From nobody Sun Dec 17 03:46:08 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4St84x2gsqz53xvQ;
	Sun, 17 Dec 2023 03:46:09 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4St84x0bBQz3Zyb;
	Sun, 17 Dec 2023 03:46:09 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702784769;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=DYau8iiB70wYChszxqe8B91oGrPnDpunk7htl1k5CpI=;
	b=c5fsA2iixfrWSNKaOjroV1TvwgrPYEkF0/TortOsosGMM8t0iBvdF4LjP3jFlTpv0aPMif
	7BBZUCL3swmThkMl28JWiHXVOTNT32le3CLklLLcKH/96HIdqTbRsSA8uU+MPu8wKc/TT1
	V3pmkBo8PIVCIx2/xGcgAkuDBWRzfLfYsnF0CTFWB7bb8xUUxyFiuCReb4TTQnF0SMpa6r
	cnvm4PkhwIuBPp2zmkkxR/G8SIa6pkKIZvuXfouGaTc516CPLtq7c893J9amkqfem9J/R5
	JtnX3KVjZRKBlrBdkQ8yBy4Q4iWMlFvyWq1cf4nHkgSQX7Lg4ZAfKsmj/MJUHA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702784769; a=rsa-sha256; cv=none;
	b=W2gTkbr5MLT2qOHG8gIfJVjy7FEKzmG8GQh6Uzc9+Ry7gn/eEw1kMO3nFKGF+mTMYhrfCV
	Jrq424vHsNL1HpzICuKk6xr3z3ebIoWbWyfdmgWPAqbeEVI2EovgOroX1taAva1arOXMFq
	B9iiDwDp3/oBsZEriwoFvoejRkZkUL8K35Cib1HG413KXGXPiTdC249IeYWNOBXVSJlIS3
	Ltqe1fndQgSL1kP/IUus/RB4qoEQ3uqxxPr+MrPlilzfkVt1IXbxq40zGH3GTTd0DExTNt
	KDKERCKHXgrAgHDXePG8C6RVV9imFHG+cSqY0oJFquSFxekEb1ETah7t2eBtdQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702784769;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=DYau8iiB70wYChszxqe8B91oGrPnDpunk7htl1k5CpI=;
	b=vhvkMsKbfbTS1sgsPk6GvNpewX1iiBjznZ4WEr4mLxvQu6YOhVE4ukO9oPuB43tELoR/mh
	R1GXMdC6PAvnea/XI39EfdYviRrc4I3DEIqbhfzyfLlWxuNmVTtyaherDt/aDc/YXHQTyj
	pMjfmpbLrik3AarhJBdCgUNbubcoFSiEeXD+FQEVrVucC3tSyfqQ1v27WwfrqBvNBNGBj+
	7CRcucAXjEGwn1H6YViUx378sg+w6a35593RAklXjo7VqMpg/AcPbem7xDYwpTKnLbHqh3
	stV3Xdl3t+TKmuZqZneEoQ6j+ttUcjOE4zGd80N4EEd/hVXu7IADEotuu2S7Mg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4St84w6mLxz6bL;
	Sun, 17 Dec 2023 03:46:08 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BH3k8aP017908;
	Sun, 17 Dec 2023 03:46:08 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BH3k8Fg017905;
	Sun, 17 Dec 2023 03:46:08 GMT
	(envelope-from git)
Date: Sun, 17 Dec 2023 03:46:08 GMT
Message-Id: <202312170346.3BH3k8Fg017905@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Kirk McKusick <mckusick@FreeBSD.org>
Subject: git: 636bf719194c - stable/14 - Increase UFS/FFS maximum
  link count from 32767 to 65530.
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mckusick
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 636bf719194ce27390b45b8f68e430993670d2dd
Auto-Submitted: auto-generated

The branch stable/14 has been updated by mckusick:

URL: https://cgit.FreeBSD.org/src/commit/?id=636bf719194ce27390b45b8f68e430993670d2dd

commit 636bf719194ce27390b45b8f68e430993670d2dd
Author:     Kirk McKusick <mckusick@FreeBSD.org>
AuthorDate: 2023-12-03 20:36:42 +0000
Commit:     Kirk McKusick <mckusick@FreeBSD.org>
CommitDate: 2023-12-17 03:45:51 +0000

    Increase UFS/FFS maximum link count from 32767 to 65530.
    
    Differential Revision: https://reviews.freebsd.org/D42767
    
    (cherry picked from commit 35a301555bff2ac27a727c10641b7efb3f162988)
---
 sys/ufs/ffs/ffs_alloc.c   |  2 +-
 sys/ufs/ffs/ffs_softdep.c |  4 ++--
 sys/ufs/ufs/dinode.h      |  6 +++---
 sys/ufs/ufs/inode.h       | 10 ++++++++--
 sys/ufs/ufs/ufs_lookup.c  |  8 ++++----
 sys/ufs/ufs/ufs_vnops.c   | 32 ++++++++++++++++----------------
 6 files changed, 34 insertions(+), 28 deletions(-)

diff --git a/sys/ufs/ffs/ffs_alloc.c b/sys/ufs/ffs/ffs_alloc.c
index 2bf5b6c58302..690df0c12793 100644
--- a/sys/ufs/ffs/ffs_alloc.c
+++ b/sys/ufs/ffs/ffs_alloc.c
@@ -3332,7 +3332,7 @@ sysctl_ffs_fsck(SYSCTL_HANDLER_ARGS)
 			break;
 		ip = VTOI(vp);
 		ip->i_nlink += cmd.size;
-		DIP_SET(ip, i_nlink, ip->i_nlink);
+		DIP_SET_NLINK(ip, ip->i_nlink);
 		ip->i_effnlink += cmd.size;
 		UFS_INODE_SET_FLAG(ip, IN_CHANGE | IN_MODIFIED);
 		error = ffs_update(vp, 1);
diff --git a/sys/ufs/ffs/ffs_softdep.c b/sys/ufs/ffs/ffs_softdep.c
index 28ffb806b308..961cb4493621 100644
--- a/sys/ufs/ffs/ffs_softdep.c
+++ b/sys/ufs/ffs/ffs_softdep.c
@@ -10048,7 +10048,7 @@ handle_workitem_remove(struct dirrem *dirrem, int flags)
 		KASSERT(ip->i_nlink >= 0, ("handle_workitem_remove: file ino "
 		    "%ju negative i_nlink %d", (intmax_t)ip->i_number,
 		    ip->i_nlink));
-		DIP_SET(ip, i_nlink, ip->i_nlink);
+		DIP_SET_NLINK(ip, ip->i_nlink);
 		UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 		if (ip->i_nlink < ip->i_effnlink)
 			panic("handle_workitem_remove: bad file delta");
@@ -10071,7 +10071,7 @@ handle_workitem_remove(struct dirrem *dirrem, int flags)
 	ip->i_nlink -= 2;
 	KASSERT(ip->i_nlink >= 0, ("handle_workitem_remove: directory ino "
 	    "%ju negative i_nlink %d", (intmax_t)ip->i_number, ip->i_nlink));
-	DIP_SET(ip, i_nlink, ip->i_nlink);
+	DIP_SET_NLINK(ip, ip->i_nlink);
 	UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 	if (ip->i_nlink < ip->i_effnlink)
 		panic("handle_workitem_remove: bad dir delta");
diff --git a/sys/ufs/ufs/dinode.h b/sys/ufs/ufs/dinode.h
index b429562f1159..b4117a99c262 100644
--- a/sys/ufs/ufs/dinode.h
+++ b/sys/ufs/ufs/dinode.h
@@ -125,7 +125,7 @@ typedef int64_t ufs_time_t;
 
 struct ufs2_dinode {
 	uint16_t	di_mode;	/*   0: IFMT, permissions; see below. */
-	int16_t		di_nlink;	/*   2: File link count. */
+	uint16_t	di_nlink;	/*   2: File link count. */
 	uint32_t	di_uid;		/*   4: File owner. */
 	uint32_t	di_gid;		/*   8: File group. */
 	uint32_t	di_blksize;	/*  12: Inode blocksize. */
@@ -180,7 +180,7 @@ struct ufs2_dinode {
  */
 struct ufs1_dinode {
 	uint16_t	di_mode;	/*   0: IFMT, permissions; see below. */
-	int16_t		di_nlink;	/*   2: File link count. */
+	uint16_t	di_nlink;	/*   2: File link count. */
 	union {
 		uint32_t di_freelink;	/*   4: SUJ: Next unlinked inode. */
 		uint32_t di_dirdepth;	/*   4: IFDIR: depth from root dir */
@@ -210,6 +210,6 @@ struct ufs1_dinode {
 	uint64_t	di_modrev;	/* 120: i_modrev for NFSv4 */
 };
 
-#define	UFS_LINK_MAX	32767
+#define	UFS_LINK_MAX	65500	/* leave a few spare for special values */
 
 #endif /* _UFS_UFS_DINODE_H_ */
diff --git a/sys/ufs/ufs/inode.h b/sys/ufs/ufs/inode.h
index 81500e10ebb1..dc7e2560d6e3 100644
--- a/sys/ufs/ufs/inode.h
+++ b/sys/ufs/ufs/inode.h
@@ -97,7 +97,7 @@ struct inode {
 
 	ino_t	  i_number;	/* The identity of the inode. */
 	uint32_t  i_flag;	/* flags, see below */
-	int	  i_effnlink;	/* i_nlink when I/O completes */
+	int32_t	  i_effnlink;	/* i_nlink when I/O completes */
 
 	/*
 	 * Side effects; used during directory lookup.
@@ -133,7 +133,7 @@ struct inode {
 	uint32_t i_flags;	/* Status flags (chflags). */
 	uint32_t i_uid;		/* File owner. */
 	uint32_t i_gid;		/* File group. */
-	int16_t  i_nlink;	/* File link count. */
+	int32_t  i_nlink;	/* File link count. */
 	uint16_t i_mode;	/* IFMT, permissions; see below. */
 };
 /*
@@ -244,6 +244,12 @@ I_IS_UFS2(const struct inode *ip)
 	else							\
 		(ip)->i_din2->d##field = (val); 		\
 	} while (0)
+#define	DIP_SET_NLINK(ip, val) do {					\
+	KASSERT(ip->i_nlink >= 0, ("%s:%d %s(): setting negative "	\
+	    "nlink value %d for inode %jd\n", __FILE__, __LINE__,	\
+	    __FUNCTION__, (ip)->i_nlink, (ip)->i_number));		\
+	DIP_SET(ip, i_nlink, val);					\
+	} while (0)
 
 #define	IS_SNAPSHOT(ip)		((ip)->i_flags & SF_SNAPSHOT)
 #define	IS_UFS(vp)		((vp)->v_data != NULL)
diff --git a/sys/ufs/ufs/ufs_lookup.c b/sys/ufs/ufs/ufs_lookup.c
index b1964addd65d..0beeeed32251 100644
--- a/sys/ufs/ufs/ufs_lookup.c
+++ b/sys/ufs/ufs/ufs_lookup.c
@@ -1123,7 +1123,7 @@ ufs_dirremove(struct vnode *dvp, struct inode *ip, int flags, int isrmdir)
 			softdep_setup_unlink(dp, ip);
 		} else {
 			ip->i_nlink--;
-			DIP_SET(ip, i_nlink, ip->i_nlink);
+			DIP_SET_NLINK(ip, ip->i_nlink);
 			UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 		}
 	}
@@ -1139,7 +1139,7 @@ ufs_dirremove(struct vnode *dvp, struct inode *ip, int flags, int isrmdir)
 				softdep_change_linkcnt(ip);
 			} else {
 				ip->i_nlink++;
-				DIP_SET(ip, i_nlink, ip->i_nlink);
+				DIP_SET_NLINK(ip, ip->i_nlink);
 				UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 			}
 		}
@@ -1243,7 +1243,7 @@ ufs_dirrewrite(struct inode *dp, struct inode *oip, ino_t newinum, int newtype,
 		softdep_setup_unlink(dp, oip);
 	} else {
 		oip->i_nlink--;
-		DIP_SET(oip, i_nlink, oip->i_nlink);
+		DIP_SET_NLINK(oip, oip->i_nlink);
 		UFS_INODE_SET_FLAG(oip, IN_CHANGE);
 	}
 
@@ -1260,7 +1260,7 @@ ufs_dirrewrite(struct inode *dp, struct inode *oip, ino_t newinum, int newtype,
 			softdep_change_linkcnt(oip);
 		} else {
 			oip->i_nlink++;
-			DIP_SET(oip, i_nlink, oip->i_nlink);
+			DIP_SET_NLINK(oip, oip->i_nlink);
 			UFS_INODE_SET_FLAG(oip, IN_CHANGE);
 		}
 		return (error);
diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c
index 79cca75fc563..ff1f2af7b65b 100644
--- a/sys/ufs/ufs/ufs_vnops.c
+++ b/sys/ufs/ufs/ufs_vnops.c
@@ -1133,7 +1133,7 @@ ufs_link(
 
 	ip->i_effnlink++;
 	ip->i_nlink++;
-	DIP_SET(ip, i_nlink, ip->i_nlink);
+	DIP_SET_NLINK(ip, ip->i_nlink);
 	UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 	if (DOINGSOFTDEP(vp))
 		softdep_setup_link(VTOI(tdvp), ip);
@@ -1146,7 +1146,7 @@ ufs_link(
 	if (error) {
 		ip->i_effnlink--;
 		ip->i_nlink--;
-		DIP_SET(ip, i_nlink, ip->i_nlink);
+		DIP_SET_NLINK(ip, ip->i_nlink);
 		UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 		if (DOINGSOFTDEP(vp))
 			softdep_revert_link(VTOI(tdvp), ip);
@@ -1528,7 +1528,7 @@ relock:
 	 */
 	fip->i_effnlink++;
 	fip->i_nlink++;
-	DIP_SET(fip, i_nlink, fip->i_nlink);
+	DIP_SET_NLINK(fip, fip->i_nlink);
 	UFS_INODE_SET_FLAG(fip, IN_CHANGE);
 	if (DOINGSOFTDEP(fvp))
 		softdep_setup_link(tdp, fip);
@@ -1557,7 +1557,7 @@ relock:
 			if (tdp->i_nlink >= UFS_LINK_MAX) {
 				fip->i_effnlink--;
 				fip->i_nlink--;
-				DIP_SET(fip, i_nlink, fip->i_nlink);
+				DIP_SET_NLINK(fip, fip->i_nlink);
 				UFS_INODE_SET_FLAG(fip, IN_CHANGE);
 				if (DOINGSOFTDEP(fvp))
 					softdep_revert_link(tdp, fip);
@@ -1680,11 +1680,11 @@ relock:
 			 */
 			if (!newparent) {
 				tdp->i_nlink--;
-				DIP_SET(tdp, i_nlink, tdp->i_nlink);
+				DIP_SET_NLINK(tdp, tdp->i_nlink);
 				UFS_INODE_SET_FLAG(tdp, IN_CHANGE);
 			}
 			tip->i_nlink--;
-			DIP_SET(tip, i_nlink, tip->i_nlink);
+			DIP_SET_NLINK(tip, tip->i_nlink);
 			UFS_INODE_SET_FLAG(tip, IN_CHANGE);
 		}
 	}
@@ -1719,7 +1719,7 @@ relock:
 		if (tip == NULL) {
 			tdp->i_effnlink++;
 			tdp->i_nlink++;
-			DIP_SET(tdp, i_nlink, tdp->i_nlink);
+			DIP_SET_NLINK(tdp, tdp->i_nlink);
 			UFS_INODE_SET_FLAG(tdp, IN_CHANGE);
 			if (DOINGSOFTDEP(tdvp))
 				softdep_setup_dotdot_link(tdp, fip);
@@ -1782,7 +1782,7 @@ unlockout:
 bad:
 	fip->i_effnlink--;
 	fip->i_nlink--;
-	DIP_SET(fip, i_nlink, fip->i_nlink);
+	DIP_SET_NLINK(fip, fip->i_nlink);
 	UFS_INODE_SET_FLAG(fip, IN_CHANGE);
 	if (DOINGSOFTDEP(fvp))
 		softdep_revert_link(tdp, fip);
@@ -2122,7 +2122,7 @@ ufs_mkdir(
 	tvp->v_type = VDIR;	/* Rest init'd in getnewvnode(). */
 	ip->i_effnlink = 2;
 	ip->i_nlink = 2;
-	DIP_SET(ip, i_nlink, 2);
+	DIP_SET_NLINK(ip, 2);
 	DIP_SET(ip, i_dirdepth, DIP(dp,i_dirdepth) + 1);
 
 	if (cnp->cn_flags & ISWHITEOUT) {
@@ -2137,7 +2137,7 @@ ufs_mkdir(
 	 */
 	dp->i_effnlink++;
 	dp->i_nlink++;
-	DIP_SET(dp, i_nlink, dp->i_nlink);
+	DIP_SET_NLINK(dp, dp->i_nlink);
 	UFS_INODE_SET_FLAG(dp, IN_CHANGE);
 	if (DOINGSOFTDEP(dvp))
 		softdep_setup_mkdir(dp, ip);
@@ -2228,7 +2228,7 @@ bad:
 	} else {
 		dp->i_effnlink--;
 		dp->i_nlink--;
-		DIP_SET(dp, i_nlink, dp->i_nlink);
+		DIP_SET_NLINK(dp, dp->i_nlink);
 		UFS_INODE_SET_FLAG(dp, IN_CHANGE);
 		/*
 		 * No need to do an explicit VOP_TRUNCATE here, vrele will
@@ -2236,7 +2236,7 @@ bad:
 		 */
 		ip->i_effnlink = 0;
 		ip->i_nlink = 0;
-		DIP_SET(ip, i_nlink, 0);
+		DIP_SET_NLINK(ip, 0);
 		UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 		if (DOINGSOFTDEP(tvp))
 			softdep_revert_mkdir(dp, ip);
@@ -2333,11 +2333,11 @@ ufs_rmdir(
 	 */
 	if (!DOINGSOFTDEP(vp)) {
 		dp->i_nlink--;
-		DIP_SET(dp, i_nlink, dp->i_nlink);
+		DIP_SET_NLINK(dp, dp->i_nlink);
 		UFS_INODE_SET_FLAG(dp, IN_CHANGE);
 		error = UFS_UPDATE(dvp, 0);
 		ip->i_nlink--;
-		DIP_SET(ip, i_nlink, ip->i_nlink);
+		DIP_SET_NLINK(ip, ip->i_nlink);
 		UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 	}
 	cache_vop_rmdir(dvp, vp);
@@ -2874,7 +2874,7 @@ ufs_makeinode(int mode, struct vnode *dvp, struct vnode **vpp,
 	tvp->v_type = IFTOVT(mode);	/* Rest init'd in getnewvnode(). */
 	ip->i_effnlink = 1;
 	ip->i_nlink = 1;
-	DIP_SET(ip, i_nlink, 1);
+	DIP_SET_NLINK(ip, 1);
 	if (DOINGSOFTDEP(tvp))
 		softdep_setup_create(VTOI(dvp), ip);
 	if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred) &&
@@ -2930,7 +2930,7 @@ bad:
 	 */
 	ip->i_effnlink = 0;
 	ip->i_nlink = 0;
-	DIP_SET(ip, i_nlink, 0);
+	DIP_SET_NLINK(ip, 0);
 	UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 	if (DOINGSOFTDEP(tvp))
 		softdep_revert_create(VTOI(dvp), ip);

From nobody Sun Dec 17 03:48:44 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4St87w4Yr7z53xbb;
	Sun, 17 Dec 2023 03:48:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4St87w46ldz3b9Z;
	Sun, 17 Dec 2023 03:48:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702784924;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=kPXfS9uv8NWRfGNzU0Jgl960G0msv2txfeKHri/kIC4=;
	b=eZwWuxYIheR1Ig6cfwRgWG3Kilc/gaa3Blo1nxWvhjFCbDsgzI6YzPqaKy1H6Dua+ERNAT
	OLKoP+AMjXbpdadCyvlLeFstZb+UIcVRvN75i2AzZL3u1iYg4vRylCA7Gok4sRY/u/MnRB
	MtNFQb8mUVU4h3VOwkZRyIUZgdGrT6+/N94CsY0IOM7GZ4QiCKnOy+XcCf1lgPhwUmiiNY
	UtChR6SXN4Z11mxB9V/rKmMHqOqMhlyf0zqoij7iEQmF8BxLMBQWgr1EbyhCCvVvWtM9s7
	TnV86jsvQIgIewZLtfcHFCaRKaJTBofLeStA66djHUkriZpn44EvSBH7+0V/YQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702784924; a=rsa-sha256; cv=none;
	b=I9Dyu4TUkxCy5XWwpT82NFQ2duJyoKJwAp4lI2rjeUtuQRSBR+TcbrulpsDTzr382KKGfs
	e00ghJcZjruWkBE5nAjxZJ9iRUUENQfnowFk4PRDla3LAk1qxtFzdkJxMdYImHLfc9Kkhp
	d6o5UrTY0NsKAbie4k0n9K9Um9KOABLCm0GbEz4oCqnJpAzqkovzvLg6JDI5hjcynrE0AR
	S66Vv+0yxCw9s8bj53PgSFBymspK6zFuR5xF4iP+hlpFawD4oAEcTPoqngkDEyG/fEDEvf
	iPMSjmlEQU8khgMDXNHcSXM6PO9+ChOr/Nohrz5+9TqYG5YGh+0S4lqH6cABLA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702784924;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=kPXfS9uv8NWRfGNzU0Jgl960G0msv2txfeKHri/kIC4=;
	b=G1FcF1sf7ZKznEkqt24JB5Pc9kyliWC1cGYwibA3JE9wZ+P2ar1DpZMZAj4xTc3zZMtSbA
	0SBQ+S88dREK2Povy/a+lNMA4TqitvAF/iokCsbq4dD6Y1LAZB7t5PXN5uFh3BH6avspf/
	szgiIw/fIXiWPIY55N1i1U2zfJnuyh1Yl9S9ili1ivKwcYSs+mr4TQaBwLXW6Jku5ejmQn
	gYZyixJrpbExRJHkJJnbeeBWfGpAI1M9LzUJ++aEVDNFYEe46sMFF5PwhUq1FXvmG4mePp
	efhdetFLIOmGXYMqvUCjFBllH+9WxM1G4ZNzAdLDV9E8YgMwb2RAJSy9GSNaGA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4St87w38xZz6t3;
	Sun, 17 Dec 2023 03:48:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BH3miKt018436;
	Sun, 17 Dec 2023 03:48:44 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BH3miAY018433;
	Sun, 17 Dec 2023 03:48:44 GMT
	(envelope-from git)
Date: Sun, 17 Dec 2023 03:48:44 GMT
Message-Id: <202312170348.3BH3miAY018433@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Kirk McKusick <mckusick@FreeBSD.org>
Subject: git: 2e4ac696d8d4 - stable/13 - Increase UFS/FFS maximum
  link count from 32767 to 65530.
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mckusick
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 2e4ac696d8d46f4818ecc91a38953ba1e3a20fc5
Auto-Submitted: auto-generated

The branch stable/13 has been updated by mckusick:

URL: https://cgit.FreeBSD.org/src/commit/?id=2e4ac696d8d46f4818ecc91a38953ba1e3a20fc5

commit 2e4ac696d8d46f4818ecc91a38953ba1e3a20fc5
Author:     Kirk McKusick <mckusick@FreeBSD.org>
AuthorDate: 2023-12-03 20:36:42 +0000
Commit:     Kirk McKusick <mckusick@FreeBSD.org>
CommitDate: 2023-12-17 03:48:38 +0000

    Increase UFS/FFS maximum link count from 32767 to 65530.
    
    Differential Revision: https://reviews.freebsd.org/D42767
    
    (cherry picked from commit 35a301555bff2ac27a727c10641b7efb3f162988)
---
 sys/ufs/ffs/ffs_alloc.c   |  2 +-
 sys/ufs/ffs/ffs_softdep.c |  4 ++--
 sys/ufs/ufs/dinode.h      |  6 +++---
 sys/ufs/ufs/inode.h       | 10 ++++++++--
 sys/ufs/ufs/ufs_lookup.c  |  8 ++++----
 sys/ufs/ufs/ufs_vnops.c   | 32 ++++++++++++++++----------------
 6 files changed, 34 insertions(+), 28 deletions(-)

diff --git a/sys/ufs/ffs/ffs_alloc.c b/sys/ufs/ffs/ffs_alloc.c
index 33ad9ffc072b..09028456435e 100644
--- a/sys/ufs/ffs/ffs_alloc.c
+++ b/sys/ufs/ffs/ffs_alloc.c
@@ -3332,7 +3332,7 @@ sysctl_ffs_fsck(SYSCTL_HANDLER_ARGS)
 			break;
 		ip = VTOI(vp);
 		ip->i_nlink += cmd.size;
-		DIP_SET(ip, i_nlink, ip->i_nlink);
+		DIP_SET_NLINK(ip, ip->i_nlink);
 		ip->i_effnlink += cmd.size;
 		UFS_INODE_SET_FLAG(ip, IN_CHANGE | IN_MODIFIED);
 		error = ffs_update(vp, 1);
diff --git a/sys/ufs/ffs/ffs_softdep.c b/sys/ufs/ffs/ffs_softdep.c
index bf411b9f4322..f2df1a8e7fc3 100644
--- a/sys/ufs/ffs/ffs_softdep.c
+++ b/sys/ufs/ffs/ffs_softdep.c
@@ -10048,7 +10048,7 @@ handle_workitem_remove(struct dirrem *dirrem, int flags)
 		KASSERT(ip->i_nlink >= 0, ("handle_workitem_remove: file ino "
 		    "%ju negative i_nlink %d", (intmax_t)ip->i_number,
 		    ip->i_nlink));
-		DIP_SET(ip, i_nlink, ip->i_nlink);
+		DIP_SET_NLINK(ip, ip->i_nlink);
 		UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 		if (ip->i_nlink < ip->i_effnlink)
 			panic("handle_workitem_remove: bad file delta");
@@ -10071,7 +10071,7 @@ handle_workitem_remove(struct dirrem *dirrem, int flags)
 	ip->i_nlink -= 2;
 	KASSERT(ip->i_nlink >= 0, ("handle_workitem_remove: directory ino "
 	    "%ju negative i_nlink %d", (intmax_t)ip->i_number, ip->i_nlink));
-	DIP_SET(ip, i_nlink, ip->i_nlink);
+	DIP_SET_NLINK(ip, ip->i_nlink);
 	UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 	if (ip->i_nlink < ip->i_effnlink)
 		panic("handle_workitem_remove: bad dir delta");
diff --git a/sys/ufs/ufs/dinode.h b/sys/ufs/ufs/dinode.h
index b429562f1159..b4117a99c262 100644
--- a/sys/ufs/ufs/dinode.h
+++ b/sys/ufs/ufs/dinode.h
@@ -125,7 +125,7 @@ typedef int64_t ufs_time_t;
 
 struct ufs2_dinode {
 	uint16_t	di_mode;	/*   0: IFMT, permissions; see below. */
-	int16_t		di_nlink;	/*   2: File link count. */
+	uint16_t	di_nlink;	/*   2: File link count. */
 	uint32_t	di_uid;		/*   4: File owner. */
 	uint32_t	di_gid;		/*   8: File group. */
 	uint32_t	di_blksize;	/*  12: Inode blocksize. */
@@ -180,7 +180,7 @@ struct ufs2_dinode {
  */
 struct ufs1_dinode {
 	uint16_t	di_mode;	/*   0: IFMT, permissions; see below. */
-	int16_t		di_nlink;	/*   2: File link count. */
+	uint16_t	di_nlink;	/*   2: File link count. */
 	union {
 		uint32_t di_freelink;	/*   4: SUJ: Next unlinked inode. */
 		uint32_t di_dirdepth;	/*   4: IFDIR: depth from root dir */
@@ -210,6 +210,6 @@ struct ufs1_dinode {
 	uint64_t	di_modrev;	/* 120: i_modrev for NFSv4 */
 };
 
-#define	UFS_LINK_MAX	32767
+#define	UFS_LINK_MAX	65500	/* leave a few spare for special values */
 
 #endif /* _UFS_UFS_DINODE_H_ */
diff --git a/sys/ufs/ufs/inode.h b/sys/ufs/ufs/inode.h
index 898f30204b00..afe49bdba882 100644
--- a/sys/ufs/ufs/inode.h
+++ b/sys/ufs/ufs/inode.h
@@ -96,7 +96,7 @@ struct inode {
 
 	ino_t	  i_number;	/* The identity of the inode. */
 	uint32_t  i_flag;	/* flags, see below */
-	int	  i_effnlink;	/* i_nlink when I/O completes */
+	int32_t	  i_effnlink;	/* i_nlink when I/O completes */
 
 	/*
 	 * Side effects; used during directory lookup.
@@ -130,7 +130,7 @@ struct inode {
 	uint32_t i_flags;	/* Status flags (chflags). */
 	uint32_t i_uid;		/* File owner. */
 	uint32_t i_gid;		/* File group. */
-	int16_t  i_nlink;	/* File link count. */
+	int32_t  i_nlink;	/* File link count. */
 	uint16_t i_mode;	/* IFMT, permissions; see below. */
 };
 /*
@@ -240,6 +240,12 @@ I_IS_UFS2(const struct inode *ip)
 	else							\
 		(ip)->i_din2->d##field = (val); 		\
 	} while (0)
+#define	DIP_SET_NLINK(ip, val) do {					\
+	KASSERT(ip->i_nlink >= 0, ("%s:%d %s(): setting negative "	\
+	    "nlink value %d for inode %jd\n", __FILE__, __LINE__,	\
+	    __FUNCTION__, (ip)->i_nlink, (ip)->i_number));		\
+	DIP_SET(ip, i_nlink, val);					\
+	} while (0)
 
 #define	IS_SNAPSHOT(ip)		((ip)->i_flags & SF_SNAPSHOT)
 #define	IS_UFS(vp)		((vp)->v_data != NULL)
diff --git a/sys/ufs/ufs/ufs_lookup.c b/sys/ufs/ufs/ufs_lookup.c
index 0fb3a186b960..0c4b0d04367d 100644
--- a/sys/ufs/ufs/ufs_lookup.c
+++ b/sys/ufs/ufs/ufs_lookup.c
@@ -1137,7 +1137,7 @@ ufs_dirremove(struct vnode *dvp, struct inode *ip, int flags, int isrmdir)
 			softdep_setup_unlink(dp, ip);
 		} else {
 			ip->i_nlink--;
-			DIP_SET(ip, i_nlink, ip->i_nlink);
+			DIP_SET_NLINK(ip, ip->i_nlink);
 			UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 		}
 	}
@@ -1153,7 +1153,7 @@ ufs_dirremove(struct vnode *dvp, struct inode *ip, int flags, int isrmdir)
 				softdep_change_linkcnt(ip);
 			} else {
 				ip->i_nlink++;
-				DIP_SET(ip, i_nlink, ip->i_nlink);
+				DIP_SET_NLINK(ip, ip->i_nlink);
 				UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 			}
 		}
@@ -1257,7 +1257,7 @@ ufs_dirrewrite(struct inode *dp, struct inode *oip, ino_t newinum, int newtype,
 		softdep_setup_unlink(dp, oip);
 	} else {
 		oip->i_nlink--;
-		DIP_SET(oip, i_nlink, oip->i_nlink);
+		DIP_SET_NLINK(oip, oip->i_nlink);
 		UFS_INODE_SET_FLAG(oip, IN_CHANGE);
 	}
 
@@ -1274,7 +1274,7 @@ ufs_dirrewrite(struct inode *dp, struct inode *oip, ino_t newinum, int newtype,
 			softdep_change_linkcnt(oip);
 		} else {
 			oip->i_nlink++;
-			DIP_SET(oip, i_nlink, oip->i_nlink);
+			DIP_SET_NLINK(oip, oip->i_nlink);
 			UFS_INODE_SET_FLAG(oip, IN_CHANGE);
 		}
 		return (error);
diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c
index a6ca523ae87c..949e7bcc1bec 100644
--- a/sys/ufs/ufs/ufs_vnops.c
+++ b/sys/ufs/ufs/ufs_vnops.c
@@ -1137,7 +1137,7 @@ ufs_link(
 
 	ip->i_effnlink++;
 	ip->i_nlink++;
-	DIP_SET(ip, i_nlink, ip->i_nlink);
+	DIP_SET_NLINK(ip, ip->i_nlink);
 	UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 	if (DOINGSOFTDEP(vp))
 		softdep_setup_link(VTOI(tdvp), ip);
@@ -1150,7 +1150,7 @@ ufs_link(
 	if (error) {
 		ip->i_effnlink--;
 		ip->i_nlink--;
-		DIP_SET(ip, i_nlink, ip->i_nlink);
+		DIP_SET_NLINK(ip, ip->i_nlink);
 		UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 		if (DOINGSOFTDEP(vp))
 			softdep_revert_link(VTOI(tdvp), ip);
@@ -1541,7 +1541,7 @@ relock:
 	 */
 	fip->i_effnlink++;
 	fip->i_nlink++;
-	DIP_SET(fip, i_nlink, fip->i_nlink);
+	DIP_SET_NLINK(fip, fip->i_nlink);
 	UFS_INODE_SET_FLAG(fip, IN_CHANGE);
 	if (DOINGSOFTDEP(fvp))
 		softdep_setup_link(tdp, fip);
@@ -1570,7 +1570,7 @@ relock:
 			if (tdp->i_nlink >= UFS_LINK_MAX) {
 				fip->i_effnlink--;
 				fip->i_nlink--;
-				DIP_SET(fip, i_nlink, fip->i_nlink);
+				DIP_SET_NLINK(fip, fip->i_nlink);
 				UFS_INODE_SET_FLAG(fip, IN_CHANGE);
 				if (DOINGSOFTDEP(fvp))
 					softdep_revert_link(tdp, fip);
@@ -1693,11 +1693,11 @@ relock:
 			 */
 			if (!newparent) {
 				tdp->i_nlink--;
-				DIP_SET(tdp, i_nlink, tdp->i_nlink);
+				DIP_SET_NLINK(tdp, tdp->i_nlink);
 				UFS_INODE_SET_FLAG(tdp, IN_CHANGE);
 			}
 			tip->i_nlink--;
-			DIP_SET(tip, i_nlink, tip->i_nlink);
+			DIP_SET_NLINK(tip, tip->i_nlink);
 			UFS_INODE_SET_FLAG(tip, IN_CHANGE);
 		}
 	}
@@ -1732,7 +1732,7 @@ relock:
 		if (tip == NULL) {
 			tdp->i_effnlink++;
 			tdp->i_nlink++;
-			DIP_SET(tdp, i_nlink, tdp->i_nlink);
+			DIP_SET_NLINK(tdp, tdp->i_nlink);
 			UFS_INODE_SET_FLAG(tdp, IN_CHANGE);
 			if (DOINGSOFTDEP(tdvp))
 				softdep_setup_dotdot_link(tdp, fip);
@@ -1793,7 +1793,7 @@ unlockout:
 bad:
 	fip->i_effnlink--;
 	fip->i_nlink--;
-	DIP_SET(fip, i_nlink, fip->i_nlink);
+	DIP_SET_NLINK(fip, fip->i_nlink);
 	UFS_INODE_SET_FLAG(fip, IN_CHANGE);
 	if (DOINGSOFTDEP(fvp))
 		softdep_revert_link(tdp, fip);
@@ -2137,7 +2137,7 @@ ufs_mkdir(
 	tvp->v_type = VDIR;	/* Rest init'd in getnewvnode(). */
 	ip->i_effnlink = 2;
 	ip->i_nlink = 2;
-	DIP_SET(ip, i_nlink, 2);
+	DIP_SET_NLINK(ip, 2);
 	DIP_SET(ip, i_dirdepth, DIP(dp,i_dirdepth) + 1);
 
 	if (cnp->cn_flags & ISWHITEOUT) {
@@ -2152,7 +2152,7 @@ ufs_mkdir(
 	 */
 	dp->i_effnlink++;
 	dp->i_nlink++;
-	DIP_SET(dp, i_nlink, dp->i_nlink);
+	DIP_SET_NLINK(dp, dp->i_nlink);
 	UFS_INODE_SET_FLAG(dp, IN_CHANGE);
 	if (DOINGSOFTDEP(dvp))
 		softdep_setup_mkdir(dp, ip);
@@ -2243,7 +2243,7 @@ bad:
 	} else {
 		dp->i_effnlink--;
 		dp->i_nlink--;
-		DIP_SET(dp, i_nlink, dp->i_nlink);
+		DIP_SET_NLINK(dp, dp->i_nlink);
 		UFS_INODE_SET_FLAG(dp, IN_CHANGE);
 		/*
 		 * No need to do an explicit VOP_TRUNCATE here, vrele will
@@ -2251,7 +2251,7 @@ bad:
 		 */
 		ip->i_effnlink = 0;
 		ip->i_nlink = 0;
-		DIP_SET(ip, i_nlink, 0);
+		DIP_SET_NLINK(ip, 0);
 		UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 		if (DOINGSOFTDEP(tvp))
 			softdep_revert_mkdir(dp, ip);
@@ -2348,11 +2348,11 @@ ufs_rmdir(
 	 */
 	if (!DOINGSOFTDEP(vp)) {
 		dp->i_nlink--;
-		DIP_SET(dp, i_nlink, dp->i_nlink);
+		DIP_SET_NLINK(dp, dp->i_nlink);
 		UFS_INODE_SET_FLAG(dp, IN_CHANGE);
 		error = UFS_UPDATE(dvp, 0);
 		ip->i_nlink--;
-		DIP_SET(ip, i_nlink, ip->i_nlink);
+		DIP_SET_NLINK(ip, ip->i_nlink);
 		UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 	}
 	cache_vop_rmdir(dvp, vp);
@@ -2893,7 +2893,7 @@ ufs_makeinode(int mode, struct vnode *dvp, struct vnode **vpp,
 	tvp->v_type = IFTOVT(mode);	/* Rest init'd in getnewvnode(). */
 	ip->i_effnlink = 1;
 	ip->i_nlink = 1;
-	DIP_SET(ip, i_nlink, 1);
+	DIP_SET_NLINK(ip, 1);
 	if (DOINGSOFTDEP(tvp))
 		softdep_setup_create(VTOI(dvp), ip);
 	if ((ip->i_mode & ISGID) && !groupmember(ip->i_gid, cnp->cn_cred) &&
@@ -2949,7 +2949,7 @@ bad:
 	 */
 	ip->i_effnlink = 0;
 	ip->i_nlink = 0;
-	DIP_SET(ip, i_nlink, 0);
+	DIP_SET_NLINK(ip, 0);
 	UFS_INODE_SET_FLAG(ip, IN_CHANGE);
 	if (DOINGSOFTDEP(tvp))
 		softdep_revert_create(VTOI(dvp), ip);

From nobody Sun Dec 17 14:52:14 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4StQsV5xxYz53kfj;
	Sun, 17 Dec 2023 14:52:14 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4StQsV5V3Bz3FC2;
	Sun, 17 Dec 2023 14:52:14 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702824734;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=nrJZGlLuZuc+ZmeJ60JGIz0ai2pgQopL1RmMkOE5JFI=;
	b=LhG1/zYXYjwnW8GEvi0rw7dU/ADSPINAxiA+4pSwpPa6/4Hwizml2QGz1VD8cLg9PvDK8k
	H9PBre0HYK9zHIiNOeeI6aAdEQP7a82R/fmpYCxl0JhH8yPpaGDIjV80mu2hhyVlYZWKYM
	/iFFlA45gKun5xIMu6mFDRNKEi8I7LmAM6T1R/cVetfV/HDkAsODo28gZD7C185FDIg6gr
	bjDyYPytDnmc7VSfVuwnmUUOpI/RTip9h01Pi6FAT9zLLWDZNrNibWExCukl7wmbVfFtMo
	l4c+AFmjJ2Dul5PG1kIcpLWUjjgjooy5n9waeh6WuTUeWz8yAwe3QKOIH6vaVw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702824734; a=rsa-sha256; cv=none;
	b=jYPhVW8Uw8kc/XLpxXwaQ4Q68M86zIwEEM3eDHS+DdvVBJWbYS6iTN8gGEJbY46UheST9C
	/5lFXJj+wYfWox2DPJY7OkBn+EAjn56sqZxl7O1U6KVh7Dt7n2duCX3It86sie1eBRoHvW
	bJeVkBCM7vUI0HZ2SsRXHfrf+k9oupnDmWYKdwpGVUCpGjwsBwu6ZvPibMc+wW1dw+Okzs
	/SMClc0j828ePYGvJKbWWsvzW4p+m6SgczfGdeLlRcCAxiE/qfxVD93Ri6OpOgX+LQqmcb
	U6ZAip8scim/6HEBuSmf5haCLXs9m1AhHBx5WAHddcjdSg8BOQpDUQKp1Ja6ng==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702824734;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=nrJZGlLuZuc+ZmeJ60JGIz0ai2pgQopL1RmMkOE5JFI=;
	b=GAl3V/3Tv1ruPsn9fbTGVSp+euXbHSsV9JW0RQiyN/bY50PbY2OCcWCu2svdp2hfyJvoWQ
	1C26HRiXPY55NTKFdeaoLQCJ7g+C8GeEtMpnBPd4GzTwNWKvlkztKM51/gBP2RhxNjWoKt
	Jt0PduY26ykGbsxZG22lcZ9t9O9h6CTxcTneJZWwh7rFYFfla0L+Lh2h1ib28VCHwv2krm
	Em6mnNAX3m0cBq+EtxmYNq4toXfgxQz6Pt9VI614YYmHDq6ujCrf8lu2e4ZKkXftz4ufzc
	stAkRfx1M3eNIObdDFVjtMbWWuNtLHDACDvMF49lImnOncBuTJIvey0HpM/4Cw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4StQsV4bn8zhgC;
	Sun, 17 Dec 2023 14:52:14 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BHEqEQo036246;
	Sun, 17 Dec 2023 14:52:14 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BHEqEpt036243;
	Sun, 17 Dec 2023 14:52:14 GMT
	(envelope-from git)
Date: Sun, 17 Dec 2023 14:52:14 GMT
Message-Id: <202312171452.3BHEqEpt036243@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Gordon Bergling <gbe@FreeBSD.org>
Subject: git: 9c452f50784f - stable/14 - iostat.8: Better wording
  for some use cases
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gbe
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 9c452f50784f5dddc406508d57a5ed288493f78d
Auto-Submitted: auto-generated

The branch stable/14 has been updated by gbe:

URL: https://cgit.FreeBSD.org/src/commit/?id=9c452f50784f5dddc406508d57a5ed288493f78d

commit 9c452f50784f5dddc406508d57a5ed288493f78d
Author:     Gordon Bergling <gbe@FreeBSD.org>
AuthorDate: 2023-11-26 18:30:58 +0000
Commit:     Gordon Bergling <gbe@FreeBSD.org>
CommitDate: 2023-12-17 14:51:53 +0000

    iostat.8: Better wording for some use cases
    
    The iostat(8) manual page should be more specific when using
    options. Also extented the BUGS section.
    
    PR:     153012
    Reviewed by:    bcr
    Differential Revision:  https://reviews.freebsd.org/D42633
    
    (cherry picked from commit 502e8f44fcc18bfc6dadca56801d66cbce4c07ec)
---
 usr.sbin/iostat/iostat.8 | 64 ++++++++++++++++++++++++++++++++++--------------
 1 file changed, 46 insertions(+), 18 deletions(-)

diff --git a/usr.sbin/iostat/iostat.8 b/usr.sbin/iostat/iostat.8
index 863f8ab8466c..ebeea17fa037 100644
--- a/usr.sbin/iostat/iostat.8
+++ b/usr.sbin/iostat/iostat.8
@@ -54,7 +54,7 @@
 .\"
 .\"	@(#)iostat.8	8.1 (Berkeley) 6/6/93
 .\"
-.Dd August 29, 2023
+.Dd November 26, 2023
 .Dt IOSTAT 8
 .Os
 .Sh NAME
@@ -83,7 +83,12 @@ The
 utility displays kernel
 .Tn I/O
 statistics on terminal, device and cpu operations.
-The first statistics that are printed are averaged over the system uptime.
+The first statistics that are printed are averaged over the system uptime
+(unless
+.Fl I
+is specified).
+Any references to repetitions in this man page implicitly include the first
+statistics output.
 To get information about the current activity, a suitable wait time should
 be specified, so that the subsequent sets of printed statistics will be
 averaged over that time.
@@ -101,14 +106,11 @@ is specified.
 Repeat the display
 .Ar count
 times.
-If no repeat
-.Ar count
-is specified, the default depends on whether
-.Fl w
-is specified.
-With
-.Fl w
-the default repeat count is infinity, otherwise it is 1.
+If
+.Fl c
+is not specified and a wait interval is specified,
+the default repeat count is infinity.
+If no wait interval is specified, the default repeat count is 1.
 .It Fl d
 Display only device statistics.
 If this flag is turned on, only device statistics will be displayed, unless
@@ -130,8 +132,11 @@ per measurement cycle.
 Display total statistics for a given time period, rather than average
 statistics for each second during that time period.
 .It Fl K
-In the blocks transferred display (-o), display block count in kilobytes rather
-then the device native block size.
+In the old-style blocks transferred display
+.Po Fl I
+and
+.Fl o Pc ,
+display block count in kilobytes rather than the device native block size.
 .It Fl M
 Extract values associated with the name list from the specified core
 instead of the default
@@ -145,7 +150,7 @@ Display up to
 number of devices.
 The
 .Nm
-utility will display fewer devices if there are not
+utility will display fewer devices if there are less than
 .Ar devs
 devices present.
 .It Fl o
@@ -220,7 +225,7 @@ Passthrough devices
 The user must specify at least one device type, and may specify at most
 one device type from each category.
 Multiple device types in a single device type statement must be separated by
-commas.
+commas and are ANDed together.
 .Pp
 Any number of
 .Fl t
@@ -234,14 +239,16 @@ Any device that fully matches any
 argument will be included in the
 .Nm
 output, up to the number of devices that can be displayed in
-80 columns, or the maximum number of devices specified by the user.
+80 columns, or the maximum number of devices
+.Pq Fl n
+specified by the user.
 .It Fl w
 Pause
 .Ar wait
 seconds between each display.
-If no
-.Ar wait
-interval is specified, the default is 1 second.
+If
+.Fl w
+is not specified, the default interval is 1 second.
 .Pp
 The
 .Nm
@@ -516,3 +523,24 @@ The use of
 as a debugging tool for crash dumps is probably limited because there is
 currently no way to get statistics that only cover the time immediately before
 the crash.
+.Pp
+Each
+.Ar drives
+argument is passed to
+.Fn isdigit .
+If
+.Fn isdigit
+returns true,
+.Nm
+switches into an undocumented traditional syntax and subsequent arguments,
+if any, will not be interpreted as drive names.
+This behavior collides with the one documented in this man page and prevents
+specifying drive names starting with a number.
+E.g., the following
+.Bd -literal -offset indent
+iostat ada0 ada1 2 3 cd0
+.Ed
+.Pp
+This document's use of
+.Dq device type
+is misleading.

From nobody Sun Dec 17 14:52:30 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4StQsq2R0Gz53l09;
	Sun, 17 Dec 2023 14:52:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4StQsq15zDz3G0g;
	Sun, 17 Dec 2023 14:52:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702824751;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=K9HVPCYzx+CZ3kPIY1xSc5KgClSZbqA9Co1m/KpjU08=;
	b=djZHoL2Zhn+ELg1Br50v5yd1TNlCGBkzmGGxhdTeW1PYl1XYm4oa5nhYzzEz9LtAkCfFRW
	rWOQcAsW8zZsxV/5BDDuvYAGtJnax42mTLdfkWUejOGtVvU8nX9rzXs8EZ5rtwd51t5gam
	kZAPyIn1rNw/z19yQju5puwEk+K3bEDQXNT+PjRtI5sa1WMB55990MRkkzv1UyhlYj++u4
	BIQdpWrUFsVkfsDCmgHYL63f2X7A4kep0icyNS63AFI/gK0U5ql4fOed5yH8OqN7WpfAoV
	P1j6/Hxa7gMcGCqcWHksc3hJgdgniCfyuglMpl8FOIwFVqvJMzAnUibVRa/c4g==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702824751; a=rsa-sha256; cv=none;
	b=V6LX+1YuNBdwt+2JLy3meC/Qza5rnWwZXa00bdhti/YI4Whrt0bDRVvjR+LaGSQDP95RvX
	7mgLq1datRhMYrO6uQBRCoBS1GI+xflg6uM/8Rll+K47evYNy3Ek+WHBG1UVaaDvJRBDzL
	Qc63uZ+v8N+kMq+lskWCB28Dkv56rKc3h6rklyN4NPZ7AD8uUK9CLWjF5XDf8e4bQoqz6A
	D0PpVKVbGbqn/eWLunQg69aeavnF+MR+wJHbJGKGOEdMLDlMhHCyX9eoc/lvW2eausZqb3
	v3satmfMA7WxXTi6oTo0SqbKtNnd1aZkRbW4gXTEckYSUflle/GUJ5L8M1IG2w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702824751;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=K9HVPCYzx+CZ3kPIY1xSc5KgClSZbqA9Co1m/KpjU08=;
	b=R7VEymgVob4tAASWpEz3LxDNQ06bRgP7KCDBkhoIrJg0mZSAfipi3YXZ1fiR01waMkrkyF
	xK4Y1WqEB/Z2aNouCY16jE99eqXgD0Ua6VpMLFxSn/ktGVIk5Ff6X3EaJJHZGOvVFSsJEn
	9TgqqHfPw6IIEHwwr+SGAT0+xP+UNRI4M8W2pbNF2EKBFvTM51qqWJk0/ceXh8QBEX0O/9
	mPkJ1k+PJFuyP12nI+o8+JajA6IL7gekBjjBvOSN76SI2RNyWheP6Y+//gr87ie86H8tcP
	L3KpVpw4QrOWGZG9jPgGccYKpXi55C58PDOiFXeXC/3IcpEChwY25i1aJUoUHQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4StQsq08KDzj1g;
	Sun, 17 Dec 2023 14:52:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BHEqUSN038621;
	Sun, 17 Dec 2023 14:52:30 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BHEqUkL038618;
	Sun, 17 Dec 2023 14:52:30 GMT
	(envelope-from git)
Date: Sun, 17 Dec 2023 14:52:30 GMT
Message-Id: <202312171452.3BHEqUkL038618@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Gordon Bergling <gbe@FreeBSD.org>
Subject: git: f5f993f6c913 - stable/13 - iostat.8: Better wording
  for some use cases
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gbe
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: f5f993f6c9134530fbeac712589b3a6363a37286
Auto-Submitted: auto-generated

The branch stable/13 has been updated by gbe:

URL: https://cgit.FreeBSD.org/src/commit/?id=f5f993f6c9134530fbeac712589b3a6363a37286

commit f5f993f6c9134530fbeac712589b3a6363a37286
Author:     Gordon Bergling <gbe@FreeBSD.org>
AuthorDate: 2023-11-26 18:30:58 +0000
Commit:     Gordon Bergling <gbe@FreeBSD.org>
CommitDate: 2023-12-17 14:52:21 +0000

    iostat.8: Better wording for some use cases
    
    The iostat(8) manual page should be more specific when using
    options. Also extented the BUGS section.
    
    PR:     153012
    Reviewed by:    bcr
    Differential Revision:  https://reviews.freebsd.org/D42633
    
    (cherry picked from commit 502e8f44fcc18bfc6dadca56801d66cbce4c07ec)
---
 usr.sbin/iostat/iostat.8 | 64 ++++++++++++++++++++++++++++++++++--------------
 1 file changed, 46 insertions(+), 18 deletions(-)

diff --git a/usr.sbin/iostat/iostat.8 b/usr.sbin/iostat/iostat.8
index 863f8ab8466c..ebeea17fa037 100644
--- a/usr.sbin/iostat/iostat.8
+++ b/usr.sbin/iostat/iostat.8
@@ -54,7 +54,7 @@
 .\"
 .\"	@(#)iostat.8	8.1 (Berkeley) 6/6/93
 .\"
-.Dd August 29, 2023
+.Dd November 26, 2023
 .Dt IOSTAT 8
 .Os
 .Sh NAME
@@ -83,7 +83,12 @@ The
 utility displays kernel
 .Tn I/O
 statistics on terminal, device and cpu operations.
-The first statistics that are printed are averaged over the system uptime.
+The first statistics that are printed are averaged over the system uptime
+(unless
+.Fl I
+is specified).
+Any references to repetitions in this man page implicitly include the first
+statistics output.
 To get information about the current activity, a suitable wait time should
 be specified, so that the subsequent sets of printed statistics will be
 averaged over that time.
@@ -101,14 +106,11 @@ is specified.
 Repeat the display
 .Ar count
 times.
-If no repeat
-.Ar count
-is specified, the default depends on whether
-.Fl w
-is specified.
-With
-.Fl w
-the default repeat count is infinity, otherwise it is 1.
+If
+.Fl c
+is not specified and a wait interval is specified,
+the default repeat count is infinity.
+If no wait interval is specified, the default repeat count is 1.
 .It Fl d
 Display only device statistics.
 If this flag is turned on, only device statistics will be displayed, unless
@@ -130,8 +132,11 @@ per measurement cycle.
 Display total statistics for a given time period, rather than average
 statistics for each second during that time period.
 .It Fl K
-In the blocks transferred display (-o), display block count in kilobytes rather
-then the device native block size.
+In the old-style blocks transferred display
+.Po Fl I
+and
+.Fl o Pc ,
+display block count in kilobytes rather than the device native block size.
 .It Fl M
 Extract values associated with the name list from the specified core
 instead of the default
@@ -145,7 +150,7 @@ Display up to
 number of devices.
 The
 .Nm
-utility will display fewer devices if there are not
+utility will display fewer devices if there are less than
 .Ar devs
 devices present.
 .It Fl o
@@ -220,7 +225,7 @@ Passthrough devices
 The user must specify at least one device type, and may specify at most
 one device type from each category.
 Multiple device types in a single device type statement must be separated by
-commas.
+commas and are ANDed together.
 .Pp
 Any number of
 .Fl t
@@ -234,14 +239,16 @@ Any device that fully matches any
 argument will be included in the
 .Nm
 output, up to the number of devices that can be displayed in
-80 columns, or the maximum number of devices specified by the user.
+80 columns, or the maximum number of devices
+.Pq Fl n
+specified by the user.
 .It Fl w
 Pause
 .Ar wait
 seconds between each display.
-If no
-.Ar wait
-interval is specified, the default is 1 second.
+If
+.Fl w
+is not specified, the default interval is 1 second.
 .Pp
 The
 .Nm
@@ -516,3 +523,24 @@ The use of
 as a debugging tool for crash dumps is probably limited because there is
 currently no way to get statistics that only cover the time immediately before
 the crash.
+.Pp
+Each
+.Ar drives
+argument is passed to
+.Fn isdigit .
+If
+.Fn isdigit
+returns true,
+.Nm
+switches into an undocumented traditional syntax and subsequent arguments,
+if any, will not be interpreted as drive names.
+This behavior collides with the one documented in this man page and prevents
+specifying drive names starting with a number.
+E.g., the following
+.Bd -literal -offset indent
+iostat ada0 ada1 2 3 cd0
+.Ed
+.Pp
+This document's use of
+.Dq device type
+is misleading.

From nobody Sun Dec 17 20:31:36 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4StZP50khvz54CHt;
	Sun, 17 Dec 2023 20:31:37 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4StZP41q23z4Djj;
	Sun, 17 Dec 2023 20:31:36 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702845096;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=khKTkKm1lmMGxSYfacfiN8G4Mk2mY/APZ44KlY2o7/I=;
	b=orZv6gDhcMCVmBtp8iTGIQv3L3HlTQenz/n8BgQ3W3jka3ccUT0D9BxyIK8JVQxDGy2pTL
	I1pSRVlM8fFr59+1cy4J0cXbv+QxDROH7HrGCZp46qb6TxqBZ3E6x5oTfHB+2WaU9uX68t
	IhZu38xq2JsVnvz3czh194W43PTGIRzIT8jCbnijN0S4g60GxzCF2G3WDd07sAOdUhDRcL
	Bp0nHsUUMvQ1ppOXriyW4s/4GjeIzJnup8F+pd5QehlL6jE7TNFtlSgSBGZtLz0IDB87jG
	0w3vVVTKTeQ7R5wYq8/A+PC/1tmyaC0gdDCNN4pFCnnjoi68bJgAm5CfiPXOMg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702845096; a=rsa-sha256; cv=none;
	b=Gyvmq3Jli3yGOwb/rO4/q61xa1LpbLFlBMBWD3HY8PD24GzLHPKsipBVZDVgYThkC/mO2W
	UpkLsUy7rQOAmmsh/OaUXr+wK5g8GC6/L6SFfSfEj+p4Im0Dz/m/3gV836QB7/BFxZE/N7
	MkD9/HU5xaG/2VMXIlLx9aaFttIHXjgO44xUVopNx+M/PtQB4rU6qbwrtDHo6MxJKv9f7h
	OwpBmlUMnvLCZiXTYgbOhvZtzghNodDPmus3+fb9d8IJVtZJdYlyatF8EmrwSIg154cHkP
	TYRmC8jACxhUi4LQiFJj0zdIIe4RAoE2OQ1/E4exq5Hx0cKd8RXP1MAqnibrIQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702845096;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=khKTkKm1lmMGxSYfacfiN8G4Mk2mY/APZ44KlY2o7/I=;
	b=aes4rSiJXZK4r41yguLM6cpBTqkaxGom4oKO1mjdgfUAQtlT6LBO/R6NAkkXykcKv01uEm
	vMnn7xDVfaEUqrwPFZirJUEYobLs4ljwufqY4CYyS8enOg3FEm4qOxYRN5ENDpcYVXO0Yp
	D+GJQIUrD35ikGkU98Ulmo7g8mRFtJiAqsBDOl3XvZsEeQf2IWrQLqkdeNnyO55iqTwops
	JI8m+sTMNABilSN6e0GOfnctCs8mXfJxbx7Dyj6KSIeFVJSq77CR/G/cE8d2ADdEFmJy1n
	hZVVMNViX/AXPQn2KnFL1gGyjXq26gxvoF6drbOX6WINgpMRnswLMo+g3wwpaw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4StZP40w8Zzs2j;
	Sun, 17 Dec 2023 20:31:36 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BHKVagl004625;
	Sun, 17 Dec 2023 20:31:36 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BHKVaFc004623;
	Sun, 17 Dec 2023 20:31:36 GMT
	(envelope-from git)
Date: Sun, 17 Dec 2023 20:31:36 GMT
Message-Id: <202312172031.3BHKVaFc004623@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Rick Macklem <rmacklem@FreeBSD.org>
Subject: git: 71ccbf895655 - stable/14 - nfscl: Fix processing of
  a rare Rename reply case
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: rmacklem
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 71ccbf8956556962e6199ca277afe16f76a9a1fc
Auto-Submitted: auto-generated

The branch stable/14 has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=71ccbf8956556962e6199ca277afe16f76a9a1fc

commit 71ccbf8956556962e6199ca277afe16f76a9a1fc
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2023-12-03 23:31:01 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2023-12-17 20:30:18 +0000

    nfscl: Fix processing of a rare Rename reply case
    
    When delegations are enabled (they are not by default in
    the FreeBSD NFSv4 server), rename will check for and return
    delegations.  If the second of these DelegReturn operations
    were to fail (they rarely do), then the code would not retry
    the rename with returning delegations, as it is intended to do.
    
    The patch fixes the problem, since the DelegReturn reply status
    is the second iteration of the loop and not the first iteration.
    
    As noted, this bug would have rarely manifested a problem, since
    DelegReturn operations do not normally fail.
    
    (cherry picked from commit 6aded1e6b2e5549120031032e1c7f8b002882327)
---
 sys/fs/nfsclient/nfs_clrpcops.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/fs/nfsclient/nfs_clrpcops.c b/sys/fs/nfsclient/nfs_clrpcops.c
index c986b3927f1b..42264c947f32 100644
--- a/sys/fs/nfsclient/nfs_clrpcops.c
+++ b/sys/fs/nfsclient/nfs_clrpcops.c
@@ -3006,7 +3006,7 @@ tryagain:
 			    ND_NFSV4) {
 			    NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
 			    if (*(tl + 1)) {
-				if (i == 0 && ret > 1) {
+				if (i == 1 && ret > 1) {
 				    /*
 				     * If the Delegreturn failed, try again
 				     * without it. The server will Recall, as

From nobody Sun Dec 17 20:32:57 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4StZQd5xsYz54CTV;
	Sun, 17 Dec 2023 20:32:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4StZQd5KKMz4GSV;
	Sun, 17 Dec 2023 20:32:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702845177;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=UCT14qZGM6K3nw6/iqGQRU+yKLNSEbkQZM/jQQDxJl8=;
	b=xt/9JdTUPOtVZEU+RC4zuKEErmIXGb7sS5lhLu+7+RgUhlwwEgOfVS7LWHpmGH8ccf40PZ
	uDNgk0hFGsMiknNJ0AtXUiJkae/EHlljv8cjgV8LmA/I+MSsy9XzKJDk+eBotALUMKeRBw
	+gWNFAqAaC/+InjUfHoGFL7OhEL9Yu9GZfvoAxNo29s4lmyUsha6CxiPu0cBXsLDBfnCaA
	vjIjKkGVgdgrHOqsvJ0M+NWcfJmk5w3aIvrzRMP6UW3ttP7b8YbL9KYPb4obx9jeRQEq4t
	IrI17GVTEDzn9wO6Zle6uXfXB1kAjn77vB5aha7CZywbKXyczL5UDYvYjjKe8A==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702845177; a=rsa-sha256; cv=none;
	b=QJxF0ixGVL/mj4DPWBABqgmAVLPlJt05wC/8vOJi2UZNJT/g8EOwfwhCvHRVbBmceO3DMx
	JRJU+mrbEm1J3+N6v7I+r5wHMw3h27GLgs+mFg9zQ5DsykcDld96qattthuNNAB4JSqMkd
	p9hoyv4rGzmZbabRhYs6Y7hLiJ4i9B4oOlFSvWnXIJq9GxktEtL/NvLGC3cQxrUTfmCmGU
	7OwBx6W4PFS4+kdCAVxNnw2H01GFUOLVR9ZvJpgx3FPuemy+uSuxJO4eKbBhdHsM8Dty2+
	qAd9scCkN0PPZGa5x4cGOneTw3hV/0Mpnlne9OcRZLA1Uba6qp6r5IEW+T9GWA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702845177;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=UCT14qZGM6K3nw6/iqGQRU+yKLNSEbkQZM/jQQDxJl8=;
	b=frxA+2DUyqqFczJ08KIGNT+cucqqrTDXogy/x6sgR+n1PYF/NcvS5z/4lJVxOrjeSGlccK
	gTVYN51/eAIMDW9XaRfkEM1znU+xlsuwsJY63Px9DNU9+dkC0d5cj7x0igPLrJdvgotefg
	hwNh0Eku5zToAkcGr38P5EcRXkVnCa8kFxQAWsb48gSW+FGNgupcOliJi4IIG/chTEYO3p
	YwzOK3tebT8Umqbgy0Yauq8cPmGlRjV9STSovoxWBjx5h/yI+cCxI9P7jYfnhGXoqZRnZ6
	ZrkJGUo5ftKmvybj7sAOgDyGHkdAM9GBMMEYuCPiJBQgh33/PsJojbamyXgqYA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4StZQd3fQmzs5P;
	Sun, 17 Dec 2023 20:32:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BHKWv2x009299;
	Sun, 17 Dec 2023 20:32:57 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BHKWvKw009296;
	Sun, 17 Dec 2023 20:32:57 GMT
	(envelope-from git)
Date: Sun, 17 Dec 2023 20:32:57 GMT
Message-Id: <202312172032.3BHKWvKw009296@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Rick Macklem <rmacklem@FreeBSD.org>
Subject: git: 5bb8278584ad - stable/14 - nfscl: Fix comment for
  commit 6aded1e6b2e5
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: rmacklem
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 5bb8278584ad0c19ad881f807bb1ddf202d821ab
Auto-Submitted: auto-generated

The branch stable/14 has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=5bb8278584ad0c19ad881f807bb1ddf202d821ab

commit 5bb8278584ad0c19ad881f807bb1ddf202d821ab
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2023-12-04 00:12:14 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2023-12-17 20:32:08 +0000

    nfscl: Fix comment for commit 6aded1e6b2e5
    
    Commit 6aded1e6b2e5 fixed a rare case when handling an NFSv4
    Rename reply when delegations are in use.  This patch fixes the
    associated comment.
    
    (cherry picked from commit 0a958aa16fed1978879d64e3b225f1d232cc5a98)
---
 sys/fs/nfsclient/nfs_clrpcops.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/fs/nfsclient/nfs_clrpcops.c b/sys/fs/nfsclient/nfs_clrpcops.c
index 42264c947f32..12ce568dbedd 100644
--- a/sys/fs/nfsclient/nfs_clrpcops.c
+++ b/sys/fs/nfsclient/nfs_clrpcops.c
@@ -3011,7 +3011,7 @@ tryagain:
 				     * If the Delegreturn failed, try again
 				     * without it. The server will Recall, as
 				     * required.
-				     * If ret > 1, the first iteration of this
+				     * If ret > 1, the second iteration of this
 				     * loop is the second DelegReturn result.
 				     */
 				    m_freem(nd->nd_mrep);

From nobody Sun Dec 17 21:02:33 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Stb4n5Tzlz54FCs;
	Sun, 17 Dec 2023 21:02:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Stb4n52wGz3fdL;
	Sun, 17 Dec 2023 21:02:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702846953;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=8meHOMX0J6Kip8HC8Wv9VmfjBp5hBEq0oxKL2iNFL94=;
	b=BLokxpVdfgSBCp92Xf/n5T6mUfcEyQQI+PWKE/kevOG6POW28wRV+zloq9bPqXaA3A6qyz
	UigwwGM9yFEekiSdqb/yiBybqJdAvdftVg3foYnGwwNt7HX/g1+SMBh4Vf58WR99GWJgI1
	vvZWIyS/g405mwvVtfE5uXlFKP4J9dlOd/2MGPNpj+69yvzUWsDpVObUnl9GSSXIead+li
	Xwz5H5ZY+66SIKCDcj8EmTiJkQjqrrun531DmefB7JzebpxB4Jd7vJpRMAGryfHdbIO48g
	LV0eWsbGSU1LMq7m3z1+MVM7FnzShouu3H2x1KH9hThWY6XoeqybruPDBoEeAQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702846953; a=rsa-sha256; cv=none;
	b=fiBSQTNXh6E8aWfXgWsLzcPiyemlLFd7QRUOjfN+o4VsJu6gwuXwaX4OInK+TYRGxOcnBA
	vVXP4sIKozPoXx65jivcYWcKURYVOB9LG2Xr3Gbcr8P/mA0MjV4hlu2MqCuLsDDOgWmrL7
	KuvJuYonX0Zq8PAJ30UjUaWxduYcjAmY5LHkLgJmc2mzhGWYocuUEJDwYAGw+ZpJlaEOG4
	4ACH2VayRz86gDEo1a5NgYWISQwF7Bd+u2er2E3gbPcBy9F1+CNmq9CEOrbcyo2x+wVXbF
	GjBjzRo731Z0gUI86l3fuWC7BDP6Feo//UEUK8dtg6N9uRUkpcNtRysryWewLQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702846953;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=8meHOMX0J6Kip8HC8Wv9VmfjBp5hBEq0oxKL2iNFL94=;
	b=NEpVjMQnFcLiL79wjtZ0sBu9/utklMlyYl9vhgGyWfGR/KjMntL6/c3swtMvd1hh2Bcv/O
	e88ka0zzoU3S/L3KEfyrM0Z9Rg3UKC+xCup0EoSiDWEgeeZfU7E0s48QEXgTnZuznR+Zzc
	U0/SdDz+ooc0VNBQ5Q1pg+8mz2ZJnkb412Xb5XiPhld1IVrQEGx9WV4ik4UPaOlsPasGpk
	Tyr4Fk0Hal24G7u9QwRzcUo257OtR5q2+pAcMpkCUAJ6LoKMdFqAYilhyzwbJd8z/gVvqW
	IeJiFAUGjnDnbLvCBRq1o1Vz0BFpuW92mYajgIkdK+UbC239h3GEYqbJBpRiaA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Stb4n48MszshX;
	Sun, 17 Dec 2023 21:02:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BHL2XoX060453;
	Sun, 17 Dec 2023 21:02:33 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BHL2XVX060450;
	Sun, 17 Dec 2023 21:02:33 GMT
	(envelope-from git)
Date: Sun, 17 Dec 2023 21:02:33 GMT
Message-Id: <202312172102.3BHL2XVX060450@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Rick Macklem <rmacklem@FreeBSD.org>
Subject: git: c5e3beac7b80 - stable/13 - nfscl: Fix processing of
  a rare Rename reply case
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: rmacklem
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: c5e3beac7b80483b41492e021bbd43242528424e
Auto-Submitted: auto-generated

The branch stable/13 has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=c5e3beac7b80483b41492e021bbd43242528424e

commit c5e3beac7b80483b41492e021bbd43242528424e
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2023-12-03 23:31:01 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2023-12-17 21:01:34 +0000

    nfscl: Fix processing of a rare Rename reply case
    
    When delegations are enabled (they are not by default in
    the FreeBSD NFSv4 server), rename will check for and return
    delegations.  If the second of these DelegReturn operations
    were to fail (they rarely do), then the code would not retry
    the rename with returning delegations, as it is intended to do.
    
    The patch fixes the problem, since the DelegReturn reply status
    is the second iteration of the loop and not the first iteration.
    
    As noted, this bug would have rarely manifested a problem, since
    DelegReturn operations do not normally fail.
    
    (cherry picked from commit 6aded1e6b2e5549120031032e1c7f8b002882327)
---
 sys/fs/nfsclient/nfs_clrpcops.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/fs/nfsclient/nfs_clrpcops.c b/sys/fs/nfsclient/nfs_clrpcops.c
index 63b9f7755fd3..41c397100497 100644
--- a/sys/fs/nfsclient/nfs_clrpcops.c
+++ b/sys/fs/nfsclient/nfs_clrpcops.c
@@ -2719,7 +2719,7 @@ tryagain:
 			    ND_NFSV4) {
 			    NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
 			    if (*(tl + 1)) {
-				if (i == 0 && ret > 1) {
+				if (i == 1 && ret > 1) {
 				    /*
 				     * If the Delegreturn failed, try again
 				     * without it. The server will Recall, as

From nobody Sun Dec 17 21:04:29 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Stb713cr4z54FYW;
	Sun, 17 Dec 2023 21:04:29 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Stb7135ggz3gdM;
	Sun, 17 Dec 2023 21:04:29 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702847069;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=aiE0kSQ54AWCMAgSanWn9olEy3fVjwTmxUN6MdzPGTA=;
	b=ys43iQrJ5HsypVi5wIJ3PcPWAKt26OVSJx1i3cZRh00cjVmKGbl9X468gv9aigVmCzMTso
	+VqlIBUafXNNwOVqtMhm2BaN/KyoPFDaxTJgF+AxgcL9KBOEjW2n7g4noorAD9qisoT5qU
	NOIEyekl1ISwf77cypNdNirOV921n4dNcEW+meOBFAWterLafk7Crc5P6b2XeV57Ny3QpQ
	7OBs2S4+bJW8cJLSHMRw3a1P+dJ3SA/nVPhAOYak5bq3UL5TVLptc+Xymhn76ehis3K0DY
	66nNAZ5buWD8cwqP7OFOz81OdD9HwtteScj0BWiXCAyy613Lyp/YgSzjgL2QdA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702847069; a=rsa-sha256; cv=none;
	b=lTwUfDySB3Japmx0H7J7ufMndcQb4QDkzLJW5r2ZYspjH50+C+qLb2Ge1SlgO8yPpHGJIE
	/Ghni4EzEgjSdhQAb8aXmFmINAt6FNaDocigpRxGSjealK++9TCvR/8sODQ36DQj2l8rQ+
	GkSOJ6KyAcRK7CTxyU9Hl9X6QQ+RLKgiQ5qGjVkOAEcNzIXN2LGI3cbW05s3bOBDe86kql
	YEhQFvqFfY+A5VpFqla5tUkGVU0+YMYPJCkIB5aB8f+sD749OKvk3LD61rXFj8+DaCEuIB
	z4dG8AL0TFQfczDwntwcsg2es5UIsgTXabCB6U6VuhCdXrynW2PEqJ5+nbXf2g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702847069;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=aiE0kSQ54AWCMAgSanWn9olEy3fVjwTmxUN6MdzPGTA=;
	b=LdWbqvSadsqsFTk38CiCPnuFukbkjTYaAWRtMbz7D9JeJMmtuD6LKuPvrJNWin2ZeMo30I
	KtjCRBZxiSmLcy3QJR7XxICsYS3PIiu1PUbdjX+0vmai3OMXjYFW/x5rjO9yzVaQAuHF+p
	JhIPNkTQFTtpQ29W6pZFE95W3tytUpFoBHgFOO3SbU2dzRlJhGk7yPf6rCVs+rRmgK07Lb
	15+I386a5KeMCu4jGlirkj0vt6lv/mJA9Z+29g2kv6ROJLPuIEWPHpWpa0MGAdIFZR5Zr4
	/08IY7rHSTmLFMAklzgphq8LB543xjGghX8XIQpvLD+Mv+NV8BIPtk3H7Q0ytw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Stb7129ktzshZ;
	Sun, 17 Dec 2023 21:04:29 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BHL4T3N060803;
	Sun, 17 Dec 2023 21:04:29 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BHL4TCJ060800;
	Sun, 17 Dec 2023 21:04:29 GMT
	(envelope-from git)
Date: Sun, 17 Dec 2023 21:04:29 GMT
Message-Id: <202312172104.3BHL4TCJ060800@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Rick Macklem <rmacklem@FreeBSD.org>
Subject: git: 0c3c5ae0df52 - stable/13 - nfscl: Fix comment for
  commit 6aded1e6b2e5
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: rmacklem
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 0c3c5ae0df52484129c2eca49adec71742702c19
Auto-Submitted: auto-generated

The branch stable/13 has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=0c3c5ae0df52484129c2eca49adec71742702c19

commit 0c3c5ae0df52484129c2eca49adec71742702c19
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2023-12-04 00:12:14 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2023-12-17 21:03:29 +0000

    nfscl: Fix comment for commit 6aded1e6b2e5
    
    Commit 6aded1e6b2e5 fixed a rare case when handling an NFSv4
    Rename reply when delegations are in use.  This patch fixes the
    associated comment.
    
    (cherry picked from commit 0a958aa16fed1978879d64e3b225f1d232cc5a98)
---
 sys/fs/nfsclient/nfs_clrpcops.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/fs/nfsclient/nfs_clrpcops.c b/sys/fs/nfsclient/nfs_clrpcops.c
index 41c397100497..899d81efcf7c 100644
--- a/sys/fs/nfsclient/nfs_clrpcops.c
+++ b/sys/fs/nfsclient/nfs_clrpcops.c
@@ -2724,7 +2724,7 @@ tryagain:
 				     * If the Delegreturn failed, try again
 				     * without it. The server will Recall, as
 				     * required.
-				     * If ret > 1, the first iteration of this
+				     * If ret > 1, the second iteration of this
 				     * loop is the second DelegReturn result.
 				     */
 				    m_freem(nd->nd_mrep);

From nobody Sun Dec 17 21:13:57 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4StbKx3C23z54GP7;
	Sun, 17 Dec 2023 21:13:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4StbKx2c3kz4SkG;
	Sun, 17 Dec 2023 21:13:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702847637;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=09TZuvuj76VUR0rUbz7AUl4UXy2h+OCyyoxVQr0DlAE=;
	b=e1YeAjZl0kl9OhqDLMTKaDKoB+yqoAXIOKoKa1508X0ODUXqn6cvs5tUZ+sL/YYrVQH41D
	APds6IFfgzMjMaEdc1h5VgFCdfH5EqbvZ73S9uQnW1g3ucg96+RxRYk6AmDy61aLis60m4
	WGM9oh0qBgYQ2JG7Mhm+Boh5aXdxybxarP/Zx/nwnOXvOkCx7ABS58W/Khgz7gSSj/ho2a
	GTf+8H7VxscPiJY9pQiJM3xoX8LJqonrYtKszqQ8Qnmpwsb0rOK2P1IFeYyvzNUnwZiofZ
	wUHtMN2ztppth/ckh1fCs/5wirr91/D14tMcW4R123jUmFadVYhl3vsAQXO/eQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702847637; a=rsa-sha256; cv=none;
	b=w7QX1u3n7Dnmb0lMUTJYy45Mgo9iWewOcjDXCgBpk9lLpnmZC4RNwjA/JLQGOUsuRHBhpU
	KPlf0KG+7fFGzdbT4LVwU7vIDVuDvuuz2uQ33QFCkXADSLWJ38ytAuvKfG9AFkvIiMc1+y
	7zBmOASmWRqLDqHOiW05oh93pB5aKszN8nIz6ZvschORfwlhK8ZUOB4nzmuVq+6KcIzWx+
	RnfbkuvNEpGBIewqsiyzgXkrNQAdI8WUXJ2YBZ8xNKVQX6yKeH+XwGvHqXUGNJedKsvart
	ZJfx+pldJ5Wot8u7spEfy4hYrCIS6/JU0k32wFYCW/2ktOwMBMHMPbZKkHzgYA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702847637;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=09TZuvuj76VUR0rUbz7AUl4UXy2h+OCyyoxVQr0DlAE=;
	b=K2mE0yUcsu9s0Rs3P7oHz1Doq5gGOV/CfPYWj42c5vdzE7cYuvVGcJ5qHGxD4bWSakYea1
	Q3hMcTmyFvH9P6s5QQsK0nooibe0Lm+7YvJGaLGHZULl7qJu9pmnQdpYl5yp5OKN7FyNCb
	q/qoOfkYxmhE09cRCATDl1589q6/Ejce1XkdelcScTPClpoTVvKawntVvpdqzNWuCIKITf
	qQjm7z4CGzq0dTl0iKC+4koy1dfRwqFSrquSEW3s8GOL8sibY9EZ9Ls6x3xCXjuS+yJmWn
	3nvMFVVFDzkygOP/jDm2UV10PVJ3RQ4ZM1nb7D/OdUk2Op0+Ds+4Yte3qy342w==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4StbKx1fs2ztJc;
	Sun, 17 Dec 2023 21:13:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BHLDvaf077352;
	Sun, 17 Dec 2023 21:13:57 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BHLDvUV077349;
	Sun, 17 Dec 2023 21:13:57 GMT
	(envelope-from git)
Date: Sun, 17 Dec 2023 21:13:57 GMT
Message-Id: <202312172113.3BHLDvUV077349@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Rick Macklem <rmacklem@FreeBSD.org>
Subject: git: dd6bdfcd073e - stable/12 - nfscl: Fix processing of
  a rare Rename reply case
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: rmacklem
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: dd6bdfcd073ee8461c7d5a7a8fe336831a57b685
Auto-Submitted: auto-generated

The branch stable/12 has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=dd6bdfcd073ee8461c7d5a7a8fe336831a57b685

commit dd6bdfcd073ee8461c7d5a7a8fe336831a57b685
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2023-12-03 23:31:01 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2023-12-17 21:13:01 +0000

    nfscl: Fix processing of a rare Rename reply case
    
    When delegations are enabled (they are not by default in
    the FreeBSD NFSv4 server), rename will check for and return
    delegations.  If the second of these DelegReturn operations
    were to fail (they rarely do), then the code would not retry
    the rename with returning delegations, as it is intended to do.
    
    The patch fixes the problem, since the DelegReturn reply status
    is the second iteration of the loop and not the first iteration.
    
    As noted, this bug would have rarely manifested a problem, since
    DelegReturn operations do not normally fail.
    
    (cherry picked from commit 6aded1e6b2e5549120031032e1c7f8b002882327)
---
 sys/fs/nfsclient/nfs_clrpcops.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/fs/nfsclient/nfs_clrpcops.c b/sys/fs/nfsclient/nfs_clrpcops.c
index 53e3ab9b03ea..0a9c54ce5e1e 100644
--- a/sys/fs/nfsclient/nfs_clrpcops.c
+++ b/sys/fs/nfsclient/nfs_clrpcops.c
@@ -2550,7 +2550,7 @@ tryagain:
 			    ND_NFSV4) {
 			    NFSM_DISSECT(tl, u_int32_t *, 2 * NFSX_UNSIGNED);
 			    if (*(tl + 1)) {
-				if (i == 0 && ret > 1) {
+				if (i == 1 && ret > 1) {
 				    /*
 				     * If the Delegreturn failed, try again
 				     * without it. The server will Recall, as

From nobody Sun Dec 17 21:15:18 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4StbMW4xvQz54GYq;
	Sun, 17 Dec 2023 21:15:19 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4StbMV6m4Sz4Vgw;
	Sun, 17 Dec 2023 21:15:18 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702847719;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=GO6XpaUMLtHjVBg3jDwOaYNDW5msthar5MrPXlgNpdQ=;
	b=AdzGVL0bgj7jJkMYq7ngzI/hK2oG/tm6jj6oBxlpNeVH4YwKu20MiZ6cTDi9Jf+vRT2KD/
	OaiuwAViUNjmnRH5P666Wg0to1tR2IbTHacyqhoqA8lzEFL10E1t6XkfK3TpJqeJkxAuXl
	OGNNdXLMu+KqPkp1bCWO7+CDPFCXM3/ptYr8X3L8s9YcxtZbKq1cvV3fsXgUt3xD/V1b/6
	i9nh/SDfc1F3RDH5Wxy+glncVmBcepHDB+8ABIrWAmQqpyrnPFtDFHuBNjQMVtaGsVU6VH
	vlFhvZmGFv3aeNk8hSRYfjb3j6rPwx2sWsevZVFDLFK1RNWVyGa54epwE1JGMA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702847719; a=rsa-sha256; cv=none;
	b=d1sj6Suf4rCv72egSqybKOY7WYMtKHXQWHRNM3b6xQ50k5VvwMCBi029FbjThHyKnTpRxQ
	M/jWFvb254o4psNeJDznzhP43K7sJuM1w4oraYJIvEG3t4bOhghlKuYpU4vsEXA84TxWki
	OugA1oZMRHGB4DOfqntJHJvSvXdA8jGkhNFlqF4zD+72YiFV0vVQIjnLLH9xTFgiVs3T/p
	d+Axom/fhgql2T/uHperCc0mwRZKnm8lMcG7POcsqWurMYFZWfDhcEV6uq24pjghtndnHw
	cIH4bhAEkfv0C8j1Zp0TPvME5kzaAGn8hJRXXHYXlS9VBouoHYD/eS4p9xLj+A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702847719;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=GO6XpaUMLtHjVBg3jDwOaYNDW5msthar5MrPXlgNpdQ=;
	b=m5BWk6+mYof2UP4IfqtPwhnKFdDviUtddTswnVgL0Q4XBsgvTOskzWohlDI81i8rB8+9Mf
	AoFAXVubAzzcPgcV649inS6+BuCdu+4NQvlsdhLMZW2MF55grO/uo93zYcBLfiBRhPcsFS
	/7mCVLJyWVvXxSKRCO++YECdrfDOQveQAaUiJoIXZbdkm0MqC4kZP0tPtDB0mhn/InooCj
	z1ET+ORanSDPjsUwZIVP9SDvmftJtL/71SuV3lyN5KBFoQhWf5Os5fC3CCo1dZWKAf225o
	BeLOEfEa/f1CdCsrUPIxA49WH2rfaC/YYPID9IDpT6mXNs2EW+dYHHGJT+IA8A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4StbMV5rSzztRk;
	Sun, 17 Dec 2023 21:15:18 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BHLFIfx077684;
	Sun, 17 Dec 2023 21:15:18 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BHLFIKg077681;
	Sun, 17 Dec 2023 21:15:18 GMT
	(envelope-from git)
Date: Sun, 17 Dec 2023 21:15:18 GMT
Message-Id: <202312172115.3BHLFIKg077681@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Rick Macklem <rmacklem@FreeBSD.org>
Subject: git: 08143226d007 - stable/12 - nfscl: Fix comment for
  commit 6aded1e6b2e5
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: rmacklem
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 08143226d007322fe8b463851df07a3e9d80282c
Auto-Submitted: auto-generated

The branch stable/12 has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=08143226d007322fe8b463851df07a3e9d80282c

commit 08143226d007322fe8b463851df07a3e9d80282c
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2023-12-04 00:12:14 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2023-12-17 21:14:30 +0000

    nfscl: Fix comment for commit 6aded1e6b2e5
    
    Commit 6aded1e6b2e5 fixed a rare case when handling an NFSv4
    Rename reply when delegations are in use.  This patch fixes the
    associated comment.
    
