instead of depending on devd and its socket, try to use nlsysevent
instead. This makes powerd independant from devd.
Approved by: des
Reviewed by: des
Differential Revission: https://reviews.freebsd.org/D46972
The libkldelf library was originally a part of kldxref(8). It exposed
ELF parsing helpers specialized in parsing KLDs and the kernel
executable. The library can be used to read metadata such as linker_set,
mod_depend, mod_version and PNP match info, and raw data from the ELF.
To promote the reuse of the facilities the ELF parsing code is separated
from kldxref(8) into a new private library.
kldxref(8) is modified to link against the libkldelf library.
Sponsored by: Juniper Networks, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D46719
These were reported by `mandoc -T lint ...` as errors; this commit only
handles unnecessary .El commands.
The rendered output (in ascii and html) is not affected by this commit.
Signed-off-by: Graham Percival <gperciva@tarsnap.com>
Reviewed by: mhorne
MFC after: 3 days
Sponsored by: Tarsnap Backup Inc.
Pull Request: https://github.com/freebsd/freebsd-src/pull/1447
Print the complete list of url that have failed
PR: 281924
Co-authored-by: Baptiste Daroussin <bapt@FreeBSD.org>
Differential Revision: https://reviews.freebsd.org/D46983
.pkg is the default extension as of commit c244b1d8a3, falling back to
.txz if not found.
PR: 281924
Reviewed by: bapt
Fixes: a2aac2f5e5 ("pkg(7): when bootstrapping first search for pkg.bsd file then pkg.txz")
Fixes: c244b1d8a3 ("pkg: settle the uniq extension to .pkg instead of .bsd")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46977
The function nvme_opc_get_log_page in the file usr.sbin/bhyve/pci_nvme.c
is vulnerable to buffer over-read. The value logoff is user controlled
but never checked against the value of logsize. Thus the difference:
logsize - logoff
can underflow.
Due to the sc structure layout, an attacker can dump internals fields of
sc and the content of next heap allocation.
Reported by: Synacktiv
Reviewed by: emaste, jhb
Security: HYP-07
Sponsored by: Alpha-Omega Project, The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46021
The function hda_codec_command is vulnerable to buffer over-read, the
payload value is extracted from the command and used as an array index
without any validation.
Fortunately, the payload value is capped at 255, so the information
disclosure is limited and only a small part of .rodata of bhyve binary
can be disclosed.
The risk is low because the leaked information is not sensitive. An
attacker may be able to validate the version of the bhyve binary using
this information disclosure (layout of .rodata information, ex:
jmp_tables) before executing an exploit.
Reported by: Synacktiv
Reviewed by: christos, emaste
Security: HYP-13
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46098
The intended value is:
-offset indent
If there's any typo such that the value doesn't match the pre-defined
strings, then the offset is the same width as the value. So by chance,
"-offset -ident" ended up being a standard-width indent (since the
default indent is 6 chars, and "-ident" also has 6 chars), whereas
"-offset -indent" had a longer indent, and "-offset ident" had a shorter
one.
Signed-off-by: Graham Percival <gperciva@tarsnap.com>
Reviewed by: mhorne, Alexander Ziaee <concussious.bugzilla@runbox.com>
MFC after: 3 days
Sponsored by: Tarsnap Backup Inc.
Pull Request: https://github.com/freebsd/freebsd-src/pull/1436
- Place 'static' before other qualifiers (-Wold-style-declaration)
- Correct the order of arguments to calloc (-Wcalloc-transposed-args)
Reported by: GCC 14
Fixes: 1f903953fb bhyve: Add raw tcp to uart backend
In chroot mode tzsetup prepended the chroot path to the symlink target,
which is not correct. Use the same path for the symlink regardless of
chroot mode.
PR: 281332
Reported by: scf, Herbert J. Skuhra
Reviewed by: olce
Fixes: 5e16809c95 ("tzsetup: symlink /etc/localtime instead of co...")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46725
The program copies an input buffer to an output buffer without verifying
that the size of the input buffer is less than the size of the output
buffer, leading to a buffer overflow.
Inside the function pci_vtcon_control_send, the length of the iov buffer
is not validated before copy of the payload.
