.c @@ -726,7 +726,7 @@ check_intparams(struct cfjail *j) TAILQ_FOREACH(s, &j->intparams[IP_MOUNT_FSTAB]->val, tq) { if (s->len == 0) continue; - f = fopen(s->s, "r"); + f = fopen(s->s, "re"); if (f == NULL) { jail_warnx(j, "mount.fstab: %s: %s", s->s, strerror(errno)); From nobody Wed Jun 10 04:01:07 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX41pwGz6gvWq for ; Wed, 10 Jun 2026 04:01:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsX364PRz3wDQ for ; Wed, 10 Jun 2026 04:01:07 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064067; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hX17wDD/B+ZUpRx6a2SLFbAY960AU2cExL+dV19kMUM=; b=hAjmuCp+6VTutouPqJet1iHdirN3wYOkRLngzmtE/STD+wBow16ticQ6/v//XJHU0vYBIg rbO7CiJ7h0DB2CJGn9hC43N/dVtswyzxx2h4kuWiQeBT2zj4hcFwrvvPJgFbJ1fFnUK0X8 i06hybBygg29LyKHQznqZTTKJGu/HLT6WI1Uu4/qK1C8o2bm+z0JzVMuMlu7u8Lt+Rar4c AV0iZFNkJ5l5cdzrJ4G+uuSd4e1iaXCKQXsd0bFXHbCGVA+fugIShJLQeBGJzIUgmBXT4R cF2fJ1jKfpN6NAI1Ce0lBYVCBeAYSoBrpCCqDdZd7X5Q3P8STzOqsHNFfiTWNQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064067; a=rsa-sha256; cv=none; b=lTL3m2xVFMf5JP+1fz45JCi4hxNLeAMIxETUWa5a/z3yAXsTwNb95VOnQDZMm9U20vcj4k 3B/Cx7gG3QxkaIPOBqMOvq3m/EapiuUKR6cqz/pnO6iEu0u06L3mOjTn9Mjlw4zr2Z0JvM O0It6lfwK2cgqkhFwTkM2+kaNhrjl1xGPGhk0L18wsB/8NOWwCx85qfPMXux4hkWbqkPs1 aRsinhnuPhIwXovSlo2aAr6LindsE0tcVCZScLahsxJRkks2CJ7jLjd0j9N9i6K4xi4vfO 9g7u6rZTm/S3z6o4HYGb4r8O0DUrhcgoCJgKa5E8utAax2pUJ2DZpxGXchZhRw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064067; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hX17wDD/B+ZUpRx6a2SLFbAY960AU2cExL+dV19kMUM=; b=v/hp2bMmEqg4p1KXBt379k1y1164FJR39JX2EdXKanmPWknT7y8WCpzjd98QBud/g35waU jDOFRo1HTaZvleYVnFf01vJ9aE72bzzlai5OWxzqugqMUSTqshO/Ihdzefzfpa5Y9Vmo3G uo/7J154eeB0Db7SAtT4qoqfZGtyzphnDLUVsnIsZPcUCo6TLD1K4xTHlEe5ioqujC9uqj +x5xypUX39HHcUvcQgrE7/38M93fmoc/tb5jWKqFVTruZ9FqbJ2IYBfGlJdXp01ih7KU7h iDLA1ztvVLlHxuwY3rAVbGZlsIk85yL9XLNRlamb/QtyNwc7Hn+OlS0tx+oJkg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX35KKHz14VH for ; Wed, 10 Jun 2026 04:01:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 25e67 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:07 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 2db75e8df850 - stable/14 - linuxkpi: work with numpages > 1 in the set_pages_*() KPIs List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 2db75e8df85044a9865c62d44f4261041f2bbcbc Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:07 +0000 Message-Id: <6a28e183.25e67.19fe04ab@gitrepo.freebsd.org> The branch stable/14 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=2db75e8df85044a9865c62d44f4261041f2bbcbc commit 2db75e8df85044a9865c62d44f4261041f2bbcbc Author: Kyle Evans AuthorDate: 2026-05-19 03:22:21 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:47 +0000 linuxkpi: work with numpages > 1 in the set_pages_*() KPIs These calls are used for buddy pages at least in drm's ttm_pool, which leads to a panic when we invoke lowmem handlers and drm tries to shrink the pool. Cope with numpages > 1 by traversing the contiguous pages and executing the adjustment there, as well, as suggested by markj@. Previous versions have tried to use the corresponding `set_memory_*()` functions, but it is believed that not updating `md.pat_mode` breaks subsequent userspace mappings in ways that may result in things like screen tearing or other artifacts when running i915kms. This stabilized my amdgpu laptop running two VMs, chromium and a concurrent buildworld. Reviewed by: bz, markj (cherry picked from commit 67f7f2781daa9bd398b424ffe2bd0be67f37f03d) (cherry picked from commit 8dad29555a5807bf21941807752e1589e20312de) --- sys/compat/linuxkpi/common/include/asm/set_memory.h | 15 +++------------ sys/compat/linuxkpi/common/include/linux/page.h | 2 ++ sys/compat/linuxkpi/common/src/linux_page.c | 21 +++++++++++++++++++++ 3 files changed, 26 insertions(+), 12 deletions(-) diff --git a/sys/compat/linuxkpi/common/include/asm/set_memory.h b/sys/compat/linuxkpi/common/include/asm/set_memory.h index 1019aaf264a0..54a1311ef9a5 100644 --- a/sys/compat/linuxkpi/common/include/asm/set_memory.h +++ b/sys/compat/linuxkpi/common/include/asm/set_memory.h @@ -65,32 +65,23 @@ set_memory_wb(unsigned long addr, int numpages) static inline int set_pages_uc(struct page *page, int numpages) { - KASSERT(numpages == 1, ("%s: numpages %d", __func__, numpages)); - - pmap_page_set_memattr(page, VM_MEMATTR_UNCACHEABLE); - return (0); + return (lkpi_set_pages_attr(page, numpages, VM_MEMATTR_UNCACHEABLE)); } static inline int set_pages_wc(struct page *page, int numpages) { - KASSERT(numpages == 1, ("%s: numpages %d", __func__, numpages)); - #ifdef VM_MEMATTR_WRITE_COMBINING - pmap_page_set_memattr(page, VM_MEMATTR_WRITE_COMBINING); + return (lkpi_set_pages_attr(page, numpages, VM_MEMATTR_WRITE_COMBINING)); #else return (set_pages_uc(page, numpages)); #endif - return (0); } static inline int set_pages_wb(struct page *page, int numpages) { - KASSERT(numpages == 1, ("%s: numpages %d", __func__, numpages)); - - pmap_page_set_memattr(page, VM_MEMATTR_WRITE_BACK); - return (0); + return (lkpi_set_pages_attr(page, numpages, VM_MEMATTR_WRITE_BACK)); } static inline int diff --git a/sys/compat/linuxkpi/common/include/linux/page.h b/sys/compat/linuxkpi/common/include/linux/page.h index 37ab593a64e9..6f5f37d2fd0f 100644 --- a/sys/compat/linuxkpi/common/include/linux/page.h +++ b/sys/compat/linuxkpi/common/include/linux/page.h @@ -127,4 +127,6 @@ clflush_cache_range(void *addr, unsigned int size) } #endif +int lkpi_set_pages_attr(struct page *page, int numpages, vm_memattr_t ma); + #endif /* _LINUXKPI_LINUX_PAGE_H_ */ diff --git a/sys/compat/linuxkpi/common/src/linux_page.c b/sys/compat/linuxkpi/common/src/linux_page.c index 15b90eb3c470..3eb2fab03359 100644 --- a/sys/compat/linuxkpi/common/src/linux_page.c +++ b/sys/compat/linuxkpi/common/src/linux_page.c @@ -512,6 +512,27 @@ lkpi_arch_phys_wc_del(int reg) #endif } +int +lkpi_set_pages_attr(struct page *page, int numpages, vm_memattr_t ma) +{ + while (numpages-- > 0) { + /* + * pmap_page_set_memattr() would only update the DMAP mapping + * if it's a normal page, leaving the kernel map untouched. + */ + MPASS(page->object != kernel_object); + + /* + * pmap_page_set_memattr() sets page->md.pat_mode, which is + * crucial for future userspace mappings. + */ + pmap_page_set_memattr(page, ma); + page++; + } + + return (0); +} + /* * This is a highly simplified version of the Linux page_frag_cache. * We only support up-to 1 single page as fragment size and we will From nobody Wed Jun 10 04:01:06 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX33DQBz6gv7k for ; Wed, 10 Jun 2026 04:01:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsX25CWmz3w7X for ; Wed, 10 Jun 2026 04:01:06 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064066; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=m4QIWrNqdh7rVjpPtVDKmiOTjCXSIJF5zbRIIjfgpKI=; b=BSAySFanwr1Iwjhs4LVnuTgBWVcPfSgGmbLw+1sqOlRANepDambMFHesXuZEiiDF1ZLP5P HeW5bRFlvyqAqW3v1bWFfk80wHM9u/JHOtlckTFFFwqGIw/NjYAuG1bHn+isj245/w0lqo nBFTAIz+t21WfmVYWZ/GmTxLh798ObPzBRBtNxWG/zi+sMuATygoVG+6sVjGfRYUsV172q efMheC3wH1xYMkdBaK2OgVWkfhCqT8wBv5CuuwixYnLYpUZSTOeCvhLSCpPwjT1k2HdvA4 8IXJqVO9MM/MvL4lj8B+AMQn5POcxany3xe/8sHdL3PmUc3kZvwJMVumDtDxAw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064066; a=rsa-sha256; cv=none; b=BtANbizObM9+q3rBVwy2+PFqAE0EN27y8YSsjCP51LUut0ei5o8U/dEW2Vx2UvAQbbR/vR EdetiaajghmX6jUdrBE2b+w9E95KXMi8uYsQkS9s5+E9Biu7nMbPzaE4DZ+rCel992Uy4i It6QnA3kPz2jZa2Hdq/2WXDKkoN7L0Wx6u3WwP3N1GUZtefqox7VkiVgQh/xlb2+R5JhjC rwIVvKuQUt5TVgBrDOB1ejdUsOx35PZ1aYvKHwUQPPzLSkOvxmoB/b8+mw773wrZHQ0C8c WPB8DMn2jyRyre3u/UYzKb35Hks/Ol0Kz/a01YBF9IFOeEP08t6sOxKAY8JsmQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064066; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=m4QIWrNqdh7rVjpPtVDKmiOTjCXSIJF5zbRIIjfgpKI=; b=RW86HoG4Ou4ElzO599ksAkDPb81FZVM1QimDlljzDcnIR7koOoCHJ49nZN4XGvMZtbgCd8 7L7WXN3bTkNMm8cc7OR652vhMTkGTrkTTbhbvxqHUQZsvAsm161CBawobQYtxNsYsJOLGF WCiL7pBJgvMaSp5j6QQfcHubvcivsSUMe4qHTyP79IZQvJGf9M2le+6rERXgq0WBDehs2H 8ZdLneuXSbFEjGhh1dbwD7MgyXg7eY2F+3Sa55KkpCNlIdQSJ6BzqEcaU8DZhxhEtTeZJ1 n1ngWMViPpGJrkBv+oLK2jN1ZJ+Gj1lVlIO5gDkeHIHfAsVGUpJjBd/mp/o5fQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX24Xhbz14M2 for ; Wed, 10 Jun 2026 04:01:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 2748e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:06 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Marek Zarychta From: Kyle Evans Subject: git: 87224fa65140 - stable/14 - devd: Use PF_LOCAL instead of PF_INET List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 87224fa6514063d6fc1505ec95498f50cf8802d8 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:06 +0000 Message-Id: <6a28e182.2748e.1b0f82ca@gitrepo.freebsd.org> The branch stable/14 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=87224fa6514063d6fc1505ec95498f50cf8802d8 commit 87224fa6514063d6fc1505ec95498f50cf8802d8 Author: Marek Zarychta AuthorDate: 2026-05-07 01:28:08 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:47 +0000 devd: Use PF_LOCAL instead of PF_INET Avoid dependency on INET (IPv4) by using PF_LOCAL, allowing media check to work on systems without INET support. PR: 295045 Reviewed by: kevans (cherry picked from commit b2e4da0b53ad082768b8f6f83766e030fd00d02a) --- sbin/devd/devd.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sbin/devd/devd.cc b/sbin/devd/devd.cc index e4abf0e33fae..c00136a3f61b 100644 --- a/sbin/devd/devd.cc +++ b/sbin/devd/devd.cc @@ -370,7 +370,7 @@ media::do_match(config &c) retval = false; - s = socket(PF_INET, SOCK_DGRAM, 0); + s = socket(PF_LOCAL, SOCK_DGRAM, 0); if (s >= 0) { memset(&ifmr, 0, sizeof(ifmr)); strlcpy(ifmr.ifm_name, value.c_str(), sizeof(ifmr.ifm_name)); From nobody Wed Jun 10 04:01:08 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX52r8mz6gvHl for ; Wed, 10 Jun 2026 04:01:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsX46F9Yz3w5v for ; Wed, 10 Jun 2026 04:01:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064068; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WeyZLnWTj9b2BHquSH0NnFWjb4cod1+je4r+IMcdvmw=; b=WyMkRLoJXwCZWDEKD4A3bn7V5Yi2ym83eLPQOXYjl9tAUQ7KzDQ/nJkqHn13MiTsdeRTjb JLUCtPkEf9jDAzgzlkAs5T0+YmRt6YXUfkkUP3aYZOQkFprIGnj5MtnbXpGONhZT7KU90d UKjcxJhVDF6XWUj6HewCRSNmP5ZoZvnKk+KB0EjpNJGReok/B0MYrHim3HMSN9KCYngkOR vj7dK3bqlzYh41srnLq5xzYpgZEy9nKs04eNZ/L/pUrcw7bKJEo2QKP5U57bnhCqd9z9pr zg8/o/GHQH/EoUYpL2v0zUOUoAaRoQOxuwrxuSVFdbqrPcXvKWRucsCorJ/k6g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064068; a=rsa-sha256; cv=none; b=WjSHc/hQQwkt9kQYzValwvR3VHE9g4qP1JEn+wP+oU0r8/GpT8goBnhELsQyr4ejSpom4H Hs3cuHYux5RD09oNqj5tLm2Y0MekERs5tEsrUjUVy6jsK2b2gpDK+oB6AuI8A3DnZ2nCBu zbGKoQ3NZ9XQgEQzmC7Q/Up/x/r6JoMIkGW+IMmv2TToi9OZ9C1xfVi7aXhvC4HBGLlTb8 CIZ5aZbuR7QtmtTj53EiwKJskC7UQdJTyDaIbmf6aPtk555CZe805NsIXRLNw/CYGGjKtw UbKlTukDsb83dq9kA8ESkZM4+osBEPPut1aaNOZsHpAKd+e/OvabH61VNirwmQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064068; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WeyZLnWTj9b2BHquSH0NnFWjb4cod1+je4r+IMcdvmw=; b=soliEuY6kO63Q1Cyqdmupd/EG3E+XjhnCW1SZBDBVGGHhKtmlb+CFrPMKFjyhoGt9SfER8 M934h+ZfGMHElVwpy/37mKAgFStNmpNxgRJ2DIuXSmjqiwW1nMJllx09gMu81dX3x55a1o Pn1NF2On/Nv5f6ckf8meCzUdj3BfeXwCFrI/zQLivtUY4qNnbXQVJ9La4SOdzrjsXyH9SV dtrCclTEC1w8dmOqmS2KeyLfy5xjIjWjBg0B6ptoWk86lWPr4FP4AxpqwYLVRfepo7DSId XSlAHRgMNycT/OJ5/e5tob4K8pDiAzv1AZ2DRIk6VQzKlIxlXQ175K1eoWPeHg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX45qspz13hj for ; Wed, 10 Jun 2026 04:01:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 27b9e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:08 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 800c4034d201 - stable/14 - kern: ofw: provide ofw_bus_destroy_iinfo to teardown interrupt-map List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 800c4034d201034345be462de6f2f9178971fd92 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:08 +0000 Message-Id: <6a28e184.27b9e.4b268298@gitrepo.freebsd.org> The branch stable/14 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=800c4034d201034345be462de6f2f9178971fd92 commit 800c4034d201034345be462de6f2f9178971fd92 Author: Kyle Evans AuthorDate: 2026-05-09 02:42:50 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:48 +0000 kern: ofw: provide ofw_bus_destroy_iinfo to teardown interrupt-map For symmetry with ofw_bus_setup_iinfo, the next commits will use it to properly cleanup on failure in bcm2838_pci. Reviewed by: andrew (cherry picked from commit b230a7b9a52c0fc948f4f1dcd1225a94674073f6) --- sys/dev/ofw/ofw_bus_subr.c | 12 ++++++++++++ sys/dev/ofw/ofw_bus_subr.h | 1 + 2 files changed, 13 insertions(+) diff --git a/sys/dev/ofw/ofw_bus_subr.c b/sys/dev/ofw/ofw_bus_subr.c index a21c5fa2735b..adc5ccdf1869 100644 --- a/sys/dev/ofw/ofw_bus_subr.c +++ b/sys/dev/ofw/ofw_bus_subr.c @@ -349,6 +349,18 @@ ofw_bus_setup_iinfo(phandle_t node, struct ofw_bus_iinfo *ii, int intrsz) } } +void +ofw_bus_destroy_iinfo(struct ofw_bus_iinfo *ii) +{ + + if (ii->opi_imapsz > 0) { + OF_prop_free(ii->opi_imapmsk); + ii->opi_imapsz = 0; + } + + OF_prop_free(ii->opi_imap); +} + int ofw_bus_lookup_imap(phandle_t node, struct ofw_bus_iinfo *ii, void *reg, int regsz, void *pintr, int pintrsz, void *mintr, int mintrsz, diff --git a/sys/dev/ofw/ofw_bus_subr.h b/sys/dev/ofw/ofw_bus_subr.h index 1a33d7655f77..2e13f29a67f6 100644 --- a/sys/dev/ofw/ofw_bus_subr.h +++ b/sys/dev/ofw/ofw_bus_subr.h @@ -86,6 +86,7 @@ bus_get_device_path_t ofw_bus_gen_get_device_path; /* Routines for processing firmware interrupt maps */ void ofw_bus_setup_iinfo(phandle_t, struct ofw_bus_iinfo *, int); +void ofw_bus_destroy_iinfo(struct ofw_bus_iinfo *); int ofw_bus_lookup_imap(phandle_t, struct ofw_bus_iinfo *, void *, int, void *, int, void *, int, phandle_t *); int ofw_bus_search_intrmap(void *, int, void *, int, void *, int, void *, From nobody Wed Jun 10 04:01:09 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX63Dv9z6gv8P for ; Wed, 10 Jun 2026 04:01:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsX56HwCz3w19 for ; Wed, 10 Jun 2026 04:01:09 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064069; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZOw81gdieOO+3Q2tdRBNJ78ti7ubUtrt6rMF1E030vM=; b=SsQI0xlX03IYff4LBQkz0kYf5EHif2kw3MuUq3vPOqI8yh2GVeyFXvIaVmV+TcK08bz1Kb 19UoETZ3elIASX7a+ykS952UqwBr8OHB/r8m3CIUEftPlgGE94+o8dVWJZGCtSlsWE/LDJ zd24vFTps5BRu2G5fOuaM6BT1mQ+jg0ts/syhBaR+vvFzdYGLZQU1JCSXx6qkwui25PNxl UMbQHfYUuXgvTgw89HQcjzDjdzVzn2WXzRvZjCH/HtpB9Zsg8+0QHM/nWjTzhxw7U4icsY PVLqIblhs82ogUiyQe4ycL3FqV+seCjA7mb/BIPFWG88pIebKwDfl1hCOCA66Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064069; a=rsa-sha256; cv=none; b=oxEqokJVdJI6+nrJx9iAXhY3F3X2tPMYXSjcvhKdzFyJiV8ijwkJBVov8i25icu2LNHZjO 6JbqZFtr6TP9ukflUimjS0u+JqjNrFFl9vspBpOG+zIaCurU2fKVIWitwAWhbxVKEcHfjR I40wTL7qWw84MonCnJZCTQYqvkmQRta8CjKfVDJiaHjy4RLtTJeD87PZUdxOkc0JzFtPYJ S4yJd54Im6jbfpVxmnXEw0ofN1wgWed8uw34G6sZD5iqNH6IROVnCNtSYZGXE42N9ns4Pm 4hkHmEMcTsCEqJCRNw/C5hYrK1hpizWkE2mneDNiap562DhWfKEx7GRA3e84XQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064069; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZOw81gdieOO+3Q2tdRBNJ78ti7ubUtrt6rMF1E030vM=; b=ECGW/y4zXD8qm/o+EjbQZHzKlud0mSAlERZp1EP8NZe92eJrwX2IEEKKdTz//M5SKqgxBK PESlIuFR5hFGUwzNHWKItI42UIuCdWnpNBLRXf6gCZbs2+PmYBWYpsBXnDO12AzzI918M+ ZVPxfCKduHnivqtB+/8lxx/TWemkNpxsBNOtBaE2CHvN3YK1qYror96hOhnF70R8b64Uxp 4ZPYvoJUyujJTfm5Q73wYhaP59jH6XMXNcT1YuwizzHuMcQbbkKijA7ThYJIGHH74N9/mD tmQeXYWkgpFh4SEQdX1iavTzfUZAhLHH3Jy81ddaWAVHpw+C9Dz1h5EcJ/gC9A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX55s67z14BQ for ; Wed, 10 Jun 2026 04:01:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 27f04 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:09 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 4a56809bb9eb - stable/15 - ctld: kernel-sourced portal groups are not dummies List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 4a56809bb9eb59084025af83b5e3fe4e4478f143 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:09 +0000 Message-Id: <6a28e185.27f04.7ba781d0@gitrepo.freebsd.org> The branch stable/15 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=4a56809bb9eb59084025af83b5e3fe4e4478f143 commit 4a56809bb9eb59084025af83b5e3fe4e4478f143 Author: Kyle Evans AuthorDate: 2026-04-28 20:51:50 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:35 +0000 ctld: kernel-sourced portal groups are not dummies The current and historical versions of ctld would flag our initial set of kernel ports as dummies, because their portal groups were empty since portals come from the configuration on-disk. As a result, we would never try to remove a kernel port at startup that didn't exist in the configuration (possibly a feature if you wanted concurrent ctld(8)), and we would always try to port->kernel_add() on ports in the configuration (even if they actually did have an existing kernel port). Flag these portal groups as kernel groups so that we avoid trying to add ports that already exist. It may be the case that the kernel_remove() loop in conf::apply() needs to do something other than the current `oldport->is_dummy()` to avoid removing ports that it isn't supposed to be managing, but that wuld also seem to apply to LUNs that would be removed today. Reviewed by: jhb (cherry picked from commit d9c0594191f5c45d7f3c737350321ee59bfce9bf) --- usr.sbin/ctld/ctld.cc | 15 +++++++++++++++ usr.sbin/ctld/ctld.hh | 2 ++ usr.sbin/ctld/kernel.cc | 4 ++++ 3 files changed, 21 insertions(+) diff --git a/usr.sbin/ctld/ctld.cc b/usr.sbin/ctld/ctld.cc index 331c029e282e..6ec64cc253d6 100644 --- a/usr.sbin/ctld/ctld.cc +++ b/usr.sbin/ctld/ctld.cc @@ -591,9 +591,18 @@ conf::find_transport_group(std::string_view name) return (it->second.get()); } +/* + * Foreign portal groups (which only redirect to other targets), and portal + * groups without any active portals are considered dummies and ports belonging + * to such groups are ignored. However, portal groups that exist in the kernel + * prior to ctld starting will contain real ports but no portals, so these are + * never considered dummies. + */ bool portal_group::is_dummy() const { + if (pg_kernel) + return (false); if (pg_foreign) return (true); if (pg_portals.empty()) @@ -710,6 +719,12 @@ portal_group::set_foreign() pg_foreign = true; } +void +portal_group::set_kernel() +{ + pg_kernel = true; +} + bool portal_group::set_offload(const char *offload) { diff --git a/usr.sbin/ctld/ctld.hh b/usr.sbin/ctld/ctld.hh index 3bf18f6a32c0..2e1ee7869ceb 100644 --- a/usr.sbin/ctld/ctld.hh +++ b/usr.sbin/ctld/ctld.hh @@ -220,6 +220,7 @@ struct portal_group { bool set_dscp(u_int dscp); virtual bool set_filter(const char *str) = 0; void set_foreign(); + void set_kernel(); bool set_offload(const char *offload); bool set_pcp(u_int pcp); bool set_redirection(const char *addr); @@ -248,6 +249,7 @@ protected: enum discovery_filter pg_discovery_filter = discovery_filter::UNKNOWN; bool pg_foreign = false; + bool pg_kernel = false; bool pg_assigned = false; std::list pg_portals; std::unordered_map pg_ports; diff --git a/usr.sbin/ctld/kernel.cc b/usr.sbin/ctld/kernel.cc index f2bdf53bd3ee..d1210079ca1a 100644 --- a/usr.sbin/ctld/kernel.cc +++ b/usr.sbin/ctld/kernel.cc @@ -483,6 +483,8 @@ add_iscsi_port(struct kports &kports, struct conf *conf, log_warnx("Failed to add portal-group \"%s\"", pg_name); return; } + + pg->set_kernel(); } pg->set_tag(port.cfiscsi_portal_group_tag); if (!conf->add_port(targ, pg, port.port_id)) { @@ -520,6 +522,8 @@ add_nvmf_port(struct conf *conf, const struct cctl_port &port, tg_name); return; } + + pg->set_kernel(); } pg->set_tag(port.portid); if (!conf->add_port(targ, pg, port.port_id)) { From nobody Wed Jun 10 04:01:10 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX73BwDz6gv55 for ; Wed, 10 Jun 2026 04:01:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsX673KPz3w6K for ; Wed, 10 Jun 2026 04:01:10 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064071; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=QF8lLSfRPZvN9j7j0gqtfuKXzFN+eJYq1UwaqmRAEVM=; b=t0mfoNiZRz+Pnjivf6N1VHCG9TSHVFgZzwDSs3yGe5cI91ei4B1n5VyNeS8UOyp5bN03NX Q+p6AhJ9zCUwgfjSgdTpl1jqYti26zze+HsWw2BcFX2Ya8WVer9KDhRZzzZ31iHWrGnCVG LjfxeyzG25Ef7YoGXoX8SISWrDt3v0fCPZMg9nDQNVcib/Ww07KPxBbYlw8B/CBzEcIRzb ux7dE3MhgLdw8jjmcE9rFGDKYWWs9r1i7D0CQZ3r58i4lA2J238QEPtHoykqDs0sTf8ieK NYIg7ZckFGUFLV9+HgaPcd5OddZ9qqgPlXCnlwKHiDQaUh98HSWRMOMm27347g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064071; a=rsa-sha256; cv=none; b=lUnIPKPkxsPvzuWOsII5t207Em027Y46XTkgqbS6lLX90IvXICGUx6fwrzxjg+zy6Y8Q+t GRe8kJiJ7WljkPuvZtK4em4n8fXz558vXutb1LP8eIog5i2zf4gtz1K9kr8NVydvuiTmgw N+xIspIxt2l05oTh56F21CRfUuiybjeXnxobVMJtpDfsrxTn/+dCpJEmU7jKBUEDjK9HM/ HeNRKo5QehZMRo9T237Z9b0PkoVe+rtw6d/aIwDh2JJm77HM+ndeh/UwS0zY+I9NW35Ma4 jBQMWPzKJCRxpqSJ+Y+vBUfv3jOUjLVWpZk31mKsmYjWRzZZvmoHD5pO1zgEmA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064071; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=QF8lLSfRPZvN9j7j0gqtfuKXzFN+eJYq1UwaqmRAEVM=; b=EJUqgvs6OnjBuhEG5CwB3V4ysfJbYZf7zurybP9VoOVbiBeh+UcJ+Bmog/cbHIUpHQ3O9b L6tERYWLpw0WFFFct9dQ9iEha3puq7b2JgbY6K8lL+WYgFa+IhL1y86MOcjwH7FbpTKnvj uWU0bElhbe36z/b6N3wfF2ogXP4wTdCBT6t2OL/CKLk31FaoozNSOkTrzKfrjuLv2Lir+R n+mzL9n3lUBm+z/V+i0yBln9UyJSveQMweNzW3D99mU24slHd9Jf5jeCwyVYjEcEp4EIl1 0msif67Nuw+5V208tGKsSF7XCbVTnLz8PhUHiXszMbouS5KmBEL7Aaar0AMOug== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX66Xl1z14PR for ; Wed, 10 Jun 2026 04:01:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 264d0 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:10 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Chris Longros From: Kyle Evans Subject: git: 2edb8d4f60cd - stable/15 - cron: log when a crontab path is too long List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 2edb8d4f60cd66979c0b8a76c2ccbc33dac462ad Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:10 +0000 Message-Id: <6a28e186.264d0.44a55788@gitrepo.freebsd.org> The branch stable/15 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=2edb8d4f60cd66979c0b8a76c2ccbc33dac462ad commit 2edb8d4f60cd66979c0b8a76c2ccbc33dac462ad Author: Chris Longros AuthorDate: 2026-04-29 04:06:29 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:35 +0000 cron: log when a crontab path is too long Log via syslog when snprintf truncates the crontab path, instead of silently skipping the entry. Signed-off-by: Christos Longros Reviewed by: bcr, kevans (cherry picked from commit 91bfba010bcda665cc24a76af631cc85fcb0c688) --- usr.sbin/cron/cron/cron.8 | 11 +++++++++-- usr.sbin/cron/cron/database.c | 6 ++++-- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/usr.sbin/cron/cron/cron.8 b/usr.sbin/cron/cron/cron.8 index 23a295393df5..f1a6a30d4cb5 100644 --- a/usr.sbin/cron/cron/cron.8 +++ b/usr.sbin/cron/cron/cron.8 @@ -19,7 +19,7 @@ .\" .\" $Id: cron.8,v 1.2 1998/08/14 00:32:36 vixie Exp $ .\" -.Dd January 20, 2026 +.Dd April 29, 2026 .Dt CRON 8 .Os .Sh NAME @@ -227,7 +227,14 @@ configuration file for .It Pa /usr/local/etc/cron.d Directory for third-party package provided crontab files. .It Pa /var/cron/tabs -Directory for personal crontab files +Directory for personal crontab files. +Internally the daemon constructs the relative path +.Pa tabs/ Ns Ar filename , +which must fit within +.Dv MAXNAMLEN +bytes; in practice this allows filenames up to 250 bytes. +Longer entries are skipped and a diagnostic is logged via +.Xr syslog 3 . .El .Sh SEE ALSO .Xr crontab 1 , diff --git a/usr.sbin/cron/cron/database.c b/usr.sbin/cron/cron/database.c index 35e5fad3524d..234b5ef7fdd6 100644 --- a/usr.sbin/cron/cron/database.c +++ b/usr.sbin/cron/cron/database.c @@ -166,8 +166,10 @@ load_database(cron_db *old_db) fname[sizeof(fname)-1] = '\0'; if (snprintf(tabname, sizeof tabname, CRON_TAB(fname)) - >= sizeof(tabname)) - continue; /* XXX log? */ + >= (int)sizeof(tabname)) { + log_it("CRON", getpid(), "TABNAME TOO LONG", fname); + continue; + } process_crontab(fname, fname, tabname, &statbuf, &new_db, old_db); From nobody Wed Jun 10 04:01:09 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX63D0Bz6gv4q for ; Wed, 10 Jun 2026 04:01:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsX56dCmz3vxl for ; Wed, 10 Jun 2026 04:01:09 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064069; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ssbL/A1jMOVS7Z+GuzWsMpIIutIy4hfrRhY16LIyuJo=; b=H1QBBcu62pGxUoaNHkI3iHRIlgUU7oljU1uR3zA0m4XeWl3mk120I9I75ZxkJ591LpaKU6 h6CmNLBHj93Enh3/gS/JRk/Jxmvvtb9jsgObb/zAAU2mxTB0r6zdLT4iG72733odj9l+rS m4vur4+QCDLXC6Dif2lwbUa5USejEHBO7JIx/fWKBEM8/CqyRc+XTO1drhaBSQqsorMX43 +p+rrtkg/zmPDdx+eNBRcvqLzBAxQf7ZH9WixaEAX4iToc2Y8qq4GPdPQxVvfMbMAqbtTZ DzKcqVDLXAZR5tT1zSUFsJXWZCTHtwT2P+M2F3Jivd71TzgGCXeUAZld4vkBlw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064069; a=rsa-sha256; cv=none; b=rlgjAjvFRXw3nji0MYFWnn2enjJn7yGu4neg1W9hwVUk8c9Dm0WvwMJQIbcE38wUjw6Jo8 tc7zE+KeiH+URaEuXdQIWzqimbYCacv5/6FY9FBVxd5p5P5ioxMD7lWs4QlMdwogV9qn/z gA/5+QbZZDrNPcF4yGaYN9S+WjcOU+01tqybYJtbKGS4jqKw49hIiRj7qkQfVsoi0F2R5X U2p/NOLWysCb9bwgB5WhMFLzZHhF8lDmHy8Wjy1Ds2rNZQuZnlr+WsGAjX91ODbYUC461U aTGnZRJPrIUwzmwrKhxPKGtSbET48zFfWQyW+JzLdiPwMkGWMrIPOi/wCvANQw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064069; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ssbL/A1jMOVS7Z+GuzWsMpIIutIy4hfrRhY16LIyuJo=; b=GPsBc0INaY+szWUbqwNUoAFBVetR0NTIu6MmLvJiRA4YeMEjTdj3wSabP53o8wFJwHP0c6 HAol7nqZr12KjdinsxTFqvTMHm1k+4roSVeXrm+TrDD16xJVIuLtJ1hFlP16EfgCt5pbOK XoF95LCZMuNIUdvZ8Mzh7vIosEDvmqDb9S9C0dvFzaKKB3BQK1+Aay+UCmk3XI76XyMXhL PHuPz+mljNy5U2qvCPU+3ZNihR6oHyTeKf5wDaK9hcEj6D5nBAv59sMMl6ivBPvUnobQ/8 mllhpOSNAKcba71bG3A3UzGiyLohwmy55n0r3t7pw8Zev578hl1VtpvfBRmwHA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX56BjZz14M4 for ; Wed, 10 Jun 2026 04:01:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 2645e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:09 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 1f7337264f7d - stable/14 - pci: pci_host_generic: provide cleanup methods outside of detach List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 1f7337264f7d03578f8f16dc84b1707639cc7116 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:09 +0000 Message-Id: <6a28e185.2645e.63ef8b71@gitrepo.freebsd.org> The branch stable/14 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=1f7337264f7d03578f8f16dc84b1707639cc7116 commit 1f7337264f7d03578f8f16dc84b1707639cc7116 Author: Kyle Evans AuthorDate: 2026-05-09 02:46:24 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:48 +0000 pci: pci_host_generic: provide cleanup methods outside of detach If device_attach() fails, we're expected to actually cleanup after ourselves because device_detach() will not be called. Factor out the cleanup bits that don't rely on attach having actually succeeded so that we can cleanup properly in bcm2838_pci. Reviewed by: andrew, imp (cherry picked from commit 31a94ec32b53ebf6227bc868ce4f7aa07650680d) --- sys/dev/pci/pci_host_generic.c | 15 +++++++++++---- sys/dev/pci/pci_host_generic.h | 1 + sys/dev/pci/pci_host_generic_fdt.c | 19 +++++++++++++++++++ sys/dev/pci/pci_host_generic_fdt.h | 1 + 4 files changed, 32 insertions(+), 4 deletions(-) diff --git a/sys/dev/pci/pci_host_generic.c b/sys/dev/pci/pci_host_generic.c index 0fa663c12a56..600aa7bed7f9 100644 --- a/sys/dev/pci/pci_host_generic.c +++ b/sys/dev/pci/pci_host_generic.c @@ -250,15 +250,22 @@ err_resource: int pci_host_generic_core_detach(device_t dev) { - struct generic_pcie_core_softc *sc; - int error, rid, tuple; - - sc = device_get_softc(dev); + int error; error = bus_generic_detach(dev); if (error != 0) return (error); + return (pci_host_generic_core_free(dev)); +} + +int +pci_host_generic_core_free(device_t dev) +{ + struct generic_pcie_core_softc *sc; + int rid, tuple; + + sc = device_get_softc(dev); for (tuple = 0; tuple < MAX_RANGES_TUPLES; tuple++) { rid = sc->ranges[tuple].rid; if (sc->ranges[tuple].size == 0) { diff --git a/sys/dev/pci/pci_host_generic.h b/sys/dev/pci/pci_host_generic.h index 2d15f06890db..ad2b55c29a7f 100644 --- a/sys/dev/pci/pci_host_generic.h +++ b/sys/dev/pci/pci_host_generic.h @@ -94,6 +94,7 @@ DECLARE_CLASS(generic_pcie_core_driver); int pci_host_generic_core_attach(device_t); int pci_host_generic_core_detach(device_t); +int pci_host_generic_core_free(device_t); struct resource *pci_host_generic_core_alloc_resource(device_t, device_t, int, int *, rman_res_t, rman_res_t, rman_res_t, u_int); int pci_host_generic_core_release_resource(device_t, device_t, int, int, diff --git a/sys/dev/pci/pci_host_generic_fdt.c b/sys/dev/pci/pci_host_generic_fdt.c index 05e77f46032f..b0ae82a67292 100644 --- a/sys/dev/pci/pci_host_generic_fdt.c +++ b/sys/dev/pci/pci_host_generic_fdt.c @@ -104,6 +104,25 @@ generic_pcie_fdt_probe(device_t dev) return (ENXIO); } +void +pci_host_generic_destroy_fdt(device_t dev) +{ + struct generic_pcie_fdt_softc *sc; + struct pci_ofw_devinfo *di; + + sc = device_get_softc(dev); + while (!STAILQ_EMPTY(&sc->pci_ofw_devlist)) { + di = STAILQ_FIRST(&sc->pci_ofw_devlist); + STAILQ_REMOVE_HEAD(&sc->pci_ofw_devlist, pci_ofw_link); + + ofw_bus_gen_destroy_devinfo(&di->di_dinfo); + free(di, M_DEVBUF); + } + + ofw_bus_destroy_iinfo(&sc->pci_iinfo); + (void)pci_host_generic_core_free(dev); +} + int pci_host_generic_setup_fdt(device_t dev) { diff --git a/sys/dev/pci/pci_host_generic_fdt.h b/sys/dev/pci/pci_host_generic_fdt.h index cc6e575f6056..790f781b23f0 100644 --- a/sys/dev/pci/pci_host_generic_fdt.h +++ b/sys/dev/pci/pci_host_generic_fdt.h @@ -46,6 +46,7 @@ DECLARE_CLASS(generic_pcie_fdt_driver); struct resource *pci_host_generic_alloc_resource(device_t, device_t, int, int *, rman_res_t, rman_res_t, rman_res_t, u_int); int pci_host_generic_setup_fdt(device_t); +void pci_host_generic_destroy_fdt(device_t); int pci_host_generic_fdt_attach(device_t); int generic_pcie_get_id(device_t, device_t, enum pci_id_type, uintptr_t *); From nobody Wed Jun 10 04:01:11 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX83P7nz6gv5Z for ; Wed, 10 Jun 2026 04:01:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsX80HYpz3w8Q for ; Wed, 10 Jun 2026 04:01:12 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064072; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=BSFguV6Tm064NtEG3uEiaL7fesz/Z86Za38lrvgDdN0=; b=UktGk3Yzo7S/3+1+6XkSlRAqDAEuHohKK3QeQiV5lDFkKU+foDPG7+rSky21a+DUoSJVgu xPv2kNf8GYgr/iMkb4i1sfG1K45Qwp6WNjE9PvUdepG70k5Lql/cEEGfTdU9n7irbxvWMM YxxQOfc0HaSN0LgknPmWewfk0rmIbVIhMMjZZ/GrYFaNPTcK/TEE+biDIeSw09RXPEaer8 TwiyfkP+TpA5IvPJFK657k6bCbwFm6MgURJkSahgrCv0jEIU583QcqA4ztUGKSkR4ZOMj0 aoRrTIxWJD4ak5Z7Dmu6Fm0Ba83gZxdLBWfRFphx+gg3g0ntRM4bM5h+eunfog== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064072; a=rsa-sha256; cv=none; b=UekQxlQgOlTVcfeKw3QAx/y8xjmkFXGiWX4ntcz7cgFTishb2oo2H3oEqAypzJ1KtqRdHC Vf2FPzwTQET+UCDWh1DnDZeTKJ7cu13PLmQ3Pi6gzVTyXOlehJJYqysRNSYybOpU7aRUES MCTKTE1a6MGPljWnSIFo2XYnEgPWoWohfXTni0+oKkMPQZzM2bNIiKuM14K01xvsDrqNcI eRb/yg7HghqdFxLEMzOPLUQz9v9LRY/mpGhsBSM0JqKAuvqxwlS6L2s9hkoPKdThug5DHi qNFdOeYHOMGbHoS1VxR8Bt0qvXzkc3v5q/Db7VqJEl7806VhDUxzBEBrJjhN6g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064072; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=BSFguV6Tm064NtEG3uEiaL7fesz/Z86Za38lrvgDdN0=; b=comdgh1LrL19bwCfDCuivUoJ6KQyZylhrRL4xbiB16vNzGb0kZzNR8I7rRhPLbtqK4zNbO y4PaA0C5GlMK3DP7xmdxC1Yp6tszUIWQDHOsZCOuZ9WcURkfI3TaftVUj9PLj2PBexKeV4 i2A95rFjSL/svwIwGJm+Yyq7a28OIeYrnw6/cOI0EkrHS8Vm3mHgI4gecwm9usVZlZks/+ 0WSkqnfysuyKZq0KndbMRe8LjpgneygR78eTZnZksIwr9aCA/09DRK7dA0ZadObBwqA9Jj yP2xP+vCnOWG4Q2SJ3VwBERqCVWaRBbNkTh1bqWcNAWCY/nuFm30s0cc0XlgXw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX76rDkz14dh for ; Wed, 10 Jun 2026 04:01:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 25e6b by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:11 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 52e2e6bfc31a - stable/15 - ssp: fix our gets_s implementation under _FORTIFY_SOURCE List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 52e2e6bfc31a54e53109978434bc8c43005aa367 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:11 +0000 Message-Id: <6a28e187.25e6b.65fd6282@gitrepo.freebsd.org> The branch stable/15 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=52e2e6bfc31a54e53109978434bc8c43005aa367 commit 52e2e6bfc31a54e53109978434bc8c43005aa367 Author: Kyle Evans AuthorDate: 2026-05-01 02:57:51 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:35 +0000 ssp: fix our gets_s implementation under _FORTIFY_SOURCE Annex K specifies an interface for handling constraint violations from gets_s, but we previously broke this for some classes of get_s misuse. Provide a more nuanced version that tries to dodge errors that would trigger a constraint handler while still providing value. Notably, we don't want to trigger a failure unless the passed-in length reasonably fits within an RSIZE_MAX, because gets_s will immediately call larger lengths bogus and fail. PR: 294881 Reviewed by: markj (cherry picked from commit d98f4f0698ef0c5178882c544b4c38542d4780f0) --- include/ssp/stdio.h | 30 +++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/include/ssp/stdio.h b/include/ssp/stdio.h index 630683951e4b..17bda8d3ee2d 100644 --- a/include/ssp/stdio.h +++ b/include/ssp/stdio.h @@ -36,6 +36,10 @@ #include +#if __SSP_FORTIFY_LEVEL > 0 && __EXT1_VISIBLE +#include +#endif + __BEGIN_DECLS #if __SSP_FORTIFY_LEVEL > 0 #if __POSIX_VISIBLE @@ -51,7 +55,31 @@ __ssp_redirect(size_t, fread, (void *__restrict __buf, size_t __len, __ssp_redirect(size_t, fread_unlocked, (void *__restrict __buf, size_t __len, size_t __nmemb, FILE *__restrict __fp), (__buf, __len, __nmemb, __fp)); #if __EXT1_VISIBLE -__ssp_redirect(char *, gets_s, (char *__buf, rsize_t __len), (__buf, __len)); +__ssp_redirect_raw_impl(char *, gets_s, gets_s, + (char *buf, rsize_t len)) +{ + char *retbuf; + size_t bufsz; + int need_fail = 0; + + /* + * If we would have overwritten our buffer, we want to fail the check + * only if these arguments wouldn't have triggered a constraint + * violation. + */ + bufsz = __ssp_bos(buf); + if (bufsz != (size_t)-1 && (size_t)len > bufsz) { + if (len <= RSIZE_MAX) + __chk_fail(); + need_fail = 1; + } + + retbuf = __ssp_real(gets_s)(buf, len); + if (need_fail && retbuf != NULL) + __chk_fail(); + return (retbuf); +} + #endif /* __EXT1_VISIBLE */ __ssp_redirect_raw(char *, tmpnam, tmpnam, (char *__buf), (__buf), 1, __ssp_bos, L_tmpnam); From nobody Wed Jun 10 04:01:10 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX74tQbz6gvHn for ; Wed, 10 Jun 2026 04:01:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsX72czJz3w6N for ; Wed, 10 Jun 2026 04:01:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064071; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CR9mSDgO7eyEr0N+5kN/G0CTZi1gL5VtxxPz8wj0br8=; b=b7B0Fl/UR51PTkn4GJ0xY00vnrq2sW3buwXKKPqDp+OWcCadi9FmJM6pXlCqZfPwdiuX3R p+aHpCyGBFQSn/XRsw3CSMuSu+TrToCfiDaBdaTuWw1e7yqwGtaVyYaYMfqfqCbXzHPBox ++vn3UzSLRpq0seHvTW20QB3iRRwEdNe2lbM74VJ9KB6rFBMPhDqID2WmVQmbtvz+OscV0 JDK5np/r1elr9DTgvh0SI9ydRmCnzc2r8i1ds4X4XLg1azwHbCyE2zdKBkzBy5uJCC+TgW 6qjZUlfPNgw0PGFGDYYACp0yshNQxSFOHVRPqIhNcTL6TPeLVsD8Sd989U0rDA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064071; a=rsa-sha256; cv=none; b=dC0lKxB3WYzYTfuyYGpULbsHqqEBdCEsnHuwpWVxPbTt4WKK1NkrelVPLwuHIodWcr1lC6 Exbz7s7kYQAjJadQ8E16fiom9lAEvNE2qWmlGdTn28FjfA6qB48HoG9O7x6SnU51ujIlOA HvbxMr1vygmZRB8Q2Q5lHgh+A0MOYGhnIwo1ddQc70fEgJC25Qom8NR45ynfWNxei0rWsl LL/owrlF0x+LIp+XCpY5tSd7+z/GNUdgWqQER3YMt0TLd5MvEl/tx8e6i4wbPEPohq1ikS LRRYQtnMRfKoBJHFt9/Li4Dh1smsTgpIUVfJvpGM7l/UdAC3bQLZ1bqRFGV/ag== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064071; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CR9mSDgO7eyEr0N+5kN/G0CTZi1gL5VtxxPz8wj0br8=; b=M58Vsn+swYk/e1FCE7dKkgQomsovF1CkOBj38pBV+ntgpE4lpE1QK5mxCr3CuYMgpLOydf nSJ/Tme8M211UTNz0QWMyFjGuG8yHRPy+VZ5JQbCUUpW7mpq0IjUk+0fHfWHZ8RGUeuhoi KMPJRjXPPHTCKNicj1o2Xucxb6A/VGvBVocoqMJai4EOUjSw4JfLs3ujW+TxQ0Ip3DHCqf MsVKgutIkSKXbHidid+VAAguX1y+IMDn+/7VfHhBIYmJizm51pLkLDKNG8PQK7kECE/XZc j8qMMgfMbdCFyI9RJwv4kbW8YODcBrHrsHduM1jQx5739V2nCKAeIhZBvY10iQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX66Zz0z14Bg for ; Wed, 10 Jun 2026 04:01:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 2676d by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:10 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: f25b4d986c94 - stable/14 - pci: bcm2838: cleanup on attach failure to fix devmatch panic List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: f25b4d986c949b3e0c0e20fe5cbcc42f0f004243 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:10 +0000 Message-Id: <6a28e186.2676d.1397815@gitrepo.freebsd.org> The branch stable/14 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=f25b4d986c949b3e0c0e20fe5cbcc42f0f004243 commit f25b4d986c949b3e0c0e20fe5cbcc42f0f004243 Author: Kyle Evans AuthorDate: 2026-05-09 02:49:35 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:49 +0000 pci: bcm2838: cleanup on attach failure to fix devmatch panic Specifically on the RPi CM4, we currently don't set the controller up right and it never moves into the ready state (we don't observe the link active bit). Failure to cleanup here actually results in a panic not long after, due to a use-after-free in the rman bits. Further down in pci_host_generic, we have some rman stashed in the softc that are initialized and placed onto the rman tailq, then the softc is later freed without an rman_fini() to pull them off of the tailq properly. Note that PCIe on this board won't come up at boot without something plugged in, so it currently can't be booted with an empty slot with the intent to hotplug a supported card. Some issues with controller startup have been observed with Broadcom NICs in the wild, but no problems have been observed with other NICs and a variety of different PCIe cards. Shout-out to Vince for the extensive debugging and analysis to arrive at this conclusion. Reviewed by: andrew, imp (cherry picked from commit a05af6ddf9016e4ea4f0b361aa674e7ece6fe7ec) --- sys/arm/broadcom/bcm2835/bcm2838_pci.