    (cherry picked from commit 0a958aa16fed1978879d64e3b225f1d232cc5a98)
---
 sys/fs/nfsclient/nfs_clrpcops.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/fs/nfsclient/nfs_clrpcops.c b/sys/fs/nfsclient/nfs_clrpcops.c
index 0a9c54ce5e1e..80cc2412afd7 100644
--- a/sys/fs/nfsclient/nfs_clrpcops.c
+++ b/sys/fs/nfsclient/nfs_clrpcops.c
@@ -2555,7 +2555,7 @@ tryagain:
 				     * If the Delegreturn failed, try again
 				     * without it. The server will Recall, as
 				     * required.
-				     * If ret > 1, the first iteration of this
+				     * If ret > 1, the second iteration of this
 				     * loop is the second DelegReturn result.
 				     */
 				    mbuf_freem(nd->nd_mrep);

From nobody Mon Dec 18 02:11:41 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4StjxT2ftGz54dWJ;
	Mon, 18 Dec 2023 02:11:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4StjxT234qz3Kdt;
	Mon, 18 Dec 2023 02:11:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702865501;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=TSgnXo+5tFLJ9Yq3Oo3elhbP+d0XMPdeqb0DWsObbSs=;
	b=mk2L8zmcrRbWvkuzR3YP3FXCNrgULlBFE9VJ3gh+/yBWQP9zhTywGVjlHX1xRGBNTYtkLg
	y4taOT7QZkyGp/IU8oZKT8LZJIFgH6UjPDNY9Co9EEZY1WlknnR2m+om1mamIBBEVBvvYX
	sDUof+TG2Y/OHaIIa4nYwHm/nzG/+agP8NUEFHO2gZhD1uL5vUroOjNEAP7ltTOCBZpsJf
	GWcVuQJTIaLWC1mSSxj+CX4eML/py364zbcqO8eygCiWE76rQwgTr+jOGPmodlfzDx2mHY
	yckFPMk1SnmR4vZVThlK7KHjq+iVveDEyREd2XKsqhJVsdnpDAr+7uDRJsUewA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702865501; a=rsa-sha256; cv=none;
	b=elJSsRKCJEdODwsKKe+Vc4Ns/G+fCUMHH4fudSAtEOeAdH7m6he18CQqB4JNUYQrLus1Ag
	9GCiyAtqKqgTZ6ypImd48RVrfr8nNyIfusNcujYXpzVX5pfEk6b29n7z7GroH4iishqqeN
	JZipUxwtMLUgzXCfqtQ+BoFOu8ZzZjfWGzewNFEXPtHFAAZ8Ljt4hVm8Jbx6oIWxRwpO27
	d8Rkxusz/EgTMMzz7AbHWZ2rh8PXqpRSjR1s3+LOEzjxnKQvrMq9wEgxqlq5tIGDe/uRYL
	QFGzGpPy//lxGuy6jqWag8uA8I3KYLKAvrpQc9d88ofzKSQDaT+F30NTuTna+Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702865501;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=TSgnXo+5tFLJ9Yq3Oo3elhbP+d0XMPdeqb0DWsObbSs=;
	b=gbAqvIrNUtfUaOxF3YurO5GLRLYDzXPuvdrhoMq6neUTIpXz8eM6Sc7KyEw3Cm/bPd42uh
	FtbVAfvRm7lW6gPPNbsuEGzkbiJDvqrHQj9h+kly6E8LV9bn24Hozqe3quLXhmKPPp0rlv
	kUMLMaA4xS0sbe47DVIywvyXBu5qxgte+3POZpvHvEA4qAXVdbvgZE/bpUj43n+W+g2FOo
	8B0admRIg7erG9CiJ/YytIKEJ8CNIdSakng5d+01cOVAdFFsT9jcFxrwYeQgaLruiWxJZn
	Yn5EjhReH+2CYzJmWCJsUa0wSgL5zphss9xhJD2KZyRGbQqYTb1+cJjLod1FJA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4StjxT13Vwz12q2;
	Mon, 18 Dec 2023 02:11:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BI2Bf32074540;
	Mon, 18 Dec 2023 02:11:41 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BI2BfUk074537;
	Mon, 18 Dec 2023 02:11:41 GMT
	(envelope-from git)
Date: Mon, 18 Dec 2023 02:11:41 GMT
Message-Id: <202312180211.3BI2BfUk074537@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: c976896db7a1 - stable/14 - arm: Compile vfp.c
  conditionally rather than using an ifdef
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: c976896db7a11cd6c6682a8e5613979a717f8487
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=c976896db7a11cd6c6682a8e5613979a717f8487

commit c976896db7a11cd6c6682a8e5613979a717f8487
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2023-12-11 14:07:40 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2023-12-18 02:07:45 +0000

    arm: Compile vfp.c conditionally rather than using an ifdef
    
    No functional change intended.
    
    MFC after:      1 week
    
    (cherry picked from commit 96465c789a5ff2619c5d49305517b35db9754ffb)
---
 sys/arm/arm/vfp.c  | 4 ----
 sys/conf/files.arm | 2 +-
 2 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/sys/arm/arm/vfp.c b/sys/arm/arm/vfp.c
index 40a3491c1cf9..a4be235e1e01 100644
--- a/sys/arm/arm/vfp.c
+++ b/sys/arm/arm/vfp.c
@@ -28,8 +28,6 @@
  * SUCH DAMAGE.
  */
 
-#include <sys/cdefs.h>
-#ifdef VFP
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/limits.h>
@@ -524,5 +522,3 @@ is_fpu_kern_thread(u_int flags __unused)
 	curpcb = curthread->td_pcb;
 	return ((curpcb->pcb_fpflags & PCB_FP_KERN) != 0);
 }
-
-#endif
diff --git a/sys/conf/files.arm b/sys/conf/files.arm
index 344dada420c9..94a8755fd315 100644
--- a/sys/conf/files.arm
+++ b/sys/conf/files.arm
@@ -75,7 +75,7 @@ arm/arm/uio_machdep.c		standard
 arm/arm/undefined.c		standard
 arm/arm/unwind.c		optional	ddb | kdtrace_hooks | stack
 arm/arm/vm_machdep.c		standard
-arm/arm/vfp.c			standard
+arm/arm/vfp.c			optional	vfp
 cddl/dev/dtrace/arm/dtrace_asm.S			optional dtrace compile-with "${DTRACE_S}"
 cddl/dev/dtrace/arm/dtrace_subr.c			optional dtrace compile-with "${DTRACE_C}"
 cddl/dev/fbt/arm/fbt_isa.c				optional dtrace_fbt | dtraceall compile-with "${FBT_C}"

From nobody Mon Dec 18 02:11:42 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4StjxV4vXVz54dZR;
	Mon, 18 Dec 2023 02:11:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4StjxV2tr0z3Krm;
	Mon, 18 Dec 2023 02:11:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702865502;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=AtR2su/R3xyoBLGP8o0vTPKWB2OJAp1GJw820v/sl8w=;
	b=CiHdnUDO1XO4Tsjpd9y4EVZgswpU9b2dtCfW1JZQSdqx+llbkB7cn4VNazeC6IGmyuinT+
	soU0dxg6GTrw8r+8J6EOmiZs+Sed93ScbmOQCjM7wWmI5yK+CEMCJMdM6NwR/hvNXZEQAc
	+g0PR4LmfSddnpUfdUQYKTFrhITlNY7oORqiJ4DDrkkv98Xm9/kSHjUCqQnW3Hn4ELPkT0
	+YnpOxHeQg6kU4/tbLiWuBqVmsli57zvrTGMtPyOoNcx8ThnTFus0d91RF5Y0x1O34uyb0
	Qd748yO3/ic5uBFTuZCTG75M/LO8KQEDzFA8nYi8B46dy/6XxVHmRMKXUY3+eQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702865502; a=rsa-sha256; cv=none;
	b=vsQoILQ02v6yfbEYYXjOpQnjBeSgLRSR9gsXP7rMlT9O9ShS/ex8CMWJCsagM3cYo0KBJl
	HMIC1BDrmNVzSEkQ2Z1X9FyidOHOMi8q1VRlJrHZgei8gDSBSK7BnC/EUnFlAD9amiGREw
	99532fcONnkQaOTCl2kZgd/7gKCnssvVWdW4Jav6z8F4OdrLtaRF+Etr5bzP7hBhFXoalN
	D5aZUH39qi7E6Pv+SCsuiaYB3CF1Aeka7qNMNicL6xkWUU7EC14kPQtkKLY36/CgY5ngui
	sVTxxL7cza9qAEXDUaJ1YOfkYSH1+RUtHY9mwn62J3diNnGwTrbmEwKUAWpAWg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702865502;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=AtR2su/R3xyoBLGP8o0vTPKWB2OJAp1GJw820v/sl8w=;
	b=T8bNw3MCvgADRyLDONuwBMrfBXuEv8rXHpvOmaVZULslC/pALz2PJCnDiGtR20qcCpHOR7
	Zfv8M16VNgbqVriVLPC2G2C3/ENLpjGBvBMyZ3RX3LHOBNZ7D67dPc5dAIvgIaJlMUAV86
	WzYP4O+iSzXkNt4cl3G3yACzn6kY9IYyVrJ+xi+wlTUyOWisV0/TGrsLKhu8l5xopHIx1a
	PW/3eoETQh0PLe+lcDfe2gEXpOHrFvahr8Z2wrKhDfrHG/R9ylfeZpyODSjChK8YmapVhr
	U7kXq52KH5q+uxdC7wLca7qo8mmhk6zSIVQ9cAh3Jf4wQeqFGb6UcHPdD4YBIQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4StjxV1hXlz11wC;
	Mon, 18 Dec 2023 02:11:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BI2BgAs074576;
	Mon, 18 Dec 2023 02:11:42 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BI2Bgi3074573;
	Mon, 18 Dec 2023 02:11:42 GMT
	(envelope-from git)
Date: Mon, 18 Dec 2023 02:11:42 GMT
Message-Id: <202312180211.3BI2Bgi3074573@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 1126dcdf4055 - stable/14 - arm: Add fpu_kern_alloc_ctx()
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 1126dcdf40555464faddddd67e827637c21bac89
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=1126dcdf40555464faddddd67e827637c21bac89

commit 1126dcdf40555464faddddd67e827637c21bac89
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2023-12-11 14:07:55 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2023-12-18 02:07:47 +0000

    arm: Add fpu_kern_alloc_ctx()
    
    This enables the use of some out-of-tree crypto libraries on arm.
    No functional change intended, there are no callers of this function in
    the tree currently.
    
    Reviewed by:    andrew
    MFC after:      1 week
    Sponsored by:   Klara, Inc.
    Sponsored by:   Stormshield
    Differential Revision:  https://reviews.freebsd.org/D42969
    
    (cherry picked from commit a6a481eaa2e0f02e24b874f1a08bb494a68972c0)
---
 sys/arm/arm/vfp.c | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/sys/arm/arm/vfp.c b/sys/arm/arm/vfp.c
index a4be235e1e01..f2979d4a2b27 100644
--- a/sys/arm/arm/vfp.c
+++ b/sys/arm/arm/vfp.c
@@ -30,10 +30,10 @@
 
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/kernel.h>
 #include <sys/limits.h>
+#include <sys/malloc.h>
 #include <sys/proc.h>
-#include <sys/imgact_elf.h>
-#include <sys/kernel.h>
 
 #include <machine/armreg.h>
 #include <machine/elf.h>
@@ -52,6 +52,9 @@ static struct undefined_handler vfp10_uh, vfp11_uh;
 /* If true the VFP unit has 32 double registers, otherwise it has 16 */
 static int is_d32;
 
+static MALLOC_DEFINE(M_FPUKERN_CTX, "fpukern_ctx",
+    "Kernel contexts for VFP state");
+
 struct fpu_kern_ctx {
 	struct vfp_state	*prev;
 #define	FPU_KERN_CTX_DUMMY	0x01	/* avoided save for the kern thread */
@@ -407,6 +410,21 @@ vfp_save_state(struct thread *td, struct pcb *pcb)
 	critical_exit();
 }
 
+struct fpu_kern_ctx *
+fpu_kern_alloc_ctx(u_int flags)
+{
+	return (malloc(sizeof(struct fpu_kern_ctx), M_FPUKERN_CTX,
+	    ((flags & FPU_KERN_NOWAIT) ? M_NOWAIT : M_WAITOK) | M_ZERO));
+}
+
+void
+fpu_kern_free_ctx(struct fpu_kern_ctx *ctx)
+{
+	KASSERT((ctx->flags & FPU_KERN_CTX_INUSE) == 0, ("freeing in-use ctx"));
+
+	free(ctx, M_FPUKERN_CTX);
+}
+
 void
 fpu_kern_enter(struct thread *td, struct fpu_kern_ctx *ctx, u_int flags)
 {

From nobody Mon Dec 18 02:11:43 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4StjxX1qtQz54djm;
	Mon, 18 Dec 2023 02:11:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4StjxW4dk7z3Kvq;
	Mon, 18 Dec 2023 02:11:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702865503;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=8oLQgYdZ9i2k8aU6slQjzN4TGnxIv/BC214aQwb/pQM=;
	b=TynpmDZKTLWHEb0j0kHnN8hS5YZw15nGLPQ5cQ89mVb/m+9eryEISumDSMqgBNMwaB5g72
	GfCDtqzZKTkfoliockPyE2KEmdT+hIrmCqxxCy86DSyNNV+9W0XmwrpXfuSFV+VRIW0bYZ
	+iPIgy6lAH4DI26DDQB0hrCLJoOTlb6afn8DU5YJV/Q+D29U1im+Ld1fgjYr1VeIceEWyk
	QR83xk7GoHOjfgcBG65EhTzcci14gQsOQYtSSMdMJDbwE7fAipkU+nRQL6F4idVJCm0kQ1
	4S+R20/pW5tt2h4pEg8+ervfeIoxsFt/69zmxQQ1Q8D6dIu/4H59HpDSYvZrOg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702865503; a=rsa-sha256; cv=none;
	b=u/JIFOp8nf3tIyNGDLPUVNW551gni6nsMJMK1ts6DhNgaGdIELtYXgqT5bGIGyG+boMjEa
	emGA7UQS4lY2jPsixl+nTLTbFGqN6nmd61qb/+bbZx4Yt+RnLVUmhFdc5OxoA+qahKPXmY
	0rwAqvgcU2wkkw1MlBwWoiGM2i5lTkHw+dG916qCR4TfSyUl4o2hBeSWSwbGVMZgrDSVRY
	kkQFwgy26JLyFLEXQfbQOUZZst1PhyTFlSYHX/5DGbwbTyieM0jIXxnQaCknG9JTFkCBBy
	BJpfLsHaZ9L5VJ0Vqwb2TRz482AJ9wE9W7ZE/mmTgxrywfT6JjQh4ShybW4xuQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702865503;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=8oLQgYdZ9i2k8aU6slQjzN4TGnxIv/BC214aQwb/pQM=;
	b=r6rKTXItMvXrkK49wwblgKvMcWYXso/PcQraFChSrbR/N2kT0FLukXWeqhLecmXJcZwU+i
	NNDeMnN0L1EQlMgXdk2HRDh/z248NL1crtkYOWuODGHhDoVks5XIzZcTtln33Lg0fklxyT
	LSHqngndgppWvLsiVUoLwXAZkdNKCKmgIDp70oH0i+lnD9YnT2WdpO9eQIuvokLvh6R+lh
	LTNRA1pJVueBBS+b6xgcvpH4Um71+OEDypJJzfhmpXd4/6cjNMMwmb2T3kSd27/y2YRltn
	PkgM1anO5bXSpbVHtLnY1vp8YBjUXbG2NJxoSJkP3ZJE6I7/45cyez0dVlQkKA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4StjxW2nG4z12PD;
	Mon, 18 Dec 2023 02:11:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BI2Bh64074637;
	Mon, 18 Dec 2023 02:11:43 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BI2BhOX074634;
	Mon, 18 Dec 2023 02:11:43 GMT
	(envelope-from git)
Date: Mon, 18 Dec 2023 02:11:43 GMT
Message-Id: <202312180211.3BI2BhOX074634@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: bc394ad824f5 - stable/14 - arm: Fix handling of
  undefined instructions in kernel mode
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: bc394ad824f5f09b9ab659c445ed83ef36e7c313
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=bc394ad824f5f09b9ab659c445ed83ef36e7c313

commit bc394ad824f5f09b9ab659c445ed83ef36e7c313
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2023-12-11 14:08:08 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2023-12-18 02:07:47 +0000

    arm: Fix handling of undefined instructions in kernel mode
    
    Only panic if no undefined instruction handler matched the exception.
    This can arise in practice if the VFP is enabled lazily.
    
    While here, fix the panic string to not include a newline.
    
    Reviewed by:    andrew
    Obtained from:  Stormshield
    Sponsored by:   Klara, Inc.
    Sponsored by:   Stormshield
    Differential Revision:  https://reviews.freebsd.org/D42970
    
    (cherry picked from commit ecc2e6deae71b69a30bf3b7e3354aba002a37d69)
---
 sys/arm/arm/undefined.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/sys/arm/arm/undefined.c b/sys/arm/arm/undefined.c
index 2ebe8797c503..7f93cc231fe7 100644
--- a/sys/arm/arm/undefined.c
+++ b/sys/arm/arm/undefined.c
@@ -343,11 +343,11 @@ undefinedinstruction(struct trapframe *frame)
 #else
 			printf("No debugger in kernel.\n");
 #endif
-			return;
-		}
-		else
-			panic("Undefined instruction in kernel (0x%08x).\n",
+		} else if (uh == NULL) {
+			panic("Undefined instruction in kernel (0x%08x)",
 			    fault_instruction);
+		}
+		return;
 	}
 
 	userret(td, frame);

From nobody Mon Dec 18 02:11:44 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4StjxY29DYz54djn;
	Mon, 18 Dec 2023 02:11:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4StjxX5M71z3L1Q;
	Mon, 18 Dec 2023 02:11:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702865504;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=6Vnn6S/uxA0usKMjebYAfenc/qLYz4WMP2N5IjNGY0o=;
	b=lPozLB8q4qx+RxYqgQs4zPB5V/rdrA8c1mXbZHrYSmENZOHNlJmTzChNOt6rWmVF68MV46
	lXaxqb/uvXE+rOpgJKnfdQW2NIv9o4iDWE5eVsGkf6LcoicVg1pjaUr+HytfZnsd3Xyibu
	yrEfTsJ/7T8WHd1H6zu1I7fUZS9oHJAysZJFrcFJZpHQssXgRMK6MQ+pdKIiDSazDGgmqJ
	zsxBmhkhjmbzQ1189lC84+EqkmgRP77v395F6GZsyFOsxbzK3ZtY20EMN12P2ub+IZXAUx
	/zSYypqXXf2jSA471qovbc6lfjuquXlM4XU6LhnLWyOeo6Jao/QnzjKdKmSRcA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702865504; a=rsa-sha256; cv=none;
	b=ogU/z9yxP/FUEqm6ZVZH88RmSSDvxkL8MrmQ9YhERzhD3rtkxY2io0f94FGIdSigWnK906
	GuC98U+rAs/LmKOKAuwliifdDhgB2tIkwoEvxOanXnZ/7B8EId5o4LIxnni+NXpR1XOYGT
	JcBKzECtQvd9LPiyjsKvSjgv9T2B1p5fWTD9kne8IrEu+jj4uGLE38DBFibhd2mQ8wmU7L
	3AuX+dlhsGh5Guovm2IjXP9QYTY2onsPuQAv5adG41vONvpica3YLt2HvZ/U+30XnMiRo9
	jCnqjLs8jy22bn4XYhwYgogAGPEFbu4flhatJPmkauISJqUux58idGWRcHeDPw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702865504;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=6Vnn6S/uxA0usKMjebYAfenc/qLYz4WMP2N5IjNGY0o=;
	b=mDz7JZjRj3EP+WCrNK0MVq7a8FMfI4g13HLcJwXhkm6P9SX8S4zKH0S4bWOW2lsGUF5Vil
	D7sQOWFhXlhhbZXesA5i5AkPDJ/QOSTPD+iFVmu3f2lhQl5DmD0WBxKo4LWAqPT5XLw8J+
	H39KZUvF3mnuwsm0Tn0OKnvGg2ulsZi+8hNcwl9q6Bfaap7kjLrBCeRKHy7gLDgolANC/p
	7ybtPkqw9470K/+GXEOkeg4WWOp0sqtZOhRJlzfMnlLlVomPiIGpr0ZzaRGdmtKe1ET8Hw
	G/wI50xQuYfsuRmuM4IG+bl38c7wPijM7YiFUWqeDDK64kfKM8S1UsqPzugD0w==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4StjxX43LVz12q3;
	Mon, 18 Dec 2023 02:11:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BI2BiBT074687;
	Mon, 18 Dec 2023 02:11:44 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BI2BigI074684;
	Mon, 18 Dec 2023 02:11:44 GMT
	(envelope-from git)
Date: Mon, 18 Dec 2023 02:11:44 GMT
Message-Id: <202312180211.3BI2BigI074684@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: 42d1aa88628e - stable/14 - arm: Handle VFP exceptions
  from the kernel
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 42d1aa88628eb1652da648ef6b274155424541ec
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=42d1aa88628eb1652da648ef6b274155424541ec

commit 42d1aa88628eb1652da648ef6b274155424541ec
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2023-12-11 14:08:34 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2023-12-18 02:07:48 +0000

    arm: Handle VFP exceptions from the kernel
    
    vfp_bounce() is called when handling an undefined instruction exception,
    to see if we need to enable the VFP.  Previously it would
    unconditionally panic if the exception came from the kernel, which was
    simply wrong, and it did not permit lazy initialization of VFP state in
    the kernel.  However, this functionality can be useful and is supported
    by arm's fpu_kern_enter() implementation.  Thus, relax assertions and
    consume the exception if the thread was in an FPU section.
    
    Based on a patch from Stormshield.
    
    Reviewed by:    andrew
    MFC after:      2 weeks
    Sponsored by:   Klara, Inc.
    Sponsored by:   Stormshield
    Differential Revision:  https://reviews.freebsd.org/D42971
    
    (cherry picked from commit 03a07de0d5ee7d58069152070c42d55f7ec32b7c)
---
 sys/arm/arm/vfp.c | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/sys/arm/arm/vfp.c b/sys/arm/arm/vfp.c
index f2979d4a2b27..bbcb468391b6 100644
--- a/sys/arm/arm/vfp.c
+++ b/sys/arm/arm/vfp.c
@@ -196,8 +196,9 @@ vfp_init(void)
 
 SYSINIT(vfp, SI_SUB_CPU, SI_ORDER_ANY, vfp_init, NULL);
 
-/* start VFP unit, restore the vfp registers from the PCB  and retry
- * the instruction
+/*
+ * Start the VFP unit, restore the VFP registers from the PCB and retry
+ * the instruction.
  */
 static int
 vfp_bounce(u_int addr, u_int insn, struct trapframe *frame, int code)
@@ -206,9 +207,6 @@ vfp_bounce(u_int addr, u_int insn, struct trapframe *frame, int code)
 	struct pcb *curpcb;
 	ksiginfo_t ksi;
 
-	if ((code & FAULT_USER) == 0)
-		panic("undefined floating point instruction in supervisor mode");
-
 	critical_enter();
 
 	/*
@@ -242,13 +240,19 @@ vfp_bounce(u_int addr, u_int insn, struct trapframe *frame, int code)
 		return 1;
 	}
 
+	curpcb = curthread->td_pcb;
+	if ((code & FAULT_USER) == 0 &&
+	    (curpcb->pcb_fpflags & PCB_FP_KERN) == 0) {
+		critical_exit();
+		return (1);
+	}
+
 	/*
 	 * If the last time this thread used the VFP it was on this core, and
 	 * the last thread to use the VFP on this core was this thread, then the
 	 * VFP state is valid, otherwise restore this thread's state to the VFP.
 	 */
 	fmxr(fpexc, fpexc | VFPEXC_EN);
-	curpcb = curthread->td_pcb;
 	cpu = PCPU_GET(cpuid);
 	if (curpcb->pcb_vfpcpu != cpu || curthread != PCPU_GET(fpcurthread)) {
 		vfp_restore(curpcb->pcb_vfpsaved);
@@ -258,7 +262,8 @@ vfp_bounce(u_int addr, u_int insn, struct trapframe *frame, int code)
 
 	critical_exit();
 
-	KASSERT(curpcb->pcb_vfpsaved == &curpcb->pcb_vfpstate,
+	KASSERT((code & FAULT_USER) == 0 ||
+	    curpcb->pcb_vfpsaved == &curpcb->pcb_vfpstate,
 	    ("Kernel VFP state in use when entering userspace"));
 
 	return (0);

From nobody Mon Dec 18 02:11:45 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4StjxZ2cXrz54dSm;
	Mon, 18 Dec 2023 02:11:46 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4StjxY6BKcz3L3K;
	Mon, 18 Dec 2023 02:11:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702865505;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=xnPeFzOdoO+uBbVWSA00J1f5LTi4RNnqlyif+I2wPUM=;
	b=ImgR5xvSDkG4K/xQufq1ivWAmUetU73oiwMucfwlmSfoDgwIXxYPjKlcirsPvxELDOG3ux
	AES4Jw0/7yXnG5sUA46kvfhycA1p0Z9guQK9QZ8GBfhSoy7r8SFLKnxHAinMI81EvO7/bO
	tAT3+97SlGDTDogWnRayzPdvHpfF90kwi/uwfcGQRtDfVnzi+oexf166uHPwf6DN8jvegn
	UUznTG5UCb09+Dm9WQFMUkxztJa/l8u8f7FC7R/kJvYemaDGW/4ObG39oj2gDjqutoIo5E
	hp1shI1VWgPmU2D8FmWMdW2uA9Ic+dxhqLUOI4jEuAG76g1p+4lWjbAd+sLe/g==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702865506; a=rsa-sha256; cv=none;
	b=xhfaddVnMljqqWSi9AJUq9/Omi3sX41SzjOZIHrZ493hCQHjM0rP7xWRsCMBe9AiC7uI7G
	AevP0+Ccb9ETMvjoNqn9I+j6p94MMZK4EZP4zyux+r7VD9r/bAo6KXlhz6UxqJrusaJkZd
	bqo23RcOQWfEsKi7e+QecpD4Ptu9Py5RxS1I6pdElYdDrCfW6IOiO7UylUdsiSEOzt5rqB
	zErWAPA/6D0gUrLId+q3v/4Vgq3VAUfS6N8HquvEDifTJ6kGg8BD6TpUDRrTJWanfMLNm3
	Ad6vGGu6e4YFY9iyZl9XK3PDGWu3HLQh06i16IFxUQzV7lxBxFDpEMlxnxzd3g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702865506;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=xnPeFzOdoO+uBbVWSA00J1f5LTi4RNnqlyif+I2wPUM=;
	b=m+7RXWe30Y+2KDTaVqHKDPWrorm/87gKbZXNrqUU3uPKLaNUer+ksOy/5XrTwFq1AkSRgS
	AcdbFpFB4v3kRaRP79ahkqDImNJTP8khw2jt2j5g+J+V/M1JUXWm70SxO5zbTjWtLqrArm
	+Y4AHfzyJe57SVOUB3sab7Z94KirD8hBXOp6/TfbIbXJUc55qy6DhSJRbdeW52PKzkXBZU
	rV7+57iI0E12a25DHQriAejb2u5GECCr6NFTfAvnM5Z0wV8BBydPxTXeKuJPC4sid0qz9K
	I6sUZb3qSWQCNfSIeNKoGZzeHDzQRmKQlHUO2gAuLKvjFDWyc2MaqGgWDAXLlA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4StjxY4YSwz12vq;
	Mon, 18 Dec 2023 02:11:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BI2Bj0r074732;
	Mon, 18 Dec 2023 02:11:45 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BI2BjLo074730;
	Mon, 18 Dec 2023 02:11:45 GMT
	(envelope-from git)
Date: Mon, 18 Dec 2023 02:11:45 GMT
Message-Id: <202312180211.3BI2BjLo074730@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: f5ae760cfe26 - stable/14 - arm: Disable the VFP during
  boot
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: f5ae760cfe2658d79f12c1b7ac9dc577379e5d1c
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=f5ae760cfe2658d79f12c1b7ac9dc577379e5d1c

commit f5ae760cfe2658d79f12c1b7ac9dc577379e5d1c
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2023-12-11 14:08:49 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2023-12-18 02:07:49 +0000

    arm: Disable the VFP during boot
    
    The VFP code expects the kernel to boot with VFP disabled, but some
    boards will boot with it enabled.  Make sure that vfp_init() disables
    the VFP on each CPU during boot.
    
    PR:             273752
    Reviewed by:    andrew
    Diagnosed by:   Thomas Skibo <thomas-bsd@skibo.net>
    MFC after:      1 week
    
    (cherry picked from commit ce2f34ade8b787b068085fa8a8ddd295b06c2737)
---
 sys/arm/arm/vfp.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sys/arm/arm/vfp.c b/sys/arm/arm/vfp.c
index bbcb468391b6..6c398a7a3eaa 100644
--- a/sys/arm/arm/vfp.c
+++ b/sys/arm/arm/vfp.c
@@ -181,6 +181,8 @@ vfp_init(void)
 				elf_hwcap |= HWCAP_VFPv4;
 		}
 
+		vfp_disable();
+
 		/* initialize the coprocess 10 and 11 calls
 		 * These are called to restore the registers and enable
 		 * the VFP hardware.

From nobody Mon Dec 18 02:20:21 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Stk7T4SDDz54f0x;
	Mon, 18 Dec 2023 02:20:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Stk7T41kRz3Y4v;
	Mon, 18 Dec 2023 02:20:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702866021;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=XqFQMsczplXI+UJaets/dXcwN5rfBNW6Coh/wNUUYAQ=;
	b=YvnooAVNxVvS0qI74zPEc1LyXTvcmkHkwPN1Tpz5Ah3FBf0ivhw5tER6xozCia+X1MrIFr
	5qzMBCYE4BQeXJjiP6LJ5ypdf/slD/zND2AzcK5Lic4pwdSbTD/zWjv1fbboXu13zI81tG
	HdCefB4/NrUKnAUp2/yrZnw2JyehCMR9Ph9yKejSi7fQOEpjCkPRnTARMUOxHp9esyNKmF
	F1SSok7dYRTgOZHQ8V3D5CZUkBbWpxNKOUvILeTU9t7aFZK0TqFcas42xdfU/xUpwcUm0e
	yjI1We7ms63otB61F5GCSqMhd52Zf2aO4C2JfVkdytDgtJPz7mkg+CaGknUrbw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702866021; a=rsa-sha256; cv=none;
	b=lomD0ZlUq6tGIp7spZ53bjZPVcDjWQ+1mFg6Pi0NMh+Q5Rh0W4JTdSFSWIyJdhVVcJMweB
	Zx4MwmSSBEt8llqtiBV3gQVJadss9dcaN4TAmzlm2YB7/t5UYGo4BfBRpaaYo8EjgW2c8G
	GjVeO3UzNkXQQ+fEox+VzPwj26qr6SgyuBfPKvyvIUmYx0oDmqSoCMpYKKWbNQIihRobP8
	fSEL1AOq98MUQMvRlujLgw3K18z58Choiptby0BDn/26kwrW/9cg3TViC2szro0V/iEmxx
	aQ/SKl9z6z2ceT6uM+CWv7FZfJABUkhHU5BqGUCGY69RVZ4zcE2I0JGWnnznyA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702866021;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=XqFQMsczplXI+UJaets/dXcwN5rfBNW6Coh/wNUUYAQ=;
	b=c9ugLii2vgjEGfpy5fWoUJOPY56HyIPsuXj/0lkul5lelHXLq6IQRAJvYvjrDN/0KEK8Sa
	mCQkFWLjGP6lZwON1phkyNQaiTvJBRJrJZwz7tOURUBXwFhN+NfB8+yJ4oqf7v6+ehgHZ7
	fGK9VygG9sK3erGy/lmaB0EA/xZdBSKYAi+FoHSlzfLZ15Vz7Zhcg4iRiM6mibCSGszJy1
	OnNH+fnwo/rr3ovglzTkWHOmffdFHwZh43VuFdgjYG4eafB5J8i7U/ymdw9m8ldGHD6eIA
	jRTVHUnTRJjE4c0Hn0R0spNtrQl3ZkZKNRRdmX2BMDm9wyLHIyGk72AO4k0Qog==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Stk7T346Gz12w4;
	Mon, 18 Dec 2023 02:20:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BI2KLRH089325;
	Mon, 18 Dec 2023 02:20:21 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BI2KLAh089322;
	Mon, 18 Dec 2023 02:20:21 GMT
	(envelope-from git)
Date: Mon, 18 Dec 2023 02:20:21 GMT
Message-Id: <202312180220.3BI2KLAh089322@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mark Johnston <markj@FreeBSD.org>
Subject: git: a9184e99afe8 - stable/14 - kthread: Set *newtdp earlier
  in kthread_add1()
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: markj
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: a9184e99afe8e8ca7945fc1618d9b0c65bbdc6de
Auto-Submitted: auto-generated

The branch stable/14 has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=a9184e99afe8e8ca7945fc1618d9b0c65bbdc6de

commit a9184e99afe8e8ca7945fc1618d9b0c65bbdc6de
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2023-12-09 15:22:06 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2023-12-18 02:20:13 +0000

    kthread: Set *newtdp earlier in kthread_add1()
    
    syzbot reported a single boot-time crash in g_event_procbody(), a page
    fault when dereferencing g_event_td.  g_event_td is initialized by the
    kproc_kthread_add() call which creates the GEOM event thread:
    
      kproc_kthread_add(g_event_procbody, NULL, &g_proc, &g_event_td,
          RFHIGHPID, 0, "geom", "g_event");
    
    I believe that the caller of kproc_kthread_add() was preempted after
    adding the new thread to the scheduler, and before setting *newtdp,
    which is equal to g_event_td.  Thus, since the first action of the GEOM
    event thread is to lock itself, it ended up dereferencing a NULL
    pointer.
    
    Fix the problem simply by initializing *newtdp earlier.  I see no harm
    in that, and it matches kproc_create1().  The scheduler provides
    sufficient synchronization to ensure that the store is visible to the
    new thread, wherever it happens to run.
    
    Reported by:    syzbot+5397f4d39219b85a9409@syzkaller.appspotmail.com
    Reviewed by:    kib
    MFC after:      1 week
    Differential Revision:  https://reviews.freebsd.org/D42986
    
    (cherry picked from commit ae77041e0714627f9ec8045ca9ee2b6ea563138e)
---
 sys/kern/kern_kthread.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/sys/kern/kern_kthread.c b/sys/kern/kern_kthread.c
index 6f7fd8b3d555..9cbc74658432 100644
--- a/sys/kern/kern_kthread.c
+++ b/sys/kern/kern_kthread.c
@@ -287,6 +287,13 @@ kthread_add1(void (*func)(void *), void *arg, struct proc *p,
 	}
 	oldtd = FIRST_THREAD_IN_PROC(p);
 
+	/*
+	 * Set the new thread pointer before the thread starts running: *newtdp
+	 * could be a pointer that is referenced by "func".
+	 */
+	if (newtdp != NULL)
+		*newtdp = newtd;
+
 	bzero(&newtd->td_startzero,
 	    __rangeof(struct thread, td_startzero, td_endzero));
 	bcopy(&oldtd->td_startcopy, &newtd->td_startcopy,
@@ -331,8 +338,6 @@ kthread_add1(void (*func)(void *), void *arg, struct proc *p,
 		thread_lock(newtd);
 		sched_add(newtd, SRQ_BORING); 
 	}
-	if (newtdp)
-		*newtdp = newtd;
 	return (0);
 }
 

From nobody Mon Dec 18 16:54:31 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sv5X80F34z54klV;
	Mon, 18 Dec 2023 16:54:32 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sv5X76rzWz4RbV;
	Mon, 18 Dec 2023 16:54:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702918471;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=OQkxiRLcCrEuhhpOsgBo4nloQ7vccJavFkzo3byCHpk=;
	b=hbSSfUx8lsVBoXVOHEEBRTyBK26nlwxJS7/WbtXKa+Muxn8MEzxoAWi49KgkRgIn12kON3
	pLm5mcm2Q6D3IsvhTknP7F+Jttmv0XuT4AkxC5JePRtnHWe5jXfURCkLlhLW2+J0iej32p
	h1QWaXbdegj/knAdmSW3DqeazbyQS+0T/m24B+HdellDxqcgg453tftJ9+tNIGrRW9Fuhy
	6WxgQRP9v6tchlHbfzH54jsHHJt4MfY23AwGJ0+MApMPoPfJg1jGDWIOiHO3lXTSDDwqhk
	KiUIVov3mpNIJkRqqLXyRTwq6yQxTyJOkgtc5cWvKY4UVEs6qEzcyM5knBeQjw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702918471; a=rsa-sha256; cv=none;
	b=sRD3xAKPRTa9f8nbHjwd3DhV7aaTQafMEKXl0702nxN7RMevGIT+iccfIXbFCjm1vIXCVD
	l2LnbSzk60IQjQZxLA+uAB2SF9VKU4k/axS59kPWp5ujuU/skHf37EaC3o8FgPO1d6PNFc
	Gy4odA9XoXCOSjT+8I9hsPvG6o0h4HYbU6zzESuav3q+Zsj9pvcQEYYBi/RsPSSsX/GdlX
	u5Vb9YzwVDKAYZGm2ekWEip96r9UNoMfaIcpKjF23jx78cWADdmnXK0uJ88BaU8UICyk27
	lI5w39qDXCqDGrbS1QwS//kP5Bma2KCUL7PEN4EN8dvmV5r3jq0pk4WeW6/9aQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702918471;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=OQkxiRLcCrEuhhpOsgBo4nloQ7vccJavFkzo3byCHpk=;
	b=JFApZ+Cf66SaVztIeqG/GilEMhTFnWvkuxpcD1baEGiaMBxo2qzMLha3sEyRCUnIGsUiur
	oaHkBMNqvwmSH8DruLncwBPwmyWIlJkHHGFK5N+iMtUlI2kZExHohB9FJyhSg8xNeNGYxR
	84xL2LgDNXKR6JmF2zFrH7pZ1sOapxSBgFJfsUMuv4mBje6w9FE7t3ltc90yMC79oc1J2Z
	UmPXipn1MXwWMjiiSCZQkYD+4l4X9/h8JlC4MfMw6iuWAxgrMXo8/lVyANRX1rmWSOrpn0
	6bqxUBQ1aNYOg1CJBqTCaaZLiDPMkKVgzMMz8H82X9HgvnaFxUuFVUW5RSDItQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sv5X75rTFzTq6;
	Mon, 18 Dec 2023 16:54:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BIGsVGZ054063;
	Mon, 18 Dec 2023 16:54:31 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BIGsV5w054060;
	Mon, 18 Dec 2023 16:54:31 GMT
	(envelope-from git)
Date: Mon, 18 Dec 2023 16:54:31 GMT
Message-Id: <202312181654.3BIGsV5w054060@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Gordon Tetlow <gordon@FreeBSD.org>
Subject: git: 673d1ead65c9 - stable/14 - Implement "strict key
  exchange" in ssh and sshd.
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gordon
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 673d1ead65c912ee3b52e507421d499b8104a810
Auto-Submitted: auto-generated

The branch stable/14 has been updated by gordon:

URL: https://cgit.FreeBSD.org/src/commit/?id=673d1ead65c912ee3b52e507421d499b8104a810

commit 673d1ead65c912ee3b52e507421d499b8104a810
Author:     Gordon Tetlow <gordon@FreeBSD.org>
AuthorDate: 2023-12-18 16:22:22 +0000
Commit:     Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2023-12-18 16:24:39 +0000

    Implement "strict key exchange" in ssh and sshd.
    
    This adds a protocol extension to improve the integrity of the SSH
    transport protocol, particular in and around the initial key exchange
    (KEX) phase.
    
    Full details of the extension are in the PROTOCOL file.
    
    OpenBSD-Commit-ID: 2a66ac962f0a630d7945fee54004ed9e9c439f14
    
    Approved by:    so (implicit)
    Obtained from:  https://anongit.mindrot.org/openssh.git/patch/?id=1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5
    Security:       CVE-2023-48795
    
    (cherry picked from commit 92f58c69a14c0afe910145f177c0e8aeaf9c7da4)
---
 crypto/openssh/PROTOCOL      |  28 +++++++++++-
 crypto/openssh/kex.c         |  82 ++++++++++++++++++++++------------
 crypto/openssh/kex.h         |   3 +-
 crypto/openssh/packet.c      | 103 +++++++++++++++++++++++++------------------
 crypto/openssh/packet.h      |   3 +-
 crypto/openssh/sshconnect2.c |  10 +----
 6 files changed, 146 insertions(+), 83 deletions(-)

diff --git a/crypto/openssh/PROTOCOL b/crypto/openssh/PROTOCOL
index d453c779be92..ded935eb6752 100644
--- a/crypto/openssh/PROTOCOL
+++ b/crypto/openssh/PROTOCOL
@@ -137,6 +137,32 @@ than as a named global or channel request to allow pings with very
 short packet lengths, which would not be possible with other
 approaches.
 
+1.9 transport: strict key exchange extension
+
+OpenSSH supports a number of transport-layer hardening measures under
+a "strict KEX" feature. This feature is signalled similarly to the
+RFC8308 ext-info feature: by including a additional algorithm in the
+initiial SSH2_MSG_KEXINIT kex_algorithms field. The client may append
+"kex-strict-c-v00@openssh.com" to its kex_algorithms and the server
+may append "kex-strict-s-v00@openssh.com". These pseudo-algorithms
+are only valid in the initial SSH2_MSG_KEXINIT and MUST be ignored
+if they are present in subsequent SSH2_MSG_KEXINIT packets.
+
+When an endpoint that supports this extension observes this algorithm
+name in a peer's KEXINIT packet, it MUST make the following changes to
+the the protocol:
+
+a) During initial KEX, terminate the connection if any unexpected or
+   out-of-sequence packet is received. This includes terminating the
+   connection if the first packet received is not SSH2_MSG_KEXINIT.
+   Unexpected packets for the purpose of strict KEX include messages
+   that are otherwise valid at any time during the connection such as
+   SSH2_MSG_DEBUG and SSH2_MSG_IGNORE.
+b) After sending or receiving a SSH2_MSG_NEWKEYS message, reset the
+   packet sequence number to zero. This behaviour persists for the
+   duration of the connection (i.e. not just the first
+   SSH2_MSG_NEWKEYS).
+
 2. Connection protocol changes
 
 2.1. connection: Channel write close extension "eow@openssh.com"
@@ -745,4 +771,4 @@ master instance and later clients.
 OpenSSH extends the usual agent protocol. These changes are documented
 in the PROTOCOL.agent file.
 
-$OpenBSD: PROTOCOL,v 1.49 2023/08/28 03:28:43 djm Exp $
+$OpenBSD: PROTOCOL,v 1.50 2023/12/18 14:45:17 djm Exp $
diff --git a/crypto/openssh/kex.c b/crypto/openssh/kex.c
index 8ff92f2a2d5e..2cb5ab3cf07c 100644
--- a/crypto/openssh/kex.c
+++ b/crypto/openssh/kex.c
@@ -65,7 +65,7 @@
 #include "xmalloc.h"
 
 /* prototype */
-static int kex_choose_conf(struct ssh *);
+static int kex_choose_conf(struct ssh *, uint32_t seq);
 static int kex_input_newkeys(int, u_int32_t, struct ssh *);
 
 static const char * const proposal_names[PROPOSAL_MAX] = {
@@ -177,6 +177,18 @@ kex_names_valid(const char *names)
 	return 1;
 }
 
+/* returns non-zero if proposal contains any algorithm from algs */
+static int
+has_any_alg(const char *proposal, const char *algs)
+{
+	char *cp;
+
+	if ((cp = match_list(proposal, algs, NULL)) == NULL)
+		return 0;
+	free(cp);
+	return 1;
+}
+
 /*
  * Concatenate algorithm names, avoiding duplicates in the process.
  * Caller must free returned string.
@@ -184,7 +196,7 @@ kex_names_valid(const char *names)
 char *
 kex_names_cat(const char *a, const char *b)
 {
-	char *ret = NULL, *tmp = NULL, *cp, *p, *m;
+	char *ret = NULL, *tmp = NULL, *cp, *p;
 	size_t len;
 
 	if (a == NULL || *a == '\0')
@@ -201,10 +213,8 @@ kex_names_cat(const char *a, const char *b)
 	}
 	strlcpy(ret, a, len);
 	for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) {
-		if ((m = match_list(ret, p, NULL)) != NULL) {
-			free(m);
+		if (has_any_alg(ret, p))
 			continue; /* Algorithm already present */
-		}
 		if (strlcat(ret, ",", len) >= len ||
 		    strlcat(ret, p, len) >= len) {
 			free(tmp);
@@ -334,15 +344,23 @@ kex_proposal_populate_entries(struct ssh *ssh, char *prop[PROPOSAL_MAX],
 	const char *defpropclient[PROPOSAL_MAX] = { KEX_CLIENT };
 	const char **defprop = ssh->kex->server ? defpropserver : defpropclient;
 	u_int i;
+	char *cp;
 
 	if (prop == NULL)
 		fatal_f("proposal missing");
 
+	/* Append EXT_INFO signalling to KexAlgorithms */
+	if (kexalgos == NULL)
+		kexalgos = defprop[PROPOSAL_KEX_ALGS];
+	if ((cp = kex_names_cat(kexalgos, ssh->kex->server ?
+	    "kex-strict-s-v00@openssh.com" :
+	    "ext-info-c,kex-strict-c-v00@openssh.com")) == NULL)
+		fatal_f("kex_names_cat");
+
 	for (i = 0; i < PROPOSAL_MAX; i++) {
 		switch(i) {
 		case PROPOSAL_KEX_ALGS:
-			prop[i] = compat_kex_proposal(ssh,
-			    kexalgos ? kexalgos : defprop[i]);
+			prop[i] = compat_kex_proposal(ssh, cp);
 			break;
 		case PROPOSAL_ENC_ALGS_CTOS:
 		case PROPOSAL_ENC_ALGS_STOC:
@@ -363,6 +381,7 @@ kex_proposal_populate_entries(struct ssh *ssh, char *prop[PROPOSAL_MAX],
 			prop[i] = xstrdup(defprop[i]);
 		}
 	}
+	free(cp);
 }
 
 void
@@ -466,7 +485,12 @@ kex_protocol_error(int type, u_int32_t seq, struct ssh *ssh)
 {
 	int r;
 
-	error("kex protocol error: type %d seq %u", type, seq);
+	/* If in strict mode, any unexpected message is an error */
+	if ((ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict) {
+		ssh_packet_disconnect(ssh, "strict KEX violation: "
+		    "unexpected packet type %u (seqnr %u)", type, seq);
+	}
+	error_f("type %u seq %u", type, seq);
 	if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 ||
 	    (r = sshpkt_put_u32(ssh, seq)) != 0 ||
 	    (r = sshpkt_send(ssh)) != 0)
@@ -563,7 +587,7 @@ kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh)
 	if (ninfo >= 1024) {
 		error("SSH2_MSG_EXT_INFO with too many entries, expected "
 		    "<=1024, received %u", ninfo);
-		return SSH_ERR_INVALID_FORMAT;
+		return dispatch_protocol_error(type, seq, ssh);
 	}
 	for (i = 0; i < ninfo; i++) {
 		if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0)
@@ -681,7 +705,7 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)
 		error_f("no kex");
 		return SSH_ERR_INTERNAL_ERROR;
 	}
-	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
+	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_protocol_error);
 	ptr = sshpkt_ptr(ssh, &dlen);
 	if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
 		return r;
@@ -717,7 +741,7 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)
 	if (!(kex->flags & KEX_INIT_SENT))
 		if ((r = kex_send_kexinit(ssh)) != 0)
 			return r;
-	if ((r = kex_choose_conf(ssh)) != 0)
+	if ((r = kex_choose_conf(ssh, seq)) != 0)
 		return r;
 
 	if (kex->kex_type < KEX_MAX && kex->kex[kex->kex_type] != NULL)
@@ -981,20 +1005,14 @@ proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX])
 	return (1);
 }
 
-/* returns non-zero if proposal contains any algorithm from algs */
 static int
-has_any_alg(const char *proposal, const char *algs)
+kexalgs_contains(char **peer, const char *ext)
 {
-	char *cp;
-
-	if ((cp = match_list(proposal, algs, NULL)) == NULL)
-		return 0;
-	free(cp);
-	return 1;
+	return has_any_alg(peer[PROPOSAL_KEX_ALGS], ext);
 }
 
 static int
-kex_choose_conf(struct ssh *ssh)
+kex_choose_conf(struct ssh *ssh, uint32_t seq)
 {
 	struct kex *kex = ssh->kex;
 	struct newkeys *newkeys;
@@ -1019,13 +1037,23 @@ kex_choose_conf(struct ssh *ssh)
 		sprop=peer;
 	}
 
-	/* Check whether client supports ext_info_c */
-	if (kex->server && (kex->flags & KEX_INITIAL)) {
-		char *ext;
-
-		ext = match_list("ext-info-c", peer[PROPOSAL_KEX_ALGS], NULL);
-		kex->ext_info_c = (ext != NULL);
-		free(ext);
+	/* Check whether peer supports ext_info/kex_strict */
+	if ((kex->flags & KEX_INITIAL) != 0) {
+		if (kex->server) {
+			kex->ext_info_c = kexalgs_contains(peer, "ext-info-c");
+			kex->kex_strict = kexalgs_contains(peer,
+			    "kex-strict-c-v00@openssh.com");
+		} else {
+			kex->kex_strict = kexalgs_contains(peer,
+			    "kex-strict-s-v00@openssh.com");
+		}
+		if (kex->kex_strict) {
+			debug3_f("will use strict KEX ordering");
+			if (seq != 0)
+				ssh_packet_disconnect(ssh,
+				    "strict KEX violation: "
+				    "KEXINIT was not the first packet");
+		}
 	}
 
 	/* Check whether client supports rsa-sha2 algorithms */
diff --git a/crypto/openssh/kex.h b/crypto/openssh/kex.h
index 5f7ef784eec9..272ebb43d79d 100644
--- a/crypto/openssh/kex.h
+++ b/crypto/openssh/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.119 2023/08/28 03:28:43 djm Exp $ */
+/* $OpenBSD: kex.h,v 1.120 2023/12/18 14:45:17 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -149,6 +149,7 @@ struct kex {
 	u_int	kex_type;
 	char	*server_sig_algs;
 	int	ext_info_c;
+	int	kex_strict;
 	struct sshbuf *my;
 	struct sshbuf *peer;
 	struct sshbuf *client_version;
diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c
index d69b903c844c..2d1401e7c9f5 100644
--- a/crypto/openssh/packet.c
+++ b/crypto/openssh/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.312 2023/08/28 03:31:16 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.313 2023/12/18 14:45:17 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1208,8 +1208,13 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
 	sshbuf_dump(state->output, stderr);
 #endif
 	/* increment sequence number for outgoing packets */
-	if (++state->p_send.seqnr == 0)
+	if (++state->p_send.seqnr == 0) {
+		if ((ssh->kex->flags & KEX_INITIAL) != 0) {
+			ssh_packet_disconnect(ssh, "outgoing sequence number "
+			    "wrapped during initial key exchange");
+		}
 		logit("outgoing seqnr wraps around");
+	}
 	if (++state->p_send.packets == 0)
 		if (!(ssh->compat & SSH_BUG_NOREKEY))
 			return SSH_ERR_NEED_REKEY;
@@ -1217,6 +1222,11 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
 	state->p_send.bytes += len;
 	sshbuf_reset(state->outgoing_packet);
 
+	if (type == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) {
+		debug_f("resetting send seqnr %u", state->p_send.seqnr);
+		state->p_send.seqnr = 0;
+	}
+
 	if (type == SSH2_MSG_NEWKEYS)
 		r = ssh_set_newkeys(ssh, MODE_OUT);
 	else if (type == SSH2_MSG_USERAUTH_SUCCESS && state->server_side)
@@ -1345,8 +1355,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 	/* Stay in the loop until we have received a complete packet. */
 	for (;;) {
 		/* Try to read a packet from the buffer. */
-		r = ssh_packet_read_poll_seqnr(ssh, typep, seqnr_p);
-		if (r != 0)
+		if ((r = ssh_packet_read_poll_seqnr(ssh, typep, seqnr_p)) != 0)
 			break;
 		/* If we got a packet, return it. */
 		if (*typep != SSH_MSG_NONE)
@@ -1417,29 +1426,6 @@ ssh_packet_read(struct ssh *ssh)
 	return type;
 }
 
-/*
- * Waits until a packet has been received, verifies that its type matches
- * that given, and gives a fatal error and exits if there is a mismatch.
- */
-
-int
-ssh_packet_read_expect(struct ssh *ssh, u_int expected_type)
-{
-	int r;
-	u_char type;
-
-	if ((r = ssh_packet_read_seqnr(ssh, &type, NULL)) != 0)
-		return r;
-	if (type != expected_type) {
-		if ((r = sshpkt_disconnect(ssh,
-		    "Protocol error: expected packet type %d, got %d",
-		    expected_type, type)) != 0)
-			return r;
-		return SSH_ERR_PROTOCOL_ERROR;
-	}
-	return 0;
-}
-
 static int
 ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 {
@@ -1630,10 +1616,16 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 		if ((r = sshbuf_consume(state->input, mac->mac_len)) != 0)
 			goto out;
 	}
+
 	if (seqnr_p != NULL)
 		*seqnr_p = state->p_read.seqnr;
-	if (++state->p_read.seqnr == 0)
+	if (++state->p_read.seqnr == 0) {
+		if ((ssh->kex->flags & KEX_INITIAL) != 0) {
+			ssh_packet_disconnect(ssh, "incoming sequence number "
+			    "wrapped during initial key exchange");
+		}
 		logit("incoming seqnr wraps around");
+	}
 	if (++state->p_read.packets == 0)
 		if (!(ssh->compat & SSH_BUG_NOREKEY))
 			return SSH_ERR_NEED_REKEY;
@@ -1699,6 +1691,10 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 #endif
 	/* reset for next packet */
 	state->packlen = 0;
+	if (*typep == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) {
+		debug_f("resetting read seqnr %u", state->p_read.seqnr);
+		state->p_read.seqnr = 0;
+	}
 
 	if ((r = ssh_packet_check_rekey(ssh)) != 0)
 		return r;
@@ -1721,10 +1717,39 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 		r = ssh_packet_read_poll2(ssh, typep, seqnr_p);
 		if (r != 0)
 			return r;
-		if (*typep) {
-			state->keep_alive_timeouts = 0;
-			DBG(debug("received packet type %d", *typep));
+		if (*typep == 0) {
+			/* no message ready */
+			return 0;
 		}
+		state->keep_alive_timeouts = 0;
+		DBG(debug("received packet type %d", *typep));
+
+		/* Always process disconnect messages */
+		if (*typep == SSH2_MSG_DISCONNECT) {
+			if ((r = sshpkt_get_u32(ssh, &reason)) != 0 ||
+			    (r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
+				return r;
+			/* Ignore normal client exit notifications */
+			do_log2(ssh->state->server_side &&
+			    reason == SSH2_DISCONNECT_BY_APPLICATION ?
+			    SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
+			    "Received disconnect from %s port %d:"
+			    "%u: %.400s", ssh_remote_ipaddr(ssh),
+			    ssh_remote_port(ssh), reason, msg);
+			free(msg);
+			return SSH_ERR_DISCONNECTED;
+		}
+
+		/*
+		 * Do not implicitly handle any messages here during initial
+		 * KEX when in strict mode. They will be need to be allowed
+		 * explicitly by the KEX dispatch table or they will generate
+		 * protocol errors.
+		 */
+		if (ssh->kex != NULL &&
+		    (ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict)
+			return 0;
+		/* Implicitly handle transport-level messages */
 		switch (*typep) {
 		case SSH2_MSG_IGNORE:
 			debug3("Received SSH2_MSG_IGNORE");
@@ -1739,19 +1764,6 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 			debug("Remote: %.900s", msg);
 			free(msg);
 			break;
-		case SSH2_MSG_DISCONNECT:
-			if ((r = sshpkt_get_u32(ssh, &reason)) != 0 ||
-			    (r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
-				return r;
-			/* Ignore normal client exit notifications */
-			do_log2(ssh->state->server_side &&
-			    reason == SSH2_DISCONNECT_BY_APPLICATION ?
-			    SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
-			    "Received disconnect from %s port %d:"
-			    "%u: %.400s", ssh_remote_ipaddr(ssh),
-			    ssh_remote_port(ssh), reason, msg);
-			free(msg);
-			return SSH_ERR_DISCONNECTED;
 		case SSH2_MSG_UNIMPLEMENTED:
 			if ((r = sshpkt_get_u32(ssh, &seqnr)) != 0)
 				return r;
@@ -2244,6 +2256,7 @@ kex_to_blob(struct sshbuf *m, struct kex *kex)
 	    (r = sshbuf_put_u32(m, kex->hostkey_type)) != 0 ||
 	    (r = sshbuf_put_u32(m, kex->hostkey_nid)) != 0 ||
 	    (r = sshbuf_put_u32(m, kex->kex_type)) != 0 ||
+	    (r = sshbuf_put_u32(m, kex->kex_strict)) != 0 ||
 	    (r = sshbuf_put_stringb(m, kex->my)) != 0 ||
 	    (r = sshbuf_put_stringb(m, kex->peer)) != 0 ||
 	    (r = sshbuf_put_stringb(m, kex->client_version)) != 0 ||
@@ -2406,6 +2419,7 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp)
 	    (r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_type)) != 0 ||
 	    (r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_nid)) != 0 ||
 	    (r = sshbuf_get_u32(m, &kex->kex_type)) != 0 ||
+	    (r = sshbuf_get_u32(m, &kex->kex_strict)) != 0 ||
 	    (r = sshbuf_get_stringb(m, kex->my)) != 0 ||
 	    (r = sshbuf_get_stringb(m, kex->peer)) != 0 ||
 	    (r = sshbuf_get_stringb(m, kex->client_version)) != 0 ||
@@ -2734,6 +2748,7 @@ sshpkt_disconnect(struct ssh *ssh, const char *fmt,...)
 	vsnprintf(buf, sizeof(buf), fmt, args);
 	va_end(args);
 
+	debug2_f("sending SSH2_MSG_DISCONNECT: %s", buf);
 	if ((r = sshpkt_start(ssh, SSH2_MSG_DISCONNECT)) != 0 ||
 	    (r = sshpkt_put_u32(ssh, SSH2_DISCONNECT_PROTOCOL_ERROR)) != 0 ||
 	    (r = sshpkt_put_cstring(ssh, buf)) != 0 ||
diff --git a/crypto/openssh/packet.h b/crypto/openssh/packet.h
index 11925a27d438..b2bc3215ddbc 100644
--- a/crypto/openssh/packet.h
+++ b/crypto/openssh/packet.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.h,v 1.95 2023/08/28 03:31:16 djm Exp $ */
+/* $OpenBSD: packet.h,v 1.96 2023/12/18 14:45:17 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -124,7 +124,6 @@ int	 ssh_packet_send2_wrapped(struct ssh *);
 int	 ssh_packet_send2(struct ssh *);
 
 int      ssh_packet_read(struct ssh *);
-int	 ssh_packet_read_expect(struct ssh *, u_int type);
 int      ssh_packet_read_poll(struct ssh *);
 int ssh_packet_read_poll2(struct ssh *, u_char *, u_int32_t *seqnr_p);
 int	 ssh_packet_process_incoming(struct ssh *, const char *buf, u_int len);
diff --git a/crypto/openssh/sshconnect2.c b/crypto/openssh/sshconnect2.c
index 90cbba6821e9..6401e304a977 100644
--- a/crypto/openssh/sshconnect2.c
+++ b/crypto/openssh/sshconnect2.c
@@ -358,7 +358,6 @@ struct cauthmethod {
 };
 
 static int input_userauth_service_accept(int, u_int32_t, struct ssh *);
-static int input_userauth_ext_info(int, u_int32_t, struct ssh *);
 static int input_userauth_success(int, u_int32_t, struct ssh *);
 static int input_userauth_failure(int, u_int32_t, struct ssh *);
 static int input_userauth_banner(int, u_int32_t, struct ssh *);
@@ -472,7 +471,7 @@ ssh_userauth2(struct ssh *ssh, const char *local_user,
 
 	ssh->authctxt = &authctxt;
 	ssh_dispatch_init(ssh, &input_userauth_error);
-	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info);
+	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, kex_input_ext_info);
 	ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept);
 	ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success);	/* loop until success */
 	pubkey_cleanup(ssh);
@@ -523,12 +522,6 @@ input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh)
 	return r;
 }
 
-static int
-input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh)
-{
-	return kex_input_ext_info(type, seqnr, ssh);
-}
-
 void
 userauth(struct ssh *ssh, char *authlist)
 {
@@ -607,6 +600,7 @@ input_userauth_success(int type, u_int32_t seq, struct ssh *ssh)
 	free(authctxt->methoddata);
 	authctxt->methoddata = NULL;
 	authctxt->success = 1;			/* break out */
+	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, dispatch_protocol_error);
 	return 0;
 }
 

From nobody Mon Dec 18 17:10:15 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sv5tH2rgGz54lnx;
	Mon, 18 Dec 2023 17:10:15 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sv5tH1m12z3HQr;
	Mon, 18 Dec 2023 17:10:15 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702919415;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=OgAbTsRsm+ZFj7oGOP0qzzlm01B8lRAfnu74iJf2aCo=;
	b=I/JvPoDU6Hak8xi62kG3OeBDCo9YegVD4YYIbCm7sZwNQ8MyMOKVDHfMkPIAKoCjiqELEv
	J8OBoAiULh3jdRfQLiGFvh5BxVw/WCQYZCgxndhhpvAFW4aLzbDuJ8T8D/bDSoRiCIutki
	bavnCJvO2c7lO7QGUolo9spz9pMWFg8dx2KQu/m5QVwArtOdbSXrLd/AKkMyYvOqzqD3TZ
	JoWQu4XLzRLYXOTV7MBfhmyIDH99eA+RBysnSaLBIXZf4nFcutlyqXxc6OxWl9BSUQ22Xe
	OUA4VYnif8QZmQxFCHS3A8hog9u8Fkkoq2IBWozgJJgVp4meBuKvVZJeHBlGxw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702919415; a=rsa-sha256; cv=none;
	b=V5pm/pqVJw9xbBtF+pyEIAZa3Ec+S0TswW6DU3jLXvWdSovAtLtfAOEuEBJlw+Ych0JR5B
	FwMv4lc7wOrONdPFye/phmVLqMrcj10aBM3MQTJCcaoYcDutVUhqwPIgBJTMkNzgyxA6AD
	icQYToygbWunjJbb8pcmrXWBHhxSQh4eEuCGiQj9PoF2c9ULZOBhMpUWKdyuHRJM0tbpFJ
	goUK1IOFdDdMR64XwhzZs9XHitgn36twIj8GAUo/dXvAvJi4YLJf7lLRzgDBZGlB5xBkAD
	K6ivvFTpMIIBZtcteMGDp+Yqnt6N19eD2hXU/t48hI4yOsUQsligEolZXqJYGA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702919415;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=OgAbTsRsm+ZFj7oGOP0qzzlm01B8lRAfnu74iJf2aCo=;
	b=CCKElXOrW67282dF0ujsZmMJhgOHh4EviBP/ROV43KtYQO7rrVyTVRAhzSHcI9y3er2x+x
	a44d7KaJJhlhZuuX7NBDGPrvcC84ieUtWSglx72Z0BZ54In/FnCX3a/uFIUFYytz2wITIg
	ieSxJ1kMxxJuNNUXiYE5/3zNuwrR8ITZNx6fQvYDQb3zzvEcblp89Xvva2JZ3lReSUV5vc
	IJBzMbPEwOkDC+kqw0WS3jNI+aBbqhRcCagTU4XaLC32Fep3jVXN8Q3e698XoaJdGJsVPC
	BcsXwssU8L67+2tgOV4q8iPR4hgyiT8iKaY0L/4jFbZkq/GAR7rdQ2nZ0nkSeA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sv5tH0pNFzTyg;
	Mon, 18 Dec 2023 17:10:15 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BIHAFgk079493;
	Mon, 18 Dec 2023 17:10:15 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BIHAFBw079480;
	Mon, 18 Dec 2023 17:10:15 GMT
	(envelope-from git)
Date: Mon, 18 Dec 2023 17:10:15 GMT
Message-Id: <202312181710.3BIHAFBw079480@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Gordon Tetlow <gordon@FreeBSD.org>
Subject: git: 3bafcb9744c9 - stable/13 - Implement "strict key
  exchange" in ssh and sshd.
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gordon
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 3bafcb9744c966ff7750357b24fc7942f2d928d4
Auto-Submitted: auto-generated

The branch stable/13 has been updated by gordon:

URL: https://cgit.FreeBSD.org/src/commit/?id=3bafcb9744c966ff7750357b24fc7942f2d928d4

commit 3bafcb9744c966ff7750357b24fc7942f2d928d4
Author:     Gordon Tetlow <gordon@FreeBSD.org>
AuthorDate: 2023-12-18 16:22:22 +0000
Commit:     Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2023-12-18 17:09:18 +0000

    Implement "strict key exchange" in ssh and sshd.
    
    This adds a protocol extension to improve the integrity of the SSH
    transport protocol, particular in and around the initial key exchange
    (KEX) phase.
    
    Full details of the extension are in the PROTOCOL file.
    
    OpenBSD-Commit-ID: 2a66ac962f0a630d7945fee54004ed9e9c439f14
    
    Approved by:    so (implicit)
    Obtained from:  https://anongit.mindrot.org/openssh.git/patch/?id=1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5
    Security:       CVE-2023-48795
    
    (cherry picked from commit 92f58c69a14c0afe910145f177c0e8aeaf9c7da4)
---
 crypto/openssh/PROTOCOL      |  26 +++++++++++
 crypto/openssh/kex.c         |  82 +++++++++++++++++++++++------------
 crypto/openssh/kex.h         |   1 +
 crypto/openssh/packet.c      | 101 +++++++++++++++++++++++++------------------
 crypto/openssh/packet.h      |   1 -
 crypto/openssh/sshconnect2.c |  10 +----
 6 files changed, 142 insertions(+), 79 deletions(-)

diff --git a/crypto/openssh/PROTOCOL b/crypto/openssh/PROTOCOL
index 27804d0cadbd..ad611a01a200 100644
--- a/crypto/openssh/PROTOCOL
+++ b/crypto/openssh/PROTOCOL
@@ -104,6 +104,32 @@ http://git.libssh.org/users/aris/libssh.git/plain/doc/curve25519-sha256@libssh.o
 
 This is identical to curve25519-sha256 as later published in RFC8731.
 
+1.9 transport: strict key exchange extension
+
+OpenSSH supports a number of transport-layer hardening measures under
+a "strict KEX" feature. This feature is signalled similarly to the
+RFC8308 ext-info feature: by including a additional algorithm in the
+initiial SSH2_MSG_KEXINIT kex_algorithms field. The client may append
+"kex-strict-c-v00@openssh.com" to its kex_algorithms and the server
+may append "kex-strict-s-v00@openssh.com". These pseudo-algorithms
+are only valid in the initial SSH2_MSG_KEXINIT and MUST be ignored
+if they are present in subsequent SSH2_MSG_KEXINIT packets.
+
+When an endpoint that supports this extension observes this algorithm
+name in a peer's KEXINIT packet, it MUST make the following changes to
+the the protocol:
+
+a) During initial KEX, terminate the connection if any unexpected or
+   out-of-sequence packet is received. This includes terminating the
+   connection if the first packet received is not SSH2_MSG_KEXINIT.
+   Unexpected packets for the purpose of strict KEX include messages
+   that are otherwise valid at any time during the connection such as
+   SSH2_MSG_DEBUG and SSH2_MSG_IGNORE.
+b) After sending or receiving a SSH2_MSG_NEWKEYS message, reset the
+   packet sequence number to zero. This behaviour persists for the
+   duration of the connection (i.e. not just the first
+   SSH2_MSG_NEWKEYS).
+
 2. Connection protocol changes
 
 2.1. connection: Channel write close extension "eow@openssh.com"
diff --git a/crypto/openssh/kex.c b/crypto/openssh/kex.c
index b4e2ab75f541..251cff7af530 100644
--- a/crypto/openssh/kex.c
+++ b/crypto/openssh/kex.c
@@ -65,7 +65,7 @@
 #include "xmalloc.h"
 
 /* prototype */
-static int kex_choose_conf(struct ssh *);
+static int kex_choose_conf(struct ssh *, uint32_t seq);
 static int kex_input_newkeys(int, u_int32_t, struct ssh *);
 
 static const char * const proposal_names[PROPOSAL_MAX] = {
@@ -177,6 +177,18 @@ kex_names_valid(const char *names)
 	return 1;
 }
 
+/* returns non-zero if proposal contains any algorithm from algs */
+static int
+has_any_alg(const char *proposal, const char *algs)
+{
+	char *cp;
+
+	if ((cp = match_list(proposal, algs, NULL)) == NULL)
+		return 0;
+	free(cp);
+	return 1;
+}
+
 /*
  * Concatenate algorithm names, avoiding duplicates in the process.
  * Caller must free returned string.
@@ -184,7 +196,7 @@ kex_names_valid(const char *names)
 char *
 kex_names_cat(const char *a, const char *b)
 {
-	char *ret = NULL, *tmp = NULL, *cp, *p, *m;
+	char *ret = NULL, *tmp = NULL, *cp, *p;
 	size_t len;
 
 	if (a == NULL || *a == '\0')
@@ -201,10 +213,8 @@ kex_names_cat(const char *a, const char *b)
 	}
 	strlcpy(ret, a, len);
 	for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) {
-		if ((m = match_list(ret, p, NULL)) != NULL) {
-			free(m);
+		if (has_any_alg(ret, p))
 			continue; /* Algorithm already present */
-		}
 		if (strlcat(ret, ",", len) >= len ||
 		    strlcat(ret, p, len) >= len) {
 			free(tmp);
@@ -334,15 +344,23 @@ kex_proposal_populate_entries(struct ssh *ssh, char *prop[PROPOSAL_MAX],
 	const char *defpropclient[PROPOSAL_MAX] = { KEX_CLIENT };
 	const char **defprop = ssh->kex->server ? defpropserver : defpropclient;
 	u_int i;
+	char *cp;
 
 	if (prop == NULL)
 		fatal_f("proposal missing");
 
+	/* Append EXT_INFO signalling to KexAlgorithms */
+	if (kexalgos == NULL)
+		kexalgos = defprop[PROPOSAL_KEX_ALGS];
+	if ((cp = kex_names_cat(kexalgos, ssh->kex->server ?
+	    "kex-strict-s-v00@openssh.com" :
+	    "ext-info-c,kex-strict-c-v00@openssh.com")) == NULL)
+		fatal_f("kex_names_cat");
+
 	for (i = 0; i < PROPOSAL_MAX; i++) {
 		switch(i) {
 		case PROPOSAL_KEX_ALGS:
-			prop[i] = compat_kex_proposal(ssh,
-			    kexalgos ? kexalgos : defprop[i]);
+			prop[i] = compat_kex_proposal(ssh, cp);
 			break;
 		case PROPOSAL_ENC_ALGS_CTOS:
 		case PROPOSAL_ENC_ALGS_STOC:
@@ -363,6 +381,7 @@ kex_proposal_populate_entries(struct ssh *ssh, char *prop[PROPOSAL_MAX],
 			prop[i] = xstrdup(defprop[i]);
 		}
 	}
+	free(cp);
 }
 
 void
@@ -466,7 +485,12 @@ kex_protocol_error(int type, u_int32_t seq, struct ssh *ssh)
 {
 	int r;
 
-	error("kex protocol error: type %d seq %u", type, seq);
+	/* If in strict mode, any unexpected message is an error */
+	if ((ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict) {
+		ssh_packet_disconnect(ssh, "strict KEX violation: "
+		    "unexpected packet type %u (seqnr %u)", type, seq);
+	}
+	error_f("type %u seq %u", type, seq);
 	if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 ||
 	    (r = sshpkt_put_u32(ssh, seq)) != 0 ||
 	    (r = sshpkt_send(ssh)) != 0)
@@ -544,7 +568,7 @@ kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh)
 	if (ninfo >= 1024) {
 		error("SSH2_MSG_EXT_INFO with too many entries, expected "
 		    "<=1024, received %u", ninfo);
-		return SSH_ERR_INVALID_FORMAT;
+		return dispatch_protocol_error(type, seq, ssh);
 	}
 	for (i = 0; i < ninfo; i++) {
 		if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0)
@@ -660,7 +684,7 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)
 		error_f("no kex");
 		return SSH_ERR_INTERNAL_ERROR;
 	}
-	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
+	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_protocol_error);
 	ptr = sshpkt_ptr(ssh, &dlen);
 	if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
 		return r;
@@ -696,7 +720,7 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)
 	if (!(kex->flags & KEX_INIT_SENT))
 		if ((r = kex_send_kexinit(ssh)) != 0)
 			return r;
-	if ((r = kex_choose_conf(ssh)) != 0)
+	if ((r = kex_choose_conf(ssh, seq)) != 0)
 		return r;
 
 	if (kex->kex_type < KEX_MAX && kex->kex[kex->kex_type] != NULL)
@@ -960,20 +984,14 @@ proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX])
 	return (1);
 }
 
-/* returns non-zero if proposal contains any algorithm from algs */
 static int
-has_any_alg(const char *proposal, const char *algs)
+kexalgs_contains(char **peer, const char *ext)
 {
-	char *cp;
-
-	if ((cp = match_list(proposal, algs, NULL)) == NULL)
-		return 0;
-	free(cp);
-	return 1;
+	return has_any_alg(peer[PROPOSAL_KEX_ALGS], ext);
 }
 
 static int
-kex_choose_conf(struct ssh *ssh)
+kex_choose_conf(struct ssh *ssh, uint32_t seq)
 {
 	struct kex *kex = ssh->kex;
 	struct newkeys *newkeys;
@@ -998,13 +1016,23 @@ kex_choose_conf(struct ssh *ssh)
 		sprop=peer;
 	}
 
-	/* Check whether client supports ext_info_c */
-	if (kex->server && (kex->flags & KEX_INITIAL)) {
-		char *ext;
-
-		ext = match_list("ext-info-c", peer[PROPOSAL_KEX_ALGS], NULL);
-		kex->ext_info_c = (ext != NULL);
-		free(ext);
+	/* Check whether peer supports ext_info/kex_strict */
+	if ((kex->flags & KEX_INITIAL) != 0) {
+		if (kex->server) {
+			kex->ext_info_c = kexalgs_contains(peer, "ext-info-c");
+			kex->kex_strict = kexalgs_contains(peer,
+			    "kex-strict-c-v00@openssh.com");
+		} else {
+			kex->kex_strict = kexalgs_contains(peer,
+			    "kex-strict-s-v00@openssh.com");
+		}
+		if (kex->kex_strict) {
+			debug3_f("will use strict KEX ordering");
+			if (seq != 0)
+				ssh_packet_disconnect(ssh,
+				    "strict KEX violation: "
+				    "KEXINIT was not the first packet");
+		}
 	}
 
 	/* Check whether client supports rsa-sha2 algorithms */
diff --git a/crypto/openssh/kex.h b/crypto/openssh/kex.h
index 8b54e3f4b912..a7ae59bf7869 100644
--- a/crypto/openssh/kex.h
+++ b/crypto/openssh/kex.h
@@ -148,6 +148,7 @@ struct kex {
 	u_int	kex_type;
 	char	*server_sig_algs;
 	int	ext_info_c;
+	int	kex_strict;
 	struct sshbuf *my;
 	struct sshbuf *peer;
 	struct sshbuf *client_version;
diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c
index 3f885c3d01d1..cc492476f675 100644
--- a/crypto/openssh/packet.c
+++ b/crypto/openssh/packet.c
@@ -1206,8 +1206,13 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
 	sshbuf_dump(state->output, stderr);
 #endif
 	/* increment sequence number for outgoing packets */
-	if (++state->p_send.seqnr == 0)
+	if (++state->p_send.seqnr == 0) {
+		if ((ssh->kex->flags & KEX_INITIAL) != 0) {
+			ssh_packet_disconnect(ssh, "outgoing sequence number "
+			    "wrapped during initial key exchange");
+		}
 		logit("outgoing seqnr wraps around");
+	}
 	if (++state->p_send.packets == 0)
 		if (!(ssh->compat & SSH_BUG_NOREKEY))
 			return SSH_ERR_NEED_REKEY;
@@ -1215,6 +1220,11 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
 	state->p_send.bytes += len;
 	sshbuf_reset(state->outgoing_packet);
 
+	if (type == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) {
+		debug_f("resetting send seqnr %u", state->p_send.seqnr);
+		state->p_send.seqnr = 0;
+	}
+
 	if (type == SSH2_MSG_NEWKEYS)
 		r = ssh_set_newkeys(ssh, MODE_OUT);
 	else if (type == SSH2_MSG_USERAUTH_SUCCESS && state->server_side)
@@ -1343,8 +1353,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 	/* Stay in the loop until we have received a complete packet. */
 	for (;;) {
 		/* Try to read a packet from the buffer. */
-		r = ssh_packet_read_poll_seqnr(ssh, typep, seqnr_p);
-		if (r != 0)
+		if ((r = ssh_packet_read_poll_seqnr(ssh, typep, seqnr_p)) != 0)
 			break;
 		/* If we got a packet, return it. */
 		if (*typep != SSH_MSG_NONE)
@@ -1415,29 +1424,6 @@ ssh_packet_read(struct ssh *ssh)
 	return type;
 }
 
-/*
- * Waits until a packet has been received, verifies that its type matches
- * that given, and gives a fatal error and exits if there is a mismatch.
- */
-
-int
-ssh_packet_read_expect(struct ssh *ssh, u_int expected_type)
-{
-	int r;
-	u_char type;
-
-	if ((r = ssh_packet_read_seqnr(ssh, &type, NULL)) != 0)
-		return r;
-	if (type != expected_type) {
-		if ((r = sshpkt_disconnect(ssh,
-		    "Protocol error: expected packet type %d, got %d",
-		    expected_type, type)) != 0)
-			return r;
-		return SSH_ERR_PROTOCOL_ERROR;
-	}
-	return 0;
-}
-
 static int
 ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 {
@@ -1628,10 +1614,16 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 		if ((r = sshbuf_consume(state->input, mac->mac_len)) != 0)
 			goto out;
 	}
+
 	if (seqnr_p != NULL)
 		*seqnr_p = state->p_read.seqnr;
-	if (++state->p_read.seqnr == 0)
+	if (++state->p_read.seqnr == 0) {
+		if ((ssh->kex->flags & KEX_INITIAL) != 0) {
+			ssh_packet_disconnect(ssh, "incoming sequence number "
+			    "wrapped during initial key exchange");
+		}
 		logit("incoming seqnr wraps around");
+	}
 	if (++state->p_read.packets == 0)
 		if (!(ssh->compat & SSH_BUG_NOREKEY))
 			return SSH_ERR_NEED_REKEY;
@@ -1697,6 +1689,10 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 #endif
 	/* reset for next packet */
 	state->packlen = 0;
+	if (*typep == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) {
+		debug_f("resetting read seqnr %u", state->p_read.seqnr);
+		state->p_read.seqnr = 0;
+	}
 
 	if ((r = ssh_packet_check_rekey(ssh)) != 0)
 		return r;
@@ -1717,10 +1713,39 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 		r = ssh_packet_read_poll2(ssh, typep, seqnr_p);
 		if (r != 0)
 			return r;
-		if (*typep) {
-			state->keep_alive_timeouts = 0;
-			DBG(debug("received packet type %d", *typep));
+		if (*typep == 0) {
+			/* no message ready */
+			return 0;
 		}
+		state->keep_alive_timeouts = 0;
+		DBG(debug("received packet type %d", *typep));
+
+		/* Always process disconnect messages */
+		if (*typep == SSH2_MSG_DISCONNECT) {
+			if ((r = sshpkt_get_u32(ssh, &reason)) != 0 ||
+			    (r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
+				return r;
+			/* Ignore normal client exit notifications */
+			do_log2(ssh->state->server_side &&
+			    reason == SSH2_DISCONNECT_BY_APPLICATION ?
+			    SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
+			    "Received disconnect from %s port %d:"
+			    "%u: %.400s", ssh_remote_ipaddr(ssh),
+			    ssh_remote_port(ssh), reason, msg);
+			free(msg);
+			return SSH_ERR_DISCONNECTED;
+		}
+
+		/*
+		 * Do not implicitly handle any messages here during initial
+		 * KEX when in strict mode. They will be need to be allowed
+		 * explicitly by the KEX dispatch table or they will generate
+		 * protocol errors.
+		 */
+		if (ssh->kex != NULL &&
+		    (ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict)
+			return 0;
+		/* Implicitly handle transport-level messages */
 		switch (*typep) {
 		case SSH2_MSG_IGNORE:
 			debug3("Received SSH2_MSG_IGNORE");
@@ -1735,19 +1760,6 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 			debug("Remote: %.900s", msg);
 			free(msg);
 			break;
-		case SSH2_MSG_DISCONNECT:
-			if ((r = sshpkt_get_u32(ssh, &reason)) != 0 ||
-			    (r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
-				return r;
-			/* Ignore normal client exit notifications */
-			do_log2(ssh->state->server_side &&
-			    reason == SSH2_DISCONNECT_BY_APPLICATION ?
-			    SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
-			    "Received disconnect from %s port %d:"
-			    "%u: %.400s", ssh_remote_ipaddr(ssh),
-			    ssh_remote_port(ssh), reason, msg);
-			free(msg);
-			return SSH_ERR_DISCONNECTED;
 		case SSH2_MSG_UNIMPLEMENTED:
 			if ((r = sshpkt_get_u32(ssh, &seqnr)) != 0)
 				return r;
@@ -2213,6 +2225,7 @@ kex_to_blob(struct sshbuf *m, struct kex *kex)
 	    (r = sshbuf_put_u32(m, kex->hostkey_type)) != 0 ||
 	    (r = sshbuf_put_u32(m, kex->hostkey_nid)) != 0 ||
 	    (r = sshbuf_put_u32(m, kex->kex_type)) != 0 ||
+	    (r = sshbuf_put_u32(m, kex->kex_strict)) != 0 ||
 	    (r = sshbuf_put_stringb(m, kex->my)) != 0 ||
 	    (r = sshbuf_put_stringb(m, kex->peer)) != 0 ||
 	    (r = sshbuf_put_stringb(m, kex->client_version)) != 0 ||
@@ -2375,6 +2388,7 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp)
 	    (r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_type)) != 0 ||
 	    (r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_nid)) != 0 ||
 	    (r = sshbuf_get_u32(m, &kex->kex_type)) != 0 ||
+	    (r = sshbuf_get_u32(m, &kex->kex_strict)) != 0 ||
 	    (r = sshbuf_get_stringb(m, kex->my)) != 0 ||
 	    (r = sshbuf_get_stringb(m, kex->peer)) != 0 ||
 	    (r = sshbuf_get_stringb(m, kex->client_version)) != 0 ||
@@ -2703,6 +2717,7 @@ sshpkt_disconnect(struct ssh *ssh, const char *fmt,...)
 	vsnprintf(buf, sizeof(buf), fmt, args);
 	va_end(args);
 
+	debug2_f("sending SSH2_MSG_DISCONNECT: %s", buf);
 	if ((r = sshpkt_start(ssh, SSH2_MSG_DISCONNECT)) != 0 ||
 	    (r = sshpkt_put_u32(ssh, SSH2_DISCONNECT_PROTOCOL_ERROR)) != 0 ||
 	    (r = sshpkt_put_cstring(ssh, buf)) != 0 ||
diff --git a/crypto/openssh/packet.h b/crypto/openssh/packet.h
index 176488b1e5d2..9fc035b5e04f 100644
--- a/crypto/openssh/packet.h
+++ b/crypto/openssh/packet.h
@@ -124,7 +124,6 @@ int	 ssh_packet_send2_wrapped(struct ssh *);
 int	 ssh_packet_send2(struct ssh *);
 
 int      ssh_packet_read(struct ssh *);
-int	 ssh_packet_read_expect(struct ssh *, u_int type);
 int      ssh_packet_read_poll(struct ssh *);
 int ssh_packet_read_poll2(struct ssh *, u_char *, u_int32_t *seqnr_p);
 int	 ssh_packet_process_incoming(struct ssh *, const char *buf, u_int len);
diff --git a/crypto/openssh/sshconnect2.c b/crypto/openssh/sshconnect2.c
index bc05f02142fd..d30b7364313f 100644
--- a/crypto/openssh/sshconnect2.c
+++ b/crypto/openssh/sshconnect2.c
@@ -358,7 +358,6 @@ struct cauthmethod {
 };
 
 static int input_userauth_service_accept(int, u_int32_t, struct ssh *);
-static int input_userauth_ext_info(int, u_int32_t, struct ssh *);
 static int input_userauth_success(int, u_int32_t, struct ssh *);
 static int input_userauth_failure(int, u_int32_t, struct ssh *);
 static int input_userauth_banner(int, u_int32_t, struct ssh *);
@@ -472,7 +471,7 @@ ssh_userauth2(struct ssh *ssh, const char *local_user,
 
 	ssh->authctxt = &authctxt;
 	ssh_dispatch_init(ssh, &input_userauth_error);
-	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info);
+	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, kex_input_ext_info);
 	ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept);
 	ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success);	/* loop until success */
 	pubkey_cleanup(ssh);
@@ -523,12 +522,6 @@ input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh)
 	return r;
 }
 
-static int
-input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh)
-{
-	return kex_input_ext_info(type, seqnr, ssh);
-}
-
 void
 userauth(struct ssh *ssh, char *authlist)
 {
@@ -607,6 +600,7 @@ input_userauth_success(int type, u_int32_t seq, struct ssh *ssh)
 	free(authctxt->methoddata);
 	authctxt->methoddata = NULL;
 	authctxt->success = 1;			/* break out */
+	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, dispatch_protocol_error);
 	return 0;
 }
 

From nobody Mon Dec 18 17:36:16 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sv6SK18Wyz54n9T;
	Mon, 18 Dec 2023 17:36:17 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sv6SK0S8Wz4HX2;
	Mon, 18 Dec 2023 17:36:17 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702920977;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=g063P+8yay5WekGeslbyCm5iZuu6jx2t44+X4HcMyXA=;
	b=VXIs8EQuniylHpnHJbHVaBo2mx2xJpmLDUfhKWMsd1PNJJVfiST/kRJzdAZaaU1HfoF0un
	nSXQokgjMzAsJcNrylxIdq7SNQfqPllVoMoVIa+jNeIcekEbE+zmB/s9ygdpq9jE5VkfgI
	5K52QrEwrrTgAZiPd/9LH5mtJMeWlOP0cLrb623nEQbR6hjjElkQdRwJRAnXDqjqUAgTP1
	pB4TDENxSMOk+sYayus3Jf77PwqHyGJoA1w5UTRPOfFty55xCUu8M0Xb9VRJL2+bFD9u8s
	rrKsh9+GL0f7FjvtcsW0ift4TVVFAsD0vR3oWFVm5TRk7mks1vO/aajlHC9euw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702920977; a=rsa-sha256; cv=none;
	b=Ax1ob5tJPk7EdzGzTG48QPNGhwY5NrdM7NCiuIVRs5t5xt+BjKIS4i3FziKZBOGuph/E/M
	msiPDp4hEIKaBbLSxi/aB/p7bnnGfz2o7zinBtLGxG8eIL8tpo8bIu5vxiU8xwnd5OKIyX
	zsgsSoS5NUbg+W4AvIQ1tx33KsF/nbM7yfcur6d2k0MATZ1v25vckEw75gkCg0krGu8X31
	N1UJsY1BlSyKBKd6k1tgri4T9otx3iJ8LEsnNXX9huqx4ezV2Ck2FaCgDF2V/fS4ZX/h3S
	tBv165zZ2914vZOUXrBzljEzNVeSCK3yia0pgP/SQkQSL0czAjebWr5E118HPg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702920977;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=g063P+8yay5WekGeslbyCm5iZuu6jx2t44+X4HcMyXA=;
	b=wVN3QDGdd8XgPGFQvuuEBfbqnUzC+DAMhUcHFCDqKyGjj8Wwele7wTTyEGRsSxayt4XFXt
	Zv2b70EwWy7rv/3XrrlfwIWAl4qBeAeBz6U1aonGLYzGWcsjJEsbD5wO6hLWCMQZcRAv3a
	Idf1tnQelky0E0PlNWQYhJi1tnatZK6+eVTnLx2xa01CgYxDc4q/3MmT4w3RJvNP9LZ4o4
	WhomBivp1CT7lxLeMFkGFgveEcUHMlrtvoshiQYaQ1NbEgvlI8ouPbqUcPv9ubvHEZNdye
	V8BVGYQFeeW3R6aWbrmp3LAnTbIPP+X7r0sGNhOv5lm4LIKLCiQ+dD5bJmr6gA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sv6SJ6d70zVhD;
	Mon, 18 Dec 2023 17:36:16 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BIHaGb7021743;
	Mon, 18 Dec 2023 17:36:16 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BIHaGMD021740;
	Mon, 18 Dec 2023 17:36:16 GMT
	(envelope-from git)
Date: Mon, 18 Dec 2023 17:36:16 GMT
Message-Id: <202312181736.3BIHaGMD021740@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 052f6ec95bf5 - stable/13 - sshd: remove unneeded
  initialization of libwrap logging severities
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 052f6ec95bf5e29985b456a7d0287ffef3e01192
Auto-Submitted: auto-generated

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=052f6ec95bf5e29985b456a7d0287ffef3e01192

commit 052f6ec95bf5e29985b456a7d0287ffef3e01192
Author:     Gleb Smirnoff <glebius@FreeBSD.org>
AuthorDate: 2023-07-20 21:56:20 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-12-18 17:34:47 +0000

    sshd: remove unneeded initialization of libwrap logging severities
    
    This part of ca573c9a177 proved to be unnecessary.  As the removed
    comment says, we set them merely for logging syntax errors, as we log
    refusals ourselves.  However, inside the libwrap the parser logs any
    syntax errors with tcpd_warn() which has hardcoded LOG_WARNING inside.
    