Reported by: Synacktiv
Reviewed by: markj
Security: HYP-19
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46105
Synchronize the error handling in nfsd. If you check other error
handlings in those same condition blocks, it uses nfsd_exit instead,
which will call killchildren() and call the rpcbind service to do
the service un-mapping.
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D46442
Avoid a race condition when accessing guest memory, by reading memory
contents only once.
This has also been applied to _vq_record() in
sys/dev/beri/virtio/virtio.c, as per markj@'s suggestion.
Reported by: Synacktiv
Reviewed by: markj
Security: HYP-10
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45735
In the function ahci_handle_dsm_trim, if the call to read_prdt fails,
the variable buf[512] is used while it contains uninitialized data.
It is easy to make the call to read_prdt fail, for instance if
hdr->prdtl == NULL, the function will return without writing anything in
buf.
In addition, this code could be hardened by checking the value of done
before accessing &buf[done].
Reported by: Synacktiv
Reviewed by: markj
Security: HYP-15
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46090
This page was getting pulled into `apropos unix` results due to
arguments being on the same line as a name macro in synopsis.
While here, tag spdx, fold a line slightly better, add loader.efi(8)
to see also and fix it's order.
MFC after: 3 days
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1430
Guests must set HDAC_CORBWP less than corb->size. Treat invalid values
as an error rather than entering an infinite loop.
Reported by: Synacktiv
Reviewed by: markj
Security: HYP-12
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46134
This is a follow-up to commit e72d86ad9c ("bhyve: improve input
validation in pci_xhci") -- introducing a helper for slot validation.
Co-authored-by: John Baldwin <jhb@FreeBSD.org>
Reviewed by: markj, emaste
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46696
+ expand see also section with other relevant pages and the handbook
+ tag paths with the path macro so they can be searched with apropos
+ tag spdx, one sentance per line
MFC after: 3 days
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1371
These were reported by `mandoc -T lint` as
ERROR: skipping unknown macro
When these pages were rendered with `man`, the "unknown macro" meant
that the entire line was omitted from the output.
Obvious typos in:
lib/libsys/swapon.2
lib/libsys/procctl.2
share/man/man9/firmware.9
lib/libcasper/services/cap_net/cap_net.3: 'mode' describes a function
argument.
lib/libsys/statfs.2: there's no .Tm command ("trademark?"), and
.Tn ("tradename") is deprecated, so remove the macro entirely.
usr.sbin/mfiutil/mfiutil.8: man was interpreting '/dev/' as a macro
(which it didn't recognize).
share/man/man4/qat.4: same issue as above, but with '0'. In this case,
given the context of the previous line, rewriting as "Value '0'"
seemed more appropriate.
usr.sbin/mlx5tool/mlx5tool.8: typo in .Xr
Signed-off-by: Graham Percival <gperciva@tarsnap.com>
Sponsored by: Tarsnap Backup Inc.
Reviewed by: concussious, imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1417
This handles copying in install-boot.sh and bsdinstall's bootconfig.
install-boot.sh:
make_esp_file now optionally takes extra arguments so it can copy
multiple files. This is used by the amd64 release scripts.
make_esp_device also takes an extra optional argument for efibootname.
This is currently unused, but it can be used in the future to do
something like:
make_esp_device loader.efi bootx64
make_esp_device loader_ia32.efi bootia32
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1098
The change of its description from integer to boolean didn't actually
change it to a boolean, but only made it impossible to set as either
a boolean or an integer.
Rather than make it work as a boolean parameter should, just revert
to the old (working) integer parameter, and change the documentation
to match.
PR: 274263
Reported by: andrew.hotlab at hotmail
Several functions did not validate the slot index resulting in OOB read
on the heap of the slot device structure which could lead to arbitrary
reads/writes and potentially code execution.
Reported by: Synacktiv
Reviewed by: markj (earlier), jhb
Security: CVE-2024-41721
Security: HYP-02
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45996
This can arise if the jail doesn't have networking configured, and if
-ss is specified, syslogd won't listen on port 514 anyway.
Add a regression test case for this as well.