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/sys/arm/broadcom/bcm2835/bcm2838_pci.c b/sys/arm/broadcom/bcm2835/bcm2838_pci.c index fb3e8df783c2..a6619f4f9112 100644 --- a/sys/arm/broadcom/bcm2835/bcm2838_pci.c +++ b/sys/arm/broadcom/bcm2835/bcm2838_pci.c @@ -647,7 +647,7 @@ bcm_pcib_attach(device_t dev) error = bcm_pcib_check_ranges(dev); if (error != 0) - return (error); + goto failed; mtx_init(&sc->config_mtx, "bcm_pcib: config_mtx", NULL, MTX_DEF); @@ -681,7 +681,8 @@ bcm_pcib_attach(device_t dev) if (tries > 100) { device_printf(dev, "error: controller failed to start.\n"); - return (ENXIO); + error = ENXIO; + goto failed; } DELAY(1000); @@ -691,7 +692,8 @@ bcm_pcib_attach(device_t dev) if (!link_state) { device_printf(dev, "error: controller started but link is not " "up.\n"); - return (ENXIO); + error = ENXIO; + goto failed; } if (bootverbose) device_printf(dev, "note: reported link speed is %s.\n", @@ -742,11 +744,14 @@ bcm_pcib_attach(device_t dev) /* Configure interrupts. */ error = bcm_pcib_msi_attach(dev); if (error != 0) - return (error); + goto failed; /* Done. */ device_add_child(dev, "pci", -1); return (bus_generic_attach(dev)); +failed: + pci_host_generic_destroy_fdt(dev); + return (error); } /* From nobody Wed Jun 10 04:01:11 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX83Qmyz6gv5b for ; Wed, 10 Jun 2026 04:01:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsX80rLyz3wJp for ; Wed, 10 Jun 2026 04:01:12 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064072; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zckJBWbMqahYmX9hWz/xf8OHOw+H5dpyu3EmcV3JCBc=; b=WpG0Q7wS01mbFFXy0uiOnYE/dtUHEBfyeLOjS/+Cw5TJigBPwZIZfuBg/fYKruWqW1fHUh ruU9bO91U2Oc+vABhfb3R6s5XPAomFCaiI4xCzQoic3E7woDLLVoH+0A1UWiRD9SjPmCGT nO4tryWYEbiW/5hxll3RT3HxrFC60oBA52l4syWHNxfaJolXn8eRcDjGzkfjF3KDtm7KRd CvRkmpPUz62PrGNVZ9qDA7F4zJK0dCoYUb9ZTpBpWy//6C27nY2zJtI9y/yCuEv+BOed+p RqqUXGey2EtS/VJYM+VrRaOz5coq8JMg6qkWnoCaNGBuOlo4OoQZIKDXNNd70Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064072; a=rsa-sha256; cv=none; b=VTLMekowmWwRPQKDeVq5PnXC5MCsJ1IJ6ZBpVN1LmtDPdB3Qm42Fv13ODEkgLnPRxxse9o gazD0aqLfz+YlCTmMUbr9bYxlP6su0v4cO5xUAfK/LZ2F1xrZmLLkPwTwr8GdK90Xcv1hg xqWkAr0w5CheRdjLgM+NrMRnmkmFoHgZVhHeIiB0htvZNx+mHXEOXGq9V64zdpGu4fM29r xImLJNJqzvbHvD4T/NrQpctGcJ3Qwcq3qAS9TCMBvpUsPng/j/5xa/kCjxkjmBuQ4RM7WR pE11shk80tOEvrXrXUS76iGoG2yBo8DPxKdp4SRQD/RR36NaSROLhuX8ufcXXQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064072; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zckJBWbMqahYmX9hWz/xf8OHOw+H5dpyu3EmcV3JCBc=; b=MzRFJs7ILWcqURGhWIlm0gDUhmoeAGOyfFx59ZzSnpu5f027ClKBk1gJ9rsW2ZwIbOPQ6n rOxXPGfqVEJjKzZsi2kVEe0H0LzR219srPnbzmtiZ6U+S5iHSNeshseZJDW+tiiWC0DSuz mTGioTNFvqgRrgrSvrdo49xqvW3sZSDiYUMnSDzyBcRFy3c/3NaSAsQ9fzBlk29xKut4KH JXcKDw2BUEFYBS80L/qEfwnB2+Gcwr2imFgc3J0t4BROEGQAdNWpn+CNLpPj1hUE1F1tvo Xm3HYmCD5ibxGQoKPtGuYdkV+J0bKNR3+06R/hpu68XfeQESPjJu76SadjvFxg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX80926z14PX for ; Wed, 10 Jun 2026 04:01:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 27a0e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:11 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: bddfcbd9bbc6 - stable/14 - lualoader: add be-list and be-switch commands List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: bddfcbd9bbc68fe11ce53954b7f82584cd5ee40b Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:11 +0000 Message-Id: <6a28e187.27a0e.37b163a6@gitrepo.freebsd.org> The branch stable/14 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=bddfcbd9bbc68fe11ce53954b7f82584cd5ee40b commit bddfcbd9bbc68fe11ce53954b7f82584cd5ee40b Author: Kyle Evans AuthorDate: 2026-06-04 13:57:16 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:49 +0000 lualoader: add be-list and be-switch commands This is useful for driving BE changes from the loader command prompt, rather than having to use the menu. Note that the active carousel in the boot environment carousel doesn't currently reflect a switch in boot environments done this way- I'm considering this only a minor bug, as you probably can't or won't go back to the menu if you're using these commands. Reviewed by: imp (previous version) (cherry picked from commit c7ff706b31c22f10c2403869c46b443448da3e08) --- stand/lua/cli.lua | 23 +++++++++++++++++++++++ stand/lua/core.lua | 43 +++++++++++++++++++++++++++++++++++++++++++ stand/lua/core.lua.8 | 17 ++++++++++++++++- stand/lua/menu.lua | 7 +------ stand/man/loader.8 | 15 ++++++++++++++- 5 files changed, 97 insertions(+), 8 deletions(-) diff --git a/stand/lua/cli.lua b/stand/lua/cli.lua index 6832da0a31a5..a405baba9468 100644 --- a/stand/lua/cli.lua +++ b/stand/lua/cli.lua @@ -172,6 +172,29 @@ cli["disable-module"] = function(...) setModule(argv[1], false) end +cli['be-list'] = function(...) + local _, argv = cli.arguments(...) + if #argv ~= 0 then + print("usage error: be-list") + return + end + + for _, bootenv in core.bootenvIter() do + print(bootenv) + end +end + +cli['be-switch'] = function(...) + local _, argv = cli.arguments(...) + if #argv == 0 then + print("usage error: be-switch beName") + return + end + + local env = argv[1] + core.switchBE(env) +end + cli["toggle-module"] = function(...) local _, argv = cli.arguments(...) if #argv == 0 then diff --git a/stand/lua/core.lua b/stand/lua/core.lua index 4091f446e1f1..16825d560094 100644 --- a/stand/lua/core.lua +++ b/stand/lua/core.lua @@ -312,6 +312,21 @@ function core.bootenvFilter(func) return oldf end +function core.bootenvIter() + local envs = core.bootenvList() + + if #envs ~= 0 then + local root = "zfs:" .. loader.getenv("zfs_be_root") .. "/" + + for idx, bespec in ipairs(envs) do + bespec = bespec:gsub("^" .. root, "") + envs[idx] = bespec + end + end + + return next, envs, nil +end + function core.bootenvList() local bootenv_count = tonumber(loader.getenv(bootenv_list .. "_count")) local bootenvs = {} @@ -565,6 +580,34 @@ function core.nextConsoleChoice() end end +function core.switchBE(env) + -- This branch will most likely be taken by the switch-be CLI command, + -- not by the menu. We could do some more validation that it's a valid + -- BE and let the user fully specify a zfs:be/dataset to avoid the + -- validation, but this isn't done at the moment. + if not env:match("^zfs:") then + local root = loader.getenv("zfs_be_root") + + if not root then + print("ZFS BE root not available -- no action taken") + return + end + + if not env:match("^" .. root) then + env = "zfs:" .. root .. "/" .. env + else + env = "zfs:" .. env + end + end + + loader.setenv("vfs.root.mountfrom", env) + loader.setenv("currdev", env .. ":") + config.reload() + if loader.getenv("kernelname") ~= nil then + loader.perform("unload") + end +end + -- The graphical-enabled loaders have unicode drawing character support. The -- text-only ones do not. We check the old and new bindings for term_drawrect as -- a proxy for unicode support, which will work on older boot loaders as well diff --git a/stand/lua/core.lua.8 b/stand/lua/core.lua.8 index 325320b2fce8..5cb2b46bd9d1 100644 --- a/stand/lua/core.lua.8 +++ b/stand/lua/core.lua.8 @@ -24,7 +24,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd April 8, 2026 +.Dd June 4, 2026 .Dt CORE.LUA 8 .Os .Sh NAME @@ -175,6 +175,12 @@ returns true, then the boot environment is retained in the list. Otherwise, the boot environment is hidden. The old filter, if any, is returned to allow the caller to compose a filter on top of another filter. +.It Fn core.bootenvIter +Returns an iterator over the known boot environment list. +The returned boot environment names do not include the boot environmnt root, +which would need to be added back on from the +.Ev zfs_be_root +environment variable. .It Fn core.bootenvList Returns a table of boot environments, or an empty table. These will be picked up using the @@ -229,6 +235,15 @@ If there are no elements, this returns nil and nil. If there is one element, this returns the front element and an empty table. This will not operate on truly associative tables; numeric indices are required. +.It Fn core.switchBE beName +Switch to the requested +.Fa beName . +It may be either be formatted as a fully-qualified loader dataset path +.Dq zfs:pool/ROOT/beName , +or like one of +.Dq pool/ROOT/beName +or +.Dq beName . .It Fn core.loaderTooOld Returns true if the loader is too old. Specifically, this means, is the loader old enough to require one or more diff --git a/stand/lua/menu.lua b/stand/lua/menu.lua index 2d92be3b7c6e..a5491aca3560 100644 --- a/stand/lua/menu.lua +++ b/stand/lua/menu.lua @@ -53,12 +53,7 @@ local function OnOff(str, value) end local function bootenvSet(env) - loader.setenv("vfs.root.mountfrom", env) - loader.setenv("currdev", env .. ":") - config.reload() - if loader.getenv("kernelname") ~= nil then - loader.perform("unload") - end + core.switchBE(env) end local function multiUserPrompt() diff --git a/stand/man/loader.8 b/stand/man/loader.8 index 484e0a7b300c..e35414049e23 100644 --- a/stand/man/loader.8 +++ b/stand/man/loader.8 @@ -26,7 +26,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd November 14, 2025 +.Dd June 4, 2026 .Dt LOADER 8 .Os .Sh NAME @@ -97,6 +97,19 @@ and .Pp .Bl -tag -width indent -compact .\" sort the following entries according to the second field +.It Ic be-list +Lists the boot environments that are visible to +.Nm . +The listed names may be used directly with +.Ic be-switch . +.It Ic be-switch Ar beName +Switch to the +.Ar beName +boot environment. +The +.Nm +configuration will be reloaded from the new root, and any previously loaded +kernel and modules will be immediately unloaded. .It Ic boot-conf Load the .Nm From nobody Wed Jun 10 04:01:14 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXB4vsmz6gvXN for ; Wed, 10 Jun 2026 04:01:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsXB1CLZz3wCF for ; Wed, 10 Jun 2026 04:01:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064074; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=x52N+jwXXC+bw98BIgFKxovGlfoSsPvX2tox5fBN/y0=; b=YMmDUVfZhGH1aQGl0oRl9oNsy2Fea2kRADc0qIiXg2+80ZN4GwFWitZDFYDugt+T45McBM cBcQj0bjrL+fCJXGTh3t+KFv14jIeijZfeQBzycMCJUuKWowxKRLuJkecNfvweoe4soL0K aiWOffCGmin3Kjjkt/oOMpqIMq4iwJnXC0PKgA6kDB3lfVwQR1czic0RhbHxpWY0+VlgDL W6PxZ4dYZ1ucW2mb205LeHiiYy6fKihROVHLlJiQRz2DZP7ek/WM7xL9zJMT9H5k0h/vb4 sFDInydgpowYvT3XTFdPudpffGadVnkcWWPPWzRQrEAA2YnQXrzvjjGCcfnjKw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064074; a=rsa-sha256; cv=none; b=VhlGbv7vWCTnlaxqwo3zpoHThZvuWKNzqQxqRE4H0cpY8b4EOf69gWlqjZrkPnK3/7M0Ib bhBLkm/QjunCcf1FbLqKKpCGmLr76FvVV27WeUvn80haCHU5DwZm0c7LzJpbZNicJF9+2r DQxQ4SqJlkasSxIRBA5dtbOzCYKX36JkvnjwnoolU12sfDcCt4iblE0GN2McN5VPtL3J6P QjBK9YWzMHAMwWhO9JpedGRX0bsREJ2bP2QxJyHl21bgZEdhXh6QAExiqSt1NWwf+tAjR2 pIz9tCm7Acn75F0Y9aBMXNh4OOjipmPB62iB80m+6udJKL411LLYkXDg8cpSAQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064074; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=x52N+jwXXC+bw98BIgFKxovGlfoSsPvX2tox5fBN/y0=; b=ylF1LUgPAUiSJMRnHbPx0HKMno9cDF7qwudk67eOXXKOz1zhKCmbxifmPoWVe0G/QBGLkt qqL4r8m4VWGaXipGa02gikrzkLolzlrf5b8o/7NBp6k3yVEl3Gco1lbdsIH6OX+7Y/iaOH JA7a7nF5ndxazpvtLI2Su5tw/Yvm9lqrJj2apFUnlhdg+uHaNJ7DWbIXf4Vs9PWrBniQZV T2yCzJaWoGXhxD+5QRRb4AMAFKO9GjtaH7ArmYmen3hG6smgWko+IBqLHjmAOnNNfyDOyt adBGdgrlvoeQga6u0xOa+ihyhkY7m9FrjkGRPhtES4Nlaw0L5YPGhjLr+jv08w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXB0d3Pz14MH for ; Wed, 10 Jun 2026 04:01:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 27f0a by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:14 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Jan Bramkamp From: Kyle Evans Subject: git: a03b45d38f8f - stable/15 - jail: open the fstab files with fopen("re") List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: a03b45d38f8fc312a7a86c3ac2e4bdcbbad9f4d3 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:14 +0000 Message-Id: <6a28e18a.27f0a.50e0b629@gitrepo.freebsd.org> The branch stable/15 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=a03b45d38f8fc312a7a86c3ac2e4bdcbbad9f4d3 commit a03b45d38f8fc312a7a86c3ac2e4bdcbbad9f4d3 Author: Jan Bramkamp AuthorDate: 2026-05-06 23:28:53 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:36 +0000 jail: open the fstab files with fopen("re") This protects against accidentally leaking them past fork()+exec() in future refactorings. PR: 295052 Reviewed by: kevans (cherry picked from commit 58811b0ae096c134af372bcf475aea1d8d0e3c08) --- usr.sbin/jail/config.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/jail/config.c b/usr.sbin/jail/config.c index f1e2da215790..188f48732561 100644 --- a/usr.sbin/jail/config.c +++ b/usr.sbin/jail/config.c @@ -726,7 +726,7 @@ check_intparams(struct cfjail *j) TAILQ_FOREACH(s, &j->intparams[IP_MOUNT_FSTAB]->val, tq) { if (s->len == 0) continue; - f = fopen(s->s, "r"); + f = fopen(s->s, "re"); if (f == NULL) { jail_warnx(j, "mount.fstab: %s: %s", s->s, strerror(errno)); From nobody Wed Jun 10 04:01:13 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX92Hnkz6gv8B for ; Wed, 10 Jun 2026 04:01:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsX90YJ6z3wH2 for ; Wed, 10 Jun 2026 04:01:13 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064073; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Z8po+mgQdZR+TxkhJ3J11CspPwlDX7/cCkvKV7kKvgw=; b=Ls26iibkRXoMAKtJgwm+/ZZ+gTdKCKNfm2Hqf7vtP1LI6RRoeK5dzlmL29x+0LcPsx3eQ7 yIyRanJ2B0HPIkUua4zZ0uYiXziZGeqU6ntx2qjW/1/yYKjX1XEYT6BChWE4WHOnr6z7Q0 qrlIavemuTs66ijChK/LuV76RU+ZoW4A8DecreRTDVwAwbZX4yA+/nC9IBrcR3eqdITRA+ yu3NTd4OGTAl1FkeUuft56FhWZhXkAs657zpu5HR6mGSpd3xwOxft7GKtDEzJL3E/NtbZw sfqZLzNpOkQtRJWcb7J0y0po9hH/q8yb6bPdY3jjl9rOotsYE66OMrbukUt0OQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064073; a=rsa-sha256; cv=none; b=yp0yWfsBEQ3i/uIm78IlXZx36B9/T2pbxfY2shQ+9sp2Rx+5Q6SMIvA6nijCTIWMwk+eEt TSx3h/JKpMfV3zoLU4ZKvQQeKedjyIt/5LO+iXW3S0uCOe9wXmfjveUwlutBErfHssLSPR kzq3lkxi+epBkGc3u32yr3wX7Zdm9oaRlJZv3XLkBhOP0ULtfFE362o4MilBEGO12zEtdE stBjG0EO3+oet0A/JDb9Bx3QtETnELJzhpJObOv9a2MJ2L9hiJTj2O6rZqx9WT/G6ykuZs iN+mu8S2HkIbZgRCi2GsdF6YXlnLmM5UWxcCyRH1ZX4YzzFiHCdpxNDAZcoYjQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064073; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Z8po+mgQdZR+TxkhJ3J11CspPwlDX7/cCkvKV7kKvgw=; b=qyuNTMgepB7ypmRCfTy0YuWcCUQxfTyX5SdPKAvFsuotfP8KloPHwpgjr7EsiS19x5tFB0 xhsDEkEdoSFljFQlrqKmBPCMsttLUbnWowTtq7zi/2HtImVnzvQ8/yySm+H3NotryRd5OU r8wikQwER398OE0LvDWHm4ol4oyMRnGnn8AwjQumA7JPo7OpEzv+G16s7h9ywxnckz2t36 G7MuCIcHwDFHz1VULmB+dX/RHxEQCM0Xip7iQim9b6xuhzf8z5qB/pKXGEG/Sznd8hBIS8 9m/7UUcXtkfP4kZQC1Y5C0Tw3fqy7k6MhAkPNiGVtvyvdevA9etBZGC5YHu+Ww== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsX903CMz14Bn for ; Wed, 10 Jun 2026 04:01:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 27493 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:13 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: dc0cc22a8981 - stable/15 - fexecve(2): call out a scenario where you want !O_EXEC List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: dc0cc22a898198a21bd58109351d2c2b2ec5410f Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:13 +0000 Message-Id: <6a28e189.27493.430f9de9@gitrepo.freebsd.org> The branch stable/15 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=dc0cc22a898198a21bd58109351d2c2b2ec5410f commit dc0cc22a898198a21bd58109351d2c2b2ec5410f Author: Kyle Evans AuthorDate: 2026-05-01 03:02:55 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:36 +0000 fexecve(2): call out a scenario where you want !O_EXEC We note a reason why you might need it, but there's an equally important reason you may need to omit it: interpreted programs. Add a note accordingly, along with the workaround configuration if there's reason you can't help it. PR: 294780 Reviewed by: Jan Bramkamp , kib (cherry picked from commit 9c18d55a768a3e60ecaba1325e9a3e00a25dee26) --- lib/libsys/execve.2 | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/lib/libsys/execve.2 b/lib/libsys/execve.2 index dc85b9321e48..5562e198239a 100644 --- a/lib/libsys/execve.2 +++ b/lib/libsys/execve.2 @@ -25,7 +25,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd July 02, 2025 +.Dd April 29, 2026 .Dt EXECVE 2 .Os .Sh NAME @@ -232,6 +232,17 @@ is to use the .Dv O_EXEC flag when opening .Fa fd . +Opening without +.Dv O_EXEC +may be necessary in the case of executing an interpreted program, as the +interpreter will not be able to acquire a descriptor to the script for reading +without mounting +.Xr fdescfs 4 +on +.Pa /dev/fd +with the +.Cm nodup +option. Note that the file to be executed can not be open for writing. .Sh RETURN VALUES As the From nobody Wed Jun 10 04:01:15 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXC4D1kz6gvKW for ; Wed, 10 Jun 2026 04:01:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsXC1qBLz3wKT for ; Wed, 10 Jun 2026 04:01:15 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064075; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CxTvV18aE6hluraIjfscvr8MT7nMEdyRqakUJNdkGv0=; b=tcNt3HHmrs9JBu56AUzOxWl+RP/hHG+w6KaEzvGztys2hBGHAMLBRXcUu3qWylDnNIgBXF CzW8JxXYVsxSxsfqKDkdKXiMLwQ9Sy8p2q0AMsmK+tmx35x0g4hPcetqTbxjFAdzFFK23t ML+IeI8mAqNkveOc3gSNOsLar0o2Wm9pw01lAV/E8xb3LQ0TA7sFg6jrJIqmEsMn2lPuWA 9SKoFD/2NZFiGXttyp/0OgKkTmY16k5xuG9uDNScH8oinLONjmdHF09omAQLfsY/EVtH10 ePLZoEWZ7Fmh/41cMJyiCuHLJMA7gCX1P4UdWMrbtcYe4UOG4jGJliJjZHtzDg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064075; a=rsa-sha256; cv=none; b=ljzVrcy1LNZGy4jeytf/Zj7R0Mpihkq48Gfh9IBgL+eLTNE+a1B7clAlVw7CZiuZgEWeKf ABfNrAY2EBswyCMbwGj+u0HLQ0zRYiXsOKksRVIQic1E3sCwVIwUCLucZsmHxrh0eeoy5N RrF2RZL8KvjaqheTXwEcjrRqim98QcppmiQ9WJNLJ4nNuT6UTe5Ju6QNKHyZBj1IcNn3lm klt7w+PVdxIUCX288icJUHY0qAtlQ10GwRO4HgVMfdnS1SHJ9VsQ4VPOMvEmwbOwg7PQz9 DBGRKEckEFljxg4H1lwdE81K0UISaNS2sl3rrtplmO1XYVAqhTtVLzKMAzzPJQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064075; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CxTvV18aE6hluraIjfscvr8MT7nMEdyRqakUJNdkGv0=; b=urJvlPoB1f2txg8Kvva7d5IO+E6B2vQvvU8VfW+KrY3eJ9osxJNNSCaUiTRTKs/iiC71kJ a5rgU50ZlOUn5Ozd3gfxqnINys33/nBgrY8fC0rD9kTGj/6jlkKtbUYIQmhyuNaCKAx2T0 H/TUax+67zEKK0iUAQueJnXThPaIEN08dGINtTy6zAU/UPQ3Q22rP+U6EgR8LOwsRdMF+q 4xDDKYmv/mXY4UbZOYALUH+31X63tq0yUioNn6xIDqWWwoXq6zlqqdZ4nax51VQc4j6jEe vpGetS3YTepK6mLGPTNw2nwOjaaYVxFJRxqOVkCFUIK/i/AZGVS37JGuO2IO5g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXC1GKWz14Ss for ; Wed, 10 Jun 2026 04:01:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 258f0 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:15 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Marek Zarychta From: Kyle Evans Subject: git: b575dac3e415 - stable/15 - devd: Use PF_LOCAL instead of PF_INET List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: b575dac3e415ceee136ed77be25e04e3bfce73ce Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:15 +0000 Message-Id: <6a28e18b.258f0.5189fb05@gitrepo.freebsd.org> The branch stable/15 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=b575dac3e415ceee136ed77be25e04e3bfce73ce commit b575dac3e415ceee136ed77be25e04e3bfce73ce Author: Marek Zarychta AuthorDate: 2026-05-07 01:28:08 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:36 +0000 devd: Use PF_LOCAL instead of PF_INET Avoid dependency on INET (IPv4) by using PF_LOCAL, allowing media check to work on systems without INET support. PR: 295045 Reviewed by: kevans (cherry picked from commit b2e4da0b53ad082768b8f6f83766e030fd00d02a) --- sbin/devd/devd.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sbin/devd/devd.cc b/sbin/devd/devd.cc index 1ff405244cde..7bd7f650c843 100644 --- a/sbin/devd/devd.cc +++ b/sbin/devd/devd.cc @@ -369,7 +369,7 @@ media::do_match(config &c) retval = false; - s = socket(PF_INET, SOCK_DGRAM, 0); + s = socket(PF_LOCAL, SOCK_DGRAM, 0); if (s >= 0) { memset(&ifmr, 0, sizeof(ifmr)); strlcpy(ifmr.ifm_name, value.c_str(), sizeof(ifmr.ifm_name)); From nobody Wed Jun 10 04:01:16 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXD4ygxz6gvXl for ; Wed, 10 Jun 2026 04:01:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsXD2K6Zz3wT7 for ; Wed, 10 Jun 2026 04:01:16 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064076; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZULIPO0IbnQCz/jgcHVeULelrmKLmPR+7RN9OrZhnrs=; b=g8F9w2K8KfAjxOmO6Gz0PFeV/tfkuDyN4t7BEa5tRT5jtDSIgVOjRW2GtDl/R9OONJCDBB FRKMXuf4ml9SeRFNkbZwSEvP3LZz0HTohT6mnW7ZmhL1osMxbnXBo+cj356bJxs3zICZav wBm5h0FC2G8DsEJx3AZFz21onhArLEcrVx4qR7Csz1xu77lDBCgMC+c2Ro1eOyJm28G9og bXEN1uvy9V6qEm44d7UcSXDgLdeHJ1OSFTkFyURZ+WmM3xoDjS+CIBwe6DAedooRyb+7ho L+ECDm5u0muukultSgeYhRwcnTBp1wveFv07eBD0EXAXbm5kRssdpmi2Xq2DIQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064076; a=rsa-sha256; cv=none; b=mE1x9qchxcrh/1s/bWMut5GbiFpTGcgtS7Q9QQDBmYQ1Hpgw57mXbBS3sh12QWu2OcaYmN mlQj1JEFcF9S5JVFSGwVtzv0EDWaQGpZ6Ae0tUVsnrtnDZModnOq2lVeLcbRaLevvYiVIT rgyshZiN/jId4+2N5ml8h91HqgOiw+PRu7FgblLORO1mA1vnMlDd4jCd/aR5O1LpWrLcQ0 GPUy7/K83cCzXixydEDx7EtrSWycFSsZL6P63rMCSgfJUHqCbig3dhzNkcLD0sf6iKTGqf AiNoyn1Er0DLIhlZWy/wZzZY7YgzVgdzzs3zVHQEFQG+LtdK3DMmXU4hVqbXjw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064076; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=ZULIPO0IbnQCz/jgcHVeULelrmKLmPR+7RN9OrZhnrs=; b=CISVhBmunwsfrUgTv0trWG4NnIhvj7lc8zn02+lFrTWoJRE7jY4abDc3Qd+JhpQu8w6J6t gjreF7KgBPk3r7TSyeRjp+0gC0bQUr0YT0LoSEIn4fFlWb9qBT0ueVPQwifWylSDenef1Y Y+UHqsnq1wvBCq1CL8dGGKtUZ836RzRFXaZ+VrNX3ER+GqAQ9G5wWko3sHyPBkPanI4z6K CS5HeFRaog/U1ha67hE8i6xVdoQuuuMAiXhN+YYCpIC7KN9g5q/IhbYivPr2JDVWBQKjmp 8Age9EEugNs414bLsytKEAyeUDzWrzXho0uLcMbkbr2naYYKlCsvO4HeuYow6g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXD1pdWz14kb for ; Wed, 10 Jun 2026 04:01:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 258f5 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:16 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 92a2764ba175 - stable/15 - linuxkpi: work with numpages > 1 in the set_pages_*() KPIs List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 92a2764ba175e5af550d96a4b509d7776c6dffa6 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:16 +0000 Message-Id: <6a28e18c.258f5.2a285432@gitrepo.freebsd.org> The branch stable/15 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=92a2764ba175e5af550d96a4b509d7776c6dffa6 commit 92a2764ba175e5af550d96a4b509d7776c6dffa6 Author: Kyle Evans AuthorDate: 2026-05-19 03:22:21 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:37 +0000 linuxkpi: work with numpages > 1 in the set_pages_*() KPIs These calls are used for buddy pages at least in drm's ttm_pool, which leads to a panic when we invoke lowmem handlers and drm tries to shrink the pool. Cope with numpages > 1 by traversing the contiguous pages and executing the adjustment there, as well, as suggested by markj@. Previous versions have tried to use the corresponding `set_memory_*()` functions, but it is believed that not updating `md.pat_mode` breaks subsequent userspace mappings in ways that may result in things like screen tearing or other artifacts when running i915kms. This stabilized my amdgpu laptop running two VMs, chromium and a concurrent buildworld. Reviewed by: bz, markj (cherry picked from commit 67f7f2781daa9bd398b424ffe2bd0be67f37f03d) (cherry picked from commit 8dad29555a5807bf21941807752e1589e20312de) --- sys/compat/linuxkpi/common/include/asm/set_memory.h | 15 +++------------ sys/compat/linuxkpi/common/include/linux/page.h | 2 ++ sys/compat/linuxkpi/common/src/linux_page.c | 21 +++++++++++++++++++++ 3 files changed, 26 insertions(+), 12 deletions(-) diff --git a/sys/compat/linuxkpi/common/include/asm/set_memory.h b/sys/compat/linuxkpi/common/include/asm/set_memory.h index 1019aaf264a0..54a1311ef9a5 100644 --- a/sys/compat/linuxkpi/common/include/asm/set_memory.h +++ b/sys/compat/linuxkpi/common/include/asm/set_memory.h @@ -65,32 +65,23 @@ set_memory_wb(unsigned long addr, int numpages) static inline int set_pages_uc(struct page *page, int numpages) { - KASSERT(numpages == 1, ("%s: numpages %d", __func__, numpages)); - - pmap_page_set_memattr(page, VM_MEMATTR_UNCACHEABLE); - return (0); + return (lkpi_set_pages_attr(page, numpages, VM_MEMATTR_UNCACHEABLE)); } static inline int set_pages_wc(struct page *page, int numpages) { - KASSERT(numpages == 1, ("%s: numpages %d", __func__, numpages)); - #ifdef VM_MEMATTR_WRITE_COMBINING - pmap_page_set_memattr(page, VM_MEMATTR_WRITE_COMBINING); + return (lkpi_set_pages_attr(page, numpages, VM_MEMATTR_WRITE_COMBINING)); #else return (set_pages_uc(page, numpages)); #endif - return (0); } static inline int set_pages_wb(struct page *page, int numpages) { - KASSERT(numpages == 1, ("%s: numpages %d", __func__, numpages)); - - pmap_page_set_memattr(page, VM_MEMATTR_WRITE_BACK); - return (0); + return (lkpi_set_pages_attr(page, numpages, VM_MEMATTR_WRITE_BACK)); } static inline int diff --git a/sys/compat/linuxkpi/common/include/linux/page.h b/sys/compat/linuxkpi/common/include/linux/page.h index 37ab593a64e9..6f5f37d2fd0f 100644 --- a/sys/compat/linuxkpi/common/include/linux/page.h +++ b/sys/compat/linuxkpi/common/include/linux/page.h @@ -127,4 +127,6 @@ clflush_cache_range(void *addr, unsigned int size) } #endif +int lkpi_set_pages_attr(struct page *page, int numpages, vm_memattr_t ma); + #endif /* _LINUXKPI_LINUX_PAGE_H_ */ diff --git a/sys/compat/linuxkpi/common/src/linux_page.c b/sys/compat/linuxkpi/common/src/linux_page.c index d8b65a12dc67..f562bd5e0dbd 100644 --- a/sys/compat/linuxkpi/common/src/linux_page.c +++ b/sys/compat/linuxkpi/common/src/linux_page.c @@ -710,6 +710,27 @@ lkpi_arch_phys_wc_del(int reg) #endif } +int +lkpi_set_pages_attr(struct page *page, int numpages, vm_memattr_t ma) +{ + while (numpages-- > 0) { + /* + * pmap_page_set_memattr() would only update the DMAP mapping + * if it's a normal page, leaving the kernel map untouched. + */ + MPASS(page->object != kernel_object); + + /* + * pmap_page_set_memattr() sets page->md.pat_mode, which is + * crucial for future userspace mappings. + */ + pmap_page_set_memattr(page, ma); + page++; + } + + return (0); +} + /* * This is a highly simplified version of the Linux page_frag_cache. * We only support up-to 1 single page as fragment size and we will From nobody Wed Jun 10 04:01:18 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXG6r8Wz6gvf0 for ; Wed, 10 Jun 2026 04:01:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsXG3nvrz3wJ2 for ; Wed, 10 Jun 2026 04:01:18 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064078; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TI+t30Vho13brqVy4EHLFiuzuwpDAA2WkoBQKFs9m2A=; b=RdOHCFvQ5klpvu2Ls+w9+6YIfLpGV37j+qJWq+7UWrANjlXogvF55cB57X/nAV4lNEDZ/C O0HyJNYTsWuzOtTFLYi+oJW7BQeIrzYIN7WJQyXQ6zQ7YtjaD0QqlJi5Pi7rEqBMWcv8fx yFrW4hVyWr9DJXeOnULFjlynx0Wh+QNqGVTTocmjdKkoEyQmAvzCIhuYgKv+RaDGfKFqMF 9ySBlCshBtpqIaXvlBqXOQLq9rOfxFiT1udeP0poTvdNDK4c2CeLR3VYByFLK3cMUKtTZs aGDUhO7WZaVyvbXzn5xb3/SyjC3SloI9vNMy9rno0ttbX99YtmmeXfFjRsftLQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064078; a=rsa-sha256; cv=none; b=wRvq6qQKN1oT0oS4E+ltAYAG/bZ/tqF4od+Jc4dc9GDTQpTDfFcchYs8av756ck2CdZ32m 4Lb1a5sG2qnUwQb2fYWlwWxp3WbhBzOUlORSyw4GQ2iY54u8bGy7KIpMUGIramWL6O0TQc b5bvf2Y+4DfcetYdezPwKrnvtWEYVC18Wks07i2MEnRmlN1gX1ag9o6fLohOyqWGd8mkjr f2ygO8ws9TTsq08r6c2W5aIKZKlMHU2NdsTV4JZEPC1cK9wI4W16YCdxxV91fW+Bwvc4Q8 7Bknfh1X3YXhgnISbNqjNoDPoXElxOno0uXdHjcRXdt6UN3p07kAE3Ot4PfuEQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064078; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TI+t30Vho13brqVy4EHLFiuzuwpDAA2WkoBQKFs9m2A=; b=JbGMWyhNAKhmOm+p2rkAiioRY8OkI7NSr0iR0B0drKyucNkDuzWkRGB6SK8IzvizMlixgT Knvind0XU03ueBBP4SjXQtj2xD0B0uiNQwZjSWM/PencW62v3gQGzjRscOiVuhPsfavoO4 MkFGyOc8gjTvrnvAUgY7Bc7p9kf62XWQzudMCItv97bXcsc6EPhLJbIUXlw1bJQSzIhErI j+KFYCe9DR1TPpF/6E/mz+8W5Lwu6g1UDK4lYLqw7QVY+C0Ea+sqEB6QbHeGhYzxN/92rD AmN4h3eFxKaRtBTjva2z9iyKcB1ynXTzTgf4CzRktnbJqkuFuUgFcezccY3NyA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXG37c3z14Bs for ; Wed, 10 Jun 2026 04:01:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 27e8b by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:18 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: dc7494fb32df - stable/15 - pci: pci_host_generic: provide cleanup methods outside of detach List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: dc7494fb32df309092a2f2f3e62c221f8c41551c Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:18 +0000 Message-Id: <6a28e18e.27e8b.37f9fa9e@gitrepo.freebsd.org> The branch stable/15 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=dc7494fb32df309092a2f2f3e62c221f8c41551c commit dc7494fb32df309092a2f2f3e62c221f8c41551c Author: Kyle Evans AuthorDate: 2026-05-09 02:46:24 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:38 +0000 pci: pci_host_generic: provide cleanup methods outside of detach If device_attach() fails, we're expected to actually cleanup after ourselves because device_detach() will not be called. Factor out the cleanup bits that don't rely on attach having actually succeeded so that we can cleanup properly in bcm2838_pci. Reviewed by: andrew, imp (cherry picked from commit 31a94ec32b53ebf6227bc868ce4f7aa07650680d) --- sys/dev/pci/pci_host_generic.c | 15 +++++++++++---- sys/dev/pci/pci_host_generic.h | 1 + sys/dev/pci/pci_host_generic_fdt.c | 19 +++++++++++++++++++ sys/dev/pci/pci_host_generic_fdt.h | 1 + 4 files changed, 32 insertions(+), 4 deletions(-) diff --git a/sys/dev/pci/pci_host_generic.c b/sys/dev/pci/pci_host_generic.c index 49b131cd2299..d7854671bfd7 100644 --- a/sys/dev/pci/pci_host_generic.c +++ b/sys/dev/pci/pci_host_generic.c @@ -250,15 +250,22 @@ err_resource: int pci_host_generic_core_detach(device_t dev) { - struct generic_pcie_core_softc *sc; - int error, rid, tuple; - - sc = device_get_softc(dev); + int error; error = bus_generic_detach(dev); if (error != 0) return (error); + return (pci_host_generic_core_free(dev)); +} + +int +pci_host_generic_core_free(device_t dev) +{ + struct generic_pcie_core_softc *sc; + int rid, tuple; + + sc = device_get_softc(dev); for (tuple = 0; tuple < MAX_RANGES_TUPLES; tuple++) { rid = sc->ranges[tuple].rid; if (sc->ranges[tuple].size == 0) { diff --git a/sys/dev/pci/pci_host_generic.h b/sys/dev/pci/pci_host_generic.h index 6579cd0918c4..73314e2feccd 100644 --- a/sys/dev/pci/pci_host_generic.h +++ b/sys/dev/pci/pci_host_generic.h @@ -94,6 +94,7 @@ DECLARE_CLASS(generic_pcie_core_driver); int pci_host_generic_core_attach(device_t); int pci_host_generic_core_detach(device_t); +int pci_host_generic_core_free(device_t); struct resource *pci_host_generic_core_alloc_resource(device_t, device_t, int, int *, rman_res_t, rman_res_t, rman_res_t, u_int); int pci_host_generic_core_release_resource(device_t, device_t, diff --git a/sys/dev/pci/pci_host_generic_fdt.c b/sys/dev/pci/pci_host_generic_fdt.c index ffe63b82a234..c6b9371698b6 100644 --- a/sys/dev/pci/pci_host_generic_fdt.c +++ b/sys/dev/pci/pci_host_generic_fdt.c @@ -104,6 +104,25 @@ generic_pcie_fdt_probe(device_t dev) return (ENXIO); } +void +pci_host_generic_destroy_fdt(device_t dev) +{ + struct generic_pcie_fdt_softc *sc; + struct pci_ofw_devinfo *di; + + sc = device_get_softc(dev); + while (!STAILQ_EMPTY(&sc->pci_ofw_devlist)) { + di = STAILQ_FIRST(&sc->pci_ofw_devlist); + STAILQ_REMOVE_HEAD(&sc->pci_ofw_devlist, pci_ofw_link); + + ofw_bus_gen_destroy_devinfo(&di->di_dinfo); + free(di, M_DEVBUF); + } + + ofw_bus_destroy_iinfo(&sc->pci_iinfo); + (void)pci_host_generic_core_free(dev); +} + int pci_host_generic_setup_fdt(device_t dev) { diff --git a/sys/dev/pci/pci_host_generic_fdt.h b/sys/dev/pci/pci_host_generic_fdt.h index cc6e575f6056..790f781b23f0 100644 --- a/sys/dev/pci/pci_host_generic_fdt.h +++ b/sys/dev/pci/pci_host_generic_fdt.h @@ -46,6 +46,7 @@ DECLARE_CLASS(generic_pcie_fdt_driver); struct resource *pci_host_generic_alloc_resource(device_t, device_t, int, int *, rman_res_t, rman_res_t, rman_res_t, u_int); int pci_host_generic_setup_fdt(device_t); +void pci_host_generic_destroy_fdt(device_t); int pci_host_generic_fdt_attach(device_t); int generic_pcie_get_id(device_t, device_t, enum pci_id_type, uintptr_t *); From nobody Wed Jun 10 04:01:17 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXF4Qdmz6gv6F for ; Wed, 10 Jun 2026 04:01:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsXF2n22z3wKx for ; Wed, 10 Jun 2026 04:01:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064077; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=PmoosWzOOGKDttX00zsJcp2tFzrmy/bNi0N62JkgB80=; b=BoE6gNpUg7ch1RTJc9w89Bq7t7IU8EMZ3xTa7N3mySOZCm6XrY7uSIAFLIK1tDoPcIaGVq IPjejHKEwF/wZuGvxHFxLizO7VDKgCS1xgYG4QO19Dt6ZvHI92Zd5j6fiipIOqrSJbLoLW GOWAtIx0URw8M4bYDJsXf1Or/j1bewwOxTmQS/nmq3qct+HZBuYCNmFcFUvqyxoKCN8id9 z3kPs3XSUtyBbJ4892pyN/CuEGrScwIMLQwh2d8AZAhXob+cjQ7Fv+40ObrjOAd205ciQD YZMj6TFo3/VJO2tb5tBPICK7RbWL3BWtItP6rSUxRmCfd3Y3r452wti9YPv90A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064077; a=rsa-sha256; cv=none; b=Qx2FCZL20Q3QDB15bmrGDClataODVuyHPraUBYx0N8yS4NFKTOhdaei1xVxB/MNWATtsmR 4qrOKeqHw4320Cn4sqXxkt7NEPWNGbw1WEBqH8Z7wk4ucEZkxegun8Pk5ySqiSK7JYICQq V2w+T9WR/VO2xcVDcBHzPvNN2DfZUVLCdvYCOMi4LifobCc49+tORMRpPR6RxyCnb/bahs EUiiZx0JjIYH7uR0Tp9uhuj+uXhPmNebFSmGt7a52PGMeA+eplCdCS9NXta9CzL7rtD9ot uwVS9TH1QlpvGlxOstL9IGgFNNDa9W84ebkhGfbrfRDDKuK9rSIhwiDE5XmN9g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064077; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=PmoosWzOOGKDttX00zsJcp2tFzrmy/bNi0N62JkgB80=; b=jm352aQZ06V1gRotz7cyuE5QZRJJ8LVUNS5OvSy6q4F0NLwXSX3UhC8eU0IElBMnA7hcMK N2azLwwrQI6f34yBt5NI9WIVtqkHYSxdJW6MfWgCBL/pCWIW/x0EgiDvthj7Pe2QkJHR0M YRFqrx/8nm4z0VfWSgCdBsuMJCLtC3F6UTuO3YafH4ipYabx4HQb422dydu6B/N0UapOEg PIuV0Xv5JB4cGDoE3BDs04ncx4UxnUx2ZC3dSxe+70wdF0xRBfKkNQZGStQ7zGBV4PoMta LC7FQNrHrIflr7v+D8uEiMTJPgbexivObhy6Oi7YrVxszZR83hj4/hD7YgXqZw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXF2KxCz14Pf for ; Wed, 10 Jun 2026 04:01:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 2733e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:17 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: a53d4b5b2a08 - stable/15 - kern: ofw: provide ofw_bus_destroy_iinfo to teardown interrupt-map List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: a53d4b5b2a08e4de390f9800d69367078b8affcf Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:17 +0000 Message-Id: <6a28e18d.2733e.51898d05@gitrepo.freebsd.org> The branch stable/15 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=a53d4b5b2a08e4de390f9800d69367078b8affcf commit a53d4b5b2a08e4de390f9800d69367078b8affcf Author: Kyle Evans AuthorDate: 2026-05-09 02:42:50 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:37 +0000 kern: ofw: provide ofw_bus_destroy_iinfo to teardown interrupt-map For symmetry with ofw_bus_setup_iinfo, the next commits will use it to properly cleanup on failure in bcm2838_pci. Reviewed by: andrew (cherry picked from commit b230a7b9a52c0fc948f4f1dcd1225a94674073f6) --- sys/dev/ofw/ofw_bus_subr.c | 12 ++++++++++++ sys/dev/ofw/ofw_bus_subr.h | 1 + 2 files changed, 13 insertions(+) diff --git a/sys/dev/ofw/ofw_bus_subr.c b/sys/dev/ofw/ofw_bus_subr.c index b99d784929bc..8e7c60cdb98d 100644 --- a/sys/dev/ofw/ofw_bus_subr.c +++ b/sys/dev/ofw/ofw_bus_subr.c @@ -349,6 +349,18 @@ ofw_bus_setup_iinfo(phandle_t node, struct ofw_bus_iinfo *ii, int intrsz) } } +void +ofw_bus_destroy_iinfo(struct ofw_bus_iinfo *ii) +{ + + if (ii->opi_imapsz > 0) { + OF_prop_free(ii->opi_imapmsk); + ii->opi_imapsz = 0; + } + + OF_prop_free(ii->opi_imap); +} + int ofw_bus_lookup_imap(phandle_t node, struct ofw_bus_iinfo *ii, void *reg, int regsz, void *pintr, int pintrsz, void *mintr, int mintrsz, diff --git a/sys/dev/ofw/ofw_bus_subr.h b/sys/dev/ofw/ofw_bus_subr.h index 1a33d7655f77..2e13f29a67f6 100644 --- a/sys/dev/ofw/ofw_bus_subr.h +++ b/sys/dev/ofw/ofw_bus_subr.h @@ -86,6 +86,7 @@ bus_get_device_path_t ofw_bus_gen_get_device_path; /* Routines for processing firmware interrupt maps */ void ofw_bus_setup_iinfo(phandle_t, struct ofw_bus_iinfo *, int); +void ofw_bus_destroy_iinfo(struct ofw_bus_iinfo *); int ofw_bus_lookup_imap(phandle_t, struct ofw_bus_iinfo *, void *, int, void *, int, void *, int, phandle_t *); int ofw_bus_search_intrmap(void *, int, void *, int, void *, int, void *, From nobody Wed Jun 10 04:01:19 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXJ00GHz6gvkh for ; Wed, 10 Jun 2026 04:01:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsXH4FKsz3wJH for ; Wed, 10 Jun 2026 04:01:19 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064079; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0cUGSKJUtJaEJrb5jxv7OmBjCWawgJVC3TR8PazW//U=; b=e1mnHgBCjSAu2bLYeklN+xlPsjQeVFFWG2ZHoq0ZcFjAhZFMLicaF4vK4IiDa5XV/eVcl5 k5gSbqfj2pagixKYH5FvP8mF3q8VW55zLZawvf1hOnMNYoLdhrogPAvPeQR5sV+Ib85Y87 vxMiEFx9loWY/FnPJyB4Dn7SHE92IIXqUwsd2VxSj6xZDaIR/i56fCzotAF6IzepkyGBj7 wwz9yS9hfrQci31vh07ykHbzYumc59eZf4AQZbjGoQc6fRmY4kwPCZrHjZBdoUH8hmR56e /a44gTGhit44owR1I6/v/SGZ1d4n3w+NwM84un9cNMjsgOlDpLpulA+4WWmnyQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064079; a=rsa-sha256; cv=none; b=LeKZMT40fDESecBh9zqEECb2KatqbfTe3ewmr0Wwep2F2d17mDDLUj/Wz2cKwuqA0d2tri fV9XipsZKIvjNEqbL3VMVW/wwc7yCpEvlcR0OA2m/PlDxfPfAtvfCMIOWccn1fCh4Fj61n wu75RQJnRZewqM6cX/Ojg1q0KJs/Ayp16Krjv3djtfw8jKsflgvUAzEDX6hXPm8jXRR64T zgZAGRtDkmj/GtFs7hRrdhZZOephZcCaTPxmH3LTjBdNUpvos4l3jtJcK6QjunZckdxhMv Z+fgMIe+PQ6vdCNTDxxRFz1jGhajycpavKPU4xjzKZE5WccwcKlybs2rsREwqg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064079; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0cUGSKJUtJaEJrb5jxv7OmBjCWawgJVC3TR8PazW//U=; b=tsVyB4dm3Nd3zwNVzZs4rjaHlvf9tlCY4PSOiD3gEXsaZMG6I1Rn6G0fLAdM34KqUCmad8 x0qu8plQjjgNSWemjNeuW2oy9XG7bNGnFV/18r7xlB+TeTpGi7HJjitFgpGR0Pi7ka/hxN OaAEtO4cT4UslId54jy+GxsOjuUaFKcbbs3OG/Ub8B29RZmkjkf0c/ThB8TtVHLqASEKdn eLU1VZAtUWXA5tQRPzbzxmawEsU8xonq2WJXT7F7tgIMhHSwG1iil60jegF9OE+M/55lit Z27q6hZyVaTOddtighoHGTq8DHntBQX71Ape9wBGpB0aIpzK7nDUmloKirUV/A== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXH3mD6z14dn for ; Wed, 10 Jun 2026 04:01:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 26462 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:19 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: 76720b010873 - stable/15 - pci: bcm2838: cleanup on attach failure to fix devmatch panic List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 76720b010873f350b94231c5380e2d19b8839795 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:19 +0000 Message-Id: <6a28e18f.26462.29018d5e@gitrepo.freebsd.org> The branch stable/15 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=76720b010873f350b94231c5380e2d19b8839795 commit 76720b010873f350b94231c5380e2d19b8839795 Author: Kyle Evans AuthorDate: 2026-05-09 02:49:35 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:38 +0000 pci: bcm2838: cleanup on attach failure to fix devmatch panic Specifically on the RPi CM4, we currently don't set the controller up right and it never moves into the ready state (we don't observe the link active bit). Failure to cleanup here actually results in a panic not long after, due to a use-after-free in the rman bits. Further down in pci_host_generic, we have some rman stashed in the softc that are initialized and placed onto the rman tailq, then the softc is later freed without an rman_fini() to pull them off of the tailq properly. Note that PCIe on this board won't come up at boot without something plugged in, so it currently can't be booted with an empty slot with the intent to hotplug a supported card. Some issues with controller startup have been observed with Broadcom NICs in the wild, but no problems have been observed with other NICs and a variety of different PCIe cards. Shout-out to Vince for the extensive debugging and analysis to arrive at this conclusion. Reviewed by: andrew, imp (cherry picked from commit a05af6ddf9016e4ea4f0b361aa674e7ece6fe7ec) --- sys/arm/broadcom/bcm2835/bcm2838_pci.