    Reviewed by:            philip, emaste
    Differential revision:  https://reviews.freebsd.org/D40068
    
    (cherry picked from commit 90f10db8a99659d1baea7b2609d9256c331f61ae)
---
 crypto/openssh/sshd.c | 12 +-----------
 1 file changed, 1 insertion(+), 11 deletions(-)

diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c
index 620a7efe7797..ce8db54a2b72 100644
--- a/crypto/openssh/sshd.c
+++ b/crypto/openssh/sshd.c
@@ -142,8 +142,6 @@
 #ifdef LIBWRAP
 #include <tcpd.h>
 #include <syslog.h>
-extern int allow_severity;
-extern int deny_severity;
 #endif /* LIBWRAP */
 
 /* Re-exec fds */
@@ -1303,7 +1301,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 				 * exactly.  sshguard, and supposedly lots
 				 * of custom made scripts rely on it.
 				 */
-				syslog(deny_severity,
+				syslog(LOG_WARNING,
 				    "refused connect from %s (%s)",
 				    eval_client(&req),
 				    eval_hostaddr(req.client));
@@ -2112,14 +2110,6 @@ main(int ac, char **av)
 	/* Reinitialize the log (because of the fork above). */
 	log_init(__progname, options.log_level, options.log_facility, log_stderr);
 
-#ifdef LIBWRAP
-	/*
-	 * We log refusals ourselves.  However, libwrap will report
-	 * syntax errors in hosts.allow via syslog(3).
-	 */
-	allow_severity = options.log_facility|LOG_INFO;
-	deny_severity = options.log_facility|LOG_WARNING;
-#endif
 	/* Avoid killing the process in high-pressure swapping environments. */
 	if (!inetd_flag && madvise(NULL, 0, MADV_PROTECT) != 0)
 		debug("madvise(): %.200s", strerror(errno));

From nobody Mon Dec 18 17:36:17 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sv6SL29xNz54nBY;
	Mon, 18 Dec 2023 17:36:18 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sv6SL1PLlz4H72;
	Mon, 18 Dec 2023 17:36:18 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702920978;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=GFfUzAtR1jinslkEQan8TdWmqOxnGu0hZ212Zvze2+c=;
	b=u7cXdZSVCT9qHS/HVO4CAEkSMQOnhrKaIuGIFuDKCenYDsThQrrzfoZSeYvxpcxFVFI/TK
	tv9fSC8iWMDKq1KRnNp7nU+rW1iHa//Fi99OW2vrrTGebg8lpzFx4iwJ3tEgz8k/7t5sRD
	5oM2LHJuV74bnJ1kkoozS8FXaYSYzbpZorPODb+7Z9zdUjFPwmoanP095U5VtKOIMjVE2N
	N+8kjaMtnykyYx5eoajreKqZ6RrZM3w2Cy0c6HuSeeZN3USHDYncBGkcpS/4NSozwGHsEr
	pDYtOyDgCQRirHnup4bPibioIrWKpOaMDMXcGjt2MQ827ws9/bSvED8kIS6pPA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702920978; a=rsa-sha256; cv=none;
	b=gcmjxI2AHYfvcbgScAzq+q30H1Qc6R1tZMLr+0Qj7cxef51ArFP1Vq9ANHNYYqaW1ZcKGm
	W1ECLbBm2txHTqycGNfVgz3REXEkYrAu/nUJz2rnl+xv0M3NyLA3A3sWPrkZF9zBroGIP6
	xaClAzHHU3hpHX7LALJ8fpryenf0Sul9u0vj2McgHdKJ537daPu0FCB6Z7AhB2FRq0G8zx
	HQiy2n2eK1JAot+I81YFmwdDqVtqr23/mu0x74/mCOqX0l+KVSABKuJ8GLjX4dLP5n9mHW
	PET0u01n4XOazqWIG0e2nzZAJx/tcC8wXR7DjCMCNRj4F7UYczl3hR+AAo7MZw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702920978;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=GFfUzAtR1jinslkEQan8TdWmqOxnGu0hZ212Zvze2+c=;
	b=vyNqzQutSfd6RSTvZ/sGygXGkL4tpgyVt5apbhBk8vKaB5src5/9Q9yrujjiawwHsIBcsf
	jdgd7NGcCAP40pHcl8gkgnq/OoBgIj1BNGGJOpYkctQJwSBK8nWvK1Kgf3hPBOIUJeQZRA
	rm0j20d/H2tgsouETgLf0cwFKPMpkU8vS7gPYBsWhmJT28WWa+Qw+62EXiEs9Sr56CuA7R
	eILtw+aqvmhu0iGtA6vMVUZIPnC9rYA90a00FoRT0FFSD+Ya5+br4KnZa3N2xVn5bTPy9u
	w2BSL4hCPDXxEEb4K3ajxknLDOOmvjZhxSZezUc/cPP6lHdeVSt9510gP4pTkQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sv6SL0VCmzWBQ;
	Mon, 18 Dec 2023 17:36:18 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BIHaH5S021792;
	Mon, 18 Dec 2023 17:36:17 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BIHaHF6021789;
	Mon, 18 Dec 2023 17:36:17 GMT
	(envelope-from git)
Date: Mon, 18 Dec 2023 17:36:17 GMT
Message-Id: <202312181736.3BIHaHF6021789@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 0fbec53dcfb8 - stable/13 - sshd: do not resolve refused
  client hostname
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 0fbec53dcfb8d31aa2e3734992e241422e152433
Auto-Submitted: auto-generated

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=0fbec53dcfb8d31aa2e3734992e241422e152433

commit 0fbec53dcfb8d31aa2e3734992e241422e152433
Author:     Gleb Smirnoff <glebius@FreeBSD.org>
AuthorDate: 2023-07-20 21:56:20 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-12-18 17:35:47 +0000

    sshd: do not resolve refused client hostname
    
    This is a compromise between POLA and practical reasoning.  We don't
    want to block the main server loop in an attempt to resolve.  But we
    need to keep the format of the logged message as is, for sake of
    sshguard and other scripts.  So let's print just the IP address twice,
    this is what libwrap's refuse() would do if it failed to resolve.
    
    Reviewed by:            philip
    PR:                     269456
    Differential revision:  https://reviews.freebsd.org/D40069
    
    (cherry picked from commit 9ff45b8ed847f9cb7e1cd401278c7f6b30fe8225)
---
 crypto/openssh/sshd.c | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c
index ce8db54a2b72..a82b82d08c14 100644
--- a/crypto/openssh/sshd.c
+++ b/crypto/openssh/sshd.c
@@ -1297,13 +1297,24 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 				    SO_LINGER, &l, sizeof(l));
 				(void )close(*newsock);
 				/*
-				 * Mimic message from libwrap's refuse()
-				 * exactly.  sshguard, and supposedly lots
-				 * of custom made scripts rely on it.
+				 * Mimic message from libwrap's refuse() as
+				 * precisely as we can afford.  The authentic
+				 * message prints the IP address and the
+				 * hostname it resolves to in parentheses.  If
+				 * the IP address cannot be resolved to a
+				 * hostname, the IP address will be repeated
+				 * in parentheses.  As name resolution in the
+				 * main server loop could stall, and logging
+				 * resolved names adds little or no value to
+				 * incident investigation, this implementation
+				 * only repeats the IP address in parentheses.
+				 * This should resemble librwap's refuse()
+				 * closely enough not to break auditing
+				 * software like sshguard or custom scripts.
 				 */
 				syslog(LOG_WARNING,
 				    "refused connect from %s (%s)",
-				    eval_client(&req),
+				    eval_hostaddr(req.client),
 				    eval_hostaddr(req.client));
 				debug("Connection refused by tcp wrapper");
 				continue;

From nobody Tue Dec 19 00:29:19 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SvHcw5wppz54LKk;
	Tue, 19 Dec 2023 00:29:20 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SvHcw0dgcz4SYD;
	Tue, 19 Dec 2023 00:29:19 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702945760;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=aGbTf/AIGnsHlRe0hYgINE8f2Z9DrXvBh+rOGQeWbRY=;
	b=AzHVvIrK87CBwEeJQhfB/L4z5kobMbqFaYuXc2aW93dYtGwehk0mHzt2G37MEZEWLX6zKS
	BQtBtzwF0RDFkqcJq2br0ecCw4BjYwShx20d8eQg10vTajVM+GzrgOXBbfQdoHdNEoOy41
	TkTVjlHCwlIuEueS+RZhhhzIhmP8PsioevNKZXxwcu9IzGCiZhOSfoebBqSNAcuSi4JmCH
	x8G929n8kAAoB5u/oyG/o28cHAYTRqfUrmToDV9SX17/T2CKInEl0+pGsc1eXhHqO+wcFN
	RRSm/2ziu8XCustI9dIqoBPYc40bXOU+GxXuSHqsPhRbsE9SWdHA1CZ+SuvVVQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702945760; a=rsa-sha256; cv=none;
	b=Is9v3q+n7rvWHEE6bd8BRWW6w+xxPSrJLXLtEU+kRxk7b712HmgXscYhEG1NkfVO6MKcyb
	sSSpvrwFNSzIybv/S7Q0P7ikfL4rJgtKSI3VzG2WluEUy4LVDJuFVwdY5Tu88w/XhBTLvC
	jJ6ihuPWk5uDJWiYg2REGCc3hYh904c0geYR5pQeBuzDAeiXcU07VQRGr7dZ6tT3BCavmS
	wI5F50DvIwFbJI7uCufkS+pAbrLRw/6ZVTJAVzu/tBFWr1t/xuqKK+sMP+yyql6Vi0hMlS
	QzbmbkgKocfRDDxja3Ul4nCqn1TJDOr5XUhxty0M8cWJJhF/wtNAo1ZuZojUXA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702945760;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=aGbTf/AIGnsHlRe0hYgINE8f2Z9DrXvBh+rOGQeWbRY=;
	b=wPwDvlhXtwi3ue1j7vmh6j2pja5VmiDYABmXwbjHM9EtDPj4D0X5HGbRwwIhgn1oYxRMQr
	Cf1ucBrmS2It2vEbN8DsPsyO3Lm+li1TlEbww9pyppgdDzYCHwQ/mhlpiK0Dq5O4nm8Fey
	jqCeQJIgoHNoWViAzDP5oTOrNueemqITCyocXQK9uDiwYdEulA+MnfrjY30tQ3WGJMRq7t
	TFSYPE/oH+gMlbuqQG6wce56YnqxNgCVGO+VZQbm3mT9D0KMe5GOhcJHWcqC6D64IBKSY9
	npMKSD9svVcnA8PfRzDSQ3VjV4OdWR0SPacdhoi6cHf5qJ/iFlHoOpazBSjfmw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SvHcv4g37zjJP;
	Tue, 19 Dec 2023 00:29:19 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BJ0TJTe008414;
	Tue, 19 Dec 2023 00:29:19 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BJ0TJNj008411;
	Tue, 19 Dec 2023 00:29:19 GMT
	(envelope-from git)
Date: Tue, 19 Dec 2023 00:29:19 GMT
Message-Id: <202312190029.3BJ0TJNj008411@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Konstantin Belousov <kib@FreeBSD.org>
Subject: git: 399961e0a413 - stable/14 - if_tun: check device name
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kib
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 399961e0a4132fb14b9b975c937cbc46849f8b39
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=399961e0a4132fb14b9b975c937cbc46849f8b39

commit 399961e0a4132fb14b9b975c937cbc46849f8b39
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-12-12 00:13:59 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-12-19 00:28:47 +0000

    if_tun: check device name
    
    PR:     266999
    
    (cherry picked from commit 0365e5fc905b425313a0a2d89f0d8e2566924df2)
---
 sys/net/if_tuntap.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/net/if_tuntap.c b/sys/net/if_tuntap.c
index a01bc11aa64c..a1d9929a2e28 100644
--- a/sys/net/if_tuntap.c
+++ b/sys/net/if_tuntap.c
@@ -817,7 +817,7 @@ tun_create_device(struct tuntap_driver *drv, int unit, struct ucred *cr,
 
 	make_dev_args_init(&args);
 	if (cr != NULL)
-		args.mda_flags = MAKEDEV_REF;
+		args.mda_flags = MAKEDEV_REF | MAKEDEV_CHECKNAME;
 	args.mda_devsw = &drv->cdevsw;
 	args.mda_cr = cr;
 	args.mda_uid = UID_UUCP;

From nobody Tue Dec 19 00:29:49 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SvHdW1fpjz54LYw;
	Tue, 19 Dec 2023 00:29:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SvHdV0Th1z4TBY;
	Tue, 19 Dec 2023 00:29:50 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1702945790;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=DmYVlHrGPCT3UN0tEMSUZRolC+zUZGH9vTjBaW4YYL4=;
	b=tWH1W+kpJQ5sfzP0SH4D0vaXb68tua2x729QM/jWmkyYoDYcqx1gOdRY228cqxmRavJGva
	JPj10S90jZ03ZIMqdcBU7TlMLREd+S5G+RnnYYlxlLYKheasXtwFj2RZuawuiLT56Kd1Ur
	0iE4uvOu9matVs+rm07w3EA8iF7iyQW8kMur0QNVPvfWz/rSBt9on8sh2GpK+ix3k0B/zj
	8qIh/8EGLhheMHDYwl0d2+mqYWIMs4nsSvYBk1nZKjYZ9w+rYik1L7OjSzszepk/VigruF
	NwhtxWv/oxsfdy3fIjaQgXPj9C7QJYxDTSk7bEAVRAuBlhVsCjRfInUIt6wbnA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702945790; a=rsa-sha256; cv=none;
	b=JJz/lJlI+1xWWeRLlLGcu5N3KL3+tajMRcA5N8taa7jjOQyGP9cqwnV/EwqcHIW1IG1Yfc
	FB/O72ioYH/rKygv2mGPAB2Tb2XCP9cMSg/wyFo+SdlGT/J0Wqq0r1t8OtlWyhe/A316mz
	+xftk6r7SgUEs1nG18I0jXcUC1wu6SVJGAl4VcDvdAZ5sd22EI7+hKUMUQuHPsYvUPLEjj
	NdO7Shr4EbgsFHG1w1Oh8wSYXbvT1NpFhqlNXOCxdqW3VTytPyDlXtg6CKjJImzHN9Ev5i
	lqhj4YFhOMP+mIkIaixAQVQiq45zNCFeWK+Paun4tn0qNJjRVuRj0rlLWNZaxQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1702945790;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=DmYVlHrGPCT3UN0tEMSUZRolC+zUZGH9vTjBaW4YYL4=;
	b=nkGwbz6+PlqOjGbGuqnvjSNR16wI6cjiEvqS9xL4MHv92ibNs+UehNcR15x1Bedm0KiWde
	0fFBeSihbnul3sRmMxh5foqLiSU6ys3z4secklc4wRQrvK8tML7ufV24PtnUss/uA/+rjE
	l3vI4weAisNQiQOJv/NDmT2kLfyZ/gocFY/vNZyCUjpEFgfcxRIVYMPISLSePnIZIQcAcv
	kL1wCWFPBz83AZPnb11mCihJq1hgxE8amHNb4XVMF4caNTffYdUW+AlM6XiTIyQcNN/NKU
	iLzg0f2pfqxM/ABAqlD8wiklmcfwZ8rYmZXIPuZ4Ov2YqZpAA3w51fm6jteSHA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SvHdT6cMlzjJQ;
	Tue, 19 Dec 2023 00:29:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BJ0TnIR008603;
	Tue, 19 Dec 2023 00:29:49 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BJ0Tnvt008600;
	Tue, 19 Dec 2023 00:29:49 GMT
	(envelope-from git)
Date: Tue, 19 Dec 2023 00:29:49 GMT
Message-Id: <202312190029.3BJ0Tnvt008600@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Konstantin Belousov <kib@FreeBSD.org>
Subject: git: a317a58658d4 - stable/13 - if_tun: check device name
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kib
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: a317a58658d4a529211c66b675ec7998032ecb4e
Auto-Submitted: auto-generated

The branch stable/13 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=a317a58658d4a529211c66b675ec7998032ecb4e

commit a317a58658d4a529211c66b675ec7998032ecb4e
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-12-12 00:13:59 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-12-19 00:29:28 +0000

    if_tun: check device name
    
    PR:     266999
    
    (cherry picked from commit 0365e5fc905b425313a0a2d89f0d8e2566924df2)
---
 sys/net/if_tuntap.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/net/if_tuntap.c b/sys/net/if_tuntap.c
index 756aa04482cb..da55034638d1 100644
--- a/sys/net/if_tuntap.c
+++ b/sys/net/if_tuntap.c
@@ -810,7 +810,7 @@ tun_create_device(struct tuntap_driver *drv, int unit, struct ucred *cr,
 
 	make_dev_args_init(&args);
 	if (cr != NULL)
-		args.mda_flags = MAKEDEV_REF;
+		args.mda_flags = MAKEDEV_REF | MAKEDEV_CHECKNAME;
 	args.mda_devsw = &drv->cdevsw;
 	args.mda_cr = cr;
 	args.mda_uid = UID_UUCP;

From nobody Tue Dec 19 18:28:50 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SvlZW6Rzvz54hPJ;
	Tue, 19 Dec 2023 18:28:51 +0000 (UTC)
	(envelope-from glebius@freebsd.org)
Received: from glebi.us (glebi.us [162.251.186.162])
	by mx1.freebsd.org (Postfix) with ESMTP id 4SvlZV6wXMz4Z02;
	Tue, 19 Dec 2023 18:28:50 +0000 (UTC)
	(envelope-from glebius@freebsd.org)
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	spf=softfail (mx1.freebsd.org: 162.251.186.162 is neither permitted nor denied by domain of glebius@freebsd.org) smtp.mailfrom=glebius@freebsd.org;
	dmarc=none
Received: by glebi.us (Postfix, from userid 1000)
	id 3A0F35533D; Tue, 19 Dec 2023 10:28:50 -0800 (PST)
Date: Tue, 19 Dec 2023 10:28:50 -0800
From: Gleb Smirnoff <glebius@freebsd.org>
To: Ed Maste <emaste@freebsd.org>
Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org,
	dev-commits-src-branches@freebsd.org
Subject: Re: git: 0fbec53dcfb8 - stable/13 - sshd: do not resolve refused
 client hostname
Message-ID: <ZYHg4t12svqpfW5S@FreeBSD.org>
References: <202312181736.3BIHaHF6021789@gitrepo.freebsd.org>
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <202312181736.3BIHaHF6021789@gitrepo.freebsd.org>
X-Spamd-Result: default: False [2.31 / 15.00];
	VIOLATED_DIRECT_SPF(3.50)[];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_SPAM_SHORT(0.71)[0.714];
	MIME_GOOD(-0.10)[text/plain];
	RCVD_NO_TLS_LAST(0.10)[];
	ONCE_RECEIVED(0.10)[];
	MLMMJ_DEST(0.00)[dev-commits-src-all@freebsd.org,dev-commits-src-branches@freebsd.org];
	FROM_EQ_ENVFROM(0.00)[];
	ASN(0.00)[asn:27348, ipnet:162.251.186.0/24, country:US];
	MIME_TRACE(0.00)[0:+];
	RCVD_COUNT_ONE(0.00)[1];
	R_DKIM_NA(0.00)[];
	R_SPF_SOFTFAIL(0.00)[~all];
	DMARC_NA(0.00)[freebsd.org];
	FROM_HAS_DN(0.00)[];
	FREEFALL_USER(0.00)[glebius];
	MID_RHS_MATCH_FROM(0.00)[];
	RCPT_COUNT_THREE(0.00)[4];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	TO_DN_SOME(0.00)[];
	ARC_NA(0.00)[]
X-Rspamd-Queue-Id: 4SvlZV6wXMz4Z02
X-Spamd-Bar: ++

  Ed,

On Mon, Dec 18, 2023 at 05:36:17PM +0000, Ed Maste wrote:
E> The branch stable/13 has been updated by emaste:
E> 
E> URL: https://cgit.FreeBSD.org/src/commit/?id=0fbec53dcfb8d31aa2e3734992e241422e152433
E> 
E> commit 0fbec53dcfb8d31aa2e3734992e241422e152433
E> Author:     Gleb Smirnoff <glebius@FreeBSD.org>
E> AuthorDate: 2023-07-20 21:56:20 +0000
E> Commit:     Ed Maste <emaste@FreeBSD.org>
E> CommitDate: 2023-12-18 17:35:47 +0000
E> 
E>     sshd: do not resolve refused client hostname
E>     
E>     This is a compromise between POLA and practical reasoning.  We don't
E>     want to block the main server loop in an attempt to resolve.  But we
E>     need to keep the format of the logged message as is, for sake of
E>     sshguard and other scripts.  So let's print just the IP address twice,
E>     this is what libwrap's refuse() would do if it failed to resolve.
E>     
E>     Reviewed by:            philip
E>     PR:                     269456
E>     Differential revision:  https://reviews.freebsd.org/D40069
E>     
E>     (cherry picked from commit 9ff45b8ed847f9cb7e1cd401278c7f6b30fe8225)

You probably also want to merge 1d9722de6f90c3edf286b077938bfa696e728d6c

-- 
Gleb Smirnoff

From nobody Tue Dec 19 20:19:48 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Svp2Y0YBcz54ryN;
	Tue, 19 Dec 2023 20:19:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Svp2X6zXZz4GJp;
	Tue, 19 Dec 2023 20:19:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703017189;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=RTBvG7CesJ6Ct6Up65yDWT4oZ7nb9TQgodyq1YmFAPU=;
	b=YwtJTcOlP8tLEkB/CRVhEPHowuaxhm8mBkjT9dPf4N4Oh2MjuMMDa4/BxXsmgtMwVVvNpK
	FQCRVAGuxVS8oGeP8tTHOrCbcSqPfYeS1nC2r9xaOBE3S1kyQYFGcMgV3uvTAWXs/xlKK/
	I3+fu8WgDwmSBPvxFBp6I4KppT+qrfsx9X00LLb9BGzJfMU7bSh0Q4OPeIo7gfszFiGG7/
	JYNEdDPEtHC5mNaoXFvMGW/nvcErqU+jjUaSWtc8tqWmgvUhiLjIdquf57C/+JQkJouhGW
	khX9hws1NAHrHrZWU4MCtX3HzZ96FSUehWTlVM8j9lCuNM2DTEoogqWy44PGKg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703017189; a=rsa-sha256; cv=none;
	b=XppIaflhF2sNu5ss9JgSwqdK1rgmlIWJrTZhCK3O0h6VuHMkPZ3SfG0UQncjEERJRJ1AO6
	U5NRGTNP6O5WxsaI2jdbrLdVh3RopDMn0Uzl3Vsb7dKCY4j/HzTwTrbTsmbuPelkF9n3J5
	vOgoIBIjAEUtp2GKjmDjv7c8saIMkAw0T/k5n9mcQMztzzZ82yqEZ0rtBN9nPdNlcWtSbG
	pK13n7uv6/Gc5OCYM3twiKLy07gqXzJto+i7m1ZoP6y+KrHtpKZy79J+L3NFNSLNc2Y8FW
	AzLhsPZ4WNaNUc4LhoXWhm9aR9mrxPfbMi+VRtU9df4sCH+r7K4gQQTjVu3dNw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703017189;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=RTBvG7CesJ6Ct6Up65yDWT4oZ7nb9TQgodyq1YmFAPU=;
	b=UjkkMFFkesPp9b+9/gdDbLquOZVMwuSje2/BtuawXVBadf2GZP86TFSyWgJflWHX7cHwKL
	PtVw6zUBdCGENGGOL/HV3dZf17dUBFxyds8A512vjaqSZwmcOumP0lPmo+VB0j37UK0KbQ
	IqmnnNhUhelmhuNZJ3kBmPh/IxtkErT/8a2rIoC3n9MJng3daBFt4jBkYpQ2DIbuyxcpDT
	IT13IQWDbXZuhWFpfAZy/BEGBfLfG6IwFPhBEox8MSqt3sna54Q6va2Us3V3mzg3cO9ST/
	jOx4Oc1z5wrLSms2lh7bFI7pYB5wHjLeWyQrBmCqfZDW3E1RkdIGYsXzSuTAmA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Svp2X5cHhz4ND;
	Tue, 19 Dec 2023 20:19:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BJKJmXR001010;
	Tue, 19 Dec 2023 20:19:48 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BJKJmNj001007;
	Tue, 19 Dec 2023 20:19:48 GMT
	(envelope-from git)
Date: Tue, 19 Dec 2023 20:19:48 GMT
Message-Id: <202312192019.3BJKJmNj001007@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Gordon Tetlow <gordon@FreeBSD.org>
Subject: git: b9856d61e99d - releng/14.0 - Implement "strict key
  exchange" in ssh and sshd.
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gordon
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: b9856d61e99d62e302e2e6a420257dcfea18b353
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by gordon:

URL: https://cgit.FreeBSD.org/src/commit/?id=b9856d61e99d62e302e2e6a420257dcfea18b353

commit b9856d61e99d62e302e2e6a420257dcfea18b353
Author:     Gordon Tetlow <gordon@FreeBSD.org>
AuthorDate: 2023-12-18 16:22:22 +0000
Commit:     Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2023-12-19 20:15:15 +0000

    Implement "strict key exchange" in ssh and sshd.
    
    This adds a protocol extension to improve the integrity of the SSH
    transport protocol, particular in and around the initial key exchange
    (KEX) phase.
    
    Full details of the extension are in the PROTOCOL file.
    
    OpenBSD-Commit-ID: 2a66ac962f0a630d7945fee54004ed9e9c439f14
    
    Approved by:    so (implicit)
    Obtained from:  https://anongit.mindrot.org/openssh.git/patch/?id=1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5
    Security:       CVE-2023-48795
    Security:       FreeBSD-SA-23:19.openssh
    
    (cherry picked from commit 92f58c69a14c0afe910145f177c0e8aeaf9c7da4)
    (cherry picked from commit 673d1ead65c912ee3b52e507421d499b8104a810)
---
 crypto/openssh/PROTOCOL      |  28 +++++++++++-
 crypto/openssh/kex.c         |  82 ++++++++++++++++++++++------------
 crypto/openssh/kex.h         |   3 +-
 crypto/openssh/packet.c      | 103 +++++++++++++++++++++++++------------------
 crypto/openssh/packet.h      |   3 +-
 crypto/openssh/sshconnect2.c |  10 +----
 6 files changed, 146 insertions(+), 83 deletions(-)

diff --git a/crypto/openssh/PROTOCOL b/crypto/openssh/PROTOCOL
index d453c779be92..ded935eb6752 100644
--- a/crypto/openssh/PROTOCOL
+++ b/crypto/openssh/PROTOCOL
@@ -137,6 +137,32 @@ than as a named global or channel request to allow pings with very
 short packet lengths, which would not be possible with other
 approaches.
 
+1.9 transport: strict key exchange extension
+
+OpenSSH supports a number of transport-layer hardening measures under
+a "strict KEX" feature. This feature is signalled similarly to the
+RFC8308 ext-info feature: by including a additional algorithm in the
+initiial SSH2_MSG_KEXINIT kex_algorithms field. The client may append
+"kex-strict-c-v00@openssh.com" to its kex_algorithms and the server
+may append "kex-strict-s-v00@openssh.com". These pseudo-algorithms
+are only valid in the initial SSH2_MSG_KEXINIT and MUST be ignored
+if they are present in subsequent SSH2_MSG_KEXINIT packets.
+
+When an endpoint that supports this extension observes this algorithm
+name in a peer's KEXINIT packet, it MUST make the following changes to
+the the protocol:
+
+a) During initial KEX, terminate the connection if any unexpected or
+   out-of-sequence packet is received. This includes terminating the
+   connection if the first packet received is not SSH2_MSG_KEXINIT.
+   Unexpected packets for the purpose of strict KEX include messages
+   that are otherwise valid at any time during the connection such as
+   SSH2_MSG_DEBUG and SSH2_MSG_IGNORE.
+b) After sending or receiving a SSH2_MSG_NEWKEYS message, reset the
+   packet sequence number to zero. This behaviour persists for the
+   duration of the connection (i.e. not just the first
+   SSH2_MSG_NEWKEYS).
+
 2. Connection protocol changes
 
 2.1. connection: Channel write close extension "eow@openssh.com"
@@ -745,4 +771,4 @@ master instance and later clients.
 OpenSSH extends the usual agent protocol. These changes are documented
 in the PROTOCOL.agent file.
 
-$OpenBSD: PROTOCOL,v 1.49 2023/08/28 03:28:43 djm Exp $
+$OpenBSD: PROTOCOL,v 1.50 2023/12/18 14:45:17 djm Exp $
diff --git a/crypto/openssh/kex.c b/crypto/openssh/kex.c
index 8ff92f2a2d5e..2cb5ab3cf07c 100644
--- a/crypto/openssh/kex.c
+++ b/crypto/openssh/kex.c
@@ -65,7 +65,7 @@
 #include "xmalloc.h"
 
 /* prototype */
-static int kex_choose_conf(struct ssh *);
+static int kex_choose_conf(struct ssh *, uint32_t seq);
 static int kex_input_newkeys(int, u_int32_t, struct ssh *);
 
 static const char * const proposal_names[PROPOSAL_MAX] = {
@@ -177,6 +177,18 @@ kex_names_valid(const char *names)
 	return 1;
 }
 
+/* returns non-zero if proposal contains any algorithm from algs */
+static int
+has_any_alg(const char *proposal, const char *algs)
+{
+	char *cp;
+
+	if ((cp = match_list(proposal, algs, NULL)) == NULL)
+		return 0;
+	free(cp);
+	return 1;
+}
+
 /*
  * Concatenate algorithm names, avoiding duplicates in the process.
  * Caller must free returned string.
@@ -184,7 +196,7 @@ kex_names_valid(const char *names)
 char *
 kex_names_cat(const char *a, const char *b)
 {
-	char *ret = NULL, *tmp = NULL, *cp, *p, *m;
+	char *ret = NULL, *tmp = NULL, *cp, *p;
 	size_t len;
 
 	if (a == NULL || *a == '\0')
@@ -201,10 +213,8 @@ kex_names_cat(const char *a, const char *b)
 	}
 	strlcpy(ret, a, len);
 	for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) {
-		if ((m = match_list(ret, p, NULL)) != NULL) {
-			free(m);
+		if (has_any_alg(ret, p))
 			continue; /* Algorithm already present */
-		}
 		if (strlcat(ret, ",", len) >= len ||
 		    strlcat(ret, p, len) >= len) {
 			free(tmp);
@@ -334,15 +344,23 @@ kex_proposal_populate_entries(struct ssh *ssh, char *prop[PROPOSAL_MAX],
 	const char *defpropclient[PROPOSAL_MAX] = { KEX_CLIENT };
 	const char **defprop = ssh->kex->server ? defpropserver : defpropclient;
 	u_int i;
+	char *cp;
 
 	if (prop == NULL)
 		fatal_f("proposal missing");
 
+	/* Append EXT_INFO signalling to KexAlgorithms */
+	if (kexalgos == NULL)
+		kexalgos = defprop[PROPOSAL_KEX_ALGS];
+	if ((cp = kex_names_cat(kexalgos, ssh->kex->server ?
+	    "kex-strict-s-v00@openssh.com" :
+	    "ext-info-c,kex-strict-c-v00@openssh.com")) == NULL)
+		fatal_f("kex_names_cat");
+
 	for (i = 0; i < PROPOSAL_MAX; i++) {
 		switch(i) {
 		case PROPOSAL_KEX_ALGS:
-			prop[i] = compat_kex_proposal(ssh,
-			    kexalgos ? kexalgos : defprop[i]);
+			prop[i] = compat_kex_proposal(ssh, cp);
 			break;
 		case PROPOSAL_ENC_ALGS_CTOS:
 		case PROPOSAL_ENC_ALGS_STOC:
@@ -363,6 +381,7 @@ kex_proposal_populate_entries(struct ssh *ssh, char *prop[PROPOSAL_MAX],
 			prop[i] = xstrdup(defprop[i]);
 		}
 	}
+	free(cp);
 }
 
 void
@@ -466,7 +485,12 @@ kex_protocol_error(int type, u_int32_t seq, struct ssh *ssh)
 {
 	int r;
 
-	error("kex protocol error: type %d seq %u", type, seq);
+	/* If in strict mode, any unexpected message is an error */
+	if ((ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict) {
+		ssh_packet_disconnect(ssh, "strict KEX violation: "
+		    "unexpected packet type %u (seqnr %u)", type, seq);
+	}
+	error_f("type %u seq %u", type, seq);
 	if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 ||
 	    (r = sshpkt_put_u32(ssh, seq)) != 0 ||
 	    (r = sshpkt_send(ssh)) != 0)
@@ -563,7 +587,7 @@ kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh)
 	if (ninfo >= 1024) {
 		error("SSH2_MSG_EXT_INFO with too many entries, expected "
 		    "<=1024, received %u", ninfo);
-		return SSH_ERR_INVALID_FORMAT;
+		return dispatch_protocol_error(type, seq, ssh);
 	}
 	for (i = 0; i < ninfo; i++) {
 		if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0)
@@ -681,7 +705,7 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)
 		error_f("no kex");
 		return SSH_ERR_INTERNAL_ERROR;
 	}
-	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
+	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_protocol_error);
 	ptr = sshpkt_ptr(ssh, &dlen);
 	if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
 		return r;
@@ -717,7 +741,7 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)
 	if (!(kex->flags & KEX_INIT_SENT))
 		if ((r = kex_send_kexinit(ssh)) != 0)
 			return r;
-	if ((r = kex_choose_conf(ssh)) != 0)
+	if ((r = kex_choose_conf(ssh, seq)) != 0)
 		return r;
 
 	if (kex->kex_type < KEX_MAX && kex->kex[kex->kex_type] != NULL)
@@ -981,20 +1005,14 @@ proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX])
 	return (1);
 }
 
-/* returns non-zero if proposal contains any algorithm from algs */
 static int
-has_any_alg(const char *proposal, const char *algs)
+kexalgs_contains(char **peer, const char *ext)
 {
-	char *cp;
-
-	if ((cp = match_list(proposal, algs, NULL)) == NULL)
-		return 0;
-	free(cp);
-	return 1;
+	return has_any_alg(peer[PROPOSAL_KEX_ALGS], ext);
 }
 
 static int
-kex_choose_conf(struct ssh *ssh)
+kex_choose_conf(struct ssh *ssh, uint32_t seq)
 {
 	struct kex *kex = ssh->kex;
 	struct newkeys *newkeys;
@@ -1019,13 +1037,23 @@ kex_choose_conf(struct ssh *ssh)
 		sprop=peer;
 	}
 
-	/* Check whether client supports ext_info_c */
-	if (kex->server && (kex->flags & KEX_INITIAL)) {
-		char *ext;
-
-		ext = match_list("ext-info-c", peer[PROPOSAL_KEX_ALGS], NULL);
-		kex->ext_info_c = (ext != NULL);
-		free(ext);
+	/* Check whether peer supports ext_info/kex_strict */
+	if ((kex->flags & KEX_INITIAL) != 0) {
+		if (kex->server) {
+			kex->ext_info_c = kexalgs_contains(peer, "ext-info-c");
+			kex->kex_strict = kexalgs_contains(peer,
+			    "kex-strict-c-v00@openssh.com");
+		} else {
+			kex->kex_strict = kexalgs_contains(peer,
+			    "kex-strict-s-v00@openssh.com");
+		}
+		if (kex->kex_strict) {
+			debug3_f("will use strict KEX ordering");
+			if (seq != 0)
+				ssh_packet_disconnect(ssh,
+				    "strict KEX violation: "
+				    "KEXINIT was not the first packet");
+		}
 	}
 
 	/* Check whether client supports rsa-sha2 algorithms */
diff --git a/crypto/openssh/kex.h b/crypto/openssh/kex.h
index 5f7ef784eec9..272ebb43d79d 100644
--- a/crypto/openssh/kex.h
+++ b/crypto/openssh/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.119 2023/08/28 03:28:43 djm Exp $ */
+/* $OpenBSD: kex.h,v 1.120 2023/12/18 14:45:17 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -149,6 +149,7 @@ struct kex {
 	u_int	kex_type;
 	char	*server_sig_algs;
 	int	ext_info_c;
+	int	kex_strict;
 	struct sshbuf *my;
 	struct sshbuf *peer;
 	struct sshbuf *client_version;
diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c
index d69b903c844c..2d1401e7c9f5 100644
--- a/crypto/openssh/packet.c
+++ b/crypto/openssh/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.312 2023/08/28 03:31:16 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.313 2023/12/18 14:45:17 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1208,8 +1208,13 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
 	sshbuf_dump(state->output, stderr);
 #endif
 	/* increment sequence number for outgoing packets */
-	if (++state->p_send.seqnr == 0)
+	if (++state->p_send.seqnr == 0) {
+		if ((ssh->kex->flags & KEX_INITIAL) != 0) {
+			ssh_packet_disconnect(ssh, "outgoing sequence number "
+			    "wrapped during initial key exchange");
+		}
 		logit("outgoing seqnr wraps around");
+	}
 	if (++state->p_send.packets == 0)
 		if (!(ssh->compat & SSH_BUG_NOREKEY))
 			return SSH_ERR_NEED_REKEY;
@@ -1217,6 +1222,11 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
 	state->p_send.bytes += len;
 	sshbuf_reset(state->outgoing_packet);
 
+	if (type == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) {
+		debug_f("resetting send seqnr %u", state->p_send.seqnr);
+		state->p_send.seqnr = 0;
+	}
+
 	if (type == SSH2_MSG_NEWKEYS)
 		r = ssh_set_newkeys(ssh, MODE_OUT);
 	else if (type == SSH2_MSG_USERAUTH_SUCCESS && state->server_side)
@@ -1345,8 +1355,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 	/* Stay in the loop until we have received a complete packet. */
 	for (;;) {
 		/* Try to read a packet from the buffer. */
-		r = ssh_packet_read_poll_seqnr(ssh, typep, seqnr_p);
-		if (r != 0)
+		if ((r = ssh_packet_read_poll_seqnr(ssh, typep, seqnr_p)) != 0)
 			break;
 		/* If we got a packet, return it. */
 		if (*typep != SSH_MSG_NONE)
@@ -1417,29 +1426,6 @@ ssh_packet_read(struct ssh *ssh)
 	return type;
 }
 
-/*
- * Waits until a packet has been received, verifies that its type matches
- * that given, and gives a fatal error and exits if there is a mismatch.
- */
-
-int
-ssh_packet_read_expect(struct ssh *ssh, u_int expected_type)
-{
-	int r;
-	u_char type;
-
-	if ((r = ssh_packet_read_seqnr(ssh, &type, NULL)) != 0)
-		return r;
-	if (type != expected_type) {
-		if ((r = sshpkt_disconnect(ssh,
-		    "Protocol error: expected packet type %d, got %d",
-		    expected_type, type)) != 0)
-			return r;
-		return SSH_ERR_PROTOCOL_ERROR;
-	}
-	return 0;
-}
-
 static int
 ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 {
@@ -1630,10 +1616,16 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 		if ((r = sshbuf_consume(state->input, mac->mac_len)) != 0)
 			goto out;
 	}
+
 	if (seqnr_p != NULL)
 		*seqnr_p = state->p_read.seqnr;
-	if (++state->p_read.seqnr == 0)
+	if (++state->p_read.seqnr == 0) {
+		if ((ssh->kex->flags & KEX_INITIAL) != 0) {
+			ssh_packet_disconnect(ssh, "incoming sequence number "
+			    "wrapped during initial key exchange");
+		}
 		logit("incoming seqnr wraps around");
+	}
 	if (++state->p_read.packets == 0)
 		if (!(ssh->compat & SSH_BUG_NOREKEY))
 			return SSH_ERR_NEED_REKEY;
@@ -1699,6 +1691,10 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 #endif
 	/* reset for next packet */
 	state->packlen = 0;
+	if (*typep == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) {
+		debug_f("resetting read seqnr %u", state->p_read.seqnr);
+		state->p_read.seqnr = 0;
+	}
 
 	if ((r = ssh_packet_check_rekey(ssh)) != 0)
 		return r;
@@ -1721,10 +1717,39 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 		r = ssh_packet_read_poll2(ssh, typep, seqnr_p);
 		if (r != 0)
 			return r;
-		if (*typep) {
-			state->keep_alive_timeouts = 0;
-			DBG(debug("received packet type %d", *typep));
+		if (*typep == 0) {
+			/* no message ready */
+			return 0;
 		}
+		state->keep_alive_timeouts = 0;
+		DBG(debug("received packet type %d", *typep));
+
+		/* Always process disconnect messages */
+		if (*typep == SSH2_MSG_DISCONNECT) {
+			if ((r = sshpkt_get_u32(ssh, &reason)) != 0 ||
+			    (r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
+				return r;
+			/* Ignore normal client exit notifications */
+			do_log2(ssh->state->server_side &&
+			    reason == SSH2_DISCONNECT_BY_APPLICATION ?
+			    SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
+			    "Received disconnect from %s port %d:"
+			    "%u: %.400s", ssh_remote_ipaddr(ssh),
+			    ssh_remote_port(ssh), reason, msg);
+			free(msg);
+			return SSH_ERR_DISCONNECTED;
+		}
+
+		/*
+		 * Do not implicitly handle any messages here during initial
+		 * KEX when in strict mode. They will be need to be allowed
+		 * explicitly by the KEX dispatch table or they will generate
+		 * protocol errors.
+		 */
+		if (ssh->kex != NULL &&
+		    (ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict)
+			return 0;
+		/* Implicitly handle transport-level messages */
 		switch (*typep) {
 		case SSH2_MSG_IGNORE:
 			debug3("Received SSH2_MSG_IGNORE");
@@ -1739,19 +1764,6 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 			debug("Remote: %.900s", msg);
 			free(msg);
 			break;
-		case SSH2_MSG_DISCONNECT:
-			if ((r = sshpkt_get_u32(ssh, &reason)) != 0 ||
-			    (r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
-				return r;
-			/* Ignore normal client exit notifications */
-			do_log2(ssh->state->server_side &&
-			    reason == SSH2_DISCONNECT_BY_APPLICATION ?
-			    SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
-			    "Received disconnect from %s port %d:"
-			    "%u: %.400s", ssh_remote_ipaddr(ssh),
-			    ssh_remote_port(ssh), reason, msg);
-			free(msg);
-			return SSH_ERR_DISCONNECTED;
 		case SSH2_MSG_UNIMPLEMENTED:
 			if ((r = sshpkt_get_u32(ssh, &seqnr)) != 0)
 				return r;
@@ -2244,6 +2256,7 @@ kex_to_blob(struct sshbuf *m, struct kex *kex)
 	    (r = sshbuf_put_u32(m, kex->hostkey_type)) != 0 ||
 	    (r = sshbuf_put_u32(m, kex->hostkey_nid)) != 0 ||
 	    (r = sshbuf_put_u32(m, kex->kex_type)) != 0 ||
+	    (r = sshbuf_put_u32(m, kex->kex_strict)) != 0 ||
 	    (r = sshbuf_put_stringb(m, kex->my)) != 0 ||
 	    (r = sshbuf_put_stringb(m, kex->peer)) != 0 ||
 	    (r = sshbuf_put_stringb(m, kex->client_version)) != 0 ||
@@ -2406,6 +2419,7 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp)
 	    (r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_type)) != 0 ||
 	    (r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_nid)) != 0 ||
 	    (r = sshbuf_get_u32(m, &kex->kex_type)) != 0 ||
+	    (r = sshbuf_get_u32(m, &kex->kex_strict)) != 0 ||
 	    (r = sshbuf_get_stringb(m, kex->my)) != 0 ||
 	    (r = sshbuf_get_stringb(m, kex->peer)) != 0 ||
 	    (r = sshbuf_get_stringb(m, kex->client_version)) != 0 ||
@@ -2734,6 +2748,7 @@ sshpkt_disconnect(struct ssh *ssh, const char *fmt,...)
 	vsnprintf(buf, sizeof(buf), fmt, args);
 	va_end(args);
 
+	debug2_f("sending SSH2_MSG_DISCONNECT: %s", buf);
 	if ((r = sshpkt_start(ssh, SSH2_MSG_DISCONNECT)) != 0 ||
 	    (r = sshpkt_put_u32(ssh, SSH2_DISCONNECT_PROTOCOL_ERROR)) != 0 ||
 	    (r = sshpkt_put_cstring(ssh, buf)) != 0 ||
diff --git a/crypto/openssh/packet.h b/crypto/openssh/packet.h
index 11925a27d438..b2bc3215ddbc 100644
--- a/crypto/openssh/packet.h
+++ b/crypto/openssh/packet.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.h,v 1.95 2023/08/28 03:31:16 djm Exp $ */
+/* $OpenBSD: packet.h,v 1.96 2023/12/18 14:45:17 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -124,7 +124,6 @@ int	 ssh_packet_send2_wrapped(struct ssh *);
 int	 ssh_packet_send2(struct ssh *);
 
 int      ssh_packet_read(struct ssh *);
-int	 ssh_packet_read_expect(struct ssh *, u_int type);
 int      ssh_packet_read_poll(struct ssh *);
 int ssh_packet_read_poll2(struct ssh *, u_char *, u_int32_t *seqnr_p);
 int	 ssh_packet_process_incoming(struct ssh *, const char *buf, u_int len);
diff --git a/crypto/openssh/sshconnect2.c b/crypto/openssh/sshconnect2.c
index 90cbba6821e9..6401e304a977 100644
--- a/crypto/openssh/sshconnect2.c
+++ b/crypto/openssh/sshconnect2.c
@@ -358,7 +358,6 @@ struct cauthmethod {
 };
 
 static int input_userauth_service_accept(int, u_int32_t, struct ssh *);
-static int input_userauth_ext_info(int, u_int32_t, struct ssh *);
 static int input_userauth_success(int, u_int32_t, struct ssh *);
 static int input_userauth_failure(int, u_int32_t, struct ssh *);
 static int input_userauth_banner(int, u_int32_t, struct ssh *);
@@ -472,7 +471,7 @@ ssh_userauth2(struct ssh *ssh, const char *local_user,
 
 	ssh->authctxt = &authctxt;
 	ssh_dispatch_init(ssh, &input_userauth_error);
-	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info);
+	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, kex_input_ext_info);
 	ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept);
 	ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success);	/* loop until success */
 	pubkey_cleanup(ssh);
@@ -523,12 +522,6 @@ input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh)
 	return r;
 }
 
-static int
-input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh)
-{
-	return kex_input_ext_info(type, seqnr, ssh);
-}
-
 void
 userauth(struct ssh *ssh, char *authlist)
 {
@@ -607,6 +600,7 @@ input_userauth_success(int type, u_int32_t seq, struct ssh *ssh)
 	free(authctxt->methoddata);
 	authctxt->methoddata = NULL;
 	authctxt->success = 1;			/* break out */
+	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, dispatch_protocol_error);
 	return 0;
 }
 

From nobody Tue Dec 19 20:19:49 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Svp2Z1LMZz54s1g;
	Tue, 19 Dec 2023 20:19:50 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Svp2Y6tq9z4GRD;
	Tue, 19 Dec 2023 20:19:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703017190;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=k/83oZWmNaMc/ZZOj6x2QHufjynoWUDorkleUWOhj8A=;
	b=OWm8gHw5AbxtQzoGeBcqGiY0ApZOx+tHaxSYI2TfKvdiXeAJkFZmASe01L7nxlxBy/Ly8x
	R0J7U8mwTKdZSHMzGPERzHaSVDJS54xcbRq9wfTWMut8ygwUNBZfMRHzo379WewX4jUfjd
	iYjQ4pIgURs222cPn9R+aCfJxWXJGoIdocySzUq3ZywylGta2Os3noHShkV3Kwize4QMBC
	G3o3V/F9naAKSIShsYRmia6XMp6LS8T+AYibl719VhrV8IcvgptdFVdTZCI+SmVsO2MCeT
	xjOum0PVMCfLsdmmpRv8QJ09RRoUA8Fs4mKedmCoGgGYxazyDpgbL+aqJEM3LA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703017190; a=rsa-sha256; cv=none;
	b=cKgzVqYYI3GszvnFfT/5Uqu40CD+XXB+8nCLcXGIdqr9DFmE9tHyiql/9eqYKWrPLQV5tg
	+L7JEd2rS+XnGO6DemQjnVzG4jVuanly6YxqnerczrhHCyOF6U56uINvnUQBp4EqEu5TE5
	TN6UIUXtoI824SjABWCFNT3/2ZwQNiiZZZh8FGc8m7L5wtLYOvicoq++JVQU17DoC75j8t
	UQ0GLb1L7l9W4avG7tW1r7z4m5s1w8GQ9V3UJS/mX+LDNL0dqDB4VlikmQHCoqNha1MfAv
	YVO5GyZQK927wqaoqGnASh9NF/AgUp7mCmN2lI/CfhMpl+fgpdJghb8lhJRVOA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703017190;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=k/83oZWmNaMc/ZZOj6x2QHufjynoWUDorkleUWOhj8A=;
	b=KbrMh8JNoEOLJvNncc7PBhE61VevPgZH1XiElBvm2+cbF/PN5Ujm8fZg8GPkCToN8zz/nF
	vX9Yy8mb2BmbGBtDdZWHsFC1hFaDKCfB++Yv6Fsgmra9ILy3A0cNOLzBu3LcIiyWUzmLM4
	C+dT8st2Db/SCad7p8W+ZEQYZzPBX8APCI/f9XmpugBGUdM+fR6KRfGKu/10lNvGZD3xvh
	G90wrDwLe75MwWAsw0M1Iw/msZwZkLikZU6vWg8y438hHdQh+wwWXS1hrWQ9yMBDDUUbG5
	7bnQpI6BAmboMDzxVLi6Hc5hPEN+B5KvzQoWOlKjkYmmmrilVIT09K7wbCtVIg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Svp2Y61G9z4M8;
	Tue, 19 Dec 2023 20:19:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BJKJn7N001066;
	Tue, 19 Dec 2023 20:19:49 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BJKJnjL001063;
	Tue, 19 Dec 2023 20:19:49 GMT
	(envelope-from git)
Date: Tue, 19 Dec 2023 20:19:49 GMT
Message-Id: <202312192019.3BJKJnjL001063@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Gordon Tetlow <gordon@FreeBSD.org>
Subject: git: 4edf3b80733e - releng/14.0 - Add an UPDATING entry
  and bump the branch version.
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gordon
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: 4edf3b80733ecf34d05111a6cf0af9295ffbebe7
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by gordon:

URL: https://cgit.FreeBSD.org/src/commit/?id=4edf3b80733ecf34d05111a6cf0af9295ffbebe7

commit 4edf3b80733ecf34d05111a6cf0af9295ffbebe7
Author:     Gordon Tetlow <gordon@FreeBSD.org>
AuthorDate: 2023-12-19 20:16:52 +0000
Commit:     Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2023-12-19 20:19:24 +0000

    Add an UPDATING entry and bump the branch version.
    
    Approved by:    so
---
 UPDATING            | 5 +++++
 sys/conf/newvers.sh | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/UPDATING b/UPDATING
index 673957975366..30a245edf611 100644
--- a/UPDATING
+++ b/UPDATING
@@ -12,6 +12,11 @@ Items affecting the ports and packages system can be found in
 /usr/ports/UPDATING.  Please read that file before updating system packages
 and/or ports.
 
+20231219:
+	14.0-RELEASE-p4 SA-23:19.openssh
+
+	Prefix Truncation Attack in the SSH protocol [SA-23:19.openssh]
+
 20231212:
 	14.0-RELEASE-p3 SA-23:18.nfsclient
 
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index c1d998125dfe..4565e444ae39 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -53,7 +53,7 @@
 
 TYPE="FreeBSD"
 REVISION="14.0"
-BRANCH="RELEASE-p3"
+BRANCH="RELEASE-p4"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi

From nobody Tue Dec 19 20:19:57 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Svp2j5WgTz54rsP;
	Tue, 19 Dec 2023 20:19:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Svp2j1ttKz4GkH;
	Tue, 19 Dec 2023 20:19:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703017197;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=XObSG4sXGViE4izjPa5QTyv2LpAihvSaag6mq8XhxEA=;
	b=F/F9mwWwqtLdDSnoFvAZ49z8g1OQdGCvw8QS0gXqlkDpd9pl5V+PtQxkiwW8H40ONPUApl
	Py+Ce7g1iBlOmEApn+dtD4VDOoOhASXkbJ9xzzd0IMrXgLXrXCj74WXixrU70J6JNDTqkL
	RxV+6vLX34qwZtQdLcbCEzyoFJC7aYT233h62J97w9kWkm3TWQ7+JfwT8x2uBqOE7MLELN
	xK1IdbohE0WYTOzFwCmt4FSYE4n01jDREVon97/cOyQgerhRY9Sb3kSzdmBFdDtpuoiCSO
	ovuW+iWloRa7gll2Sitr0H29XImq6GO4pAsTq3gp8Ie8fvFsG+5vYbP+GzHqug==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703017197; a=rsa-sha256; cv=none;
	b=xTeqG3FF6pwZhKVeoe/Nqvmz9g4feX24AyEcgQNpinVzTBWx+xIPOLciBZSnIqz89LbV6V
	HxO7EBDtt1y/TPjXagO0L4JMy/Lbpi+6uaHnzAxZKqxK0rsiBEiX8g9Y1RB2INlk2vMz3l
	kaw+VlKck6g5/2mRh+bEJnbD/9xqstVCLx9XFaY7p23/ZaNQJeS0gfTS5nDpDMetbsrtbM
	CMfAxPIUrdbek2pazAuKvGRs4KTdIx2RHwhfoYy9a2PGWmzIWV744gnI6Kp/NYmN9SSAuJ
	yiKqRWkD+t2UsobpbJWNU0J92YAvfviGpFfxyGtoSdgPDhp+mNysb1akFgngyg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703017197;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=XObSG4sXGViE4izjPa5QTyv2LpAihvSaag6mq8XhxEA=;
	b=iFHDYnJrOuUWrNKo6yriQCXGGcy+p87lje1UyP9lKMbtEKGbW92a4aHI63nMW+D+yMTCoj
	CCn1IHSNDK90sp43x4LFay8TWqpcbPW7Kw1J8kDoBhWls71yzqrdhwpUOA/eZcnFEscbz8
	KF3kcpxwTZ65iqB2+0S7tKACVv9tuIY71rzSowx5VZqmtQHMGedOK2+BMREHJKdXEe9hTT
	k3EXGPM9pNZ4XnUetoDx3RTlV/iJiVNRUg6ipZjQU3mpBlFhKjWVCgaHHoNgICogLIdQgE
	C/knzX3KLokCC38uKVqsH3cGFP8cl7vmFMH2BSGEEX1HolSNxuWQOpxLiWZDCA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Svp2j0dshz4M9;
	Tue, 19 Dec 2023 20:19:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BJKJvE2001231;
	Tue, 19 Dec 2023 20:19:57 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BJKJvgg001228;
	Tue, 19 Dec 2023 20:19:57 GMT
	(envelope-from git)
Date: Tue, 19 Dec 2023 20:19:57 GMT
Message-Id: <202312192019.3BJKJvgg001228@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Gordon Tetlow <gordon@FreeBSD.org>
Subject: git: 69bd68ba30c0 - releng/13.2 - Implement "strict key
  exchange" in ssh and sshd.
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gordon
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.2
X-Git-Reftype: branch
X-Git-Commit: 69bd68ba30c0fe0c863ec55726aa273ee0fe6c30
Auto-Submitted: auto-generated

The branch releng/13.2 has been updated by gordon:

URL: https://cgit.FreeBSD.org/src/commit/?id=69bd68ba30c0fe0c863ec55726aa273ee0fe6c30

commit 69bd68ba30c0fe0c863ec55726aa273ee0fe6c30
Author:     Gordon Tetlow <gordon@FreeBSD.org>
AuthorDate: 2023-12-18 16:22:22 +0000
Commit:     Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2023-12-19 20:17:35 +0000

    Implement "strict key exchange" in ssh and sshd.
    
    This adds a protocol extension to improve the integrity of the SSH
    transport protocol, particular in and around the initial key exchange
    (KEX) phase.
    
    Full details of the extension are in the PROTOCOL file.
    
    OpenBSD-Commit-ID: 2a66ac962f0a630d7945fee54004ed9e9c439f14
    
    Approved by:    so (implicit)
    Obtained from:  https://anongit.mindrot.org/openssh.git/patch/?id=1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5
    Security:       CVE-2023-48795
    Security:       FreeBSD-SA-23:19.openssh
    
    (cherry picked from commit 92f58c69a14c0afe910145f177c0e8aeaf9c7da4)
    (cherry picked from commit 3bafcb9744c966ff7750357b24fc7942f2d928d4)
---
 crypto/openssh/PROTOCOL      |  26 +++++++++++
 crypto/openssh/kex.c         |  82 +++++++++++++++++++++++------------
 crypto/openssh/kex.h         |   1 +
 crypto/openssh/packet.c      | 101 +++++++++++++++++++++++++------------------
 crypto/openssh/packet.h      |   1 -
 crypto/openssh/sshconnect2.c |  10 +----
 6 files changed, 142 insertions(+), 79 deletions(-)

diff --git a/crypto/openssh/PROTOCOL b/crypto/openssh/PROTOCOL
index 27804d0cadbd..ad611a01a200 100644
--- a/crypto/openssh/PROTOCOL
+++ b/crypto/openssh/PROTOCOL
@@ -104,6 +104,32 @@ http://git.libssh.org/users/aris/libssh.git/plain/doc/curve25519-sha256@libssh.o
 
 This is identical to curve25519-sha256 as later published in RFC8731.
 
+1.9 transport: strict key exchange extension
+
+OpenSSH supports a number of transport-layer hardening measures under
+a "strict KEX" feature. This feature is signalled similarly to the
+RFC8308 ext-info feature: by including a additional algorithm in the
+initiial SSH2_MSG_KEXINIT kex_algorithms field. The client may append
+"kex-strict-c-v00@openssh.com" to its kex_algorithms and the server
+may append "kex-strict-s-v00@openssh.com". These pseudo-algorithms
+are only valid in the initial SSH2_MSG_KEXINIT and MUST be ignored
+if they are present in subsequent SSH2_MSG_KEXINIT packets.
+
+When an endpoint that supports this extension observes this algorithm
+name in a peer's KEXINIT packet, it MUST make the following changes to
+the the protocol:
+
+a) During initial KEX, terminate the connection if any unexpected or
+   out-of-sequence packet is received. This includes terminating the
+   connection if the first packet received is not SSH2_MSG_KEXINIT.
+   Unexpected packets for the purpose of strict KEX include messages
+   that are otherwise valid at any time during the connection such as
+   SSH2_MSG_DEBUG and SSH2_MSG_IGNORE.
+b) After sending or receiving a SSH2_MSG_NEWKEYS message, reset the
+   packet sequence number to zero. This behaviour persists for the
+   duration of the connection (i.e. not just the first
+   SSH2_MSG_NEWKEYS).
+
 2. Connection protocol changes
 
 2.1. connection: Channel write close extension "eow@openssh.com"
diff --git a/crypto/openssh/kex.c b/crypto/openssh/kex.c
index b4e2ab75f541..251cff7af530 100644
--- a/crypto/openssh/kex.c
+++ b/crypto/openssh/kex.c
@@ -65,7 +65,7 @@
 #include "xmalloc.h"
 
 /* prototype */
-static int kex_choose_conf(struct ssh *);
+static int kex_choose_conf(struct ssh *, uint32_t seq);
 static int kex_input_newkeys(int, u_int32_t, struct ssh *);
 
 static const char * const proposal_names[PROPOSAL_MAX] = {
@@ -177,6 +177,18 @@ kex_names_valid(const char *names)
 	return 1;
 }
 
+/* returns non-zero if proposal contains any algorithm from algs */
+static int
+has_any_alg(const char *proposal, const char *algs)
+{
+	char *cp;
+
+	if ((cp = match_list(proposal, algs, NULL)) == NULL)
+		return 0;
+	free(cp);
+	return 1;
+}
+
 /*
  * Concatenate algorithm names, avoiding duplicates in the process.
  * Caller must free returned string.
@@ -184,7 +196,7 @@ kex_names_valid(const char *names)
 char *
 kex_names_cat(const char *a, const char *b)
 {
-	char *ret = NULL, *tmp = NULL, *cp, *p, *m;
+	char *ret = NULL, *tmp = NULL, *cp, *p;
 	size_t len;
 
 	if (a == NULL || *a == '\0')
@@ -201,10 +213,8 @@ kex_names_cat(const char *a, const char *b)
 	}
 	strlcpy(ret, a, len);
 	for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) {
-		if ((m = match_list(ret, p, NULL)) != NULL) {
-			free(m);
+		if (has_any_alg(ret, p))
 			continue; /* Algorithm already present */
-		}
 		if (strlcat(ret, ",", len) >= len ||
 		    strlcat(ret, p, len) >= len) {
 			free(tmp);
@@ -334,15 +344,23 @@ kex_proposal_populate_entries(struct ssh *ssh, char *prop[PROPOSAL_MAX],
 	const char *defpropclient[PROPOSAL_MAX] = { KEX_CLIENT };
 	const char **defprop = ssh->kex->server ? defpropserver : defpropclient;
 	u_int i;
+	char *cp;
 
 	if (prop == NULL)
 		fatal_f("proposal missing");
 
+	/* Append EXT_INFO signalling to KexAlgorithms */
+	if (kexalgos == NULL)
+		kexalgos = defprop[PROPOSAL_KEX_ALGS];
+	if ((cp = kex_names_cat(kexalgos, ssh->kex->server ?
+	    "kex-strict-s-v00@openssh.com" :
+	    "ext-info-c,kex-strict-c-v00@openssh.com")) == NULL)
+		fatal_f("kex_names_cat");
+
 	for (i = 0; i < PROPOSAL_MAX; i++) {
 		switch(i) {
 		case PROPOSAL_KEX_ALGS:
-			prop[i] = compat_kex_proposal(ssh,
-			    kexalgos ? kexalgos : defprop[i]);
+			prop[i] = compat_kex_proposal(ssh, cp);
 			break;
 		case PROPOSAL_ENC_ALGS_CTOS:
 		case PROPOSAL_ENC_ALGS_STOC:
@@ -363,6 +381,7 @@ kex_proposal_populate_entries(struct ssh *ssh, char *prop[PROPOSAL_MAX],
 			prop[i] = xstrdup(defprop[i]);
 		}
 	}
+	free(cp);
 }
 
 void
@@ -466,7 +485,12 @@ kex_protocol_error(int type, u_int32_t seq, struct ssh *ssh)
 {
 	int r;
 
-	error("kex protocol error: type %d seq %u", type, seq);
+	/* If in strict mode, any unexpected message is an error */
+	if ((ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict) {
+		ssh_packet_disconnect(ssh, "strict KEX violation: "
+		    "unexpected packet type %u (seqnr %u)", type, seq);
+	}
+	error_f("type %u seq %u", type, seq);
 	if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 ||
 	    (r = sshpkt_put_u32(ssh, seq)) != 0 ||
 	    (r = sshpkt_send(ssh)) != 0)
@@ -544,7 +568,7 @@ kex_input_ext_info(int type, u_int32_t seq, struct ssh *ssh)
 	if (ninfo >= 1024) {
 		error("SSH2_MSG_EXT_INFO with too many entries, expected "
 		    "<=1024, received %u", ninfo);
-		return SSH_ERR_INVALID_FORMAT;
+		return dispatch_protocol_error(type, seq, ssh);
 	}
 	for (i = 0; i < ninfo; i++) {
 		if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0)
@@ -660,7 +684,7 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)
 		error_f("no kex");
 		return SSH_ERR_INTERNAL_ERROR;
 	}
-	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
+	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_protocol_error);
 	ptr = sshpkt_ptr(ssh, &dlen);
 	if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
 		return r;
@@ -696,7 +720,7 @@ kex_input_kexinit(int type, u_int32_t seq, struct ssh *ssh)
 	if (!(kex->flags & KEX_INIT_SENT))
 		if ((r = kex_send_kexinit(ssh)) != 0)
 			return r;
-	if ((r = kex_choose_conf(ssh)) != 0)
+	if ((r = kex_choose_conf(ssh, seq)) != 0)
 		return r;
 
 	if (kex->kex_type < KEX_MAX && kex->kex[kex->kex_type] != NULL)
@@ -960,20 +984,14 @@ proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX])
 	return (1);
 }
 
-/* returns non-zero if proposal contains any algorithm from algs */
 static int
-has_any_alg(const char *proposal, const char *algs)
+kexalgs_contains(char **peer, const char *ext)
 {
-	char *cp;
-
-	if ((cp = match_list(proposal, algs, NULL)) == NULL)
-		return 0;
-	free(cp);
-	return 1;
+	return has_any_alg(peer[PROPOSAL_KEX_ALGS], ext);
 }
 
 static int
-kex_choose_conf(struct ssh *ssh)
+kex_choose_conf(struct ssh *ssh, uint32_t seq)
 {
 	struct kex *kex = ssh->kex;
 	struct newkeys *newkeys;
@@ -998,13 +1016,23 @@ kex_choose_conf(struct ssh *ssh)
 		sprop=peer;
 	}
 
-	/* Check whether client supports ext_info_c */
-	if (kex->server && (kex->flags & KEX_INITIAL)) {
-		char *ext;
-
-		ext = match_list("ext-info-c", peer[PROPOSAL_KEX_ALGS], NULL);
-		kex->ext_info_c = (ext != NULL);
-		free(ext);
+	/* Check whether peer supports ext_info/kex_strict */
+	if ((kex->flags & KEX_INITIAL) != 0) {
+		if (kex->server) {
+			kex->ext_info_c = kexalgs_contains(peer, "ext-info-c");
+			kex->kex_strict = kexalgs_contains(peer,
+			    "kex-strict-c-v00@openssh.com");
+		} else {
+			kex->kex_strict = kexalgs_contains(peer,
+			    "kex-strict-s-v00@openssh.com");
+		}
+		if (kex->kex_strict) {
+			debug3_f("will use strict KEX ordering");
+			if (seq != 0)
+				ssh_packet_disconnect(ssh,
+				    "strict KEX violation: "
+				    "KEXINIT was not the first packet");
+		}
 	}
 
 	/* Check whether client supports rsa-sha2 algorithms */
diff --git a/crypto/openssh/kex.h b/crypto/openssh/kex.h
index 8b54e3f4b912..a7ae59bf7869 100644
--- a/crypto/openssh/kex.h
+++ b/crypto/openssh/kex.h
@@ -148,6 +148,7 @@ struct kex {
 	u_int	kex_type;
 	char	*server_sig_algs;
 	int	ext_info_c;
+	int	kex_strict;
 	struct sshbuf *my;
 	struct sshbuf *peer;
 	struct sshbuf *client_version;
diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c
index 3f885c3d01d1..cc492476f675 100644
--- a/crypto/openssh/packet.c
+++ b/crypto/openssh/packet.c
@@ -1206,8 +1206,13 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
 	sshbuf_dump(state->output, stderr);
 #endif
 	/* increment sequence number for outgoing packets */
-	if (++state->p_send.seqnr == 0)
+	if (++state->p_send.seqnr == 0) {
+		if ((ssh->kex->flags & KEX_INITIAL) != 0) {
+			ssh_packet_disconnect(ssh, "outgoing sequence number "
+			    "wrapped during initial key exchange");
+		}
 		logit("outgoing seqnr wraps around");
+	}
 	if (++state->p_send.packets == 0)
 		if (!(ssh->compat & SSH_BUG_NOREKEY))
 			return SSH_ERR_NEED_REKEY;
@@ -1215,6 +1220,11 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
 	state->p_send.bytes += len;
 	sshbuf_reset(state->outgoing_packet);
 
+	if (type == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) {
+		debug_f("resetting send seqnr %u", state->p_send.seqnr);
+		state->p_send.seqnr = 0;
+	}
+
 	if (type == SSH2_MSG_NEWKEYS)
 		r = ssh_set_newkeys(ssh, MODE_OUT);
 	else if (type == SSH2_MSG_USERAUTH_SUCCESS && state->server_side)
@@ -1343,8 +1353,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 	/* Stay in the loop until we have received a complete packet. */
 	for (;;) {
 		/* Try to read a packet from the buffer. */
-		r = ssh_packet_read_poll_seqnr(ssh, typep, seqnr_p);
-		if (r != 0)
+		if ((r = ssh_packet_read_poll_seqnr(ssh, typep, seqnr_p)) != 0)
 			break;
 		/* If we got a packet, return it. */
 		if (*typep != SSH_MSG_NONE)
@@ -1415,29 +1424,6 @@ ssh_packet_read(struct ssh *ssh)
 	return type;
 }
 
-/*
- * Waits until a packet has been received, verifies that its type matches
- * that given, and gives a fatal error and exits if there is a mismatch.
- */
-
-int
-ssh_packet_read_expect(struct ssh *ssh, u_int expected_type)
-{
-	int r;
-	u_char type;
-
-	if ((r = ssh_packet_read_seqnr(ssh, &type, NULL)) != 0)
-		return r;
-	if (type != expected_type) {
-		if ((r = sshpkt_disconnect(ssh,
-		    "Protocol error: expected packet type %d, got %d",
-		    expected_type, type)) != 0)
-			return r;
-		return SSH_ERR_PROTOCOL_ERROR;
-	}
-	return 0;
-}
-
 static int
 ssh_packet_read_poll2_mux(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 {
@@ -1628,10 +1614,16 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 		if ((r = sshbuf_consume(state->input, mac->mac_len)) != 0)
 			goto out;
 	}
+
 	if (seqnr_p != NULL)
 		*seqnr_p = state->p_read.seqnr;
-	if (++state->p_read.seqnr == 0)
+	if (++state->p_read.seqnr == 0) {
+		if ((ssh->kex->flags & KEX_INITIAL) != 0) {
+			ssh_packet_disconnect(ssh, "incoming sequence number "
+			    "wrapped during initial key exchange");
+		}
 		logit("incoming seqnr wraps around");
+	}
 	if (++state->p_read.packets == 0)
 		if (!(ssh->compat & SSH_BUG_NOREKEY))
 			return SSH_ERR_NEED_REKEY;
@@ -1697,6 +1689,10 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 #endif
 	/* reset for next packet */
 	state->packlen = 0;
+	if (*typep == SSH2_MSG_NEWKEYS && ssh->kex->kex_strict) {
+		debug_f("resetting read seqnr %u", state->p_read.seqnr);
+		state->p_read.seqnr = 0;
+	}
 
 	if ((r = ssh_packet_check_rekey(ssh)) != 0)
 		return r;
@@ -1717,10 +1713,39 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 		r = ssh_packet_read_poll2(ssh, typep, seqnr_p);
 		if (r != 0)
 			return r;
-		if (*typep) {
-			state->keep_alive_timeouts = 0;
-			DBG(debug("received packet type %d", *typep));
+		if (*typep == 0) {
+			/* no message ready */
+			return 0;
 		}
+		state->keep_alive_timeouts = 0;
+		DBG(debug("received packet type %d", *typep));
+
+		/* Always process disconnect messages */
+		if (*typep == SSH2_MSG_DISCONNECT) {
+			if ((r = sshpkt_get_u32(ssh, &reason)) != 0 ||
+			    (r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
+				return r;
+			/* Ignore normal client exit notifications */
+			do_log2(ssh->state->server_side &&
+			    reason == SSH2_DISCONNECT_BY_APPLICATION ?
+			    SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
+			    "Received disconnect from %s port %d:"
+			    "%u: %.400s", ssh_remote_ipaddr(ssh),
+			    ssh_remote_port(ssh), reason, msg);
+			free(msg);
+			return SSH_ERR_DISCONNECTED;
+		}
+
+		/*
+		 * Do not implicitly handle any messages here during initial
+		 * KEX when in strict mode. They will be need to be allowed
+		 * explicitly by the KEX dispatch table or they will generate
+		 * protocol errors.
+		 */
+		if (ssh->kex != NULL &&
+		    (ssh->kex->flags & KEX_INITIAL) && ssh->kex->kex_strict)
+			return 0;
+		/* Implicitly handle transport-level messages */
 		switch (*typep) {
 		case SSH2_MSG_IGNORE:
 			debug3("Received SSH2_MSG_IGNORE");
@@ -1735,19 +1760,6 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 			debug("Remote: %.900s", msg);
 			free(msg);
 			break;
-		case SSH2_MSG_DISCONNECT:
-			if ((r = sshpkt_get_u32(ssh, &reason)) != 0 ||
-			    (r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
-				return r;
-			/* Ignore normal client exit notifications */
-			do_log2(ssh->state->server_side &&
-			    reason == SSH2_DISCONNECT_BY_APPLICATION ?
-			    SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
-			    "Received disconnect from %s port %d:"
-			    "%u: %.400s", ssh_remote_ipaddr(ssh),
-			    ssh_remote_port(ssh), reason, msg);
-			free(msg);
-			return SSH_ERR_DISCONNECTED;
 		case SSH2_MSG_UNIMPLEMENTED:
 			if ((r = sshpkt_get_u32(ssh, &seqnr)) != 0)
 				return r;
@@ -2213,6 +2225,7 @@ kex_to_blob(struct sshbuf *m, struct kex *kex)
 	    (r = sshbuf_put_u32(m, kex->hostkey_type)) != 0 ||
 	    (r = sshbuf_put_u32(m, kex->hostkey_nid)) != 0 ||
 	    (r = sshbuf_put_u32(m, kex->kex_type)) != 0 ||
+	    (r = sshbuf_put_u32(m, kex->kex_strict)) != 0 ||
 	    (r = sshbuf_put_stringb(m, kex->my)) != 0 ||
 	    (r = sshbuf_put_stringb(m, kex->peer)) != 0 ||
 	    (r = sshbuf_put_stringb(m, kex->client_version)) != 0 ||
@@ -2375,6 +2388,7 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp)
 	    (r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_type)) != 0 ||
 	    (r = sshbuf_get_u32(m, (u_int *)&kex->hostkey_nid)) != 0 ||
 	    (r = sshbuf_get_u32(m, &kex->kex_type)) != 0 ||
+	    (r = sshbuf_get_u32(m, &kex->kex_strict)) != 0 ||
 	    (r = sshbuf_get_stringb(m, kex->my)) != 0 ||
 	    (r = sshbuf_get_stringb(m, kex->peer)) != 0 ||
 	    (r = sshbuf_get_stringb(m, kex->client_version)) != 0 ||
@@ -2703,6 +2717,7 @@ sshpkt_disconnect(struct ssh *ssh, const char *fmt,...)
 	vsnprintf(buf, sizeof(buf), fmt, args);
 	va_end(args);
 
+	debug2_f("sending SSH2_MSG_DISCONNECT: %s", buf);
 	if ((r = sshpkt_start(ssh, SSH2_MSG_DISCONNECT)) != 0 ||
 	    (r = sshpkt_put_u32(ssh, SSH2_DISCONNECT_PROTOCOL_ERROR)) != 0 ||
 	    (r = sshpkt_put_cstring(ssh, buf)) != 0 ||
diff --git a/crypto/openssh/packet.h b/crypto/openssh/packet.h
index 176488b1e5d2..9fc035b5e04f 100644
--- a/crypto/openssh/packet.h
+++ b/crypto/openssh/packet.h
@@ -124,7 +124,6 @@ int	 ssh_packet_send2_wrapped(struct ssh *);
 int	 ssh_packet_send2(struct ssh *);
 
 int      ssh_packet_read(struct ssh *);
-int	 ssh_packet_read_expect(struct ssh *, u_int type);
 int      ssh_packet_read_poll(struct ssh *);
 int ssh_packet_read_poll2(struct ssh *, u_char *, u_int32_t *seqnr_p);
 int	 ssh_packet_process_incoming(struct ssh *, const char *buf, u_int len);
diff --git a/crypto/openssh/sshconnect2.c b/crypto/openssh/sshconnect2.c
index bc05f02142fd..d30b7364313f 100644
--- a/crypto/openssh/sshconnect2.c
+++ b/crypto/openssh/sshconnect2.c
@@ -358,7 +358,6 @@ struct cauthmethod {
 };
 
 static int input_userauth_service_accept(int, u_int32_t, struct ssh *);
-static int input_userauth_ext_info(int, u_int32_t, struct ssh *);
 static int input_userauth_success(int, u_int32_t, struct ssh *);
 static int input_userauth_failure(int, u_int32_t, struct ssh *);
 static int input_userauth_banner(int, u_int32_t, struct ssh *);
@@ -472,7 +471,7 @@ ssh_userauth2(struct ssh *ssh, const char *local_user,
 
 	ssh->authctxt = &authctxt;
 	ssh_dispatch_init(ssh, &input_userauth_error);
-	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info);
+	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, kex_input_ext_info);
 	ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept);
 	ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &authctxt.success);	/* loop until success */
 	pubkey_cleanup(ssh);
@@ -523,12 +522,6 @@ input_userauth_service_accept(int type, u_int32_t seq, struct ssh *ssh)
 	return r;
 }
 
-static int
-input_userauth_ext_info(int type, u_int32_t seqnr, struct ssh *ssh)
-{
-	return kex_input_ext_info(type, seqnr, ssh);
-}
-
 void
 userauth(struct ssh *ssh, char *authlist)
 {
@@ -607,6 +600,7 @@ input_userauth_success(int type, u_int32_t seq, struct ssh *ssh)
 	free(authctxt->methoddata);
 	authctxt->methoddata = NULL;
 	authctxt->success = 1;			/* break out */
+	ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, dispatch_protocol_error);
 	return 0;
 }
 

From nobody Tue Dec 19 20:19:58 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Svp2k49ztz54rsQ;
	Tue, 19 Dec 2023 20:19:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Svp2k288nz4GfD;
	Tue, 19 Dec 2023 20:19:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703017198;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=82kw5tp7DwTTVfONlxPl72QfrizQ5P40E/NkU85xe4w=;
	b=ZtIQ61FegNNyUSz7RF3I9jEzhP8uGZN3A2BiXx8l5GbM13UzRq+w2E9n5a/qmzuvB/35+s
	UrKNlY2d6Gcxr+JKAR/DGJSmi7mH8HN7hcYXm0CW5ipSWHT3DHb610khmUJ6mfDeN7qU5s
	S0JA9r7RJl0rt0ulFZ2eu0ECD6ZS6JXvCDPhPFoi4Px9rEc6ONpGqnaMtbJ7oqYWBhYeub
	KG5XUIx2NgvHaI8yqRFaIuXrrLuqmhsBoT5P4PlyZFEHuxJrXCZzVAKtRQNJQiLzFGqIgx
	F33dFOVSNPvtspGoS1EH0QMU0DJi8+4Uixpoj/m563qFumIrIhSe8JTYDH2geg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703017198; a=rsa-sha256; cv=none;
	b=nkYRPhcSOFa5TlPcq4ScRgzKLWpPaNpxSJPwzNKdX2wyVC4LRpNpSbWLcapag7j/lLReks
	DP2lcY/O0t0wD2GO8oxenK75DO4WFhMVpfBdFNsmDZO+KUlK/L8ykNDZzOL3lv4LTLhdbN
	W1xurtozdniBq/CYV9cq/lQaz8p0RYJsS8FLpSJRXvHwF2cLX5NkyhPzijYIlyvlNrJrk5
	7ZH/DjZVOyDUJUYRzOkSDWNZGimUJRfdUrxUYzjXmbKdSYY1xf07Mcvg4NrAS4BCXAQTfx
	KApb3uGXfRsOZEBORToSJWMERuWOmz4n7L8tQNpU2IOqIhPxmaT8VQsfwQpUdQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703017198;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=82kw5tp7DwTTVfONlxPl72QfrizQ5P40E/NkU85xe4w=;
	b=wP8a1vAN+UrnW+F4/+AIIcetKfll1gRHtt2d4oBm/xKp7LQeeY4YLSavmTWKVdZm0o4sDJ
	WO7BPwbaVE+1ZeYgtvUTV9sZaNSGjGQDAtarBQQiuG929F8HhZXQxuM4UeiuE0hkCEBJgY
	w3LyIYlr1gAxDZrIAFcKGtwa0LLh972++ihJm+TdtNzVep09K/cDw38fpeuAhKAnW0IS7V
	xv2N7KOgGczSzFCq8L4J89W/jOvlPiRyDH3pOlpEuNj5f8L7MEnQTnvdiHNNfPwZL2e9I4
	d0LtvOVH5XYftcYCZtEsPEOJXRsNDOOph3R98A2MamFk1q70xm3Ya6RkCFanEw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Svp2k1G4cz4Z1;
	Tue, 19 Dec 2023 20:19:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BJKJwMj001293;
	Tue, 19 Dec 2023 20:19:58 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BJKJwZe001290;
	Tue, 19 Dec 2023 20:19:58 GMT
	(envelope-from git)
Date: Tue, 19 Dec 2023 20:19:58 GMT
Message-Id: <202312192019.3BJKJwZe001290@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Gordon Tetlow <gordon@FreeBSD.org>
Subject: git: c78c31d2ef40 - releng/13.2 - Add an UPDATING entry
  and bump the branch version.
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gordon
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.2
X-Git-Reftype: branch
X-Git-Commit: c78c31d2ef40c2345de7a73070d397c8be6e563a
Auto-Submitted: auto-generated

The branch releng/13.2 has been updated by gordon:

URL: https://cgit.FreeBSD.org/src/commit/?id=c78c31d2ef40c2345de7a73070d397c8be6e563a

commit c78c31d2ef40c2345de7a73070d397c8be6e563a
Author:     Gordon Tetlow <gordon@FreeBSD.org>
AuthorDate: 2023-12-19 20:18:52 +0000
Commit:     Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2023-12-19 20:18:52 +0000

    Add an UPDATING entry and bump the branch version.
    