PR: 238006
MFC after: 1 month
This feature is required by OpenStack Nova that needs a serial output
through tcp socket. When enable this feature, a tcp server will be
started and wait for connection on specified port under capsicum's protection.
We only accept one connection at the same time. Other connection try to
connect will fail.
Reviewed by: corvink, markj
MFC after: 2 months
Differential Revision: https://reviews.freebsd.org/D45120
All of the below bugs could result in a system where ctld is not
running, but LUNs and targets still exist in the kernel; a difficult
situation to recover from.
* open the pidfile earlier. Open the pidfile before reading the
kernel's current state, so two racing ctld processes won't step on
each others' toes.
* close the pidfile later. Close it after tearing down the
configuration, for the same reason.
* If the configured pidfile changes, then rename it on SIGHUP rather
than remove and recreate it.
* When running in debug mode, don't close the pidfile while handling a
new connection. Only do that in non-debug mode, in the child of the
fork.
* Register signal handlers earlier. Otherwise a SIGTERM signal received
during startup could kill ctld without tearing down the configuration.
MFC after: 2 weeks
PR: 271460
Sponsored by: Axcient
Reviewed by: mav
Pull Request: https://github.com/freebsd/freebsd-src/pull/1370
This is useful for downstream consumers to add their own kernel config
files in another directory other than the default ones.
Obtained from: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D44538
The "includeoptions" directive can be used to specify an additional
options file to be used.
This is useful in conjunction with the "files" directive for build
environments to be able to add custom files and options.
Add "-v" flag to enable verbose mode. Added some additional error
messages when in verbose mode.
Obtained from: Juniper Networks, Inc.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D39540
This case is hit for the kernel itself on riscv64, and did not used to
be checked. Since the code here can already handle missing Elf_Rel
and/or Elf_Rela just delete the check.
Reviewed by: jhb, imp
Fixes: 0299afdff1 ("kldxref: Make use of libelf to be a portable cross tool")
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D46517
The bhyve VNC server would ignore the SetPixelFormat message from the
VNC client. This change supports a limited implementation to detect
and reorder the colors such as requested from the noVNC client.
PR: 280984
Reviewed by: corvink
Differential Revision: https://reviews.freebsd.org/D46402
MFC after: 3 weeks
Notable upstream pull request merges:
#15892 -multiple Fast Dedup: Introduce the FDT on-disk format and feature flag
#15893 -multiple Fast Dedup: “flat” DDT entry format
#15895 -multiple Fast Dedup: FDT-log feature
#162396be8bf555 zpool: Provide GUID to zpool-reguid(8) with -g
#16277 -multiple Fast Dedup: prune unique entries
#163165807de90a Fix null ptr deref when renaming a zvol with snaps and snapdev=visible
#1634377a797a38 Enable L2 cache of all (MRU+MFU) metadata but MFU data only
#1644683f359245 FreeBSD: fix build without kernel option MAC
#16449963e6c9f3 Fix incorrect error report on vdev attach/replace
#16505b10992582 spa_prop_get: require caller to supply output nvlist
Obtained from: OpenZFS
OpenZFS commit: b109925820
Some exports(5) options take a "=arg" component that provides an
argument value for the option. Others do not.
Without this patch, if "=arg" was provided for an option that did
not take an argument value, the "=arg" was simply ignored.
This could result in confusion w.r.t. what was being exported,
as noted by the Problem Report.
This patch adds a check for "=arg" for the options that do not
take an argument value and fails the exports line if one is found.
PR: 281003
MFC after: 2 weeks
Update the sample ip6addrctl.conf.sample file to match the default
policy, currently based on RFC 6724.
MFC after: 3 days
Signed-off-by: Jose Luis Duran <jlduran@gmail.com>
Reviewed by: imp, glebius
Pull Request: https://github.com/freebsd/freebsd-src/pull/1375
Commit e695500d3c updated the policy table
to match RFC 6724, which obsoletes RFC 3484.
Add a reference to RFC 6724, and mark it up as a technical report (%R).
MFC after: 3 days
Signed-off-by: Jose Luis Duran <jlduran@gmail.com>
Reviewed by: imp, glebius
Pull Request: https://github.com/freebsd/freebsd-src/pull/1375