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/sys/arm/broadcom/bcm2835/bcm2838_pci.c b/sys/arm/broadcom/bcm2835/bcm2838_pci.c index 2b2ad1e3bdf8..80a7516f5331 100644 --- a/sys/arm/broadcom/bcm2835/bcm2838_pci.c +++ b/sys/arm/broadcom/bcm2835/bcm2838_pci.c @@ -646,7 +646,7 @@ bcm_pcib_attach(device_t dev) error = bcm_pcib_check_ranges(dev); if (error != 0) - return (error); + goto failed; mtx_init(&sc->config_mtx, "bcm_pcib: config_mtx", NULL, MTX_DEF); @@ -680,7 +680,8 @@ bcm_pcib_attach(device_t dev) if (tries > 100) { device_printf(dev, "error: controller failed to start.\n"); - return (ENXIO); + error = ENXIO; + goto failed; } DELAY(1000); @@ -690,7 +691,8 @@ bcm_pcib_attach(device_t dev) if (!link_state) { device_printf(dev, "error: controller started but link is not " "up.\n"); - return (ENXIO); + error = ENXIO; + goto failed; } if (bootverbose) device_printf(dev, "note: reported link speed is %s.\n", @@ -741,12 +743,15 @@ bcm_pcib_attach(device_t dev) /* Configure interrupts. */ error = bcm_pcib_msi_attach(dev); if (error != 0) - return (error); + goto failed; /* Done. */ device_add_child(dev, "pci", DEVICE_UNIT_ANY); bus_attach_children(dev); return (0); +failed: + pci_host_generic_destroy_fdt(dev); + return (error); } /* From nobody Wed Jun 10 04:01:20 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXK0Y4nz6gvbT for ; Wed, 10 Jun 2026 04:01:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsXJ55Wkz3wJY for ; Wed, 10 Jun 2026 04:01:20 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064080; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lVexW/GRmnZDUFjRfjj1VwDZW6GJ8icQDhWZlkyZNZg=; b=WAhvBSW4YIBEhp7wZbr65J/udZhcEBIF7HvEpJhmolfnwpFNWHKoLUgw/NoGQT6fkP86xM n2YGqRwUKLEry1AC2M0Nnme1hkRW5DIWTf8dNf+fgHGrw/hRNb3djMxPdnDKUP4OiRwBlW o0lyImu0qajzhgMVGpOeI68f8/+TRqgIpdvI4e8Axm/eBIhnlJLxxRYGPEuO9/n51kj6/a Xhc2UnApK4lDBC3BhrKsLy6q4U9+1hgNz7QXJBAMve/Hiu9mUm0wjab6fbEGXYc5G236Tv JeC0572U0cqUMYPVMZStbt+U0KKDZh4KJ51HfTeWTH/xPnuG9Va/0T4DDpzEmA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064080; a=rsa-sha256; cv=none; b=aFZnZQ2pJicqsViaNZqh3Dga6vTfhDCqz0v5GrKRHHmPFekFESakDJ2a+hbrmzdIkhF0qM MoDlhmIxthAp2G4FuFpoB+fqT9iKXnKAbcPNR3OcIn3gKaCRGRdc7iwoNGzmsd4khAeKua 13MR7r8Sa5+SBWfFSuSYI28+FCwYdN7A/yMGFQKyQyD5R0in367Os2sFE0WjTUBmQ+6bl7 bAGr1uYJGzlNa8QU8lA1yT9bdb3Ol+kKSC7saiC5rK287457cLrLopKfdS4mpCTuc/BHWW /JqjGoHFbrCMvxJxLazfQIN7m0+q0+oNmXucFTbsVs0zVGpFgJsWbY0NvycRqA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781064080; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=lVexW/GRmnZDUFjRfjj1VwDZW6GJ8icQDhWZlkyZNZg=; b=uzIdGNdAwinEgXRF2vtXE8dDqM6un1AeCvCsKrDb+O6wig4bZeZVzldezk/7sXE1KW6/P/ ZrNkmmS8YBXsvV9qZ4GFOHigq/9eJZD8HCr2/yQtex1O+P+v9IZi/q7oilZoU0FR4lHh0o keo2Ph0cskh2te36Fys7WL0n7qbbq0emlFUu5nXT/XfgiAaRKDxlvk6gwRGc95yuadzCBw EK4R1XkPKqmh/69viqrRkrCjsGTPOafeMRM3QpLC5clp3K9W016lyMxVLaTE5OwSHgfyVV kn7qiDRBh72XgobVaCUVza+AV8nJdmsZsfXDRcf57UFbwUMuG3dqvWLkxZUDKw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXJ4X6tz14kg for ; Wed, 10 Jun 2026 04:01:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 27497 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 04:01:20 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kyle Evans Subject: git: f77062f506f7 - stable/15 - lualoader: add be-list and be-switch commands List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: f77062f506f7bc752316da35e8d7da9a1ddb0d91 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 04:01:20 +0000 Message-Id: <6a28e190.27497.1dff56e2@gitrepo.freebsd.org> The branch stable/15 has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=f77062f506f7bc752316da35e8d7da9a1ddb0d91 commit f77062f506f7bc752316da35e8d7da9a1ddb0d91 Author: Kyle Evans AuthorDate: 2026-06-04 13:57:16 +0000 Commit: Kyle Evans CommitDate: 2026-06-10 04:00:39 +0000 lualoader: add be-list and be-switch commands This is useful for driving BE changes from the loader command prompt, rather than having to use the menu. Note that the active carousel in the boot environment carousel doesn't currently reflect a switch in boot environments done this way- I'm considering this only a minor bug, as you probably can't or won't go back to the menu if you're using these commands. Reviewed by: imp (previous version) (cherry picked from commit c7ff706b31c22f10c2403869c46b443448da3e08) --- stand/lua/cli.lua | 23 +++++++++++++++++++++++ stand/lua/core.lua | 43 +++++++++++++++++++++++++++++++++++++++++++ stand/lua/core.lua.8 | 17 ++++++++++++++++- stand/lua/menu.lua | 7 +------ stand/man/loader.8 | 15 ++++++++++++++- 5 files changed, 97 insertions(+), 8 deletions(-) diff --git a/stand/lua/cli.lua b/stand/lua/cli.lua index 6832da0a31a5..a405baba9468 100644 --- a/stand/lua/cli.lua +++ b/stand/lua/cli.lua @@ -172,6 +172,29 @@ cli["disable-module"] = function(...) setModule(argv[1], false) end +cli['be-list'] = function(...) + local _, argv = cli.arguments(...) + if #argv ~= 0 then + print("usage error: be-list") + return + end + + for _, bootenv in core.bootenvIter() do + print(bootenv) + end +end + +cli['be-switch'] = function(...) + local _, argv = cli.arguments(...) + if #argv == 0 then + print("usage error: be-switch beName") + return + end + + local env = argv[1] + core.switchBE(env) +end + cli["toggle-module"] = function(...) local _, argv = cli.arguments(...) if #argv == 0 then diff --git a/stand/lua/core.lua b/stand/lua/core.lua index c276f61e5904..687376cbc40f 100644 --- a/stand/lua/core.lua +++ b/stand/lua/core.lua @@ -314,6 +314,21 @@ function core.bootenvFilter(func) return oldf end +function core.bootenvIter() + local envs = core.bootenvList() + + if #envs ~= 0 then + local root = "zfs:" .. loader.getenv("zfs_be_root") .. "/" + + for idx, bespec in ipairs(envs) do + bespec = bespec:gsub("^" .. root, "") + envs[idx] = bespec + end + end + + return next, envs, nil +end + function core.bootenvList() local bootenv_count = tonumber(loader.getenv(bootenv_list .. "_count")) local bootenvs = {} @@ -567,6 +582,34 @@ function core.nextConsoleChoice() end end +function core.switchBE(env) + -- This branch will most likely be taken by the switch-be CLI command, + -- not by the menu. We could do some more validation that it's a valid + -- BE and let the user fully specify a zfs:be/dataset to avoid the + -- validation, but this isn't done at the moment. + if not env:match("^zfs:") then + local root = loader.getenv("zfs_be_root") + + if not root then + print("ZFS BE root not available -- no action taken") + return + end + + if not env:match("^" .. root) then + env = "zfs:" .. root .. "/" .. env + else + env = "zfs:" .. env + end + end + + loader.setenv("vfs.root.mountfrom", env) + loader.setenv("currdev", env .. ":") + config.reload() + if loader.getenv("kernelname") ~= nil then + loader.perform("unload") + end +end + -- The graphical-enabled loaders have unicode drawing character support. The -- text-only ones do not. We check the old and new bindings for term_drawrect as -- a proxy for unicode support, which will work on older boot loaders as well diff --git a/stand/lua/core.lua.8 b/stand/lua/core.lua.8 index 325320b2fce8..5cb2b46bd9d1 100644 --- a/stand/lua/core.lua.8 +++ b/stand/lua/core.lua.8 @@ -24,7 +24,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd April 8, 2026 +.Dd June 4, 2026 .Dt CORE.LUA 8 .Os .Sh NAME @@ -175,6 +175,12 @@ returns true, then the boot environment is retained in the list. Otherwise, the boot environment is hidden. The old filter, if any, is returned to allow the caller to compose a filter on top of another filter. +.It Fn core.bootenvIter +Returns an iterator over the known boot environment list. +The returned boot environment names do not include the boot environmnt root, +which would need to be added back on from the +.Ev zfs_be_root +environment variable. .It Fn core.bootenvList Returns a table of boot environments, or an empty table. These will be picked up using the @@ -229,6 +235,15 @@ If there are no elements, this returns nil and nil. If there is one element, this returns the front element and an empty table. This will not operate on truly associative tables; numeric indices are required. +.It Fn core.switchBE beName +Switch to the requested +.Fa beName . +It may be either be formatted as a fully-qualified loader dataset path +.Dq zfs:pool/ROOT/beName , +or like one of +.Dq pool/ROOT/beName +or +.Dq beName . .It Fn core.loaderTooOld Returns true if the loader is too old. Specifically, this means, is the loader old enough to require one or more diff --git a/stand/lua/menu.lua b/stand/lua/menu.lua index fb0645eb46ba..fb2603eb4b4c 100644 --- a/stand/lua/menu.lua +++ b/stand/lua/menu.lua @@ -53,12 +53,7 @@ local function OnOff(str, value) end local function bootenvSet(env) - loader.setenv("vfs.root.mountfrom", env) - loader.setenv("currdev", env .. ":") - config.reload() - if loader.getenv("kernelname") ~= nil then - loader.perform("unload") - end + core.switchBE(env) end local function multiUserPrompt() diff --git a/stand/man/loader.8 b/stand/man/loader.8 index 484e0a7b300c..e35414049e23 100644 --- a/stand/man/loader.8 +++ b/stand/man/loader.8 @@ -26,7 +26,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd November 14, 2025 +.Dd June 4, 2026 .Dt LOADER 8 .Os .Sh NAME @@ -97,6 +97,19 @@ and .Pp .Bl -tag -width indent -compact .\" sort the following entries according to the second field +.It Ic be-list +Lists the boot environments that are visible to +.Nm . +The listed names may be used directly with +.Ic be-switch . +.It Ic be-switch Ar beName +Switch to the +.Ar beName +boot environment. +The +.Nm +configuration will be reloaded from the new root, and any previously loaded +kernel and modules will be immediately unloaded. .It Ic boot-conf Load the .Nm From nobody Wed Jun 10 07:49:23 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZybR4zcFz6hJV8 for ; Wed, 10 Jun 2026 07:49:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZybR4SXcz3RYT for ; Wed, 10 Jun 2026 07:49:23 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781077763; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rfQyoByLYfw2GOMSWrlPrXmSKg0XEqPwu1V6qbPydKQ=; b=lvh8J0KjDmmCrecDV30roLfhn40fLYyXMIIzd3Fj8vudAz9s4JMmSIshfZUjHIRzPHQbrq b5OZ0J0iADqYUHhHZ0VGwWEEoHlCvRzSGeASdTj5gBO9t+Ak447K5UIKMmz+UB+DESqpR3 MwOM5dNS9CFDHN7GEs5oiFS9+DsDy2TODGEkd9pxna9XA6y/fiSREZO0E27cnk6wSYvtim 0fHMc3PF5VhGa74rgkjy3+JHnrWuS0vyQ3yEh5USLOAjO6MHEeT9zSUdGAkni7svHmZBhS HNIWWZE4XQC5zXkJWw/q7qwdJ9aO2yeQyXxIu2I6YUYtfBxvmJKm5gon9FZkNw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781077763; a=rsa-sha256; cv=none; b=xV2aOrJGnqx6y5TRgcCmHpzpiJeJKdRJNTImD3TFt2H16qt0GMiGZRnVeCpnGtmT3YlICP +oMphdc0w8N5GDt9bUdHmazkWvGvDWdBuVDCJYqUh5CFc6Sp2gHmd7gybiA7V/dLo2QxsD rwq4Ygpf70BqXU+qRy5FEjLjRODjUB3aDBZTzWRee+8VGMKJJOJqZJKMbkOeerhXPlwTQK OUSVTZNBa6OpkDSqCzGwLyUkEgglAT50zCCnHsvRcksDyOMiDUpBJLmtk43o5iBnhlaCeB LBcAScLBAcNHxVvTKGhYj5eCDorbN1h5UjhGYvwkpJ1d2f8PHJdksjh8R8Fx1A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781077763; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rfQyoByLYfw2GOMSWrlPrXmSKg0XEqPwu1V6qbPydKQ=; b=Wne+ryOr4ooqpKaSm+tlzDHcaBI7QEauZdhsjaVzF3fiyYgYFve8ufHubVitX7r6ows9j3 6ND084uen2Ldsqp+D8l4BQSTLtZvErInQynRCLQeMA+charXZbd1b8qjbgfdOMgjlAkeBA 1Jt23QsnxhZ7y8T4VhaqeEV2s2URWvnSdl2oCls/2YKmCi/paBqRxofwCgyJy7Sbl/vVfc sblJjvPVbu4o/+mfW/xW0HiXruiTvsKUkhIWvEYxPAQfk6pDryAkkTSh0ntDpD0wGWlyI/ zER/5uPP00RCDEP5vNKfdA+EYNOoBmrdFLBWpNigViY1/DTNNEpNDVhfWAEPIg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZybR3w4Qz19j0 for ; Wed, 10 Jun 2026 07:49:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 468a3 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 07:49:23 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 4df539cc3864 - stable/14 - pfdenied: fix checking root anchor List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 4df539cc3864f45e980774ac77238e0781b930d7 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 07:49:23 +0000 Message-Id: <6a291703.468a3.67bfa4fd@gitrepo.freebsd.org> The branch stable/14 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=4df539cc3864f45e980774ac77238e0781b930d7 commit 4df539cc3864f45e980774ac77238e0781b930d7 Author: Kristof Provost AuthorDate: 2026-06-03 08:49:31 +0000 Commit: Kristof Provost CommitDate: 2026-06-10 07:49:01 +0000 pfdenied: fix checking root anchor pfctl doesn't like empty anchors (-a ''), but we can specify the root anchor as '/' too, so do that instead. PR: 295324 Tested by: Paweł Krawczyk MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 3d9cd10b2857ee7a9ec1b04457d9ec44f614d32c) --- usr.sbin/periodic/etc/security/520.pfdenied | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/periodic/etc/security/520.pfdenied b/usr.sbin/periodic/etc/security/520.pfdenied index 9852936257bc..ddf32e5a34b4 100755 --- a/usr.sbin/periodic/etc/security/520.pfdenied +++ b/usr.sbin/periodic/etc/security/520.pfdenied @@ -41,7 +41,7 @@ rc=0 if check_yesno_period security_status_pfdenied_enable then TMP=`mktemp -t security` - for _a in "" $(pfctl -a "blacklistd" -sA 2>/dev/null) ${security_status_pfdenied_additionalanchors} + for _a in "/" $(pfctl -a "blacklistd" -sA 2>/dev/null) ${security_status_pfdenied_additionalanchors} do pfctl -a "${_a}" -sr -v -z 2>/dev/null | \ nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' >> ${TMP} From nobody Wed Jun 10 07:49:19 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZybS68LSz6hJRZ for ; Wed, 10 Jun 2026 07:49:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gZybS4z6Gz3RYV for ; Wed, 10 Jun 2026 07:49:24 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781077764; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nFTjraTsF9tNoU7ojFGzClX7P84FcyKy/thSvvnmUgI=; b=lXK8atEusZ27ONPFXZrsPq69CdzFrQq3jl8ykAA0HIV/wMzESr1B3mFfCx9xmhbmpVNl1N 8GBj96mYW3JOYzjnrX2upvLdSnQllx0oAubBCL31HHQz3NQ8j7ZpjgsRfsaEYZq50OHWQR JWxBFr5K09VOSPkif/r8Q1OiJkQ+pziaNEvlM+e23NOqMpkvaE5JOzvkrYLycE83QQp2sd U1Wyfrq8Q2AZT1bZaaZXLRNpg5qeBPddFhjDChDC8akYNIGwu33gEu8ixlhfOb+IA1Z4Vy 7CXYAZy+3ZNuRZx1xBjB+3e9nsHc7yRC1G4rLOgJcdiFPEFjFhY+idAWB5xhwA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781077764; a=rsa-sha256; cv=none; b=AtaaF7IjryQqsmYVN00pI2QXvRyXOsEKWCvKhZs2Jqnia0plC6ndXzZDt67hHJEEX+ACGa YBwe6fA5CFQJSmlciD/WOBNvCMNhWeWtalMEKeU4pidSsQVs6rIXD9zVd4OQjTFqBGRUqb rgAZLAkerKp8ZxuL9saIlK9rZhHbVtsWsb75fPPDxF5JTuu0qUvF1HY5iKouTerfD/XUVC umJtEeV5z4MtxIBsu/zuDxg1VISaxvAT5MbTFusjAcWco3UwzqutEJJv5sVOz4F0Z2934G nJwKQN0i9CJF2yDOs+gYDyIyZOcVY/4w0PQcdBNxnql5S7y5SaS6HNRAzW5y6A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781077764; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nFTjraTsF9tNoU7ojFGzClX7P84FcyKy/thSvvnmUgI=; b=CTiPWtgiPKvAswlmcoTRJAQjl1QJ4eeV0bwKRxGK6E1BxaVXDVqIf+rkjol1388nTTMSE/ 1m8k1LfJyMZFkdB3shDPpajCh3NG47vmmLp9h0nrf9mcNVlJXRQ202ukrnqdIoe+jswG5l B4LWOF4EdkkustUXJyUbDQN6sgzq8nco1KD35mugOhgvLduDmABmduu75LrHy2+f6TjH57 n/fmJmDWeUrEUCUJTnTjDkoM6siNVpvSx91rbGeKfHHl+A1ad9hp0ZzUHEazGLfQVbqeub vEWzwhzRL6sBD8ylTH/sISaNEGjRXF5FewFhdVNC6BuOHiWwOXw8tgeL+f4kZA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gZybS4Vh3z19kH for ; Wed, 10 Jun 2026 07:49:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 45539 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 07:49:19 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: b0f75189f6cb - stable/15 - pfdenied: fix checking root anchor List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: b0f75189f6cbaf288173d679b6600e3250c07c3d Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 07:49:19 +0000 Message-Id: <6a2916ff.45539.3bf753c7@gitrepo.freebsd.org> The branch stable/15 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=b0f75189f6cbaf288173d679b6600e3250c07c3d commit b0f75189f6cbaf288173d679b6600e3250c07c3d Author: Kristof Provost AuthorDate: 2026-06-03 08:49:31 +0000 Commit: Kristof Provost CommitDate: 2026-06-10 07:47:49 +0000 pfdenied: fix checking root anchor pfctl doesn't like empty anchors (-a ''), but we can specify the root anchor as '/' too, so do that instead. PR: 295324 Tested by: Paweł Krawczyk MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 3d9cd10b2857ee7a9ec1b04457d9ec44f614d32c) --- usr.sbin/periodic/etc/security/520.pfdenied | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/periodic/etc/security/520.pfdenied b/usr.sbin/periodic/etc/security/520.pfdenied index d87dfa0ae64c..a3cddf30d726 100755 --- a/usr.sbin/periodic/etc/security/520.pfdenied +++ b/usr.sbin/periodic/etc/security/520.pfdenied @@ -41,7 +41,7 @@ rc=0 if check_yesno_period security_status_pfdenied_enable then TMP=`mktemp -t security` - for _a in "" $(pfctl -a "blacklistd" -sA 2>/dev/null) $(pfctl -a "blocklistd" -sA 2>/dev/null) ${security_status_pfdenied_additionalanchors} + for _a in "/" $(pfctl -a "blacklistd" -sA 2>/dev/null) $(pfctl -a "blocklistd" -sA 2>/dev/null) ${security_status_pfdenied_additionalanchors} do pfctl -a "${_a}" -sr -v -z 2>/dev/null | \ nawk '{if (/^block/) {buf=$0; getline; gsub(" +"," ",$0); if ($5 > 0) print buf$0;} }' >> ${TMP} From nobody Wed Jun 10 11:37:55 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb3gF1MhSz6fxbD for ; Wed, 10 Jun 2026 11:38:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb3gF0p28z3tvn for ; Wed, 10 Jun 2026 11:38:01 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781091481; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=g7u3T/d87hwYbjggFqL+yxJuhL5/SmrDMCUwipDGKV0=; b=Tsq+ICdeikzKwVy+GJcWFcmlSEwAiFJDKzj0nyptdW1avTo07xPcYeRYJO871e7a/q6gWI oFUm0QJ4sfFLCAmhVAXHUeEIdd4CajgZIQf4kMgbLi3OZjCCqH+C+7yYa0J/DEYaIwCpXm Bl5gbFUXyh++yMMU/1qCXgDw6ofL1GTkv7DLINoanZdtrsf4ValCXZ3p5wOrmoaHpSrjPw 3Odf3EKysUUWt+2oWcm5NuEYnHxECR+oMdTmSpUAbaGxawpkcoezXIUSp8bu3VgNzkK2As sGjfr9XL2TDbewNmC8GREtOCj8YoH+GmuwXVST7hZ6YbSJWrqJwikVHz7nQurQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781091481; a=rsa-sha256; cv=none; b=KMPR9z8B50YGCoejRf1oPFxeVJdIIGTsH9PiLSi/Sh7hspFqRCxQEXbANAEKn9Ib3KPWou 4gM3lDOjjGkQB8s/+/YelppU0M3ulRBHzRTPs17BHET/525Td0UJze8avxATcXEYDv5VOn ZGmADdi6n/LHtx379KgcGH6vrZjJoRHyWkZF6GXdnkLw82hKJId8BHQvWTwkT7NkAHOYqQ nNLmfLuEapMc8a6/hHPMqXS3nMIMDFurIvVJaGxCfC3YxqKx+ZbUqVbjOyPJ+f8vf7zgX0 jA0GEVeb0NmC4efe3TfH2Bijz6Ztq0EOnfDWBdDOHXRDLRyjGgHysJ5OhrlkKw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781091481; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=g7u3T/d87hwYbjggFqL+yxJuhL5/SmrDMCUwipDGKV0=; b=GEhPu6cCijx+dzulV0yc/OOtnbmdYdjx2lonsbD8BWH1PZVdUNy9Lhll3z1BmECpJDpWSB T5/PVzkxrRIYQOPhW4luCi2uRZqvVuXzqYUtvHopEa0mwzRvISgm84Y63RIM1NESXJV452 dbWklC+byZS21+QCTvJcCgbZ4cCmarNeazw+pALWEfLq6bks8lMvZW0zdo6Yz/Wu3HO2qK QHDuqc/lDSemWjYTZH4MYbHaRg0E4ZxfDIkpYDsF7T+ngtJ75PLGdvbkiNbTtVjeikFzcJ 3oN9rerx2cVAVfhdoh7hfvTb5wUqFNRpaomTNGtVsJavSHuX272JBidzJevz0Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb3gF0DMbz1J6l for ; Wed, 10 Jun 2026 11:38:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3615e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 11:37:55 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: 9b48646ab366 - main - kern_fork: guard against NULL newproc on the failure path List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 9b48646ab366dcf6089fac653eef963331aa1169 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 11:37:55 +0000 Message-Id: <6a294c93.3615e.728a1016@gitrepo.freebsd.org> The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=9b48646ab366dcf6089fac653eef963331aa1169 commit 9b48646ab366dcf6089fac653eef963331aa1169 Author: Konstantin Belousov AuthorDate: 2026-06-10 10:29:05 +0000 Commit: Konstantin Belousov CommitDate: 2026-06-10 11:37:23 +0000 kern_fork: guard against NULL newproc on the failure path Reported and tested by: pho Fixes: 85a65e393092 ("proc: add tree ref count") Sponsored by: The FreeBSD Foundation MFC after: 1 week --- sys/kern/kern_fork.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c index 5318a737ea35..26e2510698e2 100644 --- a/sys/kern/kern_fork.c +++ b/sys/kern/kern_fork.c @@ -1132,7 +1132,8 @@ fail1: fail2: if (vm2 != NULL) vmspace_free(vm2); - PROC_TREE_UNREF(newproc); + if (newproc != NULL) + PROC_TREE_UNREF(newproc); if ((flags & RFPROCDESC) != 0 && fp_procdesc != NULL) { fdclose(td, fp_procdesc, *fr->fr_pd_fd); fdrop(fp_procdesc, td); From nobody Wed Jun 10 12:36:05 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yF3c1cz6g4Fp for ; Wed, 10 Jun 2026 12:36:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yF1Mgcz4388 for ; Wed, 10 Jun 2026 12:36:05 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094965; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Ardc+UgelOXYJgqHPjT1iwkrGrkjcMVkY0NK2lKwGeY=; b=JcDY7UuAV7+U7YxyRqbw3FHM81COZgNZZWourKZ0wPGcxyBb+PnbqzOeHNy2d3scg4BPab s6jDtru5xqdwH950Yca2j5Akrz/Kgh0sKunzbJfq0utUocoeT6pUNtATIG0uS5xCjuMsYY JfyppuFmn3BHkQNJX4GRRkvEtrcRZTKgFgAb/EHqUJoMgyDtHmOAdWUCnJn06rD1bsy0RR t2KWXj37b5uhq168YtG6fbIVf70jhtoGpRHJ65i3iyBZbgEzUM2OCseBsSH0Gvw1/5wxJf 3W+fHYje7gPvpz8yzQgY57wBwGnM2zXGX5SvYcLla0RAClvL4Ix1u9IjJt8WYw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094965; a=rsa-sha256; cv=none; b=bDj/EDKwm8vLzfoAnOlF64oDRDfoLh1MqOBCEl0XTkl9hFXMpzWK/CHRMMdGYAhTcGC70N UVgqLaagtVnXmOb/okMlgdh4ybzTryRrcD1HvqrEFzvKE4E/orhP3TQeqSauW/Er42rLJl 6HMpsViXlCYs9AAvQZ+3IShd9BB0iqrrLhN7eQADyg0Bw4Qty1cfo+Qp938p4NPK2rB2Cg lhqmwhg80tb51ua+Z2PfBBAmYeaukx2K3FC66RQuJC/vYs5/nMDQIZVmgwUoZ+9TF7OLHd f/k7F8SyU4WPndmuc8r6WOuDt+nu9YWJdkxI733UqYuXnm2DIIsZxPpp9U6Cvg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094965; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Ardc+UgelOXYJgqHPjT1iwkrGrkjcMVkY0NK2lKwGeY=; b=Ws+lROdUX8zkHNi5g85pp/Z/2TDiFDpkDT+FUU5AOfoivUL/VgyRjI3ntuOvCAuyCVlLrT GWCMmv2Xquy2s3Jgln/lEO6MMAMZAOKUwcOroP+QJ8Y0hqonxp/OX9j+Nk8fAzUMAe2nb1 JeJJ4k1/X6arCBBysJklaUJL8b4iIZg0MbbDVXf57w9l5/Ne+14RVHo3Ng83nElnBVtV7x 5adIcCcF1HVdQ3kVtHsb94F4X6sHM/sFNMyyIUo6CzqtRnE1RjAeet1QOqlHqIroIZ0aSQ nZkHPLsAU3j20uWQ/XltKx16pKuw77J5LuksP0QZg2X9h9Q6EoNgnrTzFJiVSw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yF0dRgz1KXl for ; Wed, 10 Jun 2026 12:36:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e007 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:05 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: ykla From: Warner Losh Subject: git: 9a6a2e4b7d20 - main - Warn if hostname is empty List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 9a6a2e4b7d203fe9c5ea4f335564f4797bb29a01 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:05 +0000 Message-Id: <6a295a35.3e007.778624b0@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=9a6a2e4b7d203fe9c5ea4f335564f4797bb29a01 commit 9a6a2e4b7d203fe9c5ea4f335564f4797bb29a01 Author: ykla AuthorDate: 2025-05-18 00:19:06 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:02 +0000 Warn if hostname is empty Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/1700 --- usr.sbin/bsdinstall/scripts/hostname | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/usr.sbin/bsdinstall/scripts/hostname b/usr.sbin/bsdinstall/scripts/hostname index 19df8885893b..ec58ad5dfe66 100755 --- a/usr.sbin/bsdinstall/scripts/hostname +++ b/usr.sbin/bsdinstall/scripts/hostname @@ -54,7 +54,7 @@ msg_freebsd_installer="$OSNAME Installer" msg_ok="OK" msg_please_choose_a_hostname="Please choose a hostname for this machine.\n\nIf you are running on a managed network, please ask\nyour network administrator for an appropriate name." msg_set_hostname="Set Hostname" - +msg_empty_hostname_warning="The hostname is currently empty. This is not recommended, as many network services rely on a valid hostname. Are you sure you want to continue?" # # Command strings for various tasks # @@ -97,10 +97,35 @@ f_dialog_title "$msg_set_hostname" f_dialog_backtitle "$msg_freebsd_installer" # -# Get user input +# Get user input and Warn if hostname is empty # -HOSTNAME=$( dialog_hostname "$HOSTNAME" ) -[ $? -eq $DIALOG_CANCEL ] && exit 1 +while :; do + HOSTNAME=$(dialog_hostname "$HOSTNAME") + [ $? -eq $DIALOG_CANCEL ] && exit 1 + + if [ -z "$HOSTNAME" ]; then + if [ "$USE_XDIALOG" ]; then + yes=yes no=no defaultno=defaultno + extra_args="--wrap --left" + else + yes=yes no=no defaultno=defaultno + extra_args="--colors --cr-wrap" + fi + + $DIALOG \ + --title "$DIALOG_TITLE" \ + --backtitle "$DIALOG_BACKTITLE" \ + --defaultno \ + --yes-label "$yes" \ + --no-label "$no" \ + $extra_args \ + --yesno "$msg_empty_hostname_warning" 0 0 + + [ $? -ne 0 ] && continue + fi + + break +done # # Store the user's choice From nobody Wed Jun 10 12:36:03 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yF01CVz6g49p for ; Wed, 10 Jun 2026 12:36:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yD2DBRz43DW for ; Wed, 10 Jun 2026 12:36:04 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094964; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=FIoIFyTrq64Ey+Xdaf7l8KwrlXUL9Oow8hP3VcA4lAk=; b=KpqJKlS7wX3t5XLQ6b7NLGhr0ARX9FtTAiKFVL0CtL9yl6PEJtvWFkWDcwSqgn6zf1ybss vLyIT8HemgURFdwDTY9C5a2MyOl/ht73t3CEDmiKsBdeKB3gBbVfuMWML4h47AI1PYcO+d ZC8S/0Q9lL2tZUfrP98mY5qRlTSenXy5G4SmSgKxstb3BZAsomGCkJuZ8DbP7spe3XukRY 2qyJGuNGyApRo6Ur3YXY91OeIZIQpjsbuyajeVWLI8UypW4IV0vOwrQwixJoV+XDEouv4t WhmIidygPHhnUip0Ca8vMH1H/dL2XY5ePhHnOw8AnlDqyGM8Jd0I3juEq6BCeQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094964; a=rsa-sha256; cv=none; b=mo5EUDpjnhYSyj37uiJw0JYj2Co7WO7Uv+K13kUiA1QocuO8XSjNN5NfXEvmFcFHItqf3x ozXMwUVw3F3wqfK+Y/1DzVBlByxfxQIo/0rzz8A7PZV7zZNOHzqnbi2z+zZ6r//heyn3BL 3DiBBwTuxMyASIRFrjkyTxFvA7bs9QMU8sI+d6099lY2F3KpUWEbf2HjDP14LGpMc2jvLh hG2Qo3WfuSctEYP1yDxPxdHdxSnf+s17TgDFovtuLe+2mAy2uwj1hoaNgx+yDQt5XSLgfl 5SQv/ElGaVgDUI6r/4PjeWbvPEbkZudvCK2sxTjnNTg8CvEW2u4Ye9VcJLIPhg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094964; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=FIoIFyTrq64Ey+Xdaf7l8KwrlXUL9Oow8hP3VcA4lAk=; b=K8KeVGKfs8krOIJtB6YzQsJCrwmWptCDekUziXSX3GA2i9NOSqMYqqaSp4Av1lb0IOJFPY eCW9f8fi7Ky40Rg2YIHhSweo0+5X8BX1iQ83BwwE/X6kDhsc+s/jN9DZ0xxmaSqKxZi9Tu DrcdSea07K1n2VyY+tQUHrDm/e5bx1b2ioT3mcw1WyI2IaNsYapGQ/1E9GTQHgGZTGWdQP NQtyClCATYOlgpsSaH88Uic48h9DZ2EuF9bqV4WOKKFOA+igbTHqJrcH+TuTkt2g06Xikc 8R3l8A3jNfaoqKT4yzaHx7VIY9otFphtukb3Xt7c+6G6BIByTsm3p30TGsOrhg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yD0fgQz1K9Z for ; Wed, 10 Jun 2026 12:36:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c5e2 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:03 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Phil Krylov From: Warner Losh Subject: git: a62eaf71ddb7 - main - bsdinstall(8): Fix GPT label conflicts with disks not managed by us List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: a62eaf71ddb7463cf51d2be8be6506befbcfff8d Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:03 +0000 Message-Id: <6a295a33.3c5e2.4e095571@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=a62eaf71ddb7463cf51d2be8be6506befbcfff8d commit a62eaf71ddb7463cf51d2be8be6506befbcfff8d Author: Phil Krylov AuthorDate: 2025-06-22 02:39:30 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:02 +0000 bsdinstall(8): Fix GPT label conflicts with disks not managed by us Signed-off-by: Phil Krylov Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/1735 --- usr.sbin/bsdinstall/scripts/zfsboot | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/usr.sbin/bsdinstall/scripts/zfsboot b/usr.sbin/bsdinstall/scripts/zfsboot index a973b03d17fd..dbf7e19c6f5b 100755 --- a/usr.sbin/bsdinstall/scripts/zfsboot +++ b/usr.sbin/bsdinstall/scripts/zfsboot @@ -242,6 +242,7 @@ ZPOOL_SET='zpool set %s "%s"' hline_alnum_arrows_punc_tab_enter="Use alnum, arrows, punctuation, TAB or ENTER" hline_arrows_space_tab_enter="Use arrows, SPACE, TAB or ENTER" hline_arrows_tab_enter="Press arrows, TAB or ENTER" +msg_all_possible_gpt_labels_already_taken="All possible GPT labels already taken" msg_an_unknown_error_occurred="An unknown error occurred" msg_back="Back" msg_cancel="Cancel" @@ -840,6 +841,24 @@ zfs_create_diskpart() case "$ZFSBOOT_PARTITION_SCHEME" in ""|GPT*) f_dprintf "$funcname: Creating GPT layout..." + # + # 0. Check for potential GPT label conflicts with disks not + # managed by us and adjust $index accordingly + # + while [ -e /dev/gpt/efiboot$index ] || + [ -e /dev/gpt/gptboot$index ] || + [ -e /dev/gpt/boot$index ] || + [ -e /dev/gpt/swap$index ] || + [ -e /dev/gpt/zfs$index ]; do + index=$(( $index + 1 )) + if [ $index -ge 4096 ]; then + f_dprintf "$funcname: all possible GPT labels already taken" + msg_error="$msg_error: $funcname" f_show_err \ + "$msg_all_possible_gpt_labels_already_taken" + return $FAILURE + fi + done + # # 1. Create GPT layout using labels # From nobody Wed Jun 10 12:36:06 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yG3mQ5z6g40b for ; Wed, 10 Jun 2026 12:36:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yG14DDz43GV for ; Wed, 10 Jun 2026 12:36:06 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094966; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nQnz3Ryl+LT7aM7cIe561KPMKjZYttgXqlPqTEqYWPI=; b=BI0c+rhhy2TbrWgu5oVtBhCVZqPqMHHmwSiNLWcNlI2pmszwJTcxBQZt0jk+OW8RdGq+T/ vUR2P85F9KpuJNuL3WVx04kW4sWpKXQn2qniebvTP8SUBSFFmbb7eiGVOu2Ed6+gC+2vzi mdkspgVhSdTAUQSaGoo+6NsLVlLsHuLgWTviC3L9YKxnWMUE1JVzh98k3ayDhvgwfaigUE ZRA+ACBvbmSZ8k/WrKxrNeEq078X+Wfb8weG9PXWJS06ISvmxiw4FWZUlAoXPnmamG6288 j6GJ9ZvQ/fyY47BpH1qlRrUqpsR7WYSCEHdn3HawxfJcwvvECgMuXoG6w7AVCw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094966; a=rsa-sha256; cv=none; b=nsKieH6+n+7UdhQ4un8iOXqOCj7GT6PsPg4iJsYlXWUUFk3MTxdJ1tVgtK8qnhvd34SSlv U8e8oPzmPAOkaZQg9vCKZkJo8wZSTVuTgVmTwMV1Lerc5VsoHtJwAzSElGS/hPYuFrB0ba KdWynOwW+gFuuSBe8Sncn+Yi4fpk90NcgmYm4i2KDWx1ie9wLhWMUpfn+Cw0I/cRvqbyKH HmkgtMGi1jlac/rzxQNktLstkwP6xAqNgerlq8pIOIwATwet8togs6UCe/LfKvTDBeJWeq ZIrnr76XlHHQEZZXPcM/NqQDYngwzaYyeANAzOyaCu52B13DCSuBv8gkpxlOoQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094966; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=nQnz3Ryl+LT7aM7cIe561KPMKjZYttgXqlPqTEqYWPI=; b=Wn/xvcuWke6JEgMkRwbpReIo7hZLPY5kF3/z+crLAnkFy7l+QYAyoLEJoJsOBGh4l3tgjj 1LPcbIxM7xM+rM2eW5aFn7EYsErvQ8tNdIQF6UgprNab7BQb+v/vFDadPeVInAXUG5ufJz kDGchUW0eZwurPDTmoaGYDtRr4Ia5qDOTepLrEeFwgL2Ba3VJ/2XjtVbV9j8lyiw68sn86 Rq4cT19xqQJk1z4wX2UZ3fHxkDdJ5gCiGypRNUT/g4J3uNqW6QN6tXyVksNTlSgzPUHOaY q6/PsnOi1MFH2YaON0+etoPI9Glh7LCeO/ulfKejMzcsMdMH8AWrnHTGDAkmRA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yG0fymz1Kdh for ; Wed, 10 Jun 2026 12:36:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3de77 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:06 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: K Rin From: Warner Losh Subject: git: 6b61852b4f00 - main - mac_portacl: do not reject unspecific family directly List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 6b61852b4f000431eb83ce26584da806f64d4643 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:06 +0000 Message-Id: <6a295a36.3de77.3d036d67@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=6b61852b4f000431eb83ce26584da806f64d4643 commit 6b61852b4f000431eb83ce26584da806f64d4643 Author: K Rin AuthorDate: 2025-04-12 02:28:52 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:02 +0000 mac_portacl: do not reject unspecific family directly Reviewed by: imp,emaste Pull Request: https://github.com/freebsd/freebsd-src/pull/1659 --- sys/security/mac_portacl/mac_portacl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/security/mac_portacl/mac_portacl.c b/sys/security/mac_portacl/mac_portacl.c index b3a5e06c0e2a..1cbfcad83acf 100644 --- a/sys/security/mac_portacl/mac_portacl.c +++ b/sys/security/mac_portacl/mac_portacl.c @@ -452,7 +452,8 @@ socket_check_bind(struct ucred *cred, struct socket *so, return (0); /* Reject addresses we don't understand; fail closed. */ - if (sa->sa_family != AF_INET && sa->sa_family != AF_INET6) + if (sa->sa_family != AF_UNSPEC && sa->sa_family != AF_INET && + sa->sa_family != AF_INET6) return (EINVAL); family = so->so_proto->pr_domain->dom_family; From nobody Wed Jun 10 12:36:07 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yH4CCSz6g4Cb for ; Wed, 10 Jun 2026 12:36:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yH1wwRz438B for ; Wed, 10 Jun 2026 12:36:07 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094967; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Hdmf0eJ9++0e4VZ2w084m7w/cjcmrJXIcNY6MKRMF5o=; b=QaK4YEVUWeehhooZaO96MdvnyeDBevkhGsCVYLGo3AK7vfDsCKgBYYwZ1y3H8STCpC2rOU bMcpKMQIGD+Ytwl0fAW6uZmkMWU1dCrmVufi9VbGewz21YsbtGmJPqjdkedVdGmS9FxtgU UzAqTW7G25burrd+wwbQKp8/kHQ+M48EarWbrjQaM6ZP5tkWAaQBkvs2LWxrW3UyqOk2oQ jmpYC40p+5qK7ejdi8cg1I7oLWPRy+XfN1VWtktd5pzpM4VRExLcPaq7ldBikj+LvH0jep uFpfC8ZgGNcvNegLgrSVEAKpnQHTfPLfapqdFVFpzTGNISEiAnP+yIdhoQGHaw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094967; a=rsa-sha256; cv=none; b=pkz2Bskg2HbWxZwkHlyOWGLveZwz4NoUpGQ5hIaewH4NCAf8XJTwEZfkzYPGD5xI9/SqLK 6Z8mGNwbmZvZHxGorzDSQUc6lHoNDBxqpN7+YdB3M2nO6u4BB3gsA/cX0tCiosO0h46PlO A0MWimgOioIYi2NhfYNSRSUK1dvckO7l6CZU8vaNveGiwq57SlXXu2UhCH+Irhaxf2kLl0 1je6tLYYpXD2YjmhkZy8MhDjQsORpkkte5p0j0GrSukVJKfevHQlZbLJ0DQ/ipu3siFJNB 9Ou0VChY3kInheuBHQfS3J90oWrMJGCJ0JvGnz+uBvLGv7fcjPbZYNWoK80BaA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094967; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Hdmf0eJ9++0e4VZ2w084m7w/cjcmrJXIcNY6MKRMF5o=; b=Gr4pxEpkfHrpR6Wiho0W9KbtgI1shfNJGL5qUGKkqjgzItdiyK6vp33zy6guVqNCIaBicg PL6n9q+Af4WQnsk1IeAOtpP06vH7uo1oh8fyM8hkwvFaXazzRu6BX8x8GKritY2drYK0T6 w0/42bxcMcrA14Kn1Grw0Am1ngk09jiTc710tJfzb2GeMNGhp7x9ljayYAOUsR28DcANiC z3lPsn54ogkkL5pvkdAI90m68RL9MF2c5rFlxTmWbA030PW9jklO6tEqaHaGrpl+1PEIZv rnwW9rcdw8xEDW7cbP7aWUmt4h90YEzpOnQ/28EvTj5LfI7WERpO3OQiTI0zSQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yH1PvBz1KXp for ; Wed, 10 Jun 2026 12:36:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3c925 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:07 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: K Rin From: Warner Losh Subject: git: ce08af63788d - main - mac_portacl tests: rewrite the test program and test unspecific family. List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: ce08af63788da219c0c5826fc3f2345fb2ce29f4 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:07 +0000 Message-Id: <6a295a37.3c925.67cb7b66@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=ce08af63788da219c0c5826fc3f2345fb2ce29f4 commit ce08af63788da219c0c5826fc3f2345fb2ce29f4 Author: K Rin AuthorDate: 2025-04-12 03:05:47 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:03 +0000 mac_portacl tests: rewrite the test program and test unspecific family. Reviewed by: imp,emaste Pull Request: https://github.com/freebsd/freebsd-src/pull/1659 --- tests/sys/mac/portacl/Makefile | 2 ++ tests/sys/mac/portacl/bind.c | 60 ++++++++++++++++++++++++++++++++++++++++++ tests/sys/mac/portacl/misc.sh | 55 ++++++++++++++++++++++---------------- 3 files changed, 94 insertions(+), 23 deletions(-) diff --git a/tests/sys/mac/portacl/Makefile b/tests/sys/mac/portacl/Makefile index 2b0f4634c802..2ae55d30f7fc 100644 --- a/tests/sys/mac/portacl/Makefile +++ b/tests/sys/mac/portacl/Makefile @@ -1,9 +1,11 @@ PACKAGE= tests TESTSDIR= ${TESTSBASE}/sys/mac/portacl +BINDIR= ${TESTSDIR} ${PACKAGE}FILES+= misc.sh +PROGS+= bind TAP_TESTS_SH+= nobody_test TAP_TESTS_SH+= root_test diff --git a/tests/sys/mac/portacl/bind.c b/tests/sys/mac/portacl/bind.c new file mode 100644 index 000000000000..1cb64ba23b81 --- /dev/null +++ b/tests/sys/mac/portacl/bind.c @@ -0,0 +1,60 @@ +#include +#include +#include +#include +#include +#include +#include +#include + +int main(int argc, char *argv[]) +{ + if (argc < 5) { + fprintf(stderr, "Usage: %s family host protocol port\n", argv[0]); + return 1; + } + int family = atoi(argv[1]); + const char *host = argv[2]; + const char *protocol = argv[3]; + const char *port = argv[4]; + int sock_type; + if (strcmp(protocol, "tcp") == 0) + sock_type = SOCK_STREAM; + else if (strcmp(protocol, "udp") == 0) + sock_type = SOCK_DGRAM; + else { + fprintf(stderr, "Unsupported protocol: %s\n", protocol); + return 1; + } + struct addrinfo hints, *res; + memset(&hints, 0, sizeof(hints)); + hints.ai_family = family; + hints.ai_socktype = sock_type; + hints.ai_flags = AI_PASSIVE; + int err = getaddrinfo(host, port, &hints, &res); + if (err != 0) { + fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(err)); + return 1; + } + int sock = socket(res->ai_family, res->ai_socktype, res->ai_protocol); + if (sock < 0) { + freeaddrinfo(res); + return 1; + } + int opt = 1; + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt)); + if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) { + if (errno == EACCES || errno == EPERM) + printf("bind_error: permission denied.\n"); + else + printf("bind error: %s\n", strerror(errno)); + close(sock); + freeaddrinfo(res); + return 1; + } + printf("ok\n"); + close(sock); + freeaddrinfo(res); + return 0; +} + diff --git a/tests/sys/mac/portacl/misc.sh b/tests/sys/mac/portacl/misc.sh index 4d3f18fce1c1..da022556a854 100644 --- a/tests/sys/mac/portacl/misc.sh +++ b/tests/sys/mac/portacl/misc.sh @@ -1,5 +1,17 @@ #!/bin/sh +dir=`dirname $0` + +sysctl security.mac.portacl >/dev/null 2>&1 +if [ $? -ne 0 ]; then + echo "1..0 # SKIP MAC_PORTACL is unavailable." + exit 0 +fi +if [ $(id -u) -ne 0 ]; then + echo "1..0 # SKIP testcases must be run as root" + exit 0 +fi + ntest=1 check_bind() { @@ -15,32 +27,29 @@ check_bind() { [ "${proto}" = "udp" ] && udpflag="-u" - out=$( - case "${idtype}" in - uid|gid) - ( echo -n | su -m ${name} -c "nc ${udpflag} -l -w ${timeout} $host $port" 2>&1 ) & - ;; - jail) - kill $$ - ;; - *) - kill $$ - esac - sleep 0.3 - echo | nc ${udpflag} -w ${timeout} $host $port >/dev/null 2>&1 - wait - ) - case "${out}" in - "nc: Permission denied"*|"nc: Operation not permitted"*) - echo fl + case "${idtype}" in + uid|gid) + su -m ${name} -c "${dir}/bind 0 ${host} ${proto} ${port}" > /dev/null # unspec + retval1=$? + su -m ${name} -c "${dir}/bind 2 ${host} ${proto} ${port}" > /dev/null # inet + retval2=$? + if [ $retval1 -ne $retval2 ]; then + echo inconsistent + return + fi + if [ $retval1 -ne 0 ]; then + echo fl + return + fi ;; - "") - echo ok + jail) + kill $$ ;; *) - echo ${out} - ;; + kill $$ esac + + echo ok } bind_test() { @@ -57,7 +66,7 @@ bind_test() { out=$(check_bind ${idtype} ${name} ${proto} ${port}) if [ "${out}" = "${expect_without_rule}" ]; then echo "ok ${ntest}" - elif [ "${out}" = "ok" -o "${out}" = "fl" ]; then + elif [ "${out}" = "ok" -o "${out}" = "fl" -o "${out}" = "inconsistent" ]; then echo "not ok ${ntest} # '${out}' != '${expect_without_rule}'" else echo "not ok ${ntest} # unexpected output: '${out}'" From nobody Wed Jun 10 12:36:02 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yJ3Y2Dz6g45L for ; Wed, 10 Jun 2026 12:36:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yJ1C6Mz42v9 for ; Wed, 10 Jun 2026 12:36:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094968; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=87zNTx+DOupLS/dm+oSqepGT5wJe4sV8JvjwKigjoss=; b=o8Nu+h3OlZ3wY+sQKLDGj7t7n2rDLXixzKOZ3U+JdaXuBipvMdNOK7+lvPcIpJ32J0Gr1H 4jD8wNjVsk1Mbp+dvypkfFi1iB/4UV2ehr1PRo/UkCLpxILodcH16nOjgwVBh9I32prqto WpdM6vyDMiVQbgV4d61aEoKyVYalem2U7uEaiVFxY/zZw04cCSQoo4NAnW/EOx95SS3+JA xy9yeoSpWJ4ORzTINhk7eZvIObCjFVMHP0CYn8/sOKH8iUraeyJa2we2VuK4WW68o6ID86 nB5NNrvzG69hVbneHCxYMjZGFjByV5scj767tA2WpDBO9e4PQjF6ngAs7gThVg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094968; a=rsa-sha256; cv=none; b=bZluRqd217gz4HY6XgSCBhdZTD7mcnkfdMwY5ASiE7uFdOqr+UopQikVL6vYRvMAhhNmbF GqPLS3PWlaIF/W/fE1wpc6XCKet2exdgs1u+qmI73IJ2SbZJgjJHEKfvdK3RehcaR2jvE+ KixeQ7+UAoMgo93ljYOQhVQwG6wLKP3HkjkKyrguJuHMAWpOFaTlndcPU5cjD6afv3xWo5 lVU3clQY37EZ9mBrJKTYcUxpIUKp2OV2Z3dGHTcNJz9ZhrZNwXPyLkjkHz3OkRdW0kf6Fn dO7ikevt+lAT1MFflB+5qnynYPctr3NGGAeCv9vupz+rkdFBpM6uP7pdPPpf/g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094968; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=87zNTx+DOupLS/dm+oSqepGT5wJe4sV8JvjwKigjoss=; b=uR1JI0q2ID/8BCBtFF0TegTa+7a6UMYzXLD4Jiw10VEIPAfzco3A5OY50hlmEm8kFlw7gf 1qK4PZg5GFMasBGFP/Bptvnu2x4Ohf2g9L3DYqBMlsEXkWRBXHLG2SbSov+uNnOMWey0A5 Z7M1rwE59EDmweYU3HTxbp7dceZuvDjtDnV/6J9BrRuatrJ/4HMQ7Xz1ybQG0PJszRzv73 yPTGrh4dy3pdnBdwHmDCKSdWAPtFr8zA2vFZqVfeYR1gfhk9TIkHvbniYHTdwz3yB0Ffqc BEu6vUMUeg25slW8nQ3u/yQqWDdE1dXuTzlqL2k842tbY4tHyY8fly2cruzeDQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yJ0bvgz1Kdk for ; Wed, 10 Jun 2026 12:36:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3e002 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:02 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: androvonx95 From: Warner Losh Subject: git: 925f53682469 - main - improve renice user error messages List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 925f53682469ea12c017b48114b16e8f1627fb0b Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:02 +0000 Message-Id: <6a295a32.3e002.31d3fa83@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=925f53682469ea12c017b48114b16e8f1627fb0b commit 925f53682469ea12c017b48114b16e8f1627fb0b Author: androvonx95 AuthorDate: 2025-07-15 18:01:28 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:02 +0000 improve renice user error messages Improve error handling for invalid user names and UIDs in renice: - Use warnx() and err() for consistent error reporting - Set errno = EINVAL for invalid input - Provide clearer error messages for invalid user names and UIDs - Add test cases for invalid user input Signed-off-by: androvonx95 Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/1768 --- usr.bin/renice/renice.c | 31 +++++++++++++++++--- usr.bin/renice/tests/renice_test.sh | 57 +++++++++++++++++++++++++++++++++++++ 2 files changed, 84 insertions(+), 4 deletions(-) diff --git a/usr.bin/renice/renice.c b/usr.bin/renice/renice.c index 4931a39c0f67..240ddf54134c 100644 --- a/usr.bin/renice/renice.c +++ b/usr.bin/renice/renice.c @@ -97,6 +97,7 @@ main(int argc, char *argv[]) if ((pwd = getpwnam(*argv)) != NULL) who = pwd->pw_uid; else if (getnum("uid", *argv, &who)) { + warnx("invalid uid: %s", *argv); errs++; continue; } else if (who < 0) { @@ -106,6 +107,7 @@ main(int argc, char *argv[]) } } else { if (getnum("pid", *argv, &who)) { + warnx("invalid pid: %s", *argv); errs++; continue; } @@ -126,11 +128,27 @@ static int donice(int which, int who, int prio, bool incr) { int oldprio; + const char *who_type; + + switch (which) { + case PRIO_PROCESS: + who_type = "process"; + break; + case PRIO_PGRP: + who_type = "process group"; + break; + case PRIO_USER: + who_type = "user"; + break; + default: + who_type = "unknown"; + break; + } errno = 0; oldprio = getpriority(which, who); if (oldprio == -1 && errno) { - warn("%d: getpriority", who); + warnx("%s %d: getpriority failed", who_type, who); return (1); } if (incr) @@ -140,11 +158,16 @@ donice(int which, int who, int prio, bool incr) if (prio < PRIO_MIN) prio = PRIO_MIN; if (setpriority(which, who, prio) < 0) { - warn("%d: setpriority", who); + if (errno == EPERM) { + warnx("Permission denied: cannot set priority for %s %d", + who_type, who); + return (1); + } + warnx("%s %d: setpriority failed", who_type, who); return (1); } - fprintf(stderr, "%d: old priority %d, new priority %d\n", who, - oldprio, prio); + fprintf(stderr, "%s %d: old priority %d, new priority %d\n", who_type, + who, oldprio, prio); return (0); } diff --git a/usr.bin/renice/tests/renice_test.sh b/usr.bin/renice/tests/renice_test.sh index 7983eb594716..116f1be60fe9 100755 --- a/usr.bin/renice/tests/renice_test.sh +++ b/usr.bin/renice/tests/renice_test.sh @@ -51,6 +51,50 @@ renice_rel_pid_body() { kill $pid } +atf_test_case renice_invalid_priority +renice_invalid_priority_head() { + atf_set "descr" "Verify handling of invalid priority values" +} +renice_invalid_priority_body() { + local pid + sleep 60 & + pid=$! + + # Test out of range priority + atf_check -s exit:1 -e match:"numeric value out of range" renice 100000 $pid + atf_check -s exit:1 -e match:"numeric value out of range" renice -100000 $pid + + # Test invalid priority format + atf_check -s exit:1 -e match:"invalid numeric value" renice "abc" $pid + atf_check -s exit:1 -e match:"invalid numeric value" renice "12.3" $pid + + kill $pid +} + +atf_test_case renice_permission_denied +renice_permission_denied_head() { + atf_set "descr" "Verify handling of permission denied cases" +} +renice_permission_denied_body() { + local pid + sleep 60 & + pid=$! + + # Test permission denied with non-root user + atf_check -s exit:1 -e match:"Permission denied: cannot set priority" renice -n 10 $pid + + kill $pid +} + +atf_test_case renice_nonexistent_process +renice_nonexistent_process_head() { + atf_set "descr" "Verify handling of non-existent process" +} +renice_nonexistent_process_body() { + # Test with a non-existent PID + atf_check -s exit:1 -e match:"process 999999 not found" renice 10 999999 +} + atf_test_case renice_abs_pgid renice_abs_pgid_head() { atf_set "descr" "Set a process group's nice number to an absolute value" @@ -115,6 +159,18 @@ renice_rel_user_body() { kill $pid } +atf_test_case renice_invalid_user +renice_invalid_user_head() { + atf_set "descr" "Verify handling of invalid user names" +} +renice_invalid_user_body() { + # Test with non-existent user name + atf_check -s exit:1 -e match:"Invalid user name or UID: nonexist" renice 10 -u nonexist + + # Test with invalid UID + atf_check -s exit:1 -e match:"Invalid UID: -1" renice 10 -u -1 +} + atf_test_case renice_delim renice_delim_head() { atf_set "descr" "Test various delimiter positions" @@ -169,6 +225,7 @@ atf_init_test_cases() { atf_add_test_case renice_rel_pgid atf_add_test_case renice_abs_user atf_add_test_case renice_rel_user + atf_add_test_case renice_invalid_user atf_add_test_case renice_delim atf_add_test_case renice_incr_noarg } From nobody Wed Jun 10 12:36:08 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yK3JdWz6g41c for ; Wed, 10 Jun 2026 12:36:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yJ3zKYz43MK for ; Wed, 10 Jun 2026 12:36:08 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094968; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=OpvDN+7BO5evwO3Wc5ZQFJk3mYniMxWgO/nL6faISmY=; b=uZzaY/QkdsTWi4kx0Ix45rUajuVVRSCrHxS2m/L2o4Y8jBjotu2a7CuZqQeyvEUv/Jmgwo Zcem5u893nIbrkjHfSa4PWcBaR5ROOBzfixWDIQBrxdsH+QZW4YQeh+v3x584imKw80w9b i2BDwAeSjTbNRm9KNLw5IXUZ25a7X1YzhhJwUVkuCtHOZ8UDh9yPxagEOqWacuZyqDNkdb E9awZHWgepWWxzRFcBRzxa95H9fit8sMMQjyo5HNtFdQprP912A7QU7BQpdFIU7hkVqOw7 zZGdNhHuI3CXul8eFDXvaD5plpqjeJlH/JhZzOxr2/hPuabufcS+ZGSl14UskA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094968; a=rsa-sha256; cv=none; b=pnVYPASSw7Ct87Dh4u2KEq38r6PaCZCp/MOrrLOhYz87foqI2K79cj5K32pIqDw33cncRf XZf8wfjNJkzE8bxnTfEjCK1PaAw/+hLRVHLMm6ZV2qFF0MX6OuW/EAqw7kq4XPszPjc1hS dX9djVtMSe9sIRN/jMTi00EDeoCeHTmnNVxjE6ja8/21E8LpmEbKtWK7cN0qGoeXtB43Jz BflfOMd4TIJiQoMhCz29nbSuZdaLtcoikARTveEqK9UiWVnNfc4C8zOzgqs+rDeBVijV6w KxRlXzF5MmEgfktFitLzFLhQRqTGTX8zmNAK34pVEL56fK5WL3PlxTLuKXPCfQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094968; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=OpvDN+7BO5evwO3Wc5ZQFJk3mYniMxWgO/nL6faISmY=; b=UlMffk77qcjefYxlpTab5EXI2AqUR5bC+u9ft8CpS7ZE+D4jjpQaOOHxifxWnr+CkixFIR kiNPH5n1nl4KDDZ/jLXasP3mdpwkHN4MAWnREkS+TUnk2SDmR+iSODUhUtm7/pYSGgONjl emNrd75Ty+9Aml5+tdctg82Vd5YNQhCdRT+tCWf3mOGAdH/CF7dzflt+DkrYYH1nmMrQ/m H2wyVg+xVaiH2J6E2foOgr/OLZ7+4DwyM/449aiBaPezDUu1Qarz8aPADWcPDox6+d0+6i qVxflgB/90c8nJA3F2gTNTJPRYe/ScmAocvDOJFVOwfcS3SvWNF51cUN5CVfqw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yJ2NdBz1Jb6 for ; Wed, 10 Jun 2026 12:36:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3cf5a by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:08 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: K Rin From: Warner Losh Subject: git: 85e449cfcfdf - main - libc/tests: copy ieeefp tests out from contrib/netbsd-tests and rename them as FreeBSD test convention. List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 85e449cfcfdf3a3ea99bae7fed9f3cd436eb21ec Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:08 +0000 Message-Id: <6a295a38.3cf5a.437a3d38@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=85e449cfcfdf3a3ea99bae7fed9f3cd436eb21ec commit 85e449cfcfdf3a3ea99bae7fed9f3cd436eb21ec Author: K Rin AuthorDate: 2025-04-10 02:33:21 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:03 +0000 libc/tests: copy ieeefp tests out from contrib/netbsd-tests and rename them as FreeBSD test convention. Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/1656 --- lib/libc/tests/gen/Makefile | 6 +- lib/libc/tests/gen/fpclassify_test.c | 206 +++++++++++++++++++ lib/libc/tests/gen/fpsetmask_test.c | 369 +++++++++++++++++++++++++++++++++++ lib/libc/tests/gen/fpsetround_test.c | 163 ++++++++++++++++ 4 files changed, 741 insertions(+), 3 deletions(-) diff --git a/lib/libc/tests/gen/Makefile b/lib/libc/tests/gen/Makefile index 97b32827a66a..395171a86bac 100644 --- a/lib/libc/tests/gen/Makefile +++ b/lib/libc/tests/gen/Makefile @@ -6,6 +6,7 @@ ATF_TESTS_C+= dlopen_empty_test ATF_TESTS_C+= fmtcheck2_test ATF_TESTS_C+= fmtmsg_test ATF_TESTS_C+= fnmatch2_test +ATF_TESTS_C+= fpclassify_test ATF_TESTS_C+= fpclassify2_test .if ${COMPILER_FEATURES:Mblocks} ATF_TESTS_C+= fts_blocks_test @@ -16,6 +17,8 @@ ATF_TESTS_C+= fts_open_test ATF_TESTS_C+= fts_options_test ATF_TESTS_C+= fts_regress_test ATF_TESTS_C+= fts_set_test +ATF_TESTS_C+= fpsetmask_test +ATF_TESTS_C+= fpsetround_test ATF_TESTS_C+= ftw_test ATF_TESTS_C+= getentropy_test ATF_TESTS_C+= getmntinfo_test @@ -68,9 +71,6 @@ NETBSD_ATF_TESTS_C+= cpuset_test NETBSD_ATF_TESTS_C+= dir_test NETBSD_ATF_TESTS_C+= floatunditf_test NETBSD_ATF_TESTS_C+= fnmatch_test -NETBSD_ATF_TESTS_C+= fpclassify_test -NETBSD_ATF_TESTS_C+= fpsetmask_test -NETBSD_ATF_TESTS_C+= fpsetround_test NETBSD_ATF_TESTS_C+= ftok_test NETBSD_ATF_TESTS_C+= getcwd_test NETBSD_ATF_TESTS_C+= getgrent_test diff --git a/lib/libc/tests/gen/fpclassify_test.c b/lib/libc/tests/gen/fpclassify_test.c new file mode 100644 index 000000000000..21dea9e8fee7 --- /dev/null +++ b/lib/libc/tests/gen/fpclassify_test.c @@ -0,0 +1,206 @@ +/* $NetBSD: t_fpclassify.c,v 1.3 2011/10/01 21:47:08 christos Exp $ */ + +/*- + * Copyright (c) 2011 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include + +#include +#include +#include +#include + +#ifndef _FLOAT_IEEE754 + +ATF_TC(no_test); +ATF_TC_HEAD(no_test, tc) +{ + atf_tc_set_md_var(tc, "descr", "Dummy test"); +} + +ATF_TC_BODY(no_test,tc) +{ + atf_tc_skip("Test not available on this architecture"); +} + +#else /* defined(_FLOAT_IEEE754) */ + +ATF_TC(fpclassify_float); +ATF_TC_HEAD(fpclassify_float, tc) +{ + + atf_tc_set_md_var(tc, "descr", "Test float operations"); +} + +ATF_TC_BODY(fpclassify_float, tc) +{ + float d0, d1, d2, f, ip; + int e, i; + + d0 = FLT_MIN; + ATF_REQUIRE_EQ(fpclassify(d0), FP_NORMAL); + f = frexpf(d0, &e); + ATF_REQUIRE_EQ(e, FLT_MIN_EXP); + ATF_REQUIRE_EQ(f, 0.5); + d1 = d0; + + /* shift a "1" bit through the mantissa (skip the implicit bit) */ + for (i = 1; i < FLT_MANT_DIG; i++) { + d1 /= 2; + ATF_REQUIRE_EQ(fpclassify(d1), FP_SUBNORMAL); + ATF_REQUIRE(d1 > 0 && d1 < d0); + + d2 = ldexpf(d0, -i); + ATF_REQUIRE_EQ(d2, d1); + + d2 = modff(d1, &ip); + ATF_REQUIRE_EQ(d2, d1); + ATF_REQUIRE_EQ(ip, 0); + + f = frexpf(d1, &e); + ATF_REQUIRE_EQ(e, FLT_MIN_EXP - i); + ATF_REQUIRE_EQ(f, 0.5); + } + + d1 /= 2; + ATF_REQUIRE_EQ(fpclassify(d1), FP_ZERO); + f = frexpf(d1, &e); + ATF_REQUIRE_EQ(e, 0); + ATF_REQUIRE_EQ(f, 0); +} + +ATF_TC(fpclassify_double); +ATF_TC_HEAD(fpclassify_double, tc) +{ + + atf_tc_set_md_var(tc, "descr", "Test double operations"); +} + +ATF_TC_BODY(fpclassify_double, tc) +{ + double d0, d1, d2, f, ip; + int e, i; + + d0 = DBL_MIN; + ATF_REQUIRE_EQ(fpclassify(d0), FP_NORMAL); + f = frexp(d0, &e); + ATF_REQUIRE_EQ(e, DBL_MIN_EXP); + ATF_REQUIRE_EQ(f, 0.5); + d1 = d0; + + /* shift a "1" bit through the mantissa (skip the implicit bit) */ + for (i = 1; i < DBL_MANT_DIG; i++) { + d1 /= 2; + ATF_REQUIRE_EQ(fpclassify(d1), FP_SUBNORMAL); + ATF_REQUIRE(d1 > 0 && d1 < d0); + + d2 = ldexp(d0, -i); + ATF_REQUIRE_EQ(d2, d1); + + d2 = modf(d1, &ip); + ATF_REQUIRE_EQ(d2, d1); + ATF_REQUIRE_EQ(ip, 0); + + f = frexp(d1, &e); + ATF_REQUIRE_EQ(e, DBL_MIN_EXP - i); + ATF_REQUIRE_EQ(f, 0.5); + } + + d1 /= 2; + ATF_REQUIRE_EQ(fpclassify(d1), FP_ZERO); + f = frexp(d1, &e); + ATF_REQUIRE_EQ(e, 0); + ATF_REQUIRE_EQ(f, 0); +} + +/* + * XXX NetBSD doesn't have long-double flavors of frexp, ldexp, and modf, + * XXX so this test is disabled. + */ + +#ifdef TEST_LONG_DOUBLE + +ATF_TC(fpclassify_long_double); +ATF_TC_HEAD(fpclassify_long_double, tc) +{ + + atf_tc_set_md_var(tc, "descr", "Test long double operations"); +} + +ATF_TC_BODY(fpclassify_long_double, tc) +{ + long double d0, d1, d2, f, ip; + int e, i; + + d0 = LDBL_MIN; + ATF_REQUIRE_EQ(fpclassify(d0), FP_NORMAL); + f = frexpl(d0, &e); + ATF_REQUIRE_EQ(e, LDBL_MIN_EXP); + ATF_REQUIRE_EQ(f, 0.5); + d1 = d0; + + /* shift a "1" bit through the mantissa (skip the implicit bit) */ + for (i = 1; i < LDBL_MANT_DIG; i++) { + d1 /= 2; + ATF_REQUIRE_EQ(fpclassify(d1), FP_SUBNORMAL); + ATF_REQUIRE(d1 > 0 && d1 < d0); + + d2 = ldexpl(d0, -i); + ATF_REQUIRE_EQ(d2, d1); + + d2 = modfl(d1, &ip); + ATF_REQUIRE_EQ(d2, d1); + ATF_REQUIRE_EQ(ip, 0); + + f = frexpl(d1, &e); + ATF_REQUIRE_EQ(e, LDBL_MIN_EXP - i); + ATF_REQUIRE_EQ(f, 0.5); + } + + d1 /= 2; + ATF_REQUIRE_EQ(fpclassify(d1), FP_ZERO); + f = frexpl(d1, &e); + ATF_REQUIRE_EQ(e, 0); + ATF_REQUIRE_EQ(f, 0); +} +#endif /* TEST_LONG_DOUBLE */ +#endif /* _FLOAT_IEEE754 */ + +ATF_TP_ADD_TCS(tp) +{ + +#ifndef _FLOAT_IEEE754 + ATF_TP_ADD_TC(tp, no_test); +#else + ATF_TP_ADD_TC(tp, fpclassify_float); + ATF_TP_ADD_TC(tp, fpclassify_double); +#ifdef TEST_LONG_DOUBLE + ATF_TP_ADD_TC(tp, fpclassify_long_double); +#endif /* TEST_LONG_DOUBLE */ +#endif /* _FLOAT_IEEE754 */ + + return atf_no_error(); +} diff --git a/lib/libc/tests/gen/fpsetmask_test.c b/lib/libc/tests/gen/fpsetmask_test.c new file mode 100644 index 000000000000..1c2d9316e5a7 --- /dev/null +++ b/lib/libc/tests/gen/fpsetmask_test.c @@ -0,0 +1,369 @@ +/* $NetBSD: t_fpsetmask.c,v 1.16 2016/03/12 11:55:14 martin Exp $ */ + +/*- + * Copyright (c) 1995 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include + +#include + +#include +#include +#include +#include +#include +#include + +#ifndef _FLOAT_IEEE754 + +ATF_TC(no_test); +ATF_TC_HEAD(no_test, tc) +{ + + atf_tc_set_md_var(tc, "descr", "Dummy test case"); +} + +ATF_TC_BODY(no_test, tc) +{ + + atf_tc_skip("Test not available on this architecture."); +} + +#else /* defined(_FLOAT_IEEE754) */ + +#include + +#if __arm__ && !__SOFTFP__ + /* + * Some NEON fpus do not implement IEEE exception handling, + * skip these tests if running on them and compiled for + * hard float. + */ +#define FPU_PREREQ() \ + if (0 == fpsetmask(fpsetmask(FP_X_INV))) \ + atf_tc_skip("FPU does not implement exception handling"); +#endif + +#ifndef FPU_PREREQ +#define FPU_PREREQ() /* nothing */ +#endif + +void sigfpe(int, siginfo_t *, void *); + +volatile sig_atomic_t signal_caught; +volatile int sicode; + +static volatile const float f_one = 1.0; +static volatile const float f_zero = 0.0; +static volatile const double d_one = 1.0; +static volatile const double d_zero = 0.0; +static volatile const long double ld_one = 1.0; +static volatile const long double ld_zero = 0.0; + +static volatile const float f_huge = FLT_MAX; +static volatile const float f_tiny = FLT_MIN; +static volatile const double d_huge = DBL_MAX; +static volatile const double d_tiny = DBL_MIN; +static volatile const long double ld_huge = LDBL_MAX; +static volatile const long double ld_tiny = LDBL_MIN; + +static volatile float f_x; +static volatile double d_x; +static volatile long double ld_x; + +/* trip divide by zero */ +static void +f_dz(void) +{ + + f_x = f_one / f_zero; +} + +static void +d_dz(void) +{ + + d_x = d_one / d_zero; +} + +static void +ld_dz(void) +{ + + ld_x = ld_one / ld_zero; +} + +/* trip invalid operation */ +static void +d_inv(void) +{ + + d_x = d_zero / d_zero; +} + +static void +ld_inv(void) +{ + + ld_x = ld_zero / ld_zero; +} + +static void +f_inv(void) +{ + + f_x = f_zero / f_zero; +} + +/* trip overflow */ +static void +f_ofl(void) +{ + + f_x = f_huge * f_huge; +} + +static void +d_ofl(void) +{ + + d_x = d_huge * d_huge; +} + +static void +ld_ofl(void) +{ + + ld_x = ld_huge * ld_huge; +} + +/* trip underflow */ +static void +f_ufl(void) +{ + + f_x = f_tiny * f_tiny; +} + +static void +d_ufl(void) +{ + + d_x = d_tiny * d_tiny; +} + +static void +ld_ufl(void) +{ + + ld_x = ld_tiny * ld_tiny; +} + +struct ops { + void (*op)(void); + fp_except mask; + int sicode; +}; + +static const struct ops float_ops[] = { + { f_dz, FP_X_DZ, FPE_FLTDIV }, + { f_inv, FP_X_INV, FPE_FLTINV }, + { f_ofl, FP_X_OFL, FPE_FLTOVF }, + { f_ufl, FP_X_UFL, FPE_FLTUND }, + { NULL, 0, 0 } +}; + +static const struct ops double_ops[] = { + { d_dz, FP_X_DZ, FPE_FLTDIV }, + { d_inv, FP_X_INV, FPE_FLTINV }, + { d_ofl, FP_X_OFL, FPE_FLTOVF }, + { d_ufl, FP_X_UFL, FPE_FLTUND }, + { NULL, 0, 0 } +}; + +static const struct ops long_double_ops[] = { + { ld_dz, FP_X_DZ, FPE_FLTDIV }, + { ld_inv, FP_X_INV, FPE_FLTINV }, + { ld_ofl, FP_X_OFL, FPE_FLTOVF }, + { ld_ufl, FP_X_UFL, FPE_FLTUND }, + { NULL, 0, 0 } +}; + +static sigjmp_buf b; + +static void +fpsetmask_masked(const struct ops *test_ops) +{ + struct sigaction sa; + fp_except ex1, ex2; + const struct ops *t; + + /* mask all exceptions, clear history */ + fpsetmask(0); + fpsetsticky(0); + + /* set up signal handler */ + sa.sa_sigaction = sigfpe; + sigemptyset(&sa.sa_mask); + sa.sa_flags = SA_SIGINFO; + sigaction(SIGFPE, &sa, 0); + signal_caught = 0; + + /* + * exceptions masked, check whether "sticky" bits are set correctly + */ + for (t = test_ops; t->op != NULL; t++) { + (*t->op)(); + ex1 = fpgetsticky(); + ATF_CHECK_EQ(ex1 & t->mask, t->mask); + ATF_CHECK_EQ(signal_caught, 0); + + /* check correct fpsetsticky() behaviour */ + ex2 = fpsetsticky(0); + ATF_CHECK_EQ(fpgetsticky(), 0); + ATF_CHECK_EQ(ex1, ex2); + } +} + +/* force delayed exceptions to be delivered */ +#define BARRIER() fpsetmask(0); f_x = f_one * f_one + +static void +fpsetmask_unmasked(const struct ops *test_ops) +{ + struct sigaction sa; + int r; + const struct ops *volatile t; + + /* mask all exceptions, clear history */ + fpsetmask(0); + fpsetsticky(0); + + /* set up signal handler */ + sa.sa_sigaction = sigfpe; + sigemptyset(&sa.sa_mask); + sa.sa_flags = SA_SIGINFO; + sigaction(SIGFPE, &sa, 0); + signal_caught = 0; + + /* + * exception unmasked, check SIGFPE delivery and correct siginfo + */ + for (t = test_ops; t->op != NULL; t++) { + fpsetmask(t->mask); + r = sigsetjmp(b, 1); + if (!r) { + (*t->op)(); + BARRIER(); + } + ATF_CHECK_EQ(signal_caught, 1); + ATF_CHECK_EQ(sicode, t->sicode); + signal_caught = 0; + } +} + +void +sigfpe(int s, siginfo_t *si, void *c) +{ + signal_caught = 1; + sicode = si->si_code; + siglongjmp(b, 1); +} + +#define TEST(m, t) \ + ATF_TC(m##_##t); \ + \ + ATF_TC_HEAD(m##_##t, tc) \ + { \ + \ + atf_tc_set_md_var(tc, "descr", \ + "Test " ___STRING(m) " exceptions for " \ + ___STRING(t) "values"); \ + } \ + \ + ATF_TC_BODY(m##_##t, tc) \ + { \ + \ + FPU_PREREQ(); \ + \ + if (strcmp(MACHINE, "macppc") == 0) \ + atf_tc_expect_fail("PR port-macppc/46319"); \ + \ + if (isQEMU()) \ + atf_tc_expect_fail("PR misc/44767"); \ + \ + m(t##_ops); \ + } + +TEST(fpsetmask_masked, float) +TEST(fpsetmask_masked, double) +TEST(fpsetmask_masked, long_double) +TEST(fpsetmask_unmasked, float) +TEST(fpsetmask_unmasked, double) +TEST(fpsetmask_unmasked, long_double) + +ATF_TC(fpsetmask_basic); +ATF_TC_HEAD(fpsetmask_basic, tc) +{ + atf_tc_set_md_var(tc, "descr", "A basic test of fpsetmask(3)"); +} + +ATF_TC_BODY(fpsetmask_basic, tc) +{ + size_t i; + fp_except_t msk, lst[] = { FP_X_INV, FP_X_DZ, FP_X_OFL, FP_X_UFL }; + + FPU_PREREQ(); + + msk = fpgetmask(); + for (i = 0; i < __arraycount(lst); i++) { + fpsetmask(msk | lst[i]); + ATF_CHECK((fpgetmask() & lst[i]) != 0); + fpsetmask(msk & ~lst[i]); + ATF_CHECK((fpgetmask() & lst[i]) == 0); + } + +} + +#endif /* defined(_FLOAT_IEEE754) */ + +ATF_TP_ADD_TCS(tp) +{ + +#ifndef _FLOAT_IEEE754 + ATF_TP_ADD_TC(tp, no_test); +#else + ATF_TP_ADD_TC(tp, fpsetmask_basic); + ATF_TP_ADD_TC(tp, fpsetmask_masked_float); + ATF_TP_ADD_TC(tp, fpsetmask_masked_double); + ATF_TP_ADD_TC(tp, fpsetmask_masked_long_double); + ATF_TP_ADD_TC(tp, fpsetmask_unmasked_float); + ATF_TP_ADD_TC(tp, fpsetmask_unmasked_double); + ATF_TP_ADD_TC(tp, fpsetmask_unmasked_long_double); +#endif + + return atf_no_error(); +} diff --git a/lib/libc/tests/gen/fpsetround_test.c b/lib/libc/tests/gen/fpsetround_test.c new file mode 100644 index 000000000000..0f23e74e57c8 --- /dev/null +++ b/lib/libc/tests/gen/fpsetround_test.c @@ -0,0 +1,163 @@ +/* $NetBSD: t_fpsetround.c,v 1.6 2011/10/01 17:46:10 christos Exp $ */ + +/*- + * Copyright (c) 2011 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Christos Zoulas. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the NetBSD + * Foundation, Inc. and its contributors. + * 4. Neither the name of The NetBSD Foundation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#include +__RCSID("$NetBSD: t_fpsetround.c,v 1.6 2011/10/01 17:46:10 christos Exp $"); + +#include +#include +#include +#include +#include + +#include + +ATF_TC(fpsetround_basic); +ATF_TC_HEAD(fpsetround_basic, tc) +{ + + atf_tc_set_md_var(tc, "descr", + "Minimal testing of fpgetround(3) and fpsetround(3)"); +} + +#ifdef _FLOAT_IEEE754 +#include + +static const struct { + const char *n; + int rm; + int rf; +} rnd[] = { + { "RN", FP_RN, 1 }, + { "RP", FP_RP, 2 }, + { "RM", FP_RM, 3 }, + { "RZ", FP_RZ, 0 }, + +}; + +static const struct { + const char *n; + int v[4]; +} tst[] = { /* RN RP RM RZ */ + { "1.1", { 1, 1, 2, 1 } }, + { "1.5", { 1, 2, 2, 1 } }, + { "1.9", { 1, 2, 2, 1 } }, + { "2.1", { 2, 2, 3, 2 } }, + { "2.5", { 2, 2, 3, 2 } }, + { "2.9", { 2, 3, 3, 2 } }, + { "-1.1", { -1, -1, -1, -2 } }, + { "-1.5", { -1, -2, -1, -2 } }, + { "-1.9", { -1, -2, -1, -2 } }, + { "-2.1", { -2, -2, -2, -3 } }, + { "-2.5", { -2, -2, -2, -3 } }, + { "-2.9", { -2, -3, -2, -3 } }, +}; + +static const char * +getname(int r) +{ + for (size_t i = 0; i < __arraycount(rnd); i++) + if (rnd[i].rm == r) + return rnd[i].n; + return "*unknown*"; +} + +static void +test(int r) +{ + int did = 0; + for (size_t i = 0; i < __arraycount(tst); i++) { + double d = strtod(tst[i].n, NULL); + int g = (int)rint(d); + int e = tst[i].v[r]; + ATF_CHECK_EQ(g, e); + if (g != e) { + if (!did) { + fprintf(stderr, "Mode Value Result Expected\n"); + did = 1; + } + fprintf(stderr, "%4.4s %-5.5s %6d %8d\n", rnd[r].n, + tst[i].n, (int)rint(d), tst[i].v[r]); + } + } +} +#endif + + +ATF_TC_BODY(fpsetround_basic, tc) +{ + +#ifndef _FLOAT_IEEE754 + atf_tc_skip("Test not applicable on this architecture."); +#else + int r; + + ATF_CHECK_EQ(r = fpgetround(), FP_RN); + if (FP_RN != r) + fprintf(stderr, "default expected=%s got=%s\n", getname(FP_RN), + getname(r)); + ATF_CHECK_EQ(FLT_ROUNDS, 1); + + for (size_t i = 0; i < __arraycount(rnd); i++) { + const size_t j = (i + 1) & 3; + const int o = rnd[i].rm; + const int n = rnd[j].rm; + + ATF_CHECK_EQ(r = fpsetround(n), o); + if (o != r) + fprintf(stderr, "set %s expected=%s got=%s\n", + getname(n), getname(o), getname(r)); + ATF_CHECK_EQ(r = fpgetround(), n); + if (n != r) + fprintf(stderr, "get expected=%s got=%s\n", getname(n), + getname(r)); + ATF_CHECK_EQ(r = FLT_ROUNDS, rnd[j].rf); + if (r != rnd[j].rf) + fprintf(stderr, "rounds expected=%x got=%x\n", + rnd[j].rf, r); + test(r); + } +#endif /* _FLOAT_IEEE754 */ +} + +ATF_TP_ADD_TCS(tp) +{ + + ATF_TP_ADD_TC(tp, fpsetround_basic); + + return atf_no_error(); +} From nobody Wed Jun 10 12:36:09 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yL4YH8z6g4Ck for ; Wed, 10 Jun 2026 12:36:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yK4T8zz43Dj for ; Wed, 10 Jun 2026 12:36:09 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094969; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WBuC/TBiDQFEZZAFpm8K4JuJRIbjMq8bJ7OTqddG8u8=; b=cJufRwAujB4jwcnuse//Fh1x/zVsrqt3omeFYHgi6yvxRCNtVVlOV4mU2Q0OAyM6+sqRkX ELfSpzsWtovX4JKTCa7QqLp1F8lRWxt6V/ch4wAjycoxH5XiOF/V2DMcdT2CZLgtBuG4i4 s0cCKgZfTDoAXfgOg3v8Hu+1nw/TWm3d4AvBb+hIgAgh32SuIjmGhlNWP+/fXm8bjgyc5f bw4+Yy8HFaOx3tBHi++2E/IakVf9OaWdbL2BTWngPEX67c/cb0N/EEqo91o717YkgdPLp1 WV2yC8OdS3ToqaKsM22j4pEZneJ21XvtygTBywGNyiiqA0AP4Y2kydQjbeqdkQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094969; a=rsa-sha256; cv=none; b=nr7cxekEe9EAm6fIjAPvHTcHilKJXpE2toCfI4y7/r4TtlV8/x2IWAPIwN7/sa0bPbtFy6 eFII1oRZkS+U2+bYGScfc3kGzDgYgbBTthfTlVLSRJUcodmCk1GGPE7SltKJ1H0yQxj1Hc BA3eUjLS3zEuZuYBGxgg03wBFYy2cvvXoHCPSPwGSj76xJyfrH7SDyFYqw1Kaw4z+H8uav FDBsTyyghl5Zib5DaKHnfnEgMOaeAjtdmmwPzmmTwiHZ0afFHVMCGSCntMEEdE+Yl9xWSv IIff3WsuDaKUW2TMgxF9jZeMmtdMOORtaeprzBhGqbl6eyb1U9HLbBEAhS5rcA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094969; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=WBuC/TBiDQFEZZAFpm8K4JuJRIbjMq8bJ7OTqddG8u8=; b=RcFy1FzhJoYroTZ+qD1UeRGHCwVDikb62ON5E5QerF+9Qhw2HttLDkhCEXYBoiPaGzjzQo VoAe7JYlnf2jx1GzEuGckY0MszR60h/74OU1vPVmsj0xTfts9yQ/RpInapbLQ7mxG6FFql 4xmzRMECE/rTEf7WM22S/LiiiBiTjwg4oB9APaqsjJ04vj2Z7GABGMTKMf5CaakhXjIv9Y v7o2gXZ/BEtBwfqLZuosLN+q9fyrwjm7Y/Pm8VaR4bMk8hZBBucQ6//3x8IrppLJiVtiU3 iruLBSqB8T/vudc4FF8QE//HNLuwMKDi4nxWR9vUMkkMzmcchdqwO7bCpG0AzQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yK3D01z1KZt for ; Wed, 10 Jun 2026 12:36:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3df28 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:09 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: K Rin From: Warner Losh Subject: git: 2671607f1b5c - main - libc/tests: Enable fpsetround_basic which was never triggered since ported. List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 2671607f1b5c6e787eb754b0d291a2b5e28e8ac9 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:09 +0000 Message-Id: <6a295a39.3df28.4072fc80@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=2671607f1b5c6e787eb754b0d291a2b5e28e8ac9 commit 2671607f1b5c6e787eb754b0d291a2b5e28e8ac9 Author: K Rin AuthorDate: 2025-04-10 04:34:47 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:03 +0000 libc/tests: Enable fpsetround_basic which was never triggered since ported. Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/1656 --- lib/libc/tests/gen/fpclassify_test.c | 13 ++++++----- lib/libc/tests/gen/fpsetmask_test.c | 42 ++++++++++++++++++++++-------------- lib/libc/tests/gen/fpsetround_test.c | 7 +++--- 3 files changed, 38 insertions(+), 24 deletions(-) diff --git a/lib/libc/tests/gen/fpclassify_test.c b/lib/libc/tests/gen/fpclassify_test.c index 21dea9e8fee7..ed573b9e2b57 100644 --- a/lib/libc/tests/gen/fpclassify_test.c +++ b/lib/libc/tests/gen/fpclassify_test.c @@ -33,7 +33,7 @@ #include #include -#ifndef _FLOAT_IEEE754 +#ifndef __i386__ ATF_TC(no_test); ATF_TC_HEAD(no_test, tc) @@ -46,7 +46,10 @@ ATF_TC_BODY(no_test,tc) atf_tc_skip("Test not available on this architecture"); } -#else /* defined(_FLOAT_IEEE754) */ +#else /* defined(__i386__) */ + +#undef LDBL_MANT_DIG +#define LDBL_MANT_DIG DBL_MANT_DIG ATF_TC(fpclassify_float); ATF_TC_HEAD(fpclassify_float, tc) @@ -187,12 +190,12 @@ ATF_TC_BODY(fpclassify_long_double, tc) ATF_REQUIRE_EQ(f, 0); } #endif /* TEST_LONG_DOUBLE */ -#endif /* _FLOAT_IEEE754 */ +#endif /* __i386__ */ ATF_TP_ADD_TCS(tp) { -#ifndef _FLOAT_IEEE754 +#ifndef __i386__ ATF_TP_ADD_TC(tp, no_test); #else ATF_TP_ADD_TC(tp, fpclassify_float); @@ -200,7 +203,7 @@ ATF_TP_ADD_TCS(tp) #ifdef TEST_LONG_DOUBLE ATF_TP_ADD_TC(tp, fpclassify_long_double); #endif /* TEST_LONG_DOUBLE */ -#endif /* _FLOAT_IEEE754 */ +#endif /* __i386__ */ return atf_no_error(); } diff --git a/lib/libc/tests/gen/fpsetmask_test.c b/lib/libc/tests/gen/fpsetmask_test.c index 1c2d9316e5a7..377e42be1469 100644 --- a/lib/libc/tests/gen/fpsetmask_test.c +++ b/lib/libc/tests/gen/fpsetmask_test.c @@ -37,7 +37,7 @@ #include #include -#ifndef _FLOAT_IEEE754 +#ifndef __i386__ ATF_TC(no_test); ATF_TC_HEAD(no_test, tc) @@ -52,9 +52,16 @@ ATF_TC_BODY(no_test, tc) atf_tc_skip("Test not available on this architecture."); } -#else /* defined(_FLOAT_IEEE754) */ +#else /* defined(__i386__) */ #include +#ifndef ___STRING +#define ___STRING(x) #x +#endif +#ifndef __arraycount +#define __arraycount(x) (sizeof(x) / sizeof((x)[0])) +#endif + #if __arm__ && !__SOFTFP__ /* @@ -142,8 +149,8 @@ f_inv(void) static void f_ofl(void) { - f_x = f_huge * f_huge; + printf("%f %f %Lf", f_x, d_x, ld_x); // avoid compiler optimization } static void @@ -151,6 +158,7 @@ d_ofl(void) { d_x = d_huge * d_huge; + printf("%f %f %Lf", f_x, d_x, ld_x); // avoid compiler optimization } static void @@ -158,33 +166,34 @@ ld_ofl(void) { ld_x = ld_huge * ld_huge; + printf("%f %f %Lf", f_x, d_x, ld_x); // avoid compiler optimization } /* trip underflow */ static void f_ufl(void) { - f_x = f_tiny * f_tiny; + printf("%f %f %Lf", f_x, d_x, ld_x); // avoid compiler optimization } static void d_ufl(void) { - d_x = d_tiny * d_tiny; + printf("%f %f %Lf", f_x, d_x, ld_x); // avoid compiler optimization } static void ld_ufl(void) { - ld_x = ld_tiny * ld_tiny; + printf("%f %f %Lf", f_x, d_x, ld_x); // avoid compiler optimization } struct ops { void (*op)(void); - fp_except mask; + fp_except_t mask; int sicode; }; @@ -218,12 +227,12 @@ static void fpsetmask_masked(const struct ops *test_ops) { struct sigaction sa; - fp_except ex1, ex2; + fp_except_t ex1, ex2; const struct ops *t; /* mask all exceptions, clear history */ fpsetmask(0); - fpsetsticky(0); + fpresetsticky(~0); /* set up signal handler */ sa.sa_sigaction = sigfpe; @@ -241,8 +250,8 @@ fpsetmask_masked(const struct ops *test_ops) ATF_CHECK_EQ(ex1 & t->mask, t->mask); ATF_CHECK_EQ(signal_caught, 0); - /* check correct fpsetsticky() behaviour */ - ex2 = fpsetsticky(0); + /* check correct fpresetsticky() behaviour */ + ex2 = fpresetsticky(~0); ATF_CHECK_EQ(fpgetsticky(), 0); ATF_CHECK_EQ(ex1, ex2); } @@ -260,7 +269,7 @@ fpsetmask_unmasked(const struct ops *test_ops) /* mask all exceptions, clear history */ fpsetmask(0); - fpsetsticky(0); + fpresetsticky(~0); /* set up signal handler */ sa.sa_sigaction = sigfpe; @@ -275,13 +284,16 @@ fpsetmask_unmasked(const struct ops *test_ops) for (t = test_ops; t->op != NULL; t++) { fpsetmask(t->mask); r = sigsetjmp(b, 1); + printf("r = %d\n", r); if (!r) { (*t->op)(); BARRIER(); + fpresetsticky(~0); } ATF_CHECK_EQ(signal_caught, 1); ATF_CHECK_EQ(sicode, t->sicode); signal_caught = 0; + sicode = 0; } } @@ -312,8 +324,6 @@ sigfpe(int s, siginfo_t *si, void *c) if (strcmp(MACHINE, "macppc") == 0) \ atf_tc_expect_fail("PR port-macppc/46319"); \ \ - if (isQEMU()) \ - atf_tc_expect_fail("PR misc/44767"); \ \ m(t##_ops); \ } @@ -348,12 +358,12 @@ ATF_TC_BODY(fpsetmask_basic, tc) } -#endif /* defined(_FLOAT_IEEE754) */ +#endif /* defined(__i386__) */ ATF_TP_ADD_TCS(tp) { -#ifndef _FLOAT_IEEE754 +#ifndef __i386__ ATF_TP_ADD_TC(tp, no_test); #else ATF_TP_ADD_TC(tp, fpsetmask_basic); diff --git a/lib/libc/tests/gen/fpsetround_test.c b/lib/libc/tests/gen/fpsetround_test.c index 0f23e74e57c8..6114cf25e8e3 100644 --- a/lib/libc/tests/gen/fpsetround_test.c +++ b/lib/libc/tests/gen/fpsetround_test.c @@ -54,8 +54,9 @@ ATF_TC_HEAD(fpsetround_basic, tc) "Minimal testing of fpgetround(3) and fpsetround(3)"); } -#ifdef _FLOAT_IEEE754 +#ifdef __i386__ #include +#define __arraycount(a) (sizeof(a) / sizeof(*(a))) static const struct { const char *n; @@ -121,7 +122,7 @@ test(int r) ATF_TC_BODY(fpsetround_basic, tc) { -#ifndef _FLOAT_IEEE754 +#ifndef __i386__ atf_tc_skip("Test not applicable on this architecture."); #else int r; @@ -151,7 +152,7 @@ ATF_TC_BODY(fpsetround_basic, tc) rnd[j].rf, r); test(r); } -#endif /* _FLOAT_IEEE754 */ +#endif /* __i386__ */ } ATF_TP_ADD_TCS(tp) From nobody Wed Jun 10 12:36:11 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yN1HkTz6g403 for ; Wed, 10 Jun 2026 12:36:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yM4smNz43KD for ; Wed, 10 Jun 2026 12:36:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094971; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=llk76lXjdUXNHCszlfppG5eKVvVmXq7Eblh8AtXbIi4=; b=upf35HBCLpalGkN1bFq4AzFqxrprOYKIIurrFSIn5XD8fdTKeUzcvjXHqo427D5URHtX9n N1V+DMIjK6fW7QDu6vRnyY18dgV6HJmkVFn3f843AGGTybp6xSlfNlZdces4N2P0GPTtB8 zoxa5LmwmfvULdcw/5wV1lsId45SFJxBBO9PBRO/U47r/+Qzciq9QN0FyXGIgRfHFEfO6D Xe82y5Ddw/JpOuad8x9GR6KyY2zLOuvW32JJVm03erYywO2M9WVCfMRNw7XyTPokcovi4A RPKsofArHg/u4OJhU7oLGQZSyZo0pnHvQj39yqRnTORWU3dZqaBwnu8ELbOjUA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094971; a=rsa-sha256; cv=none; b=mVjasS38a6x08B2bAYZGg+Qz05/336v6z8j4cKRGqH4+gjBMHt52w6wzBhqLicOnD66jT7 ByIWJMerZg0tVc9wEeFTbdOCwiEpjkmWlxRC16j+gUIcpbXvrfLchznn2ioN1MhXE+OS+6 5YGM7QSJZn9+2Nb29qVkLd+wS9vS/uQRFtnpfJkvUNmNQHe1E4vgwk277uJcbyoTMXkHZ6 rjY/ULL0RYbkaRnkVTGr8LsTKcONwkOFMkI/YH1QwNRGZMcgTHIxY1KuMKRvKhIThzOvDg XRcHMk9vQUy1Ra7bU6rnx5iPYaZ36rQneu4UxEKIfRGh/96Ox7eFEy1cduE/IQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094971; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=llk76lXjdUXNHCszlfppG5eKVvVmXq7Eblh8AtXbIi4=; b=ZfiwmwEkMcVrNHQGGYafsDVvmmYfYA3sJHvea0k0pjxAWcXVYYJQV4IcxjeKAmP5uvrgYF oKl4dVMWhr9QrSNsUjlbSj+PjDOFvo+4FggKPbrYi4DZ/6SIqqndbLDVsUyZ0hIJV7S9A7 BRumDJC1SyXSGt5RUy3jtqKYD/FWfjaTYLJrGPyTsiEbHP9qRwVhLbDCPaWimhacGkb6wF TkJQBM5n7wYIxZUPoM4Gu54iTC9JvU3YhcohdWS3KOWaxHWXb+9fppCiTaWLCrSTAEEtfC 8Ji/2PMmbiy7Tj7c/KA7ml4ltX6Jq8FZDso1KwmIoKYWhPZwqQErWlJyVCT1xA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yM4RzXz1KsF for ; Wed, 10 Jun 2026 12:36:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d620 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:11 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Kit Dallege From: Warner Losh Subject: git: 2c5fd7d9a7ed - main - cp(1): fix -P documentation to reflect it works without -R List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 2c5fd7d9a7ed36cf15dd538d9533e7835c7f8555 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:11 +0000 Message-Id: <6a295a3b.3d620.3ed54ad2@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=2c5fd7d9a7ed36cf15dd538d9533e7835c7f8555 commit 2c5fd7d9a7ed36cf15dd538d9533e7835c7f8555 Author: Kit Dallege AuthorDate: 2026-03-27 04:25:44 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:03 +0000 cp(1): fix -P documentation to reflect it works without -R Since commit 97e13037915c, the -P flag works without -R as required by POSIX. Update the man page to state that only -H and -L are ignored without -R, while -P can be used independently. PR: 289959 Signed-off-by: Kit Dallege Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/2102 --- bin/cp/cp.1 | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/bin/cp/cp.1 b/bin/cp/cp.1 index 5231fa72621c..e31eb07ecd92 100644 --- a/bin/cp/cp.1 +++ b/bin/cp/cp.1 @@ -29,7 +29,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd July 9, 2025 +.Dd June 9, 2026 .Dt CP 1 .Os .Sh NAME @@ -247,14 +247,17 @@ flags (in conjunction with the .Fl R flag) cause symbolic links to be followed as described above. The -.Fl H , -.Fl L +.Fl H and -.Fl P +.Fl L options are ignored unless the .Fl R option is specified. -In addition, these options override each other and the +The +.Fl P +option can be used with or without +.Fl R . +These options override each other and the command's actions are determined by the last one specified. .Pp If From nobody Wed Jun 10 12:36:10 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yM16RKz6g4Jp for ; Wed, 10 Jun 2026 12:36:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yL4DNTz438X for ; Wed, 10 Jun 2026 12:36:10 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094970; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rYsi1i4qKs80FYwW5UlMgCKU6fqCNAXbFfTK2kwIr4M=; b=ypFw1EgffLND7fdVeOjv2M0IeGHr8jBR0jIcUNJJjOT5jqz9kZqawJoRBapQuDG0/6peGV TH7WK6n8/FoJNOzy6i5pIga6+j/kOzpv+hJN/sRrfbBEpnHgUltAPcJA5rM5bn4jLIlm3w KIMmsQCo2jfUV9TpBDYMzV+EHqzhjTmwWWrF8PJ6sgtUOcsnP7H4WSXrTX4htF2SdnvPqb fjBXFL2vNZfq2tr3TNOUJlvdkRv66lD7tOekWi53qpinppM+9kI/XQrLRSDN7orhtnyRvw JDASSpW2KE98Bsq3uFV5D0n2en2qhqEkzuEvjunVTtZ8RJ4TBJ6W7sGUopposA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094970; a=rsa-sha256; cv=none; b=AY49Xc7UU3cCQJdkLvFHjL964M+yJ+1c5m6J9mfwlBhVf2IslDXDvpHQaTtJHCYpNAdkry +KBoHoTdZ5pq+efhwvGtIY35nZQLZFZQLIfRblxy8zUYinoBKKMTW37wgcn1LKd9X6L4Vu zOwvByWx5oWjcbDPHxWTzoFmKtDu3UQqM7P8dZjrPhD3rs1LAWbwDA5wVG7beCCmIarytN nvom4ZT3D1v3DTZ2BCyq37u5yMB09l5Glp5RCR6DVcPldhWXpTyYBKka3xeCP9ehpmKkxu eBLcSQU81wUV9d/GdwboyDLW13GUKnMi40SM3SlK9Eytriv2QUv2L9HlQtlQCw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094970; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rYsi1i4qKs80FYwW5UlMgCKU6fqCNAXbFfTK2kwIr4M=; b=mmbdblVv2cpFhkKlAodxt46AwK2XlWsqlgXClN6fvrXhN7QWAGu9RhLrNYEOH+5e2iu+fA OPItUE57dxLPfoywa7tC1wATpMsjZnFncwLJEc/LdkFGnw/N5nvjt1pnGLodkhOpXr1RvY ZzqIZ1Fn2+DjQQQZuj/TuiXgddu+B9xLon0k0Fy0u4ggoZ7usdcZBBn/vrtbDxOrTBHLhj zOsb5jlmu0qke/t7rETYlJ1BjJpWzJc9YhCpGFZIOg9AAq1tv7pyu0pWGsY/8fCMoLC4JA STlGNvWuGgisIl0WsR4bcL9FCkv0/JHCe9ly1DqQM4fK2bjpyLjDmfzjHrGJ/Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yL3qfCz1KsD for ; Wed, 10 Jun 2026 12:36:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3da89 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:10 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Kit Dallege From: Warner Losh Subject: git: 82780af43b11 - main - du(1): document --si option List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 82780af43b113ab16a1a4fab5bf085b2b159f81e Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:10 +0000 Message-Id: <6a295a3a.3da89.109447a9@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=82780af43b113ab16a1a4fab5bf085b2b159f81e commit 82780af43b113ab16a1a4fab5bf085b2b159f81e Author: Kit Dallege AuthorDate: 2026-03-27 04:30:11 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:03 +0000 du(1): document --si option The --si option (human-readable output with SI units based on powers of 1000) was implemented but missing from both the SYNOPSIS and the options list. PR: 265199 Signed-off-by: Kit Dallege Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/2104 --- usr.bin/du/du.1 | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/usr.bin/du/du.1 b/usr.bin/du/du.1 index a2bda42e5f9a..db77fb276fe2 100644 --- a/usr.bin/du/du.1 +++ b/usr.bin/du/du.1 @@ -25,7 +25,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd April 24, 2026 +.Dd June 9, 2026 .Dt DU 1 .Os .Sh NAME @@ -36,7 +36,7 @@ .Op Fl -libxo .Op Fl Aclnx .Op Fl H | L | P -.Op Fl g | h | k | m +.Op Fl g | h | k | m | -si .Op Fl a | s | d Ar depth .Op Fl B Ar blocksize .Op Fl I Ar mask @@ -116,6 +116,11 @@ Display block counts in 1073741824-byte (1 GiB) blocks. output. Use unit suffixes: Byte, Kilobyte, Megabyte, Gigabyte, Terabyte and Petabyte based on powers of 1024. +.It Fl -si +.Dq Human-readable +output. +Use unit suffixes: Byte, Kilobyte, Megabyte, +Gigabyte, Terabyte and Petabyte based on powers of 1000. .It Fl k Display block counts in 1024-byte (1 kiB) blocks. .It Fl l From nobody Wed Jun 10 12:36:12 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yP1fxqz6g42F for ; Wed, 10 Jun 2026 12:36:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yN5vtfz43KS for ; Wed, 10 Jun 2026 12:36:12 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094972; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TdkUcJY4KIBzwnC7mzDDtjzcsUfY0fIw2/GCSbRotCM=; b=Lv90utC2ZsvhrRtPT75zRpqqsQqFWxWZI/sc6cBidmbLQXewYh40iMeDyFdE6Ot+8ZQU6U Ap0zeT7PyjUv0TAs99PuU0Dy4VIJ1jdZK6yciKu90Fl3Uso+s/991dWMYgEb3LQ/kZ4Wbn 5fmJ1U8FJY4oFQcznb+nDyr0GGCx6hOP65e9Q+6N7I8BUraUvGJOhIwpr/w60c/qQBPfOA wj4JZ+HiBWeductj93dsb0pDqSkRnXq3L5wVcG0d/F2ElVlwxuFeOZQ9LJne/jB9HefPfP 2lfkIEsY9hUf1Ha31IKMolWCAx7rpHJU8iIebslsp2w6GW3gPjigohzS/ff8Yg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094972; a=rsa-sha256; cv=none; b=W9J+yNPAet70MNhA/v2X5Et9x8ukps4DWZic56aUtVnncoNoabh2/XHXB9iDNtP5dkRE+r h+9no75Y209uS+YVufUVzRYMu8qmTnD716//JKVvIofn90o7VHb2VdYk2VRC3/gvhOsHcu vHEt97ayk2Raq72FFgh8+3Yb5wjya2AOXzaaIN/B9beZiZ9Yq039d/Nduk09OtDxqhzuZV E/GLNo8WDXaoKxrcjKJqSK7tpNqSvGf9t/uOnGzkvGRfSOpglTlmhvea2WYFgcfk41Syd0 lODwKgFOVUVuPJOK1OpnXyV6cYX6/zftJWhRTeP5kaA7oLsee6aqKsA3RN0Ehw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094972; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=TdkUcJY4KIBzwnC7mzDDtjzcsUfY0fIw2/GCSbRotCM=; b=Q0rX2A6vIHmlQtbjWmsUGrdNua3Cbitn9yFF0h79slPDts7zRNuLhJ9EDxT5dIxD3MviJB Y4MQF+GbCXYWGlv6rFSNCecASW6RxkFq29iVLRAflFh7mb5HkNz/EtWwpvTN2cdPV5CzKM r7FOeYIfEF9RuSEEJANL01yE4nDFN87tT9CotaEe2+mEaRhXGvFojWqd2XqYD/wPIEVOUS SJx8odqZ3tjM2bdd7fNS4FDl6yC2aTTBwpuHjoJayTjoAtgFHpUPcJnxMNrMjW2iqbcph0 Lfywp0OPcpB0/PzH0FwiXYg7zll482qu8SjwGAplBecys3G4O/bE5BN/Pm9uHg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yN4y1Hz1Kkg for ; Wed, 10 Jun 2026 12:36:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3cdf9 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:12 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Kit Dallege From: Warner Losh Subject: git: 05a02d395d6e - main - mail(1): fix temporary file path in FILES section List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 05a02d395d6e9de099c4be3ead222d36ca29e0a5 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:12 +0000 Message-Id: <6a295a3c.3cdf9.43440d2b@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=05a02d395d6e9de099c4be3ead222d36ca29e0a5 commit 05a02d395d6e9de099c4be3ead222d36ca29e0a5 Author: Kit Dallege AuthorDate: 2026-03-27 04:23:47 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:04 +0000 mail(1): fix temporary file path in FILES section The FILES section listed /tmp/R* but the source code uses /tmp/mail.R* (e.g. mail.RsXXXXXXXXXX, mail.ReXXXXXXXXXX, mail.RxXXXXXXXXXX) as the mkstemp template prefix. PR: 289980 Signed-off-by: Kit Dallege Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/2103 --- usr.bin/mail/mail.1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.bin/mail/mail.1 b/usr.bin/mail/mail.1 index 7ec2cf818f4e..767b2d811318 100644 --- a/usr.bin/mail/mail.1 +++ b/usr.bin/mail/mail.1 @@ -25,7 +25,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd August 8, 2018 +.Dd June 9, 2026 .Dt MAIL 1 .Os .Sh NAME @@ -1222,7 +1222,7 @@ commands. This can be overridden by setting the .Ev MAILRC environment variable. -.It Pa /tmp/R* +.It Pa /tmp/mail.R* Temporary files. .It Pa /usr/share/misc/mail.*help Help files. From nobody Wed Jun 10 12:36:14 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yR2vxqz6g40Y for ; Wed, 10 Jun 2026 12:36:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yR0P30z43QT for ; Wed, 10 Jun 2026 12:36:15 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094975; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=FePTdkJyqr7UY/GZNJZXy7xCClFHJLNdlt1FwxssV/Q=; b=KgjsVxwzmdpwyOcR+7BBORxOgfxfOmRNiFNq06zyc4gMKb5sL0WJC9CX4MiYFpkDTdjbCH H5W+mAQqYn4WpYE0rmTJR1ylwkY8rezZh54SOjihrCtzf2TPcse6JjUIIfRWz8ANZvQNhJ 4dl33RJ3G/H0a8mPoKcXSKoSi9D7pM+FQLD9trqr980ZKhU641lAuRfZJEDTpFKCXEEcDZ 0iXxI+KNOtIQWgo414PfiuE7u1USjSGjSWXcrY0t1/nGnNUmhCHnRZRydoiQ1OmeFyoLpe lJylkfY00KIRL9qpYmv6Oc4h9EheJOah9VXTasucq9Kta9grD5Zv7tUAJorD0A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094975; a=rsa-sha256; cv=none; b=yg8ccJ4l0xU2q+kt7wwRo1rcUHkzorYjEHuneYkhSAIBt2PkZGvimh3UvFZw7Z5pKBDyjZ 4C/pEvt8dx2Dm/8tb2m6oXD1+Hj1kWriO6kIoPoEEIwLh6LwXGu4577SqOsTk88G5W0qzI PyeyGDyPmoR86HA7Q+cyreZ35X4YTFfAXkiEOoMecANGnoa3V0hdpGlMZ6MtQaqf2PiAe5 yN26ScjNcCMSOrfReIZciM4A49485WOgaZBZqeEp7jckY0dWHiyp51ikN+EAzVxbIQ0Bhr jCO/9Mltp02Mg8R09cymqCBLUNtNS2+lduq1d0fOxV1zaiXSr4s3//PNuX61tw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094975; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=FePTdkJyqr7UY/GZNJZXy7xCClFHJLNdlt1FwxssV/Q=; b=dBj1c48FZXhnAERPa1qvCZF6TaKmWPSgW+G2Ae/IMCvcjKmi8vT8119flutDg/yHm4pOvd dS6276kluQiWLbq0XysiniNdbAjBqkZ/d1so8aT0bSUOHc91mFD3RcLHk2x+jI6wdaGn9F Sd0nqofcHA0TN5N8LQwwEZuQqe9ZWQRK6wnoLie27vw0N8LVAI0IutT0ANVoLvvXktp4eL CrsOGGaZYlKX9gvmKlMUQbJU+aMTWBJaCaeNT1q/6u8yITh6qiDKBAqozIw4m4MRZZcBs1 rSOomSIeFWXz0B4FEYic6S6v6WHHs27XXkma7qYK0skg4UPGv930xBKg4yarPg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yQ6Mqfz1KsJ for ; Wed, 10 Jun 2026 12:36:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3cdfe by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:14 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Kit Dallege From: Warner Losh Subject: git: e7bdf44da75a - main - bsdconfig(8): add missing vt(4) console commands List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: e7bdf44da75a3f877c90dbbb9ff3db730937bc96 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:14 +0000 Message-Id: <6a295a3e.3cdfe.49638c23@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=e7bdf44da75a3f877c90dbbb9ff3db730937bc96 commit e7bdf44da75a3f877c90dbbb9ff3db730937bc96 Author: Kit Dallege AuthorDate: 2026-03-27 04:25:38 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:04 +0000 bsdconfig(8): add missing vt(4) console commands Add documentation for the vt_font, vt_keymap, vt_repeat, vt_saver, vt_screenmap, and vt_ttys commands which are available at runtime but were not listed in the man page. Also clarify that the existing syscons_* commands are for the syscons(4) console driver and remove stale commented-out entries. PR: 291051 Signed-off-by: Kit Dallege Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/2100 --- usr.sbin/bsdconfig/bsdconfig.8 | 48 +++++++++++++++++++++++++++--------------- 1 file changed, 31 insertions(+), 17 deletions(-) diff --git a/usr.sbin/bsdconfig/bsdconfig.8 b/usr.sbin/bsdconfig/bsdconfig.8 index c4fb1e612dbb..aa81785a3acc 100644 --- a/usr.sbin/bsdconfig/bsdconfig.8 +++ b/usr.sbin/bsdconfig/bsdconfig.8 @@ -23,7 +23,7 @@ .\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd April 12, 2020 +.Dd June 9, 2026 .Dt BSDCONFIG 8 .Os .Sh NAME @@ -170,29 +170,43 @@ Shortcut to the Delete menu under the View/Edit Startup Configuration menu (startup_rcconf) of startup. .It Cm startup_rcvar Shortcut to the Toggle Startup Services menu under startup. -.\" use neutral name, e.g. console_keymap instead of syscons_keymap? -.\" font (encoding) selection not applicable to vt(4)! .It Cm syscons_font -Shortcut to the Font menu under console. -.\" .It Cm console_keymap -.\" Shortcut to the Keymap menu under console. +Shortcut to the Font menu under console for +.Xr syscons 4 . .It Cm syscons_keymap -Shortcut to the Keymap menu under console. -.\" .It Cm vt_repeat -.\" Shortcut to the Repeat menu under console. +Shortcut to the Keymap menu under console for +.Xr syscons 4 . .It Cm syscons_repeat -Shortcut to the Repeat menu under console. +Shortcut to the Repeat menu under console for +.Xr syscons 4 . .\" .It Cm vt_saver -.\" Shortcut to the Saver menu under console. .It Cm syscons_saver -Shortcut to the Saver menu under console. -.\" screenmap (encoding) selection not applicable to vt(4)! +Shortcut to the Saver menu under console for +.Xr syscons 4 . .It Cm syscons_screenmap -Shortcut to the Screenmap menu under console. -.\" .It Cm vt_syscons_ttys -.\" Shortcut to the Ttys menu under console. +Shortcut to the Screenmap menu under console for +.Xr syscons 4 . .It Cm syscons_ttys -Shortcut to the Ttys menu under console. +Shortcut to the Ttys menu under console for +.Xr syscons 4 . +.It Cm vt_font +Shortcut to the Font menu under console for +.Xr vt 4 . +.It Cm vt_keymap +Shortcut to the Keymap menu under console for +.Xr vt 4 . +.It Cm vt_repeat +Shortcut to the Repeat menu under console for +.Xr vt 4 . +.It Cm vt_saver +Shortcut to the Saver menu under console for +.Xr vt 4 . +.It Cm vt_screenmap +Shortcut to the Screenmap menu under console for +.Xr vt 4 . +.It Cm vt_ttys +Shortcut to the Ttys menu under console for +.Xr vt 4 . .It Cm timezone Set the regional timezone of the local machine. .It Cm ttys From nobody Wed Jun 10 12:36:13 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yQ6Hqqz6g4GW for ; Wed, 10 Jun 2026 12:36:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yQ46lNz43FQ for ; Wed, 10 Jun 2026 12:36:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094974; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hrZGqToK5vMMPTPd10hwW4XFJAmdo5gdZxy39uABe2w=; b=OZ2Z5TyyKedHi1t4xXWzAEBnMoA6yVxPvS18InVT4y80SQvucAoOLweXATI2bb0TQ48LF6 1EOS0kXGfNQu2iWT50TGR21QX90oSpMtaErT86HMrz/i9PlooQ1GuX6mmC0DnGIbpyZumY 4jl+NHhFRYuNMFXLRH1E24xU9Z0xmFo3HPo1Ra8L0iXtoBgmDOXd0LSOQxG2Ij88/tCReK dLVAP12RWkRWWbbaKhR01q0MWWYTxBeLJCrSB6IUUFmB0P4vhaQQ1kxAvmQxyIS4Vkkvd+ 7k1wcowf7Qgh4EFx0iRSDeHu96aQbDGAtqbuwHdV0f9+t6Kh4K3yUkCH0TxUGg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094974; a=rsa-sha256; cv=none; b=glMXjVrU9V/ZnccrebutiAKxN0O3h1j51NztSdSiEOc/aEtBNWxGpsSK6n0PpELIUWgE4D qNDnaXOS8WuFcjJH8+8lGhjhlp6JX3oZMioh7ODk+vumTdqaRMH62zX+nlfAKZM0opSPjx g9dIttGANjEtJGigZ0zJvzGaqYiYkny9FLwutQ7b2A4gWUzslHilfxvAmajL+HlK8dvYoR jOJ/HoPb2zaRGV3Q9RgNd9JY/fGYflkaa31PCtAGxLyNm2ix5IxZ4JxJiS2FnmJcwx/g9b WFBtMXlvevzkUWycDyCrVorwZaSJLKqsN4SIDWVyxyBPbAxnwSEO43WaDI1BSw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094974; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hrZGqToK5vMMPTPd10hwW4XFJAmdo5gdZxy39uABe2w=; b=WWigVxSwOtWBE3UG3k7M16WLF9nSGRD09vV6ftbjLkKchdAvztE6juT4yWhM+wQBlh3qvV H6hC1lsDu7DbbAALlXCyo9dzeX58lPzA69nheFv6OHe/aw8VDzGvJlukFb+OyCzOTNZmGa bm8LXRPvUfokc5nadd8qP/8kPZNoJ/4KeTFV0fLgu3w8Vd1TFhujz/cwVsJ+kItZd5OC7e A9H76ipPjGhk7XI329uFwsDlxCgSHBki/fpV5R9CqqHjDBDDeCt15pP4PdD4N1FaA6pyG3 lHdI6J5Y4aPwGYpfJ2LTgZp1fOEP5iOO1MATg8sAiSJ87J2+nXlHMIoqmOMSRA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yP5VgFz1Kdr for ; Wed, 10 Jun 2026 12:36:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3cf5f by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:13 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Kit Dallege From: Warner Losh Subject: git: f8c8875add69 - main - diskless(8): remove references to deleted clone_root script List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: f8c8875add6946b09ea8cf1f7bbdbd90fe5b1f17 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:13 +0000 Message-Id: <6a295a3d.3cf5f.79a69d20@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=f8c8875add6946b09ea8cf1f7bbdbd90fe5b1f17 commit f8c8875add6946b09ea8cf1f7bbdbd90fe5b1f17 Author: Kit Dallege AuthorDate: 2026-03-27 04:25:41 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:04 +0000 diskless(8): remove references to deleted clone_root script The clone_root script was removed from the tree in commit 7736786b08e8 but the diskless(8) man page still referenced it in two places. Remove both references. PR: 292231 Signed-off-by: Kit Dallege Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/2101 --- share/man/man8/diskless.8 | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/share/man/man8/diskless.8 b/share/man/man8/diskless.8 index cc49854ae850..603209dec7dc 100644 --- a/share/man/man8/diskless.8 +++ b/share/man/man8/diskless.8 @@ -27,7 +27,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd August 11, 2024 +.Dd June 9, 2026 .Dt DISKLESS 8 .Os .Sh NAME @@ -179,10 +179,7 @@ can contain the following lines: where .Aq ROOT is the mount point on the server of the root partition. -The script -.Pa /usr/share/examples/diskless/clone_root -can be used to create a shared read-only root partition, -but in many cases you may decide to export +In many cases you may decide to export (again as read-only) the root directory used by the server itself. .It @@ -219,10 +216,6 @@ and have the obvious meanings. .It A properly initialized root partition. -The script -.Pa /usr/share/examples/diskless/clone_root -can help in creating it, using the server's root partition -as a reference. If you are just starting out, you should simply use the server's own root directory, .Pa / , From nobody Wed Jun 10 12:36:17 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yT3xgGz6g4P9 for ; Wed, 10 Jun 2026 12:36:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yT1kFwz43Sq for ; Wed, 10 Jun 2026 12:36:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094977; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HZksUzyETaPlsMYQwS+91qUURvyLatZqcWK9SRX7TqM=; b=R4DynEMdX1uasJI7ZiVoHmTCO//LaAm5d+auGU4pdJZ+3dqz6CDnU/G3rPp6/90FyfMrVu E+hUmQN6nufU3ZG2S1YCaWTobfujoDabNx6E2ylc6wBQATyLKBtIeTAzp+j7gR0tQC5pB+ QmWhJ0euTA1fpn41OhH9jUr7DCCLR0cWwpZTrDVQzm19EooO3l3bTQnPSMPR4HZSl70Opp sBQCfl5GaWSRXi1/sENMKcW2ZwFMXIPixG3IgaI8POIWTt7f6ndmYhBPUMuCpzJdoqAxTB 0fhBMhSvt77T2kw1gwkfVC1neD6OeQXq+sdA0a82sw/UZBV7GL0nxQ/HoEXzCA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094977; a=rsa-sha256; cv=none; b=ds7qfhOOymqH6wkUpUfHjhb9YMfh8KWuApAw+CLdmzVYvlb/PgJ9QQjt9delXVWGbO4I03 Lg620U7PVOOYgdWSed5BO0yd1JbjQmu+TJBXcLQVXx45qFPVuabQ8jcy4Mk+ide4W/Div9 3UGOiwCYXrelqOEvwhElfa/RAQXOgX073RYhBBQ6U+vXAoYURi7IhBH0kPPowTtcA54Tlu 1pilqSxrSQ/I8P/biB09IOrRIbZeGDfaUjhn2hAh1EtBSPn3w4IerxzdbpgEuog386nBdK o7YWvwiHjXXYg/UZqWyWGWW6JwuyDcBAqZL3+7jz4QRKBacbK+9RP9TV55X6xQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094977; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HZksUzyETaPlsMYQwS+91qUURvyLatZqcWK9SRX7TqM=; b=m3i2px1ASE+QlvpZU51F7dWC/wafEZx1ScOBJOEFK3W66FxuiQXAHC/2YZ4osmEjApIJ9h 4HQZkr6cQZTfTpFGIJdm1CKFQPqrcNRhkstG9zKUCNR5s1DG2QPfRBKZHoIzcQ+BjjW7IN d78tMH/nAnylYWkoTlSmXN4aKiDCtrIt4f43k3k0J7YBaTLEUcOCtO4M2ckycxUTBhXQKi yPNE1+3UwwazZMMH3xC6k75AjdpTGSxNr5+UoLp/gspbuA8loiVy/lB18pvCG5KcpO3mcx vW05pBVd3x/fPbex1cibC2L7WK7fEmdLoVPe0gSORArx7gk7LIlJ67P3VC4lgA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yT0jMcz1KsK for ; Wed, 10 Jun 2026 12:36:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d807 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:17 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Kit Dallege From: Warner Losh Subject: git: 3a71a24bbeae - main - etherswitchcfg(8): document atu commands List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 3a71a24bbeae3b72c91fd7c0b212ee607f18cba6 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:17 +0000 Message-Id: <6a295a41.3d807.10775acc@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=3a71a24bbeae3b72c91fd7c0b212ee607f18cba6 commit 3a71a24bbeae3b72c91fd7c0b212ee607f18cba6 Author: Kit Dallege AuthorDate: 2026-03-27 04:25:27 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:04 +0000 etherswitchcfg(8): document atu commands Add documentation for the ATU (Address Translation Unit) commands that were implemented but not documented in the man page: - atu dump: display the MAC address table - atu flush all: clear all dynamic ATU entries - atu flush port : clear ATU entries for a specific port Also add atu to the SYNOPSIS section. PR: 275413 Signed-off-by: Kit Dallege Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/2096 --- sbin/etherswitchcfg/etherswitchcfg.8 | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/sbin/etherswitchcfg/etherswitchcfg.8 b/sbin/etherswitchcfg/etherswitchcfg.8 index f903975bd356..8f3198c543ea 100644 --- a/sbin/etherswitchcfg/etherswitchcfg.8 +++ b/sbin/etherswitchcfg/etherswitchcfg.8 @@ -22,7 +22,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd June 23, 2021 +.Dd June 9, 2026 .Dt ETHERSWITCHCFG 8 .Os .Sh NAME @@ -50,6 +50,10 @@ .Ar register[=value] .Nm .Op Fl "f control file" +.Cm atu +.Ar command Op Ar parameter +.Nm +.Op Fl "f control file" .Cm vlangroup%d .Ar command parameter .Sh DESCRIPTION @@ -166,6 +170,21 @@ Enable the ingress filter on the port. .It Fl ingress Disable the ingress filter. .El +.Ss atu +The atu command provides access to the Address Translation Unit table +of the switch, which maps MAC addresses to switch ports. +It supports the following commands: +.Pp +.Bl -tag -width ".Cm flush port number" -compact +.It Cm dump +Display the current ATU table entries. +Each entry shows the MAC address and a bitmask of ports associated with it. +.It Cm flush all +Remove all dynamic entries from the ATU table. +.It Cm flush port Ar number +Remove all dynamic ATU entries associated with port +.Ar number . +.El .Ss reg The reg command provides access to the registers of the switch controller. .Ss vlangroup From nobody Wed Jun 10 12:36:15 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yS3msMz6g4Ld for ; Wed, 10 Jun 2026 12:36:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yS0zgrz43L5 for ; Wed, 10 Jun 2026 12:36:16 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094976; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=DkNfHwMT2KcfwnPjgIbdFV9ahV/jZH5FcZC4rbrHZN8=; b=r23p+LF4ysF9W9naVrx9HNredYtZutZjiNmsCcq+pwLefi0X+z29GB4/Nm675rtzd+fiP+ CdXXJ3O7vxE9dC12MQBLpMrwsxj/Z+QiC8Ec0G8/cBhFl5DeKP7pVeLB51yKj61KO/IoT/ 8jmu/3v4xQroZoOhVJnlrh/VOILnPWFFfr6kXJC28ukDK9Bey44NDBqBaYhw0Foyr9zZi1 cATARrMb3XBgc9NSEp4zq/hsjzmWeZlei4wW0NLIAxWhVVfNij2G9J2TSQxUMvZYtK9AgY efCnKJlNtjSSHrC7UJXZdpl9mVhRc0bi5sKxnFOu27s5JdDvJaCx5uuQGA2t5A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094976; a=rsa-sha256; cv=none; b=Ob4I7u6BupBYoh38943PGd7OuyG1fpnjtdf2tzsC8RMChKLn7fEPP93aMouv79qAbXWjNV SYKgXEAGHUWYBD08UkhyJzCimwFEKk1XbyYCBaKEjg8PA/D7vghgQ5RyjWkUqyPbzQ6qNu Uo5oROiKjzCxWCMxJpGkkNEHVqDodHaYf3gz8Gd2VgwEaIcq9IwKl8T+XcFA7kb/CvASs1 a76E9CZ2/23UsqGJ5I2TyGXsA8BKWy+DH4h7iJol/2mFgQ/JUsUmDJZuV/wK34vuUS1Emf XN9k3pnStt6bFkZaKvkBu80rZLhFx5JSaTd3fCBdJ2pVL2Qohbq0ND66lnWkUg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094976; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=DkNfHwMT2KcfwnPjgIbdFV9ahV/jZH5FcZC4rbrHZN8=; b=xpkQ8fykxrE+UC45orWkbMjxKvtj5dLf0hUcv3/VySacXWDRzpUAzcPz5cJiQfcJiq8Hq6 91dWQjosLOvszwRz2R4D7l62zNGRlvkrqNPByBKa1PIgzebqg8OHqZGGErwA7JMLboG97O 06JA1/og8e8P/6R1QZghdTkzUdijbhy222W32BFNbqtxtZo/NB96bzDrj2pI8tMUvYyHiC DCL9vEWa3ebjSGZfu+mRQ2F5NWvbcM2J6D9TQkkg+AccqQfN+ijnnbEpF8sONz8rjS0pxN ip7CYEqm8M9GJlqOo88efewz+KNwIrNsdBcxK4akQoOX+kTy252raofXs0YtnQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yS0RVSz1Kkj for ; Wed, 10 Jun 2026 12:36:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3d59f by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:15 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Kit Dallege From: Warner Losh Subject: git: 473fa0f7a11e - main - re(4): document jumbo frame support for 8168/8111 chips List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 473fa0f7a11ebecc50dfbd2997c8bdebbaad6541 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:15 +0000 Message-Id: <6a295a3f.3d59f.30291bc3@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=473fa0f7a11ebecc50dfbd2997c8bdebbaad6541 commit 473fa0f7a11ebecc50dfbd2997c8bdebbaad6541 Author: Kit Dallege AuthorDate: 2026-03-27 04:25:29 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:04 +0000 re(4): document jumbo frame support for 8168/8111 chips The man page only mentioned jumbo frame support for the 8169, 8169S, and 8110S chips. The 8168 and 8111 family also support jumbo frames, with varying MTU limits depending on the chip revision (6K for C variants, 9K for D and later). Update the documentation to reflect the actual driver capabilities. PR: 160399 Signed-off-by: Kit Dallege Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/2097 --- share/man/man4/re.4 | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/share/man/man4/re.4 b/share/man/man4/re.4 index 1a255ccf0db6..0020af64b330 100644 --- a/share/man/man4/re.4 +++ b/share/man/man4/re.4 @@ -28,7 +28,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF .\" THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd November 7, 2022 +.Dd June 9, 2026 .Dt RE 4 .Os .Sh NAME @@ -77,9 +77,12 @@ in both 32-bit PCI and 64-bit PCI models. The 8110S is designed for embedded LAN-on-motherboard applications. .Pp -The 8169, 8169S and 8110S also support jumbo frames, which can be configured -via the interface MTU setting. -The MTU is limited to 7422, since the chip cannot transmit larger frames. +The 8169, 8169S, 8110S, 8168 and 8111 also support jumbo frames, +which can be configured via the interface MTU setting. +The maximum MTU depends on the chip revision: +the 8169, 8169S and 8110S support up to 7422 bytes; +the 8168C/8111C and 8168E-VL/8111E-VL support up to approximately 6100 bytes; +and the 8168D/8111D and later revisions support up to approximately 9200 bytes. Selecting an MTU larger than 1500 bytes with the .Xr ifconfig 8 utility configures the adapter to receive and transmit jumbo frames. From nobody Wed Jun 10 12:36:18 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yW00gtz6g4Kf for ; Wed, 10 Jun 2026 12:36:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb4yV1xSLz43Wn for ; Wed, 10 Jun 2026 12:36:18 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094978; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=KWiYwLZ26ulM1sTqB4E8PZ6mzmyrz8giAciHxwE3jXc=; b=lgniGYwvO2B6Aclcmpf9/wBeCPDj48ECE7lNwb2kldleyNpEtMnGgBrk1W1GoFq1PIV9oK 0bKzbfCYcP12fePqmNsHpHP69dsjdNlFM3Dw7uyOOuqfGdfGoCfmoy9FBUC3XlwDirNCz6 +yz7emEXzesR5qkOs2bLdZaG1UcUuhiMAFBxvjZCoUof5kP2xIqggnJA9Y+CmhSONDyB89 ZXnfAHgDcxNHR08BxMKd+f0sJnjKERXGHtW7WXgSZ1veYiyy6uWt1i/XcyVy8xw9vN6Pi1 BJv4gfdORFfzVEPEQU2HJBVg8pGMsUgOkPQxMCApFdLnuGwaex0rJGpJS9XRKQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781094978; a=rsa-sha256; cv=none; b=dHAk7oKgA1rIvu1X7euIxLEomxykNCMStt+P2TqK8znpfmXUADcSZJdE1BtuKIAf5zQDr4 VOcag6bFMaE1BPbBMOVvK2M23Zx5qthMv9mlPKGxNoE+OYt7iPjRZE4jUA8yPrsma/B/se MnG0ZmWO2Ie8HvQkyB4NZK1FkDaiPMw94XbyzBX5NyA2QO5U3osDDsD2a3rZGt8CAaHnu/ A7vr4TFgm6kmvkvS+XgGl3crrIFuzj3aOOoU1Oy3zmFy62ruRTMMvoLO+EU8+TTW/PllnS azl5WlDD6M9xsI9XelSSmrCw0oIHGLkdfkcsBRs3dt15ZHLw1ST3l9kgPUuTnw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781094978; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=KWiYwLZ26ulM1sTqB4E8PZ6mzmyrz8giAciHxwE3jXc=; b=rjqivqDrASef+nbms/IMjPDzvNisuAOVci/Cmvd3HRFMmLaY7WN6AcocdTu0RF5A0G9Dz6 M0FstY7qfmpxHGLecacSDnzNL8PeiflBVARbtVxWI1QR7wDeb9SicYdjPgCbKAVIEgazPn K1eIuBziXwbwXanFl8+BczX/T7zKWYuvuJn3TbNnys1W893Zn9ap9pu9Q8oHaMY3qzOWg+ AhjaROXxwXtNI7tB6uNAjX8xs6y6Ykcvh05mG/zhw1BJnTgP1oLHSOrhoVJpDrlWaYLAnr RT72OPTWagBHhFdgX7FA3dE5gN8wbkYVTuUTBK+w1tZCQl+oKMDw5bVHZRuBRg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb4yV1Wlbz1JbB for ; Wed, 10 Jun 2026 12:36:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3da8e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 12:36:18 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Kit Dallege From: Warner Losh Subject: git: ab8ceaaa86ba - main - hcreate(3): fix incorrect claim that hdestroy frees keys List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: imp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: ab8ceaaa86baa077fcdc020a0c05ccf88fcd54d1 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 12:36:18 +0000 Message-Id: <6a295a42.3da8e.104bafee@gitrepo.freebsd.org> The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=ab8ceaaa86baa077fcdc020a0c05ccf88fcd54d1 commit ab8ceaaa86baa077fcdc020a0c05ccf88fcd54d1 Author: Kit Dallege AuthorDate: 2026-03-27 01:57:10 +0000 Commit: Warner Losh CommitDate: 2026-06-10 12:35:05 +0000 hcreate(3): fix incorrect claim that hdestroy frees keys The man page incorrectly stated that hdestroy() calls free(3) for each comparison key. The implementation (hdestroy_r.c) only frees the internal table structure, not the user-provided keys or data. This matches POSIX, which says hdestroy "shall dispose of the search table" without mentioning key deallocation. Update the description to clarify that the caller is responsible for freeing any memory associated with table entries. PR: 291240 Signed-off-by: Kit Dallege Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/2095 --- lib/libc/stdlib/hcreate.3 | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/lib/libc/stdlib/hcreate.3 b/lib/libc/stdlib/hcreate.3 index 4621850d4661..95a959fcedbb 100644 --- a/lib/libc/stdlib/hcreate.3 +++ b/lib/libc/stdlib/hcreate.3 @@ -26,7 +26,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd February 6, 2017 +.Dd June 9, 2026 .Dt HCREATE 3 .Os .Sh NAME @@ -86,10 +86,11 @@ After the call to the data can no longer be considered accessible. The .Fn hdestroy -function calls -.Xr free 3 -for each comparison key in the search table -but not the data item associated with the key. +function disposes of the search table but does not free +the comparison keys or data items stored in it. +The caller is responsible for freeing any memory associated +with table entries before calling +.Fn hdestroy . .Pp The .Fn hsearch From nobody Wed Jun 10 13:45:00 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb6Tm68J2z6gRT6 for ; Wed, 10 Jun 2026 13:45:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb6Tm2H1pz3M9w for ; Wed, 10 Jun 2026 13:45:00 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099100; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gAcl7Pw7l5VYRaoLGnDXXtsqcGoZw0t34WxKPUcTyo0=; b=lPjvFGdqKwgQglvWam65rXe1E6HsbIVViVnb/eruw7xt2r1ZQpV7IsBDTcy/3Sza+UeW8j gOQkxHQMaq3f98fwQKjapYZ9G6G9VhsjMC2nf1gCdpykYN2IIOWgv5ehIDVRWx9xRqvEjg gF9Q5zw7JKoF79hsuUmloN8lz6j0ldfbrZ21rigxhfuDpiLCyX4h9cAwL5l9faV42Jst/G g9q9DG4iFxnSmm/Cxvmh4Uanni/Hj65kFFGR7Gv8NSuHvAwWJsoGif39eITMiv2lU4oyW2 dzD5E+tD2s7QMETO5xkFcWB/pPdL8n+nXVelAdqVE92KFMAVKoeIozdTlXqz5w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781099100; a=rsa-sha256; cv=none; b=rb9nYP0Ymoqb4ShJLzJcYxfIZmnzcCdm3Ynycen1TSGW37jozYI1ESEmmfHz2k9L3alDI0 PFGXY2sF8JzIr/rUIMVVCCdVwjrzdLrvMuApg4L9IF/CEi9TiTXAYZaFuic8M84lQIxGy5 Y794NlUJNeAntYd8i/8UWHNMtmt66NMwafFLLBJhlrSn5/oRS/IlKSl7Rr+AgPjbiKO5e3 0Po9UnoEl54BdyJMFW1hj6geH6Vus32ABoqrg3exOrFCnMcS8oBpDeyshhtmHGaAv0EkKA Is474rDu3x1cNlUriekUK/aPOmiMxI3igpdBVtQ9hrVzZQ/y3u+nOgSVSfHyAg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099100; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gAcl7Pw7l5VYRaoLGnDXXtsqcGoZw0t34WxKPUcTyo0=; b=NfJhzVTbTNBiK/50CET81XHT6SgSVrBN8pndqm4yaOwVSfgChdu6lnDFMwc6ygUWIp4Q6t 7LnBzHSFSk31QsJeLgK1pPlzTlDoGWS2pYzLMP8A5EnmqGOSBzp0qTEOGwgzt4ucoufsZd uZgyIVCoaTC1vpBQqlbxUXWAoFpRgOpKjXyVzet7Ad7iyrTURrt1XkcjhQW0hF0h8f/w19 zzq2SHAkwMwCMkG/xPcKOYb7787qnxTCH0+vd3LBvcXpD6jmxW83e5QIPqoNCBC6yKgc/B ei88q3AoS2oLCGQXbaRPigkzcclt3yjzEELUXhRglvAcou9Bm/J8YWnSEG/DnA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb6Tm1gBnz1LvF for ; Wed, 10 Jun 2026 13:45:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1d7a3 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 13:45:00 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 4b570289f0cc - stable/15 - xinstall: Do not allow -l and -s together List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 4b570289f0ccccdd35a47e62fec95835842c26fb Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 13:45:00 +0000 Message-Id: <6a296a5c.1d7a3.4659b1ff@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=4b570289f0ccccdd35a47e62fec95835842c26fb commit 4b570289f0ccccdd35a47e62fec95835842c26fb Author: Ed Maste AuthorDate: 2026-06-03 01:27:54 +0000 Commit: Ed Maste CommitDate: 2026-06-10 13:43:59 +0000 xinstall: Do not allow -l and -s together Cannot strip the target if creating a link. Reviewed by: des Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57398 (cherry picked from commit 521afce6a859c1d7ac9674e8f21ff45418becaf5) --- usr.bin/xinstall/tests/install_test.sh | 3 +++ usr.bin/xinstall/xinstall.c | 6 ++++++ 2 files changed, 9 insertions(+) diff --git a/usr.bin/xinstall/tests/install_test.sh b/usr.bin/xinstall/tests/install_test.sh index 6b091f26b377..377920200490 100755 --- a/usr.bin/xinstall/tests/install_test.sh +++ b/usr.bin/xinstall/tests/install_test.sh @@ -27,8 +27,11 @@ atf_test_case incompatible_opts incompatible_opts_body() { + printf 'test\n123\r456\r\n789\0z' >testf atf_check -s not-exit:0 -e match:"specified together" \ install -s -d dir1 + atf_check -s not-exit:0 -e match:"specified together" \ + install -s -l s testf copyf } atf_test_case copy_to_empty diff --git a/usr.bin/xinstall/xinstall.c b/usr.bin/xinstall/xinstall.c index 1aed8c1b24e4..c5acd536ef64 100644 --- a/usr.bin/xinstall/xinstall.c +++ b/usr.bin/xinstall/xinstall.c @@ -283,6 +283,12 @@ main(int argc, char *argv[]) usage(); } + /* Cannot strip if creating a link. */ + if (dostrip && dolink) { + warnx("-l and -s may not be specified together"); + usage(); + } + /* * Default permissions based on whether we're a directory or not, since * an +X may mean that we need to set the execute bit. From nobody Wed Jun 10 13:45:02 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb6Tp73J8z6gRjv for ; Wed, 10 Jun 2026 13:45:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb6Tp3QZfz3M2D for ; Wed, 10 Jun 2026 13:45:02 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099102; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=IB+wkreouw4n/M5HDFKYsQ6hQQfsVcnrXJJKa94bK/c=; b=XLVJrJ9zZN4HnpUiMC04b0ibeNz16czVNNkTBLt0Eq5Hq2uGFQSWCScZSRb1aBoxWeqJ8q VBWpgbQrhVC40MKAtSk/iTul2dwwzezsV8MZj9ec/ZUWHjn5ymDuwG3wkNM+wfSYwFco/i l89vXKGwAoeXXTUDV4ei9/uJc6mDK5iDcOohrr/FqH2+BQeO69y3A/0+ZIL/U1+6kPqDxH QFk0I7ZJonzWFU426QVm2hOgpu2wKVGsIO+hmkrMMrrdCMT3rPbxTQwEkJPZtS6gJICt5K PjsA72L2y3+UBU62La+oLY171+cdqEOts/UJ5CA1pCzh7wYQQ7411o1AOe7R2g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781099102; a=rsa-sha256; cv=none; b=rjae6va/s6qKo/QoqB0EsmweaAjrfbCc9skofvfVFGxWQuH/WRN/AsYgDd8h35fYtNbxL1 75Zqz7Lhl6Lz3Kse2UvLy0jLHSk1kcL0E9rvad5caAUanFf8sRI36JkFLKego9qmDsu6Kz ISnyPzpszBnYxNwZayaIhCfldedJQycOmucIp4Ltbf/NmUF9w9YAvJO1sc2HcxvArzCx28 ckVLYBrCnx2M3eAQIgtzW60Zns60WiDrJ75uPWq9lIqlD6c8UUDnJDGDBQ0xuDQcjVoO5E o+IqKuNmgPVoidlcE+CmmoW0bIOgt4cRgu924Kzfpj4KHGFNS9MQu6T7daSTmg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099102; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=IB+wkreouw4n/M5HDFKYsQ6hQQfsVcnrXJJKa94bK/c=; b=lCa4aDcFi1rGAI5qSwXkeXXPJgwzM3nsQvtiDm7qU35zwgFZsLBgqLwxT9u8K2Rnrq82Of k/k2Ac6zSRWR/BJnFtpfWJ+2sCFgLmgKjbnkngtsGVCh5JalyBAovqnclGpgrnM6bjEJTD yZGViQLTFmG/5vh9VkaCFONUMN24fn+J22bmqGMVb17SrDocn+cXaKVHtYx+SZOgGHP5QF OpNMLQMqG5FxF88nb+soppp6zEyntdOk5BCI7tSZbUgEfxhNUke63Ujv6FnsyFejOxg6nc MBN37feCC2e6y+FTxvkGkQXoOVIAopbsTfV/ZqSTtTuF5ETR2H8s3WiCT7QiRQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb6Tp2nFpz1Mbp for ; Wed, 10 Jun 2026 13:45:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1e17e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 13:45:02 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 166532ee0c1e - stable/15 - install.1: Convert link flags to a table List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 166532ee0c1e740dbbad331ae4d03710f0d86cac Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 13:45:02 +0000 Message-Id: <6a296a5e.1e17e.394aa147@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=166532ee0c1e740dbbad331ae4d03710f0d86cac commit 166532ee0c1e740dbbad331ae4d03710f0d86cac Author: Ed Maste AuthorDate: 2026-06-03 17:50:51 +0000 Commit: Ed Maste CommitDate: 2026-06-10 13:43:59 +0000 install.1: Convert link flags to a table The five link flags get lost in prose. Reviewed by: ziaee Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57418 (cherry picked from commit 248dd56d2dea03e4723e8225b890d02fcc10973f) --- usr.bin/xinstall/install.1 | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/usr.bin/xinstall/install.1 b/usr.bin/xinstall/install.1 index 2120706e271e..c6a55632891c 100644 --- a/usr.bin/xinstall/install.1 +++ b/usr.bin/xinstall/install.1 @@ -174,16 +174,19 @@ argument. Valid .Ar linkflags are: -.Ar a -(absolute), -.Ar r -(relative), -.Ar h -(hard), -.Ar s -(symbolic), -.Ar m -(mixed). +.Bl -tag -width a -offset indent +.It Sy a +absolute +.It Sy r +relative +.It Sy h +hard +.It Sy s +symbolic +.It Sy m +mixed +.El +.Pp Absolute and relative have effect only for symbolic links. Mixed links are hard links for files on the same filesystem, symbolic otherwise. From nobody Wed Jun 10 13:45:01 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb6Tn6jHpz6gRjt for ; Wed, 10 Jun 2026 13:45:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb6Tn35zcz3MB4 for ; Wed, 10 Jun 2026 13:45:01 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099101; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HiynjSiLa80z57EcVyw6Rk34DLRU02tD0C6cBQNqHDM=; b=jnxNSndi6uNfFhLue5bwI/uLpzVFpKf8nehz6Svn9B1AmYU4iWrkSlXXbPB59RNnpRyWnq etbogtyHWAhtFzjcp9nevr6EQZI5hXiLclVZrprXsFYHeHKYT0rZHMGbYn+YRyFrTBSrra CVLcYDbHuD2CZ4zSNOaoyEcOpdeKVZUbynI3Q9zQjtac3z3HZaAl+BFwBxmOeRsBeWpOP7 ul6BWwokX2vN5EOdFUwcqcS/VdFXIy1obRap2X8F5xiDyVyO+WlpN4p8EPYeRJtoE5BYfr IgHjMbvlsDcZAW6ajfGW7Xt6nBqEpb0aSuuWrfuOcg34iB+b+yCoE6WC/jSqug== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781099101; a=rsa-sha256; cv=none; b=Bo7RrDNJ75hWBg48UP7DaAfUXoZrehFBED5sA4ZNzCOTu3ASroxnOQat/yREHqj0sLsPnl iXIZBa/hKVwl++nHX0uQW7ZTgojt4hk/tviHdEQUzugWBLB9ScFRqFWNOY03/lwLsprK2s SHSJ6M6V25n24N2SlYZCdbQpVC+xjAL+2ALdWbFqrCHZQeAY3Nq3+8NbDotWDCAkx8DD+S MLzBM2nR0tZcld/ex1QYDyhYfFjhkGExd89Y+oI6PY7tH6p0SrxzWZq5OZmaD55lLI6TGq uZujPeS5lNx4u9eIiBBVeG76iPZ6x4BPXPgDiE0taNqwTELybd3rQbs0qyiKHA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099101; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=HiynjSiLa80z57EcVyw6Rk34DLRU02tD0C6cBQNqHDM=; b=CPNGY98AJS4mRiE2MSN2xItnO/Sgy7NYoyCA3KqJasBOdSr+NEMXcA+MnDs6+k3G+0wEOu +6rvEuv1ux+oj0/GDuQSR3rklEFV8itzh0BlNgltfeUii56b9OtIg8eS3Vz+rMLBipwE66 qp45r9M2o4uijPvvy/ZlvvaCVtxmMgpR6No31ICcCWRUSzP8qCcv9znX2dqCnxoE/PXDmy B5/h7eQpECKUDuVJPNUdMmC0dcflPDU6HO8qJCFwDq5F9V1wXsno0Su9aHlAll4yl8Qd1q sP57/4ChkiazVMUbsaLmM0mEbLtW7RQEGwOo3cTFmefpmyuhcDymP9Ml4ZMwxg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb6Tn2SLyz1Mf5 for ; Wed, 10 Jun 2026 13:45:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1c85d by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 13:45:01 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 5ccda2174f70 - stable/15 - install.1: Document options incompatible with -s List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 5ccda2174f70968f61fe19dfee04041a2b743edb Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 13:45:01 +0000 Message-Id: <6a296a5d.1c85d.7252be37@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=5ccda2174f70968f61fe19dfee04041a2b743edb commit 5ccda2174f70968f61fe19dfee04041a2b743edb Author: Ed Maste AuthorDate: 2026-06-03 15:35:59 +0000 Commit: Ed Maste CommitDate: 2026-06-10 13:43:59 +0000 install.1: Document options incompatible with -s Reported by: des Reviewed by: ziaee Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57409 (cherry picked from commit b49021b49a78ca6a9e3a1a59c5aa6f2fec503afb) --- usr.bin/xinstall/install.1 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/usr.bin/xinstall/install.1 b/usr.bin/xinstall/install.1 index c923321f20fe..2120706e271e 100644 --- a/usr.bin/xinstall/install.1 +++ b/usr.bin/xinstall/install.1 @@ -25,7 +25,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd April 16, 2024 +.Dd June 3, 2026 .Dt INSTALL 1 .Os .Sh NAME @@ -248,6 +248,10 @@ number of systems and binary types. See below for how .Nm can be instructed to use another program to strip binaries. +This option is incompatible with +.Fl d +and +.Fl l . .It Fl T Ar tags Specify the .Xr mtree 8 From nobody Wed Jun 10 13:44:59 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb6Tr3Mjvz6gR1h for ; Wed, 10 Jun 2026 13:45:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb6Tr1Xsgz3MBG for ; Wed, 10 Jun 2026 13:45:04 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099104; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=OO/J885mRLwDk1/M/YVRlpOcRnFgez+yTQnk8SGkK30=; b=s9HDPSHMjnCqgJ2vai8oBOu/FfEsbH47xmfo/ujrp4n1Z3tibyqiZbUN11VtnLQ1XT1hAu Vb3TUQ5jtgEe/1+lhJFUatSJ3njMhEZDuFKo66CJrWeLHfQO8I1wrK/TKkpAcMVKtpv/rj cEDWf9OoYWo6R4MfXxM52c7pdBdpQ5n8JG7YUVwf7Sb1qnim7btqbLFB1AUVR2fOFxyiFZ rbSTr9bxnwgtd+BqaslR+YTuxVZGjUyso0FcqtfYW/poD5z8/v9E+Uda66zc6fNmF+4hA2 V8sRJnvBpa5oVRtsscsS11scXiwL9C+lYqwPri7K2JEXl7RtHnSi5yMltw8ILQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781099104; a=rsa-sha256; cv=none; b=FftaeLbTaiqjm4pjHfC+Jvwhxy/WK+Se2OA/C5QRCAhzg+TgJCVwlkKnp6X26RnOXKPvzt 1KGZseYOM4eVLGokvc2r04GQN8vqFkCboVlzd3U43JjzyJH7/j8j/WA23QVLSVXvVLyP8u eKKy5ybxV9OoGUdgYQxLulNvAhjgTJr/bPHWdIMbntBo4rKoWaQCosN/laeR7fbaz2H77D IClO7IZ0kva4CKXhpjcvxdCSfidJ+PjKK/RerVO0+rN0PzKp+uoIn3YO8U9b6klRCEAbyC Fl6sibkH9E5GLM3RpLNqb7rz+pfALc8uTo1I2+lYKmNTGsXHFUroCVrmHbBDMg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099104; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=OO/J885mRLwDk1/M/YVRlpOcRnFgez+yTQnk8SGkK30=; b=AEdE1L+4lycMYc25y4H1rW7IeoBLPK9NaevL3//sqyoW5zYW/5syi9+Z+QYgVqRhU2yziZ ZLEYzjFa7n3XtMZcJK+rYv7fV94PjQv6Dhhms6/l8E/EsY9zNDe3Dfwy3LOK8BKELvA4OL 8kTakik1JnmFPKoLn0LIMiy8sJWiffJ5CY7tqh5sT+pMMNxMaXQ3t1UpM2JofNu9I3FMRM w4DDKJfo0zvr9JqX45Z04RIxxjPK4fpYoVnIW0lgX9r+3ZIcHz15KZiNpd/Y1zJD5xCbmj KJgJAbCFrM/yBmdyh7w9PJlWtZi310Fa8RD9EQDN7iD+xl0lcaGjPAufB++p9w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb6Tr110Zz1LvH for ; Wed, 10 Jun 2026 13:45:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1e00b by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 13:44:59 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 88534471b32c - stable/15 - xinstall: Add test for -d -s not allowed together List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 88534471b32cb7f57bafac2d215c05d5e7dabda0 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 13:44:59 +0000 Message-Id: <6a296a5b.1e00b.5071d72d@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=88534471b32cb7f57bafac2d215c05d5e7dabda0 commit 88534471b32cb7f57bafac2d215c05d5e7dabda0 Author: Ed Maste AuthorDate: 2026-06-03 14:13:45 +0000 Commit: Ed Maste CommitDate: 2026-06-10 13:43:59 +0000 xinstall: Add test for -d -s not allowed together Reviewed by: des Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57403 (cherry picked from commit 4908bea5b7f5de70032e201e718958ef40bc3b03) --- usr.bin/xinstall/tests/install_test.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/usr.bin/xinstall/tests/install_test.sh b/usr.bin/xinstall/tests/install_test.sh index 3cea648aa805..6b091f26b377 100755 --- a/usr.bin/xinstall/tests/install_test.sh +++ b/usr.bin/xinstall/tests/install_test.sh @@ -25,6 +25,12 @@ # # +atf_test_case incompatible_opts +incompatible_opts_body() { + atf_check -s not-exit:0 -e match:"specified together" \ + install -s -d dir1 +} + atf_test_case copy_to_empty copy_to_empty_body() { printf 'test\n123\r456\r\n789\0z' >testf @@ -549,6 +555,7 @@ digest_body() { } atf_init_test_cases() { + atf_add_test_case incompatible_opts atf_add_test_case copy_to_empty atf_add_test_case copy_to_nonexistent atf_add_test_case copy_to_nonexistent_dir From nobody Wed Jun 10 13:52:06 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb6f41K8Gz6gRyg for ; Wed, 10 Jun 2026 13:52:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb6f362pNz3PFr for ; Wed, 10 Jun 2026 13:52:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099531; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GGfUQKbKvf7XLBNpPBE5T/NW+xyiXxuZWHa7/nzxd94=; b=XsEXMMw3stT9foh4GpKEx2NEmA8S0MGCwUbfrr381m49qlV8PRPNx6sYJ2kO9uoNK8yK7I ShUBInrfvSLVLbVJgGP5HnKvRN1v5eM/N4yKDuKJt/XcF+3WLNXg6n2Kzcy+gcdSj6YIyf 3zcG4UzhkdGAkFSzlp0Ht3lDKm+F4Y3pWXBSJMo/VkVc9xwFHuwF5OGH4vyBgQ0ruqyfE4 Uek6hpdBsuWYF/VDqFcO/Ew/AgDrKsNoyqC0n9Yu9Npu/umFir96Lww9Y5yh5VFP5Aw6Io MMdVJjh/zCFLs7keTRgUNkAtFXi5pdhqSU7CqzVv0Dwrur3l7JOoYKectJm84w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781099531; a=rsa-sha256; cv=none; b=ZX3AaqQTjYYZ1F2nOZ0+S1f9TxkdS10yCKFRXjqGs6kb6GDux+TrhUsjSXmB5MKLjLD5B4 qExYTFuKiUgpNTYHMuBFkV++kNxjd21nT+gdAGCF5uVfx01JozzjCsltIrWJbJgUNVaoFJ kdrYhNb/TvE8kO+IQwMUPTvliOs7uJlMEOTJzSoxUbDK3CPv11TBpZauDlLON13Y1CE9Mk qTo3ybEVvWYBhzbhrYvJ//V5g+IPyL/IGOY7KwmOe6Xc/yjO7yfxbWywiRxrVWP+zE6IGM 6cfx8wHHvJKeVTPxSz7V+UPQ7nwZvM5t23ejMSMJojjBRKoLQnMUPeQ187Llkg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099531; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GGfUQKbKvf7XLBNpPBE5T/NW+xyiXxuZWHa7/nzxd94=; b=UM1LCDPmec8ttV/mNWCgjyHWF7NfdKTi291QvQusXINj7QVWZSIHRQEESRjFYCsr8R0TZ+ bT9x5/uDIUaTxmgBhgF5z0JtbkpsLBcGCFvdKwXbToozT7Dj52xBlyI1c5VZhVr+m4Bb6K +Y6EGlr7z7uXWMJ+HqwSVZxsJthtZbgWB91s0VAKPgE6IbWTCNuiXhLjTCzoBtE6p6vNO1 lDTDQW4sz6ogstatNNJGlaTJeImfq3jL2MeVm9WN2WnynqiKKsVRKLo351DizMbl7SJ0a/ w/eej++dqu8BllpxZzDrKLg4UeoRX6pVS/QGQZaIIIeSDgLgHsZsivz1GpoVCg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb6f35Br3z1Mv5 for ; Wed, 10 Jun 2026 13:52:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1e72e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 13:52:06 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: f2f67df8c92b - stable/15 - mii: Fix SMSC name List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: f2f67df8c92b51d0bff9c226755cd31c8d685573 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 13:52:06 +0000 Message-Id: <6a296c06.1e72e.4979c2ab@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=f2f67df8c92b51d0bff9c226755cd31c8d685573 commit f2f67df8c92b51d0bff9c226755cd31c8d685573 Author: Ed Maste AuthorDate: 2026-05-04 23:13:44 +0000 Commit: Ed Maste CommitDate: 2026-06-10 13:44:00 +0000 mii: Fix SMSC name The LAN8700 / LAN8710 PHYs were Standard Microsystems Corporation (SMSC) parts. I presume SMC was chosen as an abbreviation, but the company always used SMSC as its short name. SMSC was acquired by Microchip in 2012. I kept the pre-acquisition name, as NetBSD (from where we obtained miidevs) uses SMSC. Reviewed by: adrian Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D56819 (cherry picked from commit 89c883c09ab5e0fdca7ac5dfe74fcc46b7669eb5) --- sys/dev/mii/miidevs | 8 ++++---- sys/dev/mii/smscphy.c | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/sys/dev/mii/miidevs b/sys/dev/mii/miidevs index 5c10fd0f0224..ca4b061a13ee 100644 --- a/sys/dev/mii/miidevs +++ b/sys/dev/mii/miidevs @@ -72,7 +72,7 @@ oui RDC 0x00d02d RDC Semiconductor oui REALTEK 0x00e04c RealTek Semicondctor oui SEEQ 0x00a07d Seeq Technology oui SIS 0x00e006 Silicon Integrated Systems -oui SMC 0x00800f SMC +oui SMSC 0x00800f Microchip (formerly SMSC) oui TI 0x080028 Texas Instruments oui TSC 0x00c039 TDK Semiconductor oui VITESSE 0x0001c1 Vitesse Semiconductor @@ -361,6 +361,6 @@ model xxVITESSE VSC8514 0x0027 Vitesse VSC8514 10/100/1000TX PHY /* XaQti Corp. PHYs */ model xxXAQTI XMACII 0x0000 XaQti Corp. XMAC II gigabit interface -/* SMC */ -model SMC LAN8710A 0x000F SMC LAN8710A 10/100 interface -model SMC LAN8700 0x000C SMC LAN8700 10/100 interface +/* Microchip (formerly SMSC) */ +model SMSC LAN8710A 0x000F Microchip LAN8710A 10/100 interface +model SMSC LAN8700 0x000C Microchip LAN8700 10/100 interface diff --git a/sys/dev/mii/smscphy.c b/sys/dev/mii/smscphy.c index 4e0d3cd3e18e..d578242f5a61 100644 --- a/sys/dev/mii/smscphy.c +++ b/sys/dev/mii/smscphy.c @@ -74,8 +74,8 @@ static driver_t smscphy_driver = { DRIVER_MODULE(smscphy, miibus, smscphy_driver, 0, 0); static const struct mii_phydesc smscphys[] = { - MII_PHY_DESC(SMC, LAN8710A), - MII_PHY_DESC(SMC, LAN8700), + MII_PHY_DESC(SMSC, LAN8710A), + MII_PHY_DESC(SMSC, LAN8700), MII_PHY_END }; From nobody Wed Jun 10 13:52:30 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb6fQ6bvhz6gSHy for ; Wed, 10 Jun 2026 13:52:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb6fQ1Nhhz3PNG for ; Wed, 10 Jun 2026 13:52:30 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099550; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=t+h96kbHWf5nPN7DxaLcMp3mzZ8BRqUT5TmvKtDMITg=; b=HHBBDuMvn/p7Vdi3LKSrHyAfPalEMzjxok//cHOJdiSllCLYIJeBl1mDM3NHnNZzSsvTkp AuU8GJjwE0vJaIk7f+Mh4jmcBX57BHedfhDTW9KDjs0JlcYBTeOrjsAI1Nsj7f1pTE5po2 RjbpLB87Piv9L4cqxFgz6lfT7b65xwTyzHNWnTqJTrHv4nXlFSksce5Z2Dwdp7ROk4jSWG APlSJdInfcgsK29cB23ueJ/u3+qiFL7mPo9vNFRAC/9YYmgSD/ntOcATeo/MafMlsRMD1p cQNS6+45HYLwpI4Se11IDIjFveJ+VIeZtb2ivfR7zEoXQxv8CdNjnN5zL1JfHg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781099550; a=rsa-sha256; cv=none; b=o1Eo19BgwrqUM6RYTQCYHB7VGhktcfisO0Q0MYGkKdTmcZpvlUXY/N4FM+sRSPiGrqe/5w ri1TShGh65hzc0g62led0Et7HkLeH44r1R9UTWjFPLdZGgPKAuslVJQC4iCMHx+DbRck5y MnYgLJbfvc8JL8wPoGh1JHUe0unDnOwhdZTU/mtGLQjG2ze79d+lQWnz4ligypt9USsePA DoxjlguOlltaOK70AEqy96goBEXOD9ovcaHYKMwTYoDzhm3h2NJz06qvA5WBl/0pdHi9g2 etaQnTasXXRuGlM84sWFP6DWBeVLv8H+ycGxSSDRiNPthqXOH7Zm4lx8uRkGhw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099550; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=t+h96kbHWf5nPN7DxaLcMp3mzZ8BRqUT5TmvKtDMITg=; b=I1BQABReX7Va+7EZ+bvooDTQCBilnmfsdW2g4CenMbVDNK+eyW4An0g886jMNPu/g8q2SO UdI11ct3YDYcFZGQTvLKG1hh4nYN+xZTTZjkfO7k7nBEf1r8mk8f04kKFLVz1rSmgzfMMk 0OallPLN1JnI0Mf5tgaomNtv2NR8h5p+8MQ9nmSQszKitdUPUd1oufq1Xp/zsnNud8lFIu wMPivdAgQtifrVYcTjPTUoYhIkMemZCJ00cR6Q2d7QciozwDB5zhG2TRfLvyWIf1u7jFmh ktOx/Gv2HkubdaL6tTuIIwpnBUBVOLpGOBUyHQw+/ZJqQZ8pyeBVdXYc4AMUjw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb6fQ0zvjz1MfX for ; Wed, 10 Jun 2026 13:52:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1f802 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 13:52:30 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: John Baldwin Subject: git: 0492dbe9212e - main - cd9660: Don't parse RRIP records whose length overflows the sector boundary List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 0492dbe9212ee0172e8003c487f256015478edd6 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 13:52:30 +0000 Message-Id: <6a296c1e.1f802.270eebf0@gitrepo.freebsd.org> The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=0492dbe9212ee0172e8003c487f256015478edd6 commit 0492dbe9212ee0172e8003c487f256015478edd6 Author: John Baldwin AuthorDate: 2026-06-10 13:44:10 +0000 Commit: John Baldwin CommitDate: 2026-06-10 13:44:10 +0000 cd9660: Don't parse RRIP records whose length overflows the sector boundary PR: 272896 Reported by: Robert Morris Reviewed by: des, emaste Differential Revision: https://reviews.freebsd.org/D57135 --- sys/fs/cd9660/cd9660_rrip.c | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/sys/fs/cd9660/cd9660_rrip.c b/sys/fs/cd9660/cd9660_rrip.c index 9bc8ef655368..db87f6d1223e 100644 --- a/sys/fs/cd9660/cd9660_rrip.c +++ b/sys/fs/cd9660/cd9660_rrip.c @@ -464,6 +464,7 @@ cd9660_rrip_loop(struct iso_directory_record *isodir, ISO_RRIP_ANALYZE *ana, RRIP_TABLE *ptable; ISO_SUSP_HEADER *phead; ISO_SUSP_HEADER *pend; + ISO_SUSP_HEADER *pnext; struct buf *bp = NULL; char *pwhead; u_short c; @@ -495,6 +496,21 @@ cd9660_rrip_loop(struct iso_directory_record *isodir, ISO_RRIP_ANALYZE *ana, * Note: "pend" should be more than one SUSP header */ while (pend >= phead + 1) { + /* Validate length. */ + if (isonum_711(phead->length) < sizeof(*phead)) + break; + + /* + * Next SUSP + * Hopefully this works with newer versions, too + */ + pnext = (ISO_SUSP_HEADER *)((char *)phead + + isonum_711(phead->length)); + + /* If the record doesn't fit, break out of the loop. */ + if (pnext > pend) + break; + if (isonum_711(phead->version) == 1) { for (ptable = table; ptable->func; ptable++) { if (phead->type[0] == ptable->type[0] && @@ -510,14 +526,8 @@ cd9660_rrip_loop(struct iso_directory_record *isodir, ISO_RRIP_ANALYZE *ana, result &= ~ISO_SUSP_STOP; break; } - /* plausibility check */ - if (isonum_711(phead->length) < sizeof(*phead)) - break; - /* - * move to next SUSP - * Hopefully this works with newer versions, too - */ - phead = (ISO_SUSP_HEADER *)((char *)phead + isonum_711(phead->length)); + + phead = pnext; } if (ana->fields && ana->iso_ce_len) { From nobody Wed Jun 10 13:52:31 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb6fR4fBfz6gSF1 for ; Wed, 10 Jun 2026 13:52:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb6fR28r0z3PY2 for ; Wed, 10 Jun 2026 13:52:31 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099551; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=VvqTRtduwS/Hav9sujnbNz0Fd5k1kk5GnY3EXySfje8=; b=M/aAwB07W4+KBUGv7hswrQp+w4LyowTIa+U9+16KUNuY8qeqxOBps8nMOKQL364iGCPLYn dLvM1iShlfkKQK8xFvYO9dDUUfoUM+5AwFhrmVGfyIEVqFWH3ArkcKHHkFmIZkupEKWFW0 ez++CM/MLuL5VtKkZ4b6IbM4Ma4OwySTCrWouVbFs7liqkyEkny2hSjVw4jjdbqBcDPSPG MTa8MOnt/nqshj8idytnxvxUMq+TueMsSSFpAxshCM6kTzfZaHUlnvGN5qQQy1XLCwjBo+ nDexWCmX6nWyhFO5KE1gBd3b+6QGown7tGNGLCOuUChr3EuxwHJzMuzRNry1Zw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781099551; a=rsa-sha256; cv=none; b=qEqd83UFojm3PWqMFrwCn+xI7BxfXtpOm/jxU/pxKvqt3bm+KxI+0eKSqSmkN1jp8ujY73 DUbAQFiU2TXd15hk/zI32Z/6Wpz80zAuFk3D9H89qiw5uAxjKBYMibLMR16JjyoFYZLkv0 b1nWPyxzlITwmU/LEwlFc3ddjEYpDuM0TbzhpkXv4sJR7X5rFVgQW85UKHS08D1ku3WJrU +LRPNiPVXZfNuOWAyg/rZDI/mCj0ggV56SGS7E5Ti4CUe7wni8Fgy7sw7OU6YQ63Ksk4Al 4COV1Y5ky8zVo19r4s00ZiXSbWihwbpMsRal8owv6TdPehHyvHIZQAIi4cwe0g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099551; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=VvqTRtduwS/Hav9sujnbNz0Fd5k1kk5GnY3EXySfje8=; b=h4xj4Uj68uU22RKU8NSvMNdyPxb1XqZD9+uk6stE2JLgyxpV8gxHewLaMyx+xnzlKKDVBo YA32EpG+IYxZqH3QTp7T6rH3erdtK0ifO0Gg+06I5sCmuA+m1SLMbzWG4jHR0wDaJ3BIcV HYM7UQippEtmUxzj5yHXo3qzGieBh1t2cAcONVQGoczdXwy/iqLjm/DHz3wv0G58qmRTJ/ nB7BNDo/OBlaf6sOYuGl4FzxJYl8LxPPex26PSdsisolxPbzt822d5BzKHoKTmgPzvP1Ah gesV3BPdhIOl0c6mIdnUlvBf/80b2qCyElknQQiP9Fc6VItO4XthAQ7fzbpzBg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb6fR1ls4z1M0n for ; Wed, 10 Jun 2026 13:52:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1e826 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 13:52:31 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: John Baldwin Subject: git: b5a8b933d499 - main - ppp: Don't fetch a non-existent variadic argument List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: b5a8b933d4994835e10226562ff8126298c96693 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 13:52:31 +0000 Message-Id: <6a296c1f.1e826.1687e7bd@gitrepo.freebsd.org> The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=b5a8b933d4994835e10226562ff8126298c96693 commit b5a8b933d4994835e10226562ff8126298c96693 Author: John Baldwin AuthorDate: 2026-06-10 13:44:10 +0000 Commit: John Baldwin CommitDate: 2026-06-10 13:44:10 +0000 ppp: Don't fetch a non-existent variadic argument Only fetch the optional mode argument to ID0open to pass to open(2) if O_CREAT is present in the flags argument. It is UB to fetch an argument that doesn't exist. On CHERI this UB results in a fault. Reviewed by: brooks Obtained from: CheriBSD Sponsored by: AFRL, DARPA Differential Revision: https://reviews.freebsd.org/D57137 --- usr.sbin/ppp/id.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/usr.sbin/ppp/id.c b/usr.sbin/ppp/id.c index c7d512380afa..35bd3f08c261 100644 --- a/usr.sbin/ppp/id.c +++ b/usr.sbin/ppp/id.c @@ -145,7 +145,10 @@ ID0open(const char *path, int flags, ...) va_start(ap, flags); ID0set0(); - ret = open(path, flags, va_arg(ap, int)); + if (flags & O_CREAT) + ret = open(path, flags, va_arg(ap, int)); + else + ret = open(path, flags); log_Printf(LogID0, "%d = open(\"%s\", %d)\n", ret, path, flags); ID0setuser(); va_end(ap); From nobody Wed Jun 10 13:52:32 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb6fS4HHMz6gS95 for ; Wed, 10 Jun 2026 13:52:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb6fS2fWfz3PKb for ; Wed, 10 Jun 2026 13:52:32 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099552; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=7CtIjc9fzgxbQgm9SdRV8otU7Vcb2GukHNWZP5avcpU=; b=rPC7XkD0D7Rtq/eF+PC3fUH2IwEklibpcFnqilKK7b1jozUy8tJyn4AkK0r3E3DjFqbouN 5/v/sYF2qLJ0YXrAw5yxQm3dRmuAUHgIbqTy7mKNwR721MrGwDGeQAgsPF3/XxRgsTy7so 3+hWVVsBBEM9bT6+xe0SKKHQ0ANOfzjsrbW+qHTXmdzfyV5d0iDWDKCZ3QJz+M1sfoZUXr 6zhZYb1z7qY66JKvsYoS/8UVLr/XwwWlkqwOKtY8C6Pwz84tGzmNywK/n+MMrOmip1Oqe6 N+sflK4xNUlSZu1ni71WcXUmyEv2tc7L0VPE7PtOJ2WHU7+jVQGIguc+dYr+7Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781099552; a=rsa-sha256; cv=none; b=f+HzOgQpkxBob76tK0tdL6DjJIdoA8MMRTlv2bqLgjtoPWkOxbQsJfcELsqEQJKgpXFrKo TP469cPQDpzbsKro5G6WZKlX5Q63Zf9+8BJ2W1QlUuqmTLSu+xqlIqkVtnyEo3zsq8Hp4y pJaaSrkW6wPjAajZcrEusNptTCiYMOI71PlAPyl3epB++l7QwpIJ/Y7sfg12qPGxWAJEF3 7vgWKJh15oudbxghKjtgPN7ERc/VuGTBao1/USBs2Z4q2cLxgnaRD/uVy3Z95ecQV0rHKs XiD+vCW6b8dElfiE+lU5eH8PZ0sE7Zp1pz33qlUpQEYA8gJQwa6Npy9otOkxnQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099552; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=7CtIjc9fzgxbQgm9SdRV8otU7Vcb2GukHNWZP5avcpU=; b=t0HnmM60Rgf5whqFQCBGtV+V5IanTpuXhO3ucUisn56ghU1Qypr020FU6J1ulIrOemeG6f 7OndY4QDy99C4M023c0WXqc5p94T8v6zXdN+Im/ZUcgLezFRtMamwXdb8YtbkyVEIM7Oc2 XS1J4cuR2ukeHC1oeFnvsLMEAnwfalNQVG2PhHI9WZPVSDFHScClF5g9gFDkdhpo15bmpD UElnENHILzadq4cLxSAXzp4xDMaU5XIMwK6r8QpFnxkGKYTBAMODtDtmrCMFSqj2vERyIg PpA3tIOrOFVgXUQf9/XEGrWHl2lVtRSZu+4/vS2ZMve8JDzUZIHX78+jVOJUKg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb6fS26M3z1Ms4 for ; Wed, 10 Jun 2026 13:52:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1d7cd by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 13:52:32 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: John Baldwin Subject: git: 7e971892dfc5 - main - ppp: Permit CHAP challenges up to 255 bytes List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 7e971892dfc5aac20bd62be7817941dbaed55f42 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 13:52:32 +0000 Message-Id: <6a296c20.1d7cd.55f12157@gitrepo.freebsd.org> The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=7e971892dfc5aac20bd62be7817941dbaed55f42 commit 7e971892dfc5aac20bd62be7817941dbaed55f42 Author: John Baldwin AuthorDate: 2026-06-10 13:44:10 +0000 Commit: John Baldwin CommitDate: 2026-06-10 13:44:10 +0000 ppp: Permit CHAP challenges up to 255 bytes RFC 1994 does not place any limit on the length of the value field in challenge messages except that the length is a single octet which bounds the maximum length to 255. NB: I'm not sure why the local[] and peer[] arrays contain room for an authentication name (AUTHLEN) in addition to a challenge value/response, but I've just left that in place. PR: 271955 Reported by: Robert Morris Reviewed by: des Differential Revision: https://reviews.freebsd.org/D57138 --- usr.sbin/ppp/chap.c | 4 ++-- usr.sbin/ppp/chap.h | 4 ++-- usr.sbin/ppp/defs.h | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/usr.sbin/ppp/chap.c b/usr.sbin/ppp/chap.c index 9cefa6db71ce..1129aa7fb2a3 100644 --- a/usr.sbin/ppp/chap.c +++ b/usr.sbin/ppp/chap.c @@ -238,7 +238,7 @@ chap_BuildAnswer(char *name, char *key, u_char id, char *challenge MD5Init(&MD5context); MD5Update(&MD5context, &id, 1); MD5Update(&MD5context, key, klen); - MD5Update(&MD5context, challenge + 1, *challenge); + MD5Update(&MD5context, challenge + 1, (u_char)*challenge); MD5Final(digest, &MD5context); memcpy(digest + 16, name, nlen); @@ -913,7 +913,7 @@ chap_Input(struct bundle *bundle, struct link *l, struct mbuf *bp) if (myans == NULL) key = NULL; else { - if (!chap_Cmp(myans + 1, *myans, ans + 1, alen + if (!chap_Cmp(myans + 1, (u_char)*myans, ans + 1, alen #ifndef NODES , p->link.lcp.want_authtype, lanman #endif diff --git a/usr.sbin/ppp/chap.h b/usr.sbin/ppp/chap.h index f697167ab165..993ed3f060f7 100644 --- a/usr.sbin/ppp/chap.h +++ b/usr.sbin/ppp/chap.h @@ -48,8 +48,8 @@ struct chap { } child; struct authinfo auth; struct { - u_char local[CHAPCHALLENGELEN + AUTHLEN]; /* I invented this one */ - u_char peer[CHAPCHALLENGELEN + AUTHLEN]; /* Peer gave us this one */ + u_char local[CHAPCHALLENGELEN + 1 + AUTHLEN]; /* I invented this one */ + u_char peer[CHAPCHALLENGELEN + 1 + AUTHLEN]; /* Peer gave us this one */ } challenge; #ifndef NODES unsigned NTRespSent : 1; /* Our last response */ diff --git a/usr.sbin/ppp/defs.h b/usr.sbin/ppp/defs.h index c76cbd8ad9cb..31f2577a6c23 100644 --- a/usr.sbin/ppp/defs.h +++ b/usr.sbin/ppp/defs.h @@ -58,7 +58,7 @@ #define DEVICE_LEN SCRIPT_LEN /* Size of individual devices */ #define AUTHLEN 100 /* Size of authname/authkey */ #define CHAPDIGESTLEN 100 /* Maximum chap digest */ -#define CHAPCHALLENGELEN 48 /* Maximum chap challenge */ +#define CHAPCHALLENGELEN 255 /* Maximum chap challenge */ #define CHAPAUTHRESPONSELEN 48 /* Maximum chap authresponse (chap81) */ #define MAXARGS 40 /* How many args per config line */ #define NCP_IDLE_TIMEOUT 180 /* Drop all links */ From nobody Wed Jun 10 13:52:33 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb6fT4gHkz6gS96 for ; Wed, 10 Jun 2026 13:52:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb6fT3MNXz3PVZ for ; Wed, 10 Jun 2026 13:52:33 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099553; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=mCDCve1f8qzWtu4eLPiJOs4oTXV+J5Y6+UD39KYzSBI=; b=Y+7dbX2jh+bThE1Rcf5Uqq0VLqGM+TZRg3Kd8XHh0bkNtUzBd4ht/tNqvEmYrWaalXKZCo +7LDa3xSHP76flZmq4S6Mdof70o1/9pZ/E3iixB0/yGlPFj037wDlgRyBbwdJdH7tpu9G3 dHXSGAkqvxRWkWVk1lwSHjGepj7/Rf8eCLgLij2B0MM4YevqmQ7XJ7gGwjxUJEMDpRViM7 FsS1mkzYBsMhmTCuMy+dy/4oIapmYIiAzWIUK7I7lddyV71w4pWXXNUEuIKP7jjvLanByA 1tDQZ8cg3D4tEpORhEgh80JVlfrWrQy1BeRlUmSM+EK9c2g2Fm8Has4lYVmvAw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781099553; a=rsa-sha256; cv=none; b=KYN3k9XwNoEIN+8EvsRBhmmrZxX+DOrNhp/n8p7eDdJn4NmuZSK5BoWzj4fcoU3dGzq1ES sRMpSdMP14dBRj40XrzGuuwYF3XItyBfxvXAnN5k6d5xxvMn/ZtskzWULppo1Zwre9Vhmu WgNjWO0El+k1uWR90fow+x1nfsLbcpzx46zTSr1Qr8GCLF70emOhmbT/O0KLqt8KYQd5tK 0M1e4LwWr6zRpSaU+Pgtxu2mr2h+68H9RDLnX3JPH5L/QZy6SLYzNlg6ZPL45tVoeeRZkZ 2XM51LlFTXLmC91f5Rggs8gwnJu7oP7IzpaeqYGciUAP76wJw1EDTADcpYKrcQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781099553; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=mCDCve1f8qzWtu4eLPiJOs4oTXV+J5Y6+UD39KYzSBI=; b=UVtfqIH6Y7lvHtkILiDW4CzXjYVpHNabz6/IbHfykK1kStNhKFIlxT7VW4RhgzfYX49Fs7 TutMRAOFbzoC8oye5NZ+iN8ED6tAKbyu+0vU6N5H+SMX6R2Q44KuPOdEHfFMwFLoztSqhD rgo2F0KucLw2I7Tl7OMq1QSqhyh/PbkRdOCEa7wOhjFcO6JnQ1SPG79JePaFrbIMm+ir8M fInZ4lR6TOjzyKkOqojE5wblf+ZpDGSRpwStxswhPwCa+H39qtNfR0/t4lhgV9hWySa1Uv aT/OlfbLcgqujkY+52Sxq8xMHTDD2Thx29VFllrpQakV7gx6qP7KgFMUq7hP9Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb6fT2wxRz1MP1 for ; Wed, 10 Jun 2026 13:52:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1f806 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 13:52:33 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: John Baldwin Subject: git: 4d8fde8cff07 - main - ppp: Reject FSM messages whose length is smaller than the message header List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 4d8fde8cff0796f32e659036543aa17d16a15b1b Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 13:52:33 +0000 Message-Id: <6a296c21.1f806.54e3558@gitrepo.freebsd.org> The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=4d8fde8cff0796f32e659036543aa17d16a15b1b commit 4d8fde8cff0796f32e659036543aa17d16a15b1b Author: John Baldwin AuthorDate: 2026-06-10 13:44:10 +0000 Commit: John Baldwin CommitDate: 2026-06-10 13:44:10 +0000 ppp: Reject FSM messages whose length is smaller than the message header PR: 271843 Reported by: Robert Morris Reviewed by: des, emaste Differential Revision: https://reviews.freebsd.org/D57139 --- usr.sbin/ppp/fsm.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/usr.sbin/ppp/fsm.c b/usr.sbin/ppp/fsm.c index 5c011bef7f4f..060a9149a6af 100644 --- a/usr.sbin/ppp/fsm.c +++ b/usr.sbin/ppp/fsm.c @@ -1060,6 +1060,12 @@ fsm_Input(struct fsm *fp, struct mbuf *bp) m_freem(bp); return; } + if (ntohs(lh.length) < sizeof(lh)) { + log_Printf(LogWARN, "%s: Header length %d is too small - dropped\n", + fp->link->name, (int)ntohs(lh.length)); + m_freem(bp); + return; + } if (lh.code < fp->min_code || lh.code > fp->max_code || lh.code > sizeof FsmCodes / sizeof *FsmCodes) { From nobody Wed Jun 10 14:08:18 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb70f4G8yz6gV09 for ; Wed, 10 Jun 2026 14:08:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb70f2f4vz3S5M for ; Wed, 10 Jun 2026 14:08:18 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781100498; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=AotgP0dOFMDbDY1rgeYWXSbWxkIaSsB8Wzqvagn9msA=; b=KHu1MYqtT/NdMFm6p/YWd2lt5Uu9oEhi9FMedhcXgEtDOaz2dW1Xl4OLnf+t9RjqwCXIY2 KmQ/c8kNyJZJ9Zxc19RpuzpBAmU4jhVP7NU729/E/28kYNCFMJDJY7YAqZcqI+oL1vECOw ntB8qksP5hZ/sx2XrSOa72VubNZfevAFLV6FJrR6ekSk0HSnm77t/LLLUTLoOeuXOWj/Bs et/iO5V2lvfgjOnCzQYP/AMFc1SA+wV9EB+aNb7Chdb761Xng71Wwn8WwvB800a7z2JfJZ DMgIaA24p2KdQCcU9RWH6QaQ37M6rmmBMZyYWL5V2ig/NffzCB9HakiS8iZNYg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781100498; a=rsa-sha256; cv=none; b=AH+bAvINHwDUP41/E7GY4idTl1YWdjEQqZfixpmvbAPPfNufqKTOe+7NYGi3t9YI9Q8Rst 5dBaCBsPff2lO1EVvv/RKgNPoUxmJcHB1taSDAd49/zFujHFhRg+8T98/Lr9vLgLYwCArl rIDYy4/uhUBgXdKcjJzlAocnmZUr4ftAlySjMXfOrb4r1M1t/WIDykjctkigmuKQCGENc0 PEz0HFYZ8+TqUJhh7CAUhImOv+dqQGpIXO8KgFIYwq6kAX8TB9FL7eUK5G9Hi/JcSk6pU+ muqqfdWYz72QFyfIMBfSNNDhKeXMjYRmEwYLrFqgLqpTTx8mn81E5cR8KXTpjQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781100498; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=AotgP0dOFMDbDY1rgeYWXSbWxkIaSsB8Wzqvagn9msA=; b=aZbdGytoALgpmipw/nWhtWoCsNh/ekQ0hsOJFCxIkG6H9Duxb6doEStKJoU5drKMupJ0kk x38Z0Ibgt/PmB4VSlGr5w5eSZ6xmrkR/ckfe5dn3BdavxboJPQV1Pw7a+j1o400y0xQ2jR sZxlWNgwviO+0LlTodae5nfogwzdxZ6hygsjazIABPmzov9mUp0daYEjyE6c3vDz/xHZpq S30Se88aTH63F74LsCpg7kB730PAVq8MG7BHcsljNgb30d1eSp3BeQW/hLkrqCeSymv9BI 3HjzTa+lI0XlaJsj3EBKbDbX5d54nX/9fYhlZSCvtQ9/ZR6HCtKHjvDJllw8mw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb70f1wYHz1Msx for ; Wed, 10 Jun 2026 14:08:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1fbdd by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 14:08:18 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Justin Hibbits Subject: git: 4bdcff554368 - main - powerpc/booke: Add watchdog driver List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhibbits X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 4bdcff55436859420e090afb0e6932bab794baa4 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 14:08:18 +0000 Message-Id: <6a296fd2.1fbdd.44ea01c6@gitrepo.freebsd.org> The branch main has been updated by jhibbits: URL: https://cgit.FreeBSD.org/src/commit/?id=4bdcff55436859420e090afb0e6932bab794baa4 commit 4bdcff55436859420e090afb0e6932bab794baa4 Author: Justin Hibbits AuthorDate: 2026-06-10 03:09:10 +0000 Commit: Justin Hibbits CommitDate: 2026-06-10 14:04:41 +0000 powerpc/booke: Add watchdog driver The Book-E watchdog is effectively a state machine based around an AND mask of the timebase register. A single bit (0-63) is watched in the timebase register, and when it transitions (by counting *or* by programmatically setting) an exception is triggered. The first exception triggers a core interrupt. The second is programmable. In our case, we panic on the first and reset on second. --- sys/powerpc/booke/machdep_e500.c | 71 ++++++++++++++++++++++++++++++++++++++++ sys/powerpc/include/spr.h | 3 ++ 2 files changed, 74 insertions(+) diff --git a/sys/powerpc/booke/machdep_e500.c b/sys/powerpc/booke/machdep_e500.c index d56209c12faa..2f39a66aac6d 100644 --- a/sys/powerpc/booke/machdep_e500.c +++ b/sys/powerpc/booke/machdep_e500.c @@ -30,8 +30,11 @@ #include #include +#include +#include #include #include +#include #include #include @@ -136,3 +139,71 @@ cpu_machine_check(struct thread *td, struct trapframe *frame, int *ucode) *ucode = BUS_OBJERR; return (SIGBUS); } + +/* + * Book-E watchdog timer is a simple check of a single bit in the timebase + * register. When that bit rolls over from 0 to 1 the state machine activates. + * In our case, we want it to trigger an interrupt to the core first, then + * reboot on the second interrupt. + * + * With all PowerPC numbering, 0 is the MSB, and 63 is LSB. + */ +/* Arg is the timebase bit number 1-based (flsll result) */ +static void +booke_watchdog_cpu(void *arg) +{ + uint32_t tcr; + int bitno = (uintptr_t)arg; + + /* First pet the watchdog */ + mtspr(SPR_TSR, TSR_ENW | TSR_WIS); + + tcr = mfspr(SPR_TCR); + tcr &= ~(TCR_WP_MASK | TCR_WPEXT_MASK); + tcr |= TCR_MAKE_WP(bitno); + + tcr |= TCR_WRC_CHIP | TCR_WIE; + + mtspr(SPR_TCR, tcr); +} + +static void +booke_watchdog_fn(void *priv, sbintime_t sbt, sbintime_t *esbt, int *err) +{ + struct cpuref cpuref; + uintptr_t tb_bit; + uint64_t freq, tb, ticks; + + /* Once enabled it cannot be disabled */ + if (sbt == 0) { + *err = EOPNOTSUPP; + return; + } + cpuref.cr_hwref = 0; + cpuref.cr_cpuid = 0; + freq = platform_timebase_freq(&cpuref); + ticks = 1000000000 / freq; /* Ticks/s -> ns/tick */ + ticks = sbttons(sbt) / ticks; + + /* + * To get the next rollover bit add the current timbase to the tick + * count, using only a mask of the current timebase matching the tick + * size. This will give us the next rollover bit *beyond* the timeout. + */ + tb = mftb() & ((1 << flsll(ticks)) - 1); + tb += ticks; + + tb_bit = 64 - flsll(tb); + + smp_rendezvous(NULL, booke_watchdog_cpu, NULL, (void *)tb_bit); + *err = 0; +} + +static void +booke_watchdog_register(void *arg) +{ + printf("Registering booke watchdog timer\n"); + EVENTHANDLER_REGISTER(watchdog_sbt_list, booke_watchdog_fn, NULL, 0); +} + +SYSINIT(booke_watchdog, SI_SUB_LAST, SI_ORDER_ANY, booke_watchdog_register, NULL); diff --git a/sys/powerpc/include/spr.h b/sys/powerpc/include/spr.h index 5c6e9d67fcb4..afa1692bed75 100644 --- a/sys/powerpc/include/spr.h +++ b/sys/powerpc/include/spr.h @@ -549,6 +549,9 @@ #define TCR_FP_2_21 0x03000000 /* 2**21 clocks */ #define TCR_FIE 0x00800000 /* FIT Interrupt Enable */ #define TCR_ARE 0x00400000 /* Auto Reload Enable */ +#define TCR_WPEXT_MASK 0x003c0000 +#define TCR_FPEXT_MASK 0x0003c000 +#define TCR_MAKE_WP(c) (((c & 0x3) << 30) | (c & 0x3c) << 15) #define SPR_HID0 0x3f0 /* ..8 Hardware Implementation Register 0 */ #define SPR_HID1 0x3f1 /* ..8 Hardware Implementation Register 1 */ From nobody Wed Jun 10 14:08:17 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb70k3cvmz6gTb8 for ; Wed, 10 Jun 2026 14:08:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb70k338qz3SdV for ; Wed, 10 Jun 2026 14:08:22 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781100502; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=YfbHSTbtc4zsES+EZcIP/dk2o3y/wl8rVR21WBlORfs=; b=QeqjIwb4bexFm9H/jdi56F6kfx0bin7q1l0J5CRzMTcW9PvdOrwCCEMMjY8L6YnXAN9gHF npZBTOiN/skmDxa3RXAuoJeHeEfg84L+aRl5j78DJjpanMgx/mzM1+2BXnUANP1rjfodGO 9HtxzB5qhvJbSe2tvA9tMj6Y4TGtDvJFF4WK/kblyuNx155V1s2UDqx/y+qqjCeJc89k6e 9KSohct8dsE2OvfHfX97Ei3HaV7Wih8zoGbgV9Bfm7n0JkzW92SpZhiza5dl6l151OcQLp m9hh8lOsN9EUA8mSkNMWPQHsgwVJw5SwFVFOPWAzmJCnkLDjdQ1o9HQNcnQjZQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781100502; a=rsa-sha256; cv=none; b=q2Y3xd7c5K65zLKmqs5qYqzeIq5pN3wHeTGJtv2Wtoa05L9HKs41Gdu6nL5Sm1URJbAczE llZHD3nHXtjGBcZfE0uMeFayQihV0JgZn0kECs/MeBuXXNe4z/wdxGgJ9knFeOFCHZ4F1G WkQ+hi8NmHU6xSJ2mNE32Zc6HyHXO55CcLKz04NBOsSDmKnAFZi7xhLQbOUBnZEb6GieWv Piikt0Rk2Xkk4DivcHwNiMDxMe1PYftXIVj+70KpdTYmIhOJgTVKpAvtfGkIhGpOQuzUMx ARuunUxye4BDypORgA26Z9/oqFswZDK2jGCPxyYdEAEZfvAkNvl3IP6ovIcadQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781100502; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=YfbHSTbtc4zsES+EZcIP/dk2o3y/wl8rVR21WBlORfs=; b=Po//3smvvm1BY7VectynHfcxIRNMY7PF2KFZtIBh1vXxvG57rEH8Kp244kyLVDgNkBbqkS 7g5j+sUtT696IAfNvV+eyDa9WJ3nAJrdVRvBLrf184y24TSSDyli4vZYD01AMo/nA+miKz E6QNC0KSDmGptGO2asBSf0fTGQm4EjVZ3Uql556wEu70Cqh1baDg2JhE01ks3SHTQdYdno xiqyHIpuOOrsrk5ET24B469339WN3LB3aXUG+9hVEm0QS0reWXlCscV/NKwi1nT12pAZ3x EIxmp8WjxfATKVrZqZmjm+aBPz2u1tjRusEyofDAPC5/ZPXwxpk9D6slgp7MQA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb70k2KhJz1N8D for ; Wed, 10 Jun 2026 14:08:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 1e7fe by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 14:08:17 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Justin Hibbits Subject: git: d08cb1dc1748 - main - watchdog: Fix a couple type issues List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhibbits X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: d08cb1dc17486920c1506f175d77259e0ac3f3a3 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 14:08:17 +0000 Message-Id: <6a296fd1.1e7fe.1fd619e6@gitrepo.freebsd.org> The branch main has been updated by jhibbits: URL: https://cgit.FreeBSD.org/src/commit/?id=d08cb1dc17486920c1506f175d77259e0ac3f3a3 commit d08cb1dc17486920c1506f175d77259e0ac3f3a3 Author: Justin Hibbits AuthorDate: 2026-06-10 13:50:14 +0000 Commit: Justin Hibbits CommitDate: 2026-06-10 14:04:40 +0000 watchdog: Fix a couple type issues * Force the type of the literal `1` passed to nstosbt() to ensure it's a 64-bit type (or larger). Otherwise it gets inconveniently typed to int, resulting in truncation. * Use `flsll()` when converting sbt to power-of-2-nanoseconds to fix 32-bit compatibility. PR: 292616 Obtained from: Hewlett Packard Enterprise Fixes: 26d6617f3 ("watchdog: Convert to using sbintime_t format") MFC after: 3 days --- sys/dev/watchdog/watchdog.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/dev/watchdog/watchdog.c b/sys/dev/watchdog/watchdog.c index c599db56bf95..4c166a2bd7e9 100644 --- a/sys/dev/watchdog/watchdog.c +++ b/sys/dev/watchdog/watchdog.c @@ -110,7 +110,7 @@ wdog_kern_pat(u_int utim) if (utim == WD_TO_NEVER) sbt = 0; else - sbt = nstosbt(1 << utim); + sbt = nstosbt(1ULL << utim); return (wdog_kern_pat_sbt(sbt)); } @@ -142,7 +142,7 @@ wdog_kern_pat_sbt(sbintime_t sbt) /* legacy uses power-of-2-nanoseconds time. */ if (sbt != 0) { - pow2ns = flsl(sbttons(sbt)); + pow2ns = flsll(sbttons(sbt)); } if (wd_last_sbt != sbt) { wd_last_u = pow2ns; From nobody Wed Jun 10 14:24:48 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb7Mn3M49z6gWLn for ; Wed, 10 Jun 2026 14:24:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb7Mn2H5Gz3V3F for ; Wed, 10 Jun 2026 14:24:53 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781101493; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=g5EqOqlNUaUPEYFHGc8KtqTLr3oKjNcT8Hr0Wk3bDjE=; b=WXMSK4KRkyUbMvobu2Ohw/0P9NDEI9PJ9ZlA5VMByH3t6WPdTdWYpsPA09wo8q/Qt0bXIe hQzDXkUF/JNWCn/19z42DWliVr2zUrxJ4fpqC24ckQxGzsvOwSPLaLxOeqFV8VwuZP6m7r iwTMFdfOJz5pFkBtjKlX+hTQxKvvtCuUgLwUJxxYGd/uxKNTcA0Ps7DU6YmRmq4DwHO4nd 7OJ5DvD68xUhpDVc5uUHt/kzPCw4BXrhx84M9Kf/oW/RWpXeKPEqXbO6KS2vSJo1XpgV4R jv+d7PZTrAMpnCkZY9rqRPU8fVJZyOmbxj1esSwWntmAqFDHYCbBiC7j6bgYWQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781101493; a=rsa-sha256; cv=none; b=TXUDhjsoBdku2rOVRKYSpErYHgAhVQ0JirjQgO8+2146Y57ypLHR/7duPZtTe9AwF3ZqVa edq4BBO2RRt2UJdgYMJlA1thS1li8T9827iNt49ZQODSLRQii1bAjs/hc5Emj9cxao9Szg 8SKsU+FfedTduFCD5bBIdoYGk8FkKZWc4j7cNsnTKXDP+3D2EBrdM8tRGxI6XH9ZjxBOpj VodAFsr9Ce1pf2LhcsRHd3FJEF7/JB9YC8h5H3JAgDOfUC2h5qgBi2oMrURxeagrKEJAYz /Efi5nd65tTMENSVJ3g+h1tSAVsjBy6tVuJGBn3iKHpcURwxT0sPZohZQntmSA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781101493; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=g5EqOqlNUaUPEYFHGc8KtqTLr3oKjNcT8Hr0Wk3bDjE=; b=Tqob2Y/wCqniHEp0HwoIt3KOql1Bk9I9fyt3Vy0JXWlhMQSrJU3aq23pBAmEJe6rwVnDxW nFNjFupTLg07bnenurb39Fx4DyEtYSN7NN9kGrB0fB8dRqKdUPZ+9WPdqhYEGeDgJZB8p6 yOjCUfaVArWwCY8DyjTq/IOwcfj1VvfVySv/pAVZ5mUCQ3a4+oUErHZEj54U5YOp4NfG9J yFKzzyv1vKxBMGOKJZ28sKdVFJpD4AyWUkd/hO83GlU1umhil82ujHWQblfbvRNJ/cfKyd FgudSyLABxqxcGpYGHtsr9hcmBziJu0PKU6NzceJf2edsjEZtmYv990/XXmssg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb7Mn1fkGz1NRv for ; Wed, 10 Jun 2026 14:24:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 22540 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 14:24:48 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Sourojeet A From: Ed Maste Subject: git: b203a374f87d - stable/15 - linuxkpi: Make pm_qos.h self-contained List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: b203a374f87d9e89ff41d04f2e2467a9412d5caa Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 14:24:48 +0000 Message-Id: <6a2973b0.22540.27188016@gitrepo.freebsd.org> The branch stable/15 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=b203a374f87d9e89ff41d04f2e2467a9412d5caa commit b203a374f87d9e89ff41d04f2e2467a9412d5caa Author: Sourojeet A AuthorDate: 2026-06-03 21:58:53 +0000 Commit: Ed Maste CommitDate: 2026-06-10 13:44:00 +0000 linuxkpi: Make pm_qos.h self-contained Include for `false`. This is needed by amdgpu somewhere between Linux 6.12 and 6.15. Reviewed by: Minsoo Choo , bz Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57415 (cherry picked from commit 67df313015906d84d90df8e37795885e81cf8da5) --- sys/compat/linuxkpi/common/include/linux/pm_qos.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sys/compat/linuxkpi/common/include/linux/pm_qos.h b/sys/compat/linuxkpi/common/include/linux/pm_qos.h index 47c41a819ba8..97d16369a704 100644 --- a/sys/compat/linuxkpi/common/include/linux/pm_qos.h +++ b/sys/compat/linuxkpi/common/include/linux/pm_qos.h @@ -28,6 +28,8 @@ #ifndef _LINUXKPI_LINUX_PM_QOS_H #define _LINUXKPI_LINUX_PM_QOS_H +#include + #define PM_QOS_DEFAULT_VALUE (-1) struct pm_qos_request { From nobody Wed Jun 10 15:33:06 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb8tW4gg5z6gfKh for ; Wed, 10 Jun 2026 15:33:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb8tW2GDVz3cM7 for ; Wed, 10 Jun 2026 15:33:07 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781105587; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9VxRDlogWzROFxb3HIzWkjBIw8MyqJx7IQQA5y7t3RU=; b=wCPjJE/w5pZ2Y6dswWyyudLkmueHgLuBPZE59L/oUnh17z6d9Ndd1aMWCm/VDLXqP3H0jQ jaRDDlxMLPUElqxwM1YRkpBrntSqu0AHCaGF9pg2IhbJtJJ2WTjwsZ/qos9hjRF8dmxRsd 7VMjwKsxmQoyRMjcLwKM9P1kCHJD0tJQiaE1xn2ObtB1ycHShxakilR8t9W148xsaulvmo OSB8fQ0iGbALRvGcD8XFyiNpNXhsTUcH2URtMcNIcV72vINBHA73o4Zst7LtCA6KmxE+Tg 9ljSZK1yP6PWmj3MTQMDrtw48ECtQ57XjPShu6G5Rzl4Cu6Sj/zL9q6Ul4rDzQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781105587; a=rsa-sha256; cv=none; b=qUV8DFobpmul2JRErOcMw2rlhoCdy7SnJ2NFrn3DyL3cMYDXl1I+OhssIMx499vlbctAtZ 8JJl/fYzC46hOTORGD80r4QzLUw2QkOlixMC5zQQaFu2o1KudttU/SqfWIn/VPQTBRPDpn MTDHTLLjK7x8Iee62yBIeUESbM1A3WG4ckOMFH7zrksbInSnBFNmHfgymAGbDdltvIu3By gCPE7G+6D0+SMPbkpdMOb/G5hvhk9QyrBeqJ47c2ZYgbYFZa5fd96mqgs/MwZVZ8Ewc6aR 8JHY36iMvzGG0iaQeIAJ3HHcbDV/wIo8yW7FVeyURykH22pgo7TBE/zccHbRvg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781105587; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9VxRDlogWzROFxb3HIzWkjBIw8MyqJx7IQQA5y7t3RU=; b=q4uZn53aFZacDVXc1a/xg1W/gPCXgWHptK6IJyv4ovvfrLCkBHjtSNXul61POjkl/+TB9o wgEufaOrU7+RJfNntyonocrd7hF391Xmvr3jw/ZdOGFABOgQ/nCIc6j7dy4EuOkraWhVmI 9IyKtS4ORF6BcxKfn5G5NQf4UUT6WQKF5yPl8e4SM2tRPzssYlE8NOsqB6j9+7ehoTQAmo EjLdPBbTc79xgih6fb0FH+36WxlpAVq5Kmyh8LY6PW7/Y8f9/5vEm8n6fj2H9PhAfJqRuJ tGKN9aUF43VZKfQD2wgVxHo76NDbDau3ew2HM/nWiAKi0D+n8bsiJqh7HUzuYA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb8tW1lKwz1Q5B for ; Wed, 10 Jun 2026 15:33:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 30daa by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 15:33:06 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Enji Cooper Subject: git: 0881f6cf3f44 - main - crypto/openssl: update artifacts to match 3.5.7 release List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ngie X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 0881f6cf3f44883b03c21dc7e5ab2140275b5afd Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 15:33:06 +0000 Message-Id: <6a2983b2.30daa.79e0b214@gitrepo.freebsd.org> The branch main has been updated by ngie: URL: https://cgit.FreeBSD.org/src/commit/?id=0881f6cf3f44883b03c21dc7e5ab2140275b5afd commit 0881f6cf3f44883b03c21dc7e5ab2140275b5afd Author: Enji Cooper AuthorDate: 2026-06-10 15:32:04 +0000 Commit: Enji Cooper CommitDate: 2026-06-10 15:32:35 +0000 crypto/openssl: update artifacts to match 3.5.7 release MFC after: 3 days MFC with: 1523ccfd9 --- crypto/openssl/exporters/libcrypto.pc | 2 +- crypto/openssl/exporters/libssl.pc | 2 +- crypto/openssl/exporters/openssl.pc | 2 +- crypto/openssl/include/openssl/opensslv.h | 10 +-- crypto/openssl/include/openssl/ssl.h | 4 +- crypto/openssl/include/openssl/x509_acert.h | 10 ++- secure/lib/libcrypto/man/man3/ADMISSIONS.3 | 2 +- secure/lib/libcrypto/man/man3/ASN1_EXTERN_FUNCS.3 | 2 +- .../libcrypto/man/man3/ASN1_INTEGER_get_int64.3 | 2 +- secure/lib/libcrypto/man/man3/ASN1_INTEGER_new.3 | 2 +- secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3 | 2 +- secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3 | 2 +- .../lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3 | 2 +- secure/lib/libcrypto/man/man3/ASN1_STRING_length.3 | 2 +- secure/lib/libcrypto/man/man3/ASN1_STRING_new.3 | 2 +- .../lib/libcrypto/man/man3/ASN1_STRING_print_ex.3 | 2 +- secure/lib/libcrypto/man/man3/ASN1_TIME_set.3 | 2 +- secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3 | 2 +- secure/lib/libcrypto/man/man3/ASN1_aux_cb.3 | 2 +- .../lib/libcrypto/man/man3/ASN1_generate_nconf.3 | 2 +- secure/lib/libcrypto/man/man3/ASN1_item_d2i_bio.3 | 2 +- secure/lib/libcrypto/man/man3/ASN1_item_new.3 | 2 +- secure/lib/libcrypto/man/man3/ASN1_item_sign.3 | 2 +- secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3 | 2 +- secure/lib/libcrypto/man/man3/ASYNC_start_job.3 | 2 +- secure/lib/libcrypto/man/man3/BF_encrypt.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_ADDR.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_connect.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_ctrl.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_f_base64.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_f_buffer.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_f_cipher.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_f_md.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_f_null.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_f_prefix.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_f_readbuffer.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_f_ssl.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_find_type.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_get_data.3 | 2 +- .../lib/libcrypto/man/man3/BIO_get_ex_new_index.3 | 2 +- .../libcrypto/man/man3/BIO_get_rpoll_descriptor.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_meth_new.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_new.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_new_CMS.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_printf.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_push.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_read.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_s_accept.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_s_bio.3 | 88 +++++++++++++++++++++- secure/lib/libcrypto/man/man3/BIO_s_connect.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_s_core.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_s_datagram.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_s_dgram_pair.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_s_fd.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_s_file.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_s_mem.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_s_null.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_s_socket.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_sendmmsg.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_set_callback.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_set_flags.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_should_retry.3 | 2 +- secure/lib/libcrypto/man/man3/BIO_socket_wait.3 | 2 +- secure/lib/libcrypto/man/man3/BN_BLINDING_new.3 | 2 +- secure/lib/libcrypto/man/man3/BN_CTX_new.3 | 2 +- secure/lib/libcrypto/man/man3/BN_CTX_start.3 | 2 +- secure/lib/libcrypto/man/man3/BN_add.3 | 10 ++- secure/lib/libcrypto/man/man3/BN_add_word.3 | 2 +- secure/lib/libcrypto/man/man3/BN_bn2bin.3 | 2 +- secure/lib/libcrypto/man/man3/BN_cmp.3 | 2 +- secure/lib/libcrypto/man/man3/BN_copy.3 | 2 +- secure/lib/libcrypto/man/man3/BN_generate_prime.3 | 2 +- secure/lib/libcrypto/man/man3/BN_mod_exp_mont.3 | 2 +- secure/lib/libcrypto/man/man3/BN_mod_inverse.3 | 2 +- .../lib/libcrypto/man/man3/BN_mod_mul_montgomery.3 | 2 +- .../lib/libcrypto/man/man3/BN_mod_mul_reciprocal.3 | 2 +- secure/lib/libcrypto/man/man3/BN_new.3 | 2 +- secure/lib/libcrypto/man/man3/BN_num_bytes.3 | 2 +- secure/lib/libcrypto/man/man3/BN_rand.3 | 2 +- secure/lib/libcrypto/man/man3/BN_security_bits.3 | 2 +- secure/lib/libcrypto/man/man3/BN_set_bit.3 | 2 +- secure/lib/libcrypto/man/man3/BN_swap.3 | 2 +- secure/lib/libcrypto/man/man3/BN_zero.3 | 2 +- secure/lib/libcrypto/man/man3/BUF_MEM_new.3 | 2 +- secure/lib/libcrypto/man/man3/CMAC_CTX.3 | 2 +- .../libcrypto/man/man3/CMS_EncryptedData_decrypt.3 | 2 +- .../libcrypto/man/man3/CMS_EncryptedData_encrypt.3 | 2 +- .../man/man3/CMS_EncryptedData_set1_key.3 | 2 +- .../libcrypto/man/man3/CMS_EnvelopedData_create.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_add0_cert.3 | 2 +- .../libcrypto/man/man3/CMS_add1_recipient_cert.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_add1_signer.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_compress.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_data_create.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_decrypt.3 | 8 +- secure/lib/libcrypto/man/man3/CMS_digest_create.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_encrypt.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_final.3 | 2 +- .../libcrypto/man/man3/CMS_get0_RecipientInfos.3 | 2 +- .../lib/libcrypto/man/man3/CMS_get0_SignerInfos.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_get0_type.3 | 2 +- .../libcrypto/man/man3/CMS_get1_ReceiptRequest.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_sign.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_sign_receipt.3 | 2 +- .../lib/libcrypto/man/man3/CMS_signed_get_attr.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_uncompress.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_verify.3 | 2 +- secure/lib/libcrypto/man/man3/CMS_verify_receipt.3 | 2 +- secure/lib/libcrypto/man/man3/COMP_CTX_new.3 | 2 +- secure/lib/libcrypto/man/man3/CONF_modules_free.3 | 2 +- .../libcrypto/man/man3/CONF_modules_load_file.3 | 2 +- .../libcrypto/man/man3/CRYPTO_THREAD_run_once.3 | 2 +- .../libcrypto/man/man3/CRYPTO_get_ex_new_index.3 | 2 +- secure/lib/libcrypto/man/man3/CRYPTO_memcmp.3 | 2 +- .../man/man3/CTLOG_STORE_get0_log_by_id.3 | 2 +- secure/lib/libcrypto/man/man3/CTLOG_STORE_new.3 | 2 +- secure/lib/libcrypto/man/man3/CTLOG_new.3 | 2 +- .../libcrypto/man/man3/CT_POLICY_EVAL_CTX_new.3 | 2 +- secure/lib/libcrypto/man/man3/DEFINE_STACK_OF.3 | 2 +- secure/lib/libcrypto/man/man3/DES_random_key.3 | 2 +- secure/lib/libcrypto/man/man3/DH_generate_key.3 | 2 +- .../libcrypto/man/man3/DH_generate_parameters.3 | 2 +- secure/lib/libcrypto/man/man3/DH_get0_pqg.3 | 2 +- secure/lib/libcrypto/man/man3/DH_get_1024_160.3 | 2 +- secure/lib/libcrypto/man/man3/DH_meth_new.3 | 2 +- secure/lib/libcrypto/man/man3/DH_new.3 | 2 +- secure/lib/libcrypto/man/man3/DH_new_by_nid.3 | 2 +- secure/lib/libcrypto/man/man3/DH_set_method.3 | 2 +- secure/lib/libcrypto/man/man3/DH_size.3 | 2 +- secure/lib/libcrypto/man/man3/DSA_SIG_new.3 | 2 +- secure/lib/libcrypto/man/man3/DSA_do_sign.3 | 2 +- secure/lib/libcrypto/man/man3/DSA_dup_DH.3 | 2 +- secure/lib/libcrypto/man/man3/DSA_generate_key.3 | 2 +- .../libcrypto/man/man3/DSA_generate_parameters.3 | 2 +- secure/lib/libcrypto/man/man3/DSA_get0_pqg.3 | 2 +- secure/lib/libcrypto/man/man3/DSA_meth_new.3 | 2 +- secure/lib/libcrypto/man/man3/DSA_new.3 | 2 +- secure/lib/libcrypto/man/man3/DSA_set_method.3 | 2 +- secure/lib/libcrypto/man/man3/DSA_sign.3 | 2 +- secure/lib/libcrypto/man/man3/DSA_size.3 | 2 +- secure/lib/libcrypto/man/man3/DTLS_get_data_mtu.3 | 2 +- secure/lib/libcrypto/man/man3/DTLS_set_timer_cb.3 | 2 +- secure/lib/libcrypto/man/man3/DTLSv1_get_timeout.3 | 2 +- .../lib/libcrypto/man/man3/DTLSv1_handle_timeout.3 | 2 +- secure/lib/libcrypto/man/man3/DTLSv1_listen.3 | 2 +- secure/lib/libcrypto/man/man3/ECDSA_SIG_new.3 | 2 +- secure/lib/libcrypto/man/man3/ECDSA_sign.3 | 2 +- .../lib/libcrypto/man/man3/ECPKParameters_print.3 | 2 +- .../lib/libcrypto/man/man3/EC_GFp_simple_method.3 | 2 +- secure/lib/libcrypto/man/man3/EC_GROUP_copy.3 | 2 +- secure/lib/libcrypto/man/man3/EC_GROUP_new.3 | 2 +- .../lib/libcrypto/man/man3/EC_KEY_get_enc_flags.3 | 2 +- secure/lib/libcrypto/man/man3/EC_KEY_new.3 | 2 +- secure/lib/libcrypto/man/man3/EC_POINT_add.3 | 2 +- secure/lib/libcrypto/man/man3/EC_POINT_new.3 | 2 +- secure/lib/libcrypto/man/man3/ENGINE_add.3 | 2 +- secure/lib/libcrypto/man/man3/ERR_GET_LIB.3 | 2 +- secure/lib/libcrypto/man/man3/ERR_clear_error.3 | 2 +- secure/lib/libcrypto/man/man3/ERR_error_string.3 | 2 +- secure/lib/libcrypto/man/man3/ERR_get_error.3 | 2 +- .../libcrypto/man/man3/ERR_load_crypto_strings.3 | 2 +- secure/lib/libcrypto/man/man3/ERR_load_strings.3 | 2 +- secure/lib/libcrypto/man/man3/ERR_new.3 | 2 +- secure/lib/libcrypto/man/man3/ERR_print_errors.3 | 2 +- secure/lib/libcrypto/man/man3/ERR_put_error.3 | 2 +- secure/lib/libcrypto/man/man3/ERR_remove_state.3 | 2 +- secure/lib/libcrypto/man/man3/ERR_set_mark.3 | 2 +- .../lib/libcrypto/man/man3/EVP_ASYM_CIPHER_free.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_BytesToKey.3 | 2 +- .../man/man3/EVP_CIPHER_CTX_get_app_data.3 | 2 +- .../man/man3/EVP_CIPHER_CTX_get_cipher_data.3 | 2 +- .../man/man3/EVP_CIPHER_CTX_get_original_iv.3 | 2 +- .../lib/libcrypto/man/man3/EVP_CIPHER_meth_new.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_DigestInit.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_DigestSignInit.3 | 2 +- .../lib/libcrypto/man/man3/EVP_DigestVerifyInit.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_EncodeInit.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_EncryptInit.3 | 5 +- secure/lib/libcrypto/man/man3/EVP_KDF.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_KEM_free.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_KEYEXCH_free.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_KEYMGMT.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_MAC.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_MD_meth_new.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_OpenInit.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PBE_CipherInit.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY2PKCS8.3 | 2 +- .../lib/libcrypto/man/man3/EVP_PKEY_ASN1_METHOD.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_ctrl.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_CTX_get0_libctx.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_CTX_get0_pkey.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_CTX_get_algor.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_CTX_new.3 | 2 +- .../man/man3/EVP_PKEY_CTX_set1_pbe_pass.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_CTX_set_hkdf_md.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_CTX_set_params.3 | 2 +- .../man/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_CTX_set_scrypt_N.3 | 2 +- .../man/man3/EVP_PKEY_CTX_set_tls1_prf_md.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_asn1_get_count.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_check.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_copy_parameters.3 | 2 +- .../lib/libcrypto/man/man3/EVP_PKEY_decapsulate.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_decrypt.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_derive.3 | 2 +- .../man/man3/EVP_PKEY_digestsign_supports_digest.3 | 2 +- .../lib/libcrypto/man/man3/EVP_PKEY_encapsulate.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_encrypt.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_fromdata.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_get_attr.3 | 2 +- .../man/man3/EVP_PKEY_get_default_digest_nid.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_get_field_type.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_get_group_name.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_get_size.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_gettable_params.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_is_a.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_keygen.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_meth_get_count.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_meth_new.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_new.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_print_private.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_set1_RSA.3 | 2 +- .../man/man3/EVP_PKEY_set1_encoded_public_key.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_set_type.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_settable_params.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_sign.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_todata.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_PKEY_verify.3 | 2 +- .../libcrypto/man/man3/EVP_PKEY_verify_recover.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_RAND.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_SIGNATURE.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_SKEY.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_SKEYMGMT.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_SealInit.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_SignInit.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_VerifyInit.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_aes_128_gcm.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_aria_128_gcm.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_bf_cbc.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_blake2b512.3 | 2 +- .../lib/libcrypto/man/man3/EVP_camellia_128_ecb.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_cast5_cbc.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_chacha20.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_des_cbc.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_desx_cbc.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_idea_cbc.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_md2.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_md4.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_md5.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_mdc2.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_rc2_cbc.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_rc4.3 | 2 +- .../lib/libcrypto/man/man3/EVP_rc5_32_12_16_cbc.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_ripemd160.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_seed_cbc.3 | 2 +- .../man/man3/EVP_set_default_properties.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_sha1.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_sha224.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_sha3_224.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_sm3.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_sm4_cbc.3 | 2 +- secure/lib/libcrypto/man/man3/EVP_whirlpool.3 | 2 +- secure/lib/libcrypto/man/man3/GENERAL_NAME.3 | 2 +- secure/lib/libcrypto/man/man3/HMAC.3 | 2 +- secure/lib/libcrypto/man/man3/MD5.3 | 2 +- secure/lib/libcrypto/man/man3/MDC2_Init.3 | 2 +- secure/lib/libcrypto/man/man3/NCONF_new_ex.3 | 2 +- secure/lib/libcrypto/man/man3/OBJ_nid2obj.3 | 2 +- secure/lib/libcrypto/man/man3/OCSP_REQUEST_new.3 | 2 +- secure/lib/libcrypto/man/man3/OCSP_cert_to_id.3 | 2 +- .../libcrypto/man/man3/OCSP_request_add1_nonce.3 | 2 +- .../lib/libcrypto/man/man3/OCSP_resp_find_status.3 | 2 +- .../lib/libcrypto/man/man3/OCSP_response_status.3 | 2 +- secure/lib/libcrypto/man/man3/OCSP_sendreq_new.3 | 2 +- secure/lib/libcrypto/man/man3/OPENSSL_Applink.3 | 2 +- secure/lib/libcrypto/man/man3/OPENSSL_FILE.3 | 2 +- .../lib/libcrypto/man/man3/OPENSSL_LH_COMPFUNC.3 | 2 +- secure/lib/libcrypto/man/man3/OPENSSL_LH_stats.3 | 2 +- secure/lib/libcrypto/man/man3/OPENSSL_config.3 | 2 +- .../lib/libcrypto/man/man3/OPENSSL_fork_prepare.3 | 2 +- secure/lib/libcrypto/man/man3/OPENSSL_gmtime.3 | 2 +- .../lib/libcrypto/man/man3/OPENSSL_hexchar2int.3 | 2 +- secure/lib/libcrypto/man/man3/OPENSSL_ia32cap.3 | 2 +- .../lib/libcrypto/man/man3/OPENSSL_init_crypto.3 | 2 +- secure/lib/libcrypto/man/man3/OPENSSL_init_ssl.3 | 2 +- .../libcrypto/man/man3/OPENSSL_instrument_bus.3 | 2 +- .../man/man3/OPENSSL_load_builtin_modules.3 | 2 +- .../lib/libcrypto/man/man3/OPENSSL_load_u16_le.3 | 2 +- secure/lib/libcrypto/man/man3/OPENSSL_malloc.3 | 2 +- secure/lib/libcrypto/man/man3/OPENSSL_ppccap.3 | 2 +- secure/lib/libcrypto/man/man3/OPENSSL_riscvcap.3 | 2 +- secure/lib/libcrypto/man/man3/OPENSSL_s390xcap.3 | 2 +- .../lib/libcrypto/man/man3/OPENSSL_secure_malloc.3 | 2 +- secure/lib/libcrypto/man/man3/OPENSSL_strcasecmp.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_ALGORITHM.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_CALLBACK.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_CMP_ATAV_set0.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_CMP_CTX_new.3 | 2 +- .../man/man3/OSSL_CMP_HDR_get0_transactionID.3 | 2 +- .../libcrypto/man/man3/OSSL_CMP_ITAV_new_caCerts.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_CMP_ITAV_set0.3 | 2 +- .../libcrypto/man/man3/OSSL_CMP_MSG_get0_header.3 | 2 +- .../libcrypto/man/man3/OSSL_CMP_MSG_http_perform.3 | 2 +- .../lib/libcrypto/man/man3/OSSL_CMP_SRV_CTX_new.3 | 2 +- .../libcrypto/man/man3/OSSL_CMP_STATUSINFO_new.3 | 2 +- .../lib/libcrypto/man/man3/OSSL_CMP_exec_certreq.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_CMP_log_open.3 | 2 +- .../lib/libcrypto/man/man3/OSSL_CMP_validate_msg.3 | 2 +- .../lib/libcrypto/man/man3/OSSL_CORE_MAKE_FUNC.3 | 2 +- .../libcrypto/man/man3/OSSL_CRMF_MSG_get0_tmpl.3 | 2 +- .../man/man3/OSSL_CRMF_MSG_set0_validity.3 | 2 +- .../man/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.3 | 2 +- .../man/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_CRMF_pbmp_new.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_DECODER.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_DECODER_CTX.3 | 2 +- .../man/man3/OSSL_DECODER_CTX_new_for_pkey.3 | 2 +- .../lib/libcrypto/man/man3/OSSL_DECODER_from_bio.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_DISPATCH.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_ENCODER.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_ENCODER_CTX.3 | 2 +- .../man/man3/OSSL_ENCODER_CTX_new_for_pkey.3 | 2 +- .../lib/libcrypto/man/man3/OSSL_ENCODER_to_bio.3 | 2 +- .../lib/libcrypto/man/man3/OSSL_ERR_STATE_save.3 | 2 +- .../man/man3/OSSL_ESS_check_signing_certs.3 | 2 +- .../libcrypto/man/man3/OSSL_GENERAL_NAMES_print.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_HPKE_CTX_new.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_HTTP_REQ_CTX.3 | 8 +- .../lib/libcrypto/man/man3/OSSL_HTTP_parse_url.3 | 20 +++-- secure/lib/libcrypto/man/man3/OSSL_HTTP_transfer.3 | 7 +- .../lib/libcrypto/man/man3/OSSL_IETF_ATTR_SYNTAX.3 | 2 +- .../man/man3/OSSL_IETF_ATTR_SYNTAX_print.3 | 2 +- .../man/man3/OSSL_INDICATOR_set_callback.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_ITEM.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_LIB_CTX.3 | 2 +- .../man/man3/OSSL_LIB_CTX_set_conf_diagnostics.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_PARAM.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_PARAM_BLD.3 | 2 +- .../man/man3/OSSL_PARAM_allocate_from_text.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_PARAM_dup.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_PARAM_int.3 | 2 +- .../libcrypto/man/man3/OSSL_PARAM_print_to_bio.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_PROVIDER.3 | 2 +- .../libcrypto/man/man3/OSSL_QUIC_client_method.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_SELF_TEST_new.3 | 2 +- .../man/man3/OSSL_SELF_TEST_set_callback.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_STORE_INFO.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_STORE_LOADER.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_STORE_SEARCH.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_STORE_attach.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_STORE_expect.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_STORE_open.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_sleep.3 | 2 +- secure/lib/libcrypto/man/man3/OSSL_trace_enabled.3 | 2 +- .../man/man3/OSSL_trace_get_category_num.3 | 2 +- .../libcrypto/man/man3/OSSL_trace_set_channel.3 | 2 +- .../man/man3/OpenSSL_add_all_algorithms.3 | 2 +- secure/lib/libcrypto/man/man3/OpenSSL_version.3 | 2 +- .../libcrypto/man/man3/PBMAC1_get1_pbkdf2_param.3 | 2 +- .../libcrypto/man/man3/PEM_X509_INFO_read_bio_ex.3 | 2 +- secure/lib/libcrypto/man/man3/PEM_bytes_read_bio.3 | 2 +- secure/lib/libcrypto/man/man3/PEM_read.3 | 2 +- secure/lib/libcrypto/man/man3/PEM_read_CMS.3 | 2 +- .../libcrypto/man/man3/PEM_read_bio_PrivateKey.3 | 2 +- secure/lib/libcrypto/man/man3/PEM_read_bio_ex.3 | 2 +- .../libcrypto/man/man3/PEM_write_bio_CMS_stream.3 | 2 +- .../man/man3/PEM_write_bio_PKCS7_stream.3 | 2 +- .../lib/libcrypto/man/man3/PKCS12_PBE_keyivgen.3 | 2 +- .../man/man3/PKCS12_SAFEBAG_create_cert.3 | 2 +- .../libcrypto/man/man3/PKCS12_SAFEBAG_get0_attrs.3 | 2 +- .../libcrypto/man/man3/PKCS12_SAFEBAG_get1_cert.3 | 2 +- .../libcrypto/man/man3/PKCS12_SAFEBAG_set0_attrs.3 | 2 +- .../libcrypto/man/man3/PKCS12_add1_attr_by_NID.3 | 2 +- .../libcrypto/man/man3/PKCS12_add_CSPName_asc.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS12_add_cert.3 | 2 +- .../man/man3/PKCS12_add_friendlyname_asc.3 | 2 +- .../lib/libcrypto/man/man3/PKCS12_add_localkeyid.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS12_add_safe.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS12_create.3 | 2 +- .../lib/libcrypto/man/man3/PKCS12_decrypt_skey.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS12_gen_mac.3 | 2 +- .../libcrypto/man/man3/PKCS12_get_friendlyname.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS12_init.3 | 2 +- .../libcrypto/man/man3/PKCS12_item_decrypt_d2i.3 | 2 +- .../libcrypto/man/man3/PKCS12_key_gen_utf8_ex.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS12_newpass.3 | 2 +- .../lib/libcrypto/man/man3/PKCS12_pack_p7encdata.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS12_parse.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS5_PBE_keyivgen.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS5_PBKDF2_HMAC.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS7_decrypt.3 | 17 +++-- secure/lib/libcrypto/man/man3/PKCS7_encrypt.3 | 2 +- .../libcrypto/man/man3/PKCS7_get_octet_string.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS7_sign.3 | 2 +- .../lib/libcrypto/man/man3/PKCS7_sign_add_signer.3 | 2 +- .../lib/libcrypto/man/man3/PKCS7_type_is_other.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS7_verify.3 | 2 +- secure/lib/libcrypto/man/man3/PKCS8_encrypt.3 | 2 +- .../lib/libcrypto/man/man3/PKCS8_pkey_add1_attr.3 | 2 +- secure/lib/libcrypto/man/man3/RAND_add.3 | 2 +- secure/lib/libcrypto/man/man3/RAND_bytes.3 | 2 +- secure/lib/libcrypto/man/man3/RAND_cleanup.3 | 2 +- secure/lib/libcrypto/man/man3/RAND_egd.3 | 2 +- secure/lib/libcrypto/man/man3/RAND_get0_primary.3 | 2 +- secure/lib/libcrypto/man/man3/RAND_load_file.3 | 2 +- secure/lib/libcrypto/man/man3/RAND_set_DRBG_type.3 | 2 +- .../lib/libcrypto/man/man3/RAND_set_rand_method.3 | 2 +- secure/lib/libcrypto/man/man3/RC4_set_key.3 | 2 +- secure/lib/libcrypto/man/man3/RIPEMD160_Init.3 | 2 +- secure/lib/libcrypto/man/man3/RSA_blinding_on.3 | 2 +- secure/lib/libcrypto/man/man3/RSA_check_key.3 | 2 +- secure/lib/libcrypto/man/man3/RSA_generate_key.3 | 2 +- secure/lib/libcrypto/man/man3/RSA_get0_key.3 | 2 +- secure/lib/libcrypto/man/man3/RSA_meth_new.3 | 2 +- secure/lib/libcrypto/man/man3/RSA_new.3 | 2 +- .../man/man3/RSA_padding_add_PKCS1_type_1.3 | 2 +- secure/lib/libcrypto/man/man3/RSA_print.3 | 2 +- .../lib/libcrypto/man/man3/RSA_private_encrypt.3 | 2 +- secure/lib/libcrypto/man/man3/RSA_public_encrypt.3 | 2 +- secure/lib/libcrypto/man/man3/RSA_set_method.3 | 2 +- secure/lib/libcrypto/man/man3/RSA_sign.3 | 2 +- .../man/man3/RSA_sign_ASN1_OCTET_STRING.3 | 2 +- secure/lib/libcrypto/man/man3/RSA_size.3 | 2 +- secure/lib/libcrypto/man/man3/SCT_new.3 | 2 +- secure/lib/libcrypto/man/man3/SCT_print.3 | 2 +- secure/lib/libcrypto/man/man3/SCT_validate.3 | 2 +- secure/lib/libcrypto/man/man3/SHA256_Init.3 | 2 +- secure/lib/libcrypto/man/man3/SMIME_read_ASN1.3 | 2 +- secure/lib/libcrypto/man/man3/SMIME_read_CMS.3 | 2 +- secure/lib/libcrypto/man/man3/SMIME_read_PKCS7.3 | 2 +- secure/lib/libcrypto/man/man3/SMIME_write_ASN1.3 | 2 +- secure/lib/libcrypto/man/man3/SMIME_write_CMS.3 | 2 +- secure/lib/libcrypto/man/man3/SMIME_write_PKCS7.3 | 2 +- secure/lib/libcrypto/man/man3/SRP_Calc_B.3 | 2 +- secure/lib/libcrypto/man/man3/SRP_VBASE_new.3 | 2 +- .../lib/libcrypto/man/man3/SRP_create_verifier.3 | 2 +- secure/lib/libcrypto/man/man3/SRP_user_pwd_new.3 | 2 +- .../lib/libcrypto/man/man3/SSL_CIPHER_get_name.3 | 2 +- .../man/man3/SSL_COMP_add_compression_method.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_CONF_CTX_new.3 | 2 +- .../libcrypto/man/man3/SSL_CONF_CTX_set1_prefix.3 | 2 +- .../libcrypto/man/man3/SSL_CONF_CTX_set_flags.3 | 2 +- .../libcrypto/man/man3/SSL_CONF_CTX_set_ssl_ctx.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_CONF_cmd.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_CONF_cmd_argv.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_add1_chain_cert.3 | 2 +- .../man/man3/SSL_CTX_add_extra_chain_cert.3 | 2 +- .../lib/libcrypto/man/man3/SSL_CTX_add_session.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_CTX_config.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_CTX_ctrl.3 | 2 +- .../lib/libcrypto/man/man3/SSL_CTX_dane_enable.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_flush_sessions.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_CTX_free.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_CTX_get0_param.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_get_verify_mode.3 | 2 +- .../man/man3/SSL_CTX_has_client_custom_ext.3 | 2 +- .../man/man3/SSL_CTX_load_verify_locations.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_CTX_new.3 | 2 +- .../lib/libcrypto/man/man3/SSL_CTX_sess_number.3 | 2 +- .../man/man3/SSL_CTX_sess_set_cache_size.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_sess_set_get_cb.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_CTX_sessions.3 | 2 +- .../lib/libcrypto/man/man3/SSL_CTX_set0_CA_list.3 | 2 +- .../man/man3/SSL_CTX_set1_cert_comp_preference.3 | 2 +- .../lib/libcrypto/man/man3/SSL_CTX_set1_curves.3 | 2 +- .../lib/libcrypto/man/man3/SSL_CTX_set1_sigalgs.3 | 2 +- .../man/man3/SSL_CTX_set1_verify_cert_store.3 | 2 +- .../man/man3/SSL_CTX_set_alpn_select_cb.3 | 2 +- .../lib/libcrypto/man/man3/SSL_CTX_set_cert_cb.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_set_cert_store.3 | 2 +- .../man/man3/SSL_CTX_set_cert_verify_callback.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_set_cipher_list.3 | 2 +- .../man/man3/SSL_CTX_set_client_cert_cb.3 | 2 +- .../man/man3/SSL_CTX_set_client_hello_cb.3 | 2 +- .../man/man3/SSL_CTX_set_ct_validation_callback.3 | 2 +- .../man/man3/SSL_CTX_set_ctlog_list_file.3 | 2 +- .../man/man3/SSL_CTX_set_default_passwd_cb.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_set_domain_flags.3 | 2 +- .../man/man3/SSL_CTX_set_generate_session_id.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_set_info_callback.3 | 2 +- .../man/man3/SSL_CTX_set_keylog_callback.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_set_max_cert_list.3 | 2 +- .../man/man3/SSL_CTX_set_min_proto_version.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_CTX_set_mode.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_set_msg_callback.3 | 2 +- .../man/man3/SSL_CTX_set_new_pending_conn_cb.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_set_num_tickets.3 | 2 +- .../lib/libcrypto/man/man3/SSL_CTX_set_options.3 | 2 +- .../man/man3/SSL_CTX_set_psk_client_callback.3 | 2 +- .../man/man3/SSL_CTX_set_quiet_shutdown.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_set_read_ahead.3 | 2 +- .../man/man3/SSL_CTX_set_record_padding_callback.3 | 2 +- .../man/man3/SSL_CTX_set_security_level.3 | 2 +- .../man/man3/SSL_CTX_set_session_cache_mode.3 | 8 +- .../man/man3/SSL_CTX_set_session_id_context.3 | 29 ++++--- .../man/man3/SSL_CTX_set_session_ticket_cb.3 | 2 +- .../man/man3/SSL_CTX_set_split_send_fragment.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_set_srp_password.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_set_ssl_version.3 | 2 +- .../SSL_CTX_set_stateless_cookie_generate_cb.3 | 2 +- .../lib/libcrypto/man/man3/SSL_CTX_set_timeout.3 | 2 +- .../man3/SSL_CTX_set_tlsext_servername_callback.3 | 10 ++- .../man/man3/SSL_CTX_set_tlsext_status_cb.3 | 2 +- .../man/man3/SSL_CTX_set_tlsext_ticket_key_cb.3 | 2 +- .../man/man3/SSL_CTX_set_tlsext_use_srtp.3 | 2 +- .../man/man3/SSL_CTX_set_tmp_dh_callback.3 | 2 +- .../lib/libcrypto/man/man3/SSL_CTX_set_tmp_ecdh.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_CTX_set_verify.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_use_certificate.3 | 2 +- .../man/man3/SSL_CTX_use_psk_identity_hint.3 | 2 +- .../libcrypto/man/man3/SSL_CTX_use_serverinfo.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_SESSION_free.3 | 2 +- .../libcrypto/man/man3/SSL_SESSION_get0_cipher.3 | 2 +- .../libcrypto/man/man3/SSL_SESSION_get0_hostname.3 | 2 +- .../man/man3/SSL_SESSION_get0_id_context.3 | 2 +- .../lib/libcrypto/man/man3/SSL_SESSION_get0_peer.3 | 2 +- .../man/man3/SSL_SESSION_get_compress_id.3 | 2 +- .../man/man3/SSL_SESSION_get_protocol_version.3 | 2 +- .../lib/libcrypto/man/man3/SSL_SESSION_get_time.3 | 2 +- .../libcrypto/man/man3/SSL_SESSION_has_ticket.3 | 2 +- .../libcrypto/man/man3/SSL_SESSION_is_resumable.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_SESSION_print.3 | 2 +- .../lib/libcrypto/man/man3/SSL_SESSION_set1_id.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_accept.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_accept_stream.3 | 2 +- .../lib/libcrypto/man/man3/SSL_alert_type_string.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_alloc_buffers.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_check_chain.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_clear.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_connect.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_do_handshake.3 | 2 +- .../man/man3/SSL_export_keying_material.3 | 2 +- .../libcrypto/man/man3/SSL_extension_supported.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_free.3 | 2 +- .../lib/libcrypto/man/man3/SSL_get0_connection.3 | 2 +- .../lib/libcrypto/man/man3/SSL_get0_group_name.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_get0_peer_rpk.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_get0_peer_scts.3 | 2 +- .../libcrypto/man/man3/SSL_get1_builtin_sigalgs.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_get_SSL_CTX.3 | 2 +- .../lib/libcrypto/man/man3/SSL_get_all_async_fds.3 | 2 +- .../lib/libcrypto/man/man3/SSL_get_certificate.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_get_ciphers.3 | 2 +- .../lib/libcrypto/man/man3/SSL_get_client_random.3 | 2 +- .../libcrypto/man/man3/SSL_get_conn_close_info.3 | 2 +- .../libcrypto/man/man3/SSL_get_current_cipher.3 | 2 +- .../libcrypto/man/man3/SSL_get_default_timeout.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_get_error.3 | 2 +- .../lib/libcrypto/man/man3/SSL_get_event_timeout.3 | 2 +- .../lib/libcrypto/man/man3/SSL_get_extms_support.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_get_fd.3 | 2 +- .../lib/libcrypto/man/man3/SSL_get_handshake_rtt.3 | 2 +- .../libcrypto/man/man3/SSL_get_peer_cert_chain.3 | 2 +- .../libcrypto/man/man3/SSL_get_peer_certificate.3 | 2 +- .../man/man3/SSL_get_peer_signature_nid.3 | 2 +- .../lib/libcrypto/man/man3/SSL_get_peer_tmp_key.3 | 2 +- .../lib/libcrypto/man/man3/SSL_get_psk_identity.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_get_rbio.3 | 2 +- .../libcrypto/man/man3/SSL_get_rpoll_descriptor.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_get_session.3 | 2 +- .../libcrypto/man/man3/SSL_get_shared_sigalgs.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_get_stream_id.3 | 2 +- .../libcrypto/man/man3/SSL_get_stream_read_state.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_get_value_uint.3 | 2 +- .../lib/libcrypto/man/man3/SSL_get_verify_result.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_get_version.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_group_to_name.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_handle_events.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_in_init.3 | 2 +- .../lib/libcrypto/man/man3/SSL_inject_net_dgram.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_key_update.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_library_init.3 | 2 +- .../libcrypto/man/man3/SSL_load_client_CA_file.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_new.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_new_domain.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_new_listener.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_new_stream.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_pending.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_poll.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_read.3 | 2 +- .../lib/libcrypto/man/man3/SSL_read_early_data.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_rstate_string.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_session_reused.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_set1_host.3 | 2 +- .../man/man3/SSL_set1_initial_peer_addr.3 | 2 +- .../libcrypto/man/man3/SSL_set1_server_cert_type.3 | 2 +- .../libcrypto/man/man3/SSL_set_async_callback.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_set_bio.3 | 2 +- .../lib/libcrypto/man/man3/SSL_set_blocking_mode.3 | 2 +- .../lib/libcrypto/man/man3/SSL_set_connect_state.3 | 2 +- .../man/man3/SSL_set_default_stream_mode.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_set_fd.3 | 2 +- .../man/man3/SSL_set_incoming_stream_policy.3 | 2 +- .../lib/libcrypto/man/man3/SSL_set_quic_tls_cbs.3 | 2 +- .../lib/libcrypto/man/man3/SSL_set_retry_verify.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_set_session.3 | 2 +- .../libcrypto/man/man3/SSL_set_session_secret_cb.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_set_shutdown.3 | 2 +- .../lib/libcrypto/man/man3/SSL_set_verify_result.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_shutdown.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_state_string.3 | 2 +- .../lib/libcrypto/man/man3/SSL_stream_conclude.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_stream_reset.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_want.3 | 2 +- secure/lib/libcrypto/man/man3/SSL_write.3 | 2 +- secure/lib/libcrypto/man/man3/TS_RESP_CTX_new.3 | 2 +- secure/lib/libcrypto/man/man3/TS_VERIFY_CTX.3 | 2 +- secure/lib/libcrypto/man/man3/UI_STRING.3 | 2 +- secure/lib/libcrypto/man/man3/UI_UTIL_read_pw.3 | 2 +- secure/lib/libcrypto/man/man3/UI_create_method.3 | 2 +- secure/lib/libcrypto/man/man3/UI_new.3 | 2 +- secure/lib/libcrypto/man/man3/X509V3_EXT_print.3 | 2 +- secure/lib/libcrypto/man/man3/X509V3_get_d2i.3 | 2 +- secure/lib/libcrypto/man/man3/X509V3_set_ctx.3 | 2 +- .../lib/libcrypto/man/man3/X509_ACERT_add1_attr.3 | 2 +- .../libcrypto/man/man3/X509_ACERT_add_attr_nconf.3 | 2 +- .../man/man3/X509_ACERT_get0_holder_baseCertId.3 | 2 +- .../lib/libcrypto/man/man3/X509_ACERT_get_attr.3 | 2 +- .../lib/libcrypto/man/man3/X509_ACERT_print_ex.3 | 2 +- secure/lib/libcrypto/man/man3/X509_ALGOR_dup.3 | 2 +- secure/lib/libcrypto/man/man3/X509_ATTRIBUTE.3 | 2 +- .../libcrypto/man/man3/X509_CRL_get0_by_serial.3 | 2 +- .../libcrypto/man/man3/X509_EXTENSION_set_object.3 | 2 +- secure/lib/libcrypto/man/man3/X509_LOOKUP.3 | 2 +- .../lib/libcrypto/man/man3/X509_LOOKUP_hash_dir.3 | 2 +- .../lib/libcrypto/man/man3/X509_LOOKUP_meth_new.3 | 2 +- .../man/man3/X509_NAME_ENTRY_get_object.3 | 2 +- .../man/man3/X509_NAME_add_entry_by_txt.3 | 2 +- secure/lib/libcrypto/man/man3/X509_NAME_get0_der.3 | 2 +- .../man/man3/X509_NAME_get_index_by_NID.3 | 2 +- secure/lib/libcrypto/man/man3/X509_NAME_print_ex.3 | 2 +- secure/lib/libcrypto/man/man3/X509_PUBKEY_new.3 | 2 +- secure/lib/libcrypto/man/man3/X509_REQ_get_attr.3 | 2 +- .../libcrypto/man/man3/X509_REQ_get_extensions.3 | 2 +- secure/lib/libcrypto/man/man3/X509_SIG_get0.3 | 2 +- .../man/man3/X509_STORE_CTX_get_by_subject.3 | 2 +- .../libcrypto/man/man3/X509_STORE_CTX_get_error.3 | 2 +- secure/lib/libcrypto/man/man3/X509_STORE_CTX_new.3 | 2 +- .../man/man3/X509_STORE_CTX_set_verify_cb.3 | 2 +- .../lib/libcrypto/man/man3/X509_STORE_add_cert.3 | 2 +- .../lib/libcrypto/man/man3/X509_STORE_get0_param.3 | 2 +- secure/lib/libcrypto/man/man3/X509_STORE_new.3 | 2 +- .../man/man3/X509_STORE_set_verify_cb_func.3 | 2 +- .../man/man3/X509_VERIFY_PARAM_set_flags.3 | 2 +- secure/lib/libcrypto/man/man3/X509_add_cert.3 | 2 +- secure/lib/libcrypto/man/man3/X509_check_ca.3 | 2 +- secure/lib/libcrypto/man/man3/X509_check_host.3 | 2 +- secure/lib/libcrypto/man/man3/X509_check_issued.3 | 2 +- .../libcrypto/man/man3/X509_check_private_key.3 | 2 +- secure/lib/libcrypto/man/man3/X509_check_purpose.3 | 2 +- secure/lib/libcrypto/man/man3/X509_cmp.3 | 2 +- secure/lib/libcrypto/man/man3/X509_cmp_time.3 | 2 +- secure/lib/libcrypto/man/man3/X509_digest.3 | 2 +- secure/lib/libcrypto/man/man3/X509_dup.3 | 2 +- .../man/man3/X509_get0_distinguishing_id.3 | 2 +- .../lib/libcrypto/man/man3/X509_get0_notBefore.3 | 2 +- .../lib/libcrypto/man/man3/X509_get0_signature.3 | 2 +- secure/lib/libcrypto/man/man3/X509_get0_uids.3 | 2 +- .../man/man3/X509_get_default_cert_file.3 | 2 +- .../libcrypto/man/man3/X509_get_extension_flags.3 | 2 +- secure/lib/libcrypto/man/man3/X509_get_pubkey.3 | 2 +- .../lib/libcrypto/man/man3/X509_get_serialNumber.3 | 2 +- .../lib/libcrypto/man/man3/X509_get_subject_name.3 | 2 +- secure/lib/libcrypto/man/man3/X509_get_version.3 | 2 +- secure/lib/libcrypto/man/man3/X509_load_http.3 | 2 +- secure/lib/libcrypto/man/man3/X509_new.3 | 2 +- secure/lib/libcrypto/man/man3/X509_sign.3 | 2 +- secure/lib/libcrypto/man/man3/X509_verify.3 | 2 +- secure/lib/libcrypto/man/man3/X509_verify_cert.3 | 2 +- .../lib/libcrypto/man/man3/X509v3_get_ext_by_NID.3 | 2 +- secure/lib/libcrypto/man/man3/b2i_PVK_bio_ex.3 | 2 +- .../libcrypto/man/man3/d2i_PKCS8PrivateKey_bio.3 | 2 +- secure/lib/libcrypto/man/man3/d2i_PrivateKey.3 | 2 +- secure/lib/libcrypto/man/man3/d2i_RSAPrivateKey.3 | 2 +- secure/lib/libcrypto/man/man3/d2i_SSL_SESSION.3 | 2 +- secure/lib/libcrypto/man/man3/d2i_X509.3 | 42 ++++++----- secure/lib/libcrypto/man/man3/i2d_CMS_bio_stream.3 | 2 +- .../lib/libcrypto/man/man3/i2d_PKCS7_bio_stream.3 | 2 +- secure/lib/libcrypto/man/man3/i2d_re_X509_tbs.3 | 2 +- secure/lib/libcrypto/man/man3/o2i_SCT_LIST.3 | 2 +- secure/lib/libcrypto/man/man3/s2i_ASN1_IA5STRING.3 | 2 +- secure/lib/libcrypto/man/man5/config.5 | 2 +- secure/lib/libcrypto/man/man5/fips_config.5 | 2 +- secure/lib/libcrypto/man/man5/x509v3_config.5 | 2 +- .../lib/libcrypto/man/man7/EVP_ASYM_CIPHER-RSA.7 | 2 +- .../lib/libcrypto/man/man7/EVP_ASYM_CIPHER-SM2.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_CIPHER-AES.7 | 8 +- secure/lib/libcrypto/man/man7/EVP_CIPHER-ARIA.7 | 2 +- .../lib/libcrypto/man/man7/EVP_CIPHER-BLOWFISH.7 | 2 +- .../lib/libcrypto/man/man7/EVP_CIPHER-CAMELLIA.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_CIPHER-CAST.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_CIPHER-CHACHA.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_CIPHER-DES.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_CIPHER-IDEA.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_CIPHER-NULL.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_CIPHER-RC2.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_CIPHER-RC4.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_CIPHER-RC5.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_CIPHER-SEED.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_CIPHER-SM4.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-ARGON2.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-HKDF.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-HMAC-DRBG.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-KB.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-KRB5KDF.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-PBKDF1.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-PBKDF2.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-PKCS12KDF.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-PVKKDF.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-SCRYPT.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-SS.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-SSHKDF.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-TLS13_KDF.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-TLS1_PRF.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-X942-ASN1.7 | 2 +- .../lib/libcrypto/man/man7/EVP_KDF-X942-CONCAT.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KDF-X963.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KEM-EC.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KEM-ML-KEM.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KEM-RSA.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KEM-X25519.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KEYEXCH-DH.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KEYEXCH-ECDH.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_KEYEXCH-X25519.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MAC-BLAKE2.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MAC-CMAC.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MAC-GMAC.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MAC-HMAC.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MAC-KMAC.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MAC-Poly1305.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MAC-Siphash.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-BLAKE2.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-KECCAK.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-MD2.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-MD4.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-MD5-SHA1.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-MD5.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-MDC2.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-NULL.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-RIPEMD160.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-SHA1.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-SHA2.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-SHA3.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-SHAKE.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-SM3.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-WHIRLPOOL.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_MD-common.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_PKEY-DH.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_PKEY-DSA.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_PKEY-EC.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_PKEY-FFC.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_PKEY-HMAC.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_PKEY-ML-DSA.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_PKEY-ML-KEM.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_PKEY-RSA.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_PKEY-SLH-DSA.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_PKEY-SM2.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_PKEY-X25519.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_RAND-CRNG-TEST.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_RAND-CTR-DRBG.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_RAND-HASH-DRBG.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_RAND-HMAC-DRBG.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_RAND-JITTER.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_RAND-SEED-SRC.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_RAND-TEST-RAND.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_RAND.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_SIGNATURE-DSA.7 | 2 +- .../lib/libcrypto/man/man7/EVP_SIGNATURE-ECDSA.7 | 2 +- .../lib/libcrypto/man/man7/EVP_SIGNATURE-ED25519.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_SIGNATURE-HMAC.7 | 2 +- .../lib/libcrypto/man/man7/EVP_SIGNATURE-ML-DSA.7 | 2 +- secure/lib/libcrypto/man/man7/EVP_SIGNATURE-RSA.7 | 2 +- .../lib/libcrypto/man/man7/EVP_SIGNATURE-SLH-DSA.7 | 2 +- secure/lib/libcrypto/man/man7/OSSL_PROVIDER-FIPS.7 | 2 +- secure/lib/libcrypto/man/man7/OSSL_PROVIDER-base.7 | 2 +- .../lib/libcrypto/man/man7/OSSL_PROVIDER-default.7 | 2 +- .../lib/libcrypto/man/man7/OSSL_PROVIDER-legacy.7 | 2 +- secure/lib/libcrypto/man/man7/OSSL_PROVIDER-null.7 | 2 +- .../lib/libcrypto/man/man7/OSSL_STORE-winstore.7 | 2 +- secure/lib/libcrypto/man/man7/RAND.7 | 2 +- secure/lib/libcrypto/man/man7/RSA-PSS.7 | 2 +- secure/lib/libcrypto/man/man7/X25519.7 | 2 +- secure/lib/libcrypto/man/man7/bio.7 | 2 +- secure/lib/libcrypto/man/man7/ct.7 | 2 +- secure/lib/libcrypto/man/man7/des_modes.7 | 2 +- secure/lib/libcrypto/man/man7/evp.7 | 2 +- secure/lib/libcrypto/man/man7/fips_module.7 | 2 +- secure/lib/libcrypto/man/man7/life_cycle-cipher.7 | 2 +- secure/lib/libcrypto/man/man7/life_cycle-digest.7 | 2 +- secure/lib/libcrypto/man/man7/life_cycle-kdf.7 | 2 +- secure/lib/libcrypto/man/man7/life_cycle-mac.7 | 2 +- secure/lib/libcrypto/man/man7/life_cycle-pkey.7 | 2 +- secure/lib/libcrypto/man/man7/life_cycle-rand.7 | 2 +- secure/lib/libcrypto/man/man7/openssl-core.h.7 | 2 +- .../libcrypto/man/man7/openssl-core_dispatch.h.7 | 2 +- .../lib/libcrypto/man/man7/openssl-core_names.h.7 | 2 +- secure/lib/libcrypto/man/man7/openssl-env.7 | 4 +- secure/lib/libcrypto/man/man7/openssl-glossary.7 | 2 +- secure/lib/libcrypto/man/man7/openssl-qlog.7 | 2 +- .../libcrypto/man/man7/openssl-quic-concurrency.7 | 2 +- secure/lib/libcrypto/man/man7/openssl-quic.7 | 2 +- secure/lib/libcrypto/man/man7/openssl-threads.7 | 2 +- .../lib/libcrypto/man/man7/openssl_user_macros.7 | 2 +- .../libcrypto/man/man7/ossl-guide-introduction.7 | 2 +- .../man/man7/ossl-guide-libcrypto-introduction.7 | 2 +- .../man/man7/ossl-guide-libraries-introduction.7 | 2 +- .../man/man7/ossl-guide-libssl-introduction.7 | 2 +- .../lib/libcrypto/man/man7/ossl-guide-migration.7 | 2 +- .../man/man7/ossl-guide-quic-client-block.7 | 2 +- .../man/man7/ossl-guide-quic-client-non-block.7 | 2 +- .../man/man7/ossl-guide-quic-introduction.7 | 2 +- .../man/man7/ossl-guide-quic-multi-stream.7 | 2 +- .../man/man7/ossl-guide-quic-server-block.7 | 2 +- .../man/man7/ossl-guide-quic-server-non-block.7 | 2 +- .../man/man7/ossl-guide-tls-client-block.7 | 2 +- .../man/man7/ossl-guide-tls-client-non-block.7 | 2 +- .../man/man7/ossl-guide-tls-introduction.7 | 2 +- .../man/man7/ossl-guide-tls-server-block.7 | 2 +- secure/lib/libcrypto/man/man7/ossl_store-file.7 | 2 +- secure/lib/libcrypto/man/man7/ossl_store.7 | 2 +- .../lib/libcrypto/man/man7/passphrase-encoding.7 | 2 +- secure/lib/libcrypto/man/man7/property.7 | 2 +- .../lib/libcrypto/man/man7/provider-asym_cipher.7 | 8 +- secure/lib/libcrypto/man/man7/provider-base.7 | 2 +- secure/lib/libcrypto/man/man7/provider-cipher.7 | 2 +- secure/lib/libcrypto/man/man7/provider-decoder.7 | 2 +- secure/lib/libcrypto/man/man7/provider-digest.7 | 2 +- secure/lib/libcrypto/man/man7/provider-encoder.7 | 2 +- secure/lib/libcrypto/man/man7/provider-kdf.7 | 2 +- secure/lib/libcrypto/man/man7/provider-kem.7 | 2 +- secure/lib/libcrypto/man/man7/provider-keyexch.7 | 2 +- secure/lib/libcrypto/man/man7/provider-keymgmt.7 | 2 +- secure/lib/libcrypto/man/man7/provider-mac.7 | 2 +- secure/lib/libcrypto/man/man7/provider-object.7 | 2 +- secure/lib/libcrypto/man/man7/provider-rand.7 | 2 +- secure/lib/libcrypto/man/man7/provider-signature.7 | 5 +- secure/lib/libcrypto/man/man7/provider-skeymgmt.7 | 2 +- secure/lib/libcrypto/man/man7/provider-storemgmt.7 | 2 +- secure/lib/libcrypto/man/man7/provider.7 | 2 +- secure/lib/libcrypto/man/man7/proxy-certificates.7 | 2 +- secure/lib/libcrypto/man/man7/x509.7 | 2 +- secure/usr.bin/openssl/man/CA.pl.1 | 2 +- secure/usr.bin/openssl/man/openssl-asn1parse.1 | 2 +- secure/usr.bin/openssl/man/openssl-ca.1 | 2 +- secure/usr.bin/openssl/man/openssl-ciphers.1 | 2 +- secure/usr.bin/openssl/man/openssl-cmds.1 | 2 +- secure/usr.bin/openssl/man/openssl-cmp.1 | 2 +- secure/usr.bin/openssl/man/openssl-cms.1 | 2 +- secure/usr.bin/openssl/man/openssl-crl.1 | 2 +- secure/usr.bin/openssl/man/openssl-crl2pkcs7.1 | 2 +- secure/usr.bin/openssl/man/openssl-dgst.1 | 2 +- secure/usr.bin/openssl/man/openssl-dhparam.1 | 2 +- secure/usr.bin/openssl/man/openssl-dsa.1 | 2 +- secure/usr.bin/openssl/man/openssl-dsaparam.1 | 2 +- secure/usr.bin/openssl/man/openssl-ec.1 | 2 +- secure/usr.bin/openssl/man/openssl-ecparam.1 | 2 +- secure/usr.bin/openssl/man/openssl-enc.1 | 2 +- secure/usr.bin/openssl/man/openssl-engine.1 | 2 +- secure/usr.bin/openssl/man/openssl-errstr.1 | 2 +- secure/usr.bin/openssl/man/openssl-fipsinstall.1 | 2 +- .../usr.bin/openssl/man/openssl-format-options.1 | 6 +- secure/usr.bin/openssl/man/openssl-gendsa.1 | 2 +- secure/usr.bin/openssl/man/openssl-genpkey.1 | 2 +- secure/usr.bin/openssl/man/openssl-genrsa.1 | 2 +- secure/usr.bin/openssl/man/openssl-info.1 | 2 +- secure/usr.bin/openssl/man/openssl-kdf.1 | 2 +- secure/usr.bin/openssl/man/openssl-list.1 | 2 +- secure/usr.bin/openssl/man/openssl-mac.1 | 2 +- .../openssl/man/openssl-namedisplay-options.1 | 2 +- secure/usr.bin/openssl/man/openssl-nseq.1 | 2 +- secure/usr.bin/openssl/man/openssl-ocsp.1 | 2 +- .../openssl/man/openssl-passphrase-options.1 | 2 +- secure/usr.bin/openssl/man/openssl-passwd.1 | 2 +- secure/usr.bin/openssl/man/openssl-pkcs12.1 | 2 +- secure/usr.bin/openssl/man/openssl-pkcs7.1 | 2 +- secure/usr.bin/openssl/man/openssl-pkcs8.1 | 6 +- secure/usr.bin/openssl/man/openssl-pkey.1 | 2 +- secure/usr.bin/openssl/man/openssl-pkeyparam.1 | 2 +- secure/usr.bin/openssl/man/openssl-pkeyutl.1 | 2 +- secure/usr.bin/openssl/man/openssl-prime.1 | 2 +- secure/usr.bin/openssl/man/openssl-rand.1 | 2 +- secure/usr.bin/openssl/man/openssl-rehash.1 | 8 +- secure/usr.bin/openssl/man/openssl-req.1 | 2 +- secure/usr.bin/openssl/man/openssl-rsa.1 | 2 +- secure/usr.bin/openssl/man/openssl-rsautl.1 | 2 +- secure/usr.bin/openssl/man/openssl-s_client.1 | 13 ++-- secure/usr.bin/openssl/man/openssl-s_server.1 | 21 +++++- secure/usr.bin/openssl/man/openssl-s_time.1 | 2 +- secure/usr.bin/openssl/man/openssl-sess_id.1 | 2 +- secure/usr.bin/openssl/man/openssl-skeyutl.1 | 2 +- secure/usr.bin/openssl/man/openssl-smime.1 | 9 ++- secure/usr.bin/openssl/man/openssl-speed.1 | 2 +- secure/usr.bin/openssl/man/openssl-spkac.1 | 2 +- secure/usr.bin/openssl/man/openssl-srp.1 | 2 +- secure/usr.bin/openssl/man/openssl-storeutl.1 | 2 +- secure/usr.bin/openssl/man/openssl-ts.1 | 2 +- .../openssl/man/openssl-verification-options.1 | 2 +- secure/usr.bin/openssl/man/openssl-verify.1 | 2 +- secure/usr.bin/openssl/man/openssl-version.1 | 2 +- secure/usr.bin/openssl/man/openssl-x509.1 | 2 +- secure/usr.bin/openssl/man/openssl.1 | 2 +- secure/usr.bin/openssl/man/tsget.1 | 2 +- sys/crypto/openssl/powerpc/chachap10-ppc.S | 50 +++++++++++- sys/crypto/openssl/powerpc64/chachap10-ppc.S | 50 +++++++++++- sys/crypto/openssl/powerpc64le/chachap10-ppc.S | 50 +++++++++++- 907 files changed, 1275 insertions(+), 997 deletions(-) diff --git a/crypto/openssl/exporters/libcrypto.pc b/crypto/openssl/exporters/libcrypto.pc index 339c799132d7..5de2da926e31 100644 --- a/crypto/openssl/exporters/libcrypto.pc +++ b/crypto/openssl/exporters/libcrypto.pc @@ -8,7 +8,7 @@ modulesdir=${libdir}/ossl-modules Name: OpenSSL-libcrypto Description: OpenSSL cryptography library -Version: 3.5.6 +Version: 3.5.7 Libs: -L${libdir} -lcrypto Libs.private: -pthread Cflags: -I${includedir} diff --git a/crypto/openssl/exporters/libssl.pc b/crypto/openssl/exporters/libssl.pc index e5fce192a971..c17f64684c24 100644 --- a/crypto/openssl/exporters/libssl.pc +++ b/crypto/openssl/exporters/libssl.pc @@ -6,7 +6,7 @@ includedir=${prefix}/include Name: OpenSSL-libssl Description: Secure Sockets Layer and cryptography libraries -Version: 3.5.6 +Version: 3.5.7 Requires.private: libcrypto Libs: -L${libdir} -lssl Cflags: -I${includedir} diff --git a/crypto/openssl/exporters/openssl.pc b/crypto/openssl/exporters/openssl.pc index 4e0aed6e9db3..d750cdce693e 100644 --- a/crypto/openssl/exporters/openssl.pc +++ b/crypto/openssl/exporters/openssl.pc @@ -6,5 +6,5 @@ includedir=${prefix}/include Name: OpenSSL Description: Secure Sockets Layer and cryptography libraries and tools -Version: 3.5.6 +Version: 3.5.7 Requires: libssl libcrypto diff --git a/crypto/openssl/include/openssl/opensslv.h b/crypto/openssl/include/openssl/opensslv.h index 299ba102298f..8e9329bcc0dd 100644 --- a/crypto/openssl/include/openssl/opensslv.h +++ b/crypto/openssl/include/openssl/opensslv.h @@ -34,7 +34,7 @@ extern "C" { # define OPENSSL_VERSION_MINOR 5 /* clang-format on */ /* clang-format off */ -# define OPENSSL_VERSION_PATCH 6 +# define OPENSSL_VERSION_PATCH 7 /* clang-format on */ /* @@ -87,10 +87,10 @@ extern "C" { * OPENSSL_VERSION_BUILD_METADATA_STR appended. */ /* clang-format off */ -# define OPENSSL_VERSION_STR "3.5.6" +# define OPENSSL_VERSION_STR "3.5.7" /* clang-format on */ /* clang-format off */ -# define OPENSSL_FULL_VERSION_STR "3.5.6" +# define OPENSSL_FULL_VERSION_STR "3.5.7" /* clang-format on */ /* *** 12682 LINES SKIPPED *** From nobody Wed Jun 10 15:33:05 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb8tc0rfTz6gfNM for ; Wed, 10 Jun 2026 15:33:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb8tZ6gpxz3cYx for ; Wed, 10 Jun 2026 15:33:10 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781105590; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bnbz12pcKDLzsKN1u9t3RoTfhlelU6vrRi1n+CGTvrE=; b=c3zpJRduVdvlSNJN/4vr7ZAwJA699bItWsYPzP9/V9hQFhH/M0yqTkw2Hnv5Gelt6KEShq dSEYxaEEdMeSj/PGFLOzV99O7lixoTlFMIE8G+Dd5QIkl7CSaUD5r4JNeFN6WZJt+HrspR /M2nxhZoELsLwA53m931PRP+oQKVu8onx3pU7M4NgyiSqD8tqigSGJfrHUHjqRWySinQQ+ rEoreWyfnaC2rutZDdYCMcT6AtkkPGwKf1rKQAEUn+B5I8PT3xl0PRfzoMMC3ods276Nnm sGNd2bO/rYCKvHI5+0QZ4dKi68Htmhg/FlJHO4pvCqnMVHpcQ9Nq5/NhhtwgXw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781105590; a=rsa-sha256; cv=none; b=xwo/E5pOW7Q0ua7/oOmN21lR7/U46QeMCTzm2u0FY2z3X3gfNA5nwjABOW0zKjP82dgU9B oVXfP1NXoi5G/fDH0a0dHUuODy5udOxUvV8VOpWLz1xeNuWBLEMsPEyV1BID/y9wUpAb/B x2LfyJdKz69FN6thNZLiExDkznkOqGid4jivrh4LQGVpccIqdgZxGd+Y6QmJxfdzrq5OpD dgp3DODHrNBsWrdggHjtbl1ce8zSWB3pyRHFas8jWmLeJLFEbsWqsWWVBUo9bKsIUZOqIc e45MdVy3hMVRce+IS0y/DJt1d5T3wF7mLkwuxFnjdUnzXnCebkIA0LRlOPfgyA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781105590; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=bnbz12pcKDLzsKN1u9t3RoTfhlelU6vrRi1n+CGTvrE=; b=hdWqK9LCAgn75idnYqwXVGvDRyUdMxT6Zuub9Kb50hacrTNzgkb3r4hToo8+V/vuSLaOPM P6tqOHKxJrxzxnfYhGFkBYUX5yZY3oDRbH/71k0PmH+0BHRnc7t+b2UmFQz3JHO6WeX9uj YZ8gTH0eflZdhIdKCh6mabIHiU6E+PSS4cD0BLUkTNSsbVJSQPITWu6Xz6K1zKq15rtVSW QcucbzYcYAviQ/Um4JwRoWsugSzEkWC6ErQ5QcZ13iyB32Jd2x4HrQVB1/+miJ5qe1TIC/ HKdSTtRXuEb7k442dcoAw+RIs6Wvw+KLotzxT6FT1Qnc7yz9jnJEbrVldZ895Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb8tZ6Fxxz1Pp0 for ; Wed, 10 Jun 2026 15:33:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 312c6 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 15:33:05 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Enji Cooper Subject: git: 1523ccfd9c8c - main - MFV: openssl 3.5.7 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ngie X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 1523ccfd9c8c254f7928143d31c305384b05fd11 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 15:33:05 +0000 Message-Id: <6a2983b1.312c6.27c0ff6b@gitrepo.freebsd.org> The branch main has been updated by ngie: URL: https://cgit.FreeBSD.org/src/commit/?id=1523ccfd9c8c254f7928143d31c305384b05fd11 commit 1523ccfd9c8c254f7928143d31c305384b05fd11 Merge: 4bdcff554368 3a71a35ad9da Author: Enji Cooper AuthorDate: 2026-06-10 15:25:28 +0000 Commit: Enji Cooper CommitDate: 2026-06-10 15:31:07 +0000 MFV: openssl 3.5.7 This change is a security release which resolves several issues with OpenSSL 3.5, the highest severity issue being ranked "High". Users are strongly encouraged to update to this release. More information about the release (from a high level) can be found in the release notes [1]. 1. https://github.com/openssl/openssl/blob/openssl-3.5.7/NEWS.md All conflicts were resolved with `--theirs`, taking the release diff over the local diff; the conflicts occurred due to preemptive security fixes applied by so@ in e508c343. MFC after: 3 days (the important security issues have been preemptively addressed) Merge commit '3a71a35ad9dad0e5d2cad8efecc8ba9d57c42d43' Conflicts: crypto/openssl/include/internal/quic_channel.h crypto/openssl/ssl/quic/quic_channel_local.h crypto/openssl/ssl/quic/quic_rx_depack.c crypto/openssl/test/cmsapitest.c crypto/openssl/test/evp_extra_test.c crypto/openssl/CHANGES.md | 316 + crypto/openssl/Configurations/README.md | 2 +- crypto/openssl/Configure | 25 +- crypto/openssl/NEWS.md | 72 +- crypto/openssl/VERSION.dat | 4 +- crypto/openssl/apps/enc.c | 4 +- crypto/openssl/apps/lib/apps.c | 15 +- crypto/openssl/apps/lib/cmp_mock_srv.c | 4 +- crypto/openssl/apps/list.c | 5 +- crypto/openssl/apps/s_client.c | 14 +- crypto/openssl/apps/skeyutl.c | 4 +- crypto/openssl/apps/speed.c | 7 +- crypto/openssl/apps/testdsa.h | 1476 +-- crypto/openssl/apps/testrsa.h | 4916 +--------- crypto/openssl/crypto/aes/asm/aesfx-sparcv9.pl | 17 +- crypto/openssl/crypto/asn1/a_d2i_fp.c | 66 +- crypto/openssl/crypto/asn1/a_mbstr.c | 2 +- crypto/openssl/crypto/asn1/asn1_lib.c | 4 +- crypto/openssl/crypto/asn1/asn_mime.c | 16 +- crypto/openssl/crypto/asn1/tasn_dec.c | 2 +- crypto/openssl/crypto/bio/bss_dgram.c | 4 +- crypto/openssl/crypto/bio/bss_dgram_pair.c | 3 +- crypto/openssl/crypto/bn/bn_const.c | 249 +- crypto/openssl/crypto/bn/bn_mod.c | 14 +- crypto/openssl/crypto/cast/cast_s.h | 2306 +---- crypto/openssl/crypto/chacha/asm/chachap10-ppc.pl | 50 +- crypto/openssl/crypto/cmp/cmp_genm.c | 13 +- crypto/openssl/crypto/cms/cms_enc.c | 2 +- crypto/openssl/crypto/cms/cms_env.c | 2 +- crypto/openssl/crypto/cms/cms_pwri.c | 2 +- crypto/openssl/crypto/crmf/crmf_lib.c | 2 +- crypto/openssl/crypto/des/fcrypt.c | 143 +- crypto/openssl/crypto/dso/dso_win32.c | 4 +- crypto/openssl/crypto/ec/curve448/scalar.c | 3 +- crypto/openssl/crypto/ec/curve448/word.h | 9 +- crypto/openssl/crypto/ec/ec_curve.c | 236 +- crypto/openssl/crypto/ec/ec_lib.c | 3 +- crypto/openssl/crypto/ec/ecp_s390x_nistp.c | 36 +- crypto/openssl/crypto/ec/ecp_sm2p256.c | 7 +- crypto/openssl/crypto/evp/asymcipher.c | 4 +- crypto/openssl/crypto/evp/e_aes.c | 2 +- crypto/openssl/crypto/evp/encode.c | 282 +- crypto/openssl/crypto/evp/evp_lib.c | 2 +- crypto/openssl/crypto/evp/kem.c | 2 + crypto/openssl/crypto/evp/m_sigver.c | 4 +- crypto/openssl/crypto/evp/signature.c | 2 + crypto/openssl/crypto/ffc/ffc_params.c | 10 +- crypto/openssl/crypto/hashtable/hashtable.c | 55 +- crypto/openssl/crypto/hpke/hpke_util.c | 7 +- crypto/openssl/crypto/http/http_client.c | 28 +- crypto/openssl/crypto/http/http_lib.c | 3 + crypto/openssl/crypto/initthread.c | 30 +- crypto/openssl/crypto/md2/md2_dgst.c | 284 +- crypto/openssl/crypto/ml_dsa/ml_dsa_key.c | 4 +- crypto/openssl/crypto/modes/wrap128.c | 15 +- crypto/openssl/crypto/objects/obj_dat.c | 6 +- crypto/openssl/crypto/objects/obj_lib.c | 4 +- crypto/openssl/crypto/param_build.c | 6 +- crypto/openssl/crypto/param_build_set.c | 7 +- crypto/openssl/crypto/pkcs12/p12_decr.c | 2 +- crypto/openssl/crypto/pkcs7/pk7_smime.c | 2 +- crypto/openssl/crypto/rc2/rc2_skey.c | 284 +- crypto/openssl/crypto/slh_dsa/slh_dsa_key.c | 5 +- crypto/openssl/crypto/sm2/sm2_crypt.c | 17 +- crypto/openssl/crypto/sm2/sm2_sign.c | 7 +- crypto/openssl/crypto/threads_none.c | 30 +- crypto/openssl/crypto/threads_pthread.c | 36 +- crypto/openssl/crypto/threads_win.c | 36 +- crypto/openssl/crypto/x509/v3_ist.c | 6 +- crypto/openssl/demos/cipher/aeskeywrap.c | 100 +- crypto/openssl/demos/cipher/ariacbc.c | 20 +- crypto/openssl/demos/digest/EVP_MD_demo.c | 73 +- crypto/openssl/demos/encrypt/rsa_encrypt.h | 1638 +--- crypto/openssl/demos/mac/cmac-aes256.c | 56 +- crypto/openssl/demos/mac/hmac-sha512.c | 144 +- .../demos/signature/EVP_EC_Signature_demo.h | 772 +- crypto/openssl/doc/fingerprints.txt | 3 + .../doc/internal/man3/ossl_rcu_lock_new.pod | 86 +- crypto/openssl/doc/man1/openssl-format-options.pod | 4 +- crypto/openssl/doc/man1/openssl-pkcs8.pod.in | 4 +- crypto/openssl/doc/man1/openssl-rehash.pod.in | 6 +- crypto/openssl/doc/man1/openssl-s_client.pod.in | 11 +- crypto/openssl/doc/man1/openssl-s_server.pod.in | 19 +- crypto/openssl/doc/man1/openssl-smime.pod.in | 7 +- crypto/openssl/doc/man3/BIO_s_bio.pod | 83 +- crypto/openssl/doc/man3/BN_add.pod | 8 +- crypto/openssl/doc/man3/CMS_decrypt.pod | 2 +- crypto/openssl/doc/man3/EVP_EncryptInit.pod | 3 +- crypto/openssl/doc/man3/OSSL_HTTP_REQ_CTX.pod | 6 +- crypto/openssl/doc/man3/OSSL_HTTP_parse_url.pod | 18 +- crypto/openssl/doc/man3/OSSL_HTTP_transfer.pod | 5 +- crypto/openssl/doc/man3/PKCS7_decrypt.pod | 5 +- .../doc/man3/SSL_CTX_set_session_cache_mode.pod | 6 +- .../doc/man3/SSL_CTX_set_session_id_context.pod | 28 +- .../SSL_CTX_set_tlsext_servername_callback.pod | 8 +- crypto/openssl/doc/man3/d2i_X509.pod | 40 +- crypto/openssl/doc/man7/EVP_CIPHER-AES.pod | 6 +- crypto/openssl/doc/man7/openssl-env.pod | 2 + crypto/openssl/doc/man7/provider-asym_cipher.pod | 6 +- crypto/openssl/doc/man7/provider-signature.pod | 3 +- crypto/openssl/fuzz/dtlsserver.c | 3407 +------ crypto/openssl/fuzz/server.c | 2213 +---- crypto/openssl/include/crypto/riscv_arch.h | 4 +- crypto/openssl/include/internal/cryptlib.h | 4 +- crypto/openssl/include/internal/quic_cfq.h | 2 +- crypto/openssl/include/internal/quic_channel.h | 8 +- crypto/openssl/include/internal/quic_fifd.h | 2 +- crypto/openssl/include/internal/quic_stream_map.h | 5 +- crypto/openssl/include/internal/rcu.h | 9 +- crypto/openssl/include/openssl/bn.h | 6 +- crypto/openssl/include/openssl/ssl.h.in | 4 +- crypto/openssl/include/openssl/x509_acert.h.in | 10 +- crypto/openssl/providers/defltprov.c | 10 +- crypto/openssl/providers/fips-sources.checksums | 66 +- crypto/openssl/providers/fips.checksum | 2 +- crypto/openssl/providers/fips.module.sources | 2 +- crypto/openssl/providers/fips/self_test_data.inc | 203 +- .../ciphers/cipher_aes_gcm_hw_rv64i.inc | 7 +- .../ciphers/cipher_aes_gcm_siv_hw.c | 2 +- .../implementations/ciphers/cipher_aes_siv.c | 2 +- .../implementations/encode_decode/ml_dsa_codecs.c | 308 +- .../implementations/encode_decode/ml_dsa_codecs.h | 12 +- .../implementations/encode_decode/ml_kem_codecs.h | 12 +- .../providers/implementations/exchange/dh_exch.c | 2 +- .../implementations/include/prov/implementations.h | 4 +- .../providers/implementations/keymgmt/ecx_kmgmt.c | 46 +- .../implementations/keymgmt/ml_kem_kmgmt.c | 8 +- .../providers/implementations/keymgmt/mlx_kmgmt.c | 13 +- .../providers/implementations/macs/poly1305_prov.c | 8 +- .../providers/implementations/signature/rsa_sig.c | 21 +- .../implementations/signature/slh_dsa_sig.c | 7 +- crypto/openssl/ssl/quic/quic_ackm.c | 4 +- crypto/openssl/ssl/quic/quic_cfq.c | 2 +- crypto/openssl/ssl/quic/quic_channel.c | 18 +- crypto/openssl/ssl/quic/quic_channel_local.h | 4 + crypto/openssl/ssl/quic/quic_fifd.c | 2 +- crypto/openssl/ssl/quic/quic_impl.c | 20 +- crypto/openssl/ssl/quic/quic_port.c | 36 +- crypto/openssl/ssl/quic/quic_record_rx.c | 10 +- crypto/openssl/ssl/quic/quic_record_shared.c | 103 +- crypto/openssl/ssl/quic/quic_record_tx.c | 62 +- crypto/openssl/ssl/quic/quic_rx_depack.c | 12 + crypto/openssl/ssl/quic/quic_stream_map.c | 7 + crypto/openssl/ssl/quic/quic_txp.c | 2 +- crypto/openssl/ssl/quic/uint_set.c | 1 + crypto/openssl/ssl/record/methods/ktls_meth.c | 22 +- crypto/openssl/ssl/record/methods/tls_common.c | 26 +- crypto/openssl/ssl/ssl_ciph.c | 6 +- crypto/openssl/ssl/ssl_rsa.c | 6 +- crypto/openssl/ssl/statem/extensions_cust.c | 5 +- crypto/openssl/ssl/statem/extensions_srvr.c | 17 +- crypto/openssl/ssl/statem/statem.c | 28 +- crypto/openssl/ssl/statem/statem_clnt.c | 8 +- crypto/openssl/ssl/statem/statem_lib.c | 40 +- crypto/openssl/ssl/statem/statem_srvr.c | 15 +- crypto/openssl/ssl/t1_lib.c | 35 +- crypto/openssl/ssl/t1_trce.c | 43 +- crypto/openssl/test/asn1_decode_test.c | 32 +- crypto/openssl/test/bad_dtls_test.c | 193 +- crypto/openssl/test/bio_tfo_test.c | 16 +- crypto/openssl/test/build.info | 7 + crypto/openssl/test/chacha_internal_test.c | 82 +- crypto/openssl/test/cipherlist_test.c | 57 +- .../openssl/test/cms-msg/make_missing_kdf_der.py | 137 + crypto/openssl/test/cms-msg/missing-kdf.der | Bin 0 -> 190 bytes crypto/openssl/test/cmsapitest.c | 188 + crypto/openssl/test/destest.c | 118 +- crypto/openssl/test/dsatest.c | 188 +- crypto/openssl/test/ectest.c | 511 +- crypto/openssl/test/endecode_test.c | 35 +- crypto/openssl/test/enginetest.c | 13 +- crypto/openssl/test/evp_extra_test.c | 451 +- crypto/openssl/test/evp_extra_test2.c | 2438 +---- crypto/openssl/test/evp_kdf_test.c | 420 +- crypto/openssl/test/evp_libctx_test.c | 180 +- crypto/openssl/test/evp_pkey_provided_test.c | 81 +- crypto/openssl/test/evp_skey_test.c | 20 +- crypto/openssl/test/helpers/predefined_dhparams.c | 525 +- crypto/openssl/test/hpke_test.c | 146 +- crypto/openssl/test/http_test.c | 62 + crypto/openssl/test/ideatest.c | 20 +- crypto/openssl/test/ml_kem_evp_extra_test.c | 77 +- crypto/openssl/test/param_build_test.c | 12 +- crypto/openssl/test/pbetest.c | 101 +- crypto/openssl/test/pkcs12_format_test.c | 3105 +----- crypto/openssl/test/quic_record_test.c | 9871 +++----------------- crypto/openssl/test/quic_txp_test.c | 20 +- crypto/openssl/test/quic_wire_test.c | 18 +- crypto/openssl/test/quicapitest.c | 150 + crypto/openssl/test/radix/quic_tests.c | 193 +- crypto/openssl/test/radix/terp.c | 4 +- crypto/openssl/test/recipes/70-test_tls13ticket.t | 26 + crypto/openssl/test/recipes/80-test_cms.t | 38 +- crypto/openssl/test/siphash_internal_test.c | 1922 +--- .../test/smime-eml/pkcs7-empty-digest-set.eml | 45 + crypto/openssl/test/sslapitest.c | 452 +- crypto/openssl/test/stack_test.c | 64 +- crypto/openssl/test/threadstest.c | 11 +- crypto/openssl/test/tls13tickettest.c | 157 + crypto/openssl/test/x509_test.c | 18 +- crypto/openssl/util/missingcrypto.txt | 4 - crypto/openssl/util/missingcrypto111.txt | 4 - 202 files changed, 7952 insertions(+), 35616 deletions(-) diff --cc crypto/openssl/crypto/aes/asm/aesfx-sparcv9.pl index 27233d03af7b,372778e424e7..372778e424e7 mode 100755,100644..100755 --- a/crypto/openssl/crypto/aes/asm/aesfx-sparcv9.pl +++ b/crypto/openssl/crypto/aes/asm/aesfx-sparcv9.pl diff --cc crypto/openssl/test/cms-msg/make_missing_kdf_der.py index 000000000000,5b3fc0f6eeda..5b3fc0f6eeda mode 000000,100755..100755 --- a/crypto/openssl/test/cms-msg/make_missing_kdf_der.py +++ b/crypto/openssl/test/cms-msg/make_missing_kdf_der.py diff --cc crypto/openssl/test/cms-msg/missing-kdf.der index 000000000000,3db602e47c23..3db602e47c23 mode 000000,100644..100644 Binary files differ diff --cc crypto/openssl/test/recipes/70-test_tls13ticket.t index 000000000000,0fb782bd0d84..0fb782bd0d84 mode 000000,100644..100644 --- a/crypto/openssl/test/recipes/70-test_tls13ticket.t +++ b/crypto/openssl/test/recipes/70-test_tls13ticket.t diff --cc crypto/openssl/test/smime-eml/pkcs7-empty-digest-set.eml index 000000000000,a6db2c38adfa..a6db2c38adfa mode 000000,100644..100644 --- a/crypto/openssl/test/smime-eml/pkcs7-empty-digest-set.eml +++ b/crypto/openssl/test/smime-eml/pkcs7-empty-digest-set.eml diff --cc crypto/openssl/test/tls13tickettest.c index 000000000000,9470f4169633..9470f4169633 mode 000000,100644..100644 --- a/crypto/openssl/test/tls13tickettest.c +++ b/crypto/openssl/test/tls13tickettest.c From nobody Wed Jun 10 15:45:58 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gb99R3T7Lz6gft0 for ; Wed, 10 Jun 2026 15:46:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gb99R2vcLz3fJB for ; Wed, 10 Jun 2026 15:46:03 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781106363; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cBb+Wfa0iUdRFDu7+b8/wzT2fAvmblO7BhnTbjhTJqc=; b=hpSpOW/tqwOht0XasSRVJoj9b6op8fmkklMMVcYLj/neWNncyxOmGbDbSrg3x3NRIwvE0p qjC7Yu8kGKXgDYD8wGkc28ueD7o4Ym0Nax4mRZJ8YUnG/nmN2nmhehIE0Tw8tj7wT+cyoR 4kvQVRFHVhG6KHH9DRIjGYfAmTcOohwwNF/cwo4oNNTvZKjJOzdr3inNkpQLytvmbfQcVs 51VWQxfY7VvJ4S5/u3OytwAd5iINkHNUd1R52t+kfHBQ9v3XVzCy429x9uNKKg/v0PyXMn 0JgKmC97BczgXeKrhV12KhCOe+0BdhrsnWK+dRlkE8aVTvBywSqPwsfW/yE0BA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781106363; a=rsa-sha256; cv=none; b=fqe3FTicDprN9YLEmo1QWJl0LnCAZgutMsEEYWQg7d2t8la0raObdUNZlLaxUZFAaLK+Zz 4XoiLMra7y4ZijZq1V7pWpYDB4UKg64FsehDkQ8QoVaTt/su7kUoO4EBC70ggmi7YbLkm2 VfukoMoj15GYgCypNA+wWPK+TGRDn5cvshssHBYEHuvO5juDi8x5jJFuJvujciD6SMwOj2 ubwfmrI01a0Pwl2gomSWAqwLr3Q9EwmL0mtTPvQISOQTUhOO1WQqPz8qtMfs1eEcbTyA1x liU5hmNs0aCClXeN+5NSC2O1/a4loFvLA2x2XRFRp8tJ3he8oBQqYA30/e+HIQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1781106363; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cBb+Wfa0iUdRFDu7+b8/wzT2fAvmblO7BhnTbjhTJqc=; b=Y4T8LeJLzBhbxFlNoF3XKJ87QgtOsgt0h4kK9puu1LQ/01JGvg4GO7hcKvpSHtc2z3rQfR BHneeNC/BBpV15D19Pmrcmv+yCk1G39/ryDDhIBNeTzHdeMr1/pha5DQGrk405b/td1TPT UtWqhw/tsHHskQ77L3Q8HQ2bR9aQV50YqBynahwjLEAXii+RCnnV4buTP+V2+8GYbqy/rm J8F010ZQ6vixDsyq2eEULzJ81KNU+V1j42JbrXcNZhCaUUu4ucNj60+t3YabIHgZWgLGZ2 vAOU0pAk+vt39mJyY3lhTeGCDzjYjo3gQrbJh5pKqxM8Zf/kSSXpLIKZzvLEYg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gb99R2WDvz1Q3h for ; Wed, 10 Jun 2026 15:46:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 3112e by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 10 Jun 2026 15:45:58 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Ed Maste Subject: git: 6365c45d951d - main - elf_common: Add FDO package metadata note type List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 6365c45d951dd50ca411160b03c3a0427bd54449 Auto-Submitted: auto-generated Date: Wed, 10 Jun 2026 15:45:58 +0000 Message-Id: <6a2986b6.3112e.3f5b47b4@gitrepo.freebsd.org> The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=6365c45d951dd50ca411160b03c3a0427bd54449 commit 6365c45d951dd50ca411160b03c3a0427bd54449 Author: Ed Maste AuthorDate: 2026-06-10 13:21:06 +0000 Commit: Ed Maste CommitDate: 2026-06-10 15:45:34 +0000 elf_common: Add FDO package metadata note type Reviewed by: fuz Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D57525 --- sys/sys/elf_common.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sys/sys/elf_common.h b/sys/sys/elf_common.h index e17b2bfb3afa..32621041cb44 100644 --- a/sys/sys/elf_common.h +++ b/sys/sys/elf_common.h @@ -866,6 +866,9 @@ typedef struct { #define NT_ARM_SVE 0x405 /* ARM SVE registers */ #define NT_ARM_ADDR_MASK 0x406 /* arm64 address mask (e.g. for TBI) */ +/* FDO (freedesktop.org) note types. */ +#define NT_FDO_PACKAGING_METADATA 0xcafe1a7e + /* GNU note types. */ #define NT_GNU_ABI_TAG 1 #define NT_GNU_HWCAP 2