    Approved by:    so
---
 UPDATING            | 5 +++++
 sys/conf/newvers.sh | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/UPDATING b/UPDATING
index 8ed94c3a241d..142afbf8e4fa 100644
--- a/UPDATING
+++ b/UPDATING
@@ -12,6 +12,11 @@ Items affecting the ports and packages system can be found in
 /usr/ports/UPDATING.  Please read that file before updating system packages
 and/or ports.
 
+20231212:
+	13.2-RELEASE-p9	SA-23:19.openssh
+
+	Prefix Truncation Attack in the SSH protocol [SA-23:19.openssh]
+
 20231212:
 	13.2-RELEASE-p8	SA-23:18.nfsclient
 
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index fb24da9b4dac..35e325add855 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -54,7 +54,7 @@
 
 TYPE="FreeBSD"
 REVISION="13.2"
-BRANCH="RELEASE-p8"
+BRANCH="RELEASE-p9"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
 	BRANCH=${BRANCH_OVERRIDE}
 fi

From nobody Tue Dec 19 20:48:26 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Svpgb2G43z54vGg;
	Tue, 19 Dec 2023 20:48:27 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SvpgZ5V3Jz3GCl;
	Tue, 19 Dec 2023 20:48:26 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703018906;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=O+WF5FCF/X7trkRTxMaEJQP+vd7xX7F8Qe6B41doLjg=;
	b=iXfvEMkglZsIDr7V0qsWTA3gVFVY8PAK09WUb6VxuymM+fqsLh9ZoEXDApLD8TNsB8Gv2g
	4P1mBujkdqmhk0EjlSiPjJYTmSCcQw4dCDVfhYdyTT2gS1hg3+Yl5FMUm0JIorMdM+Xld+
	NwnOA3x86MlL4teuF9rtPmr+a2QvmI9iAUWe7eoRtsbWLy0aX8zH00nLIAyKcAD7aFeiat
	TgCHvdr7VhviHw8KrymApXCJ6nMTmIfR/6UyZ78zGO52cF59G4OR7bvKzV7I+QljCkfgsM
	uyB8VV0SBAsqQgp6dQKUw6+5XsnxztfjNY+ByH8BleDLa6OUUwTtLkTWpnYkIA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703018906; a=rsa-sha256; cv=none;
	b=hzR2yhqbKwupf2XD9Mi0UBDshndT+IW2nsPzHpqbmazPr57EKpCPHmVQwNqy5bCbDN/B/t
	aiNfhekpCWADyIm+7xOPvQYDqKbk32wCZ1PZKh7rVJqu0VE4/oMKlOiwikTNr9BncFSduK
	qa6b7Broknm7GB1/UvpLoWG1zdK91w/ValxmAcz2vdHHCbz26ChLlGf6YO4P5GwI5aZ3nu
	V/YU8kezAnBRaiZTjjg60Kwo6zb11F2milyaF9yV/Wk8WAAiJE3tObLLFqUC0hzsil6Rop
	G2jDBumhZj2fMojC3RcuFdUTg/yxl2KyQ2zjhYNUURetgmSYG0Dcpa3iWz87yg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703018906;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=O+WF5FCF/X7trkRTxMaEJQP+vd7xX7F8Qe6B41doLjg=;
	b=ZtVnGdL1fMzfjbJDuF7v/RaF0vvdLLHWyQHJfTgmnlIIOlt6xQi3fCZ5Nw1i1N9xj6vonF
	J3+p+VAdKD9laHixGIXeEZ7uBPcCOOuqzPsMJvffFpdSUC5NnYJOhhdd8jQdi06GkVXRMg
	1YkHe+7gEt5oHs+lfiv20f82z7LtShywyrdPKNHHJ20UZt0WCF01faCRwqlwtW5lZianUE
	knKXOwEIKTJc8xOlvJSmkm3OmnsmRGcIeaETQPVDnhe93mRnPK2c3gtVVeb42azPXz3ypX
	al5aoBbWoIArTxx9nHNWwfl69tJdDsFo6B6xa3ghlOES1jDkZMS6o+Xq8eFz8A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SvpgZ4SHNz5P0;
	Tue, 19 Dec 2023 20:48:26 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BJKmQ6x050573;
	Tue, 19 Dec 2023 20:48:26 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BJKmQAd050570;
	Tue, 19 Dec 2023 20:48:26 GMT
	(envelope-from git)
Date: Tue, 19 Dec 2023 20:48:26 GMT
Message-Id: <202312192048.3BJKmQAd050570@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Vladimir Kondratyev <wulf@FreeBSD.org>
Subject: git: 36d6a456547c - stable/14 - ig4: Add PCI IDs for Intel
  Ice Lake I2C controller.
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: wulf
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 36d6a456547cfe2a565bc60990e9cf421d267d07
Auto-Submitted: auto-generated

The branch stable/14 has been updated by wulf:

URL: https://cgit.FreeBSD.org/src/commit/?id=36d6a456547cfe2a565bc60990e9cf421d267d07

commit 36d6a456547cfe2a565bc60990e9cf421d267d07
Author:     Vladimir Kondratyev <wulf@FreeBSD.org>
AuthorDate: 2023-11-27 15:25:48 +0000
Commit:     Vladimir Kondratyev <wulf@FreeBSD.org>
CommitDate: 2023-12-19 20:34:56 +0000

    ig4: Add PCI IDs for Intel Ice Lake I2C controller.
    
    PR:             275115
    Tested by:      Sam <sam3423.yntmr_AT_slmail_DOT_me>
---
 sys/dev/ichiic/ig4_pci.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/sys/dev/ichiic/ig4_pci.c b/sys/dev/ichiic/ig4_pci.c
index bb4b75c0c6d1..9f12e713cdeb 100644
--- a/sys/dev/ichiic/ig4_pci.c
+++ b/sys/dev/ichiic/ig4_pci.c
@@ -119,6 +119,12 @@ static int ig4iic_pci_detach(device_t dev);
 #define PCI_CHIP_COMETLAKE_V_I2C_1	0xa3e18086
 #define PCI_CHIP_COMETLAKE_V_I2C_2	0xa3e28086
 #define PCI_CHIP_COMETLAKE_V_I2C_3	0xa3e38086
+#define	PCI_CHIP_ICELAKE_LP_I2C_0	0x34e88086
+#define	PCI_CHIP_ICELAKE_LP_I2C_1	0x34e98086
+#define	PCI_CHIP_ICELAKE_LP_I2C_2	0x34ea8086
+#define	PCI_CHIP_ICELAKE_LP_I2C_3	0x34eb8086
+#define	PCI_CHIP_ICELAKE_LP_I2C_4	0x34c58086
+#define	PCI_CHIP_ICELAKE_LP_I2C_5	0x34c68086
 #define PCI_CHIP_TIGERLAKE_H_I2C_0	0x43d88086
 #define PCI_CHIP_TIGERLAKE_H_I2C_1	0x43e88086
 #define PCI_CHIP_TIGERLAKE_H_I2C_2	0x43e98086
@@ -225,6 +231,12 @@ static struct ig4iic_pci_device ig4iic_pci_devices[] = {
 	{ PCI_CHIP_COMETLAKE_V_I2C_1, "Intel Comet Lake-V I2C Controller-1", IG4_CANNONLAKE},
 	{ PCI_CHIP_COMETLAKE_V_I2C_2, "Intel Comet Lake-V I2C Controller-2", IG4_CANNONLAKE},
 	{ PCI_CHIP_COMETLAKE_V_I2C_3, "Intel Comet Lake-V I2C Controller-3", IG4_CANNONLAKE},
+	{ PCI_CHIP_ICELAKE_LP_I2C_0, "Intel Ice Lake-LP I2C Controller-0", IG4_TIGERLAKE},
+	{ PCI_CHIP_ICELAKE_LP_I2C_1, "Intel Ice Lake-LP I2C Controller-1", IG4_TIGERLAKE},
+	{ PCI_CHIP_ICELAKE_LP_I2C_2, "Intel Ice Lake-LP I2C Controller-2", IG4_TIGERLAKE},
+	{ PCI_CHIP_ICELAKE_LP_I2C_3, "Intel Ice Lake-LP I2C Controller-3", IG4_TIGERLAKE},
+	{ PCI_CHIP_ICELAKE_LP_I2C_4, "Intel Ice Lake-LP I2C Controller-4", IG4_TIGERLAKE},
+	{ PCI_CHIP_ICELAKE_LP_I2C_5, "Intel Ice Lake-LP I2C Controller-5", IG4_TIGERLAKE},
 	{ PCI_CHIP_TIGERLAKE_H_I2C_0, "Intel Tiger Lake-H I2C Controller-0", IG4_TIGERLAKE},
 	{ PCI_CHIP_TIGERLAKE_H_I2C_1, "Intel Tiger Lake-H I2C Controller-1", IG4_TIGERLAKE},
 	{ PCI_CHIP_TIGERLAKE_H_I2C_2, "Intel Tiger Lake-H I2C Controller-2", IG4_TIGERLAKE},

From nobody Tue Dec 19 20:54:21 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SvppP5ZTkz54vSL;
	Tue, 19 Dec 2023 20:54:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SvppP4kQwz3NbY;
	Tue, 19 Dec 2023 20:54:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703019261;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=qN7CELDxjYukSvpAH+Vneey/SLbDjzcSscfhntv/QI8=;
	b=NaCiwHh1+kQIi4PMTfBfQplIm31Un+pX/C03S08oogW99cGithWDteSchydGvRzFR/b6YH
	YN+ZusdbIiWdtA3/qPeb98C4FOVAGMrvdfSwMzjM8ax1KrMKJ7B3xSHn2gga2yyU5gCU2y
	KKq5ddFOIt/r15muyNXH3KdTRxlHV/fSf8a2jWkBYAy42m8yyWqnKHMdYQN06JggFCXx9m
	o3SYSySQq1IvaG1dCgCOes5EGJ/KfwUrUDFOKZZOwlAnHlbAEOztX0T1/ZllrYUudUGxbC
	JN1caGbNcnCtcT1qZok/DkOKwQo5Ra2MTOpqD6o70mNLFgIoSRr3BItRcnAOig==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703019261; a=rsa-sha256; cv=none;
	b=m/qLsdfrLsLKUIW4j5N823S5fKjM7WC4JcSSJQKxLuYv8QfLxqYhaVgAe3ELRW7yP1KM4c
	FIUdzN9pZ2E1FMajyeTIVGbZfNahQiXwTLlMGmov6NErFoFZo7yN2qeVYobBvZhHHyqzzB
	6eu7/T2hbxbr1fSNRZeBA10SEnkLymMEJR9+aOh/KHQo6ukwpzNqf1dXuX6vQXlWGvSAzn
	jY03vOZs/qp/XxoKlTALJOfkKpBlUUMu3CmYY+DeRVLRMpaFRgy/HUIu+skDJXW6pMXUJ+
	BB7Uf/DuTnU5/OaVZK0uVgV4ipOyl2ADyPJ5dlrzKPqt1DXozplZRZAcE2tJ5w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703019261;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=qN7CELDxjYukSvpAH+Vneey/SLbDjzcSscfhntv/QI8=;
	b=NDM6SKbjUiMtQ1lNQd4uFo1Orz1o9cicNh0Qiq91G2Pc9kI4a15Zrcl6xunTpNofiylwa7
	ZRmWbaKjxepgTCv0vUG2dDXz648OIBDwzOSUla0Wrb9Es5kuqosfwh8HVv2p8W5Sh+QWh2
	GHk9AIQhQrL9z2EOqo9dyt9i4WSlYQ8LvYb5SON2a6A/YtittTVyObXXJJ5NxEBxSwOlnP
	5dLl4qZ591Yc5OY1gnv3V5zqXm0x6Ui012n1rbefEzQ2apdbJSKoYrmltPbz7AbC6fI+FX
	b/jQg282qX7o9fGuXg+q/In288tCuihjb7ZotX0nJqgZPsvUKTXWAAWHtLRALA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SvppP21QQz5vD;
	Tue, 19 Dec 2023 20:54:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BJKsL9v066953;
	Tue, 19 Dec 2023 20:54:21 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BJKsLSb066950;
	Tue, 19 Dec 2023 20:54:21 GMT
	(envelope-from git)
Date: Tue, 19 Dec 2023 20:54:21 GMT
Message-Id: <202312192054.3BJKsLSb066950@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Vladimir Kondratyev <wulf@FreeBSD.org>
Subject: git: 2cbd132986a7 - stable/13 - ig4: Add PCI IDs for Intel
  Ice Lake I2C controller.
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: wulf
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 2cbd132986a782f689e169f4bf47793e1fc8a147
Auto-Submitted: auto-generated

The branch stable/13 has been updated by wulf:

URL: https://cgit.FreeBSD.org/src/commit/?id=2cbd132986a782f689e169f4bf47793e1fc8a147

commit 2cbd132986a782f689e169f4bf47793e1fc8a147
Author:     Vladimir Kondratyev <wulf@FreeBSD.org>
AuthorDate: 2023-11-27 15:25:48 +0000
Commit:     Vladimir Kondratyev <wulf@FreeBSD.org>
CommitDate: 2023-12-19 20:53:48 +0000

    ig4: Add PCI IDs for Intel Ice Lake I2C controller.
    
    PR:             275115
    Tested by:      Sam <sam3423.yntmr_AT_slmail_DOT_me>
    
    (cherry picked from commit 789ffce392946d2f71a51bbac60db16dcdea2928)
---
 sys/dev/ichiic/ig4_pci.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/sys/dev/ichiic/ig4_pci.c b/sys/dev/ichiic/ig4_pci.c
index a3504659f700..06ee3a7c9845 100644
--- a/sys/dev/ichiic/ig4_pci.c
+++ b/sys/dev/ichiic/ig4_pci.c
@@ -119,6 +119,12 @@ static int ig4iic_pci_detach(device_t dev);
 #define PCI_CHIP_COMETLAKE_V_I2C_1	0xa3e18086
 #define PCI_CHIP_COMETLAKE_V_I2C_2	0xa3e28086
 #define PCI_CHIP_COMETLAKE_V_I2C_3	0xa3e38086
+#define	PCI_CHIP_ICELAKE_LP_I2C_0	0x34e88086
+#define	PCI_CHIP_ICELAKE_LP_I2C_1	0x34e98086
+#define	PCI_CHIP_ICELAKE_LP_I2C_2	0x34ea8086
+#define	PCI_CHIP_ICELAKE_LP_I2C_3	0x34eb8086
+#define	PCI_CHIP_ICELAKE_LP_I2C_4	0x34c58086
+#define	PCI_CHIP_ICELAKE_LP_I2C_5	0x34c68086
 #define PCI_CHIP_TIGERLAKE_H_I2C_0	0x43d88086
 #define PCI_CHIP_TIGERLAKE_H_I2C_1	0x43e88086
 #define PCI_CHIP_TIGERLAKE_H_I2C_2	0x43e98086
@@ -225,6 +231,12 @@ static struct ig4iic_pci_device ig4iic_pci_devices[] = {
 	{ PCI_CHIP_COMETLAKE_V_I2C_1, "Intel Comet Lake-V I2C Controller-1", IG4_CANNONLAKE},
 	{ PCI_CHIP_COMETLAKE_V_I2C_2, "Intel Comet Lake-V I2C Controller-2", IG4_CANNONLAKE},
 	{ PCI_CHIP_COMETLAKE_V_I2C_3, "Intel Comet Lake-V I2C Controller-3", IG4_CANNONLAKE},
+	{ PCI_CHIP_ICELAKE_LP_I2C_0, "Intel Ice Lake-LP I2C Controller-0", IG4_TIGERLAKE},
+	{ PCI_CHIP_ICELAKE_LP_I2C_1, "Intel Ice Lake-LP I2C Controller-1", IG4_TIGERLAKE},
+	{ PCI_CHIP_ICELAKE_LP_I2C_2, "Intel Ice Lake-LP I2C Controller-2", IG4_TIGERLAKE},
+	{ PCI_CHIP_ICELAKE_LP_I2C_3, "Intel Ice Lake-LP I2C Controller-3", IG4_TIGERLAKE},
+	{ PCI_CHIP_ICELAKE_LP_I2C_4, "Intel Ice Lake-LP I2C Controller-4", IG4_TIGERLAKE},
+	{ PCI_CHIP_ICELAKE_LP_I2C_5, "Intel Ice Lake-LP I2C Controller-5", IG4_TIGERLAKE},
 	{ PCI_CHIP_TIGERLAKE_H_I2C_0, "Intel Tiger Lake-H I2C Controller-0", IG4_TIGERLAKE},
 	{ PCI_CHIP_TIGERLAKE_H_I2C_1, "Intel Tiger Lake-H I2C Controller-1", IG4_TIGERLAKE},
 	{ PCI_CHIP_TIGERLAKE_H_I2C_2, "Intel Tiger Lake-H I2C Controller-2", IG4_TIGERLAKE},

From nobody Wed Dec 20 07:35:38 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sw52L6WB7z55F3B;
	Wed, 20 Dec 2023 07:35:38 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sw52L1hF8z3TXY;
	Wed, 20 Dec 2023 07:35:38 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703057738;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hKHwtPXQam1xcBHFcw1EPPNrh8/b+M2Ctssd9jdgaJQ=;
	b=P2lAyQA789c2xz+TbE+b3CIcxrJB8uP4KVHelOaZSsExPY+VWBdpteWmKmCydvplt4Bv9n
	p4UM3s7cQw6kkZ5tydScPrtj+tDGr/BPB7s5YsNcnzAKq/LMIfedRXlEHu/6IOkvHnoZT+
	MAIIlPTQUWhJyL3VWwY6wE7S6k961H67LNSNrlX/A+d71I5Ul777CFDdGwBxB9ylfNxqy1
	TRMfAn0RBHx0gGf129Jr8aRd6OOHfAeSecvSfnZlqma1M5BplS/oPukCWGmza+QmIE8yC4
	+v5Mxhx58WiMHBP5bOAf+44dFxfM4e9sBlk73f0iQ+UOtiFeQ48H75Sv/2GoaQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703057738; a=rsa-sha256; cv=none;
	b=vXsVECqkakzMU6pJ5x3y5h530CLAxLj4vlXaCUs/KAsst2An9dMuN9eFyivk7r4dNaCpTK
	p3MSNtI0yDo5DXvZDRiJR74heARHgw/+MyCh5hSUUUKNqeCV9A8cRyLkX6QZNGULK0ZGOX
	2/1CGQ0WcTxmJsJv4ftiCA3QO8Kp5CyAWGNasGptHxguIKMzMNMDdDwdD019ud2fJj3Dpa
	MNCc28v6IZDsULXQi7bxeGMxhY70I0n94bLLF4JVgvpvdyvWaj7oIj4S995cC6qeptx3Oe
	plGeiSrl03/GvSNpds9OSJjdr4vmM61Ldl0jnRhyktEYISZH9xa2pI9R7HdWgA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703057738;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hKHwtPXQam1xcBHFcw1EPPNrh8/b+M2Ctssd9jdgaJQ=;
	b=MNQqPMRnf/PaIPy3V2FUZKt6RdjKrTiNYuNsYgykjLVwQzJGipDsCw96I9i2qag9uMI0Po
	uDegGgGI94fTLV5mbotlVA8zw5JNjwtoJMMsyPh4taRmWfoopdNXchMTDUk9m8Q4zUx+6T
	dBSoYOMfqF/H04vjp8cE2SfVkrlPOqwmCdJ7kop/7mfEqX0cf4g87hEcZ6cUFOfj78bE/o
	+Flcx8GJCJ0vE5zT56Y5u5jD4SfVyiRBBnbYSvupQcnGrgX+mgqS5GuYZ09s7dwSmfYdSY
	vbV6PP6mcRwNdQo66KUmSurGwG7uEd40fCeljdF1f0093BUB5nMttBsglgqhvA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sw52L0j16zgKK;
	Wed, 20 Dec 2023 07:35:38 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BK7ZcQC039265;
	Wed, 20 Dec 2023 07:35:38 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BK7ZcMi039262;
	Wed, 20 Dec 2023 07:35:38 GMT
	(envelope-from git)
Date: Wed, 20 Dec 2023 07:35:38 GMT
Message-Id: <202312200735.3BK7ZcMi039262@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Gordon Bergling <gbe@FreeBSD.org>
Subject: git: 2ad07dc6ceaf - stable/14 - qat: Fix two typos in
  source code comments
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gbe
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 2ad07dc6ceafa2e2542448d5e938883f1a59aeb6
Auto-Submitted: auto-generated

The branch stable/14 has been updated by gbe:

URL: https://cgit.FreeBSD.org/src/commit/?id=2ad07dc6ceafa2e2542448d5e938883f1a59aeb6

commit 2ad07dc6ceafa2e2542448d5e938883f1a59aeb6
Author:     Gordon Bergling <gbe@FreeBSD.org>
AuthorDate: 2023-12-17 14:18:57 +0000
Commit:     Gordon Bergling <gbe@FreeBSD.org>
CommitDate: 2023-12-20 07:35:25 +0000

    qat: Fix two typos in source code comments
    
    - s/parmeters/parameters/
    
    (cherry picked from commit ada4cd3f7710d9759e391e84ad21b7763062bdbc)
---
 sys/dev/qat/qat_api/include/lac/cpa_cy_sym.h    | 2 +-
 sys/dev/qat/qat_api/include/lac/cpa_cy_sym_dp.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/dev/qat/qat_api/include/lac/cpa_cy_sym.h b/sys/dev/qat/qat_api/include/lac/cpa_cy_sym.h
index 934ad2520774..370b7e2397c4 100644
--- a/sys/dev/qat/qat_api/include/lac/cpa_cy_sym.h
+++ b/sys/dev/qat/qat_api/include/lac/cpa_cy_sym.h
@@ -1194,7 +1194,7 @@ cpaCySymSessionCtxGetSize(const CpaInstanceHandle instanceHandle,
  *      minimum memory size needed to support all possible setup data parameter 
  *      combinations. cpaCySymSessionCtxGetDynamicSize() will return the 
  *      minimum memory size needed to support the specific session setup 
- *      data parmeters provided. This size may be different for different setup
+ *      data parameters provided. This size may be different for different setup
  *      data parameters.
  *
  * @context
diff --git a/sys/dev/qat/qat_api/include/lac/cpa_cy_sym_dp.h b/sys/dev/qat/qat_api/include/lac/cpa_cy_sym_dp.h
index 479cb72c2cf2..7f103ec98e51 100644
--- a/sys/dev/qat/qat_api/include/lac/cpa_cy_sym_dp.h
+++ b/sys/dev/qat/qat_api/include/lac/cpa_cy_sym_dp.h
@@ -559,7 +559,7 @@ cpaCySymDpSessionCtxGetSize(const CpaInstanceHandle instanceHandle,
  *      minimum memory size needed to support all possible setup data parameter 
  *      combinations. cpaCySymDpSessionCtxGetDynamicSize() will return the 
  *      minimum memory size needed to support the specific session setup 
- *      data parmeters provided. This size may be different for different setup
+ *      data parameters provided. This size may be different for different setup
  *      data parameters.
  *
  * @context

From nobody Wed Dec 20 08:30:22 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sw6FW2ddSz54cNT;
	Wed, 20 Dec 2023 08:30:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sw6FW1fhyz4LrW;
	Wed, 20 Dec 2023 08:30:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703061023;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=YZorguoJgwUPBCxVdE6P9FQY9hLCmTj5Tcz9P0M+Gf8=;
	b=F0fhGgTpOb+riIU/UbsmUH0ve4w5M5wuishPMcXQkIKBknHKnoRZLJT51a95rwjfaUJeLo
	AcxFRyz6gZZKdQ9KeT+ItvHlyfztltKsZZyx0p6EOztY8wJvh1iR3TDTUblhs3d3ypH4Lr
	DdYBJm6FhEDmLiJa0a0zCah0bLEondy8W0FhKcrZiOxLCAgYQ7flqYVVQRmq621UvmRHmy
	lmE7jpy3283fgrvkwjYifSsPnrCKPFS8tJ9Eqe/d0f+YvcSPlxsEceRVjccbXjm4kPmY1e
	v96UUHRiumPZKT5rXFOmm2NA5RjdcWj10TsIXc2LHTpEMJ3tReHKjF0ywc7u2w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703061023; a=rsa-sha256; cv=none;
	b=ESGzr0kgP+PILfwCY3CewhEvQM37yap4UC7jE/B+wGrFxLJjVvGR3AQnO4dGFVWFoZpuFw
	9m/x+k1Vsu2ibwu48HGLBD/KZp7f6Gs7LRykuTuFeBKDWhJsNwpYzaqvqjJEeDNUIPb6pC
	WGaguWfN56PIR9/ASYvT/EiocubqMlrk7w6mjU2KRTM+hH6u81LFEtAldWyM+NQqzax1lE
	MNu/OANCPpGQ8H/f9lQzFHwC3425/HObA7jhsp8dmtdXIC+LMv80YvdvKlBrqDo+ZeNsME
	xhnEHKqS3mfjfyWRC7S4sRc2UoYIFAhXEjFTNNuVIA6HdAJLXk4lEcU2LFDVFQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703061023;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=YZorguoJgwUPBCxVdE6P9FQY9hLCmTj5Tcz9P0M+Gf8=;
	b=gLqCqRutuQ7LZH+YVzYPWpM6mjrSkNi9YlqL98Eeadfi+78GVizvqbLU4XnUudqGvroyJT
	Z2yrf5JvQGS8ozXcevPAsUNfVhIhLCn24koeHkyIDKCWnI9W82T/n6+6sJCdnGNxKCCPk4
	nK1oFsHC+8oQWKenB/5nVutOeDnymyVCK/yzg6iqnhnouvU75wUuQwS1H+FEaGqiPxRk5j
	v5mTp8nq5sdbbjnireu5SDWXVcNBZPaSOj+UVF+m3RWzfkbnnh9zzSm3nPlVviSUrUHA4J
	EKCqxi9zjfDVxfiE2QlHKZdp3ZZGD/2OhqTNV7pxKCkI80C5WRhN1/ucB5iWdA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sw6FW0ZNjzhFf;
	Wed, 20 Dec 2023 08:30:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BK8UMH4033524;
	Wed, 20 Dec 2023 08:30:22 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BK8UMNx033521;
	Wed, 20 Dec 2023 08:30:22 GMT
	(envelope-from git)
Date: Wed, 20 Dec 2023 08:30:22 GMT
Message-Id: <202312200830.3BK8UMNx033521@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Konstantin Belousov <kib@FreeBSD.org>
Subject: git: ddb82f214f0c - stable/14 - ufs: do not leave around
  empty buffers shadowing disk content
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kib
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: ddb82f214f0cd5171f9830a6d28b75e8ded98613
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=ddb82f214f0cd5171f9830a6d28b75e8ded98613

commit ddb82f214f0cd5171f9830a6d28b75e8ded98613
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-12-11 22:57:28 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-12-20 08:29:55 +0000

    ufs: do not leave around empty buffers shadowing disk content
    
    (cherry picked from commit ca39f23347e1416a28dde13279bfe5841ad9a746)
---
 sys/ufs/ffs/ffs_vnops.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/sys/ufs/ffs/ffs_vnops.c b/sys/ufs/ffs/ffs_vnops.c
index 2b11a15c46c9..c14cb5e1ee66 100644
--- a/sys/ufs/ffs/ffs_vnops.c
+++ b/sys/ufs/ffs/ffs_vnops.c
@@ -981,8 +981,15 @@ ffs_write(
 		 * validated the pages.
 		 */
 		if (error != 0 && (bp->b_flags & B_CACHE) == 0 &&
-		    fs->fs_bsize == xfersize)
-			vfs_bio_clrbuf(bp);
+		    fs->fs_bsize == xfersize) {
+			if (error == EFAULT && LIST_EMPTY(&bp->b_dep)) {
+				bp->b_flags |= B_INVAL | B_RELBUF | B_NOCACHE;
+				brelse(bp);
+				break;
+			} else {
+				vfs_bio_clrbuf(bp);
+			}
+		}
 
 		vfs_bio_set_flags(bp, ioflag);
 

From nobody Wed Dec 20 08:30:23 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sw6FX2wDQz54cT1;
	Wed, 20 Dec 2023 08:30:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sw6FX16WTz4LvN;
	Wed, 20 Dec 2023 08:30:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703061024;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=FfVNasyP9dbVtYqNJYKPCUZEYOSYFKqWlJt2JHLmofo=;
	b=oRao8jOHkIYRjJWyaMHUn6E99AuIRhCgNfXuAPPIoH4/pecqaDuii0BZOH0eWtDwd2QZ50
	vxNbfDScPL1n7RV+z6FQ9n7H/7X0oZiXz3rBhRi68H2Asiemk5+WkoxMqaJG1PitwXNSz9
	JXUtsokUJYgemhVEhHqCxksk9WTE4undfxGuk7INOMkuNWjEw0496uxDsxv8qOjy7ArdwG
	R3g8xyq/hIM9+4FWmbc07BVEScL2KfryUJ+QAPwgEN6sXlh7foeYMGy3TB+k8cv3DK3ECV
	3P7dc4ArOcKOGEg5wMN96Jv0CGilaSVqwy3aE3YkbaLAdjMETspViaBRB0xRZg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703061024; a=rsa-sha256; cv=none;
	b=RprO9ffAGrIIp/A2iBbz11H+9dAVzimeI0qzD1LAi25xxlzZIBmKFGa+8FFFajKSyoMHFf
	+waPdFcQeDJ+LJvtm10niqJnKJpTKef4/+/XhT1shYFuOwmZOA1rjvayc2m2YSA4/W0Qzb
	2EWUQNfBr9NSVp3hrUcyFW+DUMDj+SPggID66ZKDMhGMDmsinWgLTYcyrESSWiYQoEqu3R
	8DAxzDh2kOW5L6G0xE8nIsnqamn74BqoPdsSUHNtmMxbrszDFqRNzJlVkJh6y+/rAkJwPj
	nqBAfYyuQYKSu4jjhH35spjXoSgAXM9iTI9dnuha8+68G7gtPbP3Scb5tR5c5A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703061024;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=FfVNasyP9dbVtYqNJYKPCUZEYOSYFKqWlJt2JHLmofo=;
	b=mteKtoijbSxHCxwbr8fvVMHUmoYK+olDDuH/rmMMCG4WP9zUNcXiFjuK8TLG166oKewbSH
	CnOAw75DfiIop5e/Z8yuCh7mWGZV5+vVAN1O4ysS40kIdkXnFu/2rMnE+BoyEI4Y11ItOT
	ZZKvjrJz4NpNO1ftha5Zqm5kUyMlhtTAPjUQLs4QFMBuoxtTUpDGm+RtWwfiHRQK6+8vFO
	QtxMiqP6IB9G3TKFFehOD9K3NYJ6ZivhuAosJaFd/P36oQeHScjVVhMDeaoPG0736kXxQN
	4bZbxGNApcBnbbq9yrK95DCh84yGkfpb0U88MQn5f+kKrkjv33zYyUGXtXVB7g==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sw6FX03F3zh66;
	Wed, 20 Dec 2023 08:30:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BK8UNiM033585;
	Wed, 20 Dec 2023 08:30:23 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BK8UNSM033582;
	Wed, 20 Dec 2023 08:30:23 GMT
	(envelope-from git)
Date: Wed, 20 Dec 2023 08:30:23 GMT
Message-Id: <202312200830.3BK8UNSM033582@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Konstantin Belousov <kib@FreeBSD.org>
Subject: git: e373880312fb - stable/14 - libc: correct some memory
  leaks in acl_to_text(3) and acl_to_text_np(3)
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kib
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: e373880312fb8ea09c501975e1fd23234a0df1e3
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=e373880312fb8ea09c501975e1fd23234a0df1e3

commit e373880312fb8ea09c501975e1fd23234a0df1e3
Author:     Peter Eriksson <pen@lysator.liu.se>
AuthorDate: 2023-12-17 22:03:13 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-12-20 08:29:55 +0000

    libc: correct some memory leaks in acl_to_text(3) and acl_to_text_np(3)
    
    PR:     275232
    
    (cherry picked from commit 7aa375dcc61e48cc56da45c9d5a11371693c8043)
---
 lib/libc/posix1e/acl_to_text_nfs4.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/libc/posix1e/acl_to_text_nfs4.c b/lib/libc/posix1e/acl_to_text_nfs4.c
index d901b1cf6b88..157215c9dd52 100644
--- a/lib/libc/posix1e/acl_to_text_nfs4.c
+++ b/lib/libc/posix1e/acl_to_text_nfs4.c
@@ -72,6 +72,7 @@ format_who(char *str, size_t size, const acl_entry_t entry, int numeric)
 			snprintf(str, size, "user:%d", (unsigned int)*id);
 		else
 			snprintf(str, size, "user:%s", pwd->pw_name);
+		acl_free(id);
 		break;
 
 	case ACL_GROUP_OBJ:
@@ -91,6 +92,7 @@ format_who(char *str, size_t size, const acl_entry_t entry, int numeric)
 			snprintf(str, size, "group:%d", (unsigned int)*id);
 		else
 			snprintf(str, size, "group:%s", grp->gr_name);
+		acl_free(id);
 		break;
 
 	case ACL_EVERYONE:
@@ -157,6 +159,7 @@ format_additional_id(char *str, size_t size, const acl_entry_t entry)
 		if (id == NULL)
 			return (-1);
 		snprintf(str, size, ":%d", (unsigned int)*id);
+		acl_free(id);
 	}
 
 	return (0);

From nobody Wed Dec 20 15:42:53 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SwHrY3Qx5z555BK;
	Wed, 20 Dec 2023 15:42:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SwHrY2SfQz4gHQ;
	Wed, 20 Dec 2023 15:42:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703086973;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=IjTFNi6Kc58dNlWmJ+sI6QiHca8s/GimaQsd5Jc7lwc=;
	b=dV9S0ZOToaYB8FzjfsICdguogQ/4+FQaxcoifwb/CBXiuq/A1PDLg5TheduZjG5De3llxm
	rYPCnzpFlc5W75Algsfg3km5wIneYA2LtyODVcaM4nwKSLWWw0QbORgeu2GWlNISFii9uA
	N3Nqfl35KtFYX68Xwy3BLU/JAKEoNz5POVesOhS1CeG4AvU59cARQb1jr0T0jJlacXn6ag
	l4KjQdgBnvBDW08kRoV+dRC/PAxvwGam6Npb3kSvpmYkamPTWkyNvdTn4Q7Lkp18ik6Aqa
	wJd8bLQ4OuVPNGwucgKGW03KvNwxgWc2Rn4E4j1Ygwdt1e9XcwR1x6GozHODiQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703086973; a=rsa-sha256; cv=none;
	b=sK4wuHULPQK2l773SefQX6SaQEq51JoX7Z8l1nxP0qGjtdyzuNwO+Ct4zBnqJaUjwpEMzl
	Us8Q5muFw1LZ6Rt4b8j+1nh4xAMV9pjYCMV7SM/WT6HscF/lPFBJEnyVBwZ9a5AoTcXFk7
	dh32MXbolx34I/3YBQsn6RxVD0Ys2c+QcLdcP9GjISeDa5w9JQfKwwTYMe4QzL6AVAXa+Y
	d7JKuIre9a1C5C7PgFVFpUoE+l3tu4P/lpijVeR+CFPnPBv6TEQvU4pV7GcEzz1h/QDzPl
	VY3b62iY1hUFf2CWcYbwUxS/jT6DfbcnUneZYN0Qpb4GBUs0tICo3uCQ9DdS9w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703086973;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=IjTFNi6Kc58dNlWmJ+sI6QiHca8s/GimaQsd5Jc7lwc=;
	b=d9fFyKyg7hinSIj0M0DxYFihmEdpp8E5ncrN/QBOsoACrbkJ6H2scu/qD5GyxK0cM++xuR
	YOd1gjX04BsnHvMwrDK7uI3yIdK4TXixOoGzpKQ9zTG7d/OZjfdUSQNKENwRaPA2wPyUsk
	7dOm6aRzTFtnn7V7ZaDzPEw0iOCsXGBUlGLW7D2fk2FiAq4B1vsI9pvBgIR4n/nKkN1iWJ
	rJ67qMXM+2tBgNkOxGT+ZO5M+9TnSylmZca02hz74Gm7+WyhAn9ZzdAFz4JrK6Q9d+wtw4
	gvAsxoQBda1tvCiEBeDeAi6NIwAvFcXxjSwocUL9lFnQB1MRj5ldnzPpaYZn0Q==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SwHrY1Wfmztq1;
	Wed, 20 Dec 2023 15:42:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BKFgrEO064026;
	Wed, 20 Dec 2023 15:42:53 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BKFgrHn064023;
	Wed, 20 Dec 2023 15:42:53 GMT
	(envelope-from git)
Date: Wed, 20 Dec 2023 15:42:53 GMT
Message-Id: <202312201542.3BKFgrHn064023@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: "Kenneth D. Merry" <ken@FreeBSD.org>
Subject: git: 504e85ade103 - stable/14 - mpr, mps: Establish busdma
  boundaries for memory pools
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: ken
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 504e85ade103b0c2cafefb2d9dea86e94aef779f
Auto-Submitted: auto-generated

The branch stable/14 has been updated by ken:

URL: https://cgit.FreeBSD.org/src/commit/?id=504e85ade103b0c2cafefb2d9dea86e94aef779f

commit 504e85ade103b0c2cafefb2d9dea86e94aef779f
Author:     Kenneth D. Merry <ken@FreeBSD.org>
AuthorDate: 2023-12-14 20:05:17 +0000
Commit:     Kenneth D. Merry <ken@FreeBSD.org>
CommitDate: 2023-12-20 15:40:42 +0000

    mpr, mps:  Establish busdma boundaries for memory pools
    
    Most all of the memory used by the cards in the mpr(4) and mps(4)
    drivers is required, according to the specs and Broadcom developers,
    to be within a 4GB segment of memory.
    
    This includes:
    
    System Request Message Frames pool
    Reply Free Queues pool
    ReplyDescriptorPost Queues pool
    Chain Segments pool
    Sense Buffers pool
    SystemReply message pool
    
    We got a bug report from Dwight Engen, who ran into data corruption
    in the BAE port of FreeBSD:
    
    > We have a port of the FreeBSD mpr driver to our kernel and recently
    > I found an issue under heavy load where a DMA may go to the wrong
    > address. The test system is a Supermicro X10SRH-CLN4F with the
    > onboard SAS3008 controller setup with 2 enterprise Micron SSDs in
    > RAID 0 (striped). I have debugged the issue and narrowed down that
    > the errant DMA is one that has a segment that crosses a 4GB
    > physical boundary.  There are more details I can provide if you'd
    > like, but with the attached patch in place I can no longer
    > re-create the issue.
    
    > I'm not sure if this is a known limit of the card (have not found a
    > datasheet/programming docs for the chip) or our system is just
    > doing something a bit different. Any helpful info or insight would
    > be welcome.
    
    > Anyway, just thought this might be helpful info if you want to
    > apply a similar fix to FreeBSD. You can ignore/discard the commit
    > message as it is my internal commit (blkio is our own tool we use
    > to write/read every block of a device with CRC verification which
    > is how I found the problem).
    
    The commit message was:
    
    > [PATCH 8/9] mpr: fix memory corrupting DMA when sg segment crosses
    > 4GB boundary
    
    > Test case was two SSD's in RAID 0 (stripe). The logical disk was
    > then partitioned into two partitions. One partition had lots of
    > filesystem I/O and the other was initially filled using blkio with
    > CRCable data and then read back with blkio CRC verify in a loop.
    > Eventually blkio would report a bad CRC block because the physical
    > page being read-ahead into didn't contain the right data. If the
    > physical address in the arq/segs was for example 0x500003000 the
    > data would actually be DMAed to 0x400003000.
    
    The original patch was against mpr(4) before busdma templates were
    introduced, and only affected the buffer pool (sc->buffer_dmat) in
    the mpr(4) driver. After some discussion with Dwight and the
    LSI/Broadcom developers and looking through the driver, it looks
    like most of the queues in the driver are ok, because they limit
    the memory used to memory below 4GB. The buffer queue and the chain
    frames seem to be the exceptions.
    
    This is pretty much the same between the mpr(4) and mps(4) drivers.
    
    So, apply a 4GB boundary limitation for the buffer and chain frame pools
    in the mpr(4) and mps(4) drivers.
    
    Reported by:    Dwight Engen <dwight.engen@gmail.com>
    Reviewed by:    imp
    Obtained from:  Dwight Engen <dwight.engen@gmail.com>
    Differential Revision:  <https://reviews.freebsd.org/D43008>
    
    (cherry picked from commit 264610a86e14f8e123d94c3c3bd9632d75c078a3)
---
 sys/dev/mpr/mpr.c | 6 ++++--
 sys/dev/mps/mps.c | 6 ++++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/sys/dev/mpr/mpr.c b/sys/dev/mpr/mpr.c
index 23f7ff0c3e9a..d5c02f9608ca 100644
--- a/sys/dev/mpr/mpr.c
+++ b/sys/dev/mpr/mpr.c
@@ -1500,7 +1500,8 @@ mpr_alloc_requests(struct mpr_softc *sc)
 	rsize = sc->chain_frame_size * sc->num_chains;
 	bus_dma_template_init(&t, sc->mpr_parent_dmat);
 	BUS_DMA_TEMPLATE_FILL(&t, BD_ALIGNMENT(16), BD_MAXSIZE(rsize),
-	    BD_MAXSEGSIZE(rsize), BD_NSEGMENTS((howmany(rsize, PAGE_SIZE))));
+	    BD_MAXSEGSIZE(rsize), BD_NSEGMENTS((howmany(rsize, PAGE_SIZE))),
+	    BD_BOUNDARY(BUS_SPACE_MAXSIZE_32BIT+1));
 	if (bus_dma_template_tag(&t, &sc->chain_dmat)) {
 		mpr_dprint(sc, MPR_ERROR, "Cannot allocate chain DMA tag\n");
 		return (ENOMEM);
@@ -1552,7 +1553,8 @@ mpr_alloc_requests(struct mpr_softc *sc)
 	BUS_DMA_TEMPLATE_FILL(&t, BD_MAXSIZE(BUS_SPACE_MAXSIZE_32BIT),
 	    BD_NSEGMENTS(nsegs), BD_MAXSEGSIZE(BUS_SPACE_MAXSIZE_32BIT),
 	    BD_FLAGS(BUS_DMA_ALLOCNOW), BD_LOCKFUNC(busdma_lock_mutex),
-	    BD_LOCKFUNCARG(&sc->mpr_mtx));
+	    BD_LOCKFUNCARG(&sc->mpr_mtx),
+	    BD_BOUNDARY(BUS_SPACE_MAXSIZE_32BIT+1));
 	if (bus_dma_template_tag(&t, &sc->buffer_dmat)) {
 		mpr_dprint(sc, MPR_ERROR, "Cannot allocate buffer DMA tag\n");
 		return (ENOMEM);
diff --git a/sys/dev/mps/mps.c b/sys/dev/mps/mps.c
index f358ab8a73a9..adad2450a3d4 100644
--- a/sys/dev/mps/mps.c
+++ b/sys/dev/mps/mps.c
@@ -1431,7 +1431,8 @@ mps_alloc_requests(struct mps_softc *sc)
 	rsize = sc->reqframesz * sc->num_chains;
 	bus_dma_template_clone(&t, sc->req_dmat);
 	BUS_DMA_TEMPLATE_FILL(&t, BD_MAXSIZE(rsize), BD_MAXSEGSIZE(rsize),
-	    BD_NSEGMENTS(howmany(rsize, PAGE_SIZE)));
+	    BD_NSEGMENTS(howmany(rsize, PAGE_SIZE)),
+	    BD_BOUNDARY(BUS_SPACE_MAXSIZE_32BIT+1));
 	if (bus_dma_template_tag(&t, &sc->chain_dmat)) {
 		mps_dprint(sc, MPS_ERROR, "Cannot allocate chain DMA tag\n");
 		return (ENOMEM);
@@ -1473,7 +1474,8 @@ mps_alloc_requests(struct mps_softc *sc)
 	BUS_DMA_TEMPLATE_FILL(&t, BD_MAXSIZE(BUS_SPACE_MAXSIZE_32BIT),
 	    BD_NSEGMENTS(nsegs), BD_MAXSEGSIZE(BUS_SPACE_MAXSIZE_24BIT),
 	    BD_FLAGS(BUS_DMA_ALLOCNOW), BD_LOCKFUNC(busdma_lock_mutex),
-	    BD_LOCKFUNCARG(&sc->mps_mtx));
+	    BD_LOCKFUNCARG(&sc->mps_mtx),
+	    BD_BOUNDARY(BUS_SPACE_MAXSIZE_32BIT+1));
         if (bus_dma_template_tag(&t, &sc->buffer_dmat)) {
 		mps_dprint(sc, MPS_ERROR, "Cannot allocate buffer DMA tag\n");
 		return (ENOMEM);

From nobody Wed Dec 20 15:44:23 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SwHtH5rYfz554yK;
	Wed, 20 Dec 2023 15:44:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SwHtH55Vmz4gxh;
	Wed, 20 Dec 2023 15:44:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703087063;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=WFxylETIIGNfsaEZGOgrkwqLmVCySxP3u7PiXKnEU4E=;
	b=C0UOSWcmjBfbZ/M1pqKDHv2kf2z5dSze6f/YPpa2wwIF8eDnlDj6CpoBOLmvqxIfeSYztz
	109xRTTkuFRwKkaI432VOCT6xdQSrzHQVq7bY2IKJ3n/DmMBLVCZFnveLqynmcNOvNj0Xx
	7XvxOXEl5DjT4UqjcQCwt57O9/oDn9p9OjvfDZQBge6QhQ5mJvhXIKE+Uk6IwYgAwIOt3c
	H/khcjvyXaT86sVy8ZffjvFNAGyV1LfvdyhmgBOJ2XTiN+92jD5PHxDhLDJ2v31mvcT/BW
	liWFSxSdnCVRvhFf0Ua03uv5bIuEw1FZmY2Z/zqGfaUoP0f+QEKwV8ulkyFDwA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703087063; a=rsa-sha256; cv=none;
	b=XclxMoMU+cXj22ooZzwsprMUqXmtkYz53A1Ala9KSW6SjVkqwzYyAPTSy8h70VWk7lWvcY
	ymuz94VIVWtlrtQ+JKmivAedYxElVQwiwah8wO/p3ftlXwyERu6YZV/GbbgZZVBWrBV4Wr
	+vc8Gf0h3yNl76zbhtBhe9o32MtWabuMW9PAWvqCHecJJJYN8eVekhQBwp316ix5GQTJ8o
	2Y1V5zh6ngZJm02K1ZxP6Wj9vEd09o4fc0wZ6Yej+YF53wSRtSINjaFrDSDmWafpwxkVJH
	WImsGa9fAt8XddYchecqDBfZJse+Dmu9NnU5dlTvJU6nIhQ7Su4pQhVv2BI/gg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703087063;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=WFxylETIIGNfsaEZGOgrkwqLmVCySxP3u7PiXKnEU4E=;
	b=GetAXpfyvhyGwqxR3g0jx8PE6SRLDg/YV22jiQ5xAwmCFjafz+w4elwewDedFGypBxZAYX
	Gn2suo2QkxfwBAUuH+hawy9cic+IK+g9cg4kp0iqTS6T+fw4WQX/suPqWY7ni0dhuDrcue
	dzxN0Fd+nzx6J8Sbp2t68342Yyb0AKHYsCCU/+ugJOGt/LzOp6uYejCUGzE6THVDgZtChd
	eE860xyh+5zBvKLPP4a4HAttWtsppvR1fr2cd85Y8gloyzh4E9jCFYP4faUcrfarFuxF50
	K7HBhnKr2KT5RQD4drLNFXSwDdzJaU493VXDH5GQsJa7Vxt0/UytU8RRUOUBtA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SwHtH49B5ztvn;
	Wed, 20 Dec 2023 15:44:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BKFiNPM064556;
	Wed, 20 Dec 2023 15:44:23 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BKFiN4l064553;
	Wed, 20 Dec 2023 15:44:23 GMT
	(envelope-from git)
Date: Wed, 20 Dec 2023 15:44:23 GMT
Message-Id: <202312201544.3BKFiN4l064553@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: "Kenneth D. Merry" <ken@FreeBSD.org>
Subject: git: 5ffcdc96ac71 - stable/13 - mpr, mps: Establish busdma
  boundaries for memory pools
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: ken
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 5ffcdc96ac71a54e33b86a13fe5b53ebf303f3af
Auto-Submitted: auto-generated

The branch stable/13 has been updated by ken:

URL: https://cgit.FreeBSD.org/src/commit/?id=5ffcdc96ac71a54e33b86a13fe5b53ebf303f3af

commit 5ffcdc96ac71a54e33b86a13fe5b53ebf303f3af
Author:     Kenneth D. Merry <ken@FreeBSD.org>
AuthorDate: 2023-12-14 20:05:17 +0000
Commit:     Kenneth D. Merry <ken@FreeBSD.org>
CommitDate: 2023-12-20 15:43:21 +0000

    mpr, mps:  Establish busdma boundaries for memory pools
    
    Most all of the memory used by the cards in the mpr(4) and mps(4)
    drivers is required, according to the specs and Broadcom developers,
    to be within a 4GB segment of memory.
    
    This includes:
    
    System Request Message Frames pool
    Reply Free Queues pool
    ReplyDescriptorPost Queues pool
    Chain Segments pool
    Sense Buffers pool
    SystemReply message pool
    
    We got a bug report from Dwight Engen, who ran into data corruption
    in the BAE port of FreeBSD:
    
    > We have a port of the FreeBSD mpr driver to our kernel and recently
    > I found an issue under heavy load where a DMA may go to the wrong
    > address. The test system is a Supermicro X10SRH-CLN4F with the
    > onboard SAS3008 controller setup with 2 enterprise Micron SSDs in
    > RAID 0 (striped). I have debugged the issue and narrowed down that
    > the errant DMA is one that has a segment that crosses a 4GB
    > physical boundary.  There are more details I can provide if you'd
    > like, but with the attached patch in place I can no longer
    > re-create the issue.
    
    > I'm not sure if this is a known limit of the card (have not found a
    > datasheet/programming docs for the chip) or our system is just
    > doing something a bit different. Any helpful info or insight would
    > be welcome.
    
    > Anyway, just thought this might be helpful info if you want to
    > apply a similar fix to FreeBSD. You can ignore/discard the commit
    > message as it is my internal commit (blkio is our own tool we use
    > to write/read every block of a device with CRC verification which
    > is how I found the problem).
    
    The commit message was:
    
    > [PATCH 8/9] mpr: fix memory corrupting DMA when sg segment crosses
    > 4GB boundary
    
    > Test case was two SSD's in RAID 0 (stripe). The logical disk was
    > then partitioned into two partitions. One partition had lots of
    > filesystem I/O and the other was initially filled using blkio with
    > CRCable data and then read back with blkio CRC verify in a loop.
    > Eventually blkio would report a bad CRC block because the physical
    > page being read-ahead into didn't contain the right data. If the
    > physical address in the arq/segs was for example 0x500003000 the
    > data would actually be DMAed to 0x400003000.
    
    The original patch was against mpr(4) before busdma templates were
    introduced, and only affected the buffer pool (sc->buffer_dmat) in
    the mpr(4) driver. After some discussion with Dwight and the
    LSI/Broadcom developers and looking through the driver, it looks
    like most of the queues in the driver are ok, because they limit
    the memory used to memory below 4GB. The buffer queue and the chain
    frames seem to be the exceptions.
    
    This is pretty much the same between the mpr(4) and mps(4) drivers.
    
    So, apply a 4GB boundary limitation for the buffer and chain frame pools
    in the mpr(4) and mps(4) drivers.
    
    Reported by:    Dwight Engen <dwight.engen@gmail.com>
    Reviewed by:    imp
    Obtained from:  Dwight Engen <dwight.engen@gmail.com>
    Differential Revision:  <https://reviews.freebsd.org/D43008>
    
    (cherry picked from commit 264610a86e14f8e123d94c3c3bd9632d75c078a3)
---
 sys/dev/mpr/mpr.c | 6 ++++--
 sys/dev/mps/mps.c | 6 ++++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/sys/dev/mpr/mpr.c b/sys/dev/mpr/mpr.c
index 161914748e56..f042f71825b5 100644
--- a/sys/dev/mpr/mpr.c
+++ b/sys/dev/mpr/mpr.c
@@ -1500,7 +1500,8 @@ mpr_alloc_requests(struct mpr_softc *sc)
 	rsize = sc->chain_frame_size * sc->num_chains;
 	bus_dma_template_init(&t, sc->mpr_parent_dmat);
 	BUS_DMA_TEMPLATE_FILL(&t, BD_ALIGNMENT(16), BD_MAXSIZE(rsize),
-	    BD_MAXSEGSIZE(rsize), BD_NSEGMENTS((howmany(rsize, PAGE_SIZE))));
+	    BD_MAXSEGSIZE(rsize), BD_NSEGMENTS((howmany(rsize, PAGE_SIZE))),
+	    BD_BOUNDARY(BUS_SPACE_MAXSIZE_32BIT+1));
 	if (bus_dma_template_tag(&t, &sc->chain_dmat)) {
 		mpr_dprint(sc, MPR_ERROR, "Cannot allocate chain DMA tag\n");
 		return (ENOMEM);
@@ -1552,7 +1553,8 @@ mpr_alloc_requests(struct mpr_softc *sc)
 	BUS_DMA_TEMPLATE_FILL(&t, BD_MAXSIZE(BUS_SPACE_MAXSIZE_32BIT),
 	    BD_NSEGMENTS(nsegs), BD_MAXSEGSIZE(BUS_SPACE_MAXSIZE_32BIT),
 	    BD_FLAGS(BUS_DMA_ALLOCNOW), BD_LOCKFUNC(busdma_lock_mutex),
-	    BD_LOCKFUNCARG(&sc->mpr_mtx));
+	    BD_LOCKFUNCARG(&sc->mpr_mtx),
+	    BD_BOUNDARY(BUS_SPACE_MAXSIZE_32BIT+1));
 	if (bus_dma_template_tag(&t, &sc->buffer_dmat)) {
 		mpr_dprint(sc, MPR_ERROR, "Cannot allocate buffer DMA tag\n");
 		return (ENOMEM);
diff --git a/sys/dev/mps/mps.c b/sys/dev/mps/mps.c
index 10aea28db9ee..ca037071c298 100644
--- a/sys/dev/mps/mps.c
+++ b/sys/dev/mps/mps.c
@@ -1428,7 +1428,8 @@ mps_alloc_requests(struct mps_softc *sc)
 	rsize = sc->reqframesz * sc->num_chains;
 	bus_dma_template_clone(&t, sc->req_dmat);
 	BUS_DMA_TEMPLATE_FILL(&t, BD_MAXSIZE(rsize), BD_MAXSEGSIZE(rsize),
-	    BD_NSEGMENTS(howmany(rsize, PAGE_SIZE)));
+	    BD_NSEGMENTS(howmany(rsize, PAGE_SIZE)),
+	    BD_BOUNDARY(BUS_SPACE_MAXSIZE_32BIT+1));
 	if (bus_dma_template_tag(&t, &sc->chain_dmat)) {
 		mps_dprint(sc, MPS_ERROR, "Cannot allocate chain DMA tag\n");
 		return (ENOMEM);
@@ -1470,7 +1471,8 @@ mps_alloc_requests(struct mps_softc *sc)
 	BUS_DMA_TEMPLATE_FILL(&t, BD_MAXSIZE(BUS_SPACE_MAXSIZE_32BIT),
 	    BD_NSEGMENTS(nsegs), BD_MAXSEGSIZE(BUS_SPACE_MAXSIZE_24BIT),
 	    BD_FLAGS(BUS_DMA_ALLOCNOW), BD_LOCKFUNC(busdma_lock_mutex),
-	    BD_LOCKFUNCARG(&sc->mps_mtx));
+	    BD_LOCKFUNCARG(&sc->mps_mtx),
+	    BD_BOUNDARY(BUS_SPACE_MAXSIZE_32BIT+1));
         if (bus_dma_template_tag(&t, &sc->buffer_dmat)) {
 		mps_dprint(sc, MPS_ERROR, "Cannot allocate buffer DMA tag\n");
 		return (ENOMEM);

From nobody Thu Dec 21 09:36:16 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Swlg44fv4z54b0f;
	Thu, 21 Dec 2023 09:36:16 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Swlg43tD3z3SdC;
	Thu, 21 Dec 2023 09:36:16 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703151376;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=l3225KxVyZNpIReE5n5v2zZtkMCq2dICrKmEXmY5oDU=;
	b=XHUVwrC5qDqpKzqfqLaHuLyUwBP/MJfSyJPwQvYJ+1zfOruuLrMcHV8G08u0OD/KuE7xrR
	p4B45s6CWFl/K5vCnnKALNGHI/kOfT+mQamyA6ZUoGdivqjlGXjfmMJtYVRu/USt21F9kE
	woAqmefGa9GP8fssVlwLRaIoSFTHqzN58lU4og4ndDnY9x9CzGEQIlZD/oYxqbS3H8klcG
	N4XQjghbYeHt9iXkTR6KN1YIDQEqHd4/UpMnmJjh/O17dR9tzSlDmoIVhFTPjDEFdfevJe
	arTTBDFFQTSQd5NBzR9Vq38CIHzYpxPGQNt2rP+AMvNJ8e46Zm2iYofF7ETXJg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703151376; a=rsa-sha256; cv=none;
	b=UwPPFArkLI9nZmDrcOFOUhnA3qqz6uypEvrY6foixI+jAmBg4MUyPvZHqZ0PbvtgqzaGTd
	BFb4qzDotYOdJAcEtVNsxUNUE/uXYoY9JbSbX7qCBgysbOFEFG4MR1t7OZJRswnAHXTJxh
	ghl8zuwW1QZUCOcfANHSLCXeHKWEigMhx14gBTTiprLWIwkjyRMKtB0nhfgQ7QR3otEDCg
	lBFpo3jzAba6Bg9h13EPP7lfY9MlgkBgRoeNAnsvchLsd2Cw64MIESYVwcvaF86++MZ6bd
	cw3RmMamV8IsGu39/p9Qnq3HFBy6JixehWzP2rWsPodlpwLa0iUDRWsmvo4JnQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703151376;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=l3225KxVyZNpIReE5n5v2zZtkMCq2dICrKmEXmY5oDU=;
	b=Pxv2h5i6G+oXMTRCNS0LPK22GSHH6FxrL5w/tXIMcvVkd9lxeC/EyNqVD8kpnGomj9gS+l
	iNuhVBKcfpZqHkZw7neNdEvJ4fmu8R7KdaiuDKRV1yEB7d3sIxR0lUEEK288/RFuF4Tvfy
	WcwWR+WsLeM/d5wU49SwzkqNqIwVSSUs14R5FPi6uBDo7CTP2yAsIWP/BAOcbFE7FT0HsJ
	GN6j2S3jp2q/jM7Cw5icaT9+6zx5X8QG+uc3NSWuqpeAHyylYa4zmi3pmnPksplfDfZY2Q
	Uf5MuR5ZdqrEyqb+WXRgAMDT42rCKhXzQ4MLyTFpTXvxaaxXWNxAoPRRgmVkXA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Swlg42wpyzC3S;
	Thu, 21 Dec 2023 09:36:16 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BL9aGhv060744;
	Thu, 21 Dec 2023 09:36:16 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BL9aGXa060741;
	Thu, 21 Dec 2023 09:36:16 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 09:36:16 GMT
Message-Id: <202312210936.3BL9aGXa060741@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Kristof Provost <kp@FreeBSD.org>
Subject: git: df1bacc781c7 - stable/13 - pf tests: fix typos in the
  abort_v6 test case head / cleanup function name
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kp
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: df1bacc781c766c79038a085c05ec08977c75c46
Auto-Submitted: auto-generated

The branch stable/13 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=df1bacc781c766c79038a085c05ec08977c75c46

commit df1bacc781c766c79038a085c05ec08977c75c46
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2023-12-14 09:22:26 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2023-12-21 09:35:57 +0000

    pf tests: fix typos in the abort_v6 test case head / cleanup function name
    
    MFC after:      1 week
    
    (cherry picked from commit 8fab83d2c5c5e801105dbf25c28252fc97935b00)
---
 tests/sys/netpfil/pf/sctp.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/sys/netpfil/pf/sctp.sh b/tests/sys/netpfil/pf/sctp.sh
index 86356128bb7e..66225e132d1c 100644
--- a/tests/sys/netpfil/pf/sctp.sh
+++ b/tests/sys/netpfil/pf/sctp.sh
@@ -240,7 +240,7 @@ abort_v4_cleanup()
 }
 
 atf_test_case "abort_v6" "cleanup"
-abort_v4_head()
+abort_v6_head()
 {
 	atf_set descr 'Test sending ABORT messages over IPv6'
 	atf_set require.user root
@@ -292,7 +292,7 @@ abort_v6_body()
 	fi
 }
 
-abort_v4_cleanup()
+abort_v6_cleanup()
 {
 	pft_cleanup
 }

From nobody Thu Dec 21 09:36:16 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Swlg52fHNz54ZXQ;
	Thu, 21 Dec 2023 09:36:17 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Swlg515jmz3SmG;
	Thu, 21 Dec 2023 09:36:17 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703151377;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=slPtuKXpR8uFRvG5yEZfpQ4f7LVBwv69hUJdj0mIFZM=;
	b=ugkGJkg8HsWqyaFzCyutnafw9Ug8Ddk3X1FdazHeutywJxxYLyGz4dSTmf2QTstshMHZJN
	GCUzkC49rNss6KYmVu8GFw94OyrdgBTwve1U9jpeSBpnP+B1wBa2QfTdXM64FCScEzYVFb
	E+BCqUoFrWEDP3gOpOUY2uknbSY6vCfKWMj/nyXTAT/jRBOlF26gz5Y8j7+yvnzUAXhntw
	CTdcx2F0rmM+IpRcFihMJKFJOB2EZmTx+QzQUf/o4L6jIGvAXe0kSaQiI94cLKclYnOVEp
	NRb5xf4jQCP66lng1Me3/3QgvKPEVAoFk47l3pBp1W3Kv9tqAFPfovCvQPAZgA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703151377; a=rsa-sha256; cv=none;
	b=fwFOHbD+t+j7yHThyb6FcEzcfZV2FzwrJYiwhC2alAsbclSgviX4DtjAP4bBYzR2sdCD8d
	bTGF9ix71kZ5hTe/7v8qfqynxB+wWfBD9sN7UMlPR/zvQtBrQaKlL3SuWKwP2Vc1tz1bSd
	YUQraCrm8qHKgPeI3L/mvfwPaSvHL+LcwLuS+2Oz7Frhn8PbcFKcU7qmDB92Qp8jp0ZM+/
	UQg6psv1gBxcI2OCSsD89UA1OAY8W+lFNiNvMOjxcf8Muste7HQmnYhKzUQA3TPD3kmzzO
	cfrDS9wLpNlS3ZUR0cZHMURpWSOznIGvF06sh/+hVbV9fku0JwLF+WZEZBIthQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703151377;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=slPtuKXpR8uFRvG5yEZfpQ4f7LVBwv69hUJdj0mIFZM=;
	b=cFiEf5bMvfcVWHOGjV+9NN9+9Pom6RQO6dP9qYZqzW0zf+R5ETJPFsql33nYYv64H4lxy5
	zmL/XNihI32PRf6KH9slElTmxTHOWBU9K3D3cyaZ81J0C59YnN/71TU5qlZIV6rIANdGET
	u+v/oyE5uPAFHL6tKxHLPC7swdXD6P92BeQ2mR7d+XA7cSLMoBRWb77uV7YU4sQ+STwLvY
	0mPBaiQ9X7Un5bj4OOrJiGapT+NVBFSB26noH2n0RJHB+LL+wQitSQSYEh01uoeRLLJl1s
	sOTdQK2xuBGr7LwvysvQr/cbWKZiJ4JmgUjIKSI9COBVVM9NSwggHPs0s97QsA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Swlg4714BzCF1;
	Thu, 21 Dec 2023 09:36:16 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BL9aGkQ060868;
	Thu, 21 Dec 2023 09:36:16 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BL9aGjF060865;
	Thu, 21 Dec 2023 09:36:16 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 09:36:16 GMT
Message-Id: <202312210936.3BL9aGjF060865@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Kristof Provost <kp@FreeBSD.org>
Subject: git: f6d8ea893bb2 - stable/14 - pf tests: fix typos in the
  abort_v6 test case head / cleanup function name
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kp
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: f6d8ea893bb228dcd8e5ece6f52b6e6cec5c2061
Auto-Submitted: auto-generated

The branch stable/14 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=f6d8ea893bb228dcd8e5ece6f52b6e6cec5c2061

commit f6d8ea893bb228dcd8e5ece6f52b6e6cec5c2061
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2023-12-14 09:22:26 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2023-12-21 09:35:51 +0000

    pf tests: fix typos in the abort_v6 test case head / cleanup function name
    
    MFC after:      1 week
    
    (cherry picked from commit 8fab83d2c5c5e801105dbf25c28252fc97935b00)
---
 tests/sys/netpfil/pf/sctp.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/sys/netpfil/pf/sctp.sh b/tests/sys/netpfil/pf/sctp.sh
index 86356128bb7e..66225e132d1c 100644
--- a/tests/sys/netpfil/pf/sctp.sh
+++ b/tests/sys/netpfil/pf/sctp.sh
@@ -240,7 +240,7 @@ abort_v4_cleanup()
 }
 
 atf_test_case "abort_v6" "cleanup"
-abort_v4_head()
+abort_v6_head()
 {
 	atf_set descr 'Test sending ABORT messages over IPv6'
 	atf_set require.user root
@@ -292,7 +292,7 @@ abort_v6_body()
 	fi
 }
 
-abort_v4_cleanup()
+abort_v6_cleanup()
 {
 	pft_cleanup
 }

From nobody Thu Dec 21 13:43:21 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws896N7Sz54pfT;
	Thu, 21 Dec 2023 13:43:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws895nXhz4NFF;
	Thu, 21 Dec 2023 13:43:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166201;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Xw1PYDei69F4QvfYVJuLjMLr7Md4CdU5J3KKt2m/syk=;
	b=Lc8mkcFSWptHHfn22jZrT18oypanCkrh+bhLQjPUH+DM4WMP1Jvn/oGXgV4hRCjkHDUqpr
	PFZKMU7aemsI+PgXdgL8yO8rYJSCwlOBAR56h2RVURotEUJ5s+UTz9T6yKRPpVTOFjg39S
	6+gvKAziEXLxVfmQhb2316MbDyGmlrK+LaGmcOePWqysKkHuK64KgsRZrPKXFPjHLWAX17
	CgJNScvVyP08KEYYR/T4dJxjdZXcgu12ZVGH5PSpgK+xPolZrLvp6bdcck0btOqSwhmlrG
	va1lZsdD1+mRDZqo0OVMJoaJRiUxg2bNnGF4e2n/WeyoO2VY3wJBGSobCNn0Ag==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166201; a=rsa-sha256; cv=none;
	b=d2tusZNxchnBDg5qS3Bl8OLJX5db3X7MUkt5YMtLoNcj5Io1LGQiuXdvoeLluWgUNJmiVb
	8djBJiM/kqtCZBZVRiiau0ZeMQPxOBNKLFMwDUNbYKgTCQgh1Ofdd97lV1L64PciEjS70f
	I0SzEjXCM5Dd+zHcDIfL+2PB+hqVZfXrZbKXQHxEafjj+pfg1DkSJtXJDntOkWeK+qb4VZ
	KRuBf9IGNgfNWCF2EqnzTpqvZWv/bWG8+r/F+LfHK75QWUfYMdJ6a6WbmNUKxGcXOXQF0Q
	RbIMKIKjsY/nyyjDGZY/K+dt/AiEp75KwgMA31FU/buXdeEbnCUYg+Amn+j77A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166201;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Xw1PYDei69F4QvfYVJuLjMLr7Md4CdU5J3KKt2m/syk=;
	b=ZcIXV9qTllFpWx4AC542TfWb6WEBBb9sfdVzLgORq8kxN5tc8cqpdklPYx0BkaAoTa1sGk
	XRJWv1EcL6sLmG5pbSWPuaNqrQbzwrwSUGTe6CWD8FPBc6ziVdTG4+ry9oKRJcDg4D3or+
	8oysG1/GP2wVT5qF4Zb2Gxeg4OVK9b43kwV+yEXho94mAiet2KUoLRquWFLvfR5wgqM3iH
	q+rkJtnbtdOVWa6L0VKpCuSXNPcD4rMC5XKhgIEfDQn12/yiycc6DsBv/ccTHo+JHsWN6g
	GtSdSiM4+T+BAYrKuWAuSaROA76p4GtckVKXiYRsoaEYt00YjdEJe+Y2dZC2Pg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws894rfVzZmG;
	Thu, 21 Dec 2023 13:43:21 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhLQA078530;
	Thu, 21 Dec 2023 13:43:21 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhLH8078527;
	Thu, 21 Dec 2023 13:43:21 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:21 GMT
Message-Id: <202312211343.3BLDhLH8078527@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 7552dce04702 - stable/13 - x86: AMD Zen2: Zenbleed
  chicken bit mitigation
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 7552dce0470201fc150b0fc7a2c1b5c452dc35ca
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=7552dce0470201fc150b0fc7a2c1b5c452dc35ca

commit 7552dce0470201fc150b0fc7a2c1b5c452dc35ca
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-09-11 14:18:30 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:35:48 +0000

    x86: AMD Zen2: Zenbleed chicken bit mitigation
    
    Applies only to bare-metal Zen2 processors.  The system currently
    automatically applies it to all of them.
    
    Tunable/sysctl 'machdep.mitigations.zenbleed.enable' can be used to
    forcibly enable or disable the mitigation at boot or run-time.  Possible
    values are:
    
        0: Mitigation disabled
        1: Mitigation enabled
        2: Run the automatic determination.
    
    Currently, value 2 is the default and has identical effect as value 1.
    This might change in the future if we choose to take into account
    microcode revisions in the automatic determination process.
    
    The tunable/sysctl value is simply ignored on non-applicable CPU models,
    which is useful to apply the same configuration on a set of machines
    that do not all have Zen2 processors.  Trying to set it to any integer
    value not listed above is silently equivalent to setting it to value 2
    (automatic determination).
    
    The current mitigation state can be queried through sysctl
    'machdep.mitigations.zenbleed.state', which returns "Not applicable",
    "Mitigation enabled" or "Mitigation disabled".  Note that this state is
    not guaranteed to be accurate in case of intervening modifications of
    the corresponding chicken bit directly via cpuctl(4) (this includes the
    cpucontrol(8) utility).  Resetting the desired policy through
    'machdep.mitigations.zenbleed.enable' (possibly to its current value)
    will reset the hardware state and ensure that the reported state is
    again coherent with it.
    
    Reviewed by:    kib
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D41817
    
    (cherry picked from commit ebaea1bcd2eb0aa90937637ed305184b6fedc69b)
    
    Approved by:    markj (mentor)
---
 sys/amd64/acpica/acpi_wakeup.c |   1 +
 sys/amd64/amd64/initcpu.c      |   3 +
 sys/amd64/amd64/machdep.c      |   4 ++
 sys/dev/cpuctl/cpuctl.c        |   1 +
 sys/x86/include/specialreg.h   |   1 +
 sys/x86/include/x86_var.h      |   3 +
 sys/x86/x86/cpu_machdep.c      | 123 +++++++++++++++++++++++++++++++++++++++++
 7 files changed, 136 insertions(+)

diff --git a/sys/amd64/acpica/acpi_wakeup.c b/sys/amd64/acpica/acpi_wakeup.c
index 3b21935255cb..0f9f987b6590 100644
--- a/sys/amd64/acpica/acpi_wakeup.c
+++ b/sys/amd64/acpica/acpi_wakeup.c
@@ -306,6 +306,7 @@ acpi_wakeup_machdep(struct acpi_softc *sc, int state, int sleep_result,
 		amd64_syscall_ret_flush_l1d_recalc();
 		hw_ssb_recalculate(true);
 		x86_rngds_mitg_recalculate(true);
+		zenbleed_check_and_apply(true);
 
 		AcpiSetFirmwareWakingVector(0, 0);
 	} else {
diff --git a/sys/amd64/amd64/initcpu.c b/sys/amd64/amd64/initcpu.c
index eb699a4f90fc..20ac7f7c6be1 100644
--- a/sys/amd64/amd64/initcpu.c
+++ b/sys/amd64/amd64/initcpu.c
@@ -193,6 +193,9 @@ init_amd(void)
 			hw_lower_amd64_sharedpage = 1;
 		}
 	}
+
+	/* Zenbleed.  See the comments in 'cpu_machdep.c'. */
+	zenbleed_check_and_apply(false);
 }
 
 /*
diff --git a/sys/amd64/amd64/machdep.c b/sys/amd64/amd64/machdep.c
index d4de3c0fd679..eef11f0bdddd 100644
--- a/sys/amd64/amd64/machdep.c
+++ b/sys/amd64/amd64/machdep.c
@@ -1493,6 +1493,10 @@ hammer_time(u_int64_t modulep, u_int64_t physfree)
 	TUNABLE_INT_FETCH("machdep.mitigations.rngds.enable",
 	    &x86_rngds_mitg_enable);
 
+	TUNABLE_INT_FETCH("machdep.mitigations.zenbleed.enable",
+	    &zenbleed_enable);
+	zenbleed_sanitize_enable();
+
 	finishidentcpu();	/* Final stage of CPU initialization */
 
 	/*
diff --git a/sys/dev/cpuctl/cpuctl.c b/sys/dev/cpuctl/cpuctl.c
index 9c56db1ad19a..1fa655342121 100644
--- a/sys/dev/cpuctl/cpuctl.c
+++ b/sys/dev/cpuctl/cpuctl.c
@@ -546,6 +546,7 @@ cpuctl_do_eval_cpu_features(int cpu, struct thread *td)
 	hw_mds_recalculate();
 	x86_taa_recalculate();
 	x86_rngds_mitg_recalculate(true);
+	zenbleed_check_and_apply(true);
 	printcpuinfo();
 	return (0);
 }
diff --git a/sys/x86/include/specialreg.h b/sys/x86/include/specialreg.h
index f45990a056c8..4886430c84b6 100644
--- a/sys/x86/include/specialreg.h
+++ b/sys/x86/include/specialreg.h
@@ -1172,6 +1172,7 @@
 /* MSR_DE_CFG */
 #define DE_CFG_10H_12H_STACK_POINTER_JUMP_FIX_BIT	0x1
 #define DE_CFG_ZEN_LOAD_STALE_DATA_FIX_BIT		0x2000
+#define DE_CFG_ZEN2_FP_BACKUP_FIX_BIT			0x200
 
 /* VIA ACE crypto featureset: for via_feature_rng */
 #define	VIA_HAS_RNG		1	/* cpu has RNG */
diff --git a/sys/x86/include/x86_var.h b/sys/x86/include/x86_var.h
index 5998998f0a5f..c938d96372d8 100644
--- a/sys/x86/include/x86_var.h
+++ b/sys/x86/include/x86_var.h
@@ -90,6 +90,7 @@ extern	int	hw_ssb_active;
 extern	int	x86_taa_enable;
 extern	int	cpu_flush_rsb_ctxsw;
 extern	int	x86_rngds_mitg_enable;
+extern	int	zenbleed_enable;
 extern	int	cpu_amdc1e_bug;
 
 struct	pcb;
@@ -139,6 +140,8 @@ void	hw_mds_recalculate(void);
 void	hw_ssb_recalculate(bool all_cpus);
 void	x86_taa_recalculate(void);
 void	x86_rngds_mitg_recalculate(bool all_cpus);
+void	zenbleed_sanitize_enable(void);
+void	zenbleed_check_and_apply(bool all_cpus);
 void	nmi_call_kdb(u_int cpu, u_int type, struct trapframe *frame);
 void	nmi_call_kdb_smp(u_int type, struct trapframe *frame);
 void	nmi_handle_intr(u_int type, struct trapframe *frame);
diff --git a/sys/x86/x86/cpu_machdep.c b/sys/x86/x86/cpu_machdep.c
index 51928805a653..5b8ff03d721b 100644
--- a/sys/x86/x86/cpu_machdep.c
+++ b/sys/x86/x86/cpu_machdep.c
@@ -1482,6 +1482,129 @@ SYSCTL_PROC(_machdep_mitigations_rngds, OID_AUTO, state,
     sysctl_rngds_state_handler, "A",
     "MCU Optimization state");
 
+
+/*
+ * Zenbleed.
+ *
+ * No corresponding errata is publicly listed.  AMD has issued a security
+ * bulletin (AMD-SB-7008), entitled "Cross-Process Information Leak".  This
+ * document lists (as of August 2023) platform firmware's availability target
+ * dates, with most being November/December 2023.  It will then be up to
+ * motherboard manufacturers to produce corresponding BIOS updates, which will
+ * happen with an inevitable lag.  Additionally, for a variety of reasons,
+ * operators might not be able to apply them everywhere due.  On the side of
+ * standalone CPU microcodes, no plans for availability have been published so
+ * far.  However, a developer appearing to be an AMD employee has hardcoded in
+ * Linux revision numbers of future microcodes that are presumed to fix the
+ * vulnerability.
+ *
+ * Given the stability issues encountered with early microcode releases for Rome
+ * (the only microcode publicly released so far) and the absence of official
+ * communication on standalone CPU microcodes, we have opted instead for
+ * matching by default all AMD Zen2 processors which, according to the
+ * vulnerability's discoverer, are all affected (see
+ * https://lock.cmpxchg8b.com/zenbleed.html).  This policy, also adopted by
+ * OpenBSD, may be overriden using the tunable/sysctl
+ * 'machdep.mitigations.zenbleed.enable'.  We might revise it later depending on
+ * official statements, microcode updates' public availability and community
+ * assessment that they actually fix the vulnerability without any instability
+ * side effects.
+ */
+
+SYSCTL_NODE(_machdep_mitigations, OID_AUTO, zenbleed,
+    CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
+    "Zenbleed OS-triggered prevention (via chicken bit)");
+
+/* 2 is auto, see below. */
+int zenbleed_enable = 2;
+
+void
+zenbleed_sanitize_enable(void)
+{
+	/* Default to auto (2). */
+	if (zenbleed_enable < 0 || zenbleed_enable > 2)
+		zenbleed_enable = 2;
+}
+
+static bool
+zenbleed_chicken_bit_applicable(void)
+{
+	/* Concerns only bare-metal AMD Zen2 processors. */
+	return (cpu_vendor_id == CPU_VENDOR_AMD &&
+	    CPUID_TO_FAMILY(cpu_id) == 0x17 &&
+	    CPUID_TO_MODEL(cpu_id) >= 0x30 &&
+	    vm_guest == VM_GUEST_NO);
+}
+
+static bool
+zenbleed_chicken_bit_should_enable(void)
+{
+	/*
+	 * Obey tunable/sysctl.
+	 *
+	 * As explained above, currently, the automatic setting (2) and the "on"
+	 * one (1) have the same effect.  In the future, we might additionally
+	 * check for specific microcode revisions as part of the automatic
+	 * determination.
+	 */
+	return (zenbleed_enable != 0);
+}
+
+void
+zenbleed_check_and_apply(bool all_cpus)
+{
+	bool set;
+
+	if (!zenbleed_chicken_bit_applicable())
+		return;
+
+	set = zenbleed_chicken_bit_should_enable();
+
+	x86_msr_op(MSR_DE_CFG,
+	    (set ? MSR_OP_OR : MSR_OP_ANDNOT) |
+	    (all_cpus ? MSR_OP_RENDEZVOUS_ALL : MSR_OP_LOCAL),
+	    DE_CFG_ZEN2_FP_BACKUP_FIX_BIT, NULL);
+}
+
+static int
+sysctl_zenbleed_enable_handler(SYSCTL_HANDLER_ARGS)
+{
+	int error, val;
+
+	val = zenbleed_enable;
+	error = sysctl_handle_int(oidp, &val, 0, req);
+	if (error != 0 || req->newptr == NULL)
+		return (error);
+	zenbleed_enable = val;
+	zenbleed_sanitize_enable();
+	zenbleed_check_and_apply(true);
+	return (0);
+}
+SYSCTL_PROC(_machdep_mitigations_zenbleed, OID_AUTO, enable, CTLTYPE_INT |
+    CTLFLAG_RWTUN | CTLFLAG_NOFETCH | CTLFLAG_MPSAFE, NULL, 0,
+    sysctl_zenbleed_enable_handler, "I",
+    "Enable Zenbleed OS-triggered mitigation (chicken bit) "
+    "(0: Force disable, 1: Force enable, 2: Automatic determination)");
+
+static int
+sysctl_zenbleed_state_handler(SYSCTL_HANDLER_ARGS)
+{
+	const char *state;
+
+	if (!zenbleed_chicken_bit_applicable())
+		state = "Not applicable";
+	else if (zenbleed_chicken_bit_should_enable())
+		state = "Mitigation enabled";
+	else
+		state = "Mitigation disabled";
+	return (SYSCTL_OUT(req, state, strlen(state)));
+}
+SYSCTL_PROC(_machdep_mitigations_zenbleed, OID_AUTO, state,
+    CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0,
+    sysctl_zenbleed_state_handler, "A",
+    "Zenbleed OS-triggered mitigation (chicken bit) state");
+
+
 /*
  * Enable and restore kernel text write permissions.
  * Callers must ensure that disable_wp()/restore_wp() are executed

From nobody Thu Dec 21 13:43:22 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8C0Xkbz54pTn;
	Thu, 21 Dec 2023 13:43:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8B6rVSz4NHr;
	Thu, 21 Dec 2023 13:43:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166203;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=9Xq5NMtSrOcpnM6SEF4N2/b67OU96Aw3TckktWXQoFs=;
	b=OqN4+ax9+Fmbl8ksipoE77ySVrQFZfmvjkPO9cBE3IgTEK4YRNQH2G276mnZNB4HPK2gAw
	gyY6OSp4HGCgvq4hC7a3uE8i2F7lQSDelgK4e0+z0KZJJg8vi+Wu7giYiusgGgF4eAeV+U
	FFEti5gUxPeYt3TIe7jQ8qV5RfAlFGNm1R4KdesImMSPUWfiIubYH/VqT/Q2fa+2LBdtMH
	18Vrg3U7KUvnqGEwLbtHfZEBsQVtuisPCgjNfgvynQHrEanF48mB8yh6cdRHsgYYd1T7zp
	eD77xwp3E4kiO+oZ4WB6DgvmvqKMfQmQQu+l5hxyYOIv1AXBD3fqQNMpwtFeHw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166203; a=rsa-sha256; cv=none;
	b=jCy9p1Lm4UIwbrb/jb1jKYb4W9Brk8n/JQ8xChpDICPwnwWYZjbjSDyz9wPw33XVp6DNto
	4BE6KxL3zGG7lEKxiCU4XiEWnDg7nXlTyB5/oS5do2pvtSMCMp4Uq3w5Nc1ksX5ihGtnuX
	SI9pCa26p6CHXohoe5Jad+fvEHDk+NCaURBRlt2KpLgpkH+4Ld+YbT6E84+PuBHlJCwZqU
	KNYrx8veLOcm2/qAEYAyLH7KlVWfUFKeRw4EegHQkrtHr+4yFnQ79frfBIGyZZvdd6AylD
	BHRDv1L+08BG+rrKIliVk1s2nC7+xUMw30iXBJtHGD6R2iE4l6dFRSlzIZkh2w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166203;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=9Xq5NMtSrOcpnM6SEF4N2/b67OU96Aw3TckktWXQoFs=;
	b=wN0eRyFW/R65q5Kbji/2MkDxSzPXd/lH8bk2ZN2lUz8Ldnfmv6MaeY6RBNFz9n4FMiGsdq
	sdn70PGBpenggPsKjF+4BBnN+XkEqKX3te/ZoBUXVz1Gr/fAVkq82/Q9JvimOBI/NgXzPg
	G0X2eUeL/NCIF2Ksrd+TR3SdCfaNBBfXMR5/yGryOGxn0o3Qg/1ZgxTPmkDE/QRn/ZV9ne
	YeG4YGT8SxH0EBTs1dEYQyOkYvrgsfLXF0XS9t6RfpT2bWqfKQCKyGrpROeOn8ifuWNdjo
	9VsMiXnUXO55q3eJ0hzEs83sMdmV1eLjOk7b9NInsMVj8H5oBapb2yqUQJpfPQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8B5xp1zZmH;
	Thu, 21 Dec 2023 13:43:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhM4U078584;
	Thu, 21 Dec 2023 13:43:22 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhMYS078581;
	Thu, 21 Dec 2023 13:43:22 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:22 GMT
Message-Id: <202312211343.3BLDhMYS078581@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: d40c6fa7db7d - stable/13 - cr_canseejailproc(): New
  privilege, no direct check for UID 0
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: d40c6fa7db7d36d5c5f00648a73f17b273ab6bcb
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=d40c6fa7db7d36d5c5f00648a73f17b273ab6bcb

commit d40c6fa7db7d36d5c5f00648a73f17b273ab6bcb
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:37 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:36:00 +0000

    cr_canseejailproc(): New privilege, no direct check for UID 0
    
    Use priv_check_cred() with a new privilege (PRIV_SEEJAILPROC) instead of
    explicitly testing for UID 0 (the former has been the rule for almost 20
    years).
    
    As a consequence, cr_canseejailproc() now abides by the
    'security.bsd.suser_enabled' sysctl and MAC policies.
    
    Update the MAC policies Biba and LOMAC, and prison_priv_check() so that
    they don't deny this privilege.  This preserves the existing behavior
    (the 'root' user is not restricted, even when jailed, unless
    'security.bsd.suser_enabled' is not 0) and is consistent with what is
    done for the related policies/privileges (PRIV_SEEOTHERGIDS,
    PRIV_SEEOTHERUIDS).
    
    Reviewed by:            emaste (earlier version), mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40626
    
    (cherry picked from commit 7974ca1cdbee949f5e453eea112be265b425c407)
    
    Approved by:    markj (mentor)
---
 sys/kern/kern_jail.c               | 1 +
 sys/kern/kern_prot.c               | 7 +++++--
 sys/security/mac_biba/mac_biba.c   | 1 +
 sys/security/mac_lomac/mac_lomac.c | 1 +
 sys/sys/priv.h                     | 1 +
 5 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
index d03612e43c52..9a9371f8591d 100644
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@@ -3614,6 +3614,7 @@ prison_priv_check(struct ucred *cred, int priv)
 		 */
 	case PRIV_SEEOTHERGIDS:
 	case PRIV_SEEOTHERUIDS:
+	case PRIV_SEEJAILPROC:
 
 		/*
 		 * Jail implements inter-process debugging limits already, so
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index a405acfee433..8b56ba3f8846 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -1428,9 +1428,12 @@ SYSCTL_INT(_security_bsd, OID_AUTO, see_jail_proc, CTLFLAG_RW,
 int
 cr_canseejailproc(struct ucred *u1, struct ucred *u2)
 {
-	if (u1->cr_uid == 0)
+	if (see_jail_proc || /* Policy deactivated. */
+	    u1->cr_prison == u2->cr_prison || /* Same jail. */
+	    priv_check_cred(u1, PRIV_SEEJAILPROC) == 0) /* Privileged. */
 		return (0);
-	return (!see_jail_proc && u1->cr_prison != u2->cr_prison ? ESRCH : 0);
+
+	return (ESRCH);
 }
 
 /*-
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index b175e57b2812..2d0df254f94c 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -1924,6 +1924,7 @@ biba_priv_check(struct ucred *cred, int priv)
 	 */
 	case PRIV_SEEOTHERGIDS:
 	case PRIV_SEEOTHERUIDS:
+	case PRIV_SEEJAILPROC:
 		break;
 
 	/*
diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c
index 8cd9fcf190c6..761214db07e4 100644
--- a/sys/security/mac_lomac/mac_lomac.c
+++ b/sys/security/mac_lomac/mac_lomac.c
@@ -1692,6 +1692,7 @@ lomac_priv_check(struct ucred *cred, int priv)
 	 */
 	case PRIV_SEEOTHERGIDS:
 	case PRIV_SEEOTHERUIDS:
+	case PRIV_SEEJAILPROC:
 		break;
 
 	/*
diff --git a/sys/sys/priv.h b/sys/sys/priv.h
index e0e8d98f294a..9e6d876be874 100644
--- a/sys/sys/priv.h
+++ b/sys/sys/priv.h
@@ -105,6 +105,7 @@
 #define	PRIV_CRED_SETRESGID	58	/* setresgid. */
 #define	PRIV_SEEOTHERGIDS	59	/* Exempt bsd.seeothergids. */
 #define	PRIV_SEEOTHERUIDS	60	/* Exempt bsd.seeotheruids. */
+#define	PRIV_SEEJAILPROC        61      /* Exempt from bsd.see_jail_proc. */
 
 /*
  * Debugging privileges.

From nobody Thu Dec 21 13:43:23 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8D1pmhz54pNq;
	Thu, 21 Dec 2023 13:43:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8D0nphz4N95;
	Thu, 21 Dec 2023 13:43:24 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166204;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hv51WFtqd268JW9XDM2mf4wfLd/FP6x2xHhv+VB2B+M=;
	b=yUHiuWngKCjbmlzD5LYE/A1EDh1tWTltf98IKKXfV+c8zfnkp7sblkgBIcJ+4KkzkwRKVE
	M142qTC/RiNmWdIs0bGP46A71GXz4XLkWtyndykAlhUMSHlNBW/c1fPymhF+DnaNnbAfh1
	PSWYWEGwtPOCwqicYNoNE6dxhACcUN5TMrXMYwEUm49cQHA9oOHcSNw5e1jBZiFP8Qtn8w
	pHccfLJtZnjgy02jPimpQZy9lJSAg0g8Acws9QwPgpF90us3cJNGlVbtZYPpK7sC6ExcRz
	lgYObmHQHLwPLIO1sBBNf3fG4LUM2u+YTuyQAuxcj2DvYNzKhK1cFJk9HX/pPQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166204; a=rsa-sha256; cv=none;
	b=DytpbCtbaURGPa2y0EzETBJJKUVAsluGsnqFmvOeuj2YLfEazNOEGjP9WcaKEzu9gYfcly
	KEbyoKxoIFLpowxX/9IEc2//ThOy7qZz5HFQxEyIzG7rIpUXATfBiCT8lb8nwx+bsz573Q
	LOkrri9nAezHdPrQne7W8F8LxE9TvZQIkNpM9Nr1zTKnC0k1wRYT6SlfGklIXrVU0LposT
	7CiD0FJD42ngUTFQ3hdHKNbpoSBXReife5in3pseHHacg+lR3mjEkL1NVFUmTBi7WruQqI
	Ho6ihag0N5raNNUnudlM23FnOoH9fR0tXN6OTPMWHj9kqctzWmwZs4oigdjx+w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166204;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hv51WFtqd268JW9XDM2mf4wfLd/FP6x2xHhv+VB2B+M=;
	b=JD67Lr3jTCQRpaN6PeeIl4KI9/XcxWvNDgE+DnBQQuDOR7+iDdLtJmCUuJr3OKMZa70TD6
	sDNbRP77b5KvhhFLvI7dWSaAMA/xRX1UkQV/5nZBskUcoI6eYekph/fDiy4jvgt8fOrrfR
	Zlu6R++L2YugNR66JerdBQaIy+P/wHZOKu6LU7RmEqOtztayQ6YSi44JQ6kRlvsZdcZ+Dn
	oTWE+M1nDQ0toFE7uSg1b3kKG1b8AUpmKC4x+4V6eGlUQpOByoG/6OxIP7fpO5x6jH7r2s
	yeTaolM+h8umHCKGrLd8HcV/JuYkqBO3HjDOkdgf2sSiW0+AzG5BYZuDp8+M2Q==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8C700jzb5p;
	Thu, 21 Dec 2023 13:43:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhN6E078638;
	Thu, 21 Dec 2023 13:43:23 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhNu0078635;
	Thu, 21 Dec 2023 13:43:23 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:23 GMT
Message-Id: <202312211343.3BLDhNu0078635@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 0dafeb5bc874 - stable/13 - New cr_bsd_visible():
  Whether BSD policies deny seeing subjects/objects
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 0dafeb5bc874d79907cc25b3c8dc14f9ed55b396
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=0dafeb5bc874d79907cc25b3c8dc14f9ed55b396

commit 0dafeb5bc874d79907cc25b3c8dc14f9ed55b396
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:38 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:36:09 +0000

    New cr_bsd_visible(): Whether BSD policies deny seeing subjects/objects
    
    This is a new helper function that leverages existing code: It calls
    successively cr_canseeotheruids(), cr_canseeothergids() and
    cr_canseejailproc() (as long as the previous didn't deny access).  Will
    be used in a subsequent commit.
    
    Reviewed by:            mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40627
    
    (cherry picked from commit e4a7b4f99cfd4931468c0866da4ae8b49cf5badb)
    
    Approved by:    markj (mentor)
---
 sys/kern/kern_prot.c | 19 +++++++++++++++++++
 sys/sys/proc.h       |  1 +
 2 files changed, 20 insertions(+)

diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 8b56ba3f8846..8118afd4d366 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -1436,6 +1436,25 @@ cr_canseejailproc(struct ucred *u1, struct ucred *u2)
 	return (ESRCH);
 }
 
+/*
+ * Helper for cr_cansee*() functions to abide by system-wide security.bsd.see_*
+ * policies.  Determines if u1 "can see" u2 according to these policies.
+ * Returns: 0 for permitted, ESRCH otherwise
+ */
+int
+cr_bsd_visible(struct ucred *u1, struct ucred *u2)
+{
+	int error;
+
+	if ((error = cr_canseeotheruids(u1, u2)))
+		return (error);
+	if ((error = cr_canseeothergids(u1, u2)))
+		return (error);
+	if ((error = cr_canseejailproc(u1, u2)))
+		return (error);
+	return (0);
+}
+
 /*-
  * Determine if u1 "can see" the subject specified by u2.
  * Returns: 0 for permitted, an errno value otherwise
diff --git a/sys/sys/proc.h b/sys/sys/proc.h
index b279839dbf8d..a85ae239f46b 100644
--- a/sys/sys/proc.h
+++ b/sys/sys/proc.h
@@ -1095,6 +1095,7 @@ int	pget(pid_t pid, int flags, struct proc **pp);
 
 void	ast(struct trapframe *framep);
 struct	thread *choosethread(void);
+int	cr_bsd_visible(struct ucred *u1, struct ucred *u2);
 int	cr_cansee(struct ucred *u1, struct ucred *u2);
 int	cr_canseesocket(struct ucred *cred, struct socket *so);
 int	cr_canseeothergids(struct ucred *u1, struct ucred *u2);

From nobody Thu Dec 21 13:43:25 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8F4Lc6z54pYv;
	Thu, 21 Dec 2023 13:43:25 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8F1zFrz4NLb;
	Thu, 21 Dec 2023 13:43:25 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166205;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=YTvT4jV8Q08wALJVO7oBXtRc17exElzc3JsBRjkWNl8=;
	b=WjfphLMo/C/1buWaf1GyR8p9TrR/jO1WDn+kFKxVNYsAVKc6MWRVu5lpIwB4KQPNSwiBfA
	WXAFnQkJxGUJ08A5ZZssvhvYgUCrdLn3og3q+SXHwG/FvxSl72EOP+41okRBJKC/FnoTfj
	BJCWaneeeZ1mOjSpbilpIxrezVcRsKEMvuMbm6MCpiIeLQ6XIrSUacXZG460/t0M38C6ps
	mceE6POn3ZANcZqUTaA1Owz8hYRLUdQGrJSTFLRLOi3wRHbZPYuC7jz8ycMxxM0NBLywxW
	zj/2cU/wGFTiCRjgVwEff2kZeULhylQBpYCntwmNuTHu744bCTBk/GDjX002LA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166205; a=rsa-sha256; cv=none;
	b=ch+8Ju7w6QOsfLrpgo5StQy/+YbGHAi7Q0YTLA8QKwFtcCcqc7Ftr3Z+wPhuoUxtOM7zDJ
	mNkYWFElm8r6qzmm4pcLTk10XgYg+JJNdqs/my7vV5RbZi7UOOIdZjZqJFMEV4Vd1W7WWB
	QF3QbmhGXZM9geZxqIsb9r4BE/eyTHP8Ebo2ONW6Oo/f0Tui0OdLHsQLAglexYH2lcb2WE
	JlekNqnn9BYwFMQxbxXLrbsEdBRudojbzXloCEuEtPMjy4XOAAE38LuOiyqQ7p4UaQDSqZ
	QGnVK23PVTsyIqrnsN6ICmbLfmg9aheGTOGEYFIb+zL0vV0tUNXwalF6LOPV6Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166205;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=YTvT4jV8Q08wALJVO7oBXtRc17exElzc3JsBRjkWNl8=;
	b=s0loq3D8wdIJD+5gUbyu43SeUoI8XR94CC4/2EeJgGNdioRw7DK6yX9iKNCxodT8TCo0W0
	HJA9y/4S1RjuYUBs3EtSr2huafLI5307V0R19WyUC+KyLlPjWcnqveYB5mMCONSWg1T6uf
	f9FcnVYDX3yZE8ZyAr5MMgFByntDJ//CyFVqd2M9Xoy/xjkGh3jvN6Upr2qxLlPPyLNZX3
	+wwLI07kF8dmZaPNqHJbYs3phdSUzrC/TYWB8a4rpzEzh74ZNdfLqkFgewsj4eTdYNO6Vu
	kXAWZyVQlSvtL5GCAbkju2s7PyAaT6DDRXLfuI+epDER7kUTkYPZH7ynLIelqQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8F0v3JzZRS;
	Thu, 21 Dec 2023 13:43:25 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhPGr078680;
	Thu, 21 Dec 2023 13:43:25 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhPiq078677;
	Thu, 21 Dec 2023 13:43:25 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:25 GMT
Message-Id: <202312211343.3BLDhPiq078677@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 9a4a7e5fb6e9 - stable/13 - Fix 'security.bsd.see_jail_proc'
  by using cr_bsd_visible()
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 9a4a7e5fb6e901e81c8e64a988358ad4b59464a5
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=9a4a7e5fb6e901e81c8e64a988358ad4b59464a5

commit 9a4a7e5fb6e901e81c8e64a988358ad4b59464a5
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:38 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:36:17 +0000

    Fix 'security.bsd.see_jail_proc' by using cr_bsd_visible()
    
    As implemented, this security policy would only prevent seeing processes
    in sub-jails, but would not prevent sending signals to, changing
    priority of or debugging processes in these, enabling attacks where
    unprivileged users could tamper with random processes in sub-jails in
    particular circumstances (conflated UIDs) despite the policy being
    enforced.
    
    PR:                     272092
    Reviewed by:            mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40628
    
    (cherry picked from commit 5817169bc4a06a35aa5ef7f5ed18f6cb35037e18)
    
    Approved by:    markj (mentor)
---
 sys/kern/kern_prot.c  | 25 +++++++------------------
 sys/netinet/in_prot.c |  4 +---
 2 files changed, 8 insertions(+), 21 deletions(-)

diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 8118afd4d366..7f196a446315 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -1473,11 +1473,7 @@ cr_cansee(struct ucred *u1, struct ucred *u2)
 	if ((error = mac_cred_check_visible(u1, u2)))
 		return (error);
 #endif
-	if ((error = cr_canseeotheruids(u1, u2)))
-		return (error);
-	if ((error = cr_canseeothergids(u1, u2)))
-		return (error);
-	if ((error = cr_canseejailproc(u1, u2)))
+	if ((error = cr_bsd_visible(u1, u2)))
 		return (error);
 	return (0);
 }
@@ -1538,9 +1534,7 @@ cr_cansignal(struct ucred *cred, struct proc *proc, int signum)
 	if ((error = mac_proc_check_signal(cred, proc, signum)))
 		return (error);
 #endif
-	if ((error = cr_canseeotheruids(cred, proc->p_ucred)))
-		return (error);
-	if ((error = cr_canseeothergids(cred, proc->p_ucred)))
+	if ((error = cr_bsd_visible(cred, proc->p_ucred)))
 		return (error);
 
 	/*
@@ -1655,10 +1649,9 @@ p_cansched(struct thread *td, struct proc *p)
 	if ((error = mac_proc_check_sched(td->td_ucred, p)))
 		return (error);
 #endif
-	if ((error = cr_canseeotheruids(td->td_ucred, p->p_ucred)))
-		return (error);
-	if ((error = cr_canseeothergids(td->td_ucred, p->p_ucred)))
+	if ((error = cr_bsd_visible(td->td_ucred, p->p_ucred)))
 		return (error);
+
 	if (td->td_ucred->cr_ruid != p->p_ucred->cr_ruid &&
 	    td->td_ucred->cr_uid != p->p_ucred->cr_ruid) {
 		error = priv_check(td, PRIV_SCHED_DIFFCRED);
@@ -1725,9 +1718,7 @@ p_candebug(struct thread *td, struct proc *p)
 	if ((error = mac_proc_check_debug(td->td_ucred, p)))
 		return (error);
 #endif
-	if ((error = cr_canseeotheruids(td->td_ucred, p->p_ucred)))
-		return (error);
-	if ((error = cr_canseeothergids(td->td_ucred, p->p_ucred)))
+	if ((error = cr_bsd_visible(td->td_ucred, p->p_ucred)))
 		return (error);
 
 	/*
@@ -1819,9 +1810,7 @@ cr_canseesocket(struct ucred *cred, struct socket *so)
 	if (error)
 		return (error);
 #endif
-	if (cr_canseeotheruids(cred, so->so_cred))
-		return (ENOENT);
-	if (cr_canseeothergids(cred, so->so_cred))
+	if (cr_bsd_visible(cred, so->so_cred))
 		return (ENOENT);
 
 	return (0);
@@ -1851,7 +1840,7 @@ p_canwait(struct thread *td, struct proc *p)
 #endif
 #if 0
 	/* XXXMAC: This could have odd effects on some shells. */
-	if ((error = cr_canseeotheruids(td->td_ucred, p->p_ucred)))
+	if ((error = cr_bsd_visible(td->td_ucred, p->p_ucred)))
 		return (error);
 #endif
 
diff --git a/sys/netinet/in_prot.c b/sys/netinet/in_prot.c
index 222e39c6bcd2..204f4f60456e 100644
--- a/sys/netinet/in_prot.c
+++ b/sys/netinet/in_prot.c
@@ -67,9 +67,7 @@ cr_canseeinpcb(struct ucred *cred, struct inpcb *inp)
 	if (error)
 		return (error);
 #endif
-	if (cr_canseeotheruids(cred, inp->inp_cred))
-		return (ENOENT);
-	if (cr_canseeothergids(cred, inp->inp_cred))
+	if (cr_bsd_visible(cred, inp->inp_cred))
 		return (ENOENT);
 
 	return (0);

From nobody Thu Dec 21 13:43:26 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8G5kGCz54pWx;
	Thu, 21 Dec 2023 13:43:26 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8G2tYmz4NJj;
	Thu, 21 Dec 2023 13:43:26 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166206;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=eAJy7KqYLDbrFQkOwpJINrr9bN89+A7zVNnZM8gwdgY=;
	b=NBqefXCTuIKByR05FgeGo9YPZGQFdYrL8fToV492B4oMdlOD9gabqkn8/UTmfbsPgAFcZk
	WZF/ixai6sah5T5gmJIiEqfLBzJkj/6NdCaOk6sZxHAIgxkjhB1yVQckoUXKxJeTRdShtN
	6aR8/0txhM2dw+anybYgCbb0xvDeshxJJWm7tPbGqzqh/XZ6o0ZKGfTXI9PanR4WOuakbH
	SAxyLujTSg62r2e/ziPNq/LnV3YC7OyIfmktbA4HJRIl3fAmwmLkmZA14AsoccFMl7FZ4I
	XorEZrCqj1NBk8ez2xl7ym2TlGNpeapB6BB7KyqP5vVT/MMCewLQpg6raIN2Uw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166206; a=rsa-sha256; cv=none;
	b=TL+irgsDvH1z7ADfmY9QJbkvLo9dQFI+o/8lEmx4oRAUhFI7hXmaNFQNgT6se4V6zeq1of
	lFk0vm6P03iGC2gi9O98LpFxu7a9GX6nox0CP3huVZ/cYby2dzewJePOv+25cIj5MEalzV
	mI8cTVP7CBSFdvNRsHui3gwXvhZUMOs9ZsOII/VrXr0scmzEAum914u+WLEB8OLNVvErtK
	sysUEg5x5kqMvaO5IjPkNZDVm/kziICoUs9tjkFFHt+iifQ82TUJkROFy3uZQsUixCp/79
	lkUP2mXLQQxwtcVo/HNXnOiyPj+D8P3mZRHqtPh47RioFJ1GZuhK8PBtK0Zi3g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166206;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=eAJy7KqYLDbrFQkOwpJINrr9bN89+A7zVNnZM8gwdgY=;
	b=JDy79P3wMptiR1i57JNtmRmI4SHdRmEg9vX3QRBlUBivPaZ5hF0YVUsz7QMa/IDidkBdR2
	glmLC2xqPZQLYeJ046BJLOfVPEqTRy5qz5ilixeZTIz8xlB8qO4/UDvEzC+erKggEPuzha
	auNkxJJU4nLzbDk+yOGKSfk649ZlzMok7R98OXl5EHAyyBGKYsdWgOcPOAUzdXX9EkDURg
	vFmxcbrRKUdf9ZcbyJkp8tibFJIXHQhAp9cChKKtQaUnbjqXi6DeHl4TV2Gyp/zCiT0jH8
	v4imxb9VkXsfNnvlG9J2+RSaA127q3ioLZdjBP+hpaov639q7fPxG0L1y5XIgw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8G20PrzZtw;
	Thu, 21 Dec 2023 13:43:26 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhQIf078738;
	Thu, 21 Dec 2023 13:43:26 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhQT0078735;
	Thu, 21 Dec 2023 13:43:26 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:26 GMT
Message-Id: <202312211343.3BLDhQT0078735@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 29f208b78f53 - stable/13 - cr_canseeotheruids(),
  cr_canseeothergids(): Man pages: Impacts of rename
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 29f208b78f5369288dcb4f8ec991543bd3a50b33
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=29f208b78f5369288dcb4f8ec991543bd3a50b33

commit 29f208b78f5369288dcb4f8ec991543bd3a50b33
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:39 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:36:24 +0000

    cr_canseeotheruids(), cr_canseeothergids(): Man pages: Impacts of rename
    
    When these functions were renamed 7 years ago, their man pages were not.
    Rename the latter in accordance and fix the names inside them.  Fix
    references to them as well.  Add the old man pages to the list of
    obsolete files.
    
    Reviewed by:            mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40630
    
    (cherry picked from commit c59ab75c04fa32bc6d292596ff5e4593a05a6b1b)
    
    Approved by:    markj (mentor)
---
 ObsoleteFiles.inc                                          | 4 ++++
 share/man/man9/Makefile                                    | 4 ++--
 share/man/man9/cr_cansee.9                                 | 8 ++++----
 share/man/man9/{cr_seeothergids.9 => cr_canseeothergids.9} | 8 ++++----
 share/man/man9/{cr_seeotheruids.9 => cr_canseeotheruids.9} | 8 ++++----
 share/man/man9/p_candebug.9                                | 8 ++++----
 6 files changed, 22 insertions(+), 18 deletions(-)

diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc
index fd4e1d98e631..ce8ac946b2a7 100644
--- a/ObsoleteFiles.inc
+++ b/ObsoleteFiles.inc
@@ -51,6 +51,10 @@
 #   xargs -n1 | sort | uniq -d;
 # done
 
+# 20230927: Man pages renamed to match the actual functions
+OLD_FILES+=usr/share/man/man9/cr_seeothergids.9.gz
+OLD_FILES+=usr/share/man/man9/cr_seeotheruids.9.gz
+
 # 20230911: caroot bundle updated
 OLD_FILES+=usr/share/certs/trusted/E-Tugra_Certification_Authority.pem
 OLD_FILES+=usr/share/certs/trusted/E-Tugra_Global_Root_CA_ECC_v3.pem
diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile
index f1c7c2622e86..5ce5a46c3a78 100644
--- a/share/man/man9/Makefile
+++ b/share/man/man9/Makefile
@@ -67,9 +67,9 @@ MAN=	accept_filter.9 \
 	counter.9 \
 	cpuset.9 \
 	cr_cansee.9 \
+	cr_canseeothergids.9 \
+	cr_canseeotheruids.9 \
 	critical_enter.9 \
-	cr_seeothergids.9 \
-	cr_seeotheruids.9 \
 	crypto.9 \
 	crypto_asym.9 \
 	crypto_buffer.9 \
diff --git a/share/man/man9/cr_cansee.9 b/share/man/man9/cr_cansee.9
index 8e058eb4e3e5..4824a231170b 100644
--- a/share/man/man9/cr_cansee.9
+++ b/share/man/man9/cr_cansee.9
@@ -50,9 +50,9 @@ variables
 and
 .Va security.bsd.see_other_uids ,
 as per the description in
-.Xr cr_seeothergids 9
+.Xr cr_canseeothergids 9
 and
-.Xr cr_seeotheruids 9
+.Xr cr_canseeotheruids 9
 respectively.
 .Sh RETURN VALUES
 This function returns zero if the object with credential
@@ -84,7 +84,7 @@ does not belong to the same jail as
 The MAC subsystem denied visibility.
 .El
 .Sh SEE ALSO
-.Xr cr_seeothergids 9 ,
-.Xr cr_seeotheruids 9 ,
+.Xr cr_canseeothergids 9 ,
+.Xr cr_canseeotheruids 9 ,
 .Xr mac 9 ,
 .Xr p_cansee 9
diff --git a/share/man/man9/cr_seeothergids.9 b/share/man/man9/cr_canseeothergids.9
similarity index 94%
rename from share/man/man9/cr_seeothergids.9
rename to share/man/man9/cr_canseeothergids.9
index bd8eb5d2e9d9..79269533ae5c 100644
--- a/share/man/man9/cr_seeothergids.9
+++ b/share/man/man9/cr_canseeothergids.9
@@ -26,14 +26,14 @@
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
 .Dd November 11, 2003
-.Dt CR_SEEOTHERGIDS 9
+.Dt CR_CANSEEOTHERGIDS 9
 .Os
 .Sh NAME
-.Nm cr_seeothergids
+.Nm cr_canseeothergids
 .Nd determine visibility of objects given their group memberships
 .Sh SYNOPSIS
 .Ft int
-.Fn cr_seeothergids "struct ucred *u1" "struct ucred *u2"
+.Fn cr_canseeothergids "struct ucred *u1" "struct ucred *u2"
 .Sh DESCRIPTION
 This function determines the visibility of objects in the
 kernel based on the group IDs in the credentials
@@ -76,5 +76,5 @@ or
 .Er ESRCH
 otherwise.
 .Sh SEE ALSO
-.Xr cr_seeotheruids 9 ,
+.Xr cr_canseeotheruids 9 ,
 .Xr p_candebug 9
diff --git a/share/man/man9/cr_seeotheruids.9 b/share/man/man9/cr_canseeotheruids.9
similarity index 94%
rename from share/man/man9/cr_seeotheruids.9
rename to share/man/man9/cr_canseeotheruids.9
index 2cefd0f9dc8e..80acc2d7a6ca 100644
--- a/share/man/man9/cr_seeotheruids.9
+++ b/share/man/man9/cr_canseeotheruids.9
@@ -26,14 +26,14 @@
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
 .Dd November 11, 2003
-.Dt CR_SEEOTHERUIDS 9
+.Dt CR_CANSEEOTHERUIDS 9
 .Os
 .Sh NAME
-.Nm cr_seeotheruids
+.Nm cr_canseeotheruids
 .Nd determine visibility of objects given their user credentials
 .Sh SYNOPSIS
 .Ft int
-.Fn cr_seeotheruids "struct ucred *u1" "struct ucred *u2"
+.Fn cr_canseeotheruids "struct ucred *u1" "struct ucred *u2"
 .Sh DESCRIPTION
 This function determines the visibility of objects in the
 kernel based on the real user IDs in the credentials
@@ -76,5 +76,5 @@ or
 .Er ESRCH
 otherwise.
 .Sh SEE ALSO
-.Xr cr_seeothergids 9 ,
+.Xr cr_canseeothergids 9 ,
 .Xr p_candebug 9
diff --git a/share/man/man9/p_candebug.9 b/share/man/man9/p_candebug.9
index ffa4fedb6172..e80d313de55c 100644
--- a/share/man/man9/p_candebug.9
+++ b/share/man/man9/p_candebug.9
@@ -113,9 +113,9 @@ Process
 is not visible to thread
 .Fa td
 as determined by
-.Xr cr_seeotheruids 9
+.Xr cr_canseeotheruids 9
 or
-.Xr cr_seeothergids 9 .
+.Xr cr_canseeothergids 9 .
 .It Bq Er ESRCH
 Thread
 .Fa td
@@ -129,8 +129,8 @@ The MAC subsystem denied debuggability.
 .Sh SEE ALSO
 .Xr jail 2 ,
 .Xr sysctl 8 ,
-.Xr cr_seeothergids 9 ,
-.Xr cr_seeotheruids 9 ,
+.Xr cr_canseeothergids 9 ,
+.Xr cr_canseeotheruids 9 ,
 .Xr mac 9 ,
 .Xr p_cansee 9 ,
 .Xr prison_check 9

From nobody Thu Dec 21 13:43:27 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8J0GRxz54pX5;
	Thu, 21 Dec 2023 13:43:28 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8H3q47z4N9w;
	Thu, 21 Dec 2023 13:43:27 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166207;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=kDaVEwzYQHuvyUh8164h8ZwKYDYwLNqmasI0xhb0SWM=;
	b=PjXvX/NqwpUMcihTM6tnUHaDzGQM/NhKvjuDTzjA9QC53v5+7wGKc+M1/E17ShD3SZhrva
	szEQCAlJrkFHAHN6R33OHD7qedagjlxYciGWM+c5zPRWpkqRHnoGr38TfRgl4l/Ll4eMOb
	dLdm6uvzb+kENmepF2Ip7ksIKkhEogvZ4/Y3unZ3xIGAbmIxPjRfNXQHy2IoOdu/90Sls7
	UJBzLsGODVDFoIxJEkoCUNH/Czpi9qQOJguiGmw5w2zzfLcQ6KON3rW2x+JsgOlaTxavwS
	KcM1jmsjhkqw404wZVxYMyfVTPYAXN7KidnVSLxzN3HK3DNmQeabzO7IxBhK4A==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166207; a=rsa-sha256; cv=none;
	b=dss/2L44Rm7d0oKCDeSH0gfMLf8Xgza0E+Pjjr00taZR0Xy5zCdwSGfPdN2mWPZNvqxjHX
	pDKQRNb/YgwqP7yS7rgUVu9Rm4qo+XwdV9RfljZcWIgUD6cbj33lJ/wQ4wHxU/2iRDcq66
	oVz6jSdg5zxZ/ePJC48HtCiTrkQilv/IC+WLh9u2eYmxsjH24u4JBninrczb9SycHEZJcU
	cVRLyJX72ckPW8VQXOHkB7yfSAsuxPzHxavGVZEQ5s/r9f1JV1GUaEsYnNSGpjZKL0kn1D
	btdFrzNpKyTqqbrNbdYYKr3r64oRxuRMh4jw6QcCIFR2idMw9SirZ+Sa7yzihA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166207;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=kDaVEwzYQHuvyUh8164h8ZwKYDYwLNqmasI0xhb0SWM=;
	b=pbg48TEFRSmAPGKL85J4k/gzp8CgomJZid/Pb/iyDQD/0N3CAO5m1Y24qFb/USvieTzNel
	B44PZa1edhxCt94DeKt4u6rdBDiV2Kod23CVZGyQWiZnbuVUUaw8e3H4tmTpBigh1yneGs
	tReApMGJZfvsINSdzNYT5x+awNJ9jDzTZLKo2AW0at93YWdM53D1js1a3dGShYeBgJbCCo
	fSgGYfTykVaNIoxrhuQZNUY2OX36qMlOYTnvF4rNgjt0L2RuXhlJNeSfw0o9dum8rzKB9B
	aBYi1qjyMJ5v/fl7M8Rp4sujwoIMkcx3iZC0pDZxXq7fsAof+tjDSvGqHSSQiQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8H2kSBzZmJ;
	Thu, 21 Dec 2023 13:43:27 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhRY9078777;
	Thu, 21 Dec 2023 13:43:27 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhRDB078774;
	Thu, 21 Dec 2023 13:43:27 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:27 GMT
Message-Id: <202312211343.3BLDhRDB078774@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 1e5500c6eba4 - stable/13 - cr_canseejailproc(9): New
  man page
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 1e5500c6eba44f2f7eb6f516edcb518f13c5c42d
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=1e5500c6eba44f2f7eb6f516edcb518f13c5c42d

commit 1e5500c6eba44f2f7eb6f516edcb518f13c5c42d
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:40 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:36:32 +0000

    cr_canseejailproc(9): New man page
    
    Reviewed by:            pauamma_gundo.com, mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40631
    
    (cherry picked from commit 29d863bb7ffc692998f21fa3e7a91afa1151cf1c)
    
    Approved by:    markj (mentor)
---
 share/man/man9/Makefile            |  1 +
 share/man/man9/cr_canseejailproc.9 | 81 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 82 insertions(+)

diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile
index 5ce5a46c3a78..9d516b1f126a 100644
--- a/share/man/man9/Makefile
+++ b/share/man/man9/Makefile
@@ -67,6 +67,7 @@ MAN=	accept_filter.9 \
 	counter.9 \
 	cpuset.9 \
 	cr_cansee.9 \
+	cr_canseejailproc.9 \
 	cr_canseeothergids.9 \
 	cr_canseeotheruids.9 \
 	critical_enter.9 \
diff --git a/share/man/man9/cr_canseejailproc.9 b/share/man/man9/cr_canseejailproc.9
new file mode 100644
index 000000000000..775c76722b05
--- /dev/null
+++ b/share/man/man9/cr_canseejailproc.9
@@ -0,0 +1,81 @@
+.\"
+.\" SPDX-License-Identifier: BSD-2-Clause
+.\"
+.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR
+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT,
+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd August 18, 2023
+.Dt CR_CANSEEJAILPROC 9
+.Os
+.Sh NAME
+.Nm cr_canseejailproc
+.Nd determine if subjects may see entities in sub-jails
+.Sh SYNOPSIS
+.Ft int
+.Fn cr_canseejailproc "struct ucred *u1" "struct ucred *u2"
+.Sh DESCRIPTION
+.Bf -emphasis
+This function is internal.
+Its functionality is integrated into the function
+.Xr cr_bsd_visible 9 ,
+which should be called instead.
+.Ef
+.Pp
+This function checks if a subject associated to credentials
+.Fa u1
+is denied seeing a subject or object associated to credentials
+.Fa u2
+by a policy that requires both credentials to be associated to the same jail.
+This is a restriction to the baseline jail policy that a subject can see
+subjects or objects in its own jail or any sub-jail of it.
+.Pp
+This policy is active if and only if the
+.Xr sysctl 8
+variable
+.Va security.bsd.see_jail_proc
+is set to zero.
+.Pp
+As usual, the superuser (effective user ID 0) is exempt from this policy
+provided that the
+.Xr sysctl 8
+variable
+.Va security.bsd.suser_enabled
+is non-zero and no active MAC policy explicitly denies the exemption
+.Po
+see
+.Xr priv_check_cred 9
+.Pc .
+.Sh RETURN VALUES
+The
+.Fn cr_canseejailproc
+function returns 0 if the policy is disabled, both credentials are associated to
+the same jail, or if
+.Fa u1
+has privilege exempting it from the policy.
+Otherwise, it returns
+.Er ESRCH .
+.Sh SEE ALSO
+.Xr cr_bsd_visible 9 ,
+.Xr priv_check_cred 9
+.Sh AUTHORS
+This manual page was written by
+.An Olivier Certner Aq Mt olce.freebsd@certner.fr .

From nobody Thu Dec 21 13:43:28 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8K2bxnz54pNs;
	Thu, 21 Dec 2023 13:43:29 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8J54X0z4NKK;
	Thu, 21 Dec 2023 13:43:28 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166208;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=iahmYMFqd32tokgQwfOeMMOI3ppSh+Y2VRyR+HCOLh8=;
	b=oiZCMTqfIHNIBcfMTzNaFKPTHk2K1p8+HEp21I0LP4mlDuOjV1dlJJKQMOaX1iemE5HlUQ
	/n3LnwOREvHnyvF/R5u8ibZMMLTY2ihbFSOzlkv0vkNrtttCib8XunrNVWryUOiVNwJxkd
	xG+jDNHxKCH2x1GgweORg2GpATA4DaP41NYd9PNcShNBEV9Co110wvMmmdhFFxDsy906N7
	ZxtkspqjYIit8UGP7gVMr9roLKAbmpsaIXteAjYOxd5sJpopHidgQxYH/2wnbj5b4dV8zY
	gF3IUh7seT1FvpM4KOafYaVW9DBTGgWBDM+4DZvnn21ezUaF3+3Dl+gZmQUwNw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166208; a=rsa-sha256; cv=none;
	b=SRbt4GhDzDTZ9yMzi/BoV/SD+BAGYPvoSP9Ywsq0hAmmQqi5LRqNIPUFtRhpbMK3FTNynX
	YMOEkpT4S2Iidm1rkVwafNQybudMQ/bjHRCIZomW4Gg3tM6jD7TBpOzpLCmrywnw7u8cH0
	95A0JVwN7loedpF31RwO92yYGiYEimwTNwSUnBcof3ItuhgsIK0mVgerQHyZeT6aRYstk5
	9tapt1iRnyVd2vcfIZtVuNZinlBX6Ubf5TPWnfpKgvnaOmU+9hHyh5mb1330ZjopXx96oZ
	ib4MJxFpJGO1F0gF0WusT6u4KLhhhI/89VjZvrcaP+gZJlojf1+eJaPstGmhhw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166208;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=iahmYMFqd32tokgQwfOeMMOI3ppSh+Y2VRyR+HCOLh8=;
	b=KrZF760jgR8T3QSr2GnswCbJ3JPW5XP2d4W9q0096BQLwp8nBl5aCOtW1D+oTsdHwACPmF
	4JyoMm1PIJoiD0WGnCuI67fioIBB3DbP+DKS+dka61H3isjKN3qjQd0Ubr4hkKRy0qyLyC
	Gs8iokVFXt8dxxcfTCPhXK+jd6nRSnKDhTZOZnSDsy9bN6DrHcBUA+0RZAThvc6aiu6pmo
	O/qhRRTPD95PthQ9Iroz4sqhyrsA3WSuyGCLh6UQF944vjwwD/1CClv46v0k0qIJZndCAQ
	h8k4YdQJCihOD/amgJa/GZcpjV56Y4tALYAIYlwfvoocjgZgElCTMEvl2cCShg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8J432qzb5q;
	Thu, 21 Dec 2023 13:43:28 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhSLV078816;
	Thu, 21 Dec 2023 13:43:28 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhS3x078813;
	Thu, 21 Dec 2023 13:43:28 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:28 GMT
Message-Id: <202312211343.3BLDhS3x078813@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: c5e0a6bc59b9 - stable/13 - cr_bsd_visible(9): New man
  page
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: c5e0a6bc59b96cb9ed98c452a0be4f012c468d26
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=c5e0a6bc59b96cb9ed98c452a0be4f012c468d26

commit c5e0a6bc59b96cb9ed98c452a0be4f012c468d26
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:40 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:36:41 +0000

    cr_bsd_visible(9): New man page
    
    Reviewed by:            bcr, pauamma_gundo.com
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40632
    
    (cherry picked from commit 0d6bf73c4f20e6ed719c29c1b382d24bb0a81a2f)
    
    Approved by:    markj (mentor)
---
 share/man/man9/Makefile         |   1 +
 share/man/man9/cr_bsd_visible.9 | 117 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 118 insertions(+)

diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile
index 9d516b1f126a..18642ff86010 100644
--- a/share/man/man9/Makefile
+++ b/share/man/man9/Makefile
@@ -66,6 +66,7 @@ MAN=	accept_filter.9 \
 	copy.9 \
 	counter.9 \
 	cpuset.9 \
+	cr_bsd_visible.9 \
 	cr_cansee.9 \
 	cr_canseejailproc.9 \
 	cr_canseeothergids.9 \
diff --git a/share/man/man9/cr_bsd_visible.9 b/share/man/man9/cr_bsd_visible.9
new file mode 100644
index 000000000000..bd676e6f5705
--- /dev/null
+++ b/share/man/man9/cr_bsd_visible.9
@@ -0,0 +1,117 @@
+.\"
+.\" SPDX-License-Identifier: BSD-2-Clause
+.\"
+.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR
+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT,
+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd August 18, 2023
+.Dt CR_BSD_VISIBLE 9
+.Os
+.Sh NAME
+.Nm cr_bsd_visible
+.Nd determine if subjects may see entities according to BSD security policies
+.Sh SYNOPSIS
+.In sys/proc.h
+.Ft int
+.Fn cr_bsd_visible "struct ucred *u1" "struct ucred *u2"
+.Sh DESCRIPTION
+This function determines if a subject with credentials
+.Fa u1
+is denied seeing an object or subject associated to credentials
+.Fa u2
+by the following policies and associated
+.Xr sysctl 8
+knobs:
+.Bl -tag -width indent
+.It Va security.bsd.seeotheruids
+If set to 0, subjects cannot see other subjects or objects if they are not
+associated with the same real user ID.
+The corresponding internal function is
+.Xr cr_canseeotheruids 9 .
+.It Va security.bsd.seeothergids
+If set to 0, subjects cannot see other subjects or objects if they are not both
+a member of at least one common group.
+The corresponding internal function is
+.Xr cr_canseeothergids 9 .
+.It Va security.bsd.see_jail_proc
+If set to 0, subjects cannot see other subjects or objects that are not
+associated with the same jail as they are.
+The corresponding internal function is
+.Xr cr_canseejailproc 9 .
+.El
+.Pp
+As usual, the superuser (effective user ID 0) is exempt from any of these
+policies provided that the
+.Xr sysctl 8
+variable
+.Va security.bsd.suser_enabled
+is non-zero and no active MAC policy explicitly denies the exemption
+.Po
+see
+.Xr priv_check_cred 9
+.Pc .
+.Pp
+This function is intended to be used as a helper to implement
+.Xr cr_cansee 9
+and similar functions.
+.Sh RETURN VALUES
+This function returns zero if a subject with credentials
+.Fa u1
+may see a subject or object with credentials
+.Fa u2
+by the active above-mentioned policies, or
+.Er ESRCH
+otherwise.
+.Sh ERRORS
+.Bl -tag -width Er
+.It Bq Er ESRCH
+Credentials
+.Fa u1
+and
+.Fa u2
+do not have the same real user ID.
+.It Bq Er ESRCH
+Credentials
+.Fa u1
+and
+.Fa u2
+are not members of any common group
+.Po
+as determined by
+.Xr groupmember 9
+.Pc .
+.It Bq Er ESRCH
+Credentials
+.Fa u1
+and
+.Fa u2
+are not in the same jail.
+.El
+.Sh SEE ALSO
+.Xr cr_canseeotheruids 9 ,
+.Xr cr_canseeothergids 9 ,
+.Xr cr_canseejailproc 9 ,
+.Xr priv_check_cred 9 ,
+.Xr cr_cansee 9
+.Sh AUTHORS
+This function and its manual page were written by
+.An Olivier Certner Aq Mt olce.freebsd@certner.fr .

From nobody Thu Dec 21 13:43:29 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8L2x23z54pqy;
	Thu, 21 Dec 2023 13:43:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8K5mz2z4NMD;
	Thu, 21 Dec 2023 13:43:29 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166209;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=7DDbAx63JVc2346EtTaC3uAGsLi8aA1FcquvQrRQIiQ=;
	b=hJB6HC7vtF6arNuJdqyl/8mkOG1pj1DJy1TluMZSTgQft1f/D9inN90kkY6dPhNvMd+VM8
	de1iLbrjpgF/aLHQ37+wMNfgW8SlKGCvzntqaGxoYTqtiuJEDqXXDBsWw+sjgIQxzaf6IE
	mxGH0h4YQQFeztUIqNBID660dg8B9LMLSl3I7e8rGf+dRBZt7KZfBCSxOHRATuANUvMhZ+
	IztiOKzHyQuvXQkCadoHX0XFAAjgOjr/KNYXDI5YSOHqDSpLrtJiLa86bapK+HVOay3hLD
	eFF+WbqKd2EZNPRw13/Dj5Z2R+9O5c9qDsJc1WSs0a4ARgnEI66fAgRhzymrWQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166209; a=rsa-sha256; cv=none;
	b=gEx+mV9pJPVTKJLC0kLJrQzvHyOX6Q1SB1TmJqoq6kzBYHV9gnshBeTyR/GvOULevZejQI
	RNiHX15lDVFGjHSIVJbS4lUUGCEosN2eyCkpPOa0rQpwZWNxuOLKy49W8tmfU3h3Pp9QJK
	vgehDA2E0sPdpvFQiJ09DH1m8TnGZ9O+5bnPwh2yBFTNL/hSt3WP1HN18ETF5lBmMevCZV
	uuPUZhMhvsNsE73dAF7DdoZhXd+GEcYpMGZYTrR4OJf8U0j1ZPRvhkKNn+LPfdgkZDOgpE
	YAbXtJOkbeIYnhhOKbTdbPiVdnREpE32YbQl88YIk38uiqFj3f6Lbb+89WwBbg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166209;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=7DDbAx63JVc2346EtTaC3uAGsLi8aA1FcquvQrRQIiQ=;
	b=MsHXuHAlKrjVwyt5Ztv7Iro3TKAzkATrPj2Ij+qWEFlZxC7CWRHeT3l6DZdlZ4KhASMgFj
	x01gbWgwxyrfUizaolZ+3tV2jWP8B2ANzQiWXXe5nhePMfJCVzVQf96Yosoly9VuelNFyq
	t4ZQ3/S4ft8nzJulx7YH1R30XKGr3q1BMtQ7OhoqB0EcFypkUb1OsMZR0/URvc6My7NK3S
	/F1ep/7Bn4/hj2+gpER+v/pu4YulGXR4k3DNQpfwTfGbbvJZMgtVvvlBDBvZgNc/gS1J28
	d3QY7p3pD8pgbqOA0rUxDI2tQrwi2qCtZdSvmzROzzAeSLp8NRzejZOsvovh1A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8K4ZRTzb5r;
	Thu, 21 Dec 2023 13:43:29 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhTkU078858;
	Thu, 21 Dec 2023 13:43:29 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhTnF078855;
	Thu, 21 Dec 2023 13:43:29 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:29 GMT
Message-Id: <202312211343.3BLDhTnF078855@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 29a2d242bd1e - stable/13 - cr_canseeothergids(9):
  Revamp, mark as internal
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 29a2d242bd1ee34443806b4478a94a915499c7de
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=29a2d242bd1ee34443806b4478a94a915499c7de

commit 29a2d242bd1ee34443806b4478a94a915499c7de
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:41 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:36:48 +0000

    cr_canseeothergids(9): Revamp, mark as internal
    
    Significantly clarify.  Replace references to cr_canseeotheruids(9) by
    ones to cr_bsd_visible(9).
    
    Reviewed by:            pauamma_gundo.com, mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40633
    
    (cherry picked from commit 3fe9ea4d2d04d48a249b2e6161d416bb4d5b364e)
    
    Approved by:    markj (mentor)
---
 share/man/man9/cr_canseeothergids.9 | 77 +++++++++++++++++++------------------
 1 file changed, 40 insertions(+), 37 deletions(-)

diff --git a/share/man/man9/cr_canseeothergids.9 b/share/man/man9/cr_canseeothergids.9
index 79269533ae5c..f0c1e5c4e726 100644
--- a/share/man/man9/cr_canseeothergids.9
+++ b/share/man/man9/cr_canseeothergids.9
@@ -1,5 +1,6 @@
 .\"
 .\" Copyright (c) 2003 Joseph Koshy <jkoshy@FreeBSD.org>
+.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
 .\"
 .\" All rights reserved.
 .\"
@@ -25,56 +26,58 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 11, 2003
+.Dd August 18, 2023
 .Dt CR_CANSEEOTHERGIDS 9
 .Os
 .Sh NAME
 .Nm cr_canseeothergids
-.Nd determine visibility of objects given their group memberships
+.Nd determine if subjects may see entities in a disjoint group set
 .Sh SYNOPSIS
 .Ft int
 .Fn cr_canseeothergids "struct ucred *u1" "struct ucred *u2"
 .Sh DESCRIPTION
-This function determines the visibility of objects in the
-kernel based on the group IDs in the credentials
+.Bf -emphasis
+This function is internal.
+Its functionality is integrated into the function
+.Xr cr_bsd_visible 9 ,
+which should be called instead.
+.Ef
+.Pp
+This function checks if a subject associated to credentials
 .Fa u1
-and
+is denied seeing a subject or object associated to credentials
 .Fa u2
-associated with them.
+by a policy that requires both credentials to have at least one group in common.
+For this determination, the effective and supplementary group IDs are used, but
+not the real group IDs, as per
+.Xr groupmember 9 .
 .Pp
-The visibility of objects is influenced by the
+This policy is active if and only if the
 .Xr sysctl 8
 variable
-.Va security.bsd.see_other_gids .
-If this variable is non-zero then all objects in the kernel
-are visible to each other irrespective of their group membership.
-If this variable is zero then the object with credentials
-.Fa u2
-is visible to the object with credentials
-.Fa u1
-if either
-.Fa u1
-is the super-user credential, or if at least one of
-.Fa u1 Ns 's
-group IDs is present in
-.Fa u2 Ns 's
-group set.
-.Sh SYSCTL VARIABLES
-.Bl -tag -width indent
-.It Va security.bsd.see_other_gids
-Must be non-zero if objects with unprivileged credentials are to be
-able to see each other.
-.El
+.Va security.bsd.see_other_gids
+is set to zero.
+.Pp
+As usual, the superuser (effective user ID 0) is exempt from this policy
+provided that the
+.Xr sysctl 8
+variable
+.Va security.bsd.suser_enabled
+is non-zero and no active MAC policy explicitly denies the exemption
+.Po
+see
+.Xr priv_check_cred 9
+.Pc .
 .Sh RETURN VALUES
-This function returns zero if the object with credential
+The
+.Fn cr_canseeothergids
+function returns 0 if the policy is disabled, the credentials share at least one
+common group, or if
 .Fa u1
-can
-.Dq see
-the object with credential
-.Fa u2 ,
-or
-.Er ESRCH
-otherwise.
+has privilege exempting it from the policy.
+Otherwise, it returns
+.Er ESRCH .
 .Sh SEE ALSO
-.Xr cr_canseeotheruids 9 ,
-.Xr p_candebug 9
+.Xr cr_bsd_visible 9 ,
+.Xr groupmember 9 ,
+.Xr priv_check_cred 9

From nobody Thu Dec 21 13:43:31 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8N2tCzz54prM;
	Thu, 21 Dec 2023 13:43:32 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8N0b72z4NDh;
	Thu, 21 Dec 2023 13:43:32 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166212;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=fRccNxX7acYoZ4A1dpSRUj2EJZ1L/ZIodflb1PqCjWY=;
	b=alLw8MFWwRJfWNipo/25bnjICPzODaEp/w3Q0uiZNp/Y6UEcVtEmQPa0r6JF3Tdq41G73z
	2IfPzDIjbfQwAubdBpIUH9ls6RrqjMXtGCYFhMs+WD4PPiYRGizRIH0tekQrm578k60yoQ
	otznqu0IbPTTibNTFLliymmLW+z9MzsRiXOO9k4RDvBJwCdRGgN1NXmP3LVmYTUlJkLg+O
	i4iy3pMk9IYlFIZWY+Go+Qkz/hMO4vlThixet/LaWxi0gKgu9y9n6sqPMoSDEUI7AoAIUE
	TGFNOnFb7CA2/CkxOhvvdEY6Zp5JbKyFF8/06DZw1XOtxYVroC2ScVN4amZoQg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166212; a=rsa-sha256; cv=none;
	b=aZ7LYnx+VWjHY9zJeoMF9xCb9AO+kp2ZJ821pGYrQ7VHNad97ifNkQojHrIeIdaLUIABS4
	xCWbKEkFhY47KLwpq0NbNqx9PdSfrT9JbCDVm79SE2/cs4GNbTHTfu2lFyCMkN62Q5Eh2/
	TS3fKCZPKX1M1NRyI/bLxpdBSVlwA2UPl/5rFUF4/P4VPcr2tKwYFRZcRlE18kPASsrAjf
	4iXHa18H2Psrt6apw7cyIQYxmmIUbbh+EbV7mpJQSaIbSm36b2NWCCZd8UB0x+dFJ+k751
	QMBsVvxLbw6gRshHNq9WC/HNBNfgHsCg3K+6OvyvWrnTlR3Lx/QMXGg9g568yw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166212;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=fRccNxX7acYoZ4A1dpSRUj2EJZ1L/ZIodflb1PqCjWY=;
	b=XxSLdbU8iSl8UbBPkA68P+UTYHOWQzJLQsZrOzGRrpJFB1xVR8LmaGGUfXiTam4aBGjhRf
	zCVrK09Cn3w2Bx3al0x6QVB5rjUQm3QAkDvE9Gnl9ms2Z8sChUwxsLQu1Mp0WC83a+WoxZ
	J8EpDajRu+LsquJ2+CE+iUACIkSdd4vT+l9fTG9XyxI9YEtgzXacdyskBSK1azj0JDRO07
	d2X74olNO+BzV7PWBxwVi5jciGDUsWfM1KIDg1wONmp9KGifxjV9T0m4cw+xpTqn/ngRJH
	TnPk5nlwr+F7OCLXXO5kr8K8I39G6PCtYPgDrN9fN7k4HJM7B3/ILNWogQpnUw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8M6pcLzZtx;
	Thu, 21 Dec 2023 13:43:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhVOm078954;
	Thu, 21 Dec 2023 13:43:31 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhVnD078951;
	Thu, 21 Dec 2023 13:43:31 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:31 GMT
Message-Id: <202312211343.3BLDhVnD078951@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 32a9108cdcc6 - stable/13 - cr_canseeotheruids(9):
  Revamp, mark as internal
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 32a9108cdcc671547d087cf6eecbcdb37064b8ab
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=32a9108cdcc671547d087cf6eecbcdb37064b8ab

commit 32a9108cdcc671547d087cf6eecbcdb37064b8ab
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:42 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:37:01 +0000

    cr_canseeotheruids(9): Revamp, mark as internal
    
    Significantly clarify.  Replace references to cr_canseeothergids(9) by
    ones to cr_bsd_visible(9).
    
    Reviewed by:            bcr, mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40635
    
    (cherry picked from commit 4ddd253b38dff8725555355cc1b5238b1bbfd380)
    
    Approved by:    markj (mentor)
---
 share/man/man9/cr_canseeotheruids.9 | 73 ++++++++++++++++++-------------------
 1 file changed, 36 insertions(+), 37 deletions(-)

diff --git a/share/man/man9/cr_canseeotheruids.9 b/share/man/man9/cr_canseeotheruids.9
index 80acc2d7a6ca..230c5ea59b78 100644
--- a/share/man/man9/cr_canseeotheruids.9
+++ b/share/man/man9/cr_canseeotheruids.9
@@ -1,5 +1,6 @@
 .\"
 .\" Copyright (c) 2003 Joseph Koshy <jkoshy@FreeBSD.org>
+.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
 .\"
 .\" All rights reserved.
 .\"
@@ -25,56 +26,54 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 11, 2003
+.Dd August 18, 2023
 .Dt CR_CANSEEOTHERUIDS 9
 .Os
 .Sh NAME
 .Nm cr_canseeotheruids
-.Nd determine visibility of objects given their user credentials
+.Nd determine if subjects may see entities with differing user ID
 .Sh SYNOPSIS
 .Ft int
 .Fn cr_canseeotheruids "struct ucred *u1" "struct ucred *u2"
 .Sh DESCRIPTION
-This function determines the visibility of objects in the
-kernel based on the real user IDs in the credentials
+.Bf -emphasis
+This function is internal.
+Its functionality is integrated into the function
+.Xr cr_bsd_visible 9 ,
+which should be called instead.
+.Ef
+.Pp
+This function checks if a subject associated to credentials
 .Fa u1
-and
+is denied seeing a subject or object associated to credentials
 .Fa u2
-associated with them.
+by a policy that requires both credentials to have the same real user ID.
 .Pp
-The visibility of objects is influenced by the
+This policy is active if and only if the
 .Xr sysctl 8
 variable
-.Va security.bsd.see_other_uids .
-If this variable is non-zero then all objects in the kernel
-are visible to each other irrespective of their user IDs.
-If this variable is zero then the object with credentials
-.Fa u2
-is visible to the object with credentials
-.Fa u1
-if either
-.Fa u1
-is the super-user credential, or if
-.Fa u1
-and
-.Fa u2
-have the same real user ID.
-.Sh SYSCTL VARIABLES
-.Bl -tag -width indent
-.It Va security.bsd.see_other_uids
-Must be non-zero if objects with unprivileged credentials are to be
-able to see each other.
-.El
+.Va security.bsd.see_other_uids
+is set to zero.
+.Pp
+As usual, the superuser (effective user ID 0) is exempt from this policy
+provided that the
+.Xr sysctl 8
+variable
+.Va security.bsd.suser_enabled
+is non-zero and no active MAC policy explicitly denies the exemption
+.Po
+see
+.Xr priv_check_cred 9
+.Pc .
 .Sh RETURN VALUES
-This function returns zero if the object with credential
+The
+.Fn cr_canseeotheruids
+function returns 0 if the policy is disabled, both credentials have the same
+real user ID, or if
 .Fa u1
-can
-.Dq see
-the object with credential
-.Fa u2 ,
-or
-.Er ESRCH
-otherwise.
+has privilege exempting it from the policy.
+Otherwise, it returns
+.Er ESRCH .
 .Sh SEE ALSO
-.Xr cr_canseeothergids 9 ,
-.Xr p_candebug 9
+.Xr cr_bsd_visible 9 ,
+.Xr priv_check_cred 9

From nobody Thu Dec 21 13:43:30 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8M2SVpz54pfd;
	Thu, 21 Dec 2023 13:43:31 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8L6gdpz4NS8;
	Thu, 21 Dec 2023 13:43:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166210;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=V05bWQWbrPJK5fjY3+OjG3olZOucsP1iAFZDdcsWYYE=;
	b=SuR2s8HMvx9ypN/NXbB/8VUpXVxawWkNbrad2TMeZ/IcSx+GXS2zoBmuyKk8Ooi/rICf01
	XMz1Vf1WzRD+HoKV1OkvGTHit+ONdVw2nWZrnFGZn/Ro7M75vaBd01t4dDE4EJaQYfyUmW
	9Vmg0CwcREgFa7cRzya/0svwrLFq+rf3GGDDkevVpvTxZwtYjE+WrQC2wg7ZX5By2/+06b
	+SztCaonUYd69GdsDmstKd+sNisCY7md2ARpJs89rZO50oRYOpmXsJsi58a4pd2/0RMmhi
	zK15kc0OH/S9pE6Ie0nvbzIdWSH5OIM8cvtOX5KmVJ2v+Xj4bRw2PMIn7Ww3Iw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166210; a=rsa-sha256; cv=none;
	b=SC+s1lWk9PGiQHLag6heLhatTEMUNa6gZ9O2Qiggjbjnosp2UbcJkOBZY7IQ47TJmiyHah
	GXms7faASmLR3fOABneGy6TkAUEh0lFSALhGZbVABdaG3pVjKpOrUrcfvXVA8PAVRrWcHq
	YNasRcp+6KVQRbnCa+V8yTa9ebUknh7ipOec5AQHXGas7mVWtpvqv/2OPnyMw0QmVZJ5xb
	JrJL15+Spp3T8H24KiFyW0koRDEboeG3b3VpH8+svjkgi0mEZ4D7hfVZZzZ+/BmU6MTfFM
	8x71YcyMd//n3RM/HIqQPCgPzXHD8ZPA27LiWfZxT1m0XjQehKzW/KR/cpnwwA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166210;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=V05bWQWbrPJK5fjY3+OjG3olZOucsP1iAFZDdcsWYYE=;
	b=ZX75eGtppK1aJkms6eDTyk6UMHAqWJf0kyRqGOzC/huCX1yOCKObl9Fx/0ez3rYMM09wSe
	OuH9Xpfj7EXehB6GrGh+U5gjNaKJBiH3M0JunV8thUumOD0qkEQloL8l+/PFngfHc3QlNJ
	g/o6hEo+anBNOJaFUxODTLlS4K4glMy1PNzkN6qJE4xt7U3ck5z0nSum0KEZemoy4+myB3
	q7U9IMzTObDLwzznxBIH8tBPQcerCkRntX43s+fuN7Ri2STgXrayxxIVeTyl/4fGhe44Z7
	hSMLlviagE+a+aYCbbt8OVtl2IypBo+fSPJc3z193ZKVdxES0zhJFFWpwon9QA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8L5lMrzb4F;
	Thu, 21 Dec 2023 13:43:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhU1a078906;
	Thu, 21 Dec 2023 13:43:30 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhUv6078903;
	Thu, 21 Dec 2023 13:43:30 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:30 GMT
Message-Id: <202312211343.3BLDhUv6078903@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: d23893ca4dd0 - stable/13 - groupmember(9): Detail
  which groups are considered, simplify
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: d23893ca4dd00425814e23c87382ac20d8b0542a
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=d23893ca4dd00425814e23c87382ac20d8b0542a

commit d23893ca4dd00425814e23c87382ac20d8b0542a
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:41 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:36:55 +0000

    groupmember(9): Detail which groups are considered, simplify
    
    Reviewed by:            mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40634
    
    (cherry picked from commit 75a45ca3b34062fe793ae326ad9da614a1a06df1)
    
    Approved by:    markj (mentor)
---
 share/man/man9/groupmember.9 | 36 +++++++++++++++++++++---------------
 1 file changed, 21 insertions(+), 15 deletions(-)

diff --git a/share/man/man9/groupmember.9 b/share/man/man9/groupmember.9
index d447bf64c482..3a516622efce 100644
--- a/share/man/man9/groupmember.9
+++ b/share/man/man9/groupmember.9
@@ -1,5 +1,6 @@
 .\"
 .\" Copyright (C) 2001 Chad David <davidc@acns.ab.ca>. All rights reserved.
+.\" Copyright (C) 2023 Olivier Certner <olce.freebsd@certner.fr>
 .\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
@@ -24,12 +25,12 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
 .\" DAMAGE.
 .\"
-.Dd July 9, 2001
+.Dd August 18, 2023
 .Dt GROUPMEMBER 9
 .Os
 .Sh NAME
 .Nm groupmember
-.Nd checks group set for a group ID
+.Nd checks if credentials mandate some group membership
 .Sh SYNOPSIS
 .In sys/param.h
 .In sys/ucred.h
@@ -38,21 +39,26 @@
 .Sh DESCRIPTION
 The
 .Fn groupmember
-function checks to see if the given
-.Fa gid
-is in the group set of the credentials.
+function checks if credentials
+.Fa cred
+indicate that the associated subject or object is a member of the group
+designated by the group ID
+.Fa gid .
 .Pp
-Its arguments are:
-.Bl -tag -width ".Fa cred"
-.It Fa gid
-The group ID to check for.
-.It Fa cred
-The credentials to search for the group in.
-.El
+Considered groups in
+.Fa cred
+are the effective and supplementary groups.
+The real group is not taken into account.
 .Sh RETURN VALUES
 If the
 .Fa gid
-is found, 1 is returned; otherwise, 0 is returned.
+is found, 1 is returned, otherwise 0.
+.Sh SEE ALSO
+.Xr getgroups 2
+.Xr setgroups 2
 .Sh AUTHORS
-This manual page was written by
-.An Chad David Aq Mt davidc@acns.ab.ca .
+This manual page was initially written by
+.An -nosplit
+.An Chad David Aq Mt davidc@acns.ab.ca
+and was revised by
+.An Olivier Certner Aq Mt olce.freebsd@certner.fr .

From nobody Thu Dec 21 13:43:33 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8P3m3bz54pXB;
	Thu, 21 Dec 2023 13:43:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8P1k9Qz4NVR;
	Thu, 21 Dec 2023 13:43:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166213;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hCnnz/f5QJ7lS98xqgnUATgagHm/bUrO7dseLaM0qE4=;
	b=lw/nRM4DNAxCrQ9/p1DQ1rrtGt58OP8tCXqAtNFwcwIIL8pUh7QcS2wxb3CaFdddwdfTkm
	vdc1kzYgcNGF5p49CvvNeJgejv/wlk+ABuiJ+6IyrLkuYwALRyeSUG4AhCBFvWzAuhd+zk
	itcRO6w8XhSbUMMg55fjA0SjG3EqcpJyBrrEavgaVAlSIvddKeDTG4FqavQ6hARI+yRqbt
	Wio4Uwu//lNNO+e1RehcA28DT61ATyamGNHFhl8rGKasIDN/JynL9Vy7P5m0aYarKcTzAC
	G+6ASeXmJF3DmL7nSD9OrRVJv5W4cYVbPDk3LmcKAHKGvwVccB9d66GpqnDynw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166213; a=rsa-sha256; cv=none;
	b=F2qM50BKFM/VhkvzcN+pQNo47XPbT3rztP2aRCVsM8tXogv2kfJPhBxqXQcRKs9mc16jQA
	cLvN2SXZXdzrh7O+DbR19H+TXBp558oDwT90HGSkjMBUZEM0Ig1127IYM+RUMzimGxSaIL
	l6L+/kVDkWEv0pLm3LfEb3APfK2NTn0uDGSJhPLnXMuuac6UHXwQv3O/pITuNpnJlG+2h4
	VjUyTHT5G3IV0e4UhPXsds7w3W3CMb7095e/Qa2CfDJHhP9vFw6RqSDqc42P1lNzDpPhts
	HMcf2BjZL33I9fulPbhB9x5cb5hzYLubB0eVl4PbR+2Yh3OQ9/+avxiIFaHHaQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166213;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hCnnz/f5QJ7lS98xqgnUATgagHm/bUrO7dseLaM0qE4=;
	b=OrG7QTsAXySZ2Anwo5rr3b//mN/GzmAnXTz7bYNHdChXiYgyHFFp8XkRzUmGaCJF8V13Zo
	vUQmLxWZRqHO668iHqXPj3BvWhylwbq0tCbBT/F7e/EK1El5+eqPD5O1Kx312t0bb67/CT
	GT6k9Qs/wPvdjuFWYvk9NeaCeKWPytgt27z82ViRnKGQbJ925LSWb2i1MTrAszGeDaZbg7
	8yh+c4a1N+7DaVdFTeusuEL5t8H6M1autv2yBYmsJJv370CYtJwouGVak3x7jxGOubuqd+
	vbEwJ+OcgxOCjwg+XAE8LGWmHuH/zX7luuYGc7K5KwqqiD4YabVakxU57cUMsA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8P0pgkzZmK;
	Thu, 21 Dec 2023 13:43:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhXXl078993;
	Thu, 21 Dec 2023 13:43:33 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhXuV078990;
	Thu, 21 Dec 2023 13:43:33 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:33 GMT
Message-Id: <202312211343.3BLDhXuV078990@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 6eecda225f11 - stable/13 - cr_cansee(9): cr_bsd_visible()
  impacts, simplifications
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 6eecda225f11f1e139976b08c439bbf357f1553a
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=6eecda225f11f1e139976b08c439bbf357f1553a

commit 6eecda225f11f1e139976b08c439bbf357f1553a
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:42 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:37:08 +0000

    cr_cansee(9): cr_bsd_visible() impacts, simplifications
    
    Remove references to cr_canseeothergids(9) and cr_canseeotheruids(9).
    Defer to cr_bsd_visible() for controlling sysctl(8) variables.
    
    Reviewed by:            bcr, mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40636
    
    (cherry picked from commit 82f9bc9ea8ed660c61050ad1d92f1a64108c7004)
    
    Approved by:    markj (mentor)
---
 share/man/man9/cr_cansee.9 | 61 ++++++++++++++++++++--------------------------
 1 file changed, 27 insertions(+), 34 deletions(-)

diff --git a/share/man/man9/cr_cansee.9 b/share/man/man9/cr_cansee.9
index 4824a231170b..d5cdfdd6f8e5 100644
--- a/share/man/man9/cr_cansee.9
+++ b/share/man/man9/cr_cansee.9
@@ -1,5 +1,6 @@
 .\"
 .\" Copyright (c) 2006 Ceri Davies <ceri@FreeBSD.org>
+.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
 .\"
 .\" All rights reserved.
 .\"
@@ -23,43 +24,39 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 19, 2006
+.Dd August 18, 2023
 .Dt CR_CANSEE 9
 .Os
 .Sh NAME
 .Nm cr_cansee
 .Nd "determine visibility of objects given their user credentials"
 .Sh SYNOPSIS
-.In sys/param.h
-.In sys/systm.h
-.In sys/ucred.h
+.In sys/proc.h
 .Ft int
 .Fn cr_cansee "struct ucred *u1" "struct ucred *u2"
 .Sh DESCRIPTION
-This function determines the visibility of objects in the
-kernel based on the real user IDs and group IDs in the credentials
+This function determines if a subject with credential
 .Fa u1
-and
-.Fa u2
-associated with them.
+can see a subject or object associated to credential
+.Fa u2 .
 .Pp
-The visibility of objects is influenced by the
+Specific types of subjects may need to submit to additional or different
+restrictions.
+As an example, for processes, see
+.Xr p_cansee 9 ,
+which calls this function.
+.Pp
+The implementation relies on
+.Xr cr_bsd_visible 9
+and consequently the
 .Xr sysctl 8
-variables
-.Va security.bsd.see_other_gids
-and
-.Va security.bsd.see_other_uids ,
-as per the description in
-.Xr cr_canseeothergids 9
-and
-.Xr cr_canseeotheruids 9
-respectively.
+variables referenced in its manual page influence the result.
 .Sh RETURN VALUES
-This function returns zero if the object with credential
+This function returns zero if the subject with credential
 .Fa u1
 can
 .Dq see
-the object with credential
+the subject or object with credential
 .Fa u2 ,
 or
 .Er ESRCH
@@ -67,24 +64,20 @@ otherwise.
 .Sh ERRORS
 .Bl -tag -width Er
 .It Bq Er ESRCH
-The object with credential
-.Fa u1
-cannot
-.Dq see
-the object with credential
-.Fa u2 .
-.It Bq Er ESRCH
-The object with credential
+The subject with credential
 .Fa u1
-has been jailed and the object with credential
+has been jailed and the subject or object with credential
 .Fa u2
-does not belong to the same jail as
-.Fa u1 .
+does not belong to the same jail or one of its sub-jails, as determined by
+.Xr prison_check 9 .
 .It Bq Er ESRCH
 The MAC subsystem denied visibility.
+.It Bq Er ESRCH
+.Xr cr_bsd_visible 9
+denied visibility according to the BSD security policies in force.
 .El
 .Sh SEE ALSO
-.Xr cr_canseeothergids 9 ,
-.Xr cr_canseeotheruids 9 ,
+.Xr prison_check 9 ,
 .Xr mac 9 ,
+.Xr cr_bsd_visible 9 ,
 .Xr p_cansee 9

From nobody Thu Dec 21 13:43:34 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8Q6jfvz54pc8;
	Thu, 21 Dec 2023 13:43:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8Q2pNMz4NVs;
	Thu, 21 Dec 2023 13:43:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166214;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=nLfQtG7VuwKzHpdm/vE+g+pz4WG7ukIfdvJlodDE7LA=;
	b=T2BiQns9RaIfgZkW64kBxmpDl+B37CLR3vKP+Q0WbB2XR0sxHT5+TxETWiiS+TMo3w0QxM
	XlOqmpexklc8CIzb8LcygLC9iqjEB7IO7JrViTvh+eSaGuhEb8UUEf4ACDIqUuZ8akZlWR
	LEdoiLGehecYDdaxk7B3dl6WpuE65IbETd5Emij4U5ehqt1llfFwzZx6xH2RiM/INWUeNV
	KA5h42RC7/DKS4DDHp/KV5tRyAISEmDZPnx/sD5upaZ/QVKPZCV+4GXGPkwvBO64IZrMAn
	xv5Q+9521+mH88kXuhNl9csT7ogMITT0iYMg2+0sWQiIcLYApFCnxeSYoPu2Sg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166214; a=rsa-sha256; cv=none;
	b=CIb/4JEKkAy7cg3+RkqwZdcj5ztin6dRL68fUKwYgHDi7d6d3Q+Psl+ptnI8Nhy/ikaHvd
	kaQytQ7FHX9ifIcWdbq8o+w+ylMqEDlW1olWdnH1OyblHhX0GYvbSvvmWGhGXHoN3v8Fdr
	+wTxT6w0VDk1rHKWugoOWZLy02eCaHxBAcbEBI4WJtKNZtopr5mHGBSgnRpLjDr1idz3Ck
	Dzj9tVI11ALRlJ/O3CAEFU3ZPnU8kpIyHKhN0mP1AFijXEwkfwCtUC6ERiCgjzz7a8rN2P
	lT5JJMI0pYhtIm9+1qDyRqH8RxFD6ZNPR/mEdmWsQfhdrcwIk/6hjR/hayzbrA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166214;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=nLfQtG7VuwKzHpdm/vE+g+pz4WG7ukIfdvJlodDE7LA=;
	b=aFKFEHcaiKyNndqqe0Tb0bSpu3eJw34JLjDSuto959TAlp74oF8whHkgfsyNMqh1Rm0FPJ
	+sgJg+58Udh3XkzQZalpuwJ7EtE0uT7L+RJwEdpwlplmAsbNcDktPSQr5op8Sw3ihZYl/o
	+8ZlLldMe/7HeNE1ase41NF5clZP4XQ2bzcqYwODtwWFqu1JnfITGHdJ5k4WpocJu3V1bJ
	saff/ma/gyrWUtjEETvkAecyyTASemtXgyrJTgkdoJzTUhYT9ozbJ+htULBW4Pl6hERVoG
	5TfNzQWfLoE+3CFFGYOcl4ECT5KqSSP3jo3G2qvG/vv9tNzwat1aiISOK9rGrw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8Q1vPszZmL;
	Thu, 21 Dec 2023 13:43:34 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhYUe079035;
	Thu, 21 Dec 2023 13:43:34 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhYow079032;
	Thu, 21 Dec 2023 13:43:34 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:34 GMT
Message-Id: <202312211343.3BLDhYow079032@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: b330170c75fb - stable/13 - p_cansee(9): Bring up-to-date,
  misc fixes
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: b330170c75fb02273c4536a6e0274e5e8eaad622
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=b330170c75fb02273c4536a6e0274e5e8eaad622

commit b330170c75fb02273c4536a6e0274e5e8eaad622
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:43 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:37:16 +0000

    p_cansee(9): Bring up-to-date, misc fixes
    
    Essentially defer to cr_cansee(9), except for the specifics.
    
    Be more specific on the return codes.
    
    Reviewed by:            bcr, pauamma_gundo.com
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40637
    
    (cherry picked from commit 2ede38aff5d4c91a17ab6d093f2e8cce24b5418b)
    
    Approved by:    markj (mentor)
---
 share/man/man9/p_cansee.9 | 44 ++++++++++++++++----------------------------
 1 file changed, 16 insertions(+), 28 deletions(-)

diff --git a/share/man/man9/p_cansee.9 b/share/man/man9/p_cansee.9
index 84287dac951b..9fdce460dfea 100644
--- a/share/man/man9/p_cansee.9
+++ b/share/man/man9/p_cansee.9
@@ -24,19 +24,18 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 19, 2006
+.Dd August 18, 2023
 .Dt P_CANSEE 9
 .Os
 .Sh NAME
 .Nm p_cansee
 .Nd determine visibility of a process
 .Sh SYNOPSIS
-.In sys/param.h
 .In sys/proc.h
 .Ft int
 .Fn p_cansee "struct thread *td" "struct proc *p"
 .Sh DESCRIPTION
-This function can be used to determine if a given process
+This function determines if a given process
 .Fa p
 is visible to the thread
 .Fa td ,
@@ -45,13 +44,14 @@ where the notion of
 may be read as
 .Dq "awareness of existence" .
 .Pp
-The function is implemented using
-.Xr cr_cansee 9 ,
-and the dependencies on
-.Xr sysctl 8
-variables documented in the
-.Xr cr_cansee 9
-manual page apply.
+This function explicitly allows a thread to always see its own process,
+even with pending credentials changes
+.Po
+see
+.Xr ucred 9
+.Pc .
+Otherwise, it simply defers to
+.Xr cr_cansee 9 .
 .Sh RETURN VALUES
 The
 .Fn p_cansee
@@ -62,30 +62,18 @@ if the process denoted by
 .Fa p
 is visible by thread
 .Fa td ,
-or a non-zero error return value otherwise.
+or ESRCH otherwise.
 .Sh ERRORS
 .Bl -tag -width Er
 .It Bq Er ESRCH
-Process
-.Fa p
-is not visible to thread
-.Fa td
-as determined by
-.Xr cr_cansee 9 .
-.It Bq Er ESRCH
 Thread
 .Fa td
-has been jailed and process
+is not part of process
 .Fa p
-does not belong to the same jail as
-.Fa td .
-.It Bq Er ESRCH
-The MAC subsystem denied visibility.
+and cannot see it as determined by
+.Xr cr_cansee 9 .
 .El
 .Sh SEE ALSO
-.Xr jail 2 ,
-.Xr sysctl 8 ,
+.Xr ucred 9 ,
 .Xr cr_cansee 9 ,
-.Xr mac 9 ,
-.Xr p_candebug 9 ,
-.Xr prison_check 9
+.Xr p_candebug 9

From nobody Thu Dec 21 13:43:35 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8S04jkz54ptc;
	Thu, 21 Dec 2023 13:43:36 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8R3xDJz4NbM;
	Thu, 21 Dec 2023 13:43:35 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166215;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=td4v1xyFjPy4eUjuE8hk1NAyhrGwHR81Ia3A3IcUZeU=;
	b=ilSlSJ7Ut2Azb5ss2jn3Mt6crH7GC/GPR4s0PFPKr9/qStaJd1UtP1Y1274xjRrKAZsEY5
	TgHKEiur8pSY9N0F4JDC5QB62IYFjmMfgxUVvu4ILNrCi3N51z4fEZBVzjsot4xG6cd2Wc
	TBUATzho3aUs0Ke2Ew12FW/snuH+2/9c2jT6gWt0UoBisfq5khzLvMwjXMTkcUqRfLKIYj
	LdC2oMVqS6nPHQI9OxLJfz0dsgsrezenAQg4EaUNry27sH0+IarK72e/vFc2ar7Cf7OU5p
	NfaGQ9yeBwMSOrZ/WmHSm3L7elZmuDFnmb3k4VQMMHpVQmqLMbbRYJ+JpJWIFg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166215; a=rsa-sha256; cv=none;
	b=TkpzliSjGAoY8ToEIE/oXGEip0qQEVW4kZPRzMIrYd4Yu81f+bG7+oGvJX0K9opMNW6jlX
	A8qMdSuN88xJaJ1FMWrfOpppO1WxiA9WWWXPWoYmdbeB9zCsMoH7jYdrEpiCKkf9os0CAe
	3uQtNdFcOWpcx/fBhv9R89YntiUepBjY8SXNRf8J3Ql6jYbteB82iTSUN2S8zwfF1+yVZS
	LrMYhEC+YVWGIkeze4Ju6ETMHBMJ0VdmvwIPekqH2XtmSELFNg6vpwWQ/GyaNxxFRhKg5A
	dAKPHwecM3rENfPy6OAlEuBQKzMUXT5ML1D8OW0Jlq800af187qD1WX9uww2nA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166215;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=td4v1xyFjPy4eUjuE8hk1NAyhrGwHR81Ia3A3IcUZeU=;
	b=SLp6Ok1QFTnSfmLhFbyLx7lDA8gYleN/VpGaKgBSrZDGphC6PmUu4tpWc9RRZBC4giGIJ8
	BGgBrBaUK84yBZ3MGx9GtYndX0SlRXegSM4unpKwqTYs6Yfhv5tSKe8MHhazJDM3kIotIG
	J32xLJ2szHXYGxxj7fMrC61DedJ6zvx+wfTYZrzaLRWXXoFya39/2AUAsvrWEbWQce73xv
	oELzoV+OyTB+cxq/ghwOF07Jxn0q00CNWlYVTjf1TVXZvISj2QG1JJBWJ5q5Z3CZAyjrYb
	cHXtXMxqn6VN4HXis23pCS6gEyvNeNBPMLFqwuAFUO52mxna9CYBp1FIEhvwwQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8R33LWzb4G;
	Thu, 21 Dec 2023 13:43:35 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhZa0079077;
	Thu, 21 Dec 2023 13:43:35 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhZ4U079074;
	Thu, 21 Dec 2023 13:43:35 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:35 GMT
Message-Id: <202312211343.3BLDhZ4U079074@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 6345a69ee271 - stable/13 - p_candebug(9): cr_bsd_visible()
  impacts, misc fixes
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 6345a69ee271e1108a0f051eb5c335d67ca29736
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=6345a69ee271e1108a0f051eb5c335d67ca29736

commit 6345a69ee271e1108a0f051eb5c335d67ca29736
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:43 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:37:23 +0000

    p_candebug(9): cr_bsd_visible() impacts, misc fixes
    
    Mention cr_bsd_visible(9).  Remove references to cr_canseeothergids(9)
    and cr_canseeotheruids(9), as well as indirect references not
    immediately useful.
    
    Fix description of credentials checks to match reality.
    
    Re-order errors to match code's check order.
    
    Reviewed by:            bcr, pauamma_gundo.com
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40638
    
    (cherry picked from commit eb94f24fab4b44f13ca045370d9fcf12ca8835f2)
    
    Approved by:    markj (mentor)
---
 share/man/man9/p_candebug.9 | 103 ++++++++++++++++++++++++--------------------
 1 file changed, 56 insertions(+), 47 deletions(-)

diff --git a/share/man/man9/p_candebug.9 b/share/man/man9/p_candebug.9
index e80d313de55c..c824db974154 100644
--- a/share/man/man9/p_candebug.9
+++ b/share/man/man9/p_candebug.9
@@ -1,5 +1,6 @@
 .\"
 .\" Copyright (c) 2003 Joseph Koshy <jkoshy@FreeBSD.org>
+.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
 .\"
 .\" All rights reserved.
 .\"
@@ -25,7 +26,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 19, 2006
+.Dd August 18, 2023
 .Dt P_CANDEBUG 9
 .Os
 .Sh NAME
@@ -37,24 +38,27 @@
 .Ft int
 .Fn p_candebug "struct thread *td" "struct proc *p"
 .Sh DESCRIPTION
-This function can be used to determine if a given process
+This function determines if a given process
 .Fa p
-is debuggable by the thread
+is debuggable by some thread
 .Fa td .
-.Sh SYSCTL VARIABLES
+.Pp
 The following
 .Xr sysctl 8
 variables directly influence the behaviour of
 .Fn p_candebug :
 .Bl -tag -width indent
+.It Va security.bsd.unprivileged_proc_debug
+Must be set to a non-zero value to allow unprivileged processes
+access to the kernel's debug facilities.
 .It Va kern.securelevel
 Debugging of the init process is not allowed if this variable is
 .Li 1
 or greater.
-.It Va security.bsd.unprivileged_proc_debug
-Must be set to a non-zero value to allow unprivileged processes
-access to the kernel's debug facilities.
 .El
+.Pp
+Other such variables indirectly influence it; see
+.Xr cr_bsd_visible 9 .
 .Sh RETURN VALUES
 The
 .Fn p_candebug
@@ -68,35 +72,45 @@ is debuggable by thread
 or a non-zero error return value otherwise.
 .Sh ERRORS
 .Bl -tag -width Er
-.It Bq Er EACCESS
-The MAC subsystem denied debuggability.
-.It Bq Er EAGAIN
-Process
-.Fa p
-is in the process of being
-.Fn exec Ns 'ed.
 .It Bq Er EPERM
+An unprivileged process attempted to debug another process but the system is
+configured to deny it
+.Po
+see
+.Xr sysctl 8
+variable
+.Va security.bsd.unprivileged_proc_debug
+above
+.Pc .
+.It Bq Er ESRCH
 Thread
 .Fa td
-lacks super-user credentials and process
-.Fa p
-is executing a set-user-ID or set-group-ID executable.
+has been jailed and the process to debug does not belong to the same jail or one
+of its sub-jails, as determined by
+.Xr prison_check 9 .
+.It Bq Er ESRCH
+.Xr cr_bsd_visible 9
+denied visibility according to the BSD security policies in force.
 .It Bq Er EPERM
 Thread
 .Fa td
-lacks super-user credentials and process
+lacks superuser credentials and its (effective) group set is not a superset of
+process
 .Fa p Ns 's
-group set is not a subset of
-.Fa td Ns 's
-effective group set.
+whole group set
+.Pq "including real, effective and saved group IDs" .
 .It Bq Er EPERM
 Thread
 .Fa td
-lacks super-user credentials and process
-.Fa p Ns 's
-user IDs do not match thread
-.Fa td Ns 's
-effective user ID.
+lacks superuser credentials and its (effective) user ID does not match all user
+IDs of process
+.Fa p .
+.It Bq Er EPERM
+Thread
+.Fa td
+lacks superuser credentials and process
+.Fa p
+is executing a set-user-ID or set-group-ID executable.
 .It Bq Er EPERM
 Process
 .Fa p
@@ -107,30 +121,25 @@ and the
 variable
 .Va kern.securelevel
 is greater than zero.
-.It Bq Er ESRCH
+.It Bq Er EBUSY
 Process
 .Fa p
-is not visible to thread
-.Fa td
-as determined by
-.Xr cr_canseeotheruids 9
-or
-.Xr cr_canseeothergids 9 .
-.It Bq Er ESRCH
-Thread
-.Fa td
-has been jailed and process
+is in the process of being
+.Fn exec Ns 'ed.
+.It Bq Er EPERM
+Process
 .Fa p
-does not belong to the same jail as
-.Fa td .
-.It Bq Er ESRCH
-The MAC subsystem denied debuggability.
+denied debuggability
+.Po
+see
+.Xr procctl 2 ,
+command
+.Dv PROC_TRACE_CTL
+.Pc .
 .El
 .Sh SEE ALSO
-.Xr jail 2 ,
-.Xr sysctl 8 ,
-.Xr cr_canseeothergids 9 ,
-.Xr cr_canseeotheruids 9 ,
+.Xr prison_check 9 ,
 .Xr mac 9 ,
-.Xr p_cansee 9 ,
-.Xr prison_check 9
+.Xr cr_bsd_visible 9 ,
+.Xr procctl 2 ,
+.Xr p_cansee 9

From nobody Thu Dec 21 13:43:36 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8T0NdRz54pXM;
	Thu, 21 Dec 2023 13:43:37 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8S5CP9z4NWP;
	Thu, 21 Dec 2023 13:43:36 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166216;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=P6wKzjpgaoZdQgaHlqq06jRQyiHpW7dcw5qoj4FVtTA=;
	b=QWk2DG0oC2Yp5hzi/ckP/5oemQ62Hfk2jZ1FRX+Xf0zW50liKrx+LywqZQs+lWDn44IsvP
	/lDVayrq0c4FCbrlFOLFhN/QFxw2+FEh64UXXu6EIcHRQyke9l8M5baWVw+oSbrBhBoC3C
	XUP1UYsimMkYAaICRdG49UAiFa7gUwdlVxnIC6cJjq357CWbF0AvbamGxheoinU4b/ahXI
	ahh4bGSO/0he8cWdlWpAib7HmFgPUh0IWOTQFpo/5N9irriLIT6/QUyqLbfJ9/OMxJNpVw
	H/TX6kSIvNfHotZEFmqN9TuhEnakEgyPcSPLUVDgOqvu3GnVYVDMWjdkDJjKAA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166216; a=rsa-sha256; cv=none;
	b=uRE8mqsAMbMeW2zcSEjfkMYM95w/wTg2grDbKcyeIpR2nMLLyCwTHzy4dayhak6+dvXDWw
	BMkKOdS/87vdQcO2Nxg2hCSkO2lFTgo3nBt2Add++ykEZalAoOwF47Fy1JDe4kXksFPxKP
	VyAVxqlFOJUGQSH5/HMHeeOfNE0tTnfhnreNUoNfCE5FAlHnZivpVg9br3eTrEnQdyuU3A
	q6iRKTk+utHkt3Y+FtD61GzXQROUCITtyGEKAApK4civeBjv9ndCQP8stt6u5yhlODexqd
	dm2VgdALoSOyUlgyJ8Nlplz4fhKu3o2yZqYdLVEElLS7smj74WfYky/BWjWyYg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166216;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=P6wKzjpgaoZdQgaHlqq06jRQyiHpW7dcw5qoj4FVtTA=;
	b=b5E3zW99eWCNnS/4HK++HlhKcyrcVw/ETi3MrKS+5OP1CbgVz4ySzK2+Xkh/JN27eP9u9I
	PHYM0Doj4uzl7cayNrgn6r+54gHKVS1ITbxQc2/TIKgRZk+f8WQzBCqTA/vDrZF6Bx/gsn
	YoOZQ2uKIatXWupPklxaqyL2bQF/ikMBRPhiPHYet2F6QaVm5nB3jsAsK0AIPw0Me2Kuvy
	jgdQCtrA0ZX2IAz4fSXDUYfm+VDnHJB4HHMz8GdLo9N7q3h7f63/UZwt6ItPfJ8zQcS48s
	a7alV00CFMPhl5Sjq12P9yrtxpVCp55r2UMGwV3Tqzjcbx5xv5hhWahRlNnPKg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8S4KVVzZmM;
	Thu, 21 Dec 2023 13:43:36 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDha30079125;
	Thu, 21 Dec 2023 13:43:36 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhak8079122;
	Thu, 21 Dec 2023 13:43:36 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:36 GMT
Message-Id: <202312211343.3BLDhak8079122@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 865df3aed731 - stable/13 - prison_check(9): Bring
  up-to-date with hierarchical jails
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 865df3aed73197f00967fed573fc9fa7b74df08d
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=865df3aed73197f00967fed573fc9fa7b74df08d

commit 865df3aed73197f00967fed573fc9fa7b74df08d
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:44 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:37:38 +0000

    prison_check(9): Bring up-to-date with hierarchical jails
    
    Reviewed by:            bcr, emaste, pauamma_gundo.com, mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40639
    
    (cherry picked from commit e9fdd494537ca45b14e0917e8bb1595b6460f3a3)
    
    Approved by:    markj (mentor)
---
 share/man/man9/prison_check.9 | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/share/man/man9/prison_check.9 b/share/man/man9/prison_check.9
index b3bdcf6b4571..7f174e3ceb2e 100644
--- a/share/man/man9/prison_check.9
+++ b/share/man/man9/prison_check.9
@@ -25,22 +25,23 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd December 11, 2003
+.Dd August 18, 2023
 .Dt PRISON_CHECK 9
 .Os
 .Sh NAME
 .Nm prison_check
-.Nd determine if two credentials belong to the same jail
+.Nd determine if subjects may see entities according to jail restrictions
 .Sh SYNOPSIS
 .In sys/jail.h
 .Ft int
 .Fn prison_check "struct ucred *cred1" "struct ucred *cred2"
 .Sh DESCRIPTION
-This function can be used to determine if the two credentials
+This function determines if a subject with credentials
 .Fa cred1
-and
+is denied access to subjects or objects with credentials
 .Fa cred2
-belong to the same jail.
+according to the policy that a subject can see subjects or objects in its own
+jail or any sub-jail of it.
 .Sh RETURN VALUES
 The
 .Fn prison_check
@@ -48,12 +49,9 @@ function
 returns
 .Er ESRCH
 if
-.Fa cred1
-has been jailed, and
-.Fa cred1
-and
 .Fa cred2
-do not belong to the same jail.
+is not in the same jail or a sub-jail of that of
+.Fa cred1 .
 In all other cases,
 .Fn prison_check
 returns zero.

From nobody Thu Dec 21 13:43:37 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8V3ssdz54pcL;
	Thu, 21 Dec 2023 13:43:38 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8T62gdz4NWh;
	Thu, 21 Dec 2023 13:43:37 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166217;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=20gfSf7XhGCdobLBu08/yEc7BVQez8Iq0W1A7sZ0Kgw=;
	b=YoqGYIle53KWsx2B2uOGS3mgdFuxrmKKQNvtzns0+pyAXvg32AYb11Oo4na1qp3Msd/u+U
	ojGPZQKcbFxgHM+mQuJskyvoboDNUt2e8CFf/dD+kYb91UHFMiojgMv/Hmk48Hx0hlIi94
	czyQLk4a7eWuXyqOAed7CVasf4Cz1qIXTkUiEyMZJrOKQQhWz6Ms8ABIyfOzRCEsgrnUOK
	4tW0NhBQTj4+st/vtROSo5mOzJ1mX6k43upzDya1+Hgs8mpgV2oAs+kuo8IHdYxRzxZCup
	h2t66QK4RokovwLHDcY3rrVXWZDwP8X8OgRGe84bFnE2M5li/eh4GwtZPniCdQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166217; a=rsa-sha256; cv=none;
	b=EcE9fZLAt0k6/ZoUqVbEKk9f78OB2LQjAIbVol91izz+gH0y2OOzXWUNY2glk1QE9PoCfW
	qh/5xPGvlAardVVM08RjUsQtPxtbo82gf4bwygTthN6H3cJtnzJfWhLmPksPjeCABduYYa
	jHoqvWCRPGGBFZSCWTZQYIxC72OVp/4kMDS0CurE1dYxN4Zoh3keVtCXtwM3c4yWgFQmMB
	SkaUU2HxjTBUKiWLke0LUz19VqiZQKPl8KJ8h4MRV9embs8pd4gFnHmCFoB4CYj3UZOv6n
	6XIng7dzqWcDFqOplX2QlUb+wxTEFRe/YmEqAHQV4zN6sBbA56uXCfTc7CfI9Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166217;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=20gfSf7XhGCdobLBu08/yEc7BVQez8Iq0W1A7sZ0Kgw=;
	b=R1vwPrf7EtLZxx9CUDlTFoLBsyvbkd6rlxS+wncTH6dzhhLFYFOWtyLB7r5skkQ9p27mPc
	2hk6r/eZ2n7ytkXUyAX/wHSxAvPFPIBmxyhyAIAmX++uv5UrliTQCOygZI56/WKxfq8Img
	i1lOMhVURcLDq4aSj1xt065XgQfTKaJDNEEOARrR8/L3VAuE945XoxwpOIUBvAxGUxCaVy
	j8R/Zvo5cV+N1s8PC1YRxRjv/j+pv/Xku8kKYJzulbncJ6ex9sXSQpmdQrkYBkEHpENpSk
	h+eVbHhCjgG1UoYaR/sAF6A3vYSElX848ec/QkqhVHMJ74+yzyUMNGyHWWnWhg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8T57rPzZF9;
	Thu, 21 Dec 2023 13:43:37 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhbvR079188;
	Thu, 21 Dec 2023 13:43:37 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhbb1079185;
	Thu, 21 Dec 2023 13:43:37 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:37 GMT
Message-Id: <202312211343.3BLDhbb1079185@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: c55330ce4d1a - stable/13 - groupmember(): Extract the
  supplementary group search in a separate function
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: c55330ce4d1a8cfa214299872f243d1dffc90376
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=c55330ce4d1a8cfa214299872f243d1dffc90376

commit c55330ce4d1a8cfa214299872f243d1dffc90376
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:44 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:37:45 +0000

    groupmember(): Extract the supplementary group search in a separate function
    
    This is in preparation for the introduction of the new realgroupmember()
    function, which does the same search into supplementary groups as
    groupmember().
    
    Reviewed by:            mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40640
    
    (cherry picked from commit b725f232f3b09b4bcbc426854fe1545234c66965)
    
    Approved by:    markj (mentor)
---
 sys/kern/kern_prot.c | 41 ++++++++++++++++++++++++-----------------
 1 file changed, 24 insertions(+), 17 deletions(-)

diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 7f196a446315..682754dd7687 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -1275,36 +1275,43 @@ sys___setugid(struct thread *td, struct __setugid_args *uap)
 }
 
 /*
- * Check if gid is a member of the group set.
+ * Returns whether gid designates a supplementary group in cred.
  */
-int
-groupmember(gid_t gid, struct ucred *cred)
+static int
+supplementary_group_member(gid_t gid, struct ucred *cred)
 {
-	int l;
-	int h;
-	int m;
-
-	if (cred->cr_groups[0] == gid)
-		return(1);
+	int l, h, m;
 
 	/*
-	 * If gid was not our primary group, perform a binary search
-	 * of the supplemental groups.  This is possible because we
-	 * sort the groups in crsetgroups().
+	 * Perform a binary search of the supplemental groups.  This is possible
+	 * because we sort the groups in crsetgroups().
 	 */
 	l = 1;
 	h = cred->cr_ngroups;
+
 	while (l < h) {
-		m = l + ((h - l) / 2);
+		m = l + (h - l) / 2;
 		if (cred->cr_groups[m] < gid)
-			l = m + 1; 
+			l = m + 1;
 		else
-			h = m; 
+			h = m;
 	}
-	if ((l < cred->cr_ngroups) && (cred->cr_groups[l] == gid))
+
+	return (l < cred->cr_ngroups && cred->cr_groups[l] == gid);
+}
+
+/*
+ * Check if gid is a member of the (effective) group set (i.e., effective and
+ * supplementary groups).
+ */
+int
+groupmember(gid_t gid, struct ucred *cred)
+{
+
+	if (cred->cr_groups[0] == gid)
 		return (1);
 
-	return (0);
+	return (supplementary_group_member(gid, cred));
 }
 
 /*

From nobody Thu Dec 21 13:43:38 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8W1p5Jz54pXS;
	Thu, 21 Dec 2023 13:43:39 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8W04Cnz4NkL;
	Thu, 21 Dec 2023 13:43:39 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166219;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=VKzpyN7oh/oqf2ROLzVvs8wS1DcdlezGXjPZ2EUMDDk=;
	b=HrtaYMQabwNQI3fNHTXpVVotxC+mwsohQN9Aslc3m0AaC9hnEhBBGwGwXjB62BxwmMJFML
	m5UDdubi8ldz2G8jKyoH6xPEwNNih7i3d8t0MTj26P08LdD64Yi9Qbe9Mtom9Wkyhi0I5d
	qHWv76QgUzvEp+LZPbo4wH79xVJLJfTqHdPcCkwVJQ8WAsPZIFisLymKFufvd3BLsUA0J4
	N75MWFYc4aVz1ZSJVmfgKzSRbORfGLKSmM2YhZajKpo0304TpXwO36GpBAf/lSgiQLkUYz
	AP1T9rpy1z8U9djC8Z7P3GsjPtmXVOd4nCbJa+xU9Ycp+scGdeZFtPW3/UUqjQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166219; a=rsa-sha256; cv=none;
	b=ZJ8F2R/on34e8MO2HUr9jsXM3RJuTIzju4qN5XVCHpGu/o7gsUyARlVtm4qpoHvqNbAFJt
	1RFr1VEQ2ipDnxrm841J38ga0JGEkaRVy220MIcHn8Yo9WHnjU0kIbO+mgsSVyU8MSyaeq
	UrWdsrs/UW0RWVy6vG51M5wWhq8zvBfWVJ5q2KhslN6EonoEyb5VSEf0yPtn4kBN5D4q7C
	btVRMz2tsNso5aEoxSx0460LvFOjXbCoSOJcJ8+FobiD5pkv9uV2h3urgQCGQWCLTC46iu
	jXHJDoODiezwtkvYYkaGS5TsQE18rlyqs1wI2pS1ZugmcdIeSpkIoJYAjDmy+Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166219;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=VKzpyN7oh/oqf2ROLzVvs8wS1DcdlezGXjPZ2EUMDDk=;
	b=oHfD+IGg45rMwdM8lnENTP9UtPZGrVZ/5BQ3wLkS/Zi4uzysTymuh6kA1tcyhAWlm8/NtQ
	OfBXPtU5qaRctD/ZZQykdo+h2YMv4xkkvgJWHEtVaTIIzKGMCDZsks/43vBLalgDbjoFpF
	0lahN0XX9EBc2bPauVF5JcrA1boeRFmu4Nxaviw2d/L/ZVwbhCvwH2f2alyp/EiCWJlF3s
	ZRzrgP/bLeNC1MBf2kdvMkR8FvMbfXMigUFI8GTwO1jQc16zA0X5QXvmvizhVEyNilW26J
	a1zB4aGXzDvp2vlhbtvA4nFMoRPR1dx13NYBDQ7HBhNHPiqlIwcu996deBdr2g==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8V6FctzZdF;
	Thu, 21 Dec 2023 13:43:38 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhckT079221;
	Thu, 21 Dec 2023 13:43:38 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhc5O079218;
	Thu, 21 Dec 2023 13:43:38 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:38 GMT
Message-Id: <202312211343.3BLDhc5O079218@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 3fab2d96cdd7 - stable/13 - New realgroupmember()
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 3fab2d96cdd7f4ce78391ab67f719bd2936bec60
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=3fab2d96cdd7f4ce78391ab67f719bd2936bec60

commit 3fab2d96cdd7f4ce78391ab67f719bd2936bec60
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:45 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:37:52 +0000

    New realgroupmember()
    
    Like groupmember(), but taking into account the real group instead of
    the effective group.  Leverages the new supplementary_group_member()
    function.
    
    Reviewed by:            mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40641
    
    (cherry picked from commit 2a2bfa6ad92e9c82dcc55733ad2fd58fd2ea7559)
    
    Approved by:    markj (mentor)
---
 sys/kern/kern_prot.c | 13 +++++++++++++
 sys/sys/ucred.h      |  1 +
 2 files changed, 14 insertions(+)

diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 682754dd7687..e6c11d2ea74b 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -1314,6 +1314,19 @@ groupmember(gid_t gid, struct ucred *cred)
 	return (supplementary_group_member(gid, cred));
 }
 
+/*
+ * Check if gid is a member of the real group set (i.e., real and supplementary
+ * groups).
+ */
+int
+realgroupmember(gid_t gid, struct ucred *cred)
+{
+	if (gid == cred->cr_rgid)
+		return (1);
+
+	return (supplementary_group_member(gid, cred));
+}
+
 /*
  * Test the active securelevel against a given level.  securelevel_gt()
  * implements (securelevel > level).  securelevel_ge() implements
diff --git a/sys/sys/ucred.h b/sys/sys/ucred.h
index b17dccada4d8..837c33757317 100644
--- a/sys/sys/ucred.h
+++ b/sys/sys/ucred.h
@@ -159,6 +159,7 @@ void	cru2x(struct ucred *cr, struct xucred *xcr);
 void	cru2xt(struct thread *td, struct xucred *xcr);
 void	crsetgroups(struct ucred *cr, int n, gid_t *groups);
 int	groupmember(gid_t gid, struct ucred *cred);
+int	realgroupmember(gid_t gid, struct ucred *cred);
 #endif /* _KERNEL */
 
 #endif /* !_SYS_UCRED_H_ */

From nobody Thu Dec 21 13:43:39 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8X2mT4z54pVG;
	Thu, 21 Dec 2023 13:43:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8X1DNVz4Nfm;
	Thu, 21 Dec 2023 13:43:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166220;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=XMrDpT+Pl6A83cm4DmVfqKNZTQj4IZuWMuhkwhEYoc4=;
	b=NEcZW7W4IuIeD2O6Ikc+IkfE+SE0WYcPLcznhE227LvCGGlBWxOK3tihJTEwXNWIaeVDF3
	jecFJ312D5oiAda5UqBX5jYN5Gz3OuMPOZQW2xcOZbkfY1zbs9up8aQcUF1mRjxi8oCD1X
	GjbgOdzdzKAI87dZvBYEQfXJ6AGKXRjozr9c6mFEWrP0AIcpEYcQxlambJRjVtzNbF1CUL
	rqaWLLcq6VrfFkN3GnATT5KI6pWjgRtKbHpWbqoEPNO5cfL78OxMz1MxXxH129weZIChX7
	7rk9C8p5IaZglN5JvBhvmCgDzIXiF6XOiPln9+m1kOlCHo6HPVl/CmopiSOItA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166220; a=rsa-sha256; cv=none;
	b=fb+6PsD6Z32Ow3qCF/eZrpCJUpkf5RJqdjf4NhmZNpY5Uxlo1VALzU2eW1HuizBpxy5Pdv
	/Oa9qG+hS+Vo6jq0mog6AqIEByB3gBC6GpxrMWTsiEfcn6rnD1gatdANwc5JBbimwOrs3i
	Mr5+DKRq6vZPOOPBrg5OtxTfnR+OzU91hx4NbHfEc5nudgYo7gon+LJUBAnQYfWHgiRz7l
	PN9gnRnh3z7KkN+0tkkH9rjjOPtXe+5csiFyU7kjSInenIKIDiK0cqkF/SemBuEcQ3bOWX
	GcTlwB3e/K7GA5Y3DvHh47HBcAYZOjdgRkcpkUklWzEDRr4u6O7twntFZbimQw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166220;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=XMrDpT+Pl6A83cm4DmVfqKNZTQj4IZuWMuhkwhEYoc4=;
	b=jS2lGa27iSSX37TCBz9cV7nLE9YR6aco0nu2epvCbFEWsOahZ2A+WPajEoKG/E7bqmbcZj
	+/F1oA6Iv83oq0M7Ij5JqXxbEyepBcxtS7q9yHhl/oW2sqLE1kJ4dXFCotkXitcIR6Rn8z
	SLUnx8UOVjhfSNWhzn9Kq5z/msdnZk4j1m6f0lmfxVvhWU9GHvQCu1WZFhc5/oGm2NLNjJ
	YFcMXBAqgGR80m0nYG+72W1tckU0oMe2nicFGwjZJJA2MDGQoy0Wo4vce0og9yps+RPToL
	gyN7aebjlSQMb5bd/9+pAo6Wzl+0pa2yeAnTTUuV3laq4rwqfE5fx1FnKHQzdg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8X0KRFzZdG;
	Thu, 21 Dec 2023 13:43:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhd6R079269;
	Thu, 21 Dec 2023 13:43:39 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhdf6079266;
	Thu, 21 Dec 2023 13:43:39 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:39 GMT
Message-Id: <202312211343.3BLDhdf6079266@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 3eb8bf041831 - stable/13 - realgroupmember(9): Link
  to groupmember(9), document the function
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 3eb8bf041831a0f5ee6e682a9826c1ae89b254a4
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=3eb8bf041831a0f5ee6e682a9826c1ae89b254a4

commit 3eb8bf041831a0f5ee6e682a9826c1ae89b254a4
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:46 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:37:59 +0000

    realgroupmember(9): Link to groupmember(9), document the function
    
    Reviewed by:            bcr (older version), mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40643
    
    (cherry picked from commit 5d9f38405a10fdcd9fc108c940dcf2642e9f1833)
    
    Approved by:    markj (mentor)
---
 share/man/man9/Makefile      | 1 +
 share/man/man9/groupmember.9 | 7 +++++++
 2 files changed, 8 insertions(+)

diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile
index 18642ff86010..d237f677311a 100644
--- a/share/man/man9/Makefile
+++ b/share/man/man9/Makefile
@@ -1155,6 +1155,7 @@ MLINKS+=g_provider.9 g_destroy_provider.9 \
 	g_provider.9 g_error_provider.9 \
 	g_provider.9 g_new_providerf.9
 MLINKS+=gone_in.9 gone_in_dev.9
+MLINKS+=groupmember.9 realgroupmember.9
 MLINKS+=hash.9 hash32.9 \
 	hash.9 hash32_buf.9 \
 	hash.9 hash32_str.9 \
diff --git a/share/man/man9/groupmember.9 b/share/man/man9/groupmember.9
index 3a516622efce..ae7ccd477955 100644
--- a/share/man/man9/groupmember.9
+++ b/share/man/man9/groupmember.9
@@ -36,6 +36,8 @@
 .In sys/ucred.h
 .Ft int
 .Fn groupmember "gid_t gid" "struct ucred *cred"
+.Ft int
+.Fn realgroupmember "gid_t gid" "struct ucred *cred"
 .Sh DESCRIPTION
 The
 .Fn groupmember
@@ -49,6 +51,11 @@ Considered groups in
 .Fa cred
 are the effective and supplementary groups.
 The real group is not taken into account.
+.Pp
+Function
+.Fn realgroupmember
+works the same except that it considers instead the real and supplementary
+groups, and not the effective one.
 .Sh RETURN VALUES
 If the
 .Fa gid

From nobody Thu Dec 21 13:43:41 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8Y3Xxrz54prg;
	Thu, 21 Dec 2023 13:43:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8Y2WzQz4Nck;
	Thu, 21 Dec 2023 13:43:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166221;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=/2tUM13aT55QWssPEAwCezYwpYjMoafu0+PYNhKJAKg=;
	b=h3n07SVad8oNUzIQqUj/lCrnbCV+Llr4sXUsPyt+PelUXN6bv9HAdXX7BH3PyXWHH4T/WY
	VJTHABkPTsw6mogn4HgqYT9AmIBol8RSvU8b4/h0UiCaksyFjTzLWA6kok9ajzRJfDLoak
	3QlwaCn5qUzqniCz+1PErLPGCKrviQLvQN6BCXtUyaMxzaptHpF2kpeCREtUk5HVGDPjwn
	iuyfn1LL+eevEXZv8Qbjlq2i/+R0a6KyuT+EvTeCU4CtY8M3wP6Ex9uHh45enJIoSfQx75
	wA9Rz8DU8D6DNOHXV5LSjpHeGzC1Kper+eDezbOQqIlOCB2PC62sAP/j8PbePw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166221; a=rsa-sha256; cv=none;
	b=o/Tg4KYfUUZRfm0YnHzno44T/jQZlOUNYz6Nc5V/CawFL1T29gSH6VKcv/aYAPlCexwvOP
	nZnZzL5dAfkPIaaSr/Af5tOTeBvFHXffSxUATnbsmWLFNdGmuZlDEPf95b6lyMK7L6cgFf
	hEEdB/PHpbUF+fCK5R53O0Sj211gFpOYtVhJ0s3yqPxDF/Y3AH1cY5kPh1+kTWPSnXG3e/
	LXwbYXLAfdlslDXAg/DEQdsM6EWIlJJKgZ8wXA0aZhLc2smz/ueKMXPzFwAMDLMJ2oo6WY
	snTyZLTexmZJUb+xK5WRxOU9snsaDaE5c/L7dLfvvqKxO9JqohJGf0P9Vap0tQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166221;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=/2tUM13aT55QWssPEAwCezYwpYjMoafu0+PYNhKJAKg=;
	b=mokL7duto9EH/V+me6E8PBgJHDyCViHHDqGMiF+ep+DWuYY1TM7cGC15CrXC9YOGvc2fsw
	t3xRPvty1JuDnKUBZXdTi3OP6KqnaqTxwJYESH8Y9wkimqaCzgCDZGs+o10ps75aElkN0l
	h4EA2cfjWphUmQiDFPLxLoBcrZ8h78kzvhwkpQl8b2xx1NXd3rKvTuU6yWc536JUa6GRqP
	dotNtsSP2oGeVVt63vACZhaGU/UOSsujfzqMVISqTUzqWlPmH8xZ+6uG+WQEKGNL99u5p8
	ufpIU8v2zxFlBLHYAMHF75HIhdyYuV8G2D52c39f80O2FW1yuBvYCtQIqi8o3w==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8Y1SxYzb4H;
	Thu, 21 Dec 2023 13:43:41 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhfG1079320;
	Thu, 21 Dec 2023 13:43:41 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhf2l079317;
	Thu, 21 Dec 2023 13:43:41 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:41 GMT
Message-Id: <202312211343.3BLDhf2l079317@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: f0951233c6d3 - stable/13 - cr_canseeothergids(): Use
  real instead of effective group membership
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: f0951233c6d33da3c9a6bc347d9ae7aa911d7ca9
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=f0951233c6d33da3c9a6bc347d9ae7aa911d7ca9

commit f0951233c6d33da3c9a6bc347d9ae7aa911d7ca9
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:45 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:38:07 +0000

    cr_canseeothergids(): Use real instead of effective group membership
    
    Using the effective group and not the real one when testing membership
    has the consequence that unprivileged processes cannot see setuid
    commands they launch until these have relinquished their privileges.
    This is also in contradiction with how the similar cr_canseeotheruids()
    works, i.e., by taking into account real user IDs.
    
    Fix this by substituting groupmember() with realgroupmember().  While
    here, simplify the code.
    
    PR:                     272093
    Reviewed by:            mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40642
    
    (cherry picked from commit 91658080f1a598ddda03943a783c9a941199f7d2)
    
    Approved by:    markj (mentor)
---
 sys/kern/kern_prot.c | 23 ++++++++++-------------
 1 file changed, 10 insertions(+), 13 deletions(-)

diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index e6c11d2ea74b..1c9e2927bc5e 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -1406,21 +1406,18 @@ SYSCTL_INT(_security_bsd, OID_AUTO, see_other_gids, CTLFLAG_RW,
 int
 cr_canseeothergids(struct ucred *u1, struct ucred *u2)
 {
-	int i, match;
-
 	if (!see_other_gids) {
-		match = 0;
-		for (i = 0; i < u1->cr_ngroups; i++) {
-			if (groupmember(u1->cr_groups[i], u2))
-				match = 1;
-			if (match)
-				break;
-		}
-		if (!match) {
-			if (priv_check_cred(u1, PRIV_SEEOTHERGIDS) != 0)
-				return (ESRCH);
-		}
+		if (realgroupmember(u1->cr_rgid, u2))
+			return (0);
+
+		for (int i = 1; i < u1->cr_ngroups; i++)
+			if (realgroupmember(u1->cr_groups[i], u2))
+				return (0);
+
+		if (priv_check_cred(u1, PRIV_SEEOTHERGIDS) != 0)
+			return (ESRCH);
 	}
+
 	return (0);
 }
 

From nobody Thu Dec 21 13:43:42 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8b0JnGz54prl;
	Thu, 21 Dec 2023 13:43:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8Z3QKXz4NgG;
	Thu, 21 Dec 2023 13:43:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166222;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mCzBbQ0vjjP+FQydvGBoXmfNddgY2q72BZ9gHyGsyts=;
	b=kVQjHGmkTuI6lXpwv1pGyK/jVfgc6ZlWV1a/uk4+k89QLZcwJszKp3xG0yKFh9e+D6+EjX
	Twahu17Dmd03bCACdSl1YAyjRwFs22nQ0aQ8yDHN48kdvSbngbcYniNHLhh1f1EFqd5yCv
	zpdLZ1BPhlE4doPAYe8IdnuH1UovP6EjyDIHPvDW0kTiJSCgt0eo/38BOr3lt8uvBXcEG5
	LF6oWmYQSoG2orf8FQrmsp0KLYDXmkZ9ndDRbg9qcOmrK9WBmy0TarOzrprXTFXFqMnlTG
	K7jRcckRS3RWzURq1zMEhNozBtXxUuI4Cns066dfQHAZjtZwc5rzHTreT7qcSA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166222; a=rsa-sha256; cv=none;
	b=EbpJisEbxDppy11mqUMs6MsJ+9mjMqgGIG/Yf2i1V2gem9Q8Rpy0GsgUKz3UU+GVMvxQu7
	5nUdv7tkVAD/7Pu9uBrwgFh4/KDsehqVYNOdHGd+LB0ILsgZrq26hueulQQzUQ9a8YZ8BB
	b37Uu/nTFVylUm4idXWmyBnlaDQwcHV/27DuJ9B2alpCQWrPDua0gxIbxDf8WIq2GsZySk
	bkCXCmp4pwNleCa4FnOmQI7fiOrEN2mT3HTQT351ZEP7TQj2gvJ4H6nYMoEvy5ybNJcjiQ
	kZRGiXRJoeBgSPGjM9lKNv6jkJHQe7wnHo7y50lvnF7jbe6u0U6gtdGqrzw3lQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166222;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mCzBbQ0vjjP+FQydvGBoXmfNddgY2q72BZ9gHyGsyts=;
	b=DY2EZbhOBGlZ5pDPv9nXVfjB9fjXOz6qgjPcyxI48QthYqo179AoOzcJ02mohhj4qy7TdV
	bFZixIS23Wv+J6yhyDaMXpbMuy9LNcDowfKy/k0qEYgJDLsd0OV5CGyLpVc6xnBk+TfpO7
	d3PGfFwnLu7ZLrLKF1e8sR2yAbJ2b76KLS60IJ1USNM5YXzmO50YX4roTw3vopyog9xku9
	MeSetSAUrkGnD7JQzkg2bu3vq1MJ46mYNle21qSQIEogqU6KC/TRFv72+n21mDSo+SmrjD
	KUnIpHqOGRbiQLdVnhi2zxBv5rgYAP0pY5UFAxliiBM7QZYS7Sx/kLm3X4VILA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8Z2Vczzb4J;
	Thu, 21 Dec 2023 13:43:42 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhgqY079365;
	Thu, 21 Dec 2023 13:43:42 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhgFf079362;
	Thu, 21 Dec 2023 13:43:42 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:42 GMT
Message-Id: <202312211343.3BLDhgFf079362@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 0297e7213c0c - stable/13 - cr_canseeothergids():
  Policy change's manual pages impact
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 0297e7213c0c0ce8bd7bdc107da953e8fb6b5815
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=0297e7213c0c0ce8bd7bdc107da953e8fb6b5815

commit 0297e7213c0c0ce8bd7bdc107da953e8fb6b5815
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:46 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:38:15 +0000

    cr_canseeothergids(): Policy change's manual pages impact
    
    See previous commit that made cr_canseeothergids() use the new
    realgroupmember() function, taking into account real group IDs instead
    of effective ones.
    
    PR:                     272093
    Reviewed by:            pauamma_gundo.com, mhorne
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40644
    
    (cherry picked from commit 0452dd841336cea7cd979b13ef12b6ea5e992eff)
    
    Approved by:    markj (mentor)
---
 share/man/man9/cr_bsd_visible.9     | 2 +-
 share/man/man9/cr_canseeothergids.9 | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/share/man/man9/cr_bsd_visible.9 b/share/man/man9/cr_bsd_visible.9
index bd676e6f5705..f2d42f3835dc 100644
--- a/share/man/man9/cr_bsd_visible.9
+++ b/share/man/man9/cr_bsd_visible.9
@@ -97,7 +97,7 @@ and
 are not members of any common group
 .Po
 as determined by
-.Xr groupmember 9
+.Xr realgroupmember 9
 .Pc .
 .It Bq Er ESRCH
 Credentials
diff --git a/share/man/man9/cr_canseeothergids.9 b/share/man/man9/cr_canseeothergids.9
index f0c1e5c4e726..109d41a8545d 100644
--- a/share/man/man9/cr_canseeothergids.9
+++ b/share/man/man9/cr_canseeothergids.9
@@ -48,9 +48,9 @@ This function checks if a subject associated to credentials
 is denied seeing a subject or object associated to credentials
 .Fa u2
 by a policy that requires both credentials to have at least one group in common.
-For this determination, the effective and supplementary group IDs are used, but
-not the real group IDs, as per
-.Xr groupmember 9 .
+For this determination, the real and supplementary group IDs are used, but
+not the effective group IDs, as per
+.Xr realgroupmember 9 .
 .Pp
 This policy is active if and only if the
 .Xr sysctl 8
@@ -79,5 +79,5 @@ Otherwise, it returns
 .Er ESRCH .
 .Sh SEE ALSO
 .Xr cr_bsd_visible 9 ,
-.Xr groupmember 9 ,
+.Xr realgroupmember 9 ,
 .Xr priv_check_cred 9

From nobody Thu Dec 21 13:43:43 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8c00Xfz54pZR;
	Thu, 21 Dec 2023 13:43:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8b4Y3Wz4Ngh;
	Thu, 21 Dec 2023 13:43:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166223;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=vt2Ax6bsLjkT7gphe3AFftNwGngIfSJpxKAHppJ0a3o=;
	b=WVbT2X6lNxRafnP8/z2b9WJKB3YXXCahtbmi6cRBSQgkJ34dvgRd3N2ahuXhjgsY0H1OwU
	hwbi1sEor+sQ/Qkq3L0ti3Okqqbpis6W8DCMUTZ2I+1mF7Tj8DLanz/z/b3SD0NLoBKpu7
	N2NKM3CiWW/ZliZKuUCKF/5Rej63AiSb1OlEk8f4oAm+gCxpQlvTAYkx9mh0WgMh3zTkjb
	/1hZGkdyZLVeaGkWqvQjmY8uyhACZYwW86QpmJ6Asee5K4sYMgB/AqRjRFSWXlpklLnPjh
	VVWwvOTkrJYvFa3XGnzd++clHJ5DshyY+VksSJFY0FcAJhg3wMiedXR+/YX99w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166223; a=rsa-sha256; cv=none;
	b=B2ZaAs8lQHdC75dKDTNGCuFSSDFmnHiQQfFU1i+3+pwhCx3FSDs0KRBFiJS7swp6YmXzUV
	ORfEruG4bGAK6TJNPHomalP3HIJ0cyYQTU1/tPR1IqSh2q2STt9tYs9gToL4egVzav2zkP
	mRS2oPLRO7Nx2jzxjGKOFArq15jQfotpi0evL4x+ydsiRCNG/6BG1eYvodxjnH7cTsBvgy
	wEiCj0Kva74M9IDnS0tzJsJHwQyx+TXn2BC7iDfDCaQ5LXhYrVVSY4etbID2xwCPkxCtVx
	fSTHPzV781HaxLrohudM1x+KxyW0OEGg1BBJx4SARW+dT7ha/F+JpYwu6fb4PA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166223;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=vt2Ax6bsLjkT7gphe3AFftNwGngIfSJpxKAHppJ0a3o=;
	b=CrQuxdZ5wAjHtpwP/uYhvFL4IqZQwZ5+PF5pEV+LKx+lBSfb9yP6CKffKS/tCa3W6HXe6o
	ydpgqak4i/IRWEQ5MgiiFdyTtI5eNP2eR/6N+DBkKncwzQTTrkUGQ3X9t+pmwepX909Ydj
	lUWCMr9+5trPlPgUPse00u5hjyZch8hPJGWXAt3KDQanjkBV1bUvh+380mrClaM1Yk9MFm
	lH6cnRAvshMCEvdMOAZCHhIjFtf09jomasRoiEaa2B/PtAE5fvLrmw6cPlBo9JIfc319sS
	W/ylAWP2rCtLuB/w/PWiTSQ3X5Qd6wMcye6yAY7hvBFSYrntxzWWo8F/xP7CtQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8b3fhtzZdH;
	Thu, 21 Dec 2023 13:43:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhhxP079413;
	Thu, 21 Dec 2023 13:43:43 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhhU5079410;
	Thu, 21 Dec 2023 13:43:43 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:43 GMT
Message-Id: <202312211343.3BLDhhU5079410@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 56f758066c82 - stable/13 - security(7): security.bsd.see*:
  Be more accurate
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 56f758066c8272ce37394365945ae62c10456e49
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=56f758066c8272ce37394365945ae62c10456e49

commit 56f758066c8272ce37394365945ae62c10456e49
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:48 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:38:22 +0000

    security(7): security.bsd.see*: Be more accurate
    
    Reviewed by:            mhorne, pauamma_gundo.com
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D41108
    
    (cherry picked from commit 61b6e00bee1d39e9c688e728fbf3a4efcdb61e66)
    
    Approved by:    markj (mentor)
---
 share/man/man7/security.7 | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/share/man/man7/security.7 b/share/man/man7/security.7
index e84d3cf4fb4b..785cfcb6c7e5 100644
--- a/share/man/man7/security.7
+++ b/share/man/man7/security.7
@@ -26,7 +26,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd January 14, 2022
+.Dd August 18, 2023
 .Dt SECURITY 7
 .Os
 .Sh NAME
@@ -956,16 +956,18 @@ Backwards compatibility shims for the interim sysctls under
 will not be added.
 .Bl -tag -width security.bsd.unprivileged_proc_debug
 .It Dv security.bsd.see_other_uids
-Controls visibility of processes owned by different uid.
+Controls visibility and reachability of subjects (e.g., processes) and objects
+(e.g., sockets) owned by a different uid.
 The knob directly affects the
 .Dv kern.proc
 sysctls filtering of data, which results in restricted output from
 utilities like
 .Xr ps 1 .
 .It Dv security.bsd.see_other_gids
-Same, for processes owned by different gid.
+Same, for subjects and objects owned by a different gid.
 .It Dv security.bsd.see_jail_proc
-Same, for processes belonging to a jail.
+Same, for subjects and objects belonging to a different jail, including
+sub-jails.
 .It Dv security.bsd.conservative_signals
 When enabled, unprivileged users are only allowed to send job control
 and usual termination signals like

From nobody Thu Dec 21 13:43:44 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8d12sqz54pXh;
	Thu, 21 Dec 2023 13:43:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8c5nNnz4P2K;
	Thu, 21 Dec 2023 13:43:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166224;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=CCQofkutay05AvN3ruFtKL55S213Lx3yX+8qaXz/YqE=;
	b=pYw/eEKSxWJNfYnvA2Xb8Q50LU/xc3eFhp3Gu1ZzeLvHd6l3nfgfzrBtCM8I1gd1orDieg
	UIQPYqmZyJPP9QdTw/0o5FkOlqc4yxMWbkC9HOvUte3YhmfJC9t2A1uzWklyw3y25qBfdN
	EZjcJ7mSeOdADyY3W1Otu4H14+bn+j2PqcvQnufsO1NuIQ3EtgMXvni2ae/6cHQQAro3DW
	J732ExCC0GNg6ZKv+YiVf2ESkbBQbAWR07EKKH+MLNHtgeKfi18/r5jeyxTKWbaTw36Jc1
	mfwKXDVjGUtkJdsi+1s40YzVxJMoKY1tAPV8e8zg5J+xisASosE+Xhrm2L0LqQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166224; a=rsa-sha256; cv=none;
	b=JGgdRfx2BQ+KLYE8nUIaFNjfngNkYqbvc+qjLEpvR3M7ngujrhFRHx5IzNlDENCMW+twxV
	Gm4/4vpEMduBeMpr9qmWs5hWUpGiWDRvkqO2YS/uYXdA+cU6ERvkO4WOW7ItgiFF/5DbU0
	i4Mc8R+pvaSow7qyV6qBOXnwzU/lM5xcoADq3WCHQ0M4RyP+t8j/MB7EMzKkI0pJQOMrxY
	UowNgv7nWTPQZvWtm1hsw5U5AEXSAZ+O4q+5dEyD9f5wMx8SZdVdWnwRE6gNP9tF/pmzr0
	OKGLnnStU2H4NxC02sFKf/nwaTa0NVz8tY2J52FFa6iWT3YZGP3bCamTF5tfFg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166224;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=CCQofkutay05AvN3ruFtKL55S213Lx3yX+8qaXz/YqE=;
	b=xnywuNnPrxGCwb7KxpSarU7+OrD8ZkIFhltpfqYpEBOAwamK+BaszPGcCwoWxGu4sw2A54
	dR4SJeOmzlTU0IkcNDIsss6Pp9WIXZr9M9clYNNQe7g4Mn2cf1g5gU8TVJ4737dTV/knGW
	OGji4hMD0oESgk8Bs0vfYub6TO89Ug5E2BQ5a7gaHn2aZG5b+FElIpkRPE5yZF0J2C0yk/
	ogTCjDmL7ureuwC09yf79IXqZJiO36AnrS0q3Vn8ass3KekKvx9Ni+Xwy3Xapn0+Ioc835
	AdKSJ1e2gYkFUGn4PhofhdQxwIkSnK5tbKIcPHYVq2dI1HJ0QEz1b0zcV6dikg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8c4tz0zZRT;
	Thu, 21 Dec 2023 13:43:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhiOo079458;
	Thu, 21 Dec 2023 13:43:44 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhiJd079455;
	Thu, 21 Dec 2023 13:43:44 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:44 GMT
Message-Id: <202312211343.3BLDhiJd079455@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 0c01901f122d - stable/13 - ptrace(2): Disabling:
  Describe influence of security.bsd.see_jail_proc
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 0c01901f122d1d9590f00c9b6fbd9f4d79e7d4f0
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=0c01901f122d1d9590f00c9b6fbd9f4d79e7d4f0

commit 0c01901f122d1d9590f00c9b6fbd9f4d79e7d4f0
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:48 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:38:31 +0000

    ptrace(2): Disabling: Describe influence of security.bsd.see_jail_proc
    
    Reviewed by:            mhorne, emaste, pauamma_gundo.com
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D41109
    
    (cherry picked from commit d952820105d6a2ad87ddf3bdc6c5fc5215d13b87)
    
    Approved by:    markj (mentor)
---
 lib/libc/sys/ptrace.2 | 36 +++++++++++++++++++++---------------
 1 file changed, 21 insertions(+), 15 deletions(-)

diff --git a/lib/libc/sys/ptrace.2 b/lib/libc/sys/ptrace.2
index f417b4f021af..25c7663114a5 100644
--- a/lib/libc/sys/ptrace.2
+++ b/lib/libc/sys/ptrace.2
@@ -1,7 +1,7 @@
 .\"	$NetBSD: ptrace.2,v 1.2 1995/02/27 12:35:37 cgd Exp $
 .\"
 .\" This file is in the public domain.
-.Dd December 15, 2022
+.Dd August 18, 2023
 .Dt PTRACE 2
 .Os
 .Sh NAME
@@ -149,31 +149,37 @@ its scope.
 The following controls are provided for this:
 .Bl -tag -width security.bsd.unprivileged_proc_debug
 .It Dv security.bsd.allow_ptrace
-Setting this sysctl to zero value makes
+Setting this sysctl to zero makes
 .Nm
 return
 .Er ENOSYS
 always as if the syscall is not implemented by the kernel.
 .It Dv security.bsd.unprivileged_proc_debug
-Setting this sysctl to zero disallows use of
+Setting this sysctl to zero disallows the use of
 .Fn ptrace
 by unprivileged processes.
 .It Dv security.bsd.see_other_uids
-Setting this sysctl to zero value disallows
+Setting this sysctl to zero prevents
 .Fn ptrace
-requests from targeting processes with the real user identifier different
-from the real user identifier of the caller.
-The requests return
-.Er ESRCH
-if policy is not met.
+requests from targeting processes with a real user identifier different
+from the caller's.
+These requests will fail with error
+.Er ESRCH .
 .It Dv security.bsd.see_other_gids
-Setting this sysctl to zero value disallows
+Setting this sysctl to zero disallows
 .Fn ptrace
-requests from process belonging to a group that is not also one of
-the group of the target process.
-The requests return
-.Er ESRCH
-if policy is not met.
+requests from processes that have no groups in common with the target process,
+considering their sets of real and supplementary groups.
+These requests will fail with error
+.Er ESRCH .
+.It Dv security.bsd.see_jail_proc
+Setting this sysctl to zero disallows
+.Fn ptrace
+requests from processes belonging to a different jail than that of the target
+process, even if the requesting process' jail is an ancestor of the target
+process'.
+These requests will fail with error
+.Er ESRCH .
 .It Dv securelevel and init
 The
 .Xr init 1

From nobody Thu Dec 21 13:43:45 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8f4h3bz54ptw;
	Thu, 21 Dec 2023 13:43:46 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8d6yphz4Njm;
	Thu, 21 Dec 2023 13:43:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166226;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Jbun8UmCQHxsKwYuDuFgUsmCpiNRvfktTFg8+Xr0Gs0=;
	b=IAN7x0mEOaM1qzUg0gky6NStL31BQqIWCLkruhNIdufk+CdK6I1+d1+SHBbZNz3Ct19TRF
	SZtUx9X+H+FoMXIKIAD320fvHynSDo89STFS+VRX0yRGEwxG3oC9eWGt+Sf5gcoGvMQe0Q
	JuWh53ldGQhTzCPy5dR1xOSZSpkI94K/09Aek2s3SXwyIm2EDVivf1QyIfEpkhYiHY0QLS
	RjD1UvCDBTKXYMnMX8bVBQ8n1QtgsqqG2ooKHKFg4yo2ASXdDxqnO02hzEhE5IePPXRlU7
	CFXGS6/xEVbSRHJahzBdzUMCZyVd3v0MM34TtYKtdUUSb1PDPPk6ehDXRFFiSQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166226; a=rsa-sha256; cv=none;
	b=q1i/rr8Jzj+SC2k01Y+R8P9qYs/YW5Fwv4CG2aRe8EFvA9kOBCY3d+ztKOsHjoWTTpo3wK
	QcSI6B7AqGrWXhLVFE2GM4r0LvyrgBsyb0KrOo6xrQTQqsFxHSxtfzT5jUBkco8KK/9ar1
	OrhQtxh2/mj7tlqQVXroTTjoVaDf5Fz+knBBe9sJdg8A2m0QfwOH3qPLVi2WDykW8SKgsV
	Y+Uh8N2Lyu1k37C7ocR5rb2KWplKRFAd5Q9E8cNr/AIqCZ65IFBqyP6Wcjcorg4h8Y8ADC
	ihgBYNiNZDISwH4LILvjL24ShK9nh6kO8Q5QcgzGq+NuOG/u/2HybjBBt+eXxA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166226;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Jbun8UmCQHxsKwYuDuFgUsmCpiNRvfktTFg8+Xr0Gs0=;
	b=oV117lHcL+xSCpaZwP8yLeVoIbLOn8vlDaYbVJtHoQoyvILhmCxwNQRp9aPKL/w4j4D272
	tkDtPFZYbv+b24CYzlFPfP8hsakmhEn3xdLEiP8a8Ly+Hd0sGDYOQ3DRDNq7EQrMjk3bgd
	1uiw5YcFyGOK9hflXmcjFiQt43Epf346DvZ8C2sZQ7nyWFE86ZK1y8X/rGaEamE4vBJYDw
	hVtyA46mzT2X9DYYpDtkej3J+uGJKh5maruW6mpvvTpecJCkt7UbwvRnp3s3Vq5gX+uMti
	jcRcQeiXqXFbWPTkoxPJqJ0RiqyQvmBPdYuXMEwnjulfYU41mh7tE/t+o7Mt1Q==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8d64TXzZmP;
	Thu, 21 Dec 2023 13:43:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhjj7079509;
	Thu, 21 Dec 2023 13:43:45 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhjru079506;
	Thu, 21 Dec 2023 13:43:45 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:45 GMT
Message-Id: <202312211343.3BLDhjru079506@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: f63da9704585 - stable/13 - sysctl(8): Mention more
  security.bsd knobs; Refer to security(7)
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: f63da970458592f7488796da4e8c07f9e5314b31
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=f63da970458592f7488796da4e8c07f9e5314b31

commit f63da970458592f7488796da4e8c07f9e5314b31
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:49 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:38:39 +0000

    sysctl(8): Mention more security.bsd knobs; Refer to security(7)
    
    Reviewed by:            mhorne, pauamma_gundo.com, emaste
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D41113
    
    (cherry picked from commit 8d7a48d367ffde2a29419ef943c4099984e3af4d)
    
    Approved by:    markj (mentor)
---
 sbin/sysctl/sysctl.8 | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/sbin/sysctl/sysctl.8 b/sbin/sysctl/sysctl.8
index e404763c5003..11ed75270e28 100644
--- a/sbin/sysctl/sysctl.8
+++ b/sbin/sysctl/sysctl.8
@@ -27,7 +27,7 @@
 .\"
 .\"	From: @(#)sysctl.8	8.1 (Berkeley) 6/6/93
 .\"
-.Dd June 30, 2022
+.Dd August 18, 2023
 .Dt SYSCTL 8
 .Os
 .Sh NAME
@@ -184,8 +184,10 @@ Please refer to
 for more information on which tunables are available and how to set them.
 .Pp
 The string and integer information is summarized below.
-For a detailed description of these variable see
-.Xr sysctl 3 .
+For a detailed description of these variables see
+.Xr sysctl 3
+and
+.Xr security 7 .
 .Pp
 The changeable column indicates whether a process with appropriate
 privilege can change the value.
@@ -222,6 +224,8 @@ String and integer values can be set using
 .It "kern.logsigexit	integer	yes"
 .It "security.bsd.suser_enabled	integer	yes"
 .It "security.bsd.see_other_uids	integer	yes"
+.It "security.bsd.see_other_gids	integer	yes"
+.It "security.bsd.see_jail_proc	integer	yes"
 .It "security.bsd.unprivileged_proc_debug	integer	yes"
 .It "security.bsd.unprivileged_read_msgbuf	integer	yes"
 .It "vm.loadavg	struct	no"
@@ -311,6 +315,7 @@ option has been deprecated and is silently ignored.
 .Xr sysctl 3 ,
 .Xr loader.conf 5 ,
 .Xr sysctl.conf 5 ,
+.Xr security 7,
 .Xr loader 8
 .Sh HISTORY
 A

From nobody Thu Dec 21 13:43:46 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8g4k02z54pty;
	Thu, 21 Dec 2023 13:43:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8g1Y3vz4P2q;
	Thu, 21 Dec 2023 13:43:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166227;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=E/m5nWXpQ8vk/tsvr1K6HjPgD6wZbOeEidmXplB+V3A=;
	b=Dl5XqmxOpRoOrk42uDp/cOpLzwh1X7v7EyZneDQCz9QqUC1CkCqvT28W/Lrb4tDcONtkju
	9nN06MaI5DLedb7nC60IFyZI+YHImS2hzgR98oaa3C+AMuB/0EpL+CEBTmMbvvJO39yQUL
	mNmbzuH93hayRecimpGIv6oStSiCGvc5oS9RHa7AwxO8fWLmN+nzi8u0Y1cWXbW2Rzu14x
	OogrrBlV4oGbNgHI/5wWxRXs+2GUTAFh8zy+pNjLVBfV10pkZUDiFlV7tBTw1Lj4hQytZd
	Ieyh6kUzuvpyFMTtV1RlK/nnRKRSPlyiqkcp6HKoRw7zxiK4cRu0lW+syJN2mA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166227; a=rsa-sha256; cv=none;
	b=I5xDNFNiyumZ1SfPx9KMTGZ8PnbLdAlI+X3Cd7sh36zSsU3vMdnvhBajpIphPUiPWH/4Ho
	sZle0DYp6lreyb4ku0MU54eio2vMUtTKTX4L4Gq/OJFuXGQe613ViIEFLkIZ1YnRoeST8i
	ApQ7n+sVVq7chwGhpxSBpUJGpdlVzkVgCpUm7Ipn5x9HkQFlsX58jgGBdFNI1RUOKOsxsW
	GGxrvBZHigC29rQFV3S/ieoAdsr5RqZ5vF83qTVunIp41+yZfokHTXWbGNaREcUjeAgPGz
	oJ0T2oxAS2LM4VKW0xn1siS78n+xoIHp1uk+XTdZtQGzjf0Z+p9vPP+7203T1w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166227;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=E/m5nWXpQ8vk/tsvr1K6HjPgD6wZbOeEidmXplB+V3A=;
	b=GZ3j1b9f3t6+Hp8w8cB2O79+qLf/G+PyiQLK1CqA/mqW87vESA8yqUtX/7TIsY/Fr8vpJB
	bEOORNxojU7ykAuMbXUcyK40ePXGa+AFocQ1vc1FoSOqZZcdCIlsbFAOBqQ+N0Pz0LKtlA
	A6c7csioWdzAJGwrKw6LbA5sOPwnuRcJ3cauw6PZeTG/FAvQ5IhWc9vKaNy4eiwb85uqh1
	JNLpn07LgFbHz0HWCy8hgKq5AMZ0O/VFbMg93bqASXqPOgQxvtddnx/s2Hx/Ubqoc1H51h
	FL3PtELGC88nAiKkfWUZsh1sd3DEKk/U2OVSYjbFdeBbPHGiNCFKlft3O8oISQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8g0HSLzZmQ;
	Thu, 21 Dec 2023 13:43:47 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhksh079564;
	Thu, 21 Dec 2023 13:43:46 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhksw079561;
	Thu, 21 Dec 2023 13:43:46 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:46 GMT
Message-Id: <202312211343.3BLDhksw079561@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 831792fc07ca - stable/13 - setusercontext(): Fix gap
  when setting a realtime-class priority
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 831792fc07cadd1aa3bc404843f45b8c2982b1bf
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=831792fc07cadd1aa3bc404843f45b8c2982b1bf

commit 831792fc07cadd1aa3bc404843f45b8c2982b1bf
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-05-25 07:10:27 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:38:46 +0000

    setusercontext(): Fix gap when setting a realtime-class priority
    
    The login.conf's "priority" capability allows to set priorities in the
    idle or realtime classes in addition to the classical nice values (-20
    to 20), through a natural extension where values greater than 20 put the
    processes in the idle class (with priority adjusted within RTP_PRIO_MIN
    and RTP_PRIO_MAX, 21 being converted to 0, 22 to 1, etc.) and values
    lower than -20 put the process in the realtime class (with priority
    adjusted within RTP_PRIO_MIN and RTP_PRIO_MAX, -21 being converted to
    RTP_PRIO_MAX (31), -22 to 30, etc.).
    
    Before this fix, in the latter case (realtime class), -21 was converted
    to 30, and RTP_PRIO_MAX (31) could never be specified.
    
    While here, change the priority computation for the idle-class case to
    be symmetrical and use RTP_PRIO_MIN (in practice, this changes nothing
    at all, since RTP_PRIO_MIN is 0; but this is the correct theoretical
    formula, which would work as well with other values of RTP_PRIO_MIN).
    
    PR:                     271727
    Reviewed by:            imp, kib
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40339
    
    (cherry picked from commit bd572be78436473a2ad4c1b78728b739c74ef238)
    
    Approved by:    markj (mentor)
---
 lib/libutil/login_class.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/libutil/login_class.c b/lib/libutil/login_class.c
index f561479690c1..90a3ec5d106a 100644
--- a/lib/libutil/login_class.c
+++ b/lib/libutil/login_class.c
@@ -452,7 +452,7 @@ setusercontext(login_cap_t *lc, const struct passwd *pwd, uid_t uid, unsigned in
 
 	if (p > PRIO_MAX) {
 	    rtp.type = RTP_PRIO_IDLE;
-	    p -= PRIO_MAX + 1;
+	    p += RTP_PRIO_MIN - (PRIO_MAX + 1);
 	    rtp.prio = p > RTP_PRIO_MAX ? RTP_PRIO_MAX : p;
 	    if (rtprio(RTP_SET, 0, &rtp))
 		syslog(LOG_WARNING, "rtprio '%s' (%s): %m",
@@ -460,7 +460,7 @@ setusercontext(login_cap_t *lc, const struct passwd *pwd, uid_t uid, unsigned in
 		    lc ? lc->lc_class : LOGIN_DEFCLASS);
 	} else if (p < PRIO_MIN) {
 	    rtp.type = RTP_PRIO_REALTIME;
-	    p -= PRIO_MIN - RTP_PRIO_MAX;
+	    p += RTP_PRIO_MAX - (PRIO_MIN - 1);
 	    rtp.prio = p < RTP_PRIO_MIN ? RTP_PRIO_MIN : p;
 	    if (rtprio(RTP_SET, 0, &rtp))
 		syslog(LOG_WARNING, "rtprio '%s' (%s): %m",

From nobody Thu Dec 21 13:43:48 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8h421Cz54pZZ;
	Thu, 21 Dec 2023 13:43:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8h2Wz7z4Nv8;
	Thu, 21 Dec 2023 13:43:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166228;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=oXnjtu7A64q7FVmJNhyulKJObsXH2WnMqvEUbGT1nh8=;
	b=kUU88HLqka4rME/AvWaEQmaKiC781IXAgTyHmyJEEj6fYGStrLdGlyYPzuR+Fc+hc5vYPl
	Rw4HBs8L5Tlyr8dSTyaUrbxuFIBWBd53UpYpINYI7JZ4fii3v86ra3FBf8FnwSDWfaiFJA
	9/JTo8NKYlfdGOhob7jpHHrbJQA5CBHg5+UaK3V6hWnSU5GT7OCIEFzNsJJMMwYPBBxdlY
	QVbGIoA+JwOa2Ib837rx0AiD1zRLp55uHrtf8DsQwV4Bc/xJ8EsxzTWIeKlIu+kXJYBg5b
	0Vs2XJAKFkyS0ibnzA6/wJynpBouSJRKdQW2/+t1cTwF3tTGA5TBJhyKkatHdg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166228; a=rsa-sha256; cv=none;
	b=WLg200vsYOLBg4omw8UOBrwUAZmEJH2HYJ5tOKiG9mIWg3zIMYGHkTCaTD/oHLRcYSbGN4
	4Cc48Z9GPxJfy6iaOj9Tj8faNg8hf3dufRgB7oDFDOGcY/oyPnnNoEonPkgzJDmCh8IcnG
	bo9poTrzcHlrlXZA+G621u6e76njwVkkZgvE3VuG9igxse3lU+CzuXpUBcfhos/Sn8VozO
	XwxswLBxIbkw7ghNuiygiHJTI8N5vuT83ODCwVpe0Se//gKnbLx6pwsPIxjA9iu2vuOaLc
	9HxI9GYGGhBldZHF8xoNlOEl2OmHWxbjxi9Zuvc5PxpSfEekjlLTW64vIyeI5w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166228;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=oXnjtu7A64q7FVmJNhyulKJObsXH2WnMqvEUbGT1nh8=;
	b=P0GX0CekAIUBsmhOaDkMP3PHk+1PdiHxRSohvsIa6PhVmlG91DWfHbB0kNe/bEI3oJl0sm
	X61poLmpaF48ovfGEZNWzLmzsbyuNAWN7vTaLR9Rp6DWUiazOIIv/pBeZvJjR0FE699EaC
	R7OSKhyNdxW0xipBhVilWNcWDJ/2YVPDQ1RTqAsn1igdWgNp6Bv5P6HIsMrSkK8YR8Cb/V
	9XEM4nQKVfPjSxJpy8pv9MiIDzsultts5gcrS8odz/nsH2i3p+XqD/dymi7/Plioh7lqsQ
	1jVh/LVUymETp9LzBTu0gT6VE9bl9T8OudYLnlfdWM1SFTDH2t+cAfMnLkU60Q==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8h1bM3zZmR;
	Thu, 21 Dec 2023 13:43:48 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhm3S079621;
	Thu, 21 Dec 2023 13:43:48 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhmB1079618;
	Thu, 21 Dec 2023 13:43:48 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:48 GMT
Message-Id: <202312211343.3BLDhmB1079618@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 6983b8c39ff3 - stable/13 - login_cap.c: Don't set
  errno to ERANGE on memory allocation failure
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 6983b8c39ff36b3a4c1090b5cca97d450dca7b34
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=6983b8c39ff36b3a4c1090b5cca97d450dca7b34

commit 6983b8c39ff36b3a4c1090b5cca97d450dca7b34
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-05-25 11:48:40 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:38:54 +0000

    login_cap.c: Don't set errno to ERANGE on memory allocation failure
    
    Modified functions: login_getcaptime(), login_getcapnum(),
    login_getcapsize().
    
    They all call cgetstr(), which returns -2 on such conditions and already
    sets errno to ENOMEM, arguably the appropriate value for these functions
    as well.
    
    No in-tree consumer currently checks for errno on error reported by
    these functions, so this change has no other code impact.
    
    Reviewed by:            kib
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40342
    
    (cherry picked from commit b8c1aadef9d80786daf731300c33d3a001261422)
    
    Approved by:    markj (mentor)
---
 lib/libutil/login_cap.c | 21 ++++++++-------------
 1 file changed, 8 insertions(+), 13 deletions(-)

diff --git a/lib/libutil/login_cap.c b/lib/libutil/login_cap.c
index dd7bcefabea6..2b19218a8aaa 100644
--- a/lib/libutil/login_cap.c
+++ b/lib/libutil/login_cap.c
@@ -653,10 +653,8 @@ login_getcaptime(login_cap_t *lc, const char *cap, rlim_t def, rlim_t error)
 
     if ((r = cgetstr(lc->lc_cap, cap, &res)) == -1)
 	return def;
-    else if (r < 0) {
-	errno = ERANGE;
+    else if (r < 0)
 	return error;
-    }
 
     /* "inf" and "infinity" are special cases */
     if (isinfinite(res))
@@ -738,19 +736,18 @@ login_getcapnum(login_cap_t *lc, const char *cap, rlim_t def, rlim_t error)
     /*
      * For BSDI compatibility, try for the tag=<val> first
      */
-    if ((r = cgetstr(lc->lc_cap, cap, &res)) == -1) {
+    r = cgetstr(lc->lc_cap, cap, &res);
+    if (r == -1) {
 	long	lval;
 	/* string capability not present, so try for tag#<val> as numeric */
 	if ((r = cgetnum(lc->lc_cap, cap, &lval)) == -1)
 	    return def; /* Not there, so return default */
-	else if (r >= 0)
+	else if (r < 0)
+	    return error;
+	else
 	    return (rlim_t)lval;
-    }
-
-    if (r < 0) {
-	errno = ERANGE;
+    } else if (r < 0)
 	return error;
-    }
 
     if (isinfinite(res))
 	return RLIM_INFINITY;
@@ -789,10 +786,8 @@ login_getcapsize(login_cap_t *lc, const char *cap, rlim_t def, rlim_t error)
 
     if ((r = cgetstr(lc->lc_cap, cap, &res)) == -1)
 	return def;
-    else if (r < 0) {
-	errno = ERANGE;
+    else if (r < 0)
 	return error;
-    }
 
     if (isinfinite(res))
 	return RLIM_INFINITY;

From nobody Thu Dec 21 13:43:49 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8j73pkz54px9;
	Thu, 21 Dec 2023 13:43:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8j4Dq3z4NxS;
	Thu, 21 Dec 2023 13:43:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166229;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=GwzrBFcrRbljMUCEwpq0s15BkVBOjodAkkPd99nm9e4=;
	b=qWD2TUF96/E99Z4WUfhQD9KqyihYfMY4/CkylKd0m4OrmlgzfJ4p4WWcUZEH1oT5JGMQK/
	vRYAKiO/TJC+qaaaNbC18g3sphPdLgT6DGc5yoM+AoNY1bG/HCZr7FzGjuwn2NtZNHQdMG
	OG78ajCkJBLeeGuiknpv+6qKMzE85OPWwE7ZaAM4ydusn+dw4N6jrMnAJrHEFlumwio0+o
	wwGvtLclGVTYYfjZx7wBM2ozuH4dzEd9iCjLSjbUmvBOCAU2gzMiTow1qGa5fasfwEjKMb
	2Gec/Fx32ONfvPDPxb3h0kBnZ797o0EBIDI8WahpB97aOl2xeCjfvVsm5VlLQQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166229; a=rsa-sha256; cv=none;
	b=rfg0dNfcyY9bnu44/KY7Ts4y7VCyjK439SrA7zgjxeeMgK6+KArU0+gsc7wq+ceLn/1APd
	ZFyn0vfY0fMCSiIOiA53WW7/sQ81ER0zhIgLK9rWHGFBwtUFwdmBWzFgNwrI6fHjOJOa28
	VruW16Q6BRo9vvuNA4rBEDvF2uA7p5sfvxn1VJKfh+XFFNuhIYE7hnz8j8XTnU6rq5Kh11
	RA2fS34xssAdJ3EaNIMSaPuv9LyOTrC4A/HOPjsDavb2I1VCbRJP9yGQ9VXcU9nfsSWmkn
	c00q5a9uUpixn20eW72nzCpIKndwg3EqfYV9+cxGPRbWrSfXWfvgNHwqnWvgEA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166229;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=GwzrBFcrRbljMUCEwpq0s15BkVBOjodAkkPd99nm9e4=;
	b=J5qM2uePnS2uD7AJ45jo62g6TsFZ9dvybu6dX6JcfHjk7la1HmglT7pp3Qqpl/cAKQAwG1
	yL7f7h00NFsoh4s+MuSxEVDZXBwTAE/VS9qD8cDBk0Kbt1lsE1fGMRCp+7HzjLQY/Z3U+I
	YlLxC/RRQx+aQyPzXMdLlmPxe3OTn06x/h+9b6fPanC0rrQr8Zj1jJuSViZQHepX5sBFZR
	oSUA+a39UgOGd6930l8WUuV6/F3pt9UWlS1wdlVEqT6FraLoPBvb9nFRkyoLScXaNXbmMx
	gGvGjdSxzY4+sVIrErLgP0IBv+gsMiQmbci4jTGvjk97rwEj6bi+yQHlsbNKGg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8j2qcczZRV;
	Thu, 21 Dec 2023 13:43:49 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhncF079681;
	Thu, 21 Dec 2023 13:43:49 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhnYl079678;
	Thu, 21 Dec 2023 13:43:49 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:49 GMT
Message-Id: <202312211343.3BLDhnYl079678@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 9fcf54d3750e - stable/13 - setusercontext(): Apply
  personal settings only on matching effective UID
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 9fcf54d3750e379868e51e4aa7fbf696877ab2ed
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=9fcf54d3750e379868e51e4aa7fbf696877ab2ed

commit 9fcf54d3750e379868e51e4aa7fbf696877ab2ed
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-05-30 16:35:08 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:39:03 +0000

    setusercontext(): Apply personal settings only on matching effective UID
    
    Commit 35305a8dc114 (r211393) added a check on whether 'uid' was equal
    to getuid() before calling setlogincontext().  Doing so still allows
    a setuid program to apply resource limits and priorities specified in
    a user-controlled configuration file ('~/.login_conf') where
    a non-setuid program could not.  Plug the hole by checking instead that
    the process' effective UID is the target one (which is likely what was
    meant in the initial commit).
    
    PR:                     271750
    Reviewed by:            kib, des
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40351
    
    (cherry picked from commit 892654fe9b5a9115815c30a423b8db47185aebbd)
    
    Approved by:    markj (mentor)
---
 lib/libutil/login_class.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/libutil/login_class.c b/lib/libutil/login_class.c
index 90a3ec5d106a..1036e9f9208c 100644
--- a/lib/libutil/login_class.c
+++ b/lib/libutil/login_class.c
@@ -546,7 +546,7 @@ setusercontext(login_cap_t *lc, const struct passwd *pwd, uid_t uid, unsigned in
     /*
      * Now, we repeat some of the above for the user's private entries
      */
-    if (getuid() == uid && (lc = login_getuserclass(pwd)) != NULL) {
+    if (geteuid() == uid && (lc = login_getuserclass(pwd)) != NULL) {
 	mymask = setlogincontext(lc, pwd, mymask, flags);
 	login_close(lc);
     }

From nobody Thu Dec 21 13:43:50 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8k71ZBz54pry;
	Thu, 21 Dec 2023 13:43:50 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8k4gjCz4P13;
	Thu, 21 Dec 2023 13:43:50 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166230;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=joowXEK13rKkqh08w4CnM4/yUtFa+fywlaqxsnvu1Ds=;
	b=emzJcwTflIDTiPzAllSZanaUpzNgyVMgMewiPjsD+0bTwRfTAHdS5tGWwofXcEDZdyqM94
	XhF0kp+TpcivGFcZG8AjHdpYzXIhTdxC9J7/3Qj7M/43lyyf5dyRyqmvADmkaXwUtewObK
	Pgr4hsvG6KXVXTjZVOuqrZaUt1uyslurOlPfrw+JcTUbIQ9GUM5c5YkoIYTpjTcrhGLAaN
	CCbG8Zt4JFgFiVLozZ6rfXN8KJtwva7iQSpKGxAuNlIEXvKtKqY9PGWNaNtNrz7A6ko7KW
	L309OFVYu7dTiv9QkKSJRlUeqebl9VTm5NUJGY5ritqHOZj7VVYEWCeJqNIJIQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166230; a=rsa-sha256; cv=none;
	b=lDc2Ed9Sm+Vpqk8i3LF0z0FoltSQRih8i9IYr7NC443V4bc59JifTvEOCQnanTKCV198nu
	JUGK+OpFIMpl7uxect82u1LeNoO3AToYq/zdqxfAJ/ZO7N9JYwuO4E9Eo9Kb2xRGs3EgED
	o+eEC5G8hilMNj/ikGnpONJ+l4G5DksbTLGONOilEsxeVCTDJxHcSIhXe6zQ9h+ux9uKwh
	9ml2hMXuHdW2Ts//DpQ7E8z7pak6HdMduQAovCa6R030K9uIvj0x69LrQ2cjR9OrOE/0rH
	/+9FgkK5uBISpKhZz7jAxaJ9lh1TdPTRURhfNBy6hgprX57t8Wr457sxGhmkjg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166230;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=joowXEK13rKkqh08w4CnM4/yUtFa+fywlaqxsnvu1Ds=;
	b=rujSsMIYXVkgSyu+3giTONjpF152Gbea7A0K3T0LykgY+Rq/oPtsMfwB+HUWm9JQ/TxY4v
	6lUrv4CzyxUoNxuJyrRna4fKYA6pu3JDYUccx1d//Oweiw/MSiw6d4UnEl/hpMd199Wxph
	K0HJ8PJMcRbL03mpb1RBGhFV/iaO/YdeygYPjpl7s5wwBO5u7dr8e4Oc17hRY5zvfpgp/x
	SpKeqywFPvsMO2JKStO98/6PxZHMlivkGIcapX8bXrh6W3cDgRYeyH5lU7f8izie5gDvvw
	s/mDyJ86ctC085aTHsEOSD9yOZivEkho6YW6FpYwMbnIk/pQvO9bJG3Vw3Jb7Q==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8k3mflzZRW;
	Thu, 21 Dec 2023 13:43:50 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhodg079717;
	Thu, 21 Dec 2023 13:43:50 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhoR7079714;
	Thu, 21 Dec 2023 13:43:50 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:50 GMT
Message-Id: <202312211343.3BLDhoR7079714@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: a10630ef818f - stable/13 - pdinit(): Fix comment
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: a10630ef818f05ada0c52f7f0cd35d8036052c5a
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=a10630ef818f05ada0c52f7f0cd35d8036052c5a

commit a10630ef818f05ada0c52f7f0cd35d8036052c5a
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-09-26 10:26:46 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:39:11 +0000

    pdinit(): Fix comment
    
    Reviewed by:            markj, kib
    Sponsored by:           The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D42256
    
    (cherry picked from commit 56bb3ce091371ffd95711c65e1eff306a19435e2)
    
    Approved by:    markj (mentor)
---
 sys/kern/kern_descrip.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c
index de6bfe8bc1ae..0bd011ac2425 100644
--- a/sys/kern/kern_descrip.c
+++ b/sys/kern/kern_descrip.c
@@ -2255,7 +2255,7 @@ fdinit(struct filedesc *fdp, bool prepfiles, int *lastfile)
  * Build a pwddesc structure from another.
  * Copy the current, root, and jail root vnode references.
  *
- * If pdp is not NULL, return with it shared locked.
+ * If pdp is not NULL and keeplock is true, return with it (exclusively) locked.
  */
 struct pwddesc *
 pdinit(struct pwddesc *pdp, bool keeplock)

From nobody Thu Dec 21 13:43:51 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8m0Sxqz54pZg;
	Thu, 21 Dec 2023 13:43:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8l68bqz4P3p;
	Thu, 21 Dec 2023 13:43:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166231;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=9rkVRlJQMtwi9lF4hmZpbfebS3gnbTclqKWJVskU2XM=;
	b=c2yJO51t0CptJyWdDGDi3LGmyTQbN//55OOt385fnIDV+SyD2FIB0BHAomohX74fsWdiVf
	7oh8CQE5F5+z54eJrApgGPDGeYCTb6Q3rkndJ7YgmtdtVqT7eXddsLO1mrzxh/SAZ/5E4Q
	BNvb+zGt0+ijunqFOO0Jzo4Ydle000oqeUTsfEJURKUBt80mVUhHVlKtjKzvbNAyedx2PW
	I15U9+MtLUg5+VJNkRHe1iXa26JEehEuvHnAWdFqbB1cj3QrgF3zE/7/bSzvfOfWcWCDbK
	cor4BbwbnoqN4sccFgnSWabI+atu8YMx9/cxwAhusIKMaSCRThGvXCw5NWUY1Q==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166231; a=rsa-sha256; cv=none;
	b=VIsKkAGzK83NXmZBmGPmN0wWjAXQ74+qogTbpHopnRSQtW+XqRjs9Yrey8U+aQJEE2DSUt
	9/l3XaV3lDStBQV+TOC9L4WrjPErEtZMEiFk+SjgUKt2JBPzgjaNu45uzazl7pqa9PxPlt
	xHxC/olU3q1Z0MhlJ21kPeWnSuqrKR5TI6MdPyNZR3kFaxcXcXs1vrHhwZIWN35HVQiq67
	F69GkU3154cc4HWB5fVpgKiW8Xz775o/k4SCBEWXduIOkXfrl6ODWe2HMhHk1Am297p4mC
	aeotX5ulBjk13y2MEykDz59frr/GV6pH0bEwZMePoKtml7aeJBiqoZU0wt3X/g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166231;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=9rkVRlJQMtwi9lF4hmZpbfebS3gnbTclqKWJVskU2XM=;
	b=m13KLrio5deTUwWOFyWfIfv6A9NAksRk6jWqAKq0rWF32k/pIPi5WiXJQLDSaijTGjJH+F
	Lvg7kldueT9QIgkHSmkZw8GjJ0mrUIgRmLyTqFtVIjxQGDqy1CuBiMVd+jXT04r4THBNiG
	iDdJiV0AgmHW2dpYa4CfJa3fbH4yz7kmruDg7GhyFCtp8snzMMF7VEdcDgX78SlfdMyASm
	vCLTexXwnp+6zOYfER3+ZGuS2lVe1YNYOw7o17Wm1Wg4hAxeXaEiXnJhM3ceIhvbc6n6Rb
	6nN92EpKCgax6rDDHCRUUnC6IGklD7V83Sh3vDHLjihtD8sjgGehAxiy8a6O3A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8l54t2zZdJ;
	Thu, 21 Dec 2023 13:43:51 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhpLj079768;
	Thu, 21 Dec 2023 13:43:51 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhpx8079765;
	Thu, 21 Dec 2023 13:43:51 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:51 GMT
Message-Id: <202312211343.3BLDhpx8079765@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 037c104ca4a7 - stable/13 - Ensure "init" (PID 1) also
  executes userret() initially
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 037c104ca4a71b7510799c6fff5fa031c070319f
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=037c104ca4a71b7510799c6fff5fa031c070319f

commit 037c104ca4a71b7510799c6fff5fa031c070319f
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-10-10 17:36:20 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:39:18 +0000

    Ensure "init" (PID 1) also executes userret() initially
    
    Calling userret() from fork_return() misses the first return to
    userspace of the "init" (PID 1) process.  The latter is indeed created
    by fork1() followed by a call to cpu_fork_kthread_handler() call that
    replaces fork_return() by start_init() as the function to execute after
    fork.
    
    A new process' initial return to userspace in the end always happens
    through returning from fork_exit(), so move userret() there instead to
    fix the omission.
    
    This problem was discovered as part of a revamp of scheduling priorities
    that lead to experimenting with asserting and sometimes resetting
    priorities in sched_userret(), in the course of which the author
    stumbled on panics being triggered only in init() or only in other
    processes, depending on the modifications to sched_userret().  This
    change currently has no practical effect but will have some in the near
    future.
    
    Reviewed by:            markj, kib
    Sponsored by:           The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D42257
    
    (cherry picked from commit eac624207ccf3a16225368d226861b06e3631d0d)
    
    Approved by:    markj (mentor)
---
 sys/kern/kern_fork.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c
index 59ffcce70966..114eeeb2a943 100644
--- a/sys/kern/kern_fork.c
+++ b/sys/kern/kern_fork.c
@@ -1161,9 +1161,15 @@ fork_exit(void (*callout)(void *, struct trapframe *), void *arg,
 	}
 	mtx_assert(&Giant, MA_NOTOWNED);
 
+	/*
+	 * Now going to return to userland.
+	 */
+
 	if (p->p_sysent->sv_schedtail != NULL)
 		(p->p_sysent->sv_schedtail)(td);
 	td->td_pflags &= ~TDP_FORKING;
+
+	userret(td, frame);
 }
 
 /*
@@ -1214,8 +1220,6 @@ fork_return(struct thread *td, struct trapframe *frame)
 	if (!prison_isalive(td->td_ucred->cr_prison))
 		exit1(td, 0, SIGKILL);
 
-	userret(td, frame);
-
 #ifdef KTRACE
 	if (KTRPOINT(td, KTR_SYSRET))
 		ktrsysret(td->td_sa.code, 0, 0);

From nobody Thu Dec 21 13:43:52 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8n3nPvz54pZk;
	Thu, 21 Dec 2023 13:43:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8n0T57z4P44;
	Thu, 21 Dec 2023 13:43:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166233;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=AmTFiowc03Q8tJJk2QidWtshYZtP6b0WxCqho8gsrNs=;
	b=xxEXePt/ZZYpQ3C3BJGehSy3yXxhUMIsJ1pkcy6wqNe68SPzu53b4Mf63TeZKmc7Fjo3eU
	QMtBktWNR4TgG3XWtdvNZFuN1EGIzuYjnpCPM8LQ9FH7UOwQMF8eZEhtQayrnnG7FZ5Klm
	zO/y6pEY4CVFjusi/ASxPNLPh+NZL7wA4SY9JMZ4WLh9V7xUSNpcZHayiPZFBVhOLex3C5
	8X3tddch7X1GJoMU78j6hJVlgW/FumuwdxnsqXtllH42Bo5IM8ShcwKgLp/EzljbB3FUZ9
	KgTqGLyFYKmaQCCAm43OylclihLyF+j8W/ljv/GE1idEFg/uiiX6pUSW5yUBRg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166233; a=rsa-sha256; cv=none;
	b=K/t9EoqqFzKKUmKRgKfAKBBt/6aorUBSjMbWzQKujL/PSlF5/8n9hhbQHmr+qDBt/hZez9
	tYiUCGO7uAvY5+ickuyKaikMZnm4oGTnchdpJaU5tPXwTK6f4a4eeb5JPJPfBYyArkCm1t
	DBYWDt1hljtssgjL7TmUDTfIYgsqKiPYh20lG3XM+BQEF39BmoMF33qJiCNieLpeJwJScb
	WrPcxcZx9yrnZCHKEhho58gxGJSwfbSJcYH2uBjWcpHlFExQe/SDFeI5Y7DN5gqL/i3MGp
	HTKMHubVp0IejG2Xx3SRx5n9/V9q66MJoOVQBUiXiZyqsQ0UETqIM5hgZgKBUw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166233;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=AmTFiowc03Q8tJJk2QidWtshYZtP6b0WxCqho8gsrNs=;
	b=W63muFoLNag6OjnKymuDVKDiowVsCBB8BfN7vo1PxG2vYblg0ALecm0pah11B69cP2LlGl
	a2h/KhEb7na5bplxyW+hvy/IRDjVKDfCsAROzfODd+ai6mX4wKoRwzzDFFAgUa7YmAH7gr
	VIS9irHNiFkhXTh4QyC2i4zaoyIF3zxHAfiAJGPl1cTvWcevjBnO78pkcJ64Zl+yphFHy7
	4JVy3QKY2092lvz09Wk3MqctkfrTlhjInCfFjJ3y+9UwNOfG+JXHQ8aR4K1syqAEF6pzjs
	OH3BEqb+PY43T0+3I2FmWc6Vy9IrmV45zeGVQR2piWixY7/Qqsy/exsVftrqUg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8m6hKNzZRX;
	Thu, 21 Dec 2023 13:43:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhqUG079813;
	Thu, 21 Dec 2023 13:43:52 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhqb6079810;
	Thu, 21 Dec 2023 13:43:52 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:52 GMT
Message-Id: <202312211343.3BLDhqb6079810@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 56c53cc8fb3e - stable/13 - uma: Hide 'uma_align_cache';
  Create/rename accessors
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 56c53cc8fb3edaed82678440da5cf8e0dc482d03
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=56c53cc8fb3edaed82678440da5cf8e0dc482d03

commit 56c53cc8fb3edaed82678440da5cf8e0dc482d03
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-10-13 09:52:28 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:39:26 +0000

    uma: Hide 'uma_align_cache'; Create/rename accessors
    
    Create the uma_get_cache_align_mask() accessor and put it in a separate
    private header so as to minimize namespace pollution in header/source
    files that need only this function and not the whole 'uma.h' header.
    
    Make sure the accessors have '_mask' as a suffix, so that callers are
    aware that the real alignment is the power of two that is the mask plus
    one.  Rename the stem to something more explicit.  Rename
    uma_set_cache_align_mask()'s single parameter to 'mask'.
    
    Hide 'uma_align_cache' to ensure that it cannot be set in any other way
    then by a call to uma_set_cache_align_mask(), which will perform sanity
    checks in a further commit.  While here, rename it to
    'uma_cache_align_mask'.
    
    This is also in preparation for some further changes, such as improving
    the sanity checks, eliminating internal resolving of UMA_ALIGN_CACHE and
    changing the type of the 'uma_cache_align_mask' variable.
    
    Reviewed by:            markj, kib
    Sponsored by:           The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D42258
    
    (cherry picked from commit dc8f7692fd1de628814f4eaf4a233dccf4c92199)
    
    Approved by:    markj (mentor)
---
 sys/arm/arm/cpufunc.c                              |  2 +-
 .../linuxkpi/common/include/linux/dma-mapping.h    |  4 +--
 sys/vm/uma.h                                       |  6 ++--
 sys/vm/uma_align_mask.h                            | 36 ++++++++++++++++++++++
 sys/vm/uma_core.c                                  | 18 ++++++++---
 5 files changed, 56 insertions(+), 10 deletions(-)

diff --git a/sys/arm/arm/cpufunc.c b/sys/arm/arm/cpufunc.c
index 32b3d2f869c9..f2845eb80f3b 100644
--- a/sys/arm/arm/cpufunc.c
+++ b/sys/arm/arm/cpufunc.c
@@ -254,7 +254,7 @@ set_cpufuncs(void)
 	panic("No support for this CPU type (%08x) in kernel", cputype);
 	return(ARCHITECTURE_NOT_PRESENT);
 out:
-	uma_set_align(arm_dcache_align_mask);
+	uma_set_cache_align_mask(arm_dcache_align_mask);
 	return (0);
 }
 
diff --git a/sys/compat/linuxkpi/common/include/linux/dma-mapping.h b/sys/compat/linuxkpi/common/include/linux/dma-mapping.h
index 4a53b7675302..fb63a45ac307 100644
--- a/sys/compat/linuxkpi/common/include/linux/dma-mapping.h
+++ b/sys/compat/linuxkpi/common/include/linux/dma-mapping.h
@@ -43,6 +43,7 @@
 
 #include <vm/vm.h>
 #include <vm/vm_page.h>
+#include <vm/uma_align_mask.h>
 #include <vm/pmap.h>
 
 #include <machine/bus.h>
@@ -350,8 +351,7 @@ dma_max_mapping_size(struct device *dev)
 #define	dma_unmap_len(p, name)			((p)->name)
 #define	dma_unmap_len_set(p, name, v)		(((p)->name) = (v))
 
-extern int uma_align_cache;
-#define	dma_get_cache_alignment()	uma_align_cache
+#define	dma_get_cache_alignment()	uma_get_cache_align_mask()
 
 
 static inline int
diff --git a/sys/vm/uma.h b/sys/vm/uma.h
index 954d64c4d63b..4225bd83ba23 100644
--- a/sys/vm/uma.h
+++ b/sys/vm/uma.h
@@ -470,12 +470,14 @@ void uma_zone_reclaim_domain(uma_zone_t, int req, int domain);
  * alignment.  Should be called by MD boot code prior to starting VM/UMA.
  *
  * Arguments:
- *	align The alignment mask
+ *	mask The alignment mask
  *
  * Returns:
  *	Nothing
  */
-void uma_set_align(int align);
+void uma_set_cache_align_mask(int mask);
+
+#include <vm/uma_align_mask.h>
 
 /*
  * Set a reserved number of items to hold for M_USE_RESERVE allocations.  All
diff --git a/sys/vm/uma_align_mask.h b/sys/vm/uma_align_mask.h
new file mode 100644
index 000000000000..666633350b9d
--- /dev/null
+++ b/sys/vm/uma_align_mask.h
@@ -0,0 +1,36 @@
+/*-
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2023 The FreeBSD Foundation
+ *
+ * This software was developed by Olivier Certner <olce.freebsd@certner.fr>
+ * at Kumacom SAS under sponsorship from the FreeBSD Foundation.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef _VM_UMA_ALIGN_MASK_H_
+#define _VM_UMA_ALIGN_MASK_H_
+
+int uma_get_cache_align_mask(void) __pure;
+
+#endif /* !_VM_UMA_ALIGN_MASK_H_ */
diff --git a/sys/vm/uma_core.c b/sys/vm/uma_core.c
index 679fd5ef1187..506bc63033ba 100644
--- a/sys/vm/uma_core.c
+++ b/sys/vm/uma_core.c
@@ -149,7 +149,7 @@ static uma_zone_t slabzones[2];
 static uma_zone_t hashzone;
 
 /* The boot-time adjusted value for cache line alignment. */
-int uma_align_cache = 64 - 1;
+static int uma_cache_align_mask = 64 - 1;
 
 static MALLOC_DEFINE(M_UMAHASH, "UMAHash", "UMA Hash Buckets");
 static MALLOC_DEFINE(M_UMA, "UMA", "UMA Misc");
@@ -3182,7 +3182,7 @@ uma_kcreate(uma_zone_t zone, size_t size, uma_init uminit, uma_fini fini,
 	args.size = size;
 	args.uminit = uminit;
 	args.fini = fini;
-	args.align = (align == UMA_ALIGN_CACHE) ? uma_align_cache : align;
+	args.align = (align == UMA_ALIGN_CACHE) ? uma_cache_align_mask : align;
 	args.flags = flags;
 	args.zone = zone;
 	return (zone_alloc_item(kegs, &args, UMA_ANYDOMAIN, M_WAITOK));
@@ -3191,11 +3191,19 @@ uma_kcreate(uma_zone_t zone, size_t size, uma_init uminit, uma_fini fini,
 /* Public functions */
 /* See uma.h */
 void
-uma_set_align(int align)
+uma_set_cache_align_mask(int mask)
 {
 
-	if (align != UMA_ALIGN_CACHE)
-		uma_align_cache = align;
+	if (mask >= 0)
+		/* UMA_ALIGN_CACHE is also not permitted here. */
+		uma_cache_align_mask = mask;
+}
+
+/* Returns the alignment mask to use to request cache alignment. */
+int
+uma_get_cache_align_mask(void)
+{
+	return (uma_cache_align_mask);
 }
 
 /* See uma.h */

From nobody Thu Dec 21 13:43:55 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8q4QlYz54pg5;
	Thu, 21 Dec 2023 13:43:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8q2qB2z4P8G;
	Thu, 21 Dec 2023 13:43:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166235;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=rX0nnBeO3OgmMkgPX40lyUYRO6MG2WHjn9qFQKKBJF4=;
	b=GJiGN6FmUPSEc1pHYi2ViFEAeFeIL6VInOMfMDmjDdIDgCR7FvkrUzTXN36DSXvzHpSmSz
	nSHJH0jkwqSLsqVqmMqVJgKp7W0osIx/yR6FSt0P5Ln7SIqJPavyne9r8qyCoHvneOXP+s
	h2DCE7jROHlyuEvrkPz5iiWzhj6GuwkGK1DS4I3f4KQoegtA32O8X4NrQ3oH0OynAoENdw
	DQm/nZI39Iyue4FWadJ98gH4J+a+r6g9Ye80lYGuYE0AhhKkGIBWsDKI/O37AwdNJZ8MTc
	AHfcxjXa4j01oIHzVPix5hRzDWxb9rPVUl+d5CnjpHRXx+/PXLKP7vFHxd0uew==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166235; a=rsa-sha256; cv=none;
	b=VzuvHgY5hxxiqZsXNpqkdaxfeg6HNiQqtwklmrYuz2/biwyvKZzHlLYpm+LEl7u+SiswXI
	Zf0ghnt67rk99JfX1RLsZexaZ8/4FbnP3ZMuSyOz+dHnbw5ZoiJMrw6kSS9xXAl1APeMdK
	k5AZDbnDjU2qwdyeaPKdtGtIdrLcTjAsKtuR06Gpqu7EZClYXrASzuQ+SNlwv+8HvW4wGC
	68JrJgcUQ3eB9PZbModZl/oRdtG60TqPeAhZPoYQJajt8bAygwP2EcM0V/Bwe53snsJFBC
	7c3kLMCuPZ5lBZaX/O0SYNjRuq53D9GUu0LXkokT+AQxRzsxcvHhxX8u9b6bhw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166235;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=rX0nnBeO3OgmMkgPX40lyUYRO6MG2WHjn9qFQKKBJF4=;
	b=paHVRMBRuz988BMNpPA9wAmgXgfkPb2CIPIjuxseJmYSKVr4i+Rc9vaqI2/bBpb06GbwND
	az6p+2KcPSg6J3T33PR4XiOZViPaNsYfuR3SQPgudwoI14ZC9C1LL5b2QqI1ZUHnNTDIdz
	Q3WEqubbU6NJV4g5zk+oJTyBWjZE+C6DhKs7wFSxuoC3C8cOrcMxAWqfjohChFl8biTJZ3
	oSkelkYMcSd7g450YvVH5bxwkYXxpOPnMN4GMOm7/yB3VQoD9rmoktrIKg0i90mmQAuOHW
	EUVJpG7fPA8iVKN9MH8IhZ6thTu7f3R9C7Z1LrIkbcKKqKbb2lNey31eH9wBmw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8q1wGkzb4L;
	Thu, 21 Dec 2023 13:43:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhtKR079909;
	Thu, 21 Dec 2023 13:43:55 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhtlO079906;
	Thu, 21 Dec 2023 13:43:55 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:55 GMT
Message-Id: <202312211343.3BLDhtlO079906@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: f056e19abe20 - stable/13 - arm: Simplify get_cachetype_cp15()
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: f056e19abe20d14234e24d927a847ea6e2a90c42
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=f056e19abe20d14234e24d927a847ea6e2a90c42

commit f056e19abe20d14234e24d927a847ea6e2a90c42
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-10-13 12:22:14 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:39:43 +0000

    arm: Simplify get_cachetype_cp15()
    
    There's no point in setting 'arm_dcache_align_mask' before the
    function's end.
    
    Reviewed by:            markj, kib
    Sponsored by:           The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D42261
    
    (cherry picked from commit 1bce6f951a902f03bfb354f5b11473a0d12b3d7d)
    
    Approved by:    markj (mentor)
---
 sys/arm/arm/cpufunc.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/sys/arm/arm/cpufunc.c b/sys/arm/arm/cpufunc.c
index f2845eb80f3b..42f718b9773e 100644
--- a/sys/arm/arm/cpufunc.c
+++ b/sys/arm/arm/cpufunc.c
@@ -172,7 +172,6 @@ get_cachetype_cp15(void)
 				    : "=r" (csize));
 				arm_dcache_align = 1 <<
 				    (CPUV7_CT_xSIZE_LEN(csize) + 4);
-				arm_dcache_align_mask = arm_dcache_align - 1;
 			}
 			if (type == CACHE_ICACHE || type == CACHE_SEP_CACHE) {
 				sel = (i << 1) | 1;
@@ -195,10 +194,10 @@ get_cachetype_cp15(void)
 			if (dsize & CPU_CT_xSIZE_M)
 				arm_dcache_align = 0; /* not present */
 		}
-
-	out:
-		arm_dcache_align_mask = arm_dcache_align - 1;
 	}
+
+out:
+	arm_dcache_align_mask = arm_dcache_align - 1;
 }
 
 /*

From nobody Thu Dec 21 13:43:53 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8p3j64z54pv6;
	Thu, 21 Dec 2023 13:43:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8p1XxGz4P4S;
	Thu, 21 Dec 2023 13:43:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166234;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=BCd5NBIlPMmd8a7yaEOMztSJRO27nPtJb2jysDCuBk0=;
	b=uSwaqpgSA2iQCLYa3yOo4d3SiKl6Q/lblUwko0KHly65d0VxkQmQXNy3HW3j2ai+ER1TGb
	pNLNvDPrQf7dxk6B8ziCC0bv/a+I8+c57suTbSbvY6znml7UvJoSbfaL7uo2TakbgHgOqm
	5b6X2sNDI3CQ459987EHTq1fUqmoD9epEAUmLmixbYPxXgekBoxhdTUk5pEBftArmQSSJJ
	O9v2/Vf9248r9OfG4zt0bwJtCyYQBkGwhiuUZc7zmpMer3mtpYJA/FxHmUUhGsWui6e24z
	94l9EUTIXbVwezGIRwNV3n95DT/HnQ2xss6TgqrW0L1dnlOg8ZNisGYL7QZdhw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166234; a=rsa-sha256; cv=none;
	b=E1+aa/7X+6T75n3H04vKVKEx4mqm2E6X0ocJEfdgkvjKqCqq0JBxKSq5mSDApya5Ahq16M
	ng3D4d9Z+kdRWxWetRpYaI3hTheUctEBxEerqfs/qkf88ksqNtK/k+Dd1I3r+WPISnZND+
	Hi7pO5m1EpCR9+uwoKEqhqD30tc0cBFNYprrqYXuxLwjmbfB1KOy9fQW7ce5rIqbP9T8GL
	bUdXCtIPyioy83WuF3xyFhI1LDJ1wD/RvofaWz3DbayK/Xth10qNi8sENfjxd3Cfn7CXua
	KFlu1VVKpQEXD7HddINisKLNAFms3+v2j+kQB5T9nicyFR4sjZHEeZLVrCBQ8Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166234;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=BCd5NBIlPMmd8a7yaEOMztSJRO27nPtJb2jysDCuBk0=;
	b=Mbikiz1dyj6iVfIXx+XFWrQxluar/PJB2/enA+8J877qeQTTol2/sUPaYDcZaT8lbB50u/
	M3ScRRfLdIqNhsncSyUMLYwQkfpcYbC6Y+IlzS1pgGBLWwI1lXAHW44KnNCNUZ9B66rkDd
	X4GN2a00Atw6YXod3nqd/jV0K5OVXvOnD0fThG/tOjgmSecfD5vGxXXsNMDs/NtLo/wi70
	YKXk0CbFR8EZEAgCzWUqKm2FZdUaiXd/IZlmzE4/NtIqwZDqdmWlPL0KEO4ucYyEF9Pcg3
	nZWa7lk+zj0KTFCChDzGytEq6Ps5l6/SjRzbcvZZQWomN/ekv73h1gagWLAfAw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8p0dz4zZfw;
	Thu, 21 Dec 2023 13:43:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhr2f079869;
	Thu, 21 Dec 2023 13:43:53 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhrWX079866;
	Thu, 21 Dec 2023 13:43:53 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:53 GMT
Message-Id: <202312211343.3BLDhrWX079866@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 4e00940e9f1f - stable/13 - uma: UMA_ALIGN_CACHE:
  Resolve the proper value at use point
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 4e00940e9f1f7dc1210a094d916ef930ff447e4a
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=4e00940e9f1f7dc1210a094d916ef930ff447e4a

commit 4e00940e9f1f7dc1210a094d916ef930ff447e4a
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-10-13 12:13:30 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:39:34 +0000

    uma: UMA_ALIGN_CACHE: Resolve the proper value at use point
    
    Having a special value of -1 that is resolved internally to
    'uma_align_cache' provides no significant advantages and prevents
    changing that variable to an unsigned type, which is natural for an
    alignment mask.  So suppress it and replace its use with a call to
    uma_get_align_mask().  The small overhead of the added function call is
    irrelevant since UMA_ALIGN_CACHE is only used when creating new zones,
    which is not performance critical.
    
    Reviewed by:            markj, kib
    Sponsored by:           The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D42259
    
    (cherry picked from commit e557eafe7233f8231c1f5f5b098e4bab8e818645)
    
    Approved by:    markj (mentor)
---
 sys/vm/uma.h      | 2 +-
 sys/vm/uma_core.c | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/sys/vm/uma.h b/sys/vm/uma.h
index 4225bd83ba23..c748a7843374 100644
--- a/sys/vm/uma.h
+++ b/sys/vm/uma.h
@@ -301,7 +301,7 @@ uma_zone_t uma_zcache_create(const char *name, int size, uma_ctor ctor,
 #define UMA_ALIGN_INT	(sizeof(int) - 1)	/* "" int */
 #define UMA_ALIGN_SHORT	(sizeof(short) - 1)	/* "" short */
 #define UMA_ALIGN_CHAR	(sizeof(char) - 1)	/* "" char */
-#define UMA_ALIGN_CACHE	(0 - 1)			/* Cache line size align */
+#define UMA_ALIGN_CACHE	(uma_get_cache_align_mask()) /* Cache line size align */
 #define	UMA_ALIGNOF(type) (_Alignof(type) - 1)	/* Alignment fit for 'type' */
 
 #define	UMA_ANYDOMAIN	-1	/* Special value for domain search. */
diff --git a/sys/vm/uma_core.c b/sys/vm/uma_core.c
index 506bc63033ba..19ea5433559d 100644
--- a/sys/vm/uma_core.c
+++ b/sys/vm/uma_core.c
@@ -3182,7 +3182,7 @@ uma_kcreate(uma_zone_t zone, size_t size, uma_init uminit, uma_fini fini,
 	args.size = size;
 	args.uminit = uminit;
 	args.fini = fini;
-	args.align = (align == UMA_ALIGN_CACHE) ? uma_cache_align_mask : align;
+	args.align = align;
 	args.flags = flags;
 	args.zone = zone;
 	return (zone_alloc_item(kegs, &args, UMA_ANYDOMAIN, M_WAITOK));
@@ -3195,7 +3195,6 @@ uma_set_cache_align_mask(int mask)
 {
 
 	if (mask >= 0)
-		/* UMA_ALIGN_CACHE is also not permitted here. */
 		uma_cache_align_mask = mask;
 }
 

From nobody Thu Dec 21 13:43:56 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8s0ZMvz54pZr;
	Thu, 21 Dec 2023 13:43:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8r4C6Kz4PFJ;
	Thu, 21 Dec 2023 13:43:56 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166236;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=YvjdjYxUZ11u1PuV7DKEs+pUiXIqN0YPjvUZEzg26Wc=;
	b=ZqPqyuDaEj+oq94NB0r1pZ3kOtck+Tp11GRDilfYNcYcHm5/mY09qBgshh/MD5nj5t2xmi
	J+zcDCBEjXqznMojzVOnxvMytHLwihOPRuuRrObRwe8D4hyy2wabjve9yaHBYGaS8rcTdZ
	oUZQVgOKh2r1MAVnU7OgdWYUP/QMv8Y4LVz59fMI68lwMX9XCbwvhfuHRvdU0/gvPwpBTB
	DhWsovdhBSxTEX012XD7uK2kUymZTYETh6q3nJUd4cEJDhJUcZzHvmdA5CvLgoHH9VW5Gg
	bsdn36dgioje4Hnb/wut7BHef0BOcfspinO9V4Q4fZbdmNQ1VJLyy/ptYXU57Q==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166236; a=rsa-sha256; cv=none;
	b=oFLmLm/ayaq+HdD8mqbpEuj4d28eNxEFUP/JN7Dx9e50j0WKMtcerOv0uFOP0fP+WD3ClX
	oNfsQT1dz/UejEIX5vLe/89y9b85hgSuP0O69YZMHknxVTFLVXaS7fAVCmx1PoxI8pKQvC
	lwLlyHGZqiqVwe2nRxCiCEcDzGz6n9F0a16NawC5stJYpL3GzOt9LLJbHCo47hskcA7oZc
	ALdO21u4xMt1WyCkxcBhWnGa1JDqRlveb8J09NiGgVAWGms+nNFvKy1bV7uVsE9n92LlBL
	xrR4BcFtaJHdKrME8sYKocZcTkc+422yXP6rwCUmcS43pD5Q/KrntavmBcSDbg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166236;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=YvjdjYxUZ11u1PuV7DKEs+pUiXIqN0YPjvUZEzg26Wc=;
	b=lfbRalOud/pDu1+dqJsETYEFfiQKW8Cv7ymHMGoPYmOsU5gliYj8GLOl9qMsOm0mPgpzNB
	lNcAKOu95YcK0YlH7F15Ju7sHe/piQhlHL/awWjt4jD19veZSPUW3LGR3k8cokVpjk5IVl
	mAfZZd1DHNFU8G/BOa0LpQan0Em6GVE+K80EJc49oYebBaNkplmaIkjTFKcOieIrxC6Op3
	aCTMeVyp+W2Y1wU7XbDLcRmGU2tCBBXIql2HuUs9KmfO9Jyasl+vPijp3YZOxumQDXR+dP
	8fWbdiqRh6fBiPzspGkpCACQ9v9XstTH4o7Qov1NdDgxrfFVZn70j2/T+cTD0A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8r3HZkzZmS;
	Thu, 21 Dec 2023 13:43:56 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhu79079957;
	Thu, 21 Dec 2023 13:43:56 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhux5079954;
	Thu, 21 Dec 2023 13:43:56 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:56 GMT
Message-Id: <202312211343.3BLDhux5079954@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 9121202fcb27 - stable/13 - uma: Make the cache alignment
  mask unsigned
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 9121202fcb27e981bc4d2a7695fbba463361df93
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=9121202fcb27e981bc4d2a7695fbba463361df93

commit 9121202fcb27e981bc4d2a7695fbba463361df93
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-10-13 12:49:11 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:39:53 +0000

    uma: Make the cache alignment mask unsigned
    
    In uma_set_align_mask(), ensure that the passed value doesn't have its
    highest bit set, which would lead to problems since keg/zone alignment
    is internally stored as signed integers.  Such big values do not make
    sense anyway and indicate some programming error.  A future commit will
    introduce checks for this case and other ones.
    
    Reviewed by:            kib, markj
    Sponsored by:           The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D42262
    
    (cherry picked from commit 3d8f548b9e5772ff6890bdc01f7ba7b76203857d)
    
    Approved by:    markj (mentor)
---
 sys/arm/arm/cpufunc.c   |  6 +++---
 sys/vm/uma.h            |  2 +-
 sys/vm/uma_align_mask.h |  2 +-
 sys/vm/uma_core.c       | 15 ++++++++++-----
 4 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/sys/arm/arm/cpufunc.c b/sys/arm/arm/cpufunc.c
index 42f718b9773e..e94565cdc61f 100644
--- a/sys/arm/arm/cpufunc.c
+++ b/sys/arm/arm/cpufunc.c
@@ -61,8 +61,8 @@
 
 /* PRIMARY CACHE VARIABLES */
 
-int	arm_dcache_align;
-int	arm_dcache_align_mask;
+unsigned int	arm_dcache_align;
+unsigned int	arm_dcache_align_mask;
 
 #ifdef CPU_MV_PJ4B
 static void pj4bv7_setup(void);
@@ -170,7 +170,7 @@ get_cachetype_cp15(void)
 				    : : "r" (sel));
 				__asm __volatile("mrc p15, 1, %0, c0, c0, 0"
 				    : "=r" (csize));
-				arm_dcache_align = 1 <<
+				arm_dcache_align = 1U <<
 				    (CPUV7_CT_xSIZE_LEN(csize) + 4);
 			}
 			if (type == CACHE_ICACHE || type == CACHE_SEP_CACHE) {
diff --git a/sys/vm/uma.h b/sys/vm/uma.h
index c748a7843374..852473d69c27 100644
--- a/sys/vm/uma.h
+++ b/sys/vm/uma.h
@@ -475,7 +475,7 @@ void uma_zone_reclaim_domain(uma_zone_t, int req, int domain);
  * Returns:
  *	Nothing
  */
-void uma_set_cache_align_mask(int mask);
+void uma_set_cache_align_mask(unsigned int mask);
 
 #include <vm/uma_align_mask.h>
 
diff --git a/sys/vm/uma_align_mask.h b/sys/vm/uma_align_mask.h
index 666633350b9d..b4e9ac835d93 100644
--- a/sys/vm/uma_align_mask.h
+++ b/sys/vm/uma_align_mask.h
@@ -31,6 +31,6 @@
 #ifndef _VM_UMA_ALIGN_MASK_H_
 #define _VM_UMA_ALIGN_MASK_H_
 
-int uma_get_cache_align_mask(void) __pure;
+unsigned int uma_get_cache_align_mask(void) __pure;
 
 #endif /* !_VM_UMA_ALIGN_MASK_H_ */
diff --git a/sys/vm/uma_core.c b/sys/vm/uma_core.c
index 19ea5433559d..0f3d2591c893 100644
--- a/sys/vm/uma_core.c
+++ b/sys/vm/uma_core.c
@@ -149,7 +149,7 @@ static uma_zone_t slabzones[2];
 static uma_zone_t hashzone;
 
 /* The boot-time adjusted value for cache line alignment. */
-static int uma_cache_align_mask = 64 - 1;
+static unsigned int uma_cache_align_mask = 64 - 1;
 
 static MALLOC_DEFINE(M_UMAHASH, "UMAHash", "UMA Hash Buckets");
 static MALLOC_DEFINE(M_UMA, "UMA", "UMA Misc");
@@ -3191,15 +3191,20 @@ uma_kcreate(uma_zone_t zone, size_t size, uma_init uminit, uma_fini fini,
 /* Public functions */
 /* See uma.h */
 void
-uma_set_cache_align_mask(int mask)
+uma_set_cache_align_mask(unsigned int mask)
 {
 
-	if (mask >= 0)
-		uma_cache_align_mask = mask;
+	/*
+	 * Make sure the stored align mask doesn't have its highest bit set,
+	 * which would cause implementation-defined behavior when passing it as
+	 * the 'align' argument of uma_zcreate().  Such very large alignments do
+	 * not make sense anyway.
+	 */
+	uma_cache_align_mask = mask & ~(1U << 31);
 }
 
 /* Returns the alignment mask to use to request cache alignment. */
-int
+unsigned int
 uma_get_cache_align_mask(void)
 {
 	return (uma_cache_align_mask);

From nobody Thu Dec 21 13:43:57 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8s6qfsz54pxG;
	Thu, 21 Dec 2023 13:43:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8s5X24z4PNN;
	Thu, 21 Dec 2023 13:43:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166237;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=E2Y4XpBczRSasf6928Ka6U1zA3JQKggaTKm+YtYfI5Y=;
	b=Qq/cJkEZpcFSI0bsM0Mil3ABxxzrKowyG6DsMRsxeJNMsG3H5sXGqvG0zYarIdcW/LGI1M
	Iiu57V2c3Eczi1rEPVHvCoZ+ujKQI7liMyzaRURwmnc9Rp8UT8M70z3Ws04s1J54TrgDgH
	QHcvrwBFNqljGhIK4gzyMA4CzGKZ2Q0UuiAud0eCaGjhtyDvUXfCUojuz97DKTfi8YaPUd
	fY7D7pRUeK44I7S/v9vy3u/RH2Lrc4tAQYvnKNBGcVrchKjpDp9XBBeRUMRFgR4zT1ZoEW
	8mftEtWKmmTiGqYESIxJd5BFFOvnWUYsVDpxKE4vqChM/ZP8AdwgpNlU1LOc4A==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166237; a=rsa-sha256; cv=none;
	b=OORomUxq4vwSln6IeLQiEKEyKSC7ttgTs3ea46eELSyXWgN+qjL+iecPEmOM+UNxgv5JO5
	YZP8y0de0q4Vv/IpgmX61vjgB1xNZH230TRaeM1ohpdlitgmKBEi8pgXYa6YB96+NePqze
	VsfNoZWE7uxAcwu8bKQEOv3Tx8hhWMJS0axx3GWE9vE8Z8QDDiXSDkUNB3YMXLtNNJS8GC
	7DQ3XYNJFH+H5jxG+gbbWJsggnFLM+crfAJdneAnGX2Ot/oHtwFQu/0pgGsul0E0BdiuVq
	AdZSua1zlNT8HvM4bLBImWfpATAozGYqqK7XBCs4bcdmCfycf7Du1uGxQbDKfw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166237;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=E2Y4XpBczRSasf6928Ka6U1zA3JQKggaTKm+YtYfI5Y=;
	b=E+yWphu6ZTR7Q9kG2Br7UPo0TTzALXKnY756YWrXtbXHQ5qgLbi5GhXbzdSWK7RvRkoyla
	X+aXbv1mNIWQLbDKgr+KTvd7uykUhUnMrvB9NGuM6TiHpSOytfiHlpjE+LAqduDLwLuDeu
	QzcZETfhqaOAgTinFw22jrIPqHCdtohuf29yLavIljd1Uw/G3v0Wtvq537h2L1BgTPz8K/
	I9kos4vF3X9m2FwtCAw4KFxrtgNZLai0oDVilvocUxwJ4WGcLBgfS6eJyrm/LYWZrzzEMn
	2VVVzoNB/jyewQfyETvVCxeU/gsmC/QZVMjp32gziadAPm8TOOauotJLPn2/Ng==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8s4dtczb5s;
	Thu, 21 Dec 2023 13:43:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhvEh080006;
	Thu, 21 Dec 2023 13:43:57 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhvh0080000;
	Thu, 21 Dec 2023 13:43:57 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:57 GMT
Message-Id: <202312211343.3BLDhvh0080000@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 8626f6da9a21 - stable/13 - arm: Update declarations
  for arm_dcache_align{,_mask}
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 8626f6da9a21c14546ea11c1e9ddf23923bf5470
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=8626f6da9a21c14546ea11c1e9ddf23923bf5470

commit 8626f6da9a21c14546ea11c1e9ddf23923bf5470
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2023-11-02 16:23:51 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:40:09 +0000

    arm: Update declarations for arm_dcache_align{,_mask}
    
    Reported by:    Jenkins
    Fixes:          3d8f548b9e57 ("uma: Make the cache alignment mask unsigned")
    
    (cherry picked from commit 185aa8c9c3d7a01d616cfaafd492f61b37ed2551)
    
    Approved by:    markj (mentor)
---
 sys/arm/include/cpufunc.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/arm/include/cpufunc.h b/sys/arm/include/cpufunc.h
index df3ebc3b9255..5889e52819c1 100644
--- a/sys/arm/include/cpufunc.h
+++ b/sys/arm/include/cpufunc.h
@@ -178,8 +178,8 @@ void cpu_reset		(void) __attribute__((__noreturn__));
  */
 
 /* PRIMARY CACHE VARIABLES */
-extern int	arm_dcache_align;
-extern int	arm_dcache_align_mask;
+extern unsigned int	arm_dcache_align;
+extern unsigned int	arm_dcache_align_mask;
 
 
 #define	HAVE_INLINE_FFS

From nobody Thu Dec 21 13:43:58 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8v19zmz54q3B;
	Thu, 21 Dec 2023 13:43:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8t6mrBz4PCj;
	Thu, 21 Dec 2023 13:43:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166239;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=t5JQCip4qhCU3IV5YYU5shfsMaKnDnrHoiETbDctVPI=;
	b=ICsF7AJbH1c26bDuoldSSnUDilH+Fee2dC/05/xtA1gDhE6doN860HR3Gl9NQkdgYNx1Kd
	iY3tZQ1wGpSn+JHprOZbiGFUW0OivqvRa6rDt+vQQ35qdf9k4Cv22W9GgiLrdB+JuCirc0
	DRSvgFHyIGTfrb6UffGAy6tdnQZ+op5t+llpaI/M5n9JhCxSxXACA/kGHY75HleDI82DFF
	UhrNlOoiLxuPj4cAuf0sr/cTV0ef29ufsH5BdTQdWUqHDuqW8R1uNgzNEzK+obpMYLdIQD
	QvmzKYOsEdJVCcBrG1/prH8CjYJpwHfXW1cKjT3o/cvtPwsA1LXE/3/AR6CwYA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166238; a=rsa-sha256; cv=none;
	b=gd0OAd+69Ch0WAsISQwaEc7bw4XFnJI5MemoMzhS5Gt7oiWnOKm94rhwHhCag9WryW1duU
	dA3qna6GFZVm5p2zKKN24efh3SxiQ6VthmGb8OMEwF7zsa5disjZ7jrXd/3kNZL90sYfXx
	XaGzua0mB7pkWRxSGzNALbg00EF3emC+1yu4Ey/MZaYorsTcl3+u6aKF1zdS/KiUQ7pOp5
	pp1RVVLwggnCQZWu0MfQUQxqqmLeqsPCsNmXcxhkqUYSW22FVsb/nBqHT4lCh7M2HOKsI0
	t3qXBEegYVoMacfbATdjoQDnh5X1RXOSfKgnYoiPXt3gW+a8E00PTr63vuF4/Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166238;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=t5JQCip4qhCU3IV5YYU5shfsMaKnDnrHoiETbDctVPI=;
	b=Jfat1YIi4E77qhyLauKCqPfLoxrtE1q1/gyHGv3wacs5CeHlr8kpJCxw61GqCXKcmOSYKP
	paphqLNEcOBG+oCVH0GO6TvGFxq8PxtXyegA4TCdcIV8Pukbd4GkAprhP0RoAfOD/NWGKb
	ZYnvUAgGOusynfNunTXwvAFEuCP+DQY9Ov0VfEFgTKi98K7qKpqYEGm7PnepVl5ecX5vR0
	9BHU3ydBkKBYBt3zhV9t1DGQSMlKrjmjD0aY+rsJ8fwhiaGHt2C8Tl6sgKLLa2DIDGfsGw
	bt1+vBg4BYze8he8u7u08uXnjFPvceiPi4yuXF2A3jP5uqEUwowYN8IGLB8DDQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8t5tHfzZv0;
	Thu, 21 Dec 2023 13:43:58 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhwOw080055;
	Thu, 21 Dec 2023 13:43:58 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhwYu080052;
	Thu, 21 Dec 2023 13:43:58 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:58 GMT
Message-Id: <202312211343.3BLDhwYu080052@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 27199e55a4d5 - stable/13 - uma: New check_align_mask():
  Validate alignments (INVARIANTS)
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 27199e55a4d568659d3a4b9985e736e8e5ee3dfe
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=27199e55a4d568659d3a4b9985e736e8e5ee3dfe

commit 27199e55a4d568659d3a4b9985e736e8e5ee3dfe
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-10-13 14:09:51 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:40:09 +0000

    uma: New check_align_mask(): Validate alignments (INVARIANTS)
    
    New function check_align_mask() asserts (under INVARIANTS) that the mask
    fits in a (signed) integer (see the comment) and that the corresponding
    alignment is a power of two.
    
    Use check_align_mask() in uma_set_align_mask() and also in uma_zcreate()
    to replace the KASSERT() there (that was checking only for a power of
    2).
    
    Reviewed by:            kib, markj
    Sponsored by:           The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D42263
    
    (cherry picked from commit 87090f5e5a7b927a2ab30878435f6dcba0705a1d)
    
    Approved by:    markj (mentor)
---
 sys/vm/uma_core.c | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/sys/vm/uma_core.c b/sys/vm/uma_core.c
index 0f3d2591c893..2236df90dfc0 100644
--- a/sys/vm/uma_core.c
+++ b/sys/vm/uma_core.c
@@ -3188,19 +3188,31 @@ uma_kcreate(uma_zone_t zone, size_t size, uma_init uminit, uma_fini fini,
 	return (zone_alloc_item(kegs, &args, UMA_ANYDOMAIN, M_WAITOK));
 }
 
-/* Public functions */
-/* See uma.h */
-void
-uma_set_cache_align_mask(unsigned int mask)
+
+static void
+check_align_mask(unsigned int mask)
 {
 
+	KASSERT(powerof2(mask + 1),
+	    ("UMA: %s: Not the mask of a power of 2 (%#x)", __func__, mask));
 	/*
 	 * Make sure the stored align mask doesn't have its highest bit set,
 	 * which would cause implementation-defined behavior when passing it as
 	 * the 'align' argument of uma_zcreate().  Such very large alignments do
 	 * not make sense anyway.
 	 */
-	uma_cache_align_mask = mask & ~(1U << 31);
+	KASSERT(mask <= INT_MAX,
+	    ("UMA: %s: Mask too big (%#x)", __func__, mask));
+}
+
+/* Public functions */
+/* See uma.h */
+void
+uma_set_cache_align_mask(unsigned int mask)
+{
+
+	check_align_mask(mask);
+	uma_cache_align_mask = mask;
 }
 
 /* Returns the alignment mask to use to request cache alignment. */
@@ -3219,8 +3231,7 @@ uma_zcreate(const char *name, size_t size, uma_ctor ctor, uma_dtor dtor,
 	struct uma_zctor_args args;
 	uma_zone_t res;
 
-	KASSERT(powerof2(align + 1), ("invalid zone alignment %d for \"%s\"",
-	    align, name));
+	check_align_mask(align);
 
 	/* This stuff is essential for the zone ctor */
 	memset(&args, 0, sizeof(args));

From nobody Thu Dec 21 13:43:59 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8w3WQSz54q15;
	Thu, 21 Dec 2023 13:44:00 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8w0R9nz4PT5;
	Thu, 21 Dec 2023 13:44:00 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166240;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mchxLVlJoOdTPYs7BnKw9aLDc7sR3klKi++jkZ3gmBU=;
	b=nSjER/V1mwhbwnAxFv4dg8J3jRmukVni7URSm2nX9Cjclapx57diay7ePvg4VZZewqRaKc
	jbD/YSIli6OALbWKW3ZUJc9N7d6Jm9VVkC3/mCMRNGuuqnLIxx+Bmeew/5nYnui9qcd784
	jKsT5FZ0QOU4YIlrrMDHOwZe40T2XUTXjX5DlUGqR5mXc0t+I4yhcRS+lUKL6qmevlzQli
	8udPwkymcAJchmT3wYCie0m1Gn8ACfmfBxZbu7knHguib3de4jH85iQA1P1Q7PO+gK4lwf
	k6Hy4ldM7M0pGBwEBXfytWe1A8m+Li6oSerEu8NO4YBDpOtSmvqIwazr1EvpDQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166240; a=rsa-sha256; cv=none;
	b=Rc7LixmKeX2DmCk0vV5ZI+paO3uTIqUF5P9WtSQQ7IT+WhHJIpiaDhNxs982cgnUbMOPTe
	qaMXdxUvyRdLJF5VMRoqiksfEmLtf3S0jZ5y8JDrRiOjMHjobZk2vT82/+KYMJOaZQ30SY
	/wjZe+uG3jOO2Q0N58YDwdLRHSxVtg+cleIXK+CueiigqPZcoCBwyme7Y4V0y2R0FN42mh
	EIUoA6ZqYWa9BlW9SKzHaUs6TijBb7tBOg0Q+1TtL/28+wzw4eNztPschkbCDgcuklkcDq
	T4+T+avhr3jx7q8gmPCYE21SNlOCupVr3422bkOixhcCQrvXg5JSGq7xkI5+Jw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166240;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mchxLVlJoOdTPYs7BnKw9aLDc7sR3klKi++jkZ3gmBU=;
	b=PWgFa5Kc0e3jsQOPlnYPXMUqrjN9FPw3s068Clqnnn6AzmSinBegpwObJDnHCWdc+S8az6
	EbtEjOagZ7i/XiXcdgDXBeAehSzOMTiLU5HAolBKox2V3eyePpxcLwtbAver7Dl0wZ2dsP
	zXLKkWmL4rXsjrGCAtWoGuqws3raMnJBAATzQUc5NmFc/FxjNgcA2Df0Hqn0SKaEHcfguZ
	YSlTU+TZGaEmftlibl9p1oXgYCKQlcadfEURrEVZsNe5g2eV2o6RLhqhBogqm4gfQV03uT
	0REIWdjHhEycx4yPs+Ac9z2vUfEeKZe6kz7/oyKtsTYYycyBtVpMYFgsqrHZnQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8v6dFgzb5t;
	Thu, 21 Dec 2023 13:43:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDhxDO080103;
	Thu, 21 Dec 2023 13:43:59 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDhxrc080100;
	Thu, 21 Dec 2023 13:43:59 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:43:59 GMT
Message-Id: <202312211343.3BLDhxrc080100@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 89af1555b4ef - stable/13 - linuxkpi:
  dma_get_cache_alignment(): Fix off-by-one result
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 89af1555b4ef7efbd8caedf905956b2a2a5df141
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=89af1555b4ef7efbd8caedf905956b2a2a5df141

commit 89af1555b4ef7efbd8caedf905956b2a2a5df141
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-10-13 15:13:28 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:40:09 +0000

    linuxkpi: dma_get_cache_alignment(): Fix off-by-one result
    
    Substituting 'uma_align_cache' by the appropriately named accessor
    uma_get_cache_align_mask() made apparent that dma_get_cache_alignment()
    was off by one, since it was defined to be the mask derived from the
    alignment value.
    
    Reviewed by:            markj, bz
    Sponsored by:           The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D42264
    
    (cherry picked from commit 2c7dd66d09a1b92a4698232996cded6e5315b3bd)
    
    Approved by:    markj (mentor)
---
 sys/compat/linuxkpi/common/include/linux/dma-mapping.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/compat/linuxkpi/common/include/linux/dma-mapping.h b/sys/compat/linuxkpi/common/include/linux/dma-mapping.h
index fb63a45ac307..d0ada4df3e26 100644
--- a/sys/compat/linuxkpi/common/include/linux/dma-mapping.h
+++ b/sys/compat/linuxkpi/common/include/linux/dma-mapping.h
@@ -351,7 +351,7 @@ dma_max_mapping_size(struct device *dev)
 #define	dma_unmap_len(p, name)			((p)->name)
 #define	dma_unmap_len_set(p, name, v)		(((p)->name) = (v))
 
-#define	dma_get_cache_alignment()	uma_get_cache_align_mask()
+#define	dma_get_cache_alignment()	(uma_get_cache_align_mask() + 1)
 
 
 static inline int

From nobody Thu Dec 21 13:44:00 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8x3n51z54pxN;
	Thu, 21 Dec 2023 13:44:01 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8x1TYzz4PTJ;
	Thu, 21 Dec 2023 13:44:01 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166241;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=PeqkXWl+yb2sOfByBZq/+7WvxobYQyaIcxhaFsm9Ys0=;
	b=jMa3UzEdbn2SQMtQVZlpptjtgTsgeTadjK+7atw5ZQPOucJdTt3XKWwZA9sDHtS3vR1IO+
	re/b9VSuYAKIsb6iEnoHoO1GrkhNcsp2EE/3p00dMYK8erYeb4bPJOpiXA6cPalkblQ/3x
	Zto3U5xivSTXEQY1Mt2Vu+6NydYQtRoq+fRWBbhexIkWJKHLHbR/v2WJlEAobM+ZUnOSsf
	VG1lsNTK7B6l7ylIhNWYJ4I8Q3TT1YSQvGOs+coNiSB65U1lO89Cb18DmpVT17DiuxoNW9
	Y9UCXJlAIgTdGT224lxPJzB8IS4VCgIieQ/O8wUnKyYSwYQ7G2O/qCynDMEmOQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166241; a=rsa-sha256; cv=none;
	b=HPpPGDqLtV/7bB0k3qm9c6cW8J1YgMlxsHXzt9K01fMyYAW3d8kCX4hBgMniC5LFVKvTMD
	jdTjMjKC0js3DDD40SxtCimVXSi6OrRUFfIYkJkCYzi8b4M6bUwY7hmz1Ju7cA0HOqrbJm
	iSUgzbrBbGBgvzV556VZYKfma+XOrJFvpcFSO++yUSqCJEwuRaCn3ei/NV7GhKadW2WV5k
	RBkxoj2Qj3hPSUMiOQFVaagy1QWa1giAw7h3KVjFgA8q0YYycswdzrRoSmU+Q7fQ0MGZUH
	63/tgQT3A4yBk/OZc/T1ykS5shBYvgg8aGhV91HDktr/GlYawanKr1HBabXrEQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166241;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=PeqkXWl+yb2sOfByBZq/+7WvxobYQyaIcxhaFsm9Ys0=;
	b=ieJFZykpBdzSR5epGfTP+iijCwXQqfXh0Vwc5cgyy0I84zZNmkhmrqWPxQ/KHaExSQ/u3z
	A11bIHCKaUOO4Yo4wPeO87nL175lK1+MtQkc+HspNQvjqRuDkNwoOcKrebEFnMvsDETULa
	dUsW1T3wZ6B7I6+fNUH4+n9QeKOCuU/Ws/WEbYqxLyum84s+dalqUYWzAi15KrSR3yEOnW
	R8fjLDT/9ak9hcu4NtoEO2kOfJgj+pDdgSYq1sS821c9stUe3cIYfGvIosxPoY8mnyn/ft
	65XqmujiXajtX1/1L+NhLX/9E8vzK3IjmDQZcLBAIFQkfcJNKEwsgejnX+bbbw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8x0Ylgzb4M;
	Thu, 21 Dec 2023 13:44:01 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDi0HS080189;
	Thu, 21 Dec 2023 13:44:00 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDi0M9080186;
	Thu, 21 Dec 2023 13:44:00 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:44:00 GMT
Message-Id: <202312211344.3BLDi0M9080186@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 6e4b7753610d - stable/13 - uma: Permit specifying max
  of cache line and some custom alignment
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 6e4b7753610d2594740d73120fe6251ce7f66a61
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=6e4b7753610d2594740d73120fe6251ce7f66a61

commit 6e4b7753610d2594740d73120fe6251ce7f66a61
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-10-13 15:05:34 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:40:09 +0000

    uma: Permit specifying max of cache line and some custom alignment
    
    To be used for structures for which we want to enforce that pointers to
    them have some number of lower bits always set to 0, while still
    ensuring we benefit from cache line alignment to avoid false sharing
    between structures and fields within the structures (provided they are
    properly ordered).
    
    First candidate consumer that comes to mind is 'struct thread', see next
    commit.
    
    Reviewed by:            markj, kib
    Sponsored by:           The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D42265
    
    (cherry picked from commit 733e0abd2897289e2acf70f7c72e31a5a560394a)
    
    Approved by:    markj (mentor)
---
 sys/vm/uma.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sys/vm/uma.h b/sys/vm/uma.h
index 852473d69c27..2a305d87ca34 100644
--- a/sys/vm/uma.h
+++ b/sys/vm/uma.h
@@ -302,6 +302,8 @@ uma_zone_t uma_zcache_create(const char *name, int size, uma_ctor ctor,
 #define UMA_ALIGN_SHORT	(sizeof(short) - 1)	/* "" short */
 #define UMA_ALIGN_CHAR	(sizeof(char) - 1)	/* "" char */
 #define UMA_ALIGN_CACHE	(uma_get_cache_align_mask()) /* Cache line size align */
+/* Align both to cache line size and an explicit alignment (through mask). */
+#define UMA_ALIGN_CACHE_AND_MASK(mask) (uma_get_cache_align_mask() | (mask))
 #define	UMA_ALIGNOF(type) (_Alignof(type) - 1)	/* Alignment fit for 'type' */
 
 #define	UMA_ANYDOMAIN	-1	/* Special value for domain search. */

From nobody Thu Dec 21 13:44:02 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sws8y6Hlqz54pb2;
	Thu, 21 Dec 2023 13:44:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sws8y2YS8z4PTf;
	Thu, 21 Dec 2023 13:44:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703166242;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=zTAa8nRMEQ6rFNIA2yT9vlG0XSntSZ2OFx5cbgRl3VE=;
	b=pF9/6lOWjl5pi2o3aA7Oy9Bb9qUC9CRFlP4dY5ggqrPsFbh4RuI+saA/nAI3smSDxEJgzq
	dNH/oIAFM55jAl87V1+TPtWzGeT4d94vTXk933mVVYL7BLgBuW3P9m6RKg53zXhh1v/eUg
	nhQwhNlcOY/t8MMwMGybxWut5BLlqL21WWiVp7xJCb6T8Lqb5Z6NMWlCzrC4e/hBCUSURR
	VQWBWgo+m0XAdXQsUvbLRw6EFGdyh8uKi+yq6cOrT88kMFUO5oxCXgehkc0e/AVwgFq1VR
	hc3KiTnA20eKu4U7N9beIuCctxqXT5ggWTbQXLzTXpezMkpfmzKKXdNjbCGmbw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703166242; a=rsa-sha256; cv=none;
	b=A2odoQEGPm8ldmdHk8ZnuQB3Gk6oLSt2CLLeVblE37RiiQrk38Py9WU/vCSkHxVXJvtO2f
	InUMXfrDY6hB+iFzfffZMl1sXYYUJZhF/jRosM74umkVtDt28pQQVqQkwT5wFYecVvkVm2
	zzngT8kMC3F2+xCTNCNjcQ2kncfoy3b+pGa8sTVC/MAHpC9dBB3MuPhGGH1noL8C+mDywl
	cn4O8PCGTaTPxWBY3aj9o5d82EIVRPGJhyv/vcd/xtYC/knh0QekF9XLeIjMcCmWybJufb
	BzYHH+XE+XMKGSE4ZMYjsgDvW71V2GbyuNHKov0YAw+XubH+pvLJwpWcf47xoQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703166242;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=zTAa8nRMEQ6rFNIA2yT9vlG0XSntSZ2OFx5cbgRl3VE=;
	b=TCdmoiLcdxKoKxYtxPjUyesEP80mzBgeIo0GOSAZt2yY7WMPh62FwE4c9qJxh6dD8lxTIN
	gy5t0sLYtMOdsvYGixGpwP5fm7J8No8KZsi25OSFj5TTvhRIaJZKbyX0nhYZrkq1xRrHtq
	hPH1rIvzmcbT28BCCEkehNxeniZ7bpOGU0bEo1LCV3hH70mSq3pZoqp1sEUJsnt2aSZvz9
	d0/XmDZRaTI5B31MtqUxTm4wUwAwy2NqB42sPkMdd2A0rW4kUW2Gf3dux3U6ZF/wo4aG/l
	ucus8pfzUAOJVmZCBkwpx6ZbnUZJ4RCI+xhWATroyOrzecg4NccRNYjDrTPAVg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sws8y1dFlzb7h;
	Thu, 21 Dec 2023 13:44:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLDi2TV080244;
	Thu, 21 Dec 2023 13:44:02 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLDi2hi080241;
	Thu, 21 Dec 2023 13:44:02 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 13:44:02 GMT
Message-Id: <202312211344.3BLDi2hi080241@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Olivier Certner <olce@FreeBSD.org>
Subject: git: 706303829968 - stable/13 - Ensure 'struct thread' is
  aligned to a cache line
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: olce
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 7063038299682f421a3b56ade0dbd40c2ce69292
Auto-Submitted: auto-generated

The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=7063038299682f421a3b56ade0dbd40c2ce69292

commit 7063038299682f421a3b56ade0dbd40c2ce69292
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-10-13 08:52:31 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:40:10 +0000

    Ensure 'struct thread' is aligned to a cache line
    
    Using the new UMA_ALIGN_CACHE_AND_MASK() facility, which allows to
    simultaneously guarantee a minimum of 32 bytes of alignment (the 5 lower
    bits are always 0).
    
    For the record, to this day, here's a (possibly non-exhaustive) list of
    synchronization primitives using lower bits to store flags in pointers
    to thread structures:
    - lockmgr, rwlock and sx all use the 5 bits directly.
    - rmlock indirectly relies on sx, so can use the 5 bits.
    - mtx (non-spin) relies on the 3 lower bits.
    
    Reviewed by:            markj, kib
    Sponsored by:           The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D42266
    
    (cherry picked from commit 7d1469e555bdce32b3dfc898478ae5564d5072b1)
    
    Approved by:    markj (mentor)
---
 sys/kern/kern_thread.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/sys/kern/kern_thread.c b/sys/kern/kern_thread.c
index cab0d7446d2a..14015ef5fdc2 100644
--- a/sys/kern/kern_thread.c
+++ b/sys/kern/kern_thread.c
@@ -525,9 +525,15 @@ threadinit(void)
 	 */
 	flags |= UMA_ZONE_CONTIG;
 #endif
+	/*
+	 * Thread structures are specially aligned so that (at least) the
+	 * 5 lower bits of a pointer to 'struct thead' must be 0.  These bits
+	 * are used by synchronization primitives to store flags in pointers to
+	 * such structures.
+	 */
 	thread_zone = uma_zcreate("THREAD", sched_sizeof_thread(),
 	    thread_ctor, thread_dtor, thread_init, thread_fini,
-	    32 - 1, flags);
+	    UMA_ALIGN_CACHE_AND_MASK(32 - 1), flags);
 	tidhashtbl = hashinit(maxproc / 2, M_TIDHASH, &tidhash);
 	tidhashlock = (tidhash + 1) / 64;
 	if (tidhashlock > 0)

From nobody Thu Dec 21 14:24:22 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Swt3V3CRxz54s40;
	Thu, 21 Dec 2023 14:24:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Swt3V2jLbz4cRQ;
	Thu, 21 Dec 2023 14:24:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703168662;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=QDGS7b7WobtbYfRqMqnXQzLT5LSCU/kp9ioVX/7OnoM=;
	b=Gip5MPap4HqDAUXuF+17DbCLS8f22KJc2gqLUANdDCoecQJXO4FBOgTSYGyoq1QHm4bNF8
	epgD1U+PU1qUABUvpGe7useonNhxUr/9DMi5XdUyWPeq/rw4v/5nRfKGUdMWUAjRRyxUb1
	Upw1IgoEDf8D93eGf9gwzK8vXCAJNYk4rR6M/kK9nF5vQFQ0IHsVuA2V2xDgyDhcKVBzRJ
	ZHcBB9MNvPCYyojkIZcK4mFiZsg42f87SxUEwDzKr09eMPunrsr5atTKdqUXDPKuMbPGvD
	YUfr2bkGInZ/HvQnwt0IzN8Q6RbAi6Vwk47dNenQOTN5MhzYq/s3XPNW22E7tg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703168662; a=rsa-sha256; cv=none;
	b=Quc/C9OCOoHIKER2MafOKZsFqtEBc7Ha+5dMtxkN2zUN+gOTzUsVd2vXzYdudsgUwBc3fu
	fm3RAHdPXu/s2paBgkcL028EEIMLClzwGCzVPezInQHHU6Wrau0hMTUUaRreF87wT8edSn
	4P1JpLvEX8axWvbimhE6IKvpFGIav0uROsjY9/gldWK4wOvAjmRwIIOhCjX7ruvKoq5eeV
	kD0bScWhHb1exeEzvJjrtnR2GlJF9Ry4TejPepSeE4UFYe0g8Xi5iHpmUclHDjNaGUrN6T
	QGT/xsoCAJ7igP4pW+z+9cj1xt4F4ul90IgiCrjAegx69N5RCL1rM6h1SyY2FQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703168662;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=QDGS7b7WobtbYfRqMqnXQzLT5LSCU/kp9ioVX/7OnoM=;
	b=bTK76kW4UR/Gisax4Njd2q9iZih5xLT3MYmUEPjUpPn/N8h/8ekjoq7++rEeeXGbNZfzKu
	a2XtDs62E9UReLYescvmZGryUbf62r1eSImYCSbxvNLTq9mk7bkNfwdtH+ohq31/hq+dSu
	e5CvjprAH8xLaBZq4aA8mjrdb46N0S1yKBpP3mDfOAnyjUtl/6jFrwbOp96hJqmtzky0ot
	3JJ5Z7xC4CMmKIlmY1pTA9535IuwiLRUm+sOWyyOEdNdolx/yz10hzqysXGoEz5xyB285L
	WU9qkYOpZTPhMf0Q38XJQz4ru5kMUn3W0rp6ZMkXBDCTq0hRF71LDhvsqupBnw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Swt3V1lnDzbp4;
	Thu, 21 Dec 2023 14:24:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLEOMhr047628;
	Thu, 21 Dec 2023 14:24:22 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLEOM2Q047625;
	Thu, 21 Dec 2023 14:24:22 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 14:24:22 GMT
Message-Id: <202312211424.3BLEOM2Q047625@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 2d5a980f43e5 - stable/13 - tcp_wrappers: recognize
  IPv6 addresses/prefixes
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 2d5a980f43e565355d5d174ac4737b0ca080dda2
Auto-Submitted: auto-generated

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=2d5a980f43e565355d5d174ac4737b0ca080dda2

commit 2d5a980f43e565355d5d174ac4737b0ca080dda2
Author:     Gleb Smirnoff <glebius@FreeBSD.org>
AuthorDate: 2023-07-20 21:56:20 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-12-21 14:23:40 +0000

    tcp_wrappers: recognize IPv6 addresses/prefixes
    
    Intentionally or not, but the libwrap was written in such manner that
    if your /etc/hosts.allow doesn't have any domain names, neither smart
    keywords like LOCAL or KNOWN, then it will not try to resolve the
    client address during the hosts check.  This was achieved with the
    NOT_INADDR() check that matched IPv4 addresses/prefixes.  Extend this
    to also skip resolve if client list token looks like IPv6.
    
    Reviewed by:            philip, emaste
    PR:                     269456
    Differential revision:  https://reviews.freebsd.org/D40070
    
    (cherry picked from commit 1d9722de6f90c3edf286b077938bfa696e728d6c)
---
 contrib/tcp_wrappers/hosts_access.c | 3 ++-
 contrib/tcp_wrappers/tcpd.h         | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/contrib/tcp_wrappers/hosts_access.c b/contrib/tcp_wrappers/hosts_access.c
index 05c62d194091..e55f3f34dd20 100644
--- a/contrib/tcp_wrappers/hosts_access.c
+++ b/contrib/tcp_wrappers/hosts_access.c
@@ -315,7 +315,8 @@ static int host_match(char *tok, struct host_info *host)
 	return (masked_match(tok, mask, eval_hostaddr(host)));
     } else {					/* anything else */
 	return (string_match(tok, eval_hostaddr(host))
-	    || (NOT_INADDR(tok) && string_match(tok, eval_hostname(host))));
+	    || (NOT_INADDR(tok) && NOT_INADDR6(tok)
+	     && string_match(tok, eval_hostname(host))));
     }
 }
 
diff --git a/contrib/tcp_wrappers/tcpd.h b/contrib/tcp_wrappers/tcpd.h
index 1078073c8e3a..194cde378c1c 100644
--- a/contrib/tcp_wrappers/tcpd.h
+++ b/contrib/tcp_wrappers/tcpd.h
@@ -70,6 +70,7 @@ extern char paranoid[];
 #define	HOSTNAME_KNOWN(s) (STR_NE((s),unknown) && STR_NE((s),paranoid))
 
 #define	NOT_INADDR(s) (s[strspn(s,"01234567890./")] != 0)
+#define	NOT_INADDR6(s) (strchr(s, ':') == NULL)
 
 /* Global functions. */
 

From nobody Thu Dec 21 15:21:11 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SwvK41tKbz54v6s;
	Thu, 21 Dec 2023 15:21:12 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SwvK41R1Xz3D9c;
	Thu, 21 Dec 2023 15:21:12 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703172072;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=yeC4WNgIHMdeTN8SxjQ1SKpT8IcW+tAwZO0sA2/Hiys=;
	b=cf7/eLy+HZzcQHszF61gJ4BLFtIgrB2H4KvdyZSCbFsOpPEMVIreRttSeVWozBIKx2IVBx
	vQubC4Qz9J9cFBkQ0iam/RhOoCd8lN05ImncveuYfl7JEhESQE2raA7XbPNijczFLGBXcP
	3VE+hW2UbsibDEXemN3QW3YboWBTjVlsiIRWB1Az5DtMSqr8tIWbvY7iSYqKdRU0KUfiT0
	Y9PxH/QsCCkoJ9BHacWP5VVM9jr9Sofp+yo0sUQ6g7ezbNINuCKowAgRTjFnwBC6nqYAsK
	4iJQsiXrUSUTBQ0hw/LqQlukRwowoV7Frjm2WxKM09UKtZNOfFFE+p8YFaxv0w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703172072; a=rsa-sha256; cv=none;
	b=eG4WZ+dj7VaSOaSXSPdiRqbsDb+81Ztsjnv1KezyrJS8ceQGLT658276z+zI381Adn+SVk
	urmC4DFw8ZcL9BJ6BcA/n3FrTdjLdXBUo693JOlKq2/XDPwp1PeOeh1ky3CLR3i48BGBIm
	rOZWqHy7A+GVsVCKVKXxvhJJ0t7EfnkNg5uZsfiVDI2VcuHGrj+VzipgXwoR+REmE8W1Pe
	qwBDl0V3L/K7RmfF73OJl1Z0QCAyV0Bu2q9bYvA34OlFTsNo26rnyimHUoQW5Y1cKz9MB2
	rK7+7aBX8eiJhf95Ynx8HtcHR0fFVNwFu2Z4AcPQSeyrNMZYA9uD0gMCAYtnZA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703172072;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=yeC4WNgIHMdeTN8SxjQ1SKpT8IcW+tAwZO0sA2/Hiys=;
	b=yDfgYPoANjhzL04RvIMozffc2HFsocYAYohdOvxGFOdwIloMEckf/8vJdBk7Q7u4hErMzk
	5+8NiurnMJ668ZGNA0MX6HY3ez3NXiPk+e1nfGHe2qc/5bJ5eLbzea7nJA2TkWB7i6C/9x
	C5HbsFRlu7b1bQO3Bz7aOjMH95aeFX0tWK8raG12LoOpJtH68/A01Uqq06qsulUxgybfiZ
	KfU37VNTMsLmp8cGFfmMY1ycHqbVROEN3M/pZQk8DazJF+RG8pOWdRns5NKIp1CrHbLkfV
	IHHmibXRzxsP2oOiSODx7mU+gDepFpJrIumfbP1nzhrM9Uqu53fa/bQkz15WGQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SwvK40WKfzdLx;
	Thu, 21 Dec 2023 15:21:12 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLFLBJC043298;
	Thu, 21 Dec 2023 15:21:11 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLFLBJx043295;
	Thu, 21 Dec 2023 15:21:11 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 15:21:11 GMT
Message-Id: <202312211521.3BLFLBJx043295@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Konstantin Belousov <kib@FreeBSD.org>
Subject: git: 6bccb677d06e - stable/13 - ufs: do not leave around
  empty buffers shadowing disk content
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kib
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 6bccb677d06ea15fb34d00b482c77c8f8bf35e19
Auto-Submitted: auto-generated

The branch stable/13 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=6bccb677d06ea15fb34d00b482c77c8f8bf35e19

commit 6bccb677d06ea15fb34d00b482c77c8f8bf35e19
Author:     Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-12-11 22:57:28 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-12-21 15:20:39 +0000

    ufs: do not leave around empty buffers shadowing disk content
    
    (cherry picked from commit ca39f23347e1416a28dde13279bfe5841ad9a746)
---
 sys/ufs/ffs/ffs_vnops.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/sys/ufs/ffs/ffs_vnops.c b/sys/ufs/ffs/ffs_vnops.c
index abc1c3524396..21e6e22c6f88 100644
--- a/sys/ufs/ffs/ffs_vnops.c
+++ b/sys/ufs/ffs/ffs_vnops.c
@@ -969,8 +969,15 @@ ffs_write(
 		 * validated the pages.
 		 */
 		if (error != 0 && (bp->b_flags & B_CACHE) == 0 &&
-		    fs->fs_bsize == xfersize)
-			vfs_bio_clrbuf(bp);
+		    fs->fs_bsize == xfersize) {
+			if (error == EFAULT && LIST_EMPTY(&bp->b_dep)) {
+				bp->b_flags |= B_INVAL | B_RELBUF | B_NOCACHE;
+				brelse(bp);
+				break;
+			} else {
+				vfs_bio_clrbuf(bp);
+			}
+		}
 
 		vfs_bio_set_flags(bp, ioflag);
 

From nobody Thu Dec 21 15:21:13 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SwvK52l1Tz54vQb;
	Thu, 21 Dec 2023 15:21:13 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SwvK51pZXz3DLZ;
	Thu, 21 Dec 2023 15:21:13 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703172073;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=vKxe7+TOdjNrAmGWaogYo/f6dPAiU9HKXRvZERdeiz8=;
	b=HujLgkCNHHuxxjK6oHxLR/RFyoFqV23uVYMvVvKtdBYg5SkZPZ2YLwmaI4FhBTKkh/8ivr
	tSglZhvkc4Lzi2ccCiA8977Uh+nGUSYYZdYCW5ot911X/SGaewBOaczlX7yCVnAZcEbofQ
	szz7gud8hPmIKgPsEwPd2yrWjNsgSKriU8xEjtt0MO3dlTMkHGJRaXBE7d6TPGpDOKtX/R
	sUT4MqJfHRCaCZiPQU4yGS5QhVvSebz1Xd2vO25cLbqV6YB+8ZUZVnspm8cUMABd/mE5tV
	khvQmdlbbBjEmhv2vt/kEgsgANOFkOotTtJ/8DgtjG1S4lhxuoVJ6u1ba0HURA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703172073; a=rsa-sha256; cv=none;
	b=Upwa8nbIx5CuBOJjOmJXM2AxLUYma16fLFz/ablcLUvQIPG2ag7+UylTSEYJiwGa9r608v
	Wxj6h7frDYR8UcDi2SeJjMRnFSZCdGXCwnrqi79nx6Cbv48ZNusS1jrTGRXuue3CrNb2gO
	IPgMLZYUzpNc3ofZuQ+aNq6nvD6bOFXhmKvv/46GH6f1hn5Qo2SSpA6P2FIYZAV2mGk34m
	qojdVmxFaCQoxX1GB6P/2Q8lhKhpZLDFUP3tJEDTV4bkFCWDCRbw30wgKf0h3ttVvb4Zcn
	liFiCjirhDM55buCqxP8JI1IY+M5mc6BSpnNOXXm2qnq5jKPaX6RBbGvNnvi2w==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703172073;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=vKxe7+TOdjNrAmGWaogYo/f6dPAiU9HKXRvZERdeiz8=;
	b=LxTvdqgopy1+BEG0dvylsllH5azgrzKkJ59tO5sFIpsrhhJigN5bpECXfkGHUOBDFW57uu
	gyBHJdFafRFGi8Pw43rqtH4qR0oVCMtFmaGW/LnHB2RvieeQfm0oyT3Rr6rxho6YTLbE54
	NtQ15Qtyy1tCdmvNIjlfh/jyS/p9+/UeflUq3Yg1lWXABl+5REJdYdHc5WaaLNFEAnxX0e
	4xqRdCtYHb3pQbOWipzVniBrhoB3MgsrXgVtVjPX89G+TYZeUpWhFPQXLqFA+SbMbgcEoX
	DHwGRtWuP5o+1xl5AhfJ3XXrEZ0uiK2M6bTfE//rrsVg1BCxcmIx/j4Ck9SaUw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SwvK50vbLzdCs;
	Thu, 21 Dec 2023 15:21:13 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLFLDVX043359;
	Thu, 21 Dec 2023 15:21:13 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLFLDS7043356;
	Thu, 21 Dec 2023 15:21:13 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 15:21:13 GMT
Message-Id: <202312211521.3BLFLDS7043356@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Konstantin Belousov <kib@FreeBSD.org>
Subject: git: 98693e7a99c4 - stable/13 - libc: correct some memory
  leaks in acl_to_text(3) and acl_to_text_np(3)
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kib
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 98693e7a99c489e7f095c3600c974b0f61a060f1
Auto-Submitted: auto-generated

The branch stable/13 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=98693e7a99c489e7f095c3600c974b0f61a060f1

commit 98693e7a99c489e7f095c3600c974b0f61a060f1
Author:     Peter Eriksson <pen@lysator.liu.se>
AuthorDate: 2023-12-17 22:03:13 +0000
Commit:     Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-12-21 15:20:39 +0000

    libc: correct some memory leaks in acl_to_text(3) and acl_to_text_np(3)
    
    PR:     275232
    
    (cherry picked from commit 7aa375dcc61e48cc56da45c9d5a11371693c8043)
---
 lib/libc/posix1e/acl_to_text_nfs4.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/libc/posix1e/acl_to_text_nfs4.c b/lib/libc/posix1e/acl_to_text_nfs4.c
index 522ebe3d4373..8a4783736aa6 100644
--- a/lib/libc/posix1e/acl_to_text_nfs4.c
+++ b/lib/libc/posix1e/acl_to_text_nfs4.c
@@ -73,6 +73,7 @@ format_who(char *str, size_t size, const acl_entry_t entry, int numeric)
 			snprintf(str, size, "user:%d", (unsigned int)*id);
 		else
 			snprintf(str, size, "user:%s", pwd->pw_name);
+		acl_free(id);
 		break;
 
 	case ACL_GROUP_OBJ:
@@ -92,6 +93,7 @@ format_who(char *str, size_t size, const acl_entry_t entry, int numeric)
 			snprintf(str, size, "group:%d", (unsigned int)*id);
 		else
 			snprintf(str, size, "group:%s", grp->gr_name);
+		acl_free(id);
 		break;
 
 	case ACL_EVERYONE:
@@ -158,6 +160,7 @@ format_additional_id(char *str, size_t size, const acl_entry_t entry)
 		if (id == NULL)
 			return (-1);
 		snprintf(str, size, ":%d", (unsigned int)*id);
+		acl_free(id);
 	}
 
 	return (0);

From nobody Thu Dec 21 18:17:45 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SwzDn3vV2z554v1;
	Thu, 21 Dec 2023 18:17:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SwzDn3S9Cz3Y4v;
	Thu, 21 Dec 2023 18:17:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703182665;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mSVagYTHvCGXKGwwsB5jyYxFnp29QffP9+7GRAegtCM=;
	b=RYb3rK6Mi8y708HjKPpFUhsJ3Dw1s3nMQRgzjl8D0RvT9t39Fq+nDMK7Bqq1E1ogDQbyJ+
	DtKIKzQ6tTioSAecrHVGEgp8v+cHiiRnifSjid8ESmE2cArFp1EvmTOLt2IcAsE469yBOt
	o3xp6xS90bJYK943CQVdj/TZ+wMMwdeobeWvOqyGqmMEMO0snji5PPdymviyuUHPb0bzxn
	LS/SfskO+0S8J3JP0DDKY0uHcvjHMJH9tl3+B89135zY623NyaoLHOlR6Ii3/pyyvEXcJP
	sfxVJLVbFt6t1AoMKJQqPEbTtjdNAXBk5EcqChBNxE6ojHP3TFO/SfRwWkqIVw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703182665; a=rsa-sha256; cv=none;
	b=odkKdC36/hdckJmVPtFP2o1Gtda2L/k8Qv4ZZL6U0RBBPCToeskpycz4bLJP1ZduDfIa6Y
	rWYDdmxiRnARLlrM7xpRCND+tbF135Cvx88VTYP4ip06P2d+A805edauBqBD7PHjz8ucXu
	M8llEMKhXb547IdtDM2ngrUVYNsep1igrOBtJyCGf8phsSmmLIImwhDfoqck+tIAbmic5s
	VdCQh+wI+5WaTfKkgm/CtMhNwKeV/tWgaHjYA6aNjSTcJailebGjAUserTVMTuG2LvxF1o
	1o4mCUPpWrzuKjUxv0CZRqYwfotM23rW0e2N6wldJx62NA9KMBynxYUjcNkF4Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703182665;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=mSVagYTHvCGXKGwwsB5jyYxFnp29QffP9+7GRAegtCM=;
	b=oMMBHJi2XCDEmvwm1Pgl30L+tjA1ur9jf2v9z5lHq25gBg91kdd1lN8EFRW7Je8U9RWlse
	dh4KUu7zzYskTAvTF88oJUCdtAvn6lDt1vfVfvC7H/YOMVaK9szGlQ+9Jg37EhJgDwYxcC
	l7s36SnqCNu0Qvr6d5dpiVlprV8O43JjSlM5QtOnbvJfbb+qcbrSqNzMU9GVVnGUjDPFKy
	3i1FiDSo4sB0CbsiCC1Lmqwe7CiKN1d5UzIhEYDT6alJ9EIz9ud0AK06DV7rIrixjR3QGY
	wlFc4QJN93uqKa31WmzNrJjToAnK892x6Xljd835DTyk327soKkYlc2AJiwomg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SwzDn2XBbzjsR;
	Thu, 21 Dec 2023 18:17:45 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLIHj7Y034081;
	Thu, 21 Dec 2023 18:17:45 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLIHjAt034078;
	Thu, 21 Dec 2023 18:17:45 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 18:17:45 GMT
Message-Id: <202312211817.3BLIHjAt034078@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Brooks Davis <brooks@FreeBSD.org>
Subject: git: 89ebe0ce1f53 - stable/14 - memfd_create: move
  implementation to libc/gen
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: brooks
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 89ebe0ce1f539ec7629a15e35f31eef956f1b603
Auto-Submitted: auto-generated

The branch stable/14 has been updated by brooks:

URL: https://cgit.FreeBSD.org/src/commit/?id=89ebe0ce1f539ec7629a15e35f31eef956f1b603

commit 89ebe0ce1f539ec7629a15e35f31eef956f1b603
Author:     Brooks Davis <brooks@FreeBSD.org>
AuthorDate: 2023-11-27 17:06:33 +0000
Commit:     Brooks Davis <brooks@FreeBSD.org>
CommitDate: 2023-12-21 18:13:18 +0000

    memfd_create: move implementation to libc/gen
    
    Due to memfd_create(3)'s construction of a path to pass to shm_open2(2),
    it has a much larger than typical dependency footprint for a system
    call wrapper (the list currently includes calloc, memset, sprintf, and
    strlen).  As such, split it off into its own file under libc/gen to
    lighten libc/sys's dependency list.
    
    Reviewed by:    kevans, imp, emaste
    Sponsored by:   DARPA
    Differential Revision:  https://reviews.freebsd.org/D42709
    
    (cherry picked from commit c3207e2d2554c8e36f9cf5950f8cd52a19fedfd5)
---
 lib/libc/gen/Makefile.inc   |   1 +
 lib/libc/gen/Symbol.map     |   1 +
 lib/libc/gen/memfd_create.c | 131 ++++++++++++++++++++++++++++++++++++++++++++
 lib/libc/sys/Symbol.map     |   1 -
 lib/libc/sys/shm_open.c     |  93 -------------------------------
 5 files changed, 133 insertions(+), 94 deletions(-)

diff --git a/lib/libc/gen/Makefile.inc b/lib/libc/gen/Makefile.inc
index 655843f03715..3a3aa41c7d59 100644
--- a/lib/libc/gen/Makefile.inc
+++ b/lib/libc/gen/Makefile.inc
@@ -102,6 +102,7 @@ SRCS+=	__getosreldate.c \
 	lockf.c \
 	lrand48.c \
 	memalign.c \
+	memfd_create.c \
 	mrand48.c \
 	nftw.c \
 	nftw-compat11.c \
diff --git a/lib/libc/gen/Symbol.map b/lib/libc/gen/Symbol.map
index 559c0252c338..b68d63b279f3 100644
--- a/lib/libc/gen/Symbol.map
+++ b/lib/libc/gen/Symbol.map
@@ -433,6 +433,7 @@ FBSD_1.6 {
 	eventfd_write;
 	getlogin_r;
 	memalign;
+	memfd_create;
 	pthread_getname_np;
 	scandir_b;
 	sigandset;
diff --git a/lib/libc/gen/memfd_create.c b/lib/libc/gen/memfd_create.c
new file mode 100644
index 000000000000..b26d638656a4
--- /dev/null
+++ b/lib/libc/gen/memfd_create.c
@@ -0,0 +1,131 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2019 Kyle Evans <kevans@FreeBSD.org>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice(s), this list of conditions and the following disclaimer as
+ *    the first lines of this file unmodified other than the possible
+ *    addition of one or more copyright notices.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice(s), this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER(S) ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <sys/param.h>
+#include <sys/filio.h>
+#include <sys/mman.h>
+
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "libc_private.h"
+
+#define	MEMFD_NAME_PREFIX	"memfd:"
+
+/*
+ * The path argument is passed to the kernel, but the kernel doesn't currently
+ * do anything with it.  Linux exposes it in linprocfs for debugging purposes
+ * only, but our kernel currently will not do the same.
+ */
+int
+memfd_create(const char *name, unsigned int flags)
+{
+	char memfd_name[NAME_MAX + 1];
+	size_t namelen, *pgs, pgsize;
+	struct shm_largepage_conf slc;
+	int error, fd, npgs, oflags, pgidx, saved_errno, shmflags;
+
+	if (name == NULL) {
+		errno = EBADF;
+		return (-1);
+	}
+	namelen = strlen(name);
+	if (namelen + sizeof(MEMFD_NAME_PREFIX) - 1 > NAME_MAX) {
+		errno = EINVAL;
+		return (-1);
+	}
+	if ((flags & ~(MFD_CLOEXEC | MFD_ALLOW_SEALING | MFD_HUGETLB |
+	    MFD_HUGE_MASK)) != 0) {
+		errno = EINVAL;
+		return (-1);
+	}
+	/* Size specified but no HUGETLB. */
+	if ((flags & MFD_HUGE_MASK) != 0 && (flags & MFD_HUGETLB) == 0) {
+		errno = EINVAL;
+		return (-1);
+	}
+
+	/* We've already validated that we're sufficiently sized. */
+	snprintf(memfd_name, NAME_MAX + 1, "%s%s", MEMFD_NAME_PREFIX, name);
+	oflags = O_RDWR;
+	shmflags = 0;
+	if ((flags & MFD_CLOEXEC) != 0)
+		oflags |= O_CLOEXEC;
+	if ((flags & MFD_ALLOW_SEALING) != 0)
+		shmflags |= SHM_ALLOW_SEALING;
+	if ((flags & MFD_HUGETLB) != 0)
+		shmflags |= SHM_LARGEPAGE;
+	else
+		shmflags |= SHM_GROW_ON_WRITE;
+	fd = __sys_shm_open2(SHM_ANON, oflags, 0, shmflags, memfd_name);
+	if (fd == -1 || (flags & MFD_HUGETLB) == 0)
+		return (fd);
+
+	pgs = NULL;
+	npgs = getpagesizes(NULL, 0);
+	if (npgs == -1)
+		goto clean;
+	pgs = calloc(npgs, sizeof(size_t));
+	if (pgs == NULL)
+		goto clean;
+	error = getpagesizes(pgs, npgs);
+	if (error == -1)
+		goto clean;
+	pgsize = (size_t)1 << ((flags & MFD_HUGE_MASK) >> MFD_HUGE_SHIFT);
+	for (pgidx = 0; pgidx < npgs; pgidx++) {
+		if (pgsize == pgs[pgidx])
+			break;
+	}
+	if (pgidx == npgs) {
+		errno = EOPNOTSUPP;
+		goto clean;
+	}
+	free(pgs);
+	pgs = NULL;
+
+	memset(&slc, 0, sizeof(slc));
+	slc.psind = pgidx;
+	slc.alloc_policy = SHM_LARGEPAGE_ALLOC_DEFAULT;
+	error = ioctl(fd, FIOSSHMLPGCNF, &slc);
+	if (error == -1)
+		goto clean;
+	return (fd);
+
+clean:
+	saved_errno = errno;
+	close(fd);
+	free(pgs);
+	errno = saved_errno;
+	return (-1);
+}
diff --git a/lib/libc/sys/Symbol.map b/lib/libc/sys/Symbol.map
index b59ec1858ffd..f17aae279b8d 100644
--- a/lib/libc/sys/Symbol.map
+++ b/lib/libc/sys/Symbol.map
@@ -409,7 +409,6 @@ FBSD_1.6 {
 	fhreadlink;
 	getfhat;
 	funlinkat;
-	memfd_create;
 	shm_create_largepage;
 	shm_rename;
 };
diff --git a/lib/libc/sys/shm_open.c b/lib/libc/sys/shm_open.c
index b2c1532133bf..eb3022c857b1 100644
--- a/lib/libc/sys/shm_open.c
+++ b/lib/libc/sys/shm_open.c
@@ -34,9 +34,6 @@
 
 #include <errno.h>
 #include <fcntl.h>
-#include <limits.h>
-#include <stdlib.h>
-#include <stdio.h>
 #include <string.h>
 #include <unistd.h>
 
@@ -45,12 +42,9 @@
 __weak_reference(shm_open, _shm_open);
 __weak_reference(shm_open, __sys_shm_open);
 
-#define	MEMFD_NAME_PREFIX	"memfd:"
-
 int
 shm_open(const char *path, int flags, mode_t mode)
 {
-
 	return (__sys_shm_open2(path, flags | O_CLOEXEC, mode, 0, NULL));
 }
 
@@ -77,90 +71,3 @@ shm_create_largepage(const char *path, int flags, int psind, int alloc_policy,
 	}
 	return (fd);
 }
-
-/*
- * The path argument is passed to the kernel, but the kernel doesn't currently
- * do anything with it.  Linux exposes it in linprocfs for debugging purposes
- * only, but our kernel currently will not do the same.
- */
-int
-memfd_create(const char *name, unsigned int flags)
-{
-	char memfd_name[NAME_MAX + 1];
-	size_t namelen, *pgs, pgsize;
-	struct shm_largepage_conf slc;
-	int error, fd, npgs, oflags, pgidx, saved_errno, shmflags;
-
-	if (name == NULL) {
-		errno = EBADF;
-		return (-1);
-	}
-	namelen = strlen(name);
-	if (namelen + sizeof(MEMFD_NAME_PREFIX) - 1 > NAME_MAX) {
-		errno = EINVAL;
-		return (-1);
-	}
-	if ((flags & ~(MFD_CLOEXEC | MFD_ALLOW_SEALING | MFD_HUGETLB |
-	    MFD_HUGE_MASK)) != 0) {
-		errno = EINVAL;
-		return (-1);
-	}
-	/* Size specified but no HUGETLB. */
-	if ((flags & MFD_HUGE_MASK) != 0 && (flags & MFD_HUGETLB) == 0) {
-		errno = EINVAL;
-		return (-1);
-	}
-
-	/* We've already validated that we're sufficiently sized. */
-	snprintf(memfd_name, NAME_MAX + 1, "%s%s", MEMFD_NAME_PREFIX, name);
-	oflags = O_RDWR;
-	shmflags = 0;
-	if ((flags & MFD_CLOEXEC) != 0)
-		oflags |= O_CLOEXEC;
-	if ((flags & MFD_ALLOW_SEALING) != 0)
-		shmflags |= SHM_ALLOW_SEALING;
-	if ((flags & MFD_HUGETLB) != 0)
-		shmflags |= SHM_LARGEPAGE;
-	else
-		shmflags |= SHM_GROW_ON_WRITE;
-	fd = __sys_shm_open2(SHM_ANON, oflags, 0, shmflags, memfd_name);
-	if (fd == -1 || (flags & MFD_HUGETLB) == 0)
-		return (fd);
-
-	pgs = NULL;
-	npgs = getpagesizes(NULL, 0);
-	if (npgs == -1)
-		goto clean;
-	pgs = calloc(npgs, sizeof(size_t));
-	if (pgs == NULL)
-		goto clean;
-	error = getpagesizes(pgs, npgs);
-	if (error == -1)
-		goto clean;
-	pgsize = (size_t)1 << ((flags & MFD_HUGE_MASK) >> MFD_HUGE_SHIFT);
-	for (pgidx = 0; pgidx < npgs; pgidx++) {
-		if (pgsize == pgs[pgidx])
-			break;
-	}
-	if (pgidx == npgs) {
-		errno = EOPNOTSUPP;
-		goto clean;
-	}
-	free(pgs);
-	pgs = NULL;
-
-	memset(&slc, 0, sizeof(slc));
-	slc.psind = pgidx;
-	slc.alloc_policy = SHM_LARGEPAGE_ALLOC_DEFAULT;
-	error = ioctl(fd, FIOSSHMLPGCNF, &slc);
-	if (error == -1)
-		goto clean;
-	return (fd);
-
-clean:
-	saved_errno = errno;
-	close(fd);
-	free(pgs);
-	errno = saved_errno;
-	return (-1);
-}

From nobody Thu Dec 21 18:17:46 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SwzDp6ccYz554s5;
	Thu, 21 Dec 2023 18:17:46 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SwzDp51myz3Y0Z;
	Thu, 21 Dec 2023 18:17:46 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703182666;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Hw2pCaq1JgPRImFfwnsEWbQN7kzpjlSYNwZdbV8QTJ0=;
	b=VJjxWjQZdm2UiQNQG1Rv4g1loqrV51JT8Rs82nfvFIOrHdYmkTFYckojI0E7nAVy7NLDbt
	M1TYmKGrQXTdUAnb8BtPFULF/MwZVko0FJ/fzawOX4HEmnxhV7sBzTlkAo9LDI7NvUIeRx
	vvzvIwepHrh/1tjbM5ppyJxDykfWMmA/h4zCCb0/kpkr4XebEvT8UZbcbZScNcIC+tRWzY
	Lb1X6t6jJecloud0lGvDYAOBsUffODiPbENT0Qa2q6rQmB1tDXZ3F78m5ZPH2MMi+ym6LC
	iVTrR4CRhqBnszOpm2MUXb/Nl+FEVpH3/F0o6UeJJlckEa/QDmmslZhiX6x3tA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703182666; a=rsa-sha256; cv=none;
	b=aao3iH+n0N3Bv95jNYqWpcTEPahfKQjo1V5kR6Qn4dBWW3fnE9asGZ9Ptz2H9w8pf6vaBl
	00UY86E/Z6xmKC4ARlgmqyOwyvE8yaVO5kK8nPgpy/8RDKaAWKa0lgSVsuBCYCRiEZvj5e
	Nm2lYQ+uqQ0Lr2HIk1WSRHPqjOS4PX6TPqX/hiZ4VOkMHxU67oVIieVNMUkD3dwD2w8adl
	+1Yl/f5UA5u2ZVtEWTBJpVrcCeo9POuVstrtS8/mgK1GGx+jgfA6GoIfJ966OfmNGfMk4x
	ye9lrRstOrzvu2p31f4DpSbIgxHTOvd/rHHpOjc1KccEbIwQUzEU3QXx0N/mhw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703182666;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Hw2pCaq1JgPRImFfwnsEWbQN7kzpjlSYNwZdbV8QTJ0=;
	b=WALKJmrQpI3bR/ZseBty/EmA2VUkD1e9Fd8LtSgJEbi8mYeyQSfqJEAAWLcw4ay/Z96B2B
	Ia9dck1VgsHRPbSvsxoSZA6cIWV5C8SoW3MZb1xDCYSzc+pTlFoI7ahpOFhoMxQY4Nc+Ud
	Gs8/gEeQtpPlrj0JlT1Openp6i0iibQOIGkOMJeBYh071DaJ2yH92KgGSiuS2Fzbhl3Qm6
	oVpgpzILvIp/9cBpOHEbiVT0YgcotGMbZSJrC7D9wvYAwMO0cjT8pU82gSbN+BUQCq72Sl
	0a98SyJdh0D1+Cf1RFkdpHyS6uKCaz40GAkgGM2Uj9zj6azV6Del1Z4FZFsdzw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SwzDp3nvqzjfC;
	Thu, 21 Dec 2023 18:17:46 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLIHkxj034127;
	Thu, 21 Dec 2023 18:17:46 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLIHklI034124;
	Thu, 21 Dec 2023 18:17:46 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 18:17:46 GMT
Message-Id: <202312211817.3BLIHklI034124@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Brooks Davis <brooks@FreeBSD.org>
Subject: git: c6e072f15c98 - stable/14 - memfd_create: don't allocate
  heap memory
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: brooks
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: c6e072f15c98097bdfb9583345f910220f97093e
Auto-Submitted: auto-generated

The branch stable/14 has been updated by brooks:

URL: https://cgit.FreeBSD.org/src/commit/?id=c6e072f15c98097bdfb9583345f910220f97093e

commit c6e072f15c98097bdfb9583345f910220f97093e
Author:     Brooks Davis <brooks@FreeBSD.org>
AuthorDate: 2023-11-27 17:07:06 +0000
Commit:     Brooks Davis <brooks@FreeBSD.org>
CommitDate: 2023-12-21 18:13:19 +0000

    memfd_create: don't allocate heap memory
    
    Rather than calling calloc() to allocate space for a page size array to
    pass to getpagesizes(), just follow the getpagesizes() implementation
    and allocate MAXPAGESIZES elements on the stack.  This avoids the need
    for the allocation.
    
    While this does mean that a new libc is required to take advantage of a
    new huge page size, that was already true due to getpagesizes() using a
    static buffer of MAXPAGESIZES elements.
    
    Reviewed by:    kevans, imp, emaste
    Sponsored by:   DARPA
    Differential Revision:  https://reviews.freebsd.org/D42710
    
    (cherry picked from commit c96772227b7dfcaf4eec4d07acb5c916643aca3a)
---
 lib/libc/gen/memfd_create.c | 16 +++-------------
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/lib/libc/gen/memfd_create.c b/lib/libc/gen/memfd_create.c
index b26d638656a4..78131f46d7b1 100644
--- a/lib/libc/gen/memfd_create.c
+++ b/lib/libc/gen/memfd_create.c
@@ -35,7 +35,6 @@
 #include <errno.h>
 #include <fcntl.h>
 #include <stdio.h>
-#include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 
@@ -52,7 +51,8 @@ int
 memfd_create(const char *name, unsigned int flags)
 {
 	char memfd_name[NAME_MAX + 1];
-	size_t namelen, *pgs, pgsize;
+	size_t pgs[MAXPAGESIZES];
+	size_t namelen, pgsize;
 	struct shm_largepage_conf slc;
 	int error, fd, npgs, oflags, pgidx, saved_errno, shmflags;
 
@@ -92,16 +92,9 @@ memfd_create(const char *name, unsigned int flags)
 	if (fd == -1 || (flags & MFD_HUGETLB) == 0)
 		return (fd);
 
-	pgs = NULL;
-	npgs = getpagesizes(NULL, 0);
+	npgs = getpagesizes(pgs, nitems(pgs));
 	if (npgs == -1)
 		goto clean;
-	pgs = calloc(npgs, sizeof(size_t));
-	if (pgs == NULL)
-		goto clean;
-	error = getpagesizes(pgs, npgs);
-	if (error == -1)
-		goto clean;
 	pgsize = (size_t)1 << ((flags & MFD_HUGE_MASK) >> MFD_HUGE_SHIFT);
 	for (pgidx = 0; pgidx < npgs; pgidx++) {
 		if (pgsize == pgs[pgidx])
@@ -111,8 +104,6 @@ memfd_create(const char *name, unsigned int flags)
 		errno = EOPNOTSUPP;
 		goto clean;
 	}
-	free(pgs);
-	pgs = NULL;
 
 	memset(&slc, 0, sizeof(slc));
 	slc.psind = pgidx;
@@ -125,7 +116,6 @@ memfd_create(const char *name, unsigned int flags)
 clean:
 	saved_errno = errno;
 	close(fd);
-	free(pgs);
 	errno = saved_errno;
 	return (-1);
 }

From nobody Thu Dec 21 18:42:28 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SwznJ6wKmz547Nv;
	Thu, 21 Dec 2023 18:42:28 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SwznJ6Tfzz3cM2;
	Thu, 21 Dec 2023 18:42:28 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703184148;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=lRjBitQrZB80/e/+hj/VlcCT9saeFYYo/7wum0pq/GY=;
	b=IVUOZ5KG0dScH9Y/RuwIamhBuzw/TGtPK8qZr3hE3PSqxETCnpU157to1Az0eMpMPd2jXY
	3+GLU0HppOfbbeKPCPgCFmwcJ+E2vwch+Vm1nzlrtnaLZiQebzfDw4jHKmVYvvqFoGx+j4
	w+n/A4CXEhuNrWgf5wPG6vD+6OzPzrXOAt1gPNeTrB4vraOL2zhExSrASefsNex+/uxCWo
	EoWNd1Z9WacOv59Qr3BYdayMWQk+58i6h+SfBp1XUVRrenrOoyjP3GoOVRbiq02v3Pfiw2
	CX0jnfGy2ybSVZcOfzVPHryE8N5WbWeWKIYby044D9tHvkX0psL4arHMYtYRQA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703184148; a=rsa-sha256; cv=none;
	b=DMjQ7XRvrOgmny66NDqprSgJuEHE1paG5EDGeUsJPRpokmhtkxdjkOqZRWHJI5j054UGHz
	+pij1NQkC/o71Lq6dDwSqpl02t+8a715hxOsIugnqxLKWxSvb9HpBXnBGL/rKMC4DDJFlV
	Zih6pOrQ626HCtUYi/7Yx3CFOW/K4LhqAVdMmgnEgA61X50rjsm83MoLjpLDxqCwTq75KK
	+67EP+vh1aJ6zM/wdPpjFOOvGcMrNS0FfodDWyr1GAQENNCI56wUM/WvwtWLxAPg1AJWmr
	HkK3oivn46ZsSfU7fkdN08Av3lzVT50c9Cd2BdYny1wJ/BG3SihhTAWeigEqiw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703184148;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=lRjBitQrZB80/e/+hj/VlcCT9saeFYYo/7wum0pq/GY=;
	b=tWypdW2/EuEEELjOSjwIFebnT9dDWAW0S+vO0OhikgFvK2uRUdvIGb496FOokOZpvduY85
	caN7HIUWI4+QEO6s+ZmBtt6bnf0a5fQx9frj6xeaipF0mAVMKF06eDR9VkzVDZjCQmS0zP
	jqMX6qJCYO2v7SmoZJI/fF//2Q/IOGaljG4z8DdBPB6QEH0wr2vlwnvsFEqL+LT/9LtC2S
	0xL5OOnAAgOu13tJ6Sf7MEKzMlqg99+lqtgf5iIq09HIJgaH1kMZl8zVs16Irv/9mB5/Ns
	0E5ozIkQjuuf6qs82VbEO/H8sGOWqS8F/LFpdLxt/Y24a6Vz3wxBySoNIJs5zg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SwznJ5Wptzkcy;
	Thu, 21 Dec 2023 18:42:28 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BLIgS6U083711;
	Thu, 21 Dec 2023 18:42:28 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BLIgSiF083708;
	Thu, 21 Dec 2023 18:42:28 GMT
	(envelope-from git)
Date: Thu, 21 Dec 2023 18:42:28 GMT
Message-Id: <202312211842.3BLIgSiF083708@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Gleb Smirnoff <glebius@FreeBSD.org>
Subject: git: 0084d0235649 - stable/13 - vtnet: don't leak pfil(9)
  data on detach
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: glebius
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 0084d02356494eb7a1b276ded9d37f3164a7248e
Auto-Submitted: auto-generated

The branch stable/13 has been updated by glebius:

URL: https://cgit.FreeBSD.org/src/commit/?id=0084d02356494eb7a1b276ded9d37f3164a7248e

commit 0084d02356494eb7a1b276ded9d37f3164a7248e
Author:     Gleb Smirnoff <glebius@FreeBSD.org>
AuthorDate: 2022-01-05 02:41:05 +0000
Commit:     Gleb Smirnoff <glebius@FreeBSD.org>
CommitDate: 2023-12-21 18:41:48 +0000

    vtnet: don't leak pfil(9) data on detach
    
    PR:             260667
    Submitted by:   <ghuckriede blackberry.com>
    
    (cherry picked from commit 3f6ab5493f4b89e7625dd31f807065cfae6c503d)
---
 sys/dev/virtio/network/if_vtnet.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/sys/dev/virtio/network/if_vtnet.c b/sys/dev/virtio/network/if_vtnet.c
index fc7634e9a821..9737e964a591 100644
--- a/sys/dev/virtio/network/if_vtnet.c
+++ b/sys/dev/virtio/network/if_vtnet.c
@@ -515,6 +515,11 @@ vtnet_detach(device_t dev)
 	netmap_detach(ifp);
 #endif
 
+	if (sc->vtnet_pfil != NULL) {
+		pfil_head_unregister(sc->vtnet_pfil);
+		sc->vtnet_pfil = NULL;
+	}
+
 	vtnet_free_taskqueues(sc);
 
 	if (sc->vtnet_vlan_attach != NULL) {

From nobody Fri Dec 22 20:44:57 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SxfS92Zvnz54Sc2;
	Fri, 22 Dec 2023 20:44:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SxfS92496z4Pxw;
	Fri, 22 Dec 2023 20:44:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703277897;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=pHba0lHy1AVrpW6Oe4c6nAIvvL1OzOoONubu8ZOG57w=;
	b=Of+vXXq0RyfplObhMPdwermufpSSam85UT7fa40ZMqhzOSlnpV+ZbB1RZ61CQiL8io3zXV
	Y/9C/ajCrtuwMRK/b+AvinKD6Q0dJ5nN2NZ7rcxgGvBOFH2m+gXABbETH5XDbOvuYGDbNF
	Y1GLrysHBE+8+1WVYT4QxVx5fSh2F1Er1pQxhbQoNtg2scjvMqRxk7j59chrOKLE/e3zy3
	s9PWIJYNxIYQY8wULpPK6qGlDQ5eASMx4vw7tcZCcpjY2qhEmX2Sp/XAcqsU4+fNdfXYg2
	qOTmhkpuJ3SGOJJXk4gU/OyefYmmF1pz+ZYfLLENRithyM3M6BbtAewNeeovjQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703277897; a=rsa-sha256; cv=none;
	b=KWfOEdrb7/p9iLam5bPczNYnPL8Ehjc37CpVJTihateWuEPY4dHd+W70sNC0gYC9gdpLoM
	KyGLH0QMW2zQQdTOz/MwC2jhlSwf5ybkuEegDCGFw5IamzPGsmbIvpS2nWsytuIBwy4UkP
	9KVvH0ODp8rhZpH5I0FE2eobTHs6kODp9sM2yhEXYAHzAGe99AC0pyxcb6jkUr8HhzpsuJ
	eIK+AYoB1alq2d84IDYiZgPPJ7X6lIofbq1cmSH1cp5+d0f1iwYKCJrwNweSCcJA7pHAby
	708mH9bCF+v6/f1UvlrdfS0NaRJF9pxZYYossgohSeQBeC8QwBQnZ+YWWxUg2g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703277897;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=pHba0lHy1AVrpW6Oe4c6nAIvvL1OzOoONubu8ZOG57w=;
	b=HYV71wpm1hll4K+kcZhz3/FcjbL1dy2GxGucvDU1wCB262SvKSQ1zakjvEmozL5Te7zLRH
	LJw1VRkLkixe7s3DvY5eGZ3wNTpVXCr+AqZzNB89mx07M9ymqMBuP1d16ZjIpMlg2SjFE5
	DtdyeYZufWPczdMoCcDE29+Nz4B8xjas4ksR++EkiFQPXAiXJNJiEwTjZLpJgh/f6o2I2c
	G344MEgaiKp1+sjBaI4uExLWj4sXRmcrWQG0KIoLGyYCvKJuLKvHC0DMI8ROn4TtWvJNwj
	6Cbz4lCmASHivNZ2PNFsL5BsgYK6SpGrGfHEgBrhYNkypgDA3PvlaBFwDJZ7/w==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SxfS9174FzXKp;
	Fri, 22 Dec 2023 20:44:57 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BMKivJv098207;
	Fri, 22 Dec 2023 20:44:57 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BMKiviA098204;
	Fri, 22 Dec 2023 20:44:57 GMT
	(envelope-from git)
Date: Fri, 22 Dec 2023 20:44:57 GMT
Message-Id: <202312222044.3BMKiviA098204@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Rick Macklem <rmacklem@FreeBSD.org>
Subject: git: e615bcd32171 - stable/14 - mountd: Add support for
  spaces in exported directories
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: rmacklem
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: e615bcd32171378fc4204fea2ea2cf97ec238213
Auto-Submitted: auto-generated

The branch stable/14 has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=e615bcd32171378fc4204fea2ea2cf97ec238213

commit e615bcd32171378fc4204fea2ea2cf97ec238213
Author:     Dan Mcgregor <dan.mcgregor_usask.ca>
AuthorDate: 2023-11-04 22:07:56 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2023-12-22 20:42:15 +0000

    mountd: Add support for spaces in exported directories
    
    The previous code would correctly parse strings including quotation
    marks (") or backslash (/), but the tests when creating the export
    includes them in the final string. This prevents exporting paths
    with embedded spaces, for example "/exports/with space". Trying
    results in log lines resembling:
    
    mountd[1337]: bad exports list line '/exports/with\ space':
        /exports/with\ space: lstat() failed: No such file or directory.
    
    Turns out that when creating its exports list, zfs escapes strings
    in a format compatible with vis(3). Since I expect that zfs sharenfs
    is the dominating use case for generating an exports list, use
    strunvis(3) to parse the export path. The result is lines like the
    following allowing spaces:
    
    /exports/with\040space -network 192.168.0 -mask 255.255.255.0
    
    A man page update will be done as a separate commit.
    
    (cherry picked from commit 7c5146da128688ba2bb6bdad5e98716087a47281)
---
 usr.sbin/mountd/mountd.c | 32 +++++++++++++++++++++++---------
 1 file changed, 23 insertions(+), 9 deletions(-)

diff --git a/usr.sbin/mountd/mountd.c b/usr.sbin/mountd/mountd.c
index 6602dbc09aa0..33c19a81a0cf 100644
--- a/usr.sbin/mountd/mountd.c
+++ b/usr.sbin/mountd/mountd.c
@@ -83,6 +83,7 @@ static char sccsid[] = "@(#)mountd.c	8.15 (Berkeley) 5/1/95";
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#include <vis.h>
 #include "pathnames.h"
 #include "mntopts.h"
 
@@ -1561,10 +1562,13 @@ get_exportlist_one(int passno)
 	char *err_msg = NULL;
 	int len, has_host, got_nondir, dirplen, netgrp;
 	uint64_t exflags;
+	char unvis_dir[PATH_MAX + 1];
+	int unvis_len;
 
 	v4root_phase = 0;
 	anon.cr_groups = NULL;
 	dirhead = (struct dirlist *)NULL;
+	unvis_dir[0] = '\0';
 	while (get_line()) {
 		if (debug)
 			warnx("got line %s", line);
@@ -1631,17 +1635,25 @@ get_exportlist_one(int passno)
 			} else if (*cp == '/') {
 			    savedc = *endcp;
 			    *endcp = '\0';
+			    unvis_len = strnunvis(unvis_dir, sizeof(unvis_dir),
+				cp);
+			    if (unvis_len <= 0) {
+				getexp_err(ep, tgrp, "Cannot strunvis "
+				    "decode dir");
+				goto nextline;
+			    }
 			    if (v4root_phase > 1) {
 				    if (dirp != NULL) {
 					getexp_err(ep, tgrp, "Multiple V4 dirs");
 					goto nextline;
 				    }
 			    }
-			    if (check_dirpath(cp, &err_msg) &&
-				check_statfs(cp, &fsb, &err_msg)) {
+			    if (check_dirpath(unvis_dir, &err_msg) &&
+				check_statfs(unvis_dir, &fsb, &err_msg)) {
 				if ((fsb.f_flags & MNT_AUTOMOUNTED) != 0)
 				    syslog(LOG_ERR, "Warning: exporting of "
-					"automounted fs %s not supported", cp);
+					"automounted fs %s not supported",
+					unvis_dir);
 				if (got_nondir) {
 				    getexp_err(ep, tgrp, "dirs must be first");
 				    goto nextline;
@@ -1652,16 +1664,17 @@ get_exportlist_one(int passno)
 					goto nextline;
 				    }
 				    if (strlen(v4root_dirpath) == 0) {
-					strlcpy(v4root_dirpath, cp,
+					strlcpy(v4root_dirpath, unvis_dir,
 					    sizeof (v4root_dirpath));
-				    } else if (strcmp(v4root_dirpath, cp)
+				    } else if (strcmp(v4root_dirpath, unvis_dir)
 					!= 0) {
 					syslog(LOG_ERR,
-					    "different V4 dirpath %s", cp);
+					    "different V4 dirpath %s",
+					    unvis_dir);
 					getexp_err(ep, tgrp, NULL);
 					goto nextline;
 				    }
-				    dirp = cp;
+				    dirp = unvis_dir;
 				    v4root_phase = 2;
 				    got_nondir = 1;
 				    ep = get_exp();
@@ -1699,8 +1712,9 @@ get_exportlist_one(int passno)
 				    /*
 				     * Add dirpath to export mount point.
 				     */
-				    dirp = add_expdir(&dirhead, cp, len);
-				    dirplen = len;
+				    dirp = add_expdir(&dirhead, unvis_dir,
+					unvis_len);
+				    dirplen = unvis_len;
 				}
 			    } else {
 				if (err_msg != NULL) {

From nobody Sat Dec 23 04:33:52 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SxrsD343Pz54xLy;
	Sat, 23 Dec 2023 04:33:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SxrsD2Qk7z3Sd6;
	Sat, 23 Dec 2023 04:33:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703306032;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=EEyOVsCxxNIC37Peb6lRnfAKQcYrRt5G/xm7G/3OSlQ=;
	b=cJ6p7WAg+c5o70s70U4pxY/IxXZE9S3N5M43DBvCU5aZTtlB+6TkYepyPsVUcEEETrIELe
	q3p3We0l2xuO3+u/MaJuErnh+9IjCowak8X+zFS4HONbTNMU712sRgrOLcxdYf4LdCPZnt
	hXaQ5jZxFp+kAhO5m6qo1EyzB3JqKkZgV0rFXwjl87ho9xT7VHnJ7rMYCpOAPaEaFDpZ0M
	JjOW6F5NATpsUnv3jXQMzaYmqWmtbuMA7Y01OsxLyFCd+ff8DtkNslMk0mHuascEXwcvPZ
	2nvfGzB10GvggpWwXKKAZnAL0UWr67ZeA4XL6PNdvSzISeUHth6/kugzzrDRyQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703306032; a=rsa-sha256; cv=none;
	b=CZK58YW0yG5mpeSWwDEm4m8OOhcO5UjU2upvxs5KqV55emgmjoFYkkELFYnJdGJ+Tjm0Et
	X/Te2NjVQOv7JympSJdBG4+QgcbPDaNHhadFPwNkFRn9mj5czjLlf4ITfIHkKzgX7sOlsG
	OO3n2BRMRZeFFsmSbtOWSNXvrVwUxm00x+j4oylJRakvlKwW0HHCX8UHZICEbD+59F4Vs4
	xMOk2jNycGjHOE3zgJNq+OUldM6ryNrtYBJP0f+d1JTAVC7UBqT86r+1aQIeLH4S9DG0gm
	DLjndsTX+VrV3IMM2G3NNx3/OWnfQIpKXHeGGA0Rvf1qQK5BAwriSo4n0Q8jtg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703306032;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=EEyOVsCxxNIC37Peb6lRnfAKQcYrRt5G/xm7G/3OSlQ=;
	b=jGhoNVoDpW1Qwmrl1VCGn9hn9XGEhg0C/y+JV+jX1pdIZdznXxAKs7fk/ZbwgLHiUzRpjz
	539YjXGa5VOjuF4ciT3NwUhRSbt4ri9J+LicYByuiNSSVVK4mbnO83yHggoFCSz0xjUbDE
	YJmobtDtN1IT1kaLlLWqiYTXzhkbfAcqsxKx2O22H+9l2PziehJKjlKsmiw6iYqgjEfAse
	5tyiNTrL6nskMotMRvbGA3zq1I25bUOYvfgkeugmk8j0CesJX/RRgs/JM/cCLHvuaUggUp
	HemGZ3Xenkz3HCiTx5xOzFytVj5mcNi474NJVAUgHTQnVYmeT1RpyEOo3ypvcQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SxrsD1WC2zlrV;
	Sat, 23 Dec 2023 04:33:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BN4XquC087718;
	Sat, 23 Dec 2023 04:33:52 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BN4Xqcg087715;
	Sat, 23 Dec 2023 04:33:52 GMT
	(envelope-from git)
Date: Sat, 23 Dec 2023 04:33:52 GMT
Message-Id: <202312230433.3BN4Xqcg087715@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Alexander Motin <mav@FreeBSD.org>
Subject: git: b65b88dc3af4 - stable/14 - vmstat: Make disks reporting
  some more reasonable
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mav
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: b65b88dc3af4282af18f04a8e2106bf98cf4c385
Auto-Submitted: auto-generated

The branch stable/14 has been updated by mav:

URL: https://cgit.FreeBSD.org/src/commit/?id=b65b88dc3af4282af18f04a8e2106bf98cf4c385

commit b65b88dc3af4282af18f04a8e2106bf98cf4c385
Author:     Alexander Motin <mav@FreeBSD.org>
AuthorDate: 2023-11-16 03:56:51 +0000
Commit:     Alexander Motin <mav@FreeBSD.org>
CommitDate: 2023-12-23 04:13:24 +0000

    vmstat: Make disks reporting some more reasonable
    
    MFC after:      1 month
    
    (cherry picked from commit 7b21c447fb7b761f094c3c2ce2e6d6e2c91c285c)
---
 usr.bin/vmstat/vmstat.c | 34 ++++++++++++++++++++--------------
 1 file changed, 20 insertions(+), 14 deletions(-)

diff --git a/usr.bin/vmstat/vmstat.c b/usr.bin/vmstat/vmstat.c
index fd161a3f93ee..c4fb7186363f 100644
--- a/usr.bin/vmstat/vmstat.c
+++ b/usr.bin/vmstat/vmstat.c
@@ -221,12 +221,13 @@ main(int argc, char *argv[])
 	memf = nlistf = NULL;
 	interval = reps = todo = 0;
 	maxshowdevs = 2;
-	hflag = isatty(1);
 
 	argc = xo_parse_args(argc, argv);
 	if (argc < 0)
 		return (argc);
 
+	hflag = (xo_get_style(NULL) == XO_STYLE_TEXT) && isatty(1);
+
 	while ((c = getopt(argc, argv, "ac:fhHiM:mN:n:oPp:sw:z")) != -1) {
 		switch (c) {
 		case 'a':
@@ -818,28 +819,30 @@ dovmstat(unsigned int interval, int reps)
 			    rate(sum.v_tfree - osum.v_tfree), 5, 0);
 			prthuman("scanned",
 			    rate(sum.v_pdpages - osum.v_pdpages), 5, 0);
-			xo_emit(" ");
 		} else {
 			xo_emit(" ");
 			xo_emit("{:freed/%5lu} ",
 			    rate(sum.v_tfree - osum.v_tfree));
-			xo_emit("{:scanned/%4lu} ",
+			xo_emit("{:scanned/%4lu}",
 			    rate(sum.v_pdpages - osum.v_pdpages));
 		}
 		xo_close_container("paging-rates");
 
 		devstats();
 		xo_open_container("fault-rates");
-		xo_emit("{:interrupts/%4lu}", rate(sum.v_intr - osum.v_intr));
 		if (hflag) {
+			prthuman("interrupts",
+			    rate(sum.v_intr - osum.v_intr), 5, 0);
 			prthuman("system-calls",
 			    rate(sum.v_syscall - osum.v_syscall), 5, 0);
 			prthuman("context-switches",
 			    rate(sum.v_swtch - osum.v_swtch), 5, 0);
 		} else {
 			xo_emit(" ");
-			xo_emit("{:system-calls/%5lu} "
+			xo_emit("{:interrupts/%4lu} "
+			    "{:system-calls/%5lu} "
 			    "{:context-switches/%5lu}",
+			    rate(sum.v_intr - osum.v_intr),
 			    rate(sum.v_syscall - osum.v_syscall),
 			    rate(sum.v_swtch - osum.v_swtch));
 		}
@@ -878,9 +881,9 @@ printhdr(int maxid, u_long cpumask)
 	else
 		xo_emit("{T:procs}     {T:memory}       {T:/page%*s}", 19, "");
 	if (num_shown > 1)
-		xo_emit("   {T:/disks %*s}  ", num_shown * 4 - 7, "");
+		xo_emit("   {T:/disks %*s}  ", num_shown * 5 - 7, "");
 	else if (num_shown == 1)
-		xo_emit("   {T:disks}");
+		xo_emit("   {T:disks} ");
 	xo_emit(" {T:faults}      ");
 	if (Pflag) {
 		for (i = 0; i <= maxid; i++) {
@@ -900,8 +903,7 @@ printhdr(int maxid, u_long cpumask)
 	for (i = 0; i < num_devices; i++)
 		if ((dev_select[i].selected) &&
 		    (dev_select[i].selected <= maxshowdevs))
-			xo_emit("{T:/%c%c%d} ", dev_select[i].device_name[0],
-			    dev_select[i].device_name[1],
+			xo_emit("{T:/%3.3s%d} ", dev_select[i].device_name,
 			    dev_select[i].unit_number);
 	xo_emit("  {T:in}   {T:sy}   {T:cs}");
 	if (Pflag) {
@@ -1154,11 +1156,15 @@ devstats(void)
 			xo_errx(1, "%s", devstat_errbuf);
 
 		xo_open_instance("device");
-		xo_emit("{ekq:name/%c%c%d}{:transfers/%3.0Lf} ",
-		    dev_select[dn].device_name[0],
-		    dev_select[dn].device_name[1],
-		    dev_select[dn].unit_number,
-		    transfers_per_second);
+		xo_emit("{ekq:name/%s%d}",
+		    dev_select[dn].device_name,
+		    dev_select[dn].unit_number);
+		if (hflag) {
+			prthuman("transfers", (uint64_t)transfers_per_second,
+			    5, HN_DIVISOR_1000);
+		} else {
+			xo_emit("{:transfers/%3.0Lf}", transfers_per_second);
+		}
 		xo_close_instance("device");
 	}
 	xo_close_list("device");

From nobody Sat Dec 23 04:33:53 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SxrsF4gN9z54x7k;
	Sat, 23 Dec 2023 04:33:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SxrsF3T4nz3Sg8;
	Sat, 23 Dec 2023 04:33:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703306033;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=evxagdjLyfMP0YqLUbYIQ98RzKlEeCnaJSMh+dgbXIY=;
	b=kyCiqmWC53zPDfrWwE8IRuHiiTOQpZvAy41I8IbZJ/6y8lgY5UOgjZ3Cb+9zxd6hx3RW1D
	d/3woyE6mqZWqCLqpMDLZqWxrkAuoqHCkdEva+OWd7OWUNjJdjOa65+8f3x80N6WXrAAIF
	BkOEw85sw7JaeQ31PLbcx5J+yYXBsTPCZFbD6tkU1LJOSWLcVZ44DYVFTFZHbU/4MLtVcA
	C35msOAW10NO01tss1GU/2V8HnBVe76NjsJ1O8gY8RGSY5CuUEi2UGQTuRWUDWT4WeZ9XE
	kytC70Y0Z4WSIdf9l6Hufaz5NYZK0b3qFMBMZnXHSoP+tXsYvoCgGMzXqFKQNA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703306033; a=rsa-sha256; cv=none;
	b=vBL4OnGOSbSqbf2FGO9i1f3Pz/PNwmQTM0kwk0HrS7pANTB8v+hgbWaWxdZhegXo7uJD2B
	sFDjn9cBXI2ktT8BahroyHBnolkTnIcyZsYY47DDOUQZi6u6ZtmfIsl6qmRYltc0TQd0GV
	L9A9OWsm7QqABsjTK3dlEfd6l9i4GYRbJW0Rk+rvibljMjXXefmBjuEnili1AGZZqXZfge
	kpeyH7kOcuJuylx5pam8YsYdrbLMB4ZsRdMZBV/ThiaHonK0WxTj9WXiJywEx9QA14hA+G
	mE/mp7zghhTuPMUR2QxpiiHMtXUjVqAdE27CSxjsp2O6hmf8mbF2ji5CwyWgwA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703306033;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=evxagdjLyfMP0YqLUbYIQ98RzKlEeCnaJSMh+dgbXIY=;
	b=BkJvI2DvJDG/LY+XfZ2c6R3Otq0KwB8EwRHIHrzLwxvNZUebZbAoqm+bEWHok8VocfVvxk
	oH8n+0UDPsK8rSoyvdzAjQuYBgQ6B4sDjZbwRqBv9Xt9OdABL6edhZ2/n6ZLmh02aBZ/Y6
	Li+MpNyf5ok7UstW3HoC7oC1khMShWxGCnu89YkTxfEuGA7w2BaPp4Uccl2dK4JxZFtjfa
	9jJS0SdRvCrvMXfvW99+a6K6V7LnISGWmauf1BaTtlfuLDP9zXeibpTIMbBlBOoiWLhWVS
	5QwLrjzH4qOaWSX+8n8pFd5rPP+fzXkqdj9hm+LeXuzcg0kcTK1kK1lpWBzeYw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SxrsF2XK8zm84;
	Sat, 23 Dec 2023 04:33:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BN4XrJn087766;
	Sat, 23 Dec 2023 04:33:53 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BN4XrkI087763;
	Sat, 23 Dec 2023 04:33:53 GMT
	(envelope-from git)
Date: Sat, 23 Dec 2023 04:33:53 GMT
Message-Id: <202312230433.3BN4XrkI087763@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Alexander Motin <mav@FreeBSD.org>
Subject: git: b0b4dedfa163 - stable/14 - vmstat: Improve -z formatting
  for large names/values
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mav
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: b0b4dedfa163623e8ab2c3f76480c7041ade2c2e
Auto-Submitted: auto-generated

The branch stable/14 has been updated by mav:

URL: https://cgit.FreeBSD.org/src/commit/?id=b0b4dedfa163623e8ab2c3f76480c7041ade2c2e

commit b0b4dedfa163623e8ab2c3f76480c7041ade2c2e
Author:     Alexander Motin <mav@FreeBSD.org>
AuthorDate: 2023-12-06 19:55:58 +0000
Commit:     Alexander Motin <mav@FreeBSD.org>
CommitDate: 2023-12-23 04:13:24 +0000

    vmstat: Improve -z formatting for large names/values
    
    MFC after:      2 weeks
    
    (cherry picked from commit 6f048e71304310db80a210d07cb3768de18589c8)
---
 usr.bin/vmstat/vmstat.c | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/usr.bin/vmstat/vmstat.c b/usr.bin/vmstat/vmstat.c
index c4fb7186363f..a72ba127f40c 100644
--- a/usr.bin/vmstat/vmstat.c
+++ b/usr.bin/vmstat/vmstat.c
@@ -1468,8 +1468,7 @@ domemstat_zone(void)
 {
 	struct memory_type_list *mtlp;
 	struct memory_type *mtp;
-	int error;
-	char name[MEMTYPE_MAXNAME + 1];
+	int error, len;
 
 	mtlp = memstat_mtl_alloc();
 	if (mtlp == NULL) {
@@ -1494,20 +1493,20 @@ domemstat_zone(void)
 		}
 	}
 	xo_open_container("memory-zone-statistics");
-	xo_emit("{T:/%-20s} {T:/%6s} {T:/%6s} {T:/%8s} {T:/%8s} {T:/%8s} {T:/%8s} "
-	    "{T:/%4s} {T:/%4s}\n", "ITEM", "SIZE",
-	    "LIMIT", "USED", "FREE", "REQ", "FAIL", "SLEEP", "XDOMAIN");
+	xo_emit("{T:/%-19s} {T:/%7s} {T:/%7s} {T:/%8s} {T:/%8s} {T:/%8s} "
+	    "{T:/%4s} {T:/%4s} {T:/%4s}\n", "ITEM", "SIZE",
+	    "LIMIT", "USED", "FREE", "REQ", "FAIL", "SLEEP", "XDOM");
 	xo_open_list("zone");
 	for (mtp = memstat_mtl_first(mtlp); mtp != NULL;
 	    mtp = memstat_mtl_next(mtp)) {
-		strlcpy(name, memstat_get_name(mtp), MEMTYPE_MAXNAME);
-		strcat(name, ":");
+		len = strlen(memstat_get_name(mtp));
 		xo_open_instance("zone");
-		xo_emit("{d:name/%-20s}{ke:name/%s} {:size/%6ju}, "
-		    "{:limit/%6ju},{:used/%8ju},"
+		xo_emit("{k:name/%s}:{d:size/%*ju}{e:size/%ju},"
+		    "{:limit/%7ju},{:used/%8ju},"
 		    "{:free/%8ju},{:requests/%8ju},"
-		    "{:fail/%4ju},{:sleep/%4ju},{:xdomain/%4ju}\n", name,
-		    memstat_get_name(mtp),
+		    "{:fail/%4ju},{:sleep/%4ju},{:xdomain/%4ju}\n",
+		    memstat_get_name(mtp), MAX(1, 26 - len),
+		    (uintmax_t)memstat_get_size(mtp),
 		    (uintmax_t)memstat_get_size(mtp),
 		    (uintmax_t)memstat_get_countlimit(mtp),
 		    (uintmax_t)memstat_get_count(mtp),

From nobody Sat Dec 23 04:33:54 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SxrsH16MJz54xGF;
	Sat, 23 Dec 2023 04:33:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SxrsG4SnJz3Swt;
	Sat, 23 Dec 2023 04:33:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703306034;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=HmtLWENQP3l2zNkdJhoT9ElXLD4JA2SlqwvcKBogRQg=;
	b=m4xJwnC8mwZVAEdSfNUT27/DpBjomJ7GAJRcU/4OYbLNEqKSP1HpivXWk4j+0V7oFD9H5Q
	ECUzZC1eF+cR0F3bjz0EphMRLMqYIgs0tWxB1RSrCSQZjk6jp03KkoqHUl+x8DQGDNsCaT
	kyo7qYz+jg0zOKIrEml/dxCrkyLey+YRJT4b1TiVm+mgOO2ZfrudjUgaC8ZMzLoamHn4Xv
	rpp5JLbPIOxXXpJQNejqDuVeA/xeKke1tz43q+ie+It1ucN90QH83/pcYvxKtEwT8/E/2F
	uHbAJb1iR7zyAqQfBT0JOES0xym4TQThoP1xaByb2smqXg0LqLFlx76nxRl28w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703306034; a=rsa-sha256; cv=none;
	b=JtrUdbjd3MfkI89AcUHVrRMeuash/2ZgUxpeekxgZ2C1AtcvlNO6fo4D+rnF3hzPYMDTFF
	Zw+hWqNf4wQGNtK237/Jyp73RJqEczDVRIXLvnGLFjA7Y0/nANmkG44UclcV+F/7vMArQC
	wcB6re+Ldz9S86lmJl/qa268vCFA0GkdFU5jhDsPTsPd/qJixKdeaSgU3cvkFwHeZR9d7c
	wLpEzCIOB6vSbS8C4VmL0dUUxb0nX27IdocupqkEcm6fdsABb2TWSJozIK11PCrfRNJalq
	+Mi6r8qx9+FmfFU/ifNsl4YBt2Fc+puhka03k1QLud37criHwYIsPiHD3LT4gg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703306034;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=HmtLWENQP3l2zNkdJhoT9ElXLD4JA2SlqwvcKBogRQg=;
	b=FdTrFjZ7oLR4C6iY+wkwZ17S0noUN5LMGNv72gKGfSdIaH1jJkFNdQsyZxyRWrbw/BJ2Hz
	wmzKSDBb3lKWPcIGDFPpDjJ5ZpLtUYFuvztMIGot6KzEtPXPIFJYXCgcejQz9b8XOrgy+z
	y6jXDoFmK1Mhjz89TE1TQJjYgLVcvSjZVSFHoLIGm+Y7HhSYTzpfxJNl+rI3uiPycVInb0
	Wd6DvGvQXqTGaqupQAzPXbdSgcGEaykWeZle+gzySD/Xlc2JOf5BhWB4dEXWI8J6bHIXtY
	mTFce9EXjgGngVw4q+A59BRpPnO9dOc3ge+GKbKm68NydoIDTqOTMxYD1EIfWw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SxrsG3Z2fzlpM;
	Sat, 23 Dec 2023 04:33:54 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BN4XsDm087814;
	Sat, 23 Dec 2023 04:33:54 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BN4XsTn087811;
	Sat, 23 Dec 2023 04:33:54 GMT
	(envelope-from git)
Date: Sat, 23 Dec 2023 04:33:54 GMT
Message-Id: <202312230433.3BN4XsTn087811@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Alexander Motin <mav@FreeBSD.org>
Subject: git: bf5635d594cb - stable/14 - vmstat: Let libxo properly
  humanize -m numbers
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mav
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: bf5635d594cb59d4ffe147600cfcc48ffec44916
Auto-Submitted: auto-generated

The branch stable/14 has been updated by mav:

URL: https://cgit.FreeBSD.org/src/commit/?id=bf5635d594cb59d4ffe147600cfcc48ffec44916

commit bf5635d594cb59d4ffe147600cfcc48ffec44916
Author:     Alexander Motin <mav@FreeBSD.org>
AuthorDate: 2023-12-07 04:08:45 +0000
Commit:     Alexander Motin <mav@FreeBSD.org>
CommitDate: 2023-12-23 04:13:24 +0000

    vmstat: Let libxo properly humanize -m numbers
    
    Raw numbers can be seen in json/xml or with --libxo=no-humanize.
    
    MFC after:      2 weeks
    
    (cherry picked from commit 598d1ac85e87d9312b9fd3266908ab6a6768edc6)
---
 usr.bin/vmstat/vmstat.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/usr.bin/vmstat/vmstat.c b/usr.bin/vmstat/vmstat.c
index a72ba127f40c..6ef718864886 100644
--- a/usr.bin/vmstat/vmstat.c
+++ b/usr.bin/vmstat/vmstat.c
@@ -1429,8 +1429,8 @@ domemstat_malloc(void)
 		}
 	}
 	xo_open_container("malloc-statistics");
-	xo_emit("{T:/%13s} {T:/%5s} {T:/%6s} {T:/%8s}  {T:Size(s)}\n",
-	    "Type", "InUse", "MemUse", "Requests");
+	xo_emit("{T:/%16s} {T:/%4s} {T:/%5s} {T:/%3s} {T:Size(s)}\n",
+	    "Type", "Use", "Memory", "Req");
 	xo_open_list("memory");
 	zones = memstat_malloc_zone_get_count();
 	for (mtp = memstat_mtl_first(mtlp); mtp != NULL;
@@ -1439,10 +1439,12 @@ domemstat_malloc(void)
 		    memstat_get_count(mtp) == 0)
 			continue;
 		xo_open_instance("memory");
-		xo_emit("{k:type/%13s/%s} {:in-use/%5ju} "
-		    "{:memory-use/%5ju}{U:K} {:requests/%8ju}  ",
+		xo_emit("{k:type/%16s/%s} "
+		    "{[:4}{h,hn-decimal,hn-1000:in-use/%ju}{]:} "
+		    "{[:5}{h,hn-decimal:memory-use/%ju}{]:} "
+		    "{[:4}{h,hn-decimal,hn-1000:requests/%ju}{]:} ",
 		    memstat_get_name(mtp), (uintmax_t)memstat_get_count(mtp),
-		    ((uintmax_t)memstat_get_bytes(mtp) + 1023) / 1024,
+		    (uintmax_t)memstat_get_bytes(mtp),
 		    (uintmax_t)memstat_get_numallocs(mtp));
 		first = 1;
 		xo_open_list("size");
@@ -1450,7 +1452,7 @@ domemstat_malloc(void)
 			if (memstat_malloc_zone_used(mtp, i)) {
 				if (!first)
 					xo_emit(",");
-				xo_emit("{l:size/%d}", memstat_malloc_zone_get_size(i));
+				xo_emit("{lh:size/%d}", memstat_malloc_zone_get_size(i));
 				first = 0;
 			}
 		}

From nobody Sat Dec 23 04:33:55 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SxrsH712Cz54x0D;
	Sat, 23 Dec 2023 04:33:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4SxrsH5d1Rz3Sx7;
	Sat, 23 Dec 2023 04:33:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703306035;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=s/DK6YAgBEe72QNdUqS1yeAwfJCfC870mMhqGzUt8ik=;
	b=AsFqBuK4VxVxGKq6+uVOkU2/qeNZeCHO9gvImGhykJs0yycjPQ6WgHmzPNwW4Aqv8/elJl
	sD0vnmyKNkejKY8thKSwTJv71W8iMzBTSybIvKSFUh4Kxjy+FNFxTApSMPJFyQYeZKFc5n
	hLpt64KLIzNYokAatRc9iPJOgJ1qkuqbDOl9JWzYjUoy+3+NSPli9klK4aWsfG3ZoDEdcZ
	OmV3xqqExLf3Gm1A5f0msqtOvt7l8GL2QUjtXM3Jzf9f7uk878QLtS5kKDMhPBYcfORtSp
	P3EQUGR/TC8kqasX7G1ofy5tinzyJ2Y7VOMq2Cpa56bq/rV1JE/4Wnsd+56iRg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703306035; a=rsa-sha256; cv=none;
	b=FFAaoZfisGSwyLzZJwhdxQ3Y9nCcJk4Vofl682nV/bL4eRgZePLWyKgFuUwyur8mpNrypt
	M87PkBxVvpZL9niVJ3si9yT9i+qFGAvrjUkSRimfuWRUxCtwfkqIaCcYJzNHIG/QSETh+i
	GiWu0I/7wbPU3UbuQuxofl54kWAzjEnmNX1Ceau37QZBN4ThQ65ghtn4ScijVg7FEaw2cs
	9IIiEX36xLkzzw5sFxdGxIP6mef8uWizLdbevwfHplbbnBTdOpmMLs+/WZB6skvD8rXbPH
	mZbKeH+B9t5Kr8H7SDUKjnU4He6q0cJPO1k+0yYr/fvCDFvAGgkfmEXqiW42eA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703306035;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=s/DK6YAgBEe72QNdUqS1yeAwfJCfC870mMhqGzUt8ik=;
	b=MUzXwiP6VHykPeIMiX1cWZB+79lpwrodU4FWIv8dbfziizzU33o5uRTHUPuv+pbiWVLlZ6
	61jhNX12foO33yMJiu31RK7KJi+WuQq7t33dRk4ocuRWGPN5PeULBApVCBPx+83snMKFDj
	5DEV29HmEI2HgK537V+XyBd76cEUfw0/EYHU7Xj7ut+iAvJfRfIsIjVvIV6uYqJHJZpUYQ
	em2ipvIEZfI/VneVW3qRPZNfRBNjU8CBz3GjVnsWbm7KN5hFHbZzUR7FTs4VSK+KOiEMIB
	KsfMglwTQAUNR8KPRC9kSEJCF6N5nZt9BU+uc+V0AnVPgrXo4fgDrkX2u3zSmw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SxrsH4dBHzlpN;
	Sat, 23 Dec 2023 04:33:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BN4Xt8V087862;
	Sat, 23 Dec 2023 04:33:55 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BN4XtvF087859;
	Sat, 23 Dec 2023 04:33:55 GMT
	(envelope-from git)
Date: Sat, 23 Dec 2023 04:33:55 GMT
Message-Id: <202312230433.3BN4XtvF087859@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Alexander Motin <mav@FreeBSD.org>
Subject: git: 473dc8e1ba2f - stable/14 - vmstat: Rely on libxo for
  numbers humanization
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mav
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 473dc8e1ba2fdcb080d1d3fccad72e97957ffc99
Auto-Submitted: auto-generated

The branch stable/14 has been updated by mav:

URL: https://cgit.FreeBSD.org/src/commit/?id=473dc8e1ba2fdcb080d1d3fccad72e97957ffc99

commit 473dc8e1ba2fdcb080d1d3fccad72e97957ffc99
Author:     Alexander Motin <mav@FreeBSD.org>
AuthorDate: 2023-12-08 02:21:35 +0000
Commit:     Alexander Motin <mav@FreeBSD.org>
CommitDate: 2023-12-23 04:13:24 +0000

    vmstat: Rely on libxo for numbers humanization
    
    This makes code cleaner, plus fixes such nonsense as humanized JSON
    and XML, making all numbers raw without quotes, spaces, suffixes, etc.
    
    MFC after:      2 weeks
    
    (cherry picked from commit 1f36ca5de596f7c2eb446df5b8e06877901d727a)
---
 usr.bin/vmstat/vmstat.c | 169 +++++++++++++++---------------------------------
 1 file changed, 52 insertions(+), 117 deletions(-)

diff --git a/usr.bin/vmstat/vmstat.c b/usr.bin/vmstat/vmstat.c
index 6ef718864886..48da1343a71c 100644
--- a/usr.bin/vmstat/vmstat.c
+++ b/usr.bin/vmstat/vmstat.c
@@ -226,7 +226,7 @@ main(int argc, char *argv[])
 	if (argc < 0)
 		return (argc);
 
-	hflag = (xo_get_style(NULL) == XO_STYLE_TEXT) && isatty(1);
+	hflag = isatty(1);
 
 	while ((c = getopt(argc, argv, "ac:fhHiM:mN:n:oPp:sw:z")) != -1) {
 		switch (c) {
@@ -295,6 +295,8 @@ main(int argc, char *argv[])
 	argv += optind;
 
 	xo_set_version(VMSTAT_XO_VERSION);
+	if (!hflag)
+		xo_set_options(NULL, "no-humanize");
 	if (todo == 0)
 		todo = VMSTAT;
 
@@ -639,23 +641,6 @@ getcpuinfo(u_long *maskp, int *maxidp)
 		*maxidp = maxid;
 }
 
-
-static void
-prthuman(const char *name, uint64_t val, int size, int flags)
-{
-	char buf[10];
-	char fmt[128];
-
-	snprintf(fmt, sizeof(fmt), "{:%s/%%*s}", name);
-
-	if (size < 5 || size > 9)
-		xo_errx(1, "doofus");
-	flags |= HN_NOSPACE | HN_DECIMAL;
-	humanize_number(buf, size, val, "", HN_AUTOSCALE, flags);
-	xo_attr("value", "%ju", (uintmax_t) val);
-	xo_emit(fmt, size, buf);
-}
-
 static void
 dovmstat(unsigned int interval, int reps)
 {
@@ -782,27 +767,13 @@ dovmstat(unsigned int interval, int reps)
 		    total.t_pw, total.t_sw);
 		xo_close_container("processes");
 		xo_open_container("memory");
-#define vmstat_pgtok(a) ((uintmax_t)(a) * (sum.v_page_size >> 10))
 #define	rate(x)	(unsigned long)(((x) * rate_adj + halfuptime) / uptime)
-		if (hflag) {
-			prthuman("available-memory",
-			    total.t_avm * (uint64_t)sum.v_page_size, 5, HN_B);
-			prthuman("free-memory",
-			    total.t_free * (uint64_t)sum.v_page_size, 5, HN_B);
-			prthuman("total-page-faults",
-			    rate(sum.v_vm_faults - osum.v_vm_faults), 5, 0);
-			xo_emit(" ");
-		} else {
-			xo_emit(" ");
-			xo_emit("{:available-memory/%7ju}",
-			    vmstat_pgtok(total.t_avm));
-			xo_emit(" ");
-			xo_emit("{:free-memory/%7ju}",
-			    vmstat_pgtok(total.t_free));
-			xo_emit(" ");
-			xo_emit("{:total-page-faults/%5lu} ",
-			    rate(sum.v_vm_faults - osum.v_vm_faults));
-		}
+		xo_emit(" {[:4}{h,hn-decimal:available-memory/%ju}{]:}",
+		    (uintmax_t)total.t_avm * sum.v_page_size);
+		xo_emit(" {[:4}{h,hn-decimal:free-memory/%ju}{]:}",
+		    (uintmax_t)total.t_free * sum.v_page_size);
+		xo_emit(" {[:4}{h,hn-decimal,hn-1000:total-page-faults/%lu}{]:} ",
+		    rate(sum.v_vm_faults - osum.v_vm_faults));
 		xo_close_container("memory");
 
 		xo_open_container("paging-rates");
@@ -814,38 +785,20 @@ dovmstat(unsigned int interval, int reps)
 		xo_emit("{:paged-out/%3lu}",
 		    rate(sum.v_swapout + sum.v_vnodeout -
 		    (osum.v_swapout + osum.v_vnodeout)));
-		if (hflag) {
-			prthuman("freed",
-			    rate(sum.v_tfree - osum.v_tfree), 5, 0);
-			prthuman("scanned",
-			    rate(sum.v_pdpages - osum.v_pdpages), 5, 0);
-		} else {
-			xo_emit(" ");
-			xo_emit("{:freed/%5lu} ",
-			    rate(sum.v_tfree - osum.v_tfree));
-			xo_emit("{:scanned/%4lu}",
-			    rate(sum.v_pdpages - osum.v_pdpages));
-		}
+		xo_emit(" {[:4}{h,hn-decimal,hn-1000:freed/%lu}{]:}",
+		    rate(sum.v_tfree - osum.v_tfree));
+		xo_emit(" {[:4}{h,hn-decimal,hn-1000:scanned/%lu}{]:}",
+		    rate(sum.v_pdpages - osum.v_pdpages));
 		xo_close_container("paging-rates");
 
 		devstats();
 		xo_open_container("fault-rates");
-		if (hflag) {
-			prthuman("interrupts",
-			    rate(sum.v_intr - osum.v_intr), 5, 0);
-			prthuman("system-calls",
-			    rate(sum.v_syscall - osum.v_syscall), 5, 0);
-			prthuman("context-switches",
-			    rate(sum.v_swtch - osum.v_swtch), 5, 0);
-		} else {
-			xo_emit(" ");
-			xo_emit("{:interrupts/%4lu} "
-			    "{:system-calls/%5lu} "
-			    "{:context-switches/%5lu}",
-			    rate(sum.v_intr - osum.v_intr),
-			    rate(sum.v_syscall - osum.v_syscall),
-			    rate(sum.v_swtch - osum.v_swtch));
-		}
+		xo_emit(" {[:4}{h,hn-decimal,hn-1000:interrupts/%lu}{]:}"
+		    " {[:4}{h,hn-decimal,hn-1000:system-calls/%lu}{]:}"
+		    " {[:4}{h,hn-decimal,hn-1000:context-switches/%lu}{]:}",
+		    rate(sum.v_intr - osum.v_intr),
+		    rate(sum.v_syscall - osum.v_syscall),
+		    rate(sum.v_swtch - osum.v_swtch));
 		xo_close_container("fault-rates");
 		if (Pflag)
 			pcpustats(cpumask, maxid);
@@ -876,10 +829,7 @@ printhdr(int maxid, u_long cpumask)
 	int i, num_shown;
 
 	num_shown = MIN(num_selected, maxshowdevs);
-	if (hflag)
-		xo_emit(" {T:procs}    {T:memory}    {T:/page%*s}", 19, "");
-	else
-		xo_emit("{T:procs}     {T:memory}       {T:/page%*s}", 19, "");
+	xo_emit(" {T:procs}    {T:memory}    {T:/page%*s}", 19, "");
 	if (num_shown > 1)
 		xo_emit("   {T:/disks %*s}  ", num_shown * 5 - 7, "");
 	else if (num_shown == 1)
@@ -893,13 +843,8 @@ printhdr(int maxid, u_long cpumask)
 		xo_emit("\n");
 	} else
 		xo_emit(" {T:cpu}\n");
-	if (hflag) {
-		xo_emit(" {T:r}  {T:b}  {T:w}  {T:avm}  {T:fre}  {T:flt}  {T:re}"
-		    "  {T:pi}  {T:po}   {T:fr}   {T:sr} ");
-	} else {
-		xo_emit("{T:r} {T:b} {T:w}     {T:avm}     {T:fre}  {T:flt}  "
-		    "{T:re}  {T:pi}  {T:po}    {T:fr}   {T:sr} ");
-	}
+	xo_emit(" {T:r}  {T:b}  {T:w}  {T:avm}  {T:fre}  {T:flt}  {T:re}"
+	    "  {T:pi}  {T:po}   {T:fr}   {T:sr} ");
 	for (i = 0; i < num_devices; i++)
 		if ((dev_select[i].selected) &&
 		    (dev_select[i].selected <= maxshowdevs))
@@ -1159,64 +1104,53 @@ devstats(void)
 		xo_emit("{ekq:name/%s%d}",
 		    dev_select[dn].device_name,
 		    dev_select[dn].unit_number);
-		if (hflag) {
-			prthuman("transfers", (uint64_t)transfers_per_second,
-			    5, HN_DIVISOR_1000);
-		} else {
-			xo_emit("{:transfers/%3.0Lf}", transfers_per_second);
-		}
+		xo_emit("{[:5}{h,hn-decimal,hn-1000:transfers/%ju}{]:}",
+		    (uintmax_t)transfers_per_second);
 		xo_close_instance("device");
 	}
 	xo_close_list("device");
 }
 
 static void
-percent(const char *name, double pctv, int *over)
+percent(const char *name, long pctv, int *over)
 {
-	int l;
-	char buf[10];
-	char fmt[128];
-
-	snprintf(fmt, sizeof(fmt), " {:%s/%%*s}", name);
-	l = snprintf(buf, sizeof(buf), "%.0f", pctv);
-	if (l == 1 && *over) {
-		xo_emit(fmt, 1, buf);
+	char fmt[64];
+
+	snprintf(fmt, sizeof(fmt), " {:%s/%%%ulld/%%lld}", name,
+	    (*over && pctv <= 9) ? 1 : 2);
+	xo_emit(fmt, pctv);
+	if (*over && pctv <= 9)
 		(*over)--;
-	} else
-		xo_emit(fmt, 2, buf);
-	if (l > 2)
+	else if (pctv >= 100)
 		(*over)++;
 }
 
 static void
 cpustats(void)
 {
-	double lpct, total;
+	long total;
 	int state, over;
 
 	total = 0;
 	for (state = 0; state < CPUSTATES; ++state)
 		total += cur.cp_time[state];
-	if (total > 0)
-		lpct = 100.0 / total;
-	else
-		lpct = 0.0;
+	if (total == 0)
+		total = 1;
 	over = 0;
 	xo_open_container("cpu-statistics");
-	percent("user", (cur.cp_time[CP_USER] + cur.cp_time[CP_NICE]) * lpct,
-	    &over);
-	percent("system", (cur.cp_time[CP_SYS] + cur.cp_time[CP_INTR]) * lpct,
-	    &over);
-	percent("idle", cur.cp_time[CP_IDLE] * lpct, &over);
+	percent("user", 100LL * (cur.cp_time[CP_USER] + cur.cp_time[CP_NICE]) /
+	    total, &over);
+	percent("system", 100LL * (cur.cp_time[CP_SYS] + cur.cp_time[CP_INTR]) /
+	    total, &over);
+	percent("idle", 100LL * cur.cp_time[CP_IDLE] / total, &over);
 	xo_close_container("cpu-statistics");
 }
 
 static void
 pcpustats(u_long cpumask, int maxid)
 {
-	double lpct, total;
-	long tmp;
-	int i, over, state;
+	long tmp, total;
+	int i, state, over;
 
 	/* devstats does this for cp_time */
 	for (i = 0; i <= maxid; i++) {
@@ -1240,15 +1174,16 @@ pcpustats(u_long cpumask, int maxid)
 		total = 0;
 		for (state = 0; state < CPUSTATES; ++state)
 			total += cur_cp_times[i * CPUSTATES + state];
-		if (total)
-			lpct = 100.0 / total;
-		else
-			lpct = 0.0;
-		percent("user", (cur_cp_times[i * CPUSTATES + CP_USER] +
-		    cur_cp_times[i * CPUSTATES + CP_NICE]) * lpct, &over);
-		percent("system", (cur_cp_times[i * CPUSTATES + CP_SYS] +
-		    cur_cp_times[i * CPUSTATES + CP_INTR]) * lpct, &over);
-		percent("idle", cur_cp_times[i * CPUSTATES + CP_IDLE] * lpct,
+		if (total == 0)
+			total = 1;
+		percent("user",
+		    100LL * (cur_cp_times[i * CPUSTATES + CP_USER] +
+		    cur_cp_times[i * CPUSTATES + CP_NICE]) / total, &over);
+		percent("system",
+		    100LL * (cur_cp_times[i * CPUSTATES + CP_SYS] +
+		    cur_cp_times[i * CPUSTATES + CP_INTR]) / total, &over);
+		percent("idle",
+		    100LL * cur_cp_times[i * CPUSTATES + CP_IDLE] / total,
 		    &over);
 		xo_close_instance("cpu");
 	}

From nobody Sat Dec 23 04:37:43 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sxrxg6LGGz54xKR;
	Sat, 23 Dec 2023 04:37:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sxrxg4k2mz3Tl8;
	Sat, 23 Dec 2023 04:37:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703306263;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=jvDsm3yFQNrZGk5ZJMOc/rvxqLsUVqbfMNgsi0IuQ6o=;
	b=WGfpqD2xswCSRrU0yX3QHOo5p8MDmI502/M1IMw8EzzrOcUZ9M3vDKWIwVH0C/SDcqgm4K
	oTVGhpsSOiIXUhRJuoaqN+oxwNs/0PogFtwGYzmRDqPEczpojZQeuRmxfMPlMWYmmibwVE
	76pAtGif73k/dXAq74a1ThhUjjml9DkFmNQiwOK5ixuYvHAUNFd5kfcvBN8exShS7h76gI
	8p94DP8+VmCwScbpFzzRsyznDBI+bzyJsOjN6Tl8jnY2bLQGQ1e+yqia+OgKxwDEUAV0ng
	1i23y+fCPvP6kTRmjqun+gzX2ICoZy2zzBJ8hA2ZvKqLVCpChzKrYW0K9RV7AA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703306263; a=rsa-sha256; cv=none;
	b=fysj+Gu5avE2uHeURhzZs46PTLPLQ8wV9TGI+liw2yIXCGjz+ZGJFX07v++mV4/0Q+PokN
	xJWRHNS+WiK14e4nptRoDMGSlxhC1Q6Sd3Kq2jVMmOSRWZCaypjqwLP/x7NICYmo/NoW2F
	CSXDs+T3+TqW24hSiRTH+zbFhZ7KbBxc/6fCBlUkJSRDDe5jJRfZJLKGUUws6esRHpXAuq
	kMzzRIUJ4ucb+ABLzFTgYCxJrKPBogGsRz0hEu56zEaxuJCdNh6r7xrYrx2Mx428ZItion
	Hzq3jmPegffq9p1/DrCR4wobiBSpllYnScc11dZ8GTA1bh0UKoeN6TlTSdNAYw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703306263;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=jvDsm3yFQNrZGk5ZJMOc/rvxqLsUVqbfMNgsi0IuQ6o=;
	b=bleNE4Blw4Lcpjc+sAEMxpB6nUE1HpEJlXeL6JWdP6Ym9s1nAgXDk06pNawEI8cdI1uApn
	aH2bqTN89hs8whXJY7h/d8ypq5HxpnzQozNJAf4/1UY54teBbI7Ps/+l6bGmRuOsvIP1el
	XtPq6wBERxVrPIxyR6Z/tswwFRIb375pn8MvQWiY+6VabgLRBDWk6Wchr5OYkKvbBxAKcr
	bnW18tGO0OE3lNy1l9DRyReSfKBXbkV1h5SqNUtZDCIuo5Gw4D4gTJIcJaupPg6DZWjNCr
	Lk/tL5OnI7VTaXNu7s044dOECocLCwKtwxB/DJKwVB4fNgkixatApGhGe4rppA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sxrxg3nSZzm5b;
	Sat, 23 Dec 2023 04:37:43 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BN4bhsa088496;
	Sat, 23 Dec 2023 04:37:43 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BN4bhLp088493;
	Sat, 23 Dec 2023 04:37:43 GMT
	(envelope-from git)
Date: Sat, 23 Dec 2023 04:37:43 GMT
Message-Id: <202312230437.3BN4bhLp088493@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Alexander Motin <mav@FreeBSD.org>
Subject: git: 129c3aa4b231 - stable/14 - Use xpt_path_sbuf() in few
  drivers
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mav
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 129c3aa4b2312e3e2d91e5688a4368fc3836db98
Auto-Submitted: auto-generated

The branch stable/14 has been updated by mav:

URL: https://cgit.FreeBSD.org/src/commit/?id=129c3aa4b2312e3e2d91e5688a4368fc3836db98

commit 129c3aa4b2312e3e2d91e5688a4368fc3836db98
Author:     Alexander Motin <mav@FreeBSD.org>
AuthorDate: 2023-11-23 16:25:45 +0000
Commit:     Alexander Motin <mav@FreeBSD.org>
CommitDate: 2023-12-23 04:36:56 +0000

    Use xpt_path_sbuf() in few drivers
    
    xpt_path_string() is now a wrapper around xpt_path_sbuf().  Using it
    to than concatenate result to another sbuf makes no sense.  Just call
    xpt_path_sbuf() directly.
    
    MFC after:      1 month
    
    (cherry picked from commit 8c4ee0b22c98fc1e208dd133f617bd329cd10728)
---
 sys/dev/mpr/mpr_sas.c             | 5 +----
 sys/dev/mps/mps_sas.c             | 5 +----
 sys/dev/virtio/scsi/virtio_scsi.c | 4 +---
 3 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/sys/dev/mpr/mpr_sas.c b/sys/dev/mpr/mpr_sas.c
index 9d83162723ae..048b3cb7a53d 100644
--- a/sys/dev/mpr/mpr_sas.c
+++ b/sys/dev/mpr/mpr_sas.c
@@ -304,7 +304,6 @@ mprsas_log_command(struct mpr_command *cm, u_int level, const char *fmt, ...)
 	struct sbuf sb;
 	va_list ap;
 	char str[224];
-	char path_str[64];
 
 	if (cm == NULL)
 		return;
@@ -318,9 +317,7 @@ mprsas_log_command(struct mpr_command *cm, u_int level, const char *fmt, ...)
 	va_start(ap, fmt);
 
 	if (cm->cm_ccb != NULL) {
-		xpt_path_string(cm->cm_ccb->csio.ccb_h.path, path_str,
-		    sizeof(path_str));
-		sbuf_cat(&sb, path_str);
+		xpt_path_sbuf(cm->cm_ccb->csio.ccb_h.path, &sb);
 		if (cm->cm_ccb->ccb_h.func_code == XPT_SCSI_IO) {
 			scsi_command_string(&cm->cm_ccb->csio, &sb);
 			sbuf_printf(&sb, "length %d ",
diff --git a/sys/dev/mps/mps_sas.c b/sys/dev/mps/mps_sas.c
index 6a5b2f5d90f3..3cf29aa4e893 100644
--- a/sys/dev/mps/mps_sas.c
+++ b/sys/dev/mps/mps_sas.c
@@ -295,7 +295,6 @@ mpssas_log_command(struct mps_command *cm, u_int level, const char *fmt, ...)
 	struct sbuf sb;
 	va_list ap;
 	char str[224];
-	char path_str[64];
 
 	if (cm == NULL)
 		return;
@@ -309,9 +308,7 @@ mpssas_log_command(struct mps_command *cm, u_int level, const char *fmt, ...)
 	va_start(ap, fmt);
 
 	if (cm->cm_ccb != NULL) {
-		xpt_path_string(cm->cm_ccb->csio.ccb_h.path, path_str,
-				sizeof(path_str));
-		sbuf_cat(&sb, path_str);
+		xpt_path_sbuf(cm->cm_ccb->csio.ccb_h.path, &sb);
 		if (cm->cm_ccb->ccb_h.func_code == XPT_SCSI_IO) {
 			scsi_command_string(&cm->cm_ccb->csio, &sb);
 			sbuf_printf(&sb, "length %d ",
diff --git a/sys/dev/virtio/scsi/virtio_scsi.c b/sys/dev/virtio/scsi/virtio_scsi.c
index 0355962c7af9..163def248065 100644
--- a/sys/dev/virtio/scsi/virtio_scsi.c
+++ b/sys/dev/virtio/scsi/virtio_scsi.c
@@ -2336,7 +2336,6 @@ vtscsi_printf_req(struct vtscsi_request *req, const char *func,
 	struct sbuf sb;
 	va_list ap;
 	char str[192];
-	char path_str[64];
 
 	if (req == NULL)
 		return;
@@ -2352,8 +2351,7 @@ vtscsi_printf_req(struct vtscsi_request *req, const char *func,
 		    cam_sim_name(sc->vtscsi_sim), cam_sim_unit(sc->vtscsi_sim),
 		    cam_sim_bus(sc->vtscsi_sim));
 	} else {
-		xpt_path_string(ccb->ccb_h.path, path_str, sizeof(path_str));
-		sbuf_cat(&sb, path_str);
+		xpt_path_sbuf(ccb->ccb_h.path, &sb);
 		if (ccb->ccb_h.func_code == XPT_SCSI_IO) {
 			scsi_command_string(&ccb->csio, &sb);
 			sbuf_printf(&sb, "length %d ", ccb->csio.dxfer_len);

From nobody Sat Dec 23 09:50:39 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sxztm3drSz54H58;
	Sat, 23 Dec 2023 09:50:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sxztm22XZz4P54;
	Sat, 23 Dec 2023 09:50:40 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703325040;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=fcjMgJBi043Tl/PYzyyKqafUgdnYoKhalNllGna22UM=;
	b=V/H9vr0agg1moAUUmWJL4J/09a1NGMcmamZeFE3h56tznC1o6EqSIzWAeJjXLbXe6RxTLP
	nbPtsPuiDleQZvOB4UDB5sM0Vt6y8Ie+PRCLPs1HkDzEeI2LhV+KpodASyppnr2x3IJJ7T
	XtgQY5JAh5oUMcJuhUWQkoaMzncrqbr5Etn61xMMqUEy3KaSGv0THGs+dbG9cs1FfdudbR
	BdgyXTJv0UlrVmyRmyC/GXMtcUCrM3vz4Vvqqs8U7OaO+7QddRJsNzFfv0oGrOu7q9iTSq
	MnPeo083Lay3MwrQ3Evm+YMxAoKzAy6h326tphZ9LvASB46NcUC1uoXJO+T2GA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703325040; a=rsa-sha256; cv=none;
	b=OFEa5cbQ2jBhaMEtPErEicjxYYZq26Od3iQFNKbUi+XyJkwi+pCEzlkEiJGCOt9cIx7dyz
	E5nVylm8eZbOgpn6KzvsoBzKIFIp1ClRxe0KqDFP6Qh7B4YLHOpwBOT5wFScihQtg7/TXa
	0mwUY13lhO2643pZ17EqnKm/3MsgVK4LBYI0BTBNanK+5dLbhsXoeLUyLu9Sm7shk2vgK2
	C/7sfN9cQcx6QZgGJs6UxTh0qvrb94wsHkvbO2Zw90Wj4eRsHKZwDfw2ixJeCL/stEguMv
	DX9mM110swWs9pVe5xPHWxeyQEhHPIm2Y3nGChG+FdaVZO86TUQMb20GH8CSqA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703325040;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=fcjMgJBi043Tl/PYzyyKqafUgdnYoKhalNllGna22UM=;
	b=XfzgJ9oPvWdzl1joACIDr4bwjgT0nFlrPnKzeM+3XyQKp6hsPqQ7iuE4Ekty2+a/GpkZ8y
	G7wTmeTr7Ahw04Ze9ArqgKDg1UCcLkvgDGEG9RGi389w1C8zGm6PnNTNcD3vfCEfGMaIcT
	WLXtGmB6ZOhfH0Ci/xi+tolwTCEmKSqQBGHuNpsrnnpi/gpDGYXUY7xCZXmlIKRUgkGlMQ
	SlB6au8ytdlMCoDhgl39JbrpH2gCVvL65jt6Lv65As25eiTXgHFc7UVYSzWymdEysyBnN3
	2oR9m7Swhvp8Ox/fjCtRNy8D9WC0b5Kqzr2505h5J4AVfKMNgduH2j1BXhHauw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sxztl6rG2zvkR;
	Sat, 23 Dec 2023 09:50:39 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BN9odBJ015271;
	Sat, 23 Dec 2023 09:50:39 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BN9odKH015268;
	Sat, 23 Dec 2023 09:50:39 GMT
	(envelope-from git)
Date: Sat, 23 Dec 2023 09:50:39 GMT
Message-Id: <202312230950.3BN9odKH015268@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Gordon Bergling <gbe@FreeBSD.org>
Subject: git: c9b27b3dc047 - stable/14 - rtnetlink.4: Fix a typo
  in the manual pag
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gbe
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: c9b27b3dc047f20371e567dfe4354c1531cb7a8c
Auto-Submitted: auto-generated

The branch stable/14 has been updated by gbe:

URL: https://cgit.FreeBSD.org/src/commit/?id=c9b27b3dc047f20371e567dfe4354c1531cb7a8c

commit c9b27b3dc047f20371e567dfe4354c1531cb7a8c
Author:     Gordon Bergling <gbe@FreeBSD.org>
AuthorDate: 2023-12-20 09:06:08 +0000
Commit:     Gordon Bergling <gbe@FreeBSD.org>
CommitDate: 2023-12-23 09:50:25 +0000

    rtnetlink.4: Fix a typo in the manual pag
    
    - s/constists/consists/
    
    (cherry picked from commit fa826f64e1b7167dde2c3cb8cfc4df0d3e503542)
---
 share/man/man4/rtnetlink.4 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/share/man/man4/rtnetlink.4 b/share/man/man4/rtnetlink.4
index 95cfeea39f5b..720a9cc75ef2 100644
--- a/share/man/man4/rtnetlink.4
+++ b/share/man/man4/rtnetlink.4
@@ -236,7 +236,7 @@ Should be provided by userland at the nexthtop creation time.
 .It Dv NHA_GROUP
 This attribute designates the nexthtop group and contains all of its nexthtops
 and their relative weights.
-The attribute constists of a list of
+The attribute consists of a list of
 .Va nexthop_grp
 structures:
 .Bd -literal

From nobody Sat Dec 23 09:50:55 2023
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Sxzv407vYz54HYY;
	Sat, 23 Dec 2023 09:50:56 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Sxzv36l5Lz4P74;
	Sat, 23 Dec 2023 09:50:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1703325055;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=xh3cFCtzcW40GjfvKhntamyzIqXgELaQyUsxxrGBKI4=;
	b=QUA+tdtmNnuXPoeyJPEr5mHbGRXjZQtpV5XNZ9KBhLew2AXNmMQ9lEDYBo903MtHB1G66M
	Fb/StsOKNu6/1fuHF3hzVfboayqaRFEx5BnLVlQcYt/Rc/hGvEj5M3IqHw7L9XsYrVcuzT
	zheI7Zt5kzBSxmzNnLp9CfUy+Vhn4qeHlXszCHZsz3JwIYlZW8UPyrUJWXrf+2gbu+hTUc
	IR+AGoYR5xbncbtUu0nDv1avQZ+Vv2ThBNGNEKNdl3KilZA7QzWtTKg+wiLKERszhtptNq
	r2THyH7duDZS6nzXfKmiwgiyw7qiFGjcvbcDZMs0Z1OxdmlwxM99ZEuQRT10fQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703325055; a=rsa-sha256; cv=none;
	b=MutaDaE5IvpzEeLAqpnG6kZ1gSD+Wn6bK2WuqLgdeB880GcBGQoyIo9RWdKeWMhzsNMwc+
	idjojnwLpMqqVZmgfmTqchs1PlAYpekb0j2uDFWZO+R1gyyBxcceY8Hw8CDPnBthV58skI
	dqAcbK4M0QPw/MtW9PBFXm1IZuTSBnA9IGZwlttUXqwSiCW5aRyPvelTzQyu//5R6AmPhX
	t/gBgBKRcYEkFbsUltBWeWnCzndF2xukBBSwn1XHx3CCp+epN3u7/OinJ306xaoWIfT9RG
	5jhlOiUZItD3NcRzAjDkd3+8xQvVY/XQ7sQeDvi0kDbu868daerWFaZ8OHUKgw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1703325055;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=xh3cFCtzcW40GjfvKhntamyzIqXgELaQyUsxxrGBKI4=;
	b=vM4AQfpMzXASWOn16BofOkiaYjJ5hp9dYQPxfvjErqLeShTWa6MzwSec0d4FsuBJ7XyLM8
	9JNW1p8axDSUX2u6RKu74XKW+2mTGE8q673O9XPO0MYR7/Q3wGmEmRKiWgX8XyI5TN+pzm
	8wre+eGtH0p/Sq/gI41y+oyk8hfXACD4BaEAWHDO3/nbW54dfwtodMaxRix2RIbVB08Rer
	kpfXCTxxGbU25Hs8I2Nlh2hvfFZguEy922xzIZglSOCUBXFWlLXSzx2409/AZN2SJbc5tC
	YUbrKW991FhpTedhVN01Y4/hjaAv42cZXBAJtTMcCaPlSbB5bwlIJbpRgiacYw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Sxzv35nqxzv6Z;
	Sat, 23 Dec 2023 09:50:55 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BN9ot5r015453;
	Sat, 23 Dec 2023 09:50:55 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BN9ottu015450;
	Sat, 23 Dec 2023 09:50:55 GMT
	(envelope-from git)
Date: Sat, 23 Dec 2023 09:50:55 GMT
Message-Id: <202312230950.3BN9ottu015450@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Gordon Bergling <gbe@FreeBSD.org>
Subject: git: 03943195a95f - stable/13 - rtnetlink.4: Fix a typo
  in the manual pag
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: gbe
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 03943195a95f5252ecef6f38e4608dca8a213c43
Auto-Submitted: auto-generated

The branch stable/13 has been updated by gbe:

URL: https://cgit.FreeBSD.org/src/commit/?id=03943195a95f5252ecef6f38e4608dca8a213c43

commit 03943195a95f5252ecef6f38e4608dca8a213c43
Author:     Gordon Bergling <gbe@FreeBSD.org>
AuthorDate: 2023-12-20 09:06:08 +0000
Commit:     Gordon Bergling <gbe@FreeBSD.org>
CommitDate: 2023-12-23 09:50:44 +0000

    rtnetlink.4: Fix a typo in the manual pag
    
    - s/constists/consists/
    
    (cherry picked from commit fa826f64e1b7167dde2c3cb8cfc4df0d3e503542)
---
 share/man/man4/rtnetlink.4 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/share/man/man4/rtnetlink.4 b/share/man/man4/rtnetlink.4
index 95cfeea39f5b..720a9cc75ef2 100644
--- a/share/man/man4/rtnetlink.4
+++ b/share/man/man4/rtnetlink.4
@@ -236,7 +236,7 @@ Should be provided by userland at the nexthtop creation time.
 .It Dv NHA_GROUP
 This attribute designates the nexthtop group and contains all of its nexthtops
 and their relative weights.
-The attribute constists of a list of
+The attribute consists of a list of
 .Va nexthop_grp
 structures:
 .Bd